Category Archives: IT / Computers

NextCloud setup notes

Posted on by
Reply

Free Horde Webmail client was ugly so I was looking for alternatives to view my email, calendar, contacts and notes. After a bit of research, I decided to try NextCloud.

NextCloud hosts calendar/tasks (CalDav) and contacts (CardDav) as a server, but do not store emails. Use any email provider (from your ISP or free email services as long as they do IMAP/POP and SMTP).

  • Default welcome/demo files are under /core/skeleton (you can change this by editing /config/config.php)
  • If you move the folder, you have to edit the database and root location paths in /config/config.php
  • Need to setup MySQL first. Avoid PostgreSQL option as it does not work out of the box.
  • Disable sqlite3 PHP extension
  • If installed on shared hosting, install without featured app because it will install CODE which is a can or worms.
  • Collabora Online is a can of worms. See below

Collabora Online (LibreOffice engine to edit documents live on web browsers) require special handling:

  • There’s a free community edition called CODE (Collabora Online Development Edition)
  • Do NOT install the BUILT-IN CODE server Nextcloud App if you NextCloud is on a shared hosting because this will appear as a rogue app that slows Nextcloud to a crawl, exhausting entry processes (aka concurrent Apache requests), and still it’ll timeout opening a document. Probably malfunctioning due to some permission issues on shared hosting.

Ports that need to be opened (more accurately port-forwarded to the CODE server) for Collabora:

  • 443 (HTTPS)

Turns out port 80 (HTTP that starts with Univention administration interface) is not necessary. It just redirects to port 443 (HTTPS) if you forgot to type the URL starting with https:// (it’s http:// by default when you type in the address bar of your browser).

Since the URL of Collabora Online-server in NextCloud settings uses only HTTPS and a HTTP URL is going to be redirected to HTTPS anyway, don’t bother with forwarding Port 80 (HTTP) and enter https:// in the Collabora Online-server URL instead.

You don’t need to forward 9980 (WOPI) either. Somebody mentioned it in Nextcloud forum but that’s not the cause.

Well, the next part is the hairiest. Turns out even the Collabora server checks out with NextCloud, the documents won’t open (some weird error messages):

The webpage at https://<Collabora Server>/loleaflet/23e6a73/loleaflet.html?WOPISrc=https%3A%2F%2F<Collabora Server>%2Findex.php%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F2180_octqxsu7tnwz&title=<Filename of document to edit>&lang=en&closebutton=1&revisionhistory=1 might be temporarily down or it may have moved permanently to a new web address.

Of course, substitute <Collabora Server> and <Filename of document to edit> with your scenario.

I tried going to https://<Collabora Server> and noticed this NET::ERR_CERT_AUTHORITY_INVALID error:

Turns out given my server do not have the SSL certificate installed yet (and I got around it by “Disable certificate verification” in Collabora Online setup), my users/clients has to manually visit the Collabora (NOT NextCloud) server and click through the security warning to accept the Collabora site that do not have a valid SSL certificate. After that the Collabora Online works properly!

In other words, if you run into certificate issues with Collabora server, NextCloud won’t tell you when it calls Collabora server (with REST API) to open the document, instead it’ll just appear as a fail HTTPS call without warning or giving you a chance to correct the certificate issue.

Loading

Dissociating Windows 10 account with Microsoft (online) account

Posted on by
Reply

I’ve recently closed my Microsoft account (finding big tech too intrusive and too eager to make users subjects of their social experiments, aka data harvesting) and do not want Windows to link to it.

After tons of research on forums, I’ve found that Microsoft removed “Sign in with a local account instead” button/link in “Settings->Accounts->Your Info” page since 2017. So this method won’t work anymore:

So far nobody offered a solution that does not involve starting over with a new local account, but in involves moving your user specific settings and desktop folders, which is a pain in the butt.

After exhausting publicly available avenues so that I’m not reinventing the wheel, I decided to go back to first principles trying to ‘crack the code’. The first thing I thought of, based off my intuition about Windows system since middle school, is to search for my associated Microsoft Account ID (the email account string) in the registry. Turns out it only appears only in two keys (branches):

#1: HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\UserExtendedProperties\{Microsoft ID}

#2: HKEY_USERS\.DEFAULT\Software\Microsoft\IdentityCRL\StoredIdentities\{Microsoft ID}
#3: HKEY_USERS\.DEFAULT\Software\Microsoft\IdentityCRL\StoredIdentities\{Microsoft ID}\{SID}

Replace {Microsoft ID} with your Microsoft (Web) Account Email address. {SID} is the security identifier of the underlying local/domain user account (starts with “S-1-” followed by a long string of numbers with dashes)

If your Microsoft (Web) account is associated with only one local/domain account (SID), simply delete the two registry branches (called keys) #1 and #2 that ends with your {Microsoft ID}. The line #3 is just a sub-key (sub-folder/ranch) under line #2, so if you delete the whole line #2 branch, the rest below it is gone.

Given the registry key structure, I’d anticipate that if you have associated the same {Microsoft ID} to a few windows local/domain accounts, and only wanted to just break its link to specific local/domain accounts without affecting the rest, you might want to just get rid of this

HKEY_USERS\.DEFAULT\Software\Microsoft\IdentityCRL\StoredIdentities\{Microsoft ID}\{SID}

instead of the first two registry paths that covers information about the {Microsoft ID} unrelated to the local/domain account. To find out which {SID} refers to the local/domain account you want to delete, go to command prompt and type this

WMIC useraccount get name,sid

and it will show you a table that maps your Windows local/domain account name to SIDs so you can pick out the right registry key path (#3) to delete.

Of course, after you’ve deleted the last SID associating {Microsoft ID} on your computer, you might as well delete all references to the {Microsoft ID} to avoid orphan registry keys that confuse people.

Loading

Updates to Linux on Pogoplug v4

Posted on by
Reply

I have an old Pogoplug v4 series hacked to install Debian Linux based on this instruction long ago: http://blog.qnology.com/2014/07/hacking-pogoplug-v4-series-4-and-mobile.html
which boots on an SD card, which I used as a no-ip update client.

I realized some of the URLs to the package servers are broken. So here’s my notes to update it.

First apt-get doesn’t work anymore because the files has been moved to the archive package server. The solution is to replace all the contents (now obsolete) in /etc/apt/sources.list by this line:

deb http://archive.debian.org/debian wheezy main

Then you update the package manager (apt-get) with this command:

apt-get update && apt-get upgrade

Note that it’s still Debian 7 and it will not work with new software that requires later versions

Loading

NextCloud quirks – moving folder breaks the site

Posted on by
Reply

I changed the folder of where my NextCloud files is and got this error.

Adding the “.ocdata” dummy file there doesn’t work. The message is cryptic. I tried to run occ at the root folder (hoping it’s some sort of management tool) by running this at the command/SSH prompt:

php ./occ

and it spits out:

Your data directory is invalid
Ensure there is a file called ".ocdata" in the root of the data directory.

An unhandled exception has been thrown:
Exception: Environment not properly prepared. in 
{New Folder}/lib/private/Console/Application.php:168
Stack trace:
#0 {New Folder}/console.php(99): ...

I replaced my actual path for the new location of the NextCloud files with {New Folder}, so you get the idea.

I also noticed the old path was regenerated with just a /data folder with two files

This means some programmer got lazy and hard-coded the path somewhere!

Line 99 of console.php didn’t give too much hint so I looked at the code around for some sort of config-related operations before. Then I noticed this:

So I searched for config.php and found it’s located in /config/config.php. Bingo!

<?php
$CONFIG = array (
...
  'trusted_domains' => 
  array (
    0 => '{Old URL}',
  ),
  'datadirectory' => '{Old Path}/data',
...
  'overwrite.cli.url' => 'https://{Old URL}',
...
);

And to my horror the SQL password is stored in plain text in config.php! WTF! I’ll choose a password that’s dedicated to one use and not shared!

I recalled a when I rename WordPress databases, I have to manually edit the changes in wp-config.php. Turns out nobody warned us about that for NextCloud! That config file also contain database settings, so I bet if I change the database names or database usernames, I’ll have to come back and edit it manually too.

The site is working after I made the migration changes, all in /config/config.php.

Loading

Linux setup notes – hostname to communicate with Windows computer

Posted on by
Reply

In Debian, the hostname is located in /etc/hostname. The name won’t show up on my router (linux firmware) until I’ve got the right hosts order:

# /etc/nsswitch.conf
hosts:          files dns wins

However, Windows doesn’t recognize the hostname since it uses NetBIOS, which means I need nmbd in sambapackage:

apt-get install samba

Install it and I can ping right away and use the SMB shares!

Loading