The LINICKX clock – power by jquery, css3 and Google App Engine

It’s been a long time since my last weekend project, over on git hub I have just published the code for my LINICKX Clock.

n800 linickx clock

Photo of my n800 running in full screen

I have an old Nokia n800 which I wanted to put to some use. If you want a good time service then is IMHO the best; the reason I’m not using on my n800 is that it’s very boring! I wanted to create something that would change, add a little bit of variety – regardless on your opinion on if LCD screen-burn exists or not.

LINICKX Clock is powered by Google’s App Engine (GAE), which means that occasionally it will sleep, however I’ve been running the clock for a few days now an it’s updating fine.

The background, font, text-area and clock delimiters change every 15mins so if you want to see something unique to you then you’ll have to be patient!

Chrome Screenshot of

Chrome Screenshot of

The clock uses from very simply jquery to download a JSON file from the server, the JSON response updates the style sheet for the page. Some of the clock features are CSS3, such as the blinking delimiter and scaling background so browser milage may vary. The background images are powered by and, I’m caching the images on the GAE to reduce the impact to the upstream provider (hopefully they don’t mind!).

You can easily run your own if you want, the simplest method would be to deploy your own app into google, i.e. create a new app, change the application “name” in app.yaml and deploy. If you want to run this locally then you’ll need php (and memcached for caching), you’ll also need to rewrite the permalinks, for example on line 96 of index.php:


The random data is a http request to /rd unless you use something like mod_rewrite then you will need to change this to /rd.php

The source code can be found here: If you have any suggestions or improvements, feel free to fork or create an issue on github.

No Comment has been using comments on WordPress for over 5 years now and over that time the quality and quantity of comments has varied. In the last six+ months comments have become mostly spam. To reduce the amount of outages caused by spam, scrapers and other internet-rubbish the comment forms and previous comments have been removed.

Intelligent humans are still able to use twitter or the contact form to get in touch :)

Using bootstrap on Cisco ISE

ISE 1.1 had horrible web portals which didn’t render well on mobile devices at all (which was odd for a BYOD solution), anyway, Cisco have fixed that now in 1.2 with the ability to enable a mobile version… but what if you want something totally custom that works well both on desktops and mobile?

Enter bootstrap!

The trick to getting this working is know the correct paths for the stylesheets so to make things easy I have created a gitgub project called ise-bootstrap. To get started create a custom portal with the name myportal and upload the files. Change your authz result to point an the new file and enjoy the responsive goodness!

Here are some 1.1 screenshots of me creating the portal, the process is pretty similar in 1.2 – I will upload some newer screenshots at some point!

The only gotcha to be aware of are the Glyphicons, if you want to use those then you need to customise the bootstrap download so that it matches the name of your portal.

This is the end result…

ISE 1.1 07 example login page

If you get stuck, there is a README which compliments this blog post.

Using Google as a FREE origin pull CDN

There are bucket load of posts on how to use google application engine (GAE) as a CDN but many of them direct you to hosting static content on a google server. For me that approach isn’t practical, every time I did a WordPress update or plugin upgrade I would have to push an update to GAE… annoying!

Origin-Pull is the future then, basically the server acting as a CDN pulls a copy of the original, caches it and serves that to clients. Updates on the main site are easy, just wait for the CDN to age out it’s cache or if you are impatient manually purge.

Over the weekend I stumpbled upon SymPullCDN a GAE app, it’s a bit out of date so I’ve pushed a newer version to github. I’ve made two changes, firstly updated to python2.7 (as per google’s recommendation) and secondly I’ve added a cron job to keep your GAE app snappy :)

Setting up your own copy is simple, start by signing up for GAE and create a new “application”, mine’s called mygaecdn


Next get a copy of the Google App Engine SDK for Python also known as GoogleAppEngineLauncher… Install it :)

Once it’s running, create a new application… give it the same name as the app you created on google.


Take a note of the directory in which the application is being created, mine is Users/nick/Documents/GoogleAppEngine/mygaecdn

Next download this zip file which has the updated SymPullCDN files.

