Archive for the ‘Linux’ Category

Using LetsEncrypt with OpenLiteSpeed on Ubuntu

Wednesday, March 9th, 2016

These notes are based on this.

Install GIT and BC.

Get the latest version of LetsEncrypt using GIT, placing it in /opt/.

For the next step, we’re going to need access to Port 80, so temporarily shut down your webserver.

Run LetsEncrypt.

The first time this runs, it’s going to ask for an e-mail address.

If everything worked correctly, you’ll find your certificate files here:

Where is your domain name.

Next, inside your OpenLiteSpeed configuration, go in to your Listener->SSL settings. Add or modify them as follows:

Private Key: /etc/letsencrypt/live/
Certificate File: /etc/letsencrypt/live/
Chained Certificate: Yes

The rest of the fields should be blank.

That’s it. Start the server.

Updating your certificates

Your certificate is good for 90 days, but it’s recommended you update it every 60.

Updating is exactly the same as requesting, and requires you free up Port 80!

That will overwrite the certificate. The new certificate will be good for another 90 days.

I haven’t automated this myself yet, but there are suggestions how to do this in the article linked at the top.

Using a PICkit2 on Linux

Tuesday, January 26th, 2016


The PICkit connector is 6 pins, but the last pin is the Auxiliary pin.

This pin doesn’t seem to be used that often. The setup could be simplified by snipping the 6th pin.

After looking in to it, it seems the PICkit 2 is discontinued.

There isn’t even a download link there for the software.

I found the source code a rather backwards way. The link is here:

A newer device file is here (just overwrite):;749972

I discovered it by grabbing this package, opening the PKGBUILD file. As it turns out, they still have the files on their website, they’re just not linked publicly.

I’m not entirely convinced this is the latest version, but it is what I found.

Build like so.

That should output this:

You can then program a hex file. Before you start, figure out the PIC chip you’re programming, the name of your hex file, and adjust this accordingly.


KVM Server Setup Notes – Ubuntu 14.04 LARP (Redis)

Thursday, July 23rd, 2015

I’m setting up an experimental standalone server for Ludum Dare’s static content.


Checking Symbols GCC and Clang

Friday, June 20th, 2014

Just a short one.


Gives you list of all symbols defined by compilers. It’s interesting, that you have to feed it something (anything blank) to get this output though. /dev/null, or pipe in a blank echo (echo “” | gcc -dM -E -), etc.

Works with NaCl (pnacl-clang), Emscripten (emcc), and pretty much every GCC toolchain known to man.

Setting up NaCL and SDL (on a fresh Ubuntu)

Friday, June 6th, 2014

Some notes on getting NaCl working. Of course, things didn’t work out-of-the box.

Install nacl_sdk

Grab and follow the instructions here:

i.e. download and do the following:

Install 32bit Headers

‘cmon, everybody runs 64bit Linux these days (in my case Ubuntu 14.04 64bit). You need the 32bit libraries for anything to build though.


Follow Tutorial

‘make serve’ will now work.

Test2 probably wont run though. I haven’t checked, but I think it may not be a pnacl file (pnacl is necessary to run in a stock Chrome).

EDIT: The problem with Test2 is that newlib is the first Toolchain. If you modify the Makefile by making pnacl the first VALID_TOOLCHAINS (or commenting out the line entirely), and change index.html, the data-tools attribute of the body tag, make pnacl first, it will work correctly.

Now, lets see how far we get compiling SDL NaCL.

Set Environment Variables for SDL


Do something like the following.

‘readlink -f’ takes a path and converts it in to an absolute path (by following symlinks, ..’s, etc). If you’re on Windows, substitute it for the absolute path to your pepper directory. Mine is /home/mike/Work/Build/nacl_sdk/pepper_35

And of course, edit your pepper version accordingly (35 or whatever).

Build SDL2 in NaCL mode

SDL must be built outside the main SDL directory. I like to call my SDL directory “SDL2”, and do builds in directories like “SDLBuild”. I invoke my build like follows:

Notably, I’m putting the output (make install) inside the SDL subdirectory of the pepper SDK folder.

The Makefile

EDIT: For the makefile to work, I had to make a few changes. Here is the full modified makefile.

The changes are lines 19 and 20. Line 22 is new, as are lines 67 and 68. The last 2 lines are a hack to make “make serve” work the same as it does in the NaCl demos.

Here’s a diff.

For reference, my old notes (before I got it working by changing the makefile):

Okay, this didn’t actually work. I’m not sure exactly how it’s supposed to be configured, but it’s not configured correctly. It should only be used as a reference. Some other notes of things I had to do to get it to work:

naclbuild script

Alternatively, once the environment is set correctly (I think just NACL_SDK_ROOT) it’ll work. In the ‘build-tools’ folder is a script ‘naclbuild’. Run that, and it’ll put some output in the Build folder. Once it finishes, it gives you a string to copy+paste in to your shell. Do it.

Vine Videos:,

Currently works on Desktop Chrome, and Chrome OS. Will not work on Android (yet).

PPTP Connecting from Ubuntu 14.04

Saturday, May 17th, 2014

So I was having troubles opening a VPN connection from Ubuntu 14.04. I could VPN just fine on my iPad and Android devices, but I was having no luck on Ubuntu. Looking at my /var/log/syslog, and after much Googling, it seems my problem was ‘secrets’/keyring related.

Setting up a PPTP VPN connection is easy.


What I was lacking was one very specific checkbox with many implications, none of which were spelled out. The important one is that “Available to All Users” skips the secrets check, and instead prompts you for a password. That’s better than no VPN at all. 🙂


My advanced settings look something like this, thanks to other tutorials I stumbled across:


Notably, no PAP, as that’s very insecure. The rest of the options, I haven’t tried otherwise. What’s important to me is I can now connect to my VPN.