"Busy!"

Apologies for radio silence – it has been a super super busy couple of months; starting a new job, finishing my curacy, getting work done on the house… and that’s before the ongoing covid excitements.

I do have a backlog of photos to upload at some point – I haven’t given up on it all together!

"365 – 10 years!"

I’ve just noticed a little milestone has come and gone.

On the 9th May 2011 – i.e. ten years ago – I posted my first ever 365 photo, which was (I think aptly enough) a signpost:

Signpost

Since then I have posted 2,006 photos (so picture 2,000 was another milestone I guess), clearly not 365 a year (more like 200), but still pretty good going I reckon.

I really enjoyed the Lent Challenge, with a word to inspire every day, and I am now doing an ABC challenge, where each week is inspired by a different letter of the alphabet.

I do have some other (good) news of a more personal nature, but that needs to wait just a little bit longer…

"365 – Going Mobile"

My “365” project has had a fresh lease of life recently, since I started almost entirely using my phone camera. It hugely simplifies the workflow (as the photos are auto uploaded from the phone), and also means I’m not lugging around my DSLR.

It does mean that the photos are more like snapshots, and perhaps less considered, but I’m quite enjoying the freedom of not really having many options around aperture, shutter, etc. It’s kind of the instagram philosophy I guess.

"Lapel Mics – DC Bias"

I recently did a live streamed church service from home, and along the way learned what is needed to get certain types of microphone to work.

I have a couple of microphones I use for video work – I have a Rode VideoMic GO shotgun microphone and a Rode SmartLav+ label microphone.

I use my Canon DSLR for filming stuff, and almost any external mic is a huge improvement on the built-in one, so this has worked well.

However, when I plugged either of these into my laptop for the broadcast, I had to boost the gain, which in turn introduced a hum/buzz, and it was also picking up some internal computery noises. No problem, think I – I have an old mixer with mic pre-amps, let’s use that, and provide a line level input to the laptop.

No joy at all – no signal. These mics both have 3.5mm TRS jacks (actually the SmartLav comes with a TRRS, but I have a converter). My Mixer has XLR or 1/4″ TS or TRS inputs, so I try various converters. Absolutely nothing.

I then discover that these sort of microphones (unlike, say, an SM58) need a power supply, in the form of a voltage between the tip and the sleeve – called a DC Bias. This is only around 3v, and if you try to run phantom power down it, you will most likely fry the mic.

I found a few old YouTube videos of inline power supplies people has bought on eBay – but my searches brought up nothing. Until I found this page: Powering Microphones by Tomi Engdahl. I had a look at his circuits, and thought to myself, “I could make one of those”, so I did, and it worked!

It does give a bit of a “thump” when you plug it in, or turn it on, which I guess is due to the capacitor (presumably I have the wrong sort), but it provides a solid, if slightly low, level from the smartlav to the mixer pre-amp. I wonder if 3 AAs might have been a better bet, and 3V is a little low. Or maybe the 2.2K resistor is to high (or low), and provides too much (or too little impedance)? I confess I lose my way a little with microphone impudence, but figured it was worth a shot, as I was unlikely to blow up either my microphone or the mixer from 2 AA batteries.

My final circuit is shown below. I ordered all the parts from CPC Farnell, as follows:

  • Black ABS Potting Box – 100x50x25mm
  • Black Potting Box Lid – 100x50x25mm
  • 3.5mm Jack Socket, 3 Pole
  • 6.35mm (1/4″) Jack Socket, 2-Pole
  • 2x AA Battery Holder
  • Rocker Switch, DPST,
  • LED, Blue, 3mm, 3.5V
  • 300 Ohm Resistor, 0.6W
  • 2.2 kOhm Resistor, 0.5W
  • Capacitor, 10 µF

I originally designed it with a single 3.5mm jack, however the order quantity was 2, so I decided to have a stereo 3.5mm output option, with the rings of the 2 jacks directly connected (shown in blue).

The only purpose of the LED is to show when the box is switched on.

DC Bias Circuit

A days work drilling out the mount holes for the LED, jacks, and switch, and the job was a good ‘un. It was all a little bit tight in the potting box, and I don’t think a 3 AA battery holder would fit inside, but I’m quite happy with it, and it even works!

"Unintended Consequences"

My new “rules” for the 365 have had the opposite of my intended effect!

