DOCTOR WHO SERIAL 068 – Planet Of The Daleks

I got tired of Doctor Who and as such, I stopped watching it for a bit between episodes 5 and 6 of “Planet of the Daleks.” It wasn’t a very good episode, and I’m very tired of Jon Pertwee. I never loved him as The Doctor and I’m ready for Tom Baker. Except I still have 32 more episodes of the Pertwee era.

The one thing that should’ve kept me interested in this serial is the fact that The Doctor and his co-conspirators dress up like Sesame Street monsters to hide from the Daleks.

This might sound strange, but here’s the thing. There’s another creature in this story, who ally themselves with the Daleks, they’re off-brand Muppets. These Mooppets are furry and purple. The Doctor and crew skin them (alive?) and hide in their carcass.

Family fun!™

The Daleks are developing a personal cloaking device, and the Thals from the planet Skaro are there trying to stop. If you forgot about the Thals, they were from the first episode about The Daleks.

Stuff happens, they drown an entire fleet of Daleks. The Doctor runs around corridors.

DOCTOR WHO SERIAL 067 – Frontier In Space

This six part season 10 serial, starring Jon Pertwee is a lot of fun, but it’s also ridiculous and makes very little sense. The Doctor finds himself in Earth’s future when Earth is one of the superpowers in the known universe. They are colonizing the galaxy, but as are the Draconians1.

The Draconians, as pictured above, are at a precarious peace with Humanity. There are some space raids here and there, but the Draconian empire is xenophobic and ready to attack, as are the Humans.

The Doctor and Jo find themselves on a ship that is being attacked. The Humans think they see Draconians attacking them, but The Doctor sees dollar-store-Klingons.

Something is off, The Doctor knows the dollar-store-Klingons, but knows they’re not capable of this strange hypnotic masking technology. How can they possibly be tricking Humans into thinking that they’re Draconians, and how can they trick the Draconians into thinking they’re Humans. Something must be going on… something hypnotic… something… yeah, it’s The Master, of course it’s The Master. It’s always the fucking Master.

Eventually the Daleks show up… And nothing gets resolved. I dunno, I guess we’re going into the next serial.

  1. or “Dragons” to the racist humans []

DOCTOR WHO SERIAL 066 – Carnival Of Monsters

The Doctor and his ever annoying companion, Jo, set their TARDIS down inside a peep show machine. This machine has the capabilities shrink matter, and store an entire ship, it’s crew and passengers. And that’s in only one compartment. The machine is topped with a beautiful CRT television, which allows those on the outside to watch what’s happening on the inside.

A traveling pair of entertainers or swindlers arrives on a planet with their machine in tow. They are penniless and ready to entertain the people of this planet with their machine of wonders.

Unfortunately the people on the planet don’t care. Unfortunately for the writers, nor do I.

It doesn’t seem very good con to get people to watch a CRT screen, but that’s all that these travelers have going for them… well that and their amazing outfits.

The Doctor gets out, and things happen, and everyone leaves happy. Except the audience.

Doctor Who Serial 065 – The Three Doctors

Happy 10th season! To celebrate the start of Doctor Who‘s 10th anniversary, the producers put together “The Three Doctors,” an adventure featuring Jon Pertwee, Patrick Troughton, and William Hartnell all in the role of The Doctor.

The Time Lords are facing an energy drain. They must get help from The Doctor, but The Doctor is not enough, they cannot spare any other Time Lords, so they get The Doctor to help The Doctor. In comes Patrick Troughton. William Hartnell, however, was too ill as such, his Doctor got caught in a “time eddy” and provided help via the TARDIS’ built-in CRT television.

Brigadier General Alistair Gordon Lethbridge-Stewart is an idiot. He refuses to believe anything either of the Doctors tell him. He’s known him for so long now that he should understand.

The Doctors must travel to the anti-mater universe where Omega1, the Time Lord responsible for their species’ ability to travel through time has been trapped for oh so long. Omega wants to return to the matter universe, and have The Doctor(s) stay there in his stead.

After they succeed, the second Doctor disappears and returns to his time, Dr. Tyler proclaims “now I’ve seen it all.” A man disappearing in front of him is more strange than traveling to a universe of anti-matter, meeting three extra-terrestrials, and that the British Armed Forces have a unit called UNIT that is involved in all this.

The episode ends with the third Doctor getting a dematerialization unit from the Time Lords. That means The Doctor is no longer exiled to Earth and ready to take off for some fun in the universe.

