Amar Kulo

Me and my unorganized thoughts

Author: amar

How to fix “Error loading viewer” error and Web ide editor not working on own hosted Gitlab server

I have my own Gitlab server where I have all the code I write. Today I was trying to check something fast in one of the source files on the server over the Web frontend for Gitlab and I couldn’t get file to show. 

All I would get is following error message.

Interesting. I tried Web IDE editor and I would get the same thing, just the message loading Web IDE editor and nothing would happen.

Next obvious step was to check console in Developer tools in Chrome. What I found there was an interesting error.

The problem is net::ERR:SPDY_PROTOCOL_ERROR, and as Gitlab server is behind Nginx server which acts as reverse proxy for it, this error can only come from it. The next step was to check error logs on the Nginx server.

2018/12/10 11:51:34 [crit] 1582#1582: *81392 open() "/var/cache/nginx/proxy_temp/1/01/0000000011" failed (13: Permission denied) while reading upstream, client: 83.241.177.117, server: git.server.address, request: "GET /assets/webpack/pages.ide.0f5d4844.chunk.js HTTP/2.0", upstream: ...

So error is obviously permissions based, Nginx server is caching .js and .css content but it doesn’t have permissions to access cached content. Solution was simple, just allow nginx to access all of the content in that folder and VOILA, everything works as it should.

sudo chown -R nginx:nginx /var/cache/nginx/

Recovering ATmega with wrongly programmed fuses

Today I did a big mistake. I programmed wrong fuses on ATmega328P. Of course it was the fuse that sets external oscillator value instead of internal one.

I tried to fix it with STK500 programmer and Atmel Studio but without any luck. Then I started searching for solutions and I found one that worked in the end.

If you overload external oscillator with high frequency, you will be able to erase chip, and erase fuse settings. First I tried this with STK500 and Atmel Studio but without any success.

Then I tried small USBASP programmer and eXtreme Burner – AVR software and it could detect chip but not erase it. Because I supplied oscillator clock from signal generator I was able to change frequencies and to try to find which one would work. I have tested first clock simulation on 3-10KHz, but the one that worked for me was 4MHz with 5V amplitude, square wave. I was able to erase chip and then program it the right away. Just connect signal from signal generator to XTAL1 pin and you are good to go.

Of course, this took some time to do because of the following:

  • USBASP that I had was China copy, that Windows couldn’t recognize so I had to reprogram it with STK500
  • Then Windows wouldn’t recognize it or allow me to install driver because it wasn’t signed
    • To solve this press shift and restart Windows
    • On boot menu chose that you want advanced options
    • Then select startup settings and restart
    • When Windows restarts it will ask you which option do you want to enable or disable
    • Select “7. Disable driver signature enforcement”
    • Windows will boot and you can install driver that is not signed
  • You need to provide external power supply to the ATmega chip

Project log: Fumes extractor

As I had few old server fans available I decided to make fumes extractor from them in custom 3d printed case. I started with measuring of dimensions that fans had and started Fusion360 to draw a case.

Continue reading

Project log: Cyclone PCB factory – part 2

Small update on this project which is on shelf for the moment, no time to complete it whatsoever.

All parts have been printed, and I’m happy with quality of output.

Continue reading

What’s the point of security policies if you are not going to follow them up?

This post is more like a rant then a post but it is what it is.

In everyday work and life I keep finding people that think that policies are good to have but not so good to follow up and I’m really struggling to comprehend that kind of thinking, especially when it’s about security. I don’t get it why is it so hard to realize one simple fact, you don’t compromise with security. 

Continue reading

Project log: Cyclone PCB factory – part 1

Yesterday I have started building Cyclone PCB factory, a small PCB cnc machine with 3D printed parts. I have browsed a bit trough my parts stock at home that I have after lot of building and rebuilding of different kind of 3d printers and found that I almost have everything needed and everything that I don’t have is ordered from Aliexpress so I’ll write updates as the project goes.

Parts that I have right now:

  • Ramps and Arduino mega
  • stepper motor drivers
  • 1 NEMA 17 motor
  • threaded rods
  • B608ZZ bearings
  • washers, nuts and screws
  • power supply that can deliver 12V
  • 3d printer to print out parts

Continue reading

Integrating database of pwned password hashes with Microsoft AD

Few weeks ago, Troy Hunt has released password hash dumps from haveibeenpwned.com site. Dumps are large, splitted to 3 parts and contains 324+ millions of hashes. In this blog post I will show you how to integrate that large hash dump with Microsoft Active Directory and enable DC servers to check against that list before allowing user to change their password.

Microsoft has one feature that has been present since Windows server 2003 and it’s called password filters. It’s not often used as it’s meant to be used as an additional method for adding more complexity to password requirements in larger organisations. The smaller organisations and companies are sticking with the rules that are already present in Windows (both server and workstations), which are:

  • enforce password history
  • minimum password age
  • maximum password age
  • minimum password length
  • password must meet complexity requirements
  • store passwords using reverse encryption

There are some commercial solutions that can add more complex requirements to this list, but price tag is quite high. As soon as you see “contact us for price” you can count with that.

Continue reading

How to reinstall macOS when you get “application is damaged” error

Today I was trying to reinstall an older Mac Mini and installation keep failing with error: “This copy of the Install macOS Sierra.app application is damaged, and can’t be used to install macOS.”

I have tried Yosemite, High Sierra beta (the latest one b6) