Author Archives: gregor

Gnome: Start ownCloud Desktop Client minimized

Today I solved the annoying behave of not minimized ownCloud Desktop Client under Gnome during logon startup.

System: Arch Linux
Gnome: 3.26.2
ownCloud Desktop Client: 2.4.0

1. Create a helper script

touch ~/scripts/
chmod u+x ~/scripts/
vim ~/scripts/

Content of


owncloud &

wmid=`wmctrl -l | grep $WINDOW_NAME | cut -f 1 -d ” “`
xdotool windowfocus $wmid; xdotool key “Escape”

2. Create the startup routine

vim ~/.config/autostart/ownCloud.desktop

Content of ownCloud.desktop:

IMPORTANT: Set your home folder in “Exec” line.

[Desktop Entry]
GenericName=File Synchronizer

3. Done

Re-Login and see how the ownCloud Desktop Client magically disappear into the background.

UniFi Security Gateway: Add an additional public IP with NAT

The UniFi Controller has no UI configuration to assign an additional IP for the UniFi Security Gateway (USG). Hopefully this will be added from Ubiquiti in the future.

Date: 25.12.2017
Controller Version: 5.6.26


After many hours of reading, try and error I was able to solve this task. This guide is focused on people with network basics, therefore I will not cover technically explanations.


NAT Public IP on Port 80/TCP to internal server on Port 8080/TCP.



  1. Test if the Port is closed
  2. Add the additional IP to the gateway
  3. Create a DNAT rule from WAN to LAN
  4. Create a SNAT rule from LAN to WAN
  5. Create a Firewall rule to allow traffic from WAN to LAN
  6. Apply changes
  7. Test if the Port is now open

NOTE: You can also add this with CLI commands but it will not persist after changes made from the Web-Interface.

Step 1

Test with NMAP from WAN/Internet

nmap -n -Pn -p 80

If this Port is open you should check your network setup because something is responding to 80/TCP and the next steps will potentially lead to undesired results.

Step 2-4

We need to create or append config.gateway.json inside the UniFi Controller. Place this file inside the site configuration, e.g. for the default page but the file inside “data/sites/default”

Content of config.gateway.json:

    "interfaces": {
        "ethernet": {
            "eth0": {
                "address": [
                "firewall": {
                    "in": {
                        "name": "WAN_IN"
                    "local": {
                        "name": "WAN_LOCAL"
                    "out": {
                        "name": "WAN_OUT"
    "service": {
        "nat": {
            "rule": {
                "3000": {
                    "description": "DNAT TCP/8080 to",
                    "destination": {
                        "address": "",
                        "port": "80"
                    "inbound-interface": "eth0",
                    "inside-address": {
                        "address": "",
                        "port": "8080"
                    "log": "enable",
                    "protocol": "tcp",
                    "type": "destination"
                "5000": {
                    "description": "SNAT TCP/8080 to",
                    "log": "enable",
                    "outbound-interface": "eth0",
                    "outside-address": {
                        "address": "",
                        "port": "80"
                    "protocol": "tcp",
                    "source": {
                        "address": "",
                        "port": "8080"
                    "type": "source"
    "firewall": {
        "name": {
            "WAN_IN": {
                "default-action": "drop",
                "rule": {
                    "1000": {
                        "action": "accept",
                        "description": "NAT TCP/8080 to",
                        "destination": {
                            "address": "",
                            "port": "8080"
                        "log": "enable",
                        "protocol": "tcp"

Step 5

Now it’s time to apply these rules to the USG. To do this log in to your UniFi Controller and force provisioning

Step 6

Test with NMAP from WAN/Internet

nmap -n -Pn -p 80

Install self-signed certificate for curl (and others)

These are the steps to install a self-signed certificate so you can avoid using the “–insecure” switch for curl and others which communicate over SSL/TLS.