Delete everything from your Users/nick/Documents/GoogleAppEngine/mygaecdn and place in there the contents of

Open app.yaml in a text-editor and edit line 1 to replace *replace*me* with your application name, e.g.:

application: mygaecdn

Next open in a text-editor and edit line 21 and replace http://replace*me/ with your website, e.g.:

origin = "" 

Make sure you save both files and you are done!

Now, test locally in the GoogleAppEngineLauncher app before deploying to google. Click the green “play” and a GAE application will run on your local machine; from the screenshot above you can see mine is listening on “port 10080″, so I can open a web browser to http://localhost:10080 – all things being equal you will see a copy of your website :)

If that works you’re ready to deploy…. hit the blue “deploy” button to push you app up to google. When that’s finished you should be able to visit… obviously yours isn’t called mygaecdn!

Once the deploy is finished you have a GAE ready and willing to serve cached copies of your site.

What you do next will depend on your website. Me, I use WordPress and wp-super-cache, so I can simply enable the CDN feature in that, e.g.:


You might have to install something, or change some URLs, whatever you do, just remember to only change links to static content such as CSS, JS or IMG – anything dynamic is likely to end in a world of pain.

FOOTNOTE: The term CDN is used loosely in this blog post, GAE is more of a content off-load, IMHO a CDN should server you geographically-local content but in all my tests on webpagetest showed all my content coming from Google-USA, not that is really a problem as their servers are still rocket-quick :cool:

OS X: Sync’ing keychains in the iCloud

Keychains hold passwords, certificates and general secret stuff – only do this if you understand the Apple will have access to this…. well assuming they can crack your keychain password (which they probably can).

Synchronising a keychain across macs could be useful, for example, having a dedicated keychain for WiFi credentials.

I stumbled across this link (dated Nov 2011) and found that this still works!

The ~Library/Mobile Documents/ folder is pushed to all iCloud enabled computers, so I have created a new folder, and copied my WiFi keychain into it:

$ mkdir ~/Library/Mobile\ Documents/com~linickx~icloud
$ cp ~/Library/Keychains/wifi.keychain ~/Library/Mobile\ Documents/com~linickx~icloud/

If you only have one keychain login.keychain, consider splitting out the really secret stuff and only sync’ing the stuff you want to share with apple.

Now open “Keychain Access”, delete the original keychain and add/open the iCloud copy. On any other Mac, add/open the iCloud keychain. Once complete, any change to the keychain will be pushed to all Macs, simplifying password changes :)

I’m also using this to sync dotfiles!

You could use dropbox for this, one reason to use dropbox is that iCloud sync seems to be a bit hit n miss; however Dropbox already have enough of my secrets, I’m not suggesting that iCloud is more secure, it’s just better to have many baskets.

FOOTNOTE: If your mobile documents folder isn’t sync’ing, see this post by SteveX. & Wget

Ever since cisco updated their website (you know like, a year ago), I’ve struggled to find a way to wget software onto a box.

This week, I found a bodge using firefox. Sign into and go through the normal process, accepting agreements and begin the download.

Once the download starts, pause it… right click and copy the download link:

Copy link from downloads

Copy link from downloads

Then from your terminal/linux box, you can paste the url into wget:

wget -O ise- ""

- Quick gotcha alert, the link you paste must be in speachmarks/double quotes or the full url will not paste correctly.

OS X: anonymous ftp directory on Mountain Lion

Pretty much every google search I tried landed me on a mountain lion server page, given I’m using normal mountain lion on a macbook the results were not much use!

I use FTP to transfer images to various appliances, firewalls, proxies etc so for speed and simplicity I need anonymous ftp. The default home directory on 10.8 for anonymous FTP is /var/empty which is a special directory which I didn’t want to tamper with, once I found the right stuff in the man page changing the home of thr anonymous FTP user wasn’t actually that hard…

To get started, in case you need it, the command to start the FTP service is:

sudo launchctl load /System/Library/LaunchDaemons/ftp.plist

and to stop:

sudo launchctl unload /System/Library/LaunchDaemons/ftp.plist

The config file is /etc/ftpd.conf, mine looks like this:

# match umask from Mac OS X Server ftpd
umask all 022
chroot GUEST /Users/linickx/ftp
modify guest off
umask  guest 0707
upload guest on

As you can see, I have changed the home directory of my anonymous user to a folder called ftp inside my home directory.

Now, there’s some special security stuff you can do to that folder, see man ftpd for full details, but this should do you as a minimun

~ftp Make the home directory owned by “root” and unwritable by anyone.

~ftp/pub This directory and the subdirectories beneath it should be owned by the users and groups responsible for placing files in them, and be writable only by them (mode
755 or 775). They should not be owned or writable by ftp or its group.

~ftp/incoming This directory is where anonymous users place files they upload. The owners should be the user “ftp” and an appropriate group. Members of this group will be
the only users with access to these files after they have been uploaded; these should be people who know how to deal with them appropriately. If you wish anony-
mous FTP users to be able to see the names of the files in this directory the permissions should be 770, otherwise they should be 370.

The following ftpd.conf(5) directives should be used:
modify guest off
umask guest 0707
upload guest on

This will result in anonymous users being able to upload files to this directory, but they will not be able to download them, delete them, or overwrite them, due
to the umask and disabling of the commands mentioned above.

Happy FTP Everyone!

wireshark xquartz osx (mountain lion) – crash on start

If (like me) you have just installed wireshark and and xquartz at the same time you’ll notice that after completing both installations wireshark will crash and not start up properly.

The wireshark forum shows that if you run wireshark from the command line you get this error..

(process:1234): Gtk-WARNING **: Locale not supported by C library.
    Using the fallback 'C' locale.

(wireshark-bin:1234): Gtk-WARNING **: cannot open display:

… for which there are a couple of work arounds, such as setting your display variable or opening wireshark from within an xquartz terminal window.

The actual fix was found here, notice the log out after installing… by simply logging out and back in again my wireshark now loads without any nasty work arounds.

Hope that helps!

OS X: Mediatomb (luanchd) .plist file for automatic start up.

Inspired by this, but better ;)

So now I have got mediatomb working, I’ve started on my own StartupItem so that it loads at boot time. The reason it is better is because you can start and stop mediatomb via launchctl.

I saved the below (the more) as /Library/LaunchDaemons/com.linickx.mediatomb.plist.

To start:

sudo launchctl load /Library/LaunchDaemons/com.linickx.mediatomb.plist

To stop:

sudo launchctl unload /Library/LaunchDaemons/com.linickx.mediatomb.plist

Happy Days!

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "">
<plist version="1.0">
	<string>Run MediaTomb at boot</string>

OS X: PS 3 Media Server service for start at boot (launchd)

Given the popularity of the Playstation 3 Media Server (PSM) I’m a bit confused to why I struggled to find a good solution to this…PSM does does not come with an mac service for running it a boot time, there is a windows service and some stuff for linux if you google but the best effort I could find for OS X was a bodge via SSH!

This is my best effort so far, it’s not perfect but it’s a start. Below the more link, is a launchd .plist file which if you place in /Library/LaunchDaemons/ will start PSM at boot time, well kinda.

The catch is that a user needs to log in, any user will do, the process will run as the user defined in the .plist file but since PSM requires some kind of windowing libraries it simply will not start until a user logs in!

Continue reading

OS X: Converting videos but keeping the timestamp

I got a new computer, w00t! My family like to use the point-and-click camera for adhoc videos whilst we’re out and about, the thing is it’s very old and records in a rubbish AVI format which consumes massive amounts of disk space, b000!

After a bit of googling I wrote the below, it’ll search through your disk and find AVI files, check that the file extension is .AVI and then convert it to .mp4; for bonus points it’ll change the timestamp of the mp4 to match the avi so that it’ll import into iPhoto albums nicely.

export IFS=$'\n'
for i in $(find ./ -type f -name '*.AVI') 
		if [ ${i: -4} == ".AVI" ]
			echo "Converting $i"
			ffmpeg -i "$i" -s 480x320 -aspect 4:3 -b 768k -ab 64k -ar 22050 -r 30000/1001 "${i%.AVI}.mp4"
			sleep 5
			TSTAMP=`gls -l --time-style=+%Y%m%d%H%m "$i" | awk '{print $6}'`
			touch -mt $TSTAMP "${i%.AVI}.mp4"
			sleep 5 
			rm -f "$i"

Quick Note: gls is the GNU version of ls not the built in BSD-MAC version, you get it via homebrew (brew install coreutils)