Nginx, RTMP, HLS, SSL & Videojs on Ubuntu 18.04

IMPORTANT: UNTILL THIS LINE IS GONE THIS GUIDE HAS NOT BEEN TESTED YET!

This guide will show you step by step how to install Nginx webserver + Certbot SSL certificates and the RTMP module on a Ubuntu 18.04 VPS server. It will then will also explain how to setup HLS livestreaming and create a webpage with Videojs to show the livestream.
I decided to write this guide after receiving a lot of questions and responses on a video or two that I made a while ago. HLS and SSL related mostly. So hopefully this guide will clear up all of those questions for you all. If not, please leave any questions at the bottom of this page or as a comment on the Youtube video.

TIP! Please use a fresh install for Ubuntu 18.04 so you won’t run in to any conflicts.

Let’s get started! So you’ve installed your server or VPS with Ubuntu 18.04, and you’re now logged in to the local console or through SSH from a remote location. Let’s start of by making sure the system is up to date.

sudo apt update && sudo apt upgrade

1: Installing Nginx and additional software.

We’re going to be installing Nginx and the RTMP module before anything else.

sudo apt install -y nginx
sudo apt install -y libnginx-mod-rtmp

This will add the Certbot repository to the server. We’ll need it later on to create valid certificates.

sudo add-apt-repository ppa:certbot/certbot
sudo apt update

We’re ready to start installing a … Read the rest

Continue Reading →

Block all traffic from a Geo-located country with UFW firewall on Ubuntu

I was noticing some really strange requests in my web server’s log files on a VPS that I manage. Requests that seem to be focused on finding vulnerabilities or exploits. Turns out most of the originating IP addresses are from China. Since the VPS is not behind a router or otherwise managed firewall device, I decided to investigate if I could just block all traffic from China to my VPS. Turns out the software “Uncomplicated Firewall” or better know as UFW, that I already had running can do this easily. If you’re new to UFW have a look at this very comprehensive page showing how to set it up.

Here are two examples showing how to setup your UFW firewall to block IP addresses or ports based on Geo location. This should work on any system running UFW but in this case I did it on a headless Ubuntu 18.04 system. Click on Read more to view the rest of this article.

Continue Reading →

Configuring DNS-Over-HTTPS on RaspberryPi running Pi-Hole

In this article I will show you all the steps you will need to set up DNS-over-HTTPS to Cloudflared on a Raspberry Pi that’s running Pi-Hole on RaspBian Stretch OS. This is called an Argo Tunnel. Now you might think to yourself; What does all this even mean? Let me explain…

A Raspberry Pi is a really cheap tiny computer that has very low power consumption. These tiny computers costs between 30 to 50 euro’s/dollars and are ideal for people who often mess around with computers and everything related to it, like me for example. But they’re also interesting for people who want to keep their power consumption at home as low as possible, but still want certain services to run 24/7. I’m also one of those people. Especially when I saw my most recent electricity bill from the energy provider. It showed that I use more power than a family of five people averagely does. I live alone…

One of the reasons I want certain devices to run 24/7 is because they are hosting some services that I want to be available at all times. Like a DNS server for example. Pi-Hole is basically a DNS server that also blocks adds, for all the devices in your home network. Technically it’s actually not a DNS server but a local DNS resolver but that’s not important right now. I started using Pi-Hole about two years ago and nowadays my network feels incomplete without a Pi-Hole running in it. It … Read the rest

Continue Reading →

Elon Musk speaks with Joe Rogan podcast

Joe Rogan’s podcast from last Thursday where he speaks with Elon Musk has gotten a lot of attention the last couple of days. Mostly because Elon smokes a joint with Joe. I personally don’t think that’s a big deal and I know that this happens regularly on Joe’s podcasts so I don’t see what all the fuss is about.

What I find far more interesting is the talk itself, because in two and a half hours it’s possible to talk about many things, and they do talk about a lot of interesting subjects. Mainly the subject of A.I. and Elon’s view on the subject is something that is very note-worthy. So just press play, and listen to the whole podcast while you do something else in the meantime, like clean your house or do the dishes or whatever 🙂

Continue Reading →

Gutenberg is coming to WordPress! Soon!

Gutenberg is a feature that has been under development for a while now, will be released with version 5 of WordPress in the very near future. Until that time, it can be installed as a WP Plugin if you wanna try it out. I’m pretty exited about this cause it looks pretty awesome to me. The designers are already thinking ahead and here is how they see the future of the internet and what Gutenberg’s role will be in this.

httpv://www.youtube.com/watch?v=08Cav2SkUO4

Continue Reading →

Google Assistant for Android

If you are an Android user, you will probably have found a new app called Google Assistant on your mobile recently. It took them long enough! I read an article that said all Android users would receive the app in the next couple of days when living in the Netherlands. I waited for a while, and then a bit, and in the end I waited well over a week, when I sorta gave up hope. I figured that my version of Android was probably too old or something.

But today I was looking for a specific app and that’s when I found my recently installed Google Assistant. Of course I introduced myself to her first. She knows my name now. Been messing around a lot with it since then, to see where it can go and where it won’t go. Anyways.. it’s fun for the whole family to speak with the Google Assistant. If you’re not sure if you have it on your mobile, you can always install it from here: Google Assistant – Apps on Google Play. For those that don’t know this… you interact with her by using your voice. She understands Dutch perfectly and will answer you in Dutch. I find this very useful when setting my alarm or adding things to my to-do list for example. It’s fun, check it out!

Continue Reading →

Digital LSD

Have you ever used a hallucinogenic drug in your life? If so, then the following video might put a smile on your face because this “digital LSD” really works. See for yourself. But this experiment is perhaps even more fun for people who have never used any hallucinogenics, but are perhaps a bit curious to find out what the effects are a bit. But no worries, you won’t have to take any drugs. The only thing you need to do is watch the following video, and once you hear the voice say that you can look away then you should watch any direction in the environment you are in. What you see then only lasts a couple of seconds so make sure you look around you. This effect is the result of tricking our eyesight by the technology that is used in the video. Click on the image to have the video full-screen in a popup. If that doesn’t work for you use this link.

Continue Reading →

Client setup for OpenVPN on Raspbian

In my previous post I explained how to setup an OpenVPN server on Raspbian (April 2018 release) on any model Raspberry Pi. Here’s how to setup the client certificates that you can import in your OpenVPN client app on your desktop or mobile. All these commands are to be entered in the console as root user.

cd /etc/openvpn/certs
source ./vars
./build-key client
mkdir /etc/openvpn/client
cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/client/client.ovpn

Edit the client configuration file client.ovpn and make sure the options as shown below are set.

nano /etc/openvpn/client/client.ovpn

client
proto udp
dev tun
persist-key
persist-tun
nobind
:user openvpn
:group openvpn
remote-cert-tls server
auth SHA512
verb 3
ca ca.crt
cert client1.crt
key client1.key
tls-crypt ta.key
comp-lzo
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA

tar cJf /etc/openvpn/client/client.tar.xz -C /etc/openvpn/certs/keys ca.crt client.crt client.key ta.key -C /etc/openvpn/client/ client.ovpn

You should now have a zipped file called client.tar.xz in the directory /etc/openvpn/client. This is the file you need to download or copy using a flash USB drive or whatever means, and import it on the device that has the OpenVPN app and from where you want to connect to your OpenVPN server.

Continue Reading →

OpenVPN on Raspbian (Raspberry Pi)

This weekend I heard a friend say that he wants to turn his Raspberry Pi into a VPN server. Since I still had an old Raspberry Pi laying around I decided to install the latest version of Raspbian on it (April 2018 release) and also install OpenVPN on it, record how I did this, and show my friend how he can easily do the same on his Raspberry Pi. I listed all the commands I use in the video on this page here below.

Continue Reading →

Public DNS servers 1.1.1.1 and 1.0.0.1

I’ve been using the public Google DNS servers 8.8.8.8 and 8.8.4.4 for several years now. It was once said that using these DNS servers would result in a noticeable speed increase when compared with the DNS servers that your internet provider makes you use. I started using the Google servers and the addresses immediately got stuck in my head, so I haven’t stopped using them since. Until today that is…
I’ve always really liked the easy-to-remember, and simply awesome addresses 8.8.8.8 and 8.8.4.4. I was happy with the response times and I never had any issues or complaints either. So why change? I’d better have a damn good reason for making this choice! Well, obviously I do!

