Crashplan packages for Synology Disk Station

For quite some time I am a very happy user of Crashplan, backup service and tool that offers reasonably prices backup storage and can can also be used without their service to backup to another computer running the Crashplan client. I am using it both to backup some of my data to Crashplan’s servers as well as to backup to a few friends of mine and provide backup services to my family. So far this works fine, especially since I have it running on my Synology Disk Station (a DS1010+) with plenty of storage. The neat thing is that my NAS is automatically backed up externally and I do not require a PC to provide secure backup services for some friends and within my family.

The easiest way to install Crashplan on your Synology Disk Station is by installing the package provided by PC Load Letter, I used to do install the Linux version manually before which was not difficult at all either, but since the autoupdate did not work then, using the package really is a better solution. Furthermore, it does not require any hacking or tweaking of the box, so everybody can do this (actually it’s so simple, there’s not excuse anymore not to backup your NAS).

To make the package available you need to add the PCLoadLetter repository with URL http://packages.pcloadletter.co.uk as a source for 3rd party applications. See the Synology Support site on how to install 3rd party applications. Next you can select the Crasplan package from the packages available from the Community section, please note that you need to select the correct package (which is the plan version unless you have a PRO or PROe subscription). Please note that Crashplan requires Java installed, so you may need to install that dependency as well (the package installer will tell you).

Once Crashplan has been installed and is running, it is time to configure Crashplan on the Synology Disk Station. For this, you need Crashplan also installed on a (PC/Mac/Linux) desktop that is supported by Crashplan and can run it’s graphical interface. Download the application from Crashplan’s download page and install it. There is no need to run it locally (but you may opt to do so later to use Crashplan to make backups to your NAS). However, some things need some tweaking to use the client to setup the headless Crashplan installation on the NAS.

The Crashplan support site has an excellent guide on how to Connect to a Headless CrashPlan Desktop that one can use to manage everything from a remote computer using using their client (please note that this assumes you have SSH enabled). I opted for a slightly different approach for my two use cases:

  • On my work laptop (Windows 7) I have Crashplan installed but disabled the service as my employer’s policies do not allow it. There I have simply setup PuTTY to forward local port 4243 to localhost:4243 when I connect to my NAS using SSH. This allows me to simply launch the Crashplan client without any modifications that can reach the service on my Synology disk station as long as I have an SSH connection open.
  • On my private laptop (Max OS X) I have Crashplan installed and use it as well to backup to my NAS. There  I use iTerm to manage my SSH connections, but basically all that does is store the exact ssh commands and parameters used, so that is no difference from what Synology’s guide describes. On that system I change the ui.parameter settings whenever needed to switch between local service running on its standard port and the remote one forwarded using ssh running on another port.

Through the client, you can either associate Crashplan running on your NAS with your existing account (if you have that already setup) or register for a new account. After this you can setup remote backup destinations as well as allow others to backup to your NAS as well as setup your NAS as a destination for your other computers (under the same account). Crashplan has documented this all on their support website.

Back online

The last 7 months I have not been able to spend any time on this blog, which has not just resulted in no updates, but also in an awful lot of spam in the comments (which was not visible as I have to approve commentes anyway). I found over 12.500 spam messages in the comments, of which 11.000 in one article. The bad thing of this was that this large amount of comments killed the performance of my blog, so I had to do something.

The good thing about Pebble (the blog software I use) is that is has a very simple XML file-based structure to store articles and comments, so this was very easy to cleanup. All  I had to do was

  1. Shutdown the blog system (only shutting down the webapp in Glassfish sufficed
  2. Locate the XML files that were huge
  3. Edit the large XML file using vi on the command line, removing anything between <comments>…</comments>
  4. Restart the Pebble webapp in Glassfish.

And the spam was removed, which also resolved the performance issue

Now the good news, not being able to post anything does not mean I did not have any spare time to experiment with things so I do have a number of items to complete and document the coming weeks (I’m having some time off now) . Expect some posts frequently during the summer period…

Merry Christmas!

Merry Christmas to all that celebrate this event!

Unfortunately I discovered a very unwelcome Christmas present here… it seems some spammer has discovered my blog and posted over 2700+ bogus comments containing spam links. Please do not click on any of these! I have changed the commenting policy (it requires my approval now) and am busy cleaning  up the mess caused at the moment (trying to preserve any serious comments). My sincere apologies for any inconvenience caused.

Making an iPhone show a numeric network signal strength

I am enjoying my vacation on the east coast of Spain at the moment and noticed regular bad quality/dropped calls and a varying reception on my cell phone from place to place. In order to look for the strongest signal I have enabled displaying the signal strenght in db (Decibel) on my iPhone 4 using the instructions from this Lifehacker article:

To enter Field service mode and enable displaying the signal strength in db on your iPhone perform the following steps:

  1. Dial the number *3001#12345#* and press Call
    The iPhone will now enter Field Test mode, the  signal strength indicator in the upper left corner is now displaying a numeric signal strength in db. One can toggle between signal strength bars and numeric db value by taping on it.

    To make this feature permanent, complete the next two steps (simply press the home button to abort and exit the Field Test mode)

  2. Press and hold down the power button until the ‘slide to power off’ screen appears (but do not power off the device)
  3. Press and hold down the home button until this screen closes and the home screen appears

The signal strength can now be toggled between bars and numberic db value, the closer the numeric db value is to zero, the stronger the signal is. Toggling between signal bars and numeric db value persists after a restart of the iPhone, but the process is completely reversible. To return to the default behavior and have the bars permanently, follow the following steps:

  1. Dial the number *3001#12345#* and press Call
  2. Press the home button to exit the Field Test mode.

 And your phone will behave as before, no more numeric db signal strength when you tap the left upper corner.

Synology DSM 4.0 is out

Today Synology has released version 4.0 of DSM, their (Linux-based) OS for their NASes. As it had some features I wanted to explore (especially VLAN’s, the Antivirus package and "Cloud Station"), I decided to upgrade right away.

Unfortunately the upgrade didn’t work through the built-in update function. I went to the Synology website and tried to download it manually. This failed from the European server, which I suspect would be the reason the built-in update function also didn’t work. I guess there were either problems or all too many European customers tried to upgrade tonight. A manual download from the US server and upload through the web interface worked though and the upgrade process itself went fine.

When I logged in after the upgrade I noticed the revamped GUI that was already announced. So far it seems that Sonylogy as trying to create a more clear distinction between core functionality and packages, which in my opinion a good thing as it means unused packages (like the mail server) can be uninstaled. After the upgrade my Synology DS-1010+ was very busy re-indexing media files and "converting" my photo’s. I wonder what that is for, suspect it is for their photo album and hope it won’t touch my original photo’s.

After the upgrade my Synology DS-1010+ was showing up as a windows machine again in my Mac’s Finder. Fortunately my quick hack still worked, so that was resolved quickly. While working on the command line, I noticed some things changed, notably the ipkg software in /opt was no longer in $PATH, something I need to look into later. Apart from this the upgrade does not seem to have negative side effects.

Finally Synology has added VLAN support, unfortunately not in a very usefull way. It is now possible to specify on which VLAN an interface is so that the packets are tagged correctly. However, it is not possible to create virtual interfaces to have a single interface on more than one VLAN, which kind of means that you cannot do anything more than before (I could setup the VLAN in the switch to achieve the same). Technically everything is possible with VLAN’s now though as under the hood it’s all Linux and using the standard VLAN modules, but it will require a bit of hacking to get it working as desired.

When I wanted to look at the AntiVirus and Cloud station, it turned out that these required me to install a package. That was fine, but it didn’t work (network errors), again too many users or network problems at Synology’s web servers? When I tried a little later it worked though and the AntiVirus package installed without problems, but after that it again told me about network connection problems. I will have a look at the Cloud Station later I guess). The AntiVirus looks like a very neat solution for me having a Linux box scan my NAS over the network on a weekly basis. One can schedule different jobs to scan all or some folders at specific moments. I guess this means the NAS does not support on-access scanning, but that’s something I can live with. It is unclear however how often and when (and from where) the virus definitions are updated, but it looks (based on the messages on the screen and in the logs) that is refreshes this before each scan.

All in all a successful upgrade and definitely promising new features I need to look into further.

Network Tracing from the Fritz!Box

My internet provider has provided me a Fritz!Box Fon 3970, which is a neat all-in-one modem / router / voip and DECT connectivity box. Although this box is running Linux and pretty extendible with Freetz, in some area’s it is a pretty closed black (erm.. red) box and sometimes it is hard to debug problems.

Today, while debugging issues with my DHCP server, I found out that the standard Fritz!Box firmware includes a handy network tracer. To trace network traffic (all or just on a specific interface), go to http://fritz.box/capture.lua and specify which interface to start the trace on.

