Just picked up a package at the post office on my way home. Finally, the book has arrived! It is even autographed by the two amazing authors, who I had the great fortune to meet in person last year during my visit to Toronto. I really have to get back there ASAP. I miss those crazy canadians, eh! ;-)

Well, at least the proper date and time formats. This really small patch adds the necessary entries to the %Languages hash, so that the %x and %X formats work like expected. Well, at least as I expect it. ;-)

I’ve been wondering, what other types of content could benefit from the TrackBack System, besides weblogs? And what are requirements to use TrackBack? As far as I understand it, the minimum you need is a stable URL that you can use as a key. So, almost any system that has individual pages for its content could be retrofitted. Looking at some projects at work, I did find two projects that could easily have TrackBack grafted on. But what would be the benefit? The selling point? I’m a coder, so I’d do it for the sheer hack value, but these things have to sold to bean counters and suits, and they don’t take “Because it’s there” as an answer.

As I wrote in my last entry, I changed the way my MT archives individual posts to be more Google-friendly. But since I did not want to have the old 000001.html-style files around and did not want to wait until my site gets reindexed, I delved into the mod_rewrite documentation and came up with a way to achieve this redirection.

First, we need the mapping program, that generates the new URL based on the old URL. Since I am using MySQL as backend, this only works with this setup so far. It queries the database to regenerate the Google-friendly url from the entry id used in the flat name scheme. Change the $mtcfghome variable to point to the directory where your mt.cfg resides. Put the mapping program somewhere where Apache can execute it and make sure it has execute permissions (chmod 755).

Now we need to tell Apache to use it: I am using this inside a virtual host configuration, so if you have some other setup, you have to play around with it a little. In the section, add

RewriteEngine on RewriteMap archive-map prg:/path/to/rewrite_archives.pl RewriteCond %{REQUEST_URI} ^/archives/[0-9]+.html RewriteRule ^/archives/(.*).html /archives/${archive-map:$1} [R=permanent,L]

Make sure that mod_rewrite is compiled in or activated in httpd.conf (just search for lines containing mod_rewrite and see if they are not commented out). After a restart, Apache should now redirect like a champion. DISCLAIMER: mod_rewrite is deep Apache voodoo, which I don’t claim to understand fully, so if you break something while fiddling with it, it’s all your fault ;-)

After reading about Anders Jacobsens MT installation and his subsequent articles on optimizing MovableType, I implemented most of his suggestions about how to set up the archives too be search engine friendly. I also converted from Berkley DB to MySQL, so that I could use Eliot Landrums MT-RefSearch The next step will be implementing all those other improvements, like related entry links, proper RSS feeds, etc.

Somehow MT doesn’t ping weblo.gs and weblogs.com anymore when I post a new entry. This is just an entry to see if the problem persists. *[MT]: Movable Type

Birgit and I went to Ikea today, which was a lot of fun. I could have spent ages in the kitchen utensils part, I had the nagging feeling that I was missing one crucial instrument. But I could not for the life of me figure out, what exactly I was missing. And I found the most gorgeous shelves for my DVDs, but they are neither in the catalogue, nor on their website. Luckily, a groups.google.com search turned up two pictures of the shelves. Each holds about 50 DVDs, so with 4 of them, I should have enough space for the near future.

Ever since I set up my wireless LAN at home, I’ve been looking into how to make it more secure. Because WEP is not really secure, I was looking into setting up a VPN. But all the solutions I found (FreeS/WAN, CIPE), were way too complicated for the simple act of creating a secure tunnel between my desktop machine and my laptop. Enter OpenVPN, a real quick VPN solution. (don’t worry, it can also be made much more complicated)

So, let’s cut straight to how I set things up:

The OpenVPN tarball contains a spec file, so you can build an RPM with a simple rpm -ta openvpn-VERSION.tar.gz. But the spec file links OpenVPN with the LZO compression library. Querying RPMfind finds a prepackaged RPM for Red Hat, which works.

After installing OpenVPN, we need to generate a secret key. The command for that is openvpn –genkey –secret static.key, which will create a file called static.key. This gets copied into the /etc/openvpn directory on both the laptop and the desktop.

The next step is to write the configuration files. First, the configuration for the laptop (laptop.conf):

#
# Sample OpenVPN configuration file for
# using a pre-shared static key.
#
# '#' or ';' may be used to delimit comments.

# Use a dynamic tun device.
dev tun

# Our remote peer
remote 192.168.1.1

# 10.4.0.1 is our local VPN endpoint
# 10.4.0.2 is our remote VPN endpoint
ifconfig 10.4.0.2 10.4.0.1

up /etc/openvpn/laptop.up
# Our pre-shared static key
secret /etc/openvpn/static.key

Important is the line up /etc/openvpn/laptop.up, this tells OpenVPN to call this script, after the tunnel has been established. This script gets called with all kinds of parameters, best check the manpage for details. We just need one parameter, the correct tun-device. That’s $1, so laptop.up looks like this:

#!/bin/sh

route add default $1

Don’t forget to chmod 755 it.

The desktop configuration looks almost the same, just some changes and switches concerning the IPs:

#
# Sample OpenVPN configuration file for
# using a pre-shared static key.
#
# '#' or ';' may be used to delimit comments.

# Use a dynamic tun device.
dev tun1

# Our remote peer
remote 192.168.1.131

# 10.4.0.1 is our local VPN endpoint
# 10.4.0.2 is our remote VPN endpoint
ifconfig 10.4.0.1 10.4.0.2

# Our pre-shared static key
secret /etc/openvpn/static.key

So, what does all this do?

It creates an encrpyted tunnel between 192.168.1.1 (desktop) and 192.168.1.131 (laptop), using the IPs 10.4.0.1 (desktop) and 10.4.0.2 (laptop). Then on the laptop, it adds a default route to the tunneling device, so all external connections are going through the encrypted link. Since this is the first time I did this, there might be some kinks in it, so if anybody finds some faults or improvements, please let me know, so I can incorporate them. *[VPN]: Virtual Private Network

Over at Mplayer HQ, there’s a new HOWTO on watching Sorenson-encoded QuickTime movies on Linux without having to use Wine. I tried it out by downloading all the required files, and it works really good, I was able to watch all those trailer downloads I had lying around on my windows partition. So except for some games (Total Annihilation, Ascendancy, Dark Reign), I can now do almost anything I need in Linux. Yay!

We tasted the wine cake today, after moving some of Birgit’s stuff to her new appartment. The experiment was a success, and I think, I could have used even more wine. So I will try that the next time