Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
tuyop
Sep 14, 2006

Every second that we're not growing BASIL is a second wasted


Fun Shoe

Blue Footed Booby posted:

I got it working with authentication disabled in transmission. Then when I enable auth it tells me there's an authentication error. Except the web interface works using the same exact name and password (I copy pasted from a text file to make sure). Sonarr is in a docker container; transmission is not. Turning off both whitelist options in transmission via the config changed nothing. Googling is finding a bunch of things my problem definitely isn't, like issues that happen when sonarr and the torrent client are in different containers, or not stopping the daemon before editing the config json file.

Any thoughts? My past few issues were the result of me doing something dumb but I'm having trouble figuring out how to narrow down what the dumb thing is with nothing useful in the log for sonarr, and no log at all for transmission.

I remember needing to copy the hashed password from a config file or use secrets file instead of just the human-entered one.

Adbot
ADBOT LOVES YOU

Blue Footed Booby
Oct 4, 2006

got those happy feet




Slippery Tilde

tuyop posted:

I remember needing to copy the hashed password from a config file or use secrets file instead of just the human-entered one.

It automatically replaced the password in the config with the hashed version when I restarted the daemon. Was it something other than that?

tuyop
Sep 14, 2006

Every second that we're not growing BASIL is a second wasted


Fun Shoe

Blue Footed Booby posted:

It automatically replaced the password in the config with the hashed version when I restarted the daemon. Was it something other than that?

Iím testing a version of this in docker right now, actually. Is there any reason you canít run transmission as a container as well?

Edit: Nah, got stuck in a permissions hate loop so I'm not going to get to test that tonight. Sorry!

tuyop fucked around with this message at 00:39 on Jan 23, 2021

Dominoes
Sep 20, 2007



ante posted:

It's weird seeing people discuss this in the context of "a linux board, but more of a lightweight OS" instead of "a pretty standard microcontroller, just like the ESP32" where running Linux isn't really part of the discussion
It's easy to think of computers as the devices with keyboards and mice we interact with regularly, or maybe smartphones. They have screens and speakers; they run arbitrary software, usually many pieces of it at once. They run an operating system like Linux, iOS, or Windows. They crash, do automatic updates, and let you browse the web.

It's easy to forget all the other computers around us. The ones that control the radio, or fuel injection system in your car. That control your watch, or dishwasher. The systems that manage the flight controls or navigation systems on an airplane. The seeker on a bomb. The systems in Voyager, the ISS, and GPS. The radar in the nose of a fighter jet, or the one that helps you not hit the other cars when parking in a European garage.

Dominoes fucked around with this message at 14:12 on Jan 23, 2021

Blue Footed Booby
Oct 4, 2006

got those happy feet




Slippery Tilde

tuyop posted:

Iím testing a version of this in docker right now, actually. Is there any reason you canít run transmission as a container as well?

Edit: Nah, got stuck in a permissions hate loop so I'm not going to get to test that tonight. Sorry!

Haha, no worries. This project is basically taped together shower thoughts, where I'll get stuck, set it all down, and randomly think of something else to try hours or days later. It's kind of a zen way to learn linux and poo poo.

Dominoes posted:

It's easy to think of computers as the devices with keyboards and mice we interact with regularly, or maybe smartphones. They have screens and speakers; they run arbitrary software, usually many pieces of it at once. They run an operating system like Linux, iOS, or Windows. They crash, do automatic updates, and let you browse the web.

It's easy to forget all the other computers around us. The ones that control the radio, or fuel injection system in your car. That control your watch, or dishwasher. The systems that manage the flight controls or navigation systems on an airplane. The seeker on a bomb. The systems in Voyager, the ISS, and GPS. The radar in the nose of a fighter jet, or the one that helps you not hit the other cars when parking in a European garage.

My favorite part of the information age is that processors are so powerful these days that lots of stuff has horsepower to spare because it was genuinely cheaper to buy some unnecessarily powerful chip that's already made by the million rather than something bespoke that's closer to what's needed. Thus when some third-rate manufacturer fucks up, you end up with a botnet of lightbulbs and refrigerators taking down Netflix for hours.