  1. Why can’t they pronounce omega right? []

DOCTOR WHO SERIAL 064 – The Time Monster

This might be the greatest episode of television history. The Doctor has a nightmare… The Master is near. Lethbridge-Stewart invites The Doctor to attend a scientific presentation. The Doctor refuses, and goes off with Jo Grant to find The Master. Well, it ends up that they all come together. It seems The Master is heading this new scientific research, which does many things. It leads to humanity’s better understanding of the space-time continuum; it brings Cronus to the modern time; it helps The Master (and The Doctor following) to travel back in time to Atlantis1.

We see such beauty, such as a dude in a pure white bird costume, flap-flap-flapping his bird wings2. We see a muscle-bound man wearing a bull’s head. We see The Doctor using his coat’s red lining to act as a matador. The Doctor is good at his matador skills, with one quick karate chop, the minotaur is down. We also see some goth-Atlantians with great eye-liner.

This is a magnificent episode of Doctor Who. It doesn’t make much sense, but it’s amazing.

Next time on Doctor Who, “The Three Doctors.” Jon Pertwee, Patrick Troughton, and of course, the original, William Hartnell.

  1. Not Stargate Atlantis []
  2. I’m flap-flap-flapping my albatross wings. []

DOCTOR WHO SERIAL 063 – The Mutants

In this episode of Doctor Who, we find humans in the year 3000 who have dominion over the planet Solos. The native Solonians are subjugated. Earth is planning to leave Solos, but Earth’s Marshall of Solos is a maniacal genocidal asshole.

The Solosians are mutating into insect-like creatures. Of course they don’t know what’s going on, and The Doctor has to tell the Solosnigans that it’s a natural occurrence.

They were trying to do something interesting… talk about colonial issues, but unfortunately they never quite hit the nail on the head. The native population is talked down to by everyone, Earthlings and Time Lords alike. The Solosians are not listened to or treated with respect. A human scientist, on their side, is the authority figure on Solosers.

Much like a lot of Doctor Who, this story’s failing is just how British the show is.

Let’s Encrypt with CPanel

A lot of web hosts have Let’s Encrypt built into the CPanel. Not mine. I was kinda annoyed. I tweeted at them to ask if they’d support it. They wouldn’t. So I decided I would make it work myself. To do this is pertty simple. I’m just going to start by copying and pasting text from a previous article.

Open up your Terminal.app (Go to the Go menu, choose Utilities, double-click on Terminal). This isn’t even a step, you should know this.

Step One – Install Homebrew

/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

At this point, you will be prompted to press RETURN to continue. Press the return key.

It will then start downloading and installing Homebrew.

Install XCode Select

Turns out you need XCode Select installed, too. So I ran this code.

xcode-select --install

That popped up a dialogue box, I said Install.

This install took a few minutes, and then once it was done, I was ready to install certbot.

Install certbot

brew install certbot

That easy? Aye!

Begin the Process

sudo certbot -d anklewicz.com -d neverhadtofight.com -d www.neverhadtofight.com -d www.anklewicz.com --manual --preferred-challenges dns certonly

The program will ask you a few questions, if you’re okay with your IP being logged.

Then it will, for each included domain, ask you to set up a TXT record.

Setup DNS Records

Go to your CPanel, yourdomain.com/cpanel is usually the address. Click on the DNS Zone Editor.

Choose the domain you want and click “Manage.”

Click the down arrow beside “Add Record” and choose to add a TXT record.

In the name field put what it told you in Terminal, aka _acme-challenge.yourdomain.com and under Record paste in the gibberish string that certbot told you.

Back to Terminal, press enter to proceed.

Repeat these steps for all domains.

Wait for it to validate your domains.

Copying certificate to desktop

Using the cp command you can copy the two files over to your desktop.

sudo cp /etc/letsencrypt/live/yourdomain.com/privkey.pem ~/Desktop/privkey.pem
sudo cp /etc/letsencrypt/live/yourdomain.com/fullchain.pem ~/Desktop/fullchain.crt

Installing in CPanel

Go back to your front page of CPanel and look for SSL/TSL, and click on that link.

Click on “Generate, view, upload, or delete SSL certificates.”

Scroll down to find “Choose a certificate file (*.crt).”

Upload the CRT file.

Your list of certificates at the top will update and beside the new one, click on Install.

Open the privkey.pem file in a text editor, like BBEdit, and copy it’s contents.

Paste that into the key area and save.

You’re done.

OMG! APPLE IS GUTTING SERVER.APP!!!! Part 3 DNS to BIND

In July, I will be presenting at MacAdmins at PSU. My talk will be called “OMG! APPLE IS GUTTING SERVER.APP!!!!” I will be using my blog to document all the processes taken to get all the data.

The goal of this is to find easy ways to move away from Server.app while utilizing the existing Apple hardware in your server closet and macOS. Sure you can move to a new system, but you might not have the money or time.

You can find the slide deck here.

Server.app -> BIND

So before I start, I should say that this is fully documented in Apple’s macOS Server Service Migration documentation, which is almost perfect. I’m only making two small changes.

  1. First step is to test the server. After booting this VM, I set my DNS to the testserver. It loaded no problem.
  2. Turn off DNS services in Server.app
  3. Install Xcode.
  4. Here’s the first change, and important one… LAUNCH XCODE and agree to the terms and conditions, otherwise it won’t work.
  5. Go to https://www.isc.org/downloads/
    1. Click on “BIND” to expand that section
    2. Click on Download beside “Current Stable”
    3. The top row will be Windows installers, the second row will have the *nix version, choose that. The link currently says bind-9.12.1-P2.tar.gz – tar.gz
    4. Apple says to grab at least one signature. I did it, I don’t know if that was necessary.
  6. Open Terminal and navigate to the directory you downloaded to, in my case it was cd ~/Downloads
  7. Uncompress the files. tar xzf bind-9.12.1-P2.tar.gz
  8. Navigate the uncompressed directory cd ./bind-9.12.1-P2
  9. Run this command ./configure --infodir="/usr/share/info" --sysconfdir="/etc" --localstatedir="/var" --enable-atomic="no" --with-openssl=no --withgssapi=yes --enable-symtable=none --with-libxml2=no
  10. Make it by typing make
  11. Test the build by running the following commands
    1. sudo ./bin/tests/system/ifconfig.sh up
    2. make test … this seemed to go on FOREVER, so control-c‘ed out of there. I don’t know if I was supposed to.
    3. sudo ./bin/tests/system/ifconfig.sh down
  12. Let’s install it. sudo make install
  13. Apple suggests you verify that it’s installed by pulling up the manual for the DNS service called “named.” You do that by typing man named
  14. Create the launchdaemon by typing sudo nano  /Library/LaunchDaemons/org.isc.named.plist
  15. Go here, go to page 7, copy the contents from step two of “Create a launchd .plist file for the BIND9 service”
  16. Save and exit control-x, y, enter
  17. Here’s the next place I disagree with Apple, they say, “Set file ownership to root:wheel.” However, they use chmod, and it’s chown.
    sudo chown root:wheel /Library/LaunchDaemons/org.isc.named.plist
  18. Load the job sudo launchctl load -w /Library/LaunchDaemons/org.isc.named.plist
  19. Test the job launchctl print system/org.isc.named

Wow. Apple has made this super easy. Hooray for Apple. All your existing settings will be there already. Really. It just works.

OMG! APPLE IS GUTTING SERVER.APP!!!! Part 2 Web to Apache

In July, I will be presenting at MacAdmins at PSU. My talk will be called “OMG! APPLE IS GUTTING SERVER.APP!!!!” I will be using my blog to document all the processes taken to get all the data.

The goal of this is to find easy ways to move away from Server.app while utilizing the existing Apple hardware in your server closet and macOS. Sure you can move to a new system, but you might not have the money or time.

You can find the slide deck here.

Server.app -> Apache

  1. First step is to test the server. After booting this VM, I visited my testserver. Mine was at testserver.leobaeck.ca. It loaded no problem
  2. Then I turned off Websites in Server.app
  3. At that point I duplicated /etc/apache2/httpd.conf, renamed the duplicate httpd.backup and now I have a backup in case I screw anything else up.
  4. Edit /etc/apache2/httpd.conf. Uncomment LoadModule php7_module libexec/apache2/libphp7.so by removing #
  5. Restart apache with sudo apachectl restart
  6. Visit your test server and make sure you see “It works!”
  7. Create a test PHP file to see if it works
    1. sudo touch /Library/WebServer/Documents/phpinfo.php
    2. Using your favourite terminal-based text editor, or mine, edit that file. sudo nano /Library/WebServer/Documents/phpinfo.php
    3. Paste this into that document <?php
      phpinfo();
      ?>
    4. Save, control-o and exit control-x in nano
  8. test by visiting your sever server.domain.com/phpinfo.php
  9. Transfer contents from Server.app’s location to Apache’s
    sudo rsync -av /Library/Server/Web/Data/Sites/Default/ /Library/WebServer/Documents/
  10. Set proper permissions for the documents
    sudo chgrp -R _www /Library/WebServer/Documents/
    sudo chmod -R 775 /Library/WebServer/Documents/
  11. Since I was using Munkireport as my test, I needed to edit httpd.conf to point to /Library/WebServer/Documents/public.
  12. Restart apache, sudo apachectl restart
  13. Test

Migrate existing SSL Certs from Let’s Encrypt to apache

This makes the assumption that you already have an SSL certificate. Much of this is universal, but it’s told from the point of view of using a free cert you got from Let’s Encrypt.

My starting point was this document.

  1. You need to start by editing the /etc/apache2/httpd.conf file, again. This time we’re enabling modules to support SSL
    LoadModule socache_shmcb_module libexec/apache2/mod_socache_shmcb.so
    LoadModule ssl_module libexec/apache2/mod_ssl.so
  2. Uncomment by removing # the line Include /private/etc/apache2/extra/httpd-ssl.conf
  3. I don’t know if this set actually matters, but I did it. You need to edit the Virtual Host file /etc/apache2/extra/httpd-vhosts.conf and paste into the end of chunk of text. Go up to the link and grab the text.

At this point we diverge from the above link, I had tested and it didn’t work.

  1. Find your old downloads from Let’s Encrypt, the two PEM files. Rename fullchain.pem to server.crt and key.pem to server.key. I actually renamed them to the FQDN.*, so testserver.leobaeck.ca.key
  2. Move them into /private/etc/apache2
  3. Edit /private/etc/apache2/extra/httpd-ssl.conf and find ## SSL Virtual Host Context
  4. Make sure DocumentRoot is correct
  5. Put in ServerName
  6. Scroll down a bit more and put in SSLCertificateFile and SSLCertificateFile
  7. Save and exit
  8. Restart Apache sudo apachectl restart

OMG! APPLE IS GUTTING SERVER.APP!!!! Part 1 Web to MAMP

In July, I will be presenting at MacAdmins at PSU. My talk will be called “OMG! APPLE IS GUTTING SERVER.APP!!!!” I will be using my blog to document all the processes taken to get all the data.

The goal of this is to find easy ways to move away from Server.app while utilizing the existing Apple hardware in your server closet and macOS. Sure you can move to a new system, but you might not have the money or time.

You can find the slide deck here.

Server.app -> MAMP

I started with a simple MunkiReport instance running in Server.app. I figured this would be using enough resources to move. I also got a certificate with Let’s Encrypt and had all traffic going through SSL. While the blog post is specifically for servers running 10.12, my steps were the same in 10.13.

  1. Let’s start by downloading MAMP.
  2. Turn off Server.app’s web function
  3. Run the installer you had downloaded.
  4. From /Applications/MAMP launch MAMP
  5. Click start Servers, and check that yourdomain:8888 is working.
  6. Go to Preferences and click on Web-Server. Set the location to be the old root folder.
  7. Stop/Start the server and test.
  8. Go to Preferences and click on Ports. Click that “Set Web & MySQL ports to 80 & 3306 button.
  9. Stop/Start the server and check to make sure it’s working on port 80.

Your web server is up and running. Mostly. Next we need to get SSL setup. MAMP Pro has an easy GUI to do this, but that costs money and this is easy enough for our needs.

I used this this gist to help me through this process.

We already know that MAMP is working on port 80, so you can ignore the first bits of that file.

  1. Duplicate your /Applications/MAMP/conf/ folder, rename the copy something like conf.backup.
  2. Obviously you were using Server.app already and were using it with a Let’s Encrypt certificate using my procedure outlined on this post. So you should have on your Desktop a couple .pem files. Rename them fqdn.crt and fqdn.key and move them to /Applications/MAMP/conf/apache
  3. Open /Applications/MAMP/conf/apache/httpd.conf in BBEdit or your favourite text editor and uncomment by removing the #, Include /Applications/MAMP/conf/apache/extra/httpd-ssl.conf.
  4. Edit /Applications/MAMP/conf/apache/extra/httpd-ssl.conf and search for General setup for the virtual host. From there, you’ll want to enter the path to the web files.
  5. In the same file, you’ll see information about server.crt and server.key. Rename the server part to match the names of the files in step two.
  6. Stop/Start the service.