I’ve been obsessed with SaltStack for over a week. This infrastructure management suite is exactly what I needed for both my personal and professional servers: simple but modular, written in python, not depending on a thousand unnecessary complex messaging stacks as it bundles zeromq, capable of both orchestration and configuration management, all this through comprehensive, well documented API and commands.

Only drawback was it had poor NetBSD support. Was :)

It’s been a long time since I’ve dug into python, so it took me a little bit of effort, but Salt now has full support of pkgin in its generic packaging functions, knows how to handle NetBSD services and is capable of dealing with NetBSD‘s sysctl(8) and sysctl.conf.

Those pieces of code have been merged upstream, I hope they’ll be available in version 0.16!

Some examples:

$ cat packages/init.sls 
mypkgs:
  pkg.installed:
    - pkgs:
      - vim
      - tmux
      - bash
      - bash-completion
      - sudo

$ sudo salt '*' state.sls packages
watto:
----------
    State: - pkg
    Name:      mypkgs
    Function:  installed
        Result:    True
        Comment:   All specified packages are already installed.
        Changes:   
korriban:
----------
    State: - pkg
    Name:      mypkgs
    Function:  installed
        Result:    True
        Comment:   All specified packages are already installed.
        Changes:   
tatooine:
----------
    State: - pkg
    Name:      mypkgs
    Function:  installed
        Result:    True
        Comment:   All specified packages are already installed.
        Changes:   
coruscant:
----------
    State: - pkg
    Name:      mypkgs
    Function:  installed
        Result:    True
        Comment:   All specified packages are already installed.
        Changes:   
ragnos:
----------
    State: - pkg
    Name:      mypkgs
    Function:  installed
        Result:    True
        Comment:   All specified packages are already installed.
        Changes:   
exar:
----------
    State: - pkg
    Name:      mypkgs
    Function:  installed
        Result:    True
        Comment:   All specified packages are already installed.
        Changes:

$ sudo salt '*' cmd.run 'uname -a'
tatooine:
    Linux tatooine 3.2.0-4-686-pae #1 SMP Debian 3.2.41-2 i686 GNU/Linux
watto:
    NetBSD watto.home.imil.net 6.1_RC4 NetBSD 6.1_RC4 (GENERIC) i386
exar:
    NetBSD exar 6.0_STABLE NetBSD 6.0_STABLE (EXAR) #0: Sun Nov 25 12:39:12 CET 2012  root@exar:/usr/src/sys/arch/i386/compile/EXAR i386
coruscant:
    NetBSD coruscant 6.0 NetBSD 6.0 (XEN3_DOM0) amd64
korriban:
    NetBSD korriban.imil.net 6.0_STABLE NetBSD 6.0_STABLE (KORRIBAN) #0: Tue Jan  1 23:20:36 CET 2013  root@korriban.imil.net:/usr/src/sys/arch/amd64/compile/KORRIBAN amd64
ragnos:
    NetBSD ragnos 6.0 NetBSD 6.0 (RAGNOS) #2: Wed Oct 17 11:33:31 CEST 2012  root@ragnos:/usr/src/sys/arch/i386/compile/RAGNOS i386

$ sudo salt '*' pkg.version vim   
watto:
    7.3.762
exar:
    7.3.762
korriban:
    7.3.712
coruscant:
    7.3.762
ragnos:
    7.3.762
tatooine:
    2:7.3.547-7

$ sudo salt '*' service.status sshd
tatooine:
    False
watto:
    True
coruscant:
    True
exar:
    True
korriban:
    True
ragnos:
    True

If you whish to use these modules without tainting your Salt package installation, simply copy them to a _modules directory within the file_roots.

Happy Salting!

The post NetBSD configuration management appeared first on Emile "iMil" Heitor 's home.

I know about estd for a while, that daemon “dynamically sets the CPU-frequency on Enhanced SpeedStep, PowerNow, and APCI P-States-enabled CPUs depending on current cpu-utilization” (manpage excerpt). Thing is, I’ve never seen any CPU changing from its current speed while monitoring the machdep.powernow.frequency.current sysctl.

In order to understand what was happening, I started estd with the -o flag, which outputs the CPU-frequencies as they are set. I then realized that the “ligh watermark percentage” and “low watermark percentage” default values were way too high (respectively 40 and 80) and were never reached, so the CPU speed was never changed.

With lower values, I was able to see the CPU speed increasing and lowering as expected. So I added the following line to the /etc/rc.conf file:

estd_flags="-l 5 -h 15 -a -m 800 -d"

meaning that the low watermark is set at 5 and the high watermark at 15, which were the values I’ve considered being the right ones while watching estd -o -a console output.

Since then, whenever a CPU intensive operation occurs, I can see the CPU speed rising with the following conky parameter:

CPU Frequency: ${alignr}${exec /sbin/sysctl -n machdep.powernow.frequency.current}

The post CPU dynamic scaling on NetBSD appeared first on Emile "iMil" Heitor 's home.

Lire un film cinéma numérique (DCP) avec un logiciel libre était pour l’instant assez complexe ou bien la colorimétrie n’était pas la bonne (XYZ), ou bien les performances étaient désastreuses sur un ordinateur sans puissance. Le problème vient d’être résolu récemment sur la mailing-list interne de ffmpeg, voici la procédure simplifiée :

Récupération du code FFMPEG (avec libav)

$ git clone git://source.ffmpeg.org/ffmpeg.git ffmpeg-devel
$ cd ffmpeg-devel
$ patch -p1 < ffmpeg-dci.patch

Patch ffmpeg-dci (copie ici)

diff --git a/libavcodec/j2kdec.c b/libavcodec/j2kdec.c
index 683062d..3e78b0b 100644
--- a/libavcodec/j2kdec.c
+++ b/libavcodec/j2kdec.c
@@ -30,6 +30,7 @@
 #include "avcodec.h"
 #include "bytestream.h"
 #include "internal.h"
+#include "thread.h"
 #include "j2k.h"
 #include "libavutil/common.h"
 
@@ -205,6 +206,7 @@ static int tag_tree_decode(J2kDecoderContext *s, J2kTgtNode *node, int threshold
 static int get_siz(J2kDecoderContext *s)
 {
     int i, ret;
+    ThreadFrame frame = { .f = s->picture };

// 
//    COUPURE 
//    Intégralité ici: http://pastebin.com/r9Qw0sve
//
 
@@ -1330,6 +1328,7 @@ AVCodec ff_jpeg2000_decoder = {
     .id             = AV_CODEC_ID_JPEG2000,
     .capabilities   = CODEC_CAP_FRAME_THREADS,
     .priv_data_size = sizeof(Jpeg2000DecoderContext),
+    .max_lowres     = 31,
     .decode         = jpeg2000_decode_frame,
     .priv_class     = &class,
     .pix_fmts       = (enum PixelFormat[]) { AV_PIX_FMT_XYZ12,

(source: https://ffmpeg.org/trac/ffmpeg/ticket/1279)

Pour MacOSX :

$ port install openjpeg
$ export CFLAGS="-I/opt/local/include/"
$ export LDFLAGS="-L/opt//local/lib/"

Pour Linux

# n'installez pas la version 2.0 pour l'instant
$ apt-get install libopenjpeg-dev libopenjpeg

Compilation

$ ./configure --enable-libopenjpeg
$ make

Pour tester, récupérez un film cinéma numérique (DCP) :

./ffplay -lowres 2 ~/dcp/ts/1bf78c6d-7328-4363-ba5a-605b4ce275a6.mxf

Le paramètre important ici est « -lowres« .
A 0, vous aurez une qualité en pleine résolution (100% du 2K).
A 1, c’est 1/2ème de la résolution initiale (2K/(1/2)).
A 2, c’est 1/4ème de la résolution initiale (2K/(1/4)).
A 3, c’est 1/8ème de la résolution initiale (2K/(1/8)).

Suivant la puissance de votre ordinateur, calibrez le bon paramètre « lowres »

Et le résultat

VLC dépendant des librairies ffmpeg (libav), votre VLC (suivant quelques modifications bien entendu) pourra jouer un DCP avec la bonne colorimétrie et sur un ordinateur peu puissant.

Prochainement, la procédure pour l’intégrer sur ffmpeg/mplayer/VLC et avec le son.

EDIT
Pour tester avec un DCP : c’est par ici !

