Protip January: Get your external IP from the command line

Ever need to grab your IP quick but don’t want to get out of the command line or stop whatever you’re working on?  Or how about if you have SSH’d into a number of different servers and you simply want to know where you are at currently?  This little trick enables you to quickly determine your public IP address without leaving the command line.

I’ll admit, I didn’t originally come up with this one, but liked it so much that I decided to write a quick post about it because I thought it was so nice and useful. There is a great website called commandlinefu.com where users can post all their slick one liners, which is where I found this one.  If you haven’t been there before I highly recommend it, there is some really good stuff over there.

This one is simple yet quite useful, which is what I’m all about.  The command uses curl, so if you don’t have that bad boy installed yet you’ll need to go get that quick (Debian based distros).

sudo aptitude install curl

Once that is installed simply run the following:

curl ifconfig.me

And bam!  Emeril style.  Let that go out and do its thing and you will quickly have your external IP address.  I like this method a lot more than having to jump out of the shell and open up a browser then going to a website to get this information.  It might not save that much time but to me just knowing how to do this is useful and knowledge is power.  Or something.

About the Author: Josh Reichardt

Josh is the creator of this blog, a system administrator and a contributor to other technology communities such as /r/sysadmin and Ops School. You can also find him on Twitter and Facebook.

Reflections on the year

A lot happened this year for me, some good some bad (but mostly good) and  I wanted to take a moment to reflect on the year.  I made it to my first technical conference, got my first and second tablet, I started and finished some seemingly daunting work projects, I met, worked with and learned a ton from some incredibly smart people, I grew my network of professional contacts, list goes on and on.  One particularly important milestone that I was able to hit was my first full year of blogging.  Its been a great journey so far and I am hoping 2013 will be just as great if not better.

One goal of mine was to grow the blog, and I feel like I accomplished that goal although that wasn’t exactly a very specific goal I will admit.  Another goal I had in mind when I started doing this was just to be able to help others out with technical issues as much as I could.  I am really pleased with how things have come along so far, I have managed to grow my readership and have succeeded in getting in some fresh authors that have made some great contributions, who I would like to thank very much.  I would also like to thank all of the other contributors including the readers for helping to grow the blog this past year.  I know there will be a lot of work to do in 2013 and I feel like this was a great first full year for the blog.  I have had a great deal of fun learning about blogging and cultivating this blog and have no doubts that there will be some great stuff to come in the coming year.

I didn’t expect to learn nearly as much as I did about Exchange, Powershell, Lync, backups and networking.  These are the areas that I have been working with primarily in my current role and I will say for the most part I have loved these additional responsibilities.  I have fallen in love with Exchange and Powershell and would like to explore these areas and write about them much more in 2013.

There are some exciting areas that will come into focus more next year, which I am excited about.  I will be building a full on, clustered virtual environment, a new Exchange 2013 test bed, a Server 2012 Active Directory environment and much more I’m sure.  I have also managed to keep my Linux skills sharp (well somewhat) by labbing at home and plan to continue growing my home environment and skills that do not otherwise get any “production” to share my experiences on the blog.  I will hopefully be building a home grown SAN, adding a node to my virtual environment to create a cluster and obtaining some network gear so there should be some interesting topics on those fronts as well.

So anyway, I would love to hear any and all feedback from the readers!  What should I change?  What can I improve on?  Which topics are the most informative and the most interesting?  Knowing these types of things would be a great way to help build this blog and hopefully continue to grow in 2013.  Thank you all again, happy new years!

 

About the Author: Josh Reichardt

Josh is the creator of this blog, a system administrator and a contributor to other technology communities such as /r/sysadmin and Ops School. You can also find him on Twitter and Facebook.

Document storage: Part 6

Document Storage Project

This is Part 6: Tying it all together.

All that’s left to do now is write a script that will:

  • Detect when a new file’s been uploaded.
  • Turn it into a searchable PDF with OCR.
  • Put the finished PDF in a suitable directory so we can easily browse for it later.

This is actually pretty easy. inotifywait(1) will tell us whenever a file’s been closed, we can use that as our trigger to OCR the document.

Our script is therefore in two parts:

Part 1: will watch the /home/incoming directory for any files that are closed.
Part 2: will be called by the script in part 1 every time a file is created.

Part 1

This script lives in /home/scripts and is called watch-dir.

#!/bin/bash
INCOMING="/home/incoming"
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

inotifywait -m --format '%:e %f' -e CLOSE_WRITE "${INCOMING}"  2>/dev/null | while read LINE
do
        FILE="${INCOMING}"/`echo ${LINE} | cut -d" " -f2-`
        "${DIR}"/process-image "${FILE}" &
done

Part 2

This script lives in /home/scripts and is called process-image.

#!/bin/bash

# Dead easy - at least in theory!
# Take a single argument - filename of the file to process. 
# Do all the necessary processing to make it a 
# searchable PDF.

OUTFILE="`basename "${1}"`"
TEMPFILE="`mktemp`"

if [ -s "${1}" ]
then
	# We use the first part of the filename as a classification.
	CLASSIFICATION=`echo ${OUTFILE} | cut -f1 -d"-"`
	OUTDIR="/home/http/documents/${CLASSIFICATION}/`date +%Y`/`date +%Y-%m`/`date +%Y-%m-%d`"

	if [ ! -d "${OUTDIR}" ]
	then
		mkdir -p "${OUTDIR}" || exit 1
	fi

	# We have to move our file to a temporary location right away because 
	# otherwise pdfsandwich uses the file's own location for 
	# temporary storage. Well and good - but the file's location is 
	# subject to an inotify that will call this script!

	mv "${1}" "${TEMPFILE}" || exit 1

	# Have we a colour or a mono image? Probably quicker to find out 
	# and process accordingly rather than treat everything as RGB.
	# We assume the first page is representative of everything
        COLOURDEPTH=`convert "${TEMPFILE}[0]" -verbose -identify /dev/null 2>/dev/null | grep "Depth:" | awk -F'[/-]' '{print $2}'`
	if [ "${COLOURDEPTH}" -gt 1 ]
	then
		SANDWICHOPTS="-rgb"
	fi
	pdfsandwich ${SANDWICHOPTS} -o "${OUTDIR}/${OUTFILE}" "${TEMPFILE}" > /dev/null 2>&1
	rm "${TEMPFILE}"
fi

There’s just one thing missing: pdfsandwich. This is actually something I found elsewhere on the web. It hasn’t made it into any of the major distro repositories as far as I can tell, but it’s easy enough to compile and install yourself. Find it here.

Run /home/scripts/watch-dir every time we boot – the easiest way to do this is to include a line in /etc/rc.local that calls it:

/home/scripts/watch-dir &

Get it started now (unless you were planning on rebooting):

nohup /home/scripts/watch-dir &

Now you should be able to scan in documents, they’ll be automatically OCR’d and made available on the internal website you set up in part 3.

Further enhancements are left to the reader; suggestions include:

  • Automatically notifying sphider-plus to reindex when a document is added. (You’ll need a newer version of sphider-plus to do this. Unfortunately there is a cost associated with this, but it’s pretty cheap. Get it from here).
  • There is a bug in pdfsandwich (actually, I think the bug is probably in tesseract or hocr2pdf, both of which are called by pdfsandwich): under certain circumstances which I haven’t been able to nail down, sometimes you’ll find that in the finished PDF one page of a multi-page document will only show the OCR’d layer, not the original document. Track down this bug, fix it and notify the maintainer of the appropriate package so that the upstream package can also be fixed.
  • This isn’t terribly good for bulk scanning – if you want to scan in 50 one-page documents, you have to scan them individually otherwise they’ll be treated as a single 50 page document. Edit the script so we can somehow communicate with it that certain documents should be split into their constituent pages and store the resulting PDFs in this way.
  • Like all OCR-based solutions, this won’t give you a perfect representation of the source text in the finished PDF. But I’m quite sure the accuracy can be improved, very likely without having to make significant changes to how this operates. Carry out some experiments to figure out optimum settings for accuracy and edit the scripts accordingly.

About the Author: James Cort

James Cort is Managing Director of Bediwin Information Services, providing IT management and integration services in the South West of England.

Properly wiring a network closet

I am in the middle of a network wiring closet makeover at work right now and thought that this would be the perfect time to go over some of the things that I have learned along the way.  I feel like now that I have a few of these closet rewiring jobs under my belt I am confident enough in my techniques and methods to the point where I feel comfortable going over them and showing viewers how a wiring closet should be built out and should look when everything is said and done.

The only thing I will be covering in this post is the wiring portion of this process.  The networking closets have been built out, the grounding racks and wires have all been rigged up and the wire management racks have all been installed.  The switch chassis and PSU’s have all been mounted.  The switch interfaces and other behind the scenes networking tasks have already been configured and taken care of.  The point I’m trying to get at here is that there were a lot of hours spent taking care of all these small items and a ton of work done in the background to get to this point. I think the most important lesson to take away from this project was making sure all of the small things were done properly and with a certain expectation of quality, otherwise all of the other effort that went into one process will be wasted.

