Header Image - FOSS adventures

Monthly Archives

5 Articles

Photography workflow on openSUSE

by Martin de Boer

I am a hobbyist photographer. Which means my needs for a digital photography workflow are modest. However, open source definitely makes my life as an amateur photographer easier. For many people, it starts with getting their first (digital) camera and just exporting their photos to their computer. And maybe they like to do some basic photo edits such as cropping and/or resizing. There are 2 open source programs that prove to be very helpful for beginners:

  1. Rapid Photo Downloader (fast download of photos to your computer)
  2. Gwenview (for photo viewing and simple edits)

After a while, the more aspiring photographers will like to do a bit more with their photo’s. Maybe have a program where you can manage your photo library. And some programs where you can do some more advanced photo edits. These aspiring photographers most likely still use the .jpg format. For these photographers I would recommend the workflow:

  1. Rapid Photo Downloader
  2. digiKam (for advanced photo management)
  3. Hugin (for stitching photo’s into panorama’s)
  4. Luminance HDR (for stitching HDR images)

By the time you get (more) serious into photography, the first thing that you need to know is that professional photographers are working with RAW image files. This is the equivalent of the analog negative film (pictured below). A RAW file is not (yet) a photo, but it contains all the information needed to export a digital photo. In comparison to the .jpg / .bpm / .png format, a RAW image file contains all of the metadata and sensor data that is captured by the camera. With the right program, you are able to adjust things like color and lightning.

Most people have heard of Adobe Photoshop and Adobe Lightroom. This is what most professional photographers use for their workflow. However, these programs are (at this time) not available on Linux. The current (29th April 2018) pricing for the Photography plan is € 12,09 / month (in NL) or $ 9,99 / month (in US). So this is currently priced at ~ € 145 / $ 120 a year.

Lucky for us openSUSE users, there are some very capable programs that are alternatives for these 2 well known programs. And these alternatives are free (and gratis) to install and use. Lets start with the alternative for Adobe Lightroom. The open source alternative is called Darktable. It can do a lot of things with your digital negatives. It has over 60 modules that can make multiple adjustments to your photos.

The open source alternative to Photoshop is called GIMP (the GNU Image Manipulation Program). Just 2 days ago (27th April 2018) GIMP version 2.10 has been released (1). This application can seem daunting to learn at first. The trick is to not try to learn everything at once. But to learn small edits that you can do with the program, one edit at a time. This is also something I like to address in future posts.

This brings us to the workflow for an advanced or professional photographer on openSUSE. I would recommend the workflow:

  1. Rapid Photo Downloader
  2. digiKam
  3. Darktable
  4. GIMP
  5. Hugin / Luminance HDR

In future posts, I want to go into more details on how to use these programs. From basic features to more advanced photo editing.

Published on: 29 April 2018

Out with the HHVM, in with the PHP

A regular routine:

systemctl restart hhvm
chown nginx:nginx /var/run/hhvm/server.sock
chown nginx:nginx /var/run/hhvm/server.pid
systemctl restart nginx

This might be abracadabra for many people. But what it means is that once a day, Fossadventures was not available because HHVM crashed. I wondered about the root cause, so I looked into the logs of HHVM. Fatal error! Caused by the WordPress plugin Wordfence. After searching online, it became clear that Wordfence didn’t support HHVM (1) because of stability issues. And that (2) HHVM was no longer supported / tested by WordPress. So I decided to switch to PHP-FPM.

I found a very good instruction (3) on how to do this. I changed the number 5 into the number 7 to get the latest PHP installed. And I needed to adjust the php-fpm.conf file in the /etc/php7/fpm/php-fpm.d/ directory instead of the one in the ~/fpm directory. But that was a lesson I had already learned from the virtual hosts and Nginx adventure.

The second cool thing was the installation of phpMyAdmin. I had already purchased a book on MariaDB (4) which contained a lot of info on command line administration. But having a web-interface that’s displaying the structure of the WordPress database is very neat. It increases my understanding of the overall layout and structure of the database. In fact, I find it so cool that I have now ordered a book (5) on phpMyAdmin as well. Now I just need to find some time to read it.

Over the last few days I have noticed a big change in the stability of Fossadventures. No more restarting HHVM. PHP just works. Out with the old, in with the new.

Published on: 23 April 2018

Let’s Encrypt with Certbot and Firewalld

The next step towards making Fossadventures.com a great website is enabling HTTPS. This was much easier than I expected thanks to Let’s Encrypt and the fantastic Certbot tool. I used this openSUSE instruction page.

 

Step 1: add the required repo with the command:

sudo zypper addrepo https://download.opensuse.org/repositories/devel:/languages:/python/openSUSE_Tumbleweed/devel:languages:python.repo

 

Step 2: update the repositories:

sudo zypper refresh

 

Step 3: install the Certbot application:

sudo zypper install certbot python-certbot python-certbot-nginx

 

Step 4: run the Certbot application:

sudo certbot --nginx

 

I needed to answer some basic questions:

  • For which domains the certificates needed to be applied (www.fossadventures.com, fossadventures.com)
  • Whether HTTPS access is required or optional (required)
  • Verification of the DNS records
  • If you want to be added to the EFF mailing list

And “voila” the setup was finished.

 

Step 5:  update the firewall. I used the commands below. The last command was used to see if the updates were properly applied.

sudo firewall-cmd --zone=public --add-service=https --permanent

sudo firewall-cmd --zone=public --add-port=443/tcp --permanent

sudo firewall-cmd --reload

sudo firewall-cmd --list-all

 

The final test was to access my website with Firefox… and… success! Wow. That was much easier than expected.

Published on: 10 April 2018

Securing WordPress with plugins

It’s time to spend some attention to the security of this website. From years of reading ICT technology news, I was painfully aware that WordPress websites are a prime target for hackers. And from my initial week of having the website online, I had already discovered a couple of visits from malicious IP addresses in my access log.

The book “WordPress Visual Step by Step for Beginners 2018” recommends installing the Wordfence Security plugin. This is an Endpoint protection solution. Another solution that I had read about was Cloudflare. I was interested in the differences and found this article on the Wordfence website. Biased? Certainly. But I do agree with some of the arguments and decided to install the Wordfence plugin as a basic security measure. I can always add Cloudflare on top of that.

Then I looked for articles on hardening a WordPress website and found these (1, 2) two articles. I really appreciate the blog of WP Engine. A good find was the “WPS Hide Login” plugin, which made it very easy to implement measure #13. The blog by Bjørn Johansen was very helpful in implementing measure #14.

I have disabled Comments on my website. The main goal of my website is to inform and not to interact. Contact Form 7 and Flamingo are plugins that work together to enable the contact form and to store the messages on the WordPress server. This provide readers with a basic way to interact. The nice thing (from a security standpoint) is that I am able to add a “reCAPTCHA” button on the bottom of my contact form. Which should reduce the amount of spam.

Published on: 4 April 2018

Solving Permalinks with Nginx Virtual Host file

After reading the initial 3 chapters of the book Nginx HTTP server – Third Edition, I was ready to tackle the permalinks problem again. I started adjusting the nginx.conf file with renewed knowledge. Something interesting happened when I adjusted the server_name to .fossadventures.com and tested the nginx.conf file. The test indicated that this server name was already in use.

I decided to look for additional .conf files in /etc/nginx. And then found the culprid in the vhosts.d folder. This xxx.conf file contained the configuration of my website. I created a copy “xxx2.conf” and started editing it according to the solution described in my last post. Why not try to create a more pleasing 404 page as well? I copied the Cannyon theme its 404.php page into a separate directory and put the directive to this error page in my xxx.conf file.

Then I stopped Nginx, renamed the current xxx.conf file into xxx.conf.back and renamed xxx2.conf into xxx.conf. After restarting Nginx, my site finally showed pretty permalinks. And best of all, when someone puts in an invalid url, they will see a pretty 404 error page.

Published on: 3 April 2018