Update

As written on the comments:

Colin Watson Says:
May 17th, 2013 at 7:12 pm

I uploaded 6.2 packages to Debian a week or so after you posted this, so you can/should now just use those instead. I expect they should build fine on wheezy.

As a matter of fact, the following is now deprecated

At ${DAYWORK}, we used to have our own OpenSSH debian package which included the famous OpenSSH LPK patch, which permits the use of an OpenLDAP server as an SSH public key provider.

I’ve been using OpenSSH-LPK for years, as this is a really handy solution and no valid alternative existed… until a couple of months.

OpenSSH 6.2 has a new configuration item called “AuthorizedKeysCommand”. The value associated to that key permits to call any executable as a public key provider. Yes, that is sexy.

Debian only have OpenSSH 6.1p1 packages available and tagged as “experimental”, so we had to hack a little bit in order to build 6.2 packages, here’s how:

• Fetch experimental source package

# echo "deb-src http://ftp2.fr.debian.org/debian/ experimental main contrib non-free" > /etc/apt/sources.list.d/experimental.list
# apt-get update
$ mkdir openssh && cd openssh
$ apt-get source openssh

• Bump the release

$ wget http://ftp.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-6.2p1.tar.gz
$ cd openssh-6.1p1
$ uupdate -v 6.2p2 ../openssh-6.2p1.tar.gz
$ cd ../openssh-6.2p1
$ dch -i # enter changelog informations

• Get rid of conflicting patches

As expected, many patches from debian don’t apply anymore, and I was not brave enough to backport them, I’ve just commented them in debian/patches/series:

#gssapi.patch
#selinux-role.patch
#copy-id-restorecon.patch
#ssh-vulnkey.patch
#consolekit.patch
#user-group-modes.patch
#max-startups-default.patch
#package-versioning.patch
#debian-banner.patch
#lintian-symlink-pickiness.patch
#openbsd-docs.patch
#ssh-argv0.patch
#doc-upstart.patch

• Remove uninstalled files

In order not to check some files that will not be present as we commented the patches which creates them, we’ll have to remove the following lines from debian/openssh-client.install

usr/bin/ssh-vulnkey
usr/share/man/man1/ssh-vulnkey.1

And the following one from debian/openssh-client.docs

ChangeLog.gssapi

Finally, we just comment out the use of the vulnerable_host_keys shell function in debian/openssh-server.postinst.in:

fix_doc_symlink
create_sshdconfig
create_keys
#vulnerable_host_keys
fix_statoverride

That’s it! You can now happily build the brand new OpenSSH version using debuild as usual.

After installing it, you’ll have access to the AuthorizedKeysCommand option.

Thanks gaston, davromaniak and SliX from #GCU for the help.

The post Debian backport of OpenSSH 6.2 appeared first on Emile "iMil" Heitor 's home.

Here’s a .vimrc excerpt which permits the use of Control + Arrows sequences to navigate through vim tabs inside the tmux terminal multiplexer:

" inside screen / tmux
map <Esc>[C <C-Right>
map <Esc>[D <C-Left>
" insert mode
map! <Esc>[C <C-Right>
map! <Esc>[D <C-Left>
" no screen
map <Esc>[1;5D <C-Left>
map <Esc>[1;5C <C-Right>
" insert mode
map! <Esc>[1;5D <C-Left>
map! <Esc>[1;5C <C-Right>

nnoremap <C-t> :tabnew<CR>
nnoremap <C-w> :tabclose<CR>
nnoremap <C-right> :tabnext<CR>
nnoremap <C-left> :tabprevious<CR>
" insert mode
inoremap <C-t> <Esc>:tabnew<CR>
inoremap <C-w> <Esc>:tabclose<CR>
inoremap <C-right> <Esc>:tabnext<CR>
inoremap <C-left> <Esc>:tabprevious<CR>

The post vim tabs, tmux and Control-arrows appeared first on Emile "iMil" Heitor 's home.