I am going to walk you through the process I went through to rewire a networking closet in the remainder of this post.  Luckily I was able to take pictures for many of the things I went through along the way.  I thought it would be useful to show rather than tell for the most part to make following things a little bit easier for readers.

Proper implements

proper implements

Ethernet cables – Pretty obvious but I just wanted to mention this one quickly anyway.  I have only seen a handful of bad cables but you can never be sure so having some extra cable to swap out is an easy way to test if a cable is bad or not.  Also, we use a color coating scheme to help keep things organized, you will see later what I’m talking about.  Just make sure you size out your cables to the appropriate length before hand.

  • White cables – Wireless internet.
  • Red cables – Generic printers.
  • Green cables – Special purpose, whether it be static computers or specialized printers.
  • Yellow – UPS

Velcro – Probably your most important tool and cannot be understated in my opinion.  Effective use of velcro is really what ties everything together and keeps things organized and clean.  Not sure how a set of cables should go?  Velcro.  It is your best friend if you have OCD and are working on one of these projects.

Label maker – Another great tool to help keep things organized.  By no means do you need to label every cable in a wiring closet but you should be sure to highlight some of you landmark cables, so to speak.  I’ve found it works out pretty slick to flag any static computer with a label, special printers, core uplinks, a basic rule of thumb I came up with is that any special case where you have a port you may easily forget later on should get labeled.

Wire cutters – Just about every closet I’ve had to reconfigure so far required me to use these for one thing or another.  I like to have them handy just in case I need them.

Multitool/Razor – Handy for cutting the ends off of boots, lopping off pieces of velcro or just about any other odd job you might encounter in your wiring closet project.  Another one of those nice to haves before hand so you don’t waste time later.

Music – It can get mighty boring doing this type of work.  I suggest turning up some of your favorite tunes if you can, it will help you to keep your sanity.  Listening to music may also work by keeping you distracted just a little bit as well as helping the time pass by.

The Buildout

Closet before

Here is what the wiring closet looked like initially.  As you can see it was not exactly in great shape.  Although this is not nearly as bad as what some closets look like that I have come across (including some others within the scope of this project even), but I still don’t like it.  I came up with a game plan before hand, which turned out to be really useful.

Since there were only 2 VLAN’s in this closet, each on their own switch, and each VLAN correlated to one side of the patch panel, it made doing the cut that much easier.  This method should be somewhat foolproof and could easily be applied in any situation as long as the ports on the switch and patch panel and their correlating VLAN’s are known ahead of time.  Again, because this wiring closet was smaller than the others it made things less messy as well as less time consuming.

separated vlans

separate vlans

There isn’t much to this method really.  The one caveat that really helped me in this closet is that we were not reusing the old patch cables.  Not reusing the old cables allowed for two things.  First, it made pulling out all of the old cable SO much easier and secondly, it enabled me to use some of the clipped ends as markers, so I knew where to plug all of the new cable runs into.  I unplugged (or cut the ends) all the cables from one switch at a time, and traced the cable back to the port it was plugged into on the patch panel.  Once I knew which port the cable was plugged into I would simply cut the end and leave it there, in place until I had traced the cable from end to end.  By doing it this way I was able to keep the cables from each switch separate and using the boots gave me a quick and easy way to know where I was at.  Here is an example of what I’m talking about.

marking your ports

My new switch was setup in a particular way.   the first 4 slots on each card were designated as wireless ports (white cable), and the last 4 ports were designated to be printer ports and static ports (green, red, yellow).  So that left me with the middle 16/12 ports for the cards, therefore the bulk of my bundles were sized to fill all the ports.  With the few extra I just sized my bundle according to how many ports were left over.  If that doesn’t make much sense, take a look below and you can kind of see what I’m talking about.  I screwed up on the yellow cable there, it ended up being at the far right by the end of things.

rhw closet is coming together nicely

There were a few things that I found to be useful when I was putting the new cables in.  Probably the most important thing to be mindful of when patching in the new stuff is to count out your bundles correctly.  I was dealing with some really long patch cable, so having to go back because I miscounted was a real pain in the ass. Here I am laying out my bundles because they are so *^#@ing lengthy, it would have been a nightmare trying to manage them without some sort of organization beforehand.

these cables were lengthy

I found that it was much easier to handle these bundles if I had them all laid out and untangled ahead of time, just be sure to double count how many ports you need first!  I will also say that it also helped me tremendously to have the ends tied up before running the bundles as well.

tying the ends

You can’t really appreciate the length of these cables are from these pictures but it was really painful and time consuming pulling some of these bastards.  Again, having a game plan and rechecking things will be your best friend if you are rewiring a network closet.  Here is how everything turned out when I was done buttoning up the closet and finishing up with some final touches.