I had hoped they would spur me on to take more photos, but actually there have been two times already when I haven’t taken a photo because I alreeady have “today’s”, and at least one time when I haven’t taken on Saturday just because it was Saturday. I think partly as a result I haven’t taken one at all for two weeks!

So I am abandoning the new rules, and going back to my old rules, which is as many as I fancy a week, and if they’re not posted on the right day that’s ok.

"365 – Second Helpings"

As one of my resolutions/intentions this year is to take more photos, I’ve decided to resurrect my 365 to a limited extent.

I’m aiming for 6 photos a week, with one day off (Saturdays), and I will probably use the camera in my phone at a lot more.

As per the original project, it has to be a photo I have taken, and it must be taken on the date it’s posted – but if it takes me a week or to to upload them I’m not too stressed about that.

So here’s to 300+ photos in 2020!

"New Year"

While I don’t fully agree with the idea of New Year’s resolutions, there is something about intention and accountability which helps to get things done.

So, in that spirit, over the next year I hope to:

  • Try surfing
  • Spend time with both my sisters and step-Dad.
  • Weigh less than 75kg and be generally fitter:
    • Walk at least 30 mins every day.
    • Go for at least 1 hour’s walk every week.
    • Avoid snacking/eating between meals
    • Some form of calisthenics several times a week
  • Take more photos and resurrect my 365:
    • Take a photos every day for 6 days of the week, with one day off.
    • Possibly take 2 photos on the day before the day off.
  • Finish reading at least one book every calendar month.
  • Post a blog entry at least once a every calendar month.

Edited on 4th January to be more specific

"Azure Dynamic DNS"

Since DynDns announced they were withdrawing their free offering, I have been looking for an alternative.

Turns out Microsoft’s Azure DNS has a REST API, and python library. While not free, it is very cheap – so far my DNS costs with Azure are running at 1p/day (although I only incur 5k queries a day).

Setting up Azure and a DNS zone is pretty straightforward, getting the authentication and python script working as a bit more tricky, so here’s what I did.

  1. First set up the DNS zone in your Azure Portal
  2. Now Create an App:
    1. Go to Azure AD, then “App Registrations”, then “New Registration”.
    2. Name it something meaningful for you, like “autodns”
    3. I chose “Single Tenant”
    4. The next page gives two of the magic ids you need:
      • Application/Client Id
      • Directory/Tenant Id
    5. Then on the left menu, go to “Certificates and Secrets”
    6. Create a new client secret – choose the expiry you want
    7. Copy and store the client secret – this is the only time it’s show in in full
  3. Then you need to give this app permissions to edit DNS records:
    1. Navigate to your DNS Zone
    2. Go to Access Control (IAM)
    3. Add Role assignment
    4. Choose “DNS Zone Controller”
    5. Type in the app name you create above (autodns, or whatever).
  4. Back in the DNS Zone Overview, make a note of the Resource Group and Subscription – you’ll need these later.

That’s it for the Azure side, and you’re ready to write the script to do the update.

My script is python – you’ll need the “azure” libraries


$ pip install azure

First job is to obtain an access token for the API, using the ServicePrincipalCredentials.

import adal
from azure.common.credentials import ServicePrincipalCredentials

client_id = '<value from app registration page>'
client_secret = '<secret from certifications and secret>'
tenant = '<value from app regsistration page>'

def authenticate_client_key():
  credentials = ServicePrincipalCredentials(
    client_id = client_id,
    secret = client_secret,
    tenant = tenant
  )
  return credentials

This can then be used to interact with the Azure api – in our application it’s the DNS Management we are interested in:

from azure.mgmt.dns import DnsManagementClient

resourceGroupName='<Value from DNS Zone page>'
subscription_id='<Value from DNS Zone page>'
dnsZone='yourdomain.com'
dnsRecord='yourhost'

cred = authenticate_client_key()
dns_client = DnsManagementClient(
  cred,
  subscription_id
  )

# Get the 'A' Record
res = dns_client.record_sets.get(resourceGroupName, dnsZone, dnsRecord, 'A')

print(res.arecords[0].ipv4_address);

# Update the A record
dns_client.record_sets.create_or_update(
  resourceGroupName,
  dnsZone,
  dnsRecord,
  'A',
  {"ttl": 300, "arecords": [{"ipv4_address": '1.2.3.4'}]}
  )

In my application, I’ve got a server running behind a NAT router on my broadband, and when my public IP address changes I want to update a DNS record to this address.