I recently switched pkgin‘s repository from SourceForge‘s CVS to GitHub. Long story short, I heard here and there that SF was considering to drop CVS support and I found GitHub service to be more responsive and elegant. Also, I was looking for an excuse to learn git :)

Anyway, GitHub interface may be sexy, they used to have some kind of “upload” section which has been dropped. That may sound like a simple story, but the fact is when it comes to packaging a GitHub-hosted application, things are not that simple when the author has not explicitly tagged a specific release. Another use case, in which I actually am, is when you have an ongoing development, like pkgin in pkgsrc WIP and do not want to tag every test-release.

The way I found to handle that case with pkgsrc is to use GitHub’s commit archives. In short, I will use that kind of URL:

https://github.com/NetBSDfr/pkgin/archive/34b823c158e62e4d347de74499a075a2259382c5.tar.gz

which is redirected like this by GitHub:

HTTP/1.1 302 Found
Server: GitHub.com
Date: Sun, 21 Apr 2013 21:05:17 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Status: 302 Found
Cache-Control: max-age=0, private
Strict-Transport-Security: max-age=2592000
X-Frame-Options: deny
Set-Cookie: logged_in=no; domain=.github.com; path=/; expires=Thu, 21-Apr-2033 21:05:17 GMT; HttpOnly
Location: https://nodeload.github.com/NetBSDfr/pkgin/tar.gz/34b823c158e62e4d347de74499a075a2259382c5
X-Runtime: 13
Content-Length: 156
Vary: Accept-Encoding

HTTP/1.1 200 OK
Server: GitHub.com
Date: Sun, 21 Apr 2013 21:05:18 GMT
Content-Type: application/x-gzip
Connection: keep-alive
Content-Length: 187510
Content-Disposition: attachment; filename=pkgin-34b823c158e62e4d347de74499a075a2259382c5.tar.gz
Vary: Accept-Encoding

and permits to point to a particular commit, no matter if it has been tagged or not.

A typical pkgsrc Makefile will look like this:

VERSION=                34b823c158e62e4d347de74499a075a2259382c5
DISTNAME=               ${VERSION}
PKGNAME=                pkgin-20130412
CATEGORIES=             pkgtools
MASTER_SITES=           https://github.com/NetBSDfr/pkgin/archive/
FETCH_USING=            curl

# [...]

WRKSRC=                 ${WRKDIR}/pkgin-${VERSION}

# [...]

Note that FETCH_USING= curl is mandatory here in order to follow redirect codes along with https.

There you go, happy GitHub packaging!

Update

Here’s another approach pointed out by Amitai Schlair (schmonz@):

GIT_COMMIT=	dd51ac5

DISTNAME=	${GIT_COMMIT}
PKGNAME=	p5-App-Prove-Plugin-ProgressBar-0.01
CATEGORIES=	devel perl5
MASTER_SITES=	-http://nodeload.github.com/Ovid/App-Prove-Plugin-ProgressBar/tar.gz/${GIT_COMMIT}

# [...]

WRKSRC=		${WRKDIR}/App-Prove-Plugin-ProgressBar-${GIT_COMMIT}

Here, Amitai doesn’t use HTTPS so specifying curl as the fetch method is not mandatory. The dash before the URL in the MASTER_SITES line means that DISTNAME will not be appended when fetching, which is very handy when it comes to GitHub archives.

The post pkgsrc and github archives appeared first on Emile "iMil" Heitor 's home.

Cela me fait bizarre de voir Ymagis sur iTélé, et surtout des collègues :)

A voir, l’article de Sonovision de l’époque (2009)

Il est là, il est chaud, et il contient deux articles de mon cru:

• 3NMP: NetBSD, Nginx, Naxsi, MySQL, PHP
• Nouvelles commandes et nouveaux démons dans NetBSD 6.0

Enjoy!

The post GLMF 159 appeared first on Emile "iMil" Heitor 's home.

Damn I love pkgsrc. Let me tell you this story as an example…

A while ago, a couple of pkgin users told me it was a shame that /usr/pkg/etc/pkgin/repositories.conf was still pointing to a 5.0 URL when pkgin is freshly installed. Thing is, pkgin does support the $osrelease variable, but on NetBSD, the result of kern.osrelease can be 6.0_SOMETHING, which would lead to:

ftp://ftp.netbsd.org/pub/pkgsrc/packages/NetBSD/$arch/6.0_SOMETHING/All

and this does dot exists on the repository.

So in the REPOSITORIES file, which is used to generate the right repositories.conf entry, I added that line:

ftp://ftp.netbsd.org/pub/pkgsrc/packages/NetBSD/$arch/@OSREL@/All

And wrote the following trick in pkgtools/pkgin‘s Makefile:

.if ${OPSYS} == "NetBSD"
SUBST_CLASSES+=         osrel
SUBST_STAGE.osrel=      pre-configure
SUBST_MESSAGE.osrel=    Adjusting repository OS release
SUBST_FILES.osrel=      REPOSITORIES
SUBST_SED.osrel=        -e "s|@OSREL@|${OS_VERSION:C/_.*//}|"
.endif

The SUBST framework, part of pkgsrc, will then use (a portable) sed to replace @OSREL@ with the variable ${OS_VERSION}, which is defined in mk/bsd.prefs.mk (included in the Makefile), but will erase anything like the regexp “_.*”. This magic is done by the :C modifier, which behaves like the :S modifier but is capable of replacing regexps instead of simple strings.

Learn to know the power of pkgsrc…

The post pkgtools/pkgin, quick fix appeared first on Emile "iMil" Heitor 's home.

700 courts-métrages par an sont produits par le biais du système de financement français.

While migrating the GCU-Squad! website to nginx, I wanted to keep the configuration as small as possible. In order to keep sites configuration files thin, I used this trick to automatically create log files using site’s FQDN:

access_log /var/log/nginx/$host.access_log;

But I quickly noticed that some unwanted FQDN’s where appearing on the log directory. In order to keep control on the created files, I figured out a simple way to ensure unwanted domains to be logged in the general access.log:

if ($host ~ gcu) {
        set $log_fqdn $host;
}

access_log      /var/log/nginx/$log_fqdn.access_log;

And no, you can’t include the access_log keyword in the if statement, I tried :)

Anyway, isn’t it just beautiful? mmmm nginx…

The post auto-FQDN logging appeared first on Emile "iMil" Heitor 's home.

En 2012, 355 films faisant moins de 50.000 entrées dont une centaine de films français.

And voila, I knew this was going to happen, I finally switched to tmux. I will not explain here why this software is better than GNU screen, simply put, tmux is now part of the base system of nearly all BSD derivative operating systems (NetBSD among them), and it makes my life easier.

Instead, I’ll point out here all the resources that helped me switching rather quickly:

• Generic hands-on https://wiki.archlinux.org/index.php/Tmux
• Commented example http://www.doknowevil.net/2010/10/18/sorry-screen-tmux-is-better-but-here-are-some-screen-lik-hotkeys/
• Playing with the statusbar http://jasonwryan.com/blog/2011/06/10/setting-tmux-statusbar-if-in-x/, this author has other very good resources on the topic
• Fixing the 256colors mess (without using tmux -2) http://benjaminthomas.org/2012-03-28/256-colors-in-tmux.html
• Another well documented configuration file http://www.sheevaboite.fr/articles/show-me-your-tmux-conf
• Screen-to-tmux helper (in french, but easy to comprehend) http://wiki.soolbox.net/wiki/SysadminTips/tmux
• Very well written customization guide http://blog.hawkhost.com/2010/07/02/tmux-%E2%80%93-the-terminal-multiplexer-part-2/ (author has also written a comprehensive guide on how to basically use tmux)
• Enable mouse pane focus and resize http://tangledhelix.com/blog/2012/07/16/tmux-and-mouse-mode/

Here’s my ~/.tmux.conf, which is pretty much the standard screen-keys.conf available with the package, with only some small customizations like the status bar and some fixes:

# Set the prefix to ^Q.
unbind C-b
set -g prefix ^Q
bind q send-prefix

# Bind appropriate commands similar to screen.
# lockscreen ^X x 
unbind ^X
bind ^X lock-server
unbind x
bind x lock-server

# screen ^C c 
unbind ^C
bind ^C new-window
unbind c
bind c new-window

# detach ^D d
unbind ^D
bind ^D detach

# displays * 
unbind *
bind * list-clients

# next ^@ ^N sp n 
unbind ^@
bind ^@ next-window
unbind ^N
bind ^N next-window
unbind " "
bind " " next-window
unbind n
bind n next-window

# title A
unbind A
bind A command-prompt "rename-window %%"

# other ^A
unbind ^A
bind ^A last-window

# prev ^H ^P p ^? 
unbind ^H
bind ^H previous-window
unbind ^P
bind ^P previous-window
unbind p
bind p previous-window
unbind BSpace
bind BSpace previous-window

# windows ^W w 
unbind ^W
bind ^W list-windows
unbind w
bind w list-windows

# quit \ 
unbind \
bind \ confirm-before "kill-server"

# kill K k 
unbind K
bind K confirm-before "kill-window"
unbind k
bind k confirm-before "kill-window"

# redisplay ^L l 
unbind ^L
bind ^L refresh-client
unbind l
bind l refresh-client


# :kB: focus up
unbind Tab
bind Tab select-pane -t:.+
unbind BTab
bind BTab select-pane -t:.-

# split
unbind |
bind | split-window -h
unbind -
bind - split-window -v

# " windowlist -b
unbind '"'
bind '"' choose-window

unbind r
bind r source ~/.tmux.conf

set -g terminal-overrides 'xterm*:smcup@:rmcup@:colors=256'
# Status Bar
set -g default-terminal "screen"

# default statusbar colors
set -g status-fg white
set -g status-bg colour235

# current or active window in status bar
set-window-option -g window-status-current-bg colour53
set-window-option -g window-status-current-fg white
set-window-option -g window-status-current-format '[ #W ]'

# alerted window in status bar (bell, activity or content).
set-window-option -g window-status-alert-bg colour235
set-window-option -g window-status-alert-fg colour53
set-window-option -g window-status-alert-attr reverse

set -g status-right-length 40
set -g status-left-length 40
#set -g status-left '#[fg=purple]#H #[fg=black,bright]#[default]'
set -g status-left '#[fg=colour153]#H #[default]'
set -g status-right '#[fg=colour141]#(sysctl vm.loadavg|cut -f2-4 -d" ")#[default] | #[fg=colour117]%H:%M '

In order to pick up the right colors, I used a shell snippet I took from this github repository:

for i in {0..255} ; do
    printf "\x1b[38;5;${i}mcolour${i}\n"
done

Mandatory screenshot:

The post A new multiplexed world appeared first on Emile "iMil" Heitor 's home.

Je le savais… je le *savais* que je devais pas mettre les doigts là dedans, et maintenant quoi ? je brûle des heures à électrifier des apprentis et couper en deux des monstres à l’aide de mon SABRE LASER ROUGE AHAHAHAH!! *kSHHRTTRHHSHHFFFHrhRHHHH*

Et sinon oui, ça tourne sous Wine, ça marche très bien. Trop bien même.
Si vous aussi vous souhaitez cramer de précieuses heures: c’est par ici.

En plus ils font démarrer ça sur Korriban…

The post You have done well… appeared first on Emile "iMil" Heitor 's home.

I’ve been searching for a Web-based SSH for quite a while, and I recently read about GateOne on the dedicated Wikipedia page. Not only GateOne does what I was searching for, but it also comes up with nice features like interpreting images on-the-fly.

The remote server on which I intended to run this software is, of course, a NetBSD 6.0 domU, and as I anticipated, some work was needed in order to make GateOne work on this platform.

The software needs the following dependencies:

• textproc/py-html5lib
• devel/py-readline
• graphics/py-imaging
• misc/dtach
• www/py-tornado

The latter was not available in pkgsrc, so I created the package and commited it to pkgsrc-current. The package is straightforward:

# $NetBSD: Makefile,v 1.1 2013/01/25 22:33:47 imil Exp $
#

DISTNAME=       tornado-2.4.1
PKGNAME=        ${PYPKGPREFIX}-${DISTNAME}
CATEGORIES=     www
MASTER_SITES=   https://github.com/downloads/facebook/tornado/

MAINTAINER=     imil@NetBSD.org
HOMEPAGE=       http://www.tornadoweb.org/
COMMENT=        Fast and non-blocking web framework
LICENSE=        apache-2.0

FETCH_USING=    curl

USE_PKGLOCALEDIR=       yes

REPLACE_PYTHON+=        setup.py
REPLACE_PYTHON+=        tornado/*.py
REPLACE_PYTHON+=        tornado/platform/*.py
REPLACE_PYTHON+=        tornado/test/*.py

.include "../../lang/python/egg.mk"
.include "../../lang/python/application.mk"
.include "../../mk/bsd.pkg.mk"

Back to GateOne, while this software is really handy, it has not been made very “packageable”, meaning that it expects everything to be located on the same directory, i.e. ${PREFIX}/gateone. Not being brave enough to dig into the implications of such choice within the code, I have not made a public package of it, instead I created a local-package that suits my needs. Why not simply use the bundled setup.py? Because every .py file begins with:

#!/usr/bin/env python

this had to be changed to pkgsrc’s default python PATH, and using pkgsrc’s REPLACE_PYTHON command was easier than a find / sed / whatever oneliner.

Here’s the local package I created in pkgsrc/localpkg, which is owned by my user for convenience:

# $NetBSD$
#

DISTNAME=   gateone-1.1
CATEGORIES= shells
MASTER_SITES=   https://github.com/downloads/liftoff/GateOne/

MAINTAINER= imil@NetBSD.org
HOMEPAGE=   https://github.com/liftoff/GateOne/archive/
COMMENT=    Web Terminal Emulator and SSH Client
#LICENSE=   TODO

FETCH_USING=    curl

WRKSRC=         ${WRKDIR}/GateOne
USE_PKGLOCALEDIR=   yes
USE_LANGUAGES=      # none

REPLACE_PYTHON+=    *.py */*.py */*/*.py */*/*/*.py

# change this to the base directory you want gateone to land on !
BASEDIR=            /home/imil/www

SUBST_CLASSES+=     path
SUBST_STAGE.path=   pre-configure
SUBST_FILES.path+=      setup.py
SUBST_SED.path=         -e "s,/opt,${PREFIX},g"

PYSETUPINSTALLARGS= --prefix=${PREFIX}

DEPENDS+=   ${PYPKGPREFIX}-html5lib>=0.90:../../textproc/py-html5lib
DEPENDS+=   ${PYPKGPREFIX}-tornado>=2.4.1:../../www/py-tornado
DEPENDS+=   dtach>=0.8:../../misc/dtach

.include "../../devel/py-readline/buildlink3.mk"
.include "../../graphics/py-imaging/buildlink3.mk"
.include "../../lang/python/distutils.mk"
.include "../../lang/python/application.mk"
.include "../../mk/bsd.pkg.mk"

At some point I may write a real package out of this, but I wanted to play with that shiny client quickly :)

Once installed, you’ll end up with a ${BASEDIR}/gateone directory, which you may want to chown -R youruser for convenience.

I rapidly got bitten by that reported bug https://github.com/liftoff/GateOne/issues/161, which actually was a bug in the software itself. Simply modify the file /usr/pkg/gateone/plugins/ssh/scripts/ssh_connect.py, line 402, from:

os.execvpe(script_path, [], env)

to

os.execvpe(script_path, [''], env)

At this point, GateOne should run normally. If you are, as I do, to run the frontend with a non-privileged user, take care to change some values in the server.conf file:

port = 1443
pid_file = "./gateone.pid"
unix_socket_path = "./gateone.sock"

Also, as I use a CAcert-enabled reverse proxy, I had no use of the SSL, so I set disable_ssl to True. Do not forget to update the origins variable accordingly.

There we go! I now have a shiny HTML5 Terminal Emulator, ready to accept my SSH connections wherever I am… and here’s the mandatory screenshot :)

The post GateOne, more than a web-based SSH appeared first on Emile "iMil" Heitor 's home.

Pour l’émission « The Voice » saison 2, la régie pub de TF1 facture 95.000€ le spot de 30 secondes.(Grille tarifaires: http://t.co/hxKRQun )

Foresti Live au cinéma. C’était 250 écrans, 87.000 entrées (France, Suisse, Belgique), jusqu’à 8 salles par site.

En 2012, les films français à l’export ont attirés 140 millions de spectateurs. (soit 875M d’euros). En 2011, c’était 70 millions (=445M€)

France-Télévisions coproduit 6 webséries par an, les budgets vont de 25 K€ à 100 K€ chaque, ainsi que 700 K€ rien que pour la plateforme FTV