For me it was necessary to communicate safe over the network with my tool written in  ruby

Test environment:

  • Server: debian 7 (Raspberry PI) with owncloud 9
  • Client: centOS 7

# Test first if you get an certificate error
curl -v -O remote.php https://$HOST/owncloud/remote.php
# Download the certificate
openssl s_client -showcerts -connect $HOST:$PORT </dev/null | openssl x509 -outform PEM > $FILE
# Install the certificate into nssdb
certutil -d sql:/etc/pki/nssdb -A -t “P,,” -n $HOST -i $FILE
# List if the certificate are inside the database
certutil -d sql:/etc/pki/nssdb -L -n $HOST
# Download the test file again.
curl -v -O remote.php https://$HOST/owncloud/remote.php

Registrierkassen-Software cbird unter Linux verwenden

tux-cbirdDa ich bei einigen meiner Kunden die hervorragende Registrierkassen-Software cbird der Firma usoft e.U. verwende und diese in Java geschrieben musste ich natürlich gleich testen ob diese nicht auch unter Linux laufen könnte.

Mit ein paar kleinen Kniffen läuft Sie auch unter Linux ohne Funktionseinschränkungen, Drucken, Sichern, PDF export, …

Dank der Genehmigung von usoft habe ich Skripts, eine Anleitung und weitere Informationen auf einem GitHub Repository veröffentlicht.

Falls Ihr Wünsche, Fehler oder sonstiges anmerken möchtet erstellt bitte auf GitHub einen Eintrag oder direkt hier im Blog. Direkt im Blog kann es etwas dauern da ich Aufgrund der vielen Blog-Spambots nur ab und zu die Kommentare durchsehe 😉

zum GitHub Repository

Nagios check to verify open files counter

I published my Nagios checks to monitor the open files counter for special users and for the whole system. You can chek it out on github and nagiosexchange.



oVirtBackup: online full-backup tool for oVirt

I wrote the last days a little Tool to get in touch with Python (first time) and solved a little backup problem since I switched from vmware esxi to oVirt.

The Tool creates a full backup and export it to a NFS share (export domain).


  • NFS share which are connected to the ovirt-engine where the backups will be stored


  • Create a snapshot
  • Clone the snapshot into a new VM
  • Delete the snapshot
  • Export the VM to the NFS share
  • Delete the VM


  • It is possible to set the age in days how long the backup should be hold

You can find it on github:

WARNING: Wrong configuration can delete your existent backup !!! Please test it first with a new clean VM !!!

Note: With the current Python API (ovirtsdk) it is not possible to export a snapshot directly to the NFS share so it is necessary to create first a temporary VM

BackupPC broken after upgrade

If you get this error after you installed the latest update:

Error: Unable to connect to BackupPC server

This CGI script (/BackupPC) is unable to connect to the BackupPC server on server port -1.
The error was: unix connect: No such file or directory.
Perhaps the BackupPC server is not running or there is a configuration error. Please report this to your Sys Admin.

Maybe this will help

mkdir /var/run/BackupPC

chown backuppc:backuppc /var/run/BackupPC

systemctl restart backuppc

Android synchronize music over WiFi meets Ruby

I switched the tool now to Ruby which brings the following benefits against the bash version.

  • Much faster in the during file comparison for deletion (Tested with a fileset of 8000 files)
  • You can now sync your USB Stick, for example useful for the car
  • With different configurations it is possible to run multiple instances at the same time and sync all your devices parallel

You find the new version on github:

Yandex – The worst search engine

Do you know Opera, yes the browser still exists today.

I came into some troubles with this horrible browser because it uses Yandex as default search engine.
You don’t know what Yandex is, then you are not alone. This tries to be the Russian counterpart to search engines like Google, Bing, and others.

Why I write about Yandex?

This annoying company added one of my websites to there blacklist because the mean it has some malicious code on it, which it sure NOT HAS!!!
OK, that can be no problem lets write Yandex and fix this problem. You thought that will be easy, NO not in Russia. You have to wait many hours until days to get a response from them. After 5 days and only 3 Mails they mean that the homepage is not reachable. Thats funny because the website has since it launch many visitors and is one of my most visited sites!!! I tried also to register to the “webmaster” tools on Yandex where I can’t add the page.

I don’t know which dreadful DNS servers they have in russia 😀 the biggest one have no problems with name resolution.

TO OPERA: Please think about which company you add as your favorite search engine.

I thought Bing is crap but now I know Yandex !!!

Its now time to write to Opera and my ISP to start the game which Yandex will play.


UPDATE: I figured out that Yandex is not able to replicate there DNS servers !!! LOL and77.88.8.1 give the right results. and are two weeks behind the right entries.