finally done

another angle

Labeled and tied

Labeled cables

Not bad.  But I think just as importantly, at least for myself, all of the other parts of the closet need to look as good as the switch.  I think the best way is to give you some other shots to show you what I mean.

running to the patch panel

Out of patch panel

running up the wall

Running up wall

wall to cable guide

Wall to cable guide

wall to cable rack

wall to cable rack

running to cable management

Running in to to cable management

It really isn’t that difficult to dress up a closet, and make everything look nice and neat.  Time consuming?  Maybe.  But as you can tell from this rewiring job, this networking closet looks way better than it did before, I actually found a sense of pride and enjoyment from the work done on dressing up these wiring closets.  It may not be a lot, but I am strong believer in the small things counting.  Let me know if you have any questions or would have done any of this differently.  I am always experimenting with my wiring technique and would love to improve on this method if I can.

About the Author: Josh Reichardt

Josh is the creator of this blog, a system administrator and a contributor to other technology communities such as /r/sysadmin and Ops School. You can also find him on Twitter and Facebook.

Document Storage: Part 5

Document Storage Project

This is Part 5: Uploading Scanned Images.

There’s two components to this part: configuring somewhere for the files to be uploaded to and setting up your MFD to upload to them. Most modern MFDs will upload to a CIFS share, which is what we’re going to use here. First thing’s first, we need to install Samba:

apt-get install samba

Now we need to set up Samba. We’ll have user-level security (it’ll be much easier to lock things down if we want to increase security at a later date, and besides share-level security went out with the Ark) and a single share called incoming. We also need a user for the MFD to log into Samba with; we’ll call this user “scanner”. We’ll also have a group called “scanner” so we can be a little more flexible over who can access this share should we wish.

Edit /etc/samba/smb.conf as follows:

......

# "security = user" is always a good idea. This will require a Unix account
# in this server for every user accessing the server. See
# /usr/share/doc/samba-doc/htmldocs/Samba3-HOWTO/ServerType.html
# in the samba-doc package for details.
   security = user

......

[incoming]
        path = /home/incoming
        guest ok = no
        browseable = no
        read only = no
        valid users = @scanner

Now, we need a new user for the MFD. Samba requires that users also have corresponding Unix accounts, so first we create a Unix account, then we set their Samba password. We also need to ensure the permissions on /home/incoming are correct – the folllowing commands deal with this:

  useradd scanner
  smbpasswd scanner
  chgrp scanner /home/incoming
  chmod g+rwx /home/incoming

Make sure you choose a password that is not only secure, but possible to type in on your MFD! Check this works by connecting to the following folder in Windows:

\\(hostname)\incoming

You’ll need to use the username/password for the scanner user you set up.

For the final part of this, you need to set up your MFD to scan to this directory.

I’ve chosen an Oki MB451 multifunction unit for a number of reasons:

  • It’s cheap.
  • It has a double-sided document feeder for scanning. More and more documents are being sent double-sided; it seems like a step back to have a document feeder that can’t deal with this.
  • It supports scanning directly to email and CIFS share without requiring extra software on the PC. (This is important; certainly a few years ago a lot of manufacturers claimed their products could do this but it wasn’t apparent until after you’d taken it out of the box that their product didn’t do any of it without additional software on your PC. Certain large photocopier-type units still have this restriction, though sometimes you can buy an optional bolt-on to overcome it. I prefer avoiding the need for extra bolt-ons because they’re usually extortionately priced and often difficult to source).
  • It has a nice big display. These units can be a pig to set up at the best of times; a large display often goes some way to alleviate this problem.
  • You can set up lots of profiles – preconfigured shortcuts that say “everything scanned under this profile should be stored under this name in this share accessed with this username and password; files should have this format”. Unfortunately you can’t nail a profile to say “everything scanned under this profile is double-sided” but you can’t have everything!
  • The printer supports Postscript, which means it’ll be pretty much guaranteed to work under any OS I can throw at it for a long time to come.

I won’t go into detail regarding MFD configuration – there’s simply too many on the market and they all vary. It’s enough to explain that I’ve set up a profile called “Correspondence” and I’ve pointed it at \\(hostname)\incoming.

With the profile I’ve set up, scanned documents will be stored under \\(hostname)\incoming\Correspondence-#####.pdf.

Test this all works by scanning a document and making sure it appears in the /home/incoming directory on your Linux box.

There’s only one thing left to do – tie all this together so incoming documents are automatically OCR’d, made available via Apache and OCR’d so they’re indexable in Sphider….

About the Author: James Cort

James Cort is Managing Director of Bediwin Information Services, providing IT management and integration services in the South West of England.