The output will be provided through a download that starts immediately. The resulting file can be opened using Wireshark for analysis.

I didn’t solve my DHCP problem yet (the DHCP server is still only giving WLAN clients and IP address and not to wired clients), but that’s something I will tackle over the weekend now that I can obtain a decent network trace from the box.

Automatically lock your Mac when you step out

Of course, being a mac user at home, after yesterday’s post on locking a windows machine I have been looking for a similar solution to automatically lock my mac when I step out. A similar setup as with btprox for Windows can be established easily by combining the power of an open-source tool called Proximity with a little AppleScript.

Proximity is a more generic solution that allows one to run an AppleScript when a Bluetooth device gets in or out of range. The generic solution was already described on Lifehacker and Macworld Hints. However, they both have a too generic solution where just getting in range with the paired device would unlock the computer, which is not exactly what I wanted. I use the following AppleScript instead, which only switches off iTunes if it is running (and does not start it when it is not) and locks the screen:

    if application id "com.apple.iTunes" is running then
        tell application id "com.apple.iTunes" to pauze
    end if

    activate application id "com.apple.ScreenSaver.Engine"

My Default settings for the screen saver to always require a password after 1 minute suffice for me and render the setup I need on my Mac OS X Lion machines.

Automatically lock Windows when you step out

For my work I need to use a laptop running MS Windows 7 Enterprise in a domain. To ensure that all laptops lock automatically, my employer’s IT department has deployed a domain policy to activate the screen saver after 10 minutes idleness and lock the screen. These settings are enforced through adomain policy and cannot be modified by the user, which means that I cannot have the screen lock sooner either so I have been looking for a way to work around this.

Some time ago I discovered BtProx, an open-source Bluetooth Proximity Lock Utility for Windows and I am quite happy with how it works. This utility allows one to lock the screen when a bluetooth device gets out of range. I have paired this app with my cell phone so now my laptop’s screen locks 1 minute after I step out from my desk.

So far, the only drawback I noticed is that I need to activate it manually after logging in (you cannot set it up an forget about it). Besides that for me this is a perfect solution to lock my screen when I need it to despite the enforced domain policy.

Enabling TFTP on Mac OS X Lion

While migrating my linux-based server to Mac OS X Lion Server, I noticed it did not have a TFTP server enabled by default. A little googling pointed me to a blog post of The Weezey Geek, who outlined that everything is there, it’s just disabled.

 I enabled the TFTP server as follows (which is slightly different from the post referred to below):

  1. edit /System/Library/LaunchDaemons/tftp.plist as root (sudo vi /System/Library/LaunchDaemons/tftp.plist)
  2. Change
    <dict>
            <key>Disabled</key>
            <true/>

    into

    <dict>
            <key>Disabled</key>
            <false/>
  3.  Next load the configuration with sudo launchctl load /System/Library/LaunchDaemons/tftp.plist

 Which makes the change permanent and starts the TFTP daemon.

by default TFTPD uses /private/tftpboot as it’s root directory. To change this, modify the following fragment in /System/Library/LaunchDaemons/tftp.plist:

        <array>
                <string>/usr/libexec/tftpd</string>
                <string>-s</string>
                <string>/private/tftpboot</string>
        </array>

To allow TFTP uploads, make sure that the directory to be uploaded to (be wise and make this a subdirectory of your TFTP root directory) is writable to all users.

Migrating to Mac OS X Server

Just before Christmas I bought myself a Mac Mini Server with OS X Lion Server. The idea behind this machine is to replace my current server (a almost 7 year old Dell PowerEdge 2850). From the specs this machine is way faster, has more diskspace (although no RAID5, but I have a NAS for storage anyway) and it uses way less energy than the current setup. Based on a quick calculation, the mac mini server would use less than 15% compared to the Dell, which means that this investment would earn itself back in about 2 – 3 years.

I have been playing around with the Mac OS X Lion Server for a while to make up my mind how I want to migrate my current setup. Since Mac OS X is based on BSD, it does provide a very good platform to replace my linux-based setup, but I am not quite convinced yet the way Apple has structured would work for me. Besides, I do like to keep some things separate, so I am still looking for a good way to do this. So far the only (and most efficient / easiest) way to achieve these appears to be running some services in a VM.

In the coming weeks I will be migrating different services from my Linux-based setup to either something running on Mac OS  X Lion Server natively, or inside a VM running on Linux on the Mac Mini Server. Each of these migrations will be described here to help others.