Secure chat for our company
Our developers like to hang out in a chat room / irc channel so they can keep in casual contact all day. And staff at our company are hooked on IM, especially with our diverse locations. Being conscious of security, especially with everyone using wireless these days, I sought a solution.
After many blind alleys, it seems that the Jabber protocol is the answer. I looked for a VMWare appliance without much luck (there is a simple one or two around but the config looked more than I was willing to tackle). Then I found openfire (formerly wildfire). I had a Windows XP box handy, so I downloaded and ran the install program (the complete version including Java) and … for a change … everything just worked!
A few little quirks bit me as everyone tried to switch to using it. E.g.
- the username is username@machinename – in this case I had a goofy machine name because the machine had been destined for something else
- if OTR is installed, some clients get upset when they try to group chat
But overall, it was amazingly simple. I’m not sure if I have it locked down tight enough yet, but its a beginning!
The book I can’t put down: Scalable Internet Architectures
I picked up this book the other day on the recommendation of a friend, and I can’t put it down. Here’s the Amazon link (referral credits go to socalfreenet.org): Scalable Internet Architectures by Theo Schlossnagle. Here’s why I like it:
- its small (the number of pages 225, the print, the format, the thickness) , but its pithy. Every page has useful stuff.
- the real world experience (pain!) just oozes out of this book. So many times while reading I thought: “Oh yes … hadn’t thought of that.”
- its not stridently opensource, nonetheless ends up most there anyway – but only after addressing commercial products and their role
- its business focused, not geek focused – while still being incredibly geeky
Most of all its just really well written and edited. I’ve caught a couple of minor typos, but nothing that interfered with reading or enjoying the book.
Highly recommended!
Struggling with Hello World Java style
Its fun learning new stuff … especially after learning it! Today I’ve spent a couple of hours trying to get some preexisting Java servelet code compiled and running on my laptop so that I can make some (initially trivial!) changes to some output strings.
The goal is to get Eclipse, Tomcat, MySQL and Apache all playing nicely together on Windows XP. I installed XAMPP, the Tomcat addin for XAMPP. I already Eclipse installed with a PHP addin. After a bit of messing about, more googling, more messing about, I stumbled upon this guide which now has me tantalizingly close. I have a .war file. I have Tomcat running. Just a matter of connecting the last remaining dot!
reinstalling and locking down trixbox – gotcha with extensions_additional.conf
I installed a new version of Trixbox over a > 1yo version a few days ago in an effort to clear up a set of minor but annoying problems. These included dropped calls, one way audio, no-response IVR, poor audio – but they were all intermittent and poorly documented problems. As the existing install was an RC-but-one release, and as there have been many nice improvements since then, I decided to take the risk and do a complete upgrade.
First I saved all the settings – literally by doing 20-30 screen captures. Then I copied off the custom .wav files for the ivr. I neglected to grab the voicemail prompts and should have.
Anyhow, I got everything going, including, amazingly, the sangoma card firing right up with no problems after a setup-sangoma, and then today I went back to sort out the security as everything was on the default settings. Not a big deal as its behind a m0n0wall firewall, but I like to follow the appropriate sureteq guide to lock down mysql and the various default passwords in trixbox and freepbx.
When I’d stepped through everything and went back to tweaking something else, I noticed that the IVR was no longer forwarding successfully. Quite a bit of head scratching later, and a power cycle (a bit tricky when you’re 300 miles away), I worked out that it was changing the amp password itself that was the problem. A little grep magic later, and I found a stray amp11 password in extensions_additional.conf and after I corrected it, everything was working again.
My guess is that if I’d changed the password before doing all the config I would have been ok, but I haven’t dug into things enough to work out if that is true or not. Similarly, I’m hoping that if I make more changes via FreePBX that it will do the right thing, but I’m guessing it will be ok.
PHP dev environment for windows
I’ve got some PHP dev work to do. Looking around for the simplest / cheapest option, leads to Eclipse and XAMPP. Fortunately there’s a great guide to integrating the two at http://tanguay.info/web/tutorial.php?idCode=phpDevelopmentQuick. Saved me a chunk of time I’m sure.
I want to be a community wireless ISP. How?
I get this question quite often through my connection to socalfreenet.org which does its little bit to bridge the digital divide. It comes in various forms:
How can I do what you do?
How can I share internet with my neighbors?
How can I screw the telcos and cable companies and unleash the creative power of people through the internet?
But they amount to the same thing. As one of the purposes of my blogging here is the totally selfish one of being able to point people at questions I answer repeatedly, here is tonight’s answer to a recent email (who, unlike most, offered to buy us lunch – thanks!).
- You are right to steer away from residential services with their restrictive sharing terms and look for business internet providers. However, carefully check the TOS for the business internet. We use business internet (particularly cable), but they do not permit reselling. People have worked around that legally by setting up co-ops and then paying a membership fee to the co-op. But in most states the co-op has to be a legally registered entity with all that that can entail. Not hard, but something to consider. Of the nationwide providers, speakeasy.net is the only one that I know of that allows (even encourages) reselling. You’ll need Covad at your local CLEC for that to work (quite likely).
- Meraki.com, who provide our current favourite gear, also has support for billing that sounds like it might work as you propose. They do take a slice, but its hassle free for you pretty much. Note, though, that I’ve never used the billing features(!), so ymmv. (Note that this post isn’t about gear, otherwise I’d wax poetical about why Meraki makes deployment much simpler and cost effective).
- Suggestion: start small. Identify a few people, close to each other, who are keen, and get them going first. Once they’ve used it for a couple of months it becomes viral after that and you won’t have to do much to sell it once word gets out.
- distribution over a physical area is tough unless you have a rooftop and a good view of what’s around you. Hills, trees, tall buildings will all work against you. Apartment buildings are relatively easy to cover, but ….
- power is what we look for first when doing installations. Rooftops often have power for A/C, but equally often have no outlets. We don’t have an electrician in our midst, but often the landlord does and will pay them to do what’s necessary. PoE let’s you run cat-5 to where power already is.
Doubtless lots of other things too, but its late and I’m tired (I’ve caught my daughter’s flu I’m sure).
Reading: Most influential (tech) writing of 2007
A note to myself so I can find this later:
http://bracken.wordpress.com/2007/12/20/the-most-influential-media-writing-of-2007/
Forcing out of hours time condition with a simple call
Asterisk rules. FreePBX makes it sing. Extra modules like Time Conditions make it customizable to most business situations. But those pesky users always want one more feature.
Today’s request (well actually last week’s) was triggered by a somewhat frantic phone call:
A client just called me and couldn’t reach me on my out of hours emergency number. I told them that was impossible, and demonstrated how my system plays the menu “Press 1 to reach …” – but then it didn’t work. I was so embarrassed. What is wrong?
It transpired that every second Friday the office is closed, not open, as had originally been the case when the Time Conditions and IVR menus had been configured. What to do?
I could accept at face value that the office hours truly were every second Friday except on blue moons and school holidays and doubtless make the Time Conditions module do the needed magic. But of course that would be fragile. Plus it doesn’t handle going out to lunch, snow days, fires, etc.
What is needed is a simple way for office staff to toggle ‘out of office’ mode for the PBX. Apparently this is called “day / night mode” in traditional PBXs. Typically its activated by dialing a code at an extension (and optionally a password).
Googling for a solution was an interesting problem in itself, but I eventually found the “Day / Night” module in freePBX, conveniently created just a few months ago (vs 2 years ago when the PBX was first installed for this client).
With the detailed config guide, I had it all set up in minutes. Testing of course will take longer, and then there’s the issue of toggling it from outside the office (“I forgot to set it when I left, is there any way …”), but that’s described in the guide also.
The net result is that the office manager can dial “*280″ on any extension to toggle. That’s a winner in my book!
Next…