Yesterday somebody told me that he switched to 1.1.1.1 as primary DNS server and 1.0.0.1 as secondary. He also mentioned that the response times are fast af! That info immediately drew my attention. So I decided to further investigate this as soon as I would get home. Turns out that these servers are indeed fast and have good testing results. I also learned that the good people at CloudFlare are behind it (Wiki). I’m pretty sure that remembering these new server addresses will not be a problem either.

I’m looking for speed when it comes to DNS servers. I want to use the fastest DNS servers in existence. The more speed, the better. Naturally I also want them to be reliable, safe, and respecting my privacy. It turns out that … Read the rest

Continue Reading →

Install MariaDB 10.1 on Ubuntu16.04

I have Ubuntu16.04 servers running and I want to run database engines like MariaDB on it. Normally I would just type sudo apt install mariadb-server and the database system would be up and running in under two minutes. Ubuntu16.04 will install version 10.0 by default, but I want to install a different version. At the very least 10.1. Why 10.1 you might ask? Well because 10.1 was the first release that had Galera included by default in the package. Galera is a gift from the gods for all system administrators, developers, backup operators and other people who work with databases a lot. With three nodes, the minimum, it will offer you fast and reliable database synchronization and redundancy. Galera is a solid foundation for an easy to build load balancing environment. But first of we will install the MariaDB 10.1 instance on a clean Ubuntu16.04 server. If you want to be absolutely certain that the instructions below will work flawlessly for you, I would advise to use a clean fresh installed server also. Please remember that upgrading (or downgrading) from a different release version is NOT a good idea. When I was learning this the hard way I did a lot of reading on the subject and I can safely say that you should not follow these instructions on a system that runs, or used to run a MariaDB or MySQL instance. Even if you have removed it first apt remove you are still at risk of running into problems. … Read the rest

Continue Reading →

NetData Monitoring Tool on Ubuntu 16.04

I like to keep a monitoring eye on my servers, as most people who manage servers do. I have one central server that monitors the others. I choose to use a central server so the other ones don’t have to use any extra resources. But now I found a tool that can be run on every linux based server with SNMP, that barely uses any resources. And it shows a shitload of real-time graphs. Since I like graphs, and stats, and figures, a lot, I decided to install it on a test server. I was surprised how much information it will show you. It’s an awesome tool in my opinion! It shows graphs about literally everything that is going on with your server. There’s several functioning demo’s that show what it can do and what it looks like. So go there and see for yourselves: http://my-netdata.io/#demosites

If you like what you saw on the demo pages and decided to try this out for yourself, here’s some really simple instructions that will only cost you five minutes of your time. Click the Read More link below to view the rest of this article.

Continue Reading →

Unattended Ubuntu ISO Maker

Just found an awesome script online that I tested today and it works great. It’s a script that allows you to create an ISO for a unattended installation for Ubuntu 16.04.3 LTS. Just made myself one of those ISO’s and I’m going to try to see if I can implement it in my PXE environment. If not, I can always place it on a USB flash drive and boot from that. This makes the life of a person who tends to install Ubuntu very often (either on a virtual or a physical machine) a whole lot easier and it’s time-saving. All you need for this script to work is a running Ubuntu system (I used VMware Workstation to create a fresh net-install, and I assume that VMware Player also works) and the script itself of course. The scripts and the really easy to follow instructions are all the github page right here. Took me approx 15 minutes to install a fresh Ubuntu server, follow the instructions, and the actual creation of the ISO. Give the author a star for his efforts cause he deserves it.

Continue Reading →

Nerdgasm!!

From Wiki: The IBM 1401 is a variable wordlength decimal computer that was announced by IBM on October 5, 1959. The first member of the highly successful IBM 1400 series, it was aimed at replacing unit record equipment for processing data stored on punched cards and at providing peripheral services for larger computers. The 1401 is considered to be the Model-T Ford of the computer industry, because it was mass-produced and because of its sales volume. Over 12,000 units were produced and many were leased or resold after they were replaced with newer technology. The 1401 was withdrawn on February 8, 1971.

Nowadays there are still several of machines like these operational. For example in the Computer History Museum in Mt. View, California. The people who used to operate these machines are mostly retired now like Ken and Paul in this introduction video. It’s a great video, you should have a look at it. Now what I found very interesting is a recent fun project by enthusiasts, that had no particular practical use, except for fun. The project took three years but it was successful. As a bit of a nerd myself I had a huge nerdgasm watching the video below when you click the “Read More” link.

Continue Reading →