The missing piece here is to determine my public IP address – I’m currently using “ipify”.

from requests import get
currentIp = get('https://api.ipify.org').text

Glueing it all together, you end up with:

import adal
from msrestazure.azure_exceptions import CloudError
from azure.common.credentials import ServicePrincipalCredentials
from azure.mgmt.dns import DnsManagementClient
from requests import get

client_id = '<value from app registration page>'
client_secret = '<secret from certifications and secret>'
tenant = '<value from app regsistration page>'

resourceGroupName='<Value from DNS Zone page>'
subscription_id='<Value from DNS Zone page>'
dnsZone='yourdomain.com'
dnsRecord='yourhost'

def authenticate_client_key():
  credentials = ServicePrincipalCredentials(
    client_id = client_id,
    secret = client_secret,
    tenant = tenant
  )
  return credentials

currentIp = get('https://api.ipify.org').text
print('Current Public IP is {}.'.format(currentIp))

cred = authenticate_client_key()
dns_client = DnsManagementClient(
  cred,
  subscription_id
  )

# Get the 'A' Record
res = dns_client.record_sets.get(resourceGroupName, dnsZone, dnsRecord, 'A')

dnsIp = res.arecords[0].ipv4_address;
print('Current DNS record for {}.{} is {}.'.format(dnsRecord, dnsZone, currentIp))

if dnsIp != currentIp:
  print('Updating IP Address')
  dns_client.record_sets.create_or_update(
    resourceGroupName,
    dnsZone,
    dnsRecord,
    'A',
    {"ttl": 300, "arecords": [{"ipv4_address": currentIp}]}
    )
else:
  print('No update needed')

The code above also may well have syntax errors, as I’ve just typed it in – but the approach is pretty clear.

Obviously for production code, you’d need to add exception handling, logging, and notifications. You are also effectively trusting “ipify” with the ability to set your DNS A Record!

Then you can drop it on your server wrapped up in a crontab, or task schedule, or whetever takes your fancy.

Oh yes, and I’m not sure what the API limits are for Azure, so you could always cache the ‘dnsIp’ or do an nslookup rather than hitting Azure every run.

"UPnP"

Sometimes I deeply dislike computers, especially when they try and be too clever. It’s actually a little bit scary (The Terminator‘s looking less and less far fetched!).

Recent incident – true story. My website now runs on my own server at home, at the end of my broadband pipe. Despite what the provider claims it really isn’t fibre, but it is 100 Mbps down and 20 Mbps up, which is far more bandwidth than the traffic I generate. So far so good.

Last week, I suddenly started getting e-mails from Google’s search bot telling me the number of 404s on my site has suddenly increased. Oops, think I, must have bust something when I moved it. I look at it – strange, all seems fine. I also found out that my sitemap XML hadn’t updated itself since 2006, but that’s another story.

So I try from Google using the “view as Google” thing – 404s, 500s, cannot access, requires authorisation. Really weird.

So I forget about it for a bit, and then try again from work. Suddenly I can’t see my website at all, just errors. I go to the homepage, and am presented with the login screen for my NAS drive!!

Eeek – that drive has got all my photos, filing, backups, etc, and it’s being exposed to the Internet?!?!?!

Turns out that my Broadband hub had turned on UPnP by itself. It then also turned out that the NAS drive will aggressively try to find a router on the local network, and ask it to forward ports 80 and 443 to itself. And the broadband hub will obey, even though I had manually set up those ports to be forwarded to my hardened server. I didn’t see the problem from home because I was accessing the server directly (even though I thought I was going through the router).

Thankfully I could SSH in from work, which meant I could access the hub admin site, and turn off UPnP and the port forwarding, and put some measures in play to stop it happening again.

"Pi eyed"

Very excited that I’ve relocated my website and my photo site onto a Raspberry Pi, which is sitting on my desk looking at me as I type!

I purchased said Pi for this purpose over a year ago, but somehow didn’t quiet get around to doing anything more than having it as a Linux box I could SSH into should the spirit move me. This is more useful than it sounds, as Linux network tools are good, it’s immensely useful to be able to test things from outside my work LAN while at work, plus SSH tunelling is the best thing since sliced bread.

I know that, by saying all this I’m potentially revealing details about the server running stuff, which is a security vulnerability. But I reckon anyone who’s serious about trying to hack me will already know what OS and hardware I’m running, and the chances are they aren’t reading this blog either!

Next Page »

W Wordpress