lighttpd +


Three cases,

  • a ’normal‘ www domain:
  • a ’normal‘ subdomain where the naked domain is part of shared webspace:
  • a proxy subdomain for a rails application (redmine):

Continue Reading »

Flattr this!

Bedienungsanleitung Telephon „Telekom Actron B“

Bedienungsanleitung Telekom Actron B

90° gedreht von Quelle:

Flattr this!

MKTileOverlay with gdal2tiles or other TMS tiles

from iOS 7.0 onward there’s the neat MKTileOverlay::initWithURLTemplate: for tiled overlay maps.

Sadly it can’t display old-school Tile Map Service maps as e.g. produced by gdal2tiles.py1) because the y-values are flipped upside down. The OSM Wiki says about this fact: „This is really just an unfortunate historical misalignment.“

But with the drop-in MKTileOverlay replacement below, you can use flipped geometries and add {-y} in the URL template to indicate such:

Continue Reading »

Flattr this!

App ShaarliOS im Store

brandneu für einen Euro im App Store ist meine ‚Share Extension‘ für iOS 8+ und Shaarli.

Und – das ist ein Experiment – gleichzeitig als GPLv3 Free Software bei github.

Bin gespannt.

Flattr this!

Autolayout: change constraint multiplier

the NSLayoutConstraint multiplier property is read-only. But if you need to change it, you can replace the constraint with a modified clone like

@implementation NSLayoutConstraint(ChangeMultiplier)
// visal form center
-(NSLayoutConstraint *)constraintWithMultiplier:(CGFloat)multiplier
  return [NSLayoutConstraint

and replace it like

  NSLayoutConstraint *c = [self.constraintToChange constraintWithMultiplier:0.75];
  [self.view removeConstraint:self.constraintToChange];
  [self.view addConstraint:self.constraintToChange = c];
  [self.view layoutIfNeeded];

Flattr this!

hardening ssh (debian wheezy)

LogJam requires some action. (Article in german)

Update (open-)ssh to a recent version (6.6)


$ echo "deb wheezy-backports main" | sudo tee -a /etc/apt/sources.list
$ sudo apt-get -u update
$ sudo apt-get install -t wheezy-backports ssh
$ sudo apt-get autoremove

Harden crypto


$ sudo tee -a /etc/ssh/sshd_config <<EOF_SSH_CFG
$ sudo /etc/init.d/ssh restart


Replace host keys, /etc/ssh/sshd_config

Protocol 2
HostKey /etc/ssh/ssh_host_ed25519_key
HostKey /etc/ssh/ssh_host_rsa_key


$ cd /etc/ssh
$ sudo rm ssh_host_*key*
$ sudo ssh-keygen -t ed25519 -f ssh_host_ed25519_key < /dev/null
$ sudo ssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key < /dev/null
$ sudo /etc/init.d/ssh restart


Flattr this!

redmine & chruby (fetch emails)


# chruby needs bash
# redmine email import with chruby.
# Put this script into <redmine_dir>/script and a set crontab like
#   $ sudo -u www-data crontab -l
#   */15 * * * * <redmine_dir>/script/
cd "$(dirname "$0")/.."
log="log/$(basename "$0" .sh).log"
cat >> "$log" <<EOF
$(date --rfc-3339=seconds) $0
source /usr/local/share/chruby/
source /usr/local/share/chruby/
# in case we use rbx in .ruby-version, we need to explicitly set ruby in
# script/ due to
chruby ruby || { echo "Failed to change ruby." 1>> "$log" && exit 1; }
bundle --version 1>/dev/null || { nice gem install bundle 1>> "$log" 2>> "$log" ; }
bundle check 1>/dev/null 2>/dev/null || { nice bundle install 1>> "$log" 2>> "$log" ; }
nice bundle exec rake redmine:email:receive_imap \
  RAILS_ENV="production" \
  host=<foo> \
  ssl=1 \
  port=993 \
  username=<bar> \
  password=<foobar> \
  unknown_user=accept \
  1>> "$log" \
  2>> "$log"


Flattr this!

USER_AGENT Blocking – sowas gibt’s wirklich!

schon kindisch, oder?

$ curl --head
HTTP/1.1 403 Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Content-Length: 290
Expires: Mon, 27 Apr 2015 21:01:07 GMT
Date: Mon, 27 Apr 2015 21:01:07 GMT
Connection: keep-alive
Vary: User-Agent
$ curl -A Mozilla --head
HTTP/1.1 200 OK
Server: Apache
res-obj: www
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Apr 2015 21:01:14 GMT
Content-Length: 132153
Connection: keep-alive
Vary: User-Agent

Flattr this!

#Qualitätsjournalismus und Datenschutz*) denkt sich wohl „was interessiert mich der Datenschutz meiner Besucher“.

an wen verpetzt mich die SZ alles? Natürlich ohne jeden Hinweis im Impressum - ganz zu schweigen davon das VORHER zu tun.

an wen verpetzt mich alles?
Hinweise versteckt weit unten im Impressum – allerdings wird selbst dort geschnüffelt und nicht vorher gefragt.

Danke Requestpolicy und ablopac, so bleiben mir die Schnüffler vom Hals.

*) andere große Verlage sind ähnlich, das ist im #Qualitätsjournalismus leider üblich.

Flattr this!

lua & timezones by name

A bit hard to puzzle due to scarce documentation.

#!/usr/bin/env lua
local luatz = require 'luatz' --
local tz_name = 'Europe/Berlin'
local ts_loc = luatz.time({year=2014, month=12, day=31, hour=23, min=59})
-- %z isn't supported yet:
local function tz_off_iso8601(tz_offset_seconds)
  local separator = '' -- 8601 %z compliant
  -- separator = ':' -- 8601 W3C compliant
  local tz_offset_minutes = tz_offset_seconds / 60
  local sign = string.byte('+')
  if tz_offset_minutes < 0 then sign = string.byte('-') end
  return string.format('%c%02d%s%02d', sign, tz_offset_minutes / 60, separator, tz_offset_minutes % 60)
local tzi = assert(luatz.get_tz( tz_name ), 'No such timezone: \''..tz_name..'\'')
local ts_utc = tzi:utctime ( ts_loc )
local t_loc = luatz.timetable.new_from_timestamp( ts_loc )
local t_utc = luatz.timetable.new_from_timestamp( ts_utc )
print( t_loc:strftime('%F %T'), tz_off_iso8601(tzi:find_current( ts_utc ).gmtoff), tz_name )
print( t_utc:strftime('%F %T'), tz_off_iso8601(0), 'UTC' )

Flattr this!