Bridged Networking on Ubuntu 14.04

It’s often necessary to set up a bridged network on VM hosts, but the documntation for Ubuntu has gotten a bit dated. After much trial-and-error, here is what worked for my datacenter-hosted VM server:

First, run sudo apt-get install bridge-utils, if the package is not already installed.

Next, update your /etc/network/interfaces file to include a br0 adapter, moving any ip configuration from eth0. This is the complete configuration that I’m running:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual

auto br0
iface br0 inet static
    bridge_ports eth0
    bridge_stp off
    bridge_fd 0
    bridge_maxwait 0

You can also safely add an iface eth0 inet6 section for IPv6 networking, without it interfering with the bridged adapter configuration.

Finally, restart your networking services, in a different way than usual. Since your primary interface is now br0, you’ll want to run sudo ifdown eth0 && sudo ifup br0. Assuming your configuration was done correctly, this shouldn’t interrupt any open SSH connections. Once your br0 interface is up, you can proceed to bind IPs to it within VMs by pointing the VM to your br0 device as a bridged adapter. Static IP assignments within VMs should work fine as long as the IP is associated with your host machine.

This setup should work on any debian-based OS, and may work on other linux-based OSes as well. I’ll likely replace my Ubuntu host with a Debian 8 setup soon, and I’ll update this post when I do.

Partially sourced from the KVM/Networking article on Ubuntu’s community site.

Minimal BitTorrent Seednode

I took the time over the weekend to get more familiar with OpenVPN and Debian 8, which are an awesome combination. My first seednode I set up was on an old laptop. Debian 8’s netboot CD gives you everything you need and nothing more, which is perfect, so that’s where I started. Once I got the laptop up and running, I tried it out on a VirtualBox VM on my OVH server. Here’s the complete guide to doing this yourself:

  1. Get Debian 8’s netboot or live CD ISO (Get the Standard release, WMs are a waste of resources)
  2. Install the OS on a physical machine or VM, optionally enabling full-disk encryption. You’ll probably only need 1-2 GB of RAM and a somewhat recent CPU, nothing too fancy. Bigger nodes need faster specs, but BitTorrent isn’t very heavy.
  3. Once the OS has booted, update everything and install some basic packages:
    1. Log in as root using the password you set during installation
    2. apt-get update
    3. apt-get dist-upgrade -y
    4. apt-get install openvpn transmission-cli transmission-common transmission-daemon -y
    5. reboot
    6. One your system reboots, log in as root again. If you enabled encryption in step 2, you’ll need to enter that passphrase again on each reboot.
  4. Configure the VPN
    1. Get a paid VPN service, I recommend Private Internet Access. $35/yr, unlimited bandwidth, thousands of gateways around the world.
    2. cd /etc/openvpn
    3. Create a new file with nano client.conf, entering the contents below. This will be used to auto-connect to your VPN on startup.

       dev tun
       proto udp
       # Edit the line below with your VPN server's host/port
       remote 1194
       resolv-retry infinite
       auth-user-pass /etc/openvpn/auth.txt
    4. Save the file with Ctrl+X, Y, Enter.
    5. Next, we’ll give the VPN connection your login credentials. Create a new file with nano auth.txt and enter your VPN username and password on separate lines, like this:

    6. Save the file with Ctrl+X, Y, Enter.
    7. Ensure no other users can access your VPN configuration by running chmod go-rw *
  5. Set up Transmission
    1. Stop the currently-running transmission with service transmission-daemon stop
    2. Open Transmission’s configuration file with nano /etc/transmission-daemon/settings.json
    3. Using the arrow keys or Ctrl+W, scroll down to the line that says "rpc-whitelist".
    4. If your server is running on your local network, or will always be accessed over a secure internal connection, change the "" on this line to "*", otherwise, replace it with "YOUR.IP" (where YOUR.IP is your external IP address).
    5. Optionally, you can also add lines for loading new .torrent files, etc. See the official documentation for the complete list of possible options.
    6. Save the file with Ctrl+X, Y, Enter.
  6. Reboot the server again (reboot).
  7. Log in as root again, and run ifconfig. You should see a tun0 line, this is your VPN connection.
  8. Install the Transmission Remote GUI or use transmission-cli to access your server.
    • The Transmission Remote GUI link will likely stop working soon, as Google Code is shutting down. I’m not yet aware of an official repo elsewhere yet, so I created my own. See my clone on Github if the official link doesn’t work.

Feel free to message me on Twitter or Gitter if you have ideas for how to improve this setup. It seems to work well so far, and the minimalist approach is something I absolutely love.

I Accidentally 3 TB

So Saturday night, after Microsoft had released the new Windows 10 Tech Preview, I was going to make a USB installer for it, and install it to a secondary HDD on my PC. Fairly standard. I decided I’d start off by formatting the drive so I’d have a clean base to copy the installer onto, just in case there was anything on it that could have conflicted with the installer. I right-clicked the drive in This PC, clicked Format, and confirmed the format with default options. I then left my computer for some reason.

When I returned, I remembered I was going to make a USB installer, but when I looked at the drive I’d formatted, it said 2.72 TB free. That’s a bit weird for a 64 GB USB flash drive. It took me a minute, but then I realised it. I’d formatted my storage space. The storage space that contained literally all of my things. It was redundant, storing each file on multiple disks, but I’d explicity told it to format them, so it did.

About 20 hours later, I’d done a partial recovery of the disk. So far it looks like about 1/3 of the data is gone for good. This included most of the photos I’ve taken since getting my camera, and almost all of my downloaded media. Interestingly all of my virtual machine images are fine. I’d definintely trade those for my photos back, but oh well.

I’m probably going to switch to daily backups now.

Filesystem Adventures

I figure I may as well tell this story.

I do weird things with my filesystems. I had C:\Program Files\Common Files\ mounted to a separate partition at one point.

I accidentally my hard drive, by getting upset at my Internet connection and slamming my laptop on my desk. I ended up running everything off an Ubuntu Live CD with Virtualbox and a Windows XP ISO I had. I had a 1 TB external HDD, so I saved everything on that, but I was limited to using 4 GB FAT partitions on my XP VM, for reasons I can’t remember, so I had to get creative. All the large directories were mounted to separate VHDs on the external drive. I had tons of Adobe stuff with some other random things in my Common Files folder, so it took up almost a whole disk of it’s own.

And that’s what my life was like the little while I lived in Oregon. Back when I had zero munnies for a new HDD. And wasn’t quite crazy enough to try to use the external as an internal. And had no USB boot.

Ubuntu PHP FPM Update

The latest package update for php-fpm on Ubuntu is a bit messy to install if you’re listening on a unix socket. The service will restart and change the permissions on the socket to only be accessible to root, which means unless you’re running your webserver as root (please don’t), it won’t be able to run any PHP.

You can manually change ownership or permissions to give your web server user read/write access, but when the service restarts, it will fail again. The best way to fix the issue is to uncomment these lines in your pool.d file (changing owner, group, and permissions when necessary):

listen.owner = www-data = www-data
listen.mode = 0666