Talen_Soti
Mar 30, 2010


I'm Looking for an updated version of instructions to install Guacamole to run on my Pi 3+ or on a Pi 0W. All the instructions use pre 1.0 versions of Guacamole. I have been having no luck in building it by my self.

Dominoes
Sep 20, 2007



Blue Footed Booby posted:

Haha, no worries. This project is basically taped together shower thoughts, where I'll get stuck, set it all down, and randomly think of something else to try hours or days later. It's kind of a zen way to learn linux and poo poo.


My favorite part of the information age is that processors are so powerful these days that lots of stuff has horsepower to spare because it was genuinely cheaper to buy some unnecessarily powerful chip that's already made by the million rather than something bespoke that's closer to what's needed. Thus when some third-rate manufacturer fucks up, you end up with a botnet of lightbulbs and refrigerators taking down Netflix for hours.
It's amazing. It rarely makes sense (In terms of cost or effort) to use specialized chips for these reasons. Even things like FPGA are a struggle to justify, when general-purpose MCUs are so cheap and feature-rich due to economies of scale.

I think your point about lightbulb botnets is a tangent - and I'm worried. So many things are connected to the internet that don't need to be. I think it's a combo of #1: Trendiness / marketing, and #2 Data collection, top-down control, and as a platform to advertise via associated apps. Coming full-circle, a trend in these (generally consumer) devices is to use a GP OS like linux.

Dominoes fucked around with this message at 23:29 on Jan 23, 2021

ante
Apr 9, 2005

SUNSHINE AND RAINBOWS

Of course I need x86 on my lightbulb, MOM

dupersaurus
Aug 1, 2012

Futurism was an art movement where dudes were all 'CARS ARE COOL AND THE PAST IS FOR CHUMPS. LET'S DRAW SOME CARS.'

Any recommendations for plug-and-play portable screens? I'm doing some stuff with stationary cameras and getting focus set through VNC lag is tough, but I'm having trouble finding screens that aren't expected to be mounted directly to the Pi. Touch is nice but not required.

beefnoodle
Aug 7, 2004

IGNORE ME! I'M JUST AN OLD WET RAG


Something like this? You can use it via cables, it doesn't have to be mounted, though it can.

https://www.amazon.com/gp/product/B07VNX4ZWY/r

dupersaurus
Aug 1, 2012

Futurism was an art movement where dudes were all 'CARS ARE COOL AND THE PAST IS FOR CHUMPS. LET'S DRAW SOME CARS.'

beefnoodle posted:

Something like this? You can use it via cables, it doesn't have to be mounted, though it can.

https://www.amazon.com/gp/product/B07VNX4ZWY/r

Oh nice, I was looking at that one but misunderstood how the HDMI in worked, but yeah looks like that'd be good

TheManWithNoName
Oct 20, 2004

Cuz life sucks, kids. Get it while you can.



Is this the place to ask Pi-hole questions? Admittedly I have no experience with pis or SBCs in general, but I got it set up on a pi zero w. I added a bunch of blacklists but stuff is still coming through that my browser adblock usually gets. Am I doing something wrong? I've tried adding specific urls to the blacklist as well and it doesn't block them.

Fantastic Foreskin
Jan 6, 2013

A golden helix streaked skyward from the Helvault. A thunderous explosion shattered the silver monolith and Avacyn emerged, free from her prison at last.



TheManWithNoName posted:

Is this the place to ask Pi-hole questions? Admittedly I have no experience with pis or SBCs in general, but I got it set up on a pi zero w. I added a bunch of blacklists but stuff is still coming through that my browser adblock usually gets. Am I doing something wrong? I've tried adding specific urls to the blacklist as well and it doesn't block them.

Is it set up as your router's dns?

TheManWithNoName
Oct 20, 2004

Cuz life sucks, kids. Get it while you can.



Some Goon posted:

Is it set up as your router's dns?

Yeah, both primary and secondary. In the dashboard it's definitely blocking stuff, just way less than I expected.

Malloc Voidstar
May 7, 2007

Fuck the cowboys. Unf. Fuck em hard.

Pi-hole will inevitably block less than a browser adblocker, it can only block entire domains.

TheManWithNoName
Oct 20, 2004

Cuz life sucks, kids. Get it while you can.



Malloc Voidstar posted:

Pi-hole will inevitably block less than a browser adblocker, it can only block entire domains.

Okay but even the domains Iím adding to the black list as wildcards arenít being blocked. I updated the gravity too. Does it take awhile to kick in?

Varkk
Apr 17, 2004




Did you create a new ruleset or add to an existing one? If new did you apply it to any client groups?

TheManWithNoName
Oct 20, 2004

Cuz life sucks, kids. Get it while you can.



Varkk posted:

Did you create a new ruleset or add to an existing one? If new did you apply it to any client groups?

I added some lists from https://firebog.net/ if that's what you mean? As well as adding individual domains to the blacklist.

EDIT: I think it's working better? Youtube ads still aren't being blocked but some ones I added are. Not sure if there is just a delay or what.

TheManWithNoName fucked around with this message at 03:00 on Feb 3, 2021

Skarsnik
Oct 21, 2008

I...AM...RUUUDE!






You won't get YouTube ads blocked by the pihole.

It blocks by dns and the YT ads come from the YT address..

beefnoodle
Aug 7, 2004

IGNORE ME! I'M JUST AN OLD WET RAG


TheManWithNoName posted:

Is this the place to ask Pi-hole questions? Admittedly I have no experience with pis or SBCs in general, but I got it set up on a pi zero w. I added a bunch of blacklists but stuff is still coming through that my browser adblock usually gets. Am I doing something wrong? I've tried adding specific urls to the blacklist as well and it doesn't block them.

It canít block DNS over HTTP, which is how lots of ads get delivered these days.

https://www.nigelayen.com/technology/dns-over-https-and-pihole-on-raspberry-pi/

Blue Footed Booby
Oct 4, 2006

got those happy feet




Slippery Tilde

beefnoodle posted:

It can’t block DNS over HTTP, which is how lots of ads get delivered these days.

https://www.nigelayen.com/technology/dns-over-https-and-pihole-on-raspberry-pi/

I'm not the most knowledgeable guy about networks and the internet, but I have set up pihole. By default pihole doesn't use https, meaning that it only blocks ads from dns over http. The article you linked is about setting up dns over https (for a pihole that's also a DHCP server).

SMEGMA_MAIL
May 4, 2018




TheManWithNoName posted:

l

EDIT: I think it's working better? Youtube ads still aren't being blocked but some ones I added are. Not sure if there is just a delay or what.

I think it was possible a long time ago to block YouTube ads but it definitely hadnít been possible with this method for a while.

xtal
Jan 9, 2011
Hi, I'm an obnoxious prick. If you see me posting outside of CSPAM, please tell me to go back where I belong.


beefnoodle posted:

It can’t block DNS over HTTP, which is how lots of ads get delivered these days.

https://www.nigelayen.com/technology/dns-over-https-and-pihole-on-raspberry-pi/

I knew I was right about DoH!

wolrah
May 8, 2006
what?


xtal posted:

I knew I was right about DoH!

DoH and DoT are double-edged swords. They prevent interception and manipulation of DNS requests. This is a great thing if you're on some random public WiFi or whatever, but it does also mean that an ad delivery network can bypass any intentional DNS interception you may desire.


IMO the takeaway is that DNS interception was never a good solution for anything, it was always technically easy to bypass, just actually doing so wasn't particularly widespread.

brains
May 12, 2004



beefnoodle posted:

It canít block DNS over HTTP, which is how lots of ads get delivered these days.

https://www.nigelayen.com/technology/dns-over-https-and-pihole-on-raspberry-pi/

Blue Footed Booby posted:

I'm not the most knowledgeable guy about networks and the internet, but I have set up pihole. By default pihole doesn't use https, meaning that it only blocks ads from dns over http. The article you linked is about setting up dns over https (for a pihole that's also a DHCP server).

the pihole can disable browser DoH through use of a canary domain. another thing to keep in mind is that for full effect of a pihole (or any DNS filtering), you need to configure your edge firewall/router to intercept any outbound port 53 traffic and send it to the pihole. this will catch any devices or software that have hardcoded DNS servers (like google).

when it comes to blocking ads, DNS filtering like the pihole are really meant to be used in conjunction with browser script blockers that pull most of the weight, like ublock origin. the main function of a DNS filter is to intercept malicious domain requests as well as telemetry/tracker domains, and basic content blocking. a lot of ads are served from the same domain now, like youtube, so only something that gets in the browser and blocks the scripts from loading will be effective.

xtal
Jan 9, 2011
Hi, I'm an obnoxious prick. If you see me posting outside of CSPAM, please tell me to go back where I belong.


wolrah posted:

DoH and DoT are double-edged swords. They prevent interception and manipulation of DNS requests. This is a great thing if you're on some random public WiFi or whatever, but it does also mean that an ad delivery network can bypass any intentional DNS interception you may desire.


IMO the takeaway is that DNS interception was never a good solution for anything, it was always technically easy to bypass, just actually doing so wasn't particularly widespread.

Wow I wonder why the huge ad company is backing this. Might be a bad idea.

wolrah
May 8, 2006
what?


xtal posted:

Wow I wonder why the huge ad company is backing this. Might be a bad idea.
Yeah, continuing to run DNS queries in the clear with no protections from malicious interception is a great idea. /s

Relying on DNS to block ads (or anything else) has been a crappy option since the days of HOSTS files. Just because someone wrapped a nice appliance UI around the same bad idea didn't make it any better.

---

Beyond that, Apple and Mozilla are also backing DoH. Firefox implemented it before Chrome in fact. Microsoft has also implemented support in Windows 10. Implying this is being pushed by Google solely to kill crappy ad blocking is nonsense.

Tamper protection technologies can't and don't differentiate between tampering for good and tampering for evil. It is impossible to have a protocol that allows me to trust my DNS traffic is secure when connected to an untrusted network without also allowing an advertising-supported application to trust its own DNS traffic in the same way. You get both or you get neither, and the cat's already out of the bag here.

Klyith
Aug 3, 2007

GBS Pledge Week


xtal posted:

Wow I wonder why the huge ad company is backing this. Might be a bad idea.

The number of people using piholes is minuscule. Google doesn't doesn't give a poo poo about piholes. They probably like how DoH fucks over other advertisers and ISPs who data-collect via DNS, because those are google's competition. But mostly they care about increased security.


Encrypted DNS is good, it just means that the simple 1-2-3 pihole setup for unsophisticated users isn't very good anymore. Here are instructions for putting a DoH resolver on a pihole. I'm sure that eventually the pihole people will update their stuff such that it does DoH out of the box, but it will unavoidably be a more complicated setup. To get a browser inside your network to only hit the pihole for DNS you either need to configure settings on the browser, or configure your router to block / redirect requests to the pihole.

IMO the easiest and least troublesome setup for a home network is to have unencrypted DNS between your browser/PC and a local DNS server, and encrypted DNS between the local DNS server and the rest of the internet. The security & privacy is still there but it's far easier to troubleshoot. I run asuswrt-merlin + diversion like this and it was a much easier setup process because it's all happening on the one gateway between inside and outside. But this also involved me disabling DoH on browsers, which isn't great for any device that might leave my home network.

Centrist Committee
Aug 6, 2019



Random question, but is it safe to run a Pi exclusively off of an SD card? I remember something about memory cards having a finite number of write cycles but idk if thatís relevant or accurate

ante
Apr 9, 2005

SUNSHINE AND RAINBOWS

Most of my SD cards have poo poo themselves eventually. Buying good quality ones is pretty important (I usually don't do that) and you can lock the filesystem so that unnecessary writes are prevented. Doing that, some people have had them successfully run Pis for years on end.

SMEGMA_MAIL
May 4, 2018




Centrist Committee posted:

Random question, but is it safe to run a Pi exclusively off of an SD card? I remember something about memory cards having a finite number of write cycles but idk if thatís relevant or accurate

Iíve been running a pi for 7 months now always on without issue

xtal
Jan 9, 2011
Hi, I'm an obnoxious prick. If you see me posting outside of CSPAM, please tell me to go back where I belong.


Use the SD card just for boot and system files, and have all your data and logs and such elsewhere. The SD card should basically be considered read only. If you follow that rule then any SD card will work forever, and if they don't they are easy to replace.

Centrist Committee
Aug 6, 2019



Cool thanks for the info. Iím using a cheap one I found in a drawer to get setup and mess around with. Iíll plan to set up something more robust down the line.

Klyith
Aug 3, 2007

GBS Pledge Week


I've had my music box Pi running off SD card for over a year, no issues yet. Name brand sandisk card, but the basic cheap version thereof. I don't care enough to equip it with better storage because it doesn't have anything unique on it and a rebuild would be pretty easy.


Also I feel like the application is a lot of how reliable the SD card is gonna be. Premade pi stuff that the authors know is likely to just run off the card is probably configured to do minimal logging and generally going easy on it, to the extent possible. AFAIK the most common way that cards get messed up or killed is power loss during writes.

Rolling your own system starting with raspberian or whatnot you probably have to pay attention to that stuff yourself, or use a real drive.

Skarsnik
Oct 21, 2008

I...AM...RUUUDE!






I've got pi's that have been running the same card for 7+ years now that haven't eaten themselves and run 24/7

Good quality cards are a must and do something with your logging

If it's something I don't need the logs for I just mount /var/log to ram. If I know I'll need them between reboots I use the log2ram script which backs them up occasionally

tuyop
Sep 14, 2006

Every second that we're not growing BASIL is a second wasted


Fun Shoe

Skarsnik posted:

I've got pi's that have been running the same card for 7+ years now that haven't eaten themselves and run 24/7

Good quality cards are a must and do something with your logging

If it's something I don't need the logs for I just mount /var/log to ram. If I know I'll need them between reboots I use the log2ram script which backs them up occasionally

Is that really as simple as this?

https://www.zdnet.com/article/raspberry-pi-extending-the-life-of-the-sd-card/

quote:


Using Tmpfs

As I mentioned, tmpfs can write to RAM instead of the local disk (in this case, the SD card). Using it is simple. All that needs to be done is add an entry to the /etc/fstab file (to mount the folder you wish to have written to RAM) and reboot (so that each mount is cleanly mounted before services start writing files).

The kernel will do the rest for you by managing the writes to the RAM on this virtual filesystem. The really neat part about this is that the kernel will only use the amount of RAM required for writing files, not the entire size of the mount. So, for example, say we add this line to the /etc/fstab file:

tmpfs /var/log tmpfs defaults,noatime,nosuid,mode=0755,size=100m 0 0

xtal
Jan 9, 2011
Hi, I'm an obnoxious prick. If you see me posting outside of CSPAM, please tell me to go back where I belong.



Yes. It's slightly harder to debug but normally not an issue. If you end up with a system that doesn't boot, you won't be able to retrieve the logs. But part of the goal is that, in that case, you'd just flash the OS again based on a known working configuration.

Skarsnik
Oct 21, 2008

I...AM...RUUUDE!






Pretty much yes, however some badly written services won't start without a log or directory present first

And obviously you lose them all on a reboot, so troubleshooting issues can be hard

The log2ram script solves all that if it's an issue

E: "GitHub - azlux/log2ram: ramlog like for systemd (Put log into a ram folder)" https://github.com/azlux/log2ram

Skarsnik fucked around with this message at 20:16 on Feb 12, 2021

Hadlock
Nov 9, 2004





% of rpi users who know /var/log exists let alone would think to inspect it is probably vanishingly small. Average rpi user probably deserves a gold star for setting up key based auth

Adbot
ADBOT LOVES YOU

Centrist Committee
Aug 6, 2019



Iíve got my Pi up and running. I have some projects in mind and have found some components I want to use but I donít have any electrical engineering or circuit design experience. I havenít found many useful guides as the search results seem pretty worked over for SEO. For example there are plenty of charts for the GPIO pins, but I havenít seen anything that really explains what the different types of pins are good for. Iíd also like to know if there are any good starter kits for building things, like wires and resistors and capacitors (not that I know the difference between them). Iíd like to avoid soldering, donít mind taking up a little space, and donít need make anything permanent right now. I mostly want to play with sensors.

Also Iím looking at components on Adafruit and a lot of cool parts are out of stock. Do things tend to get replenished regularly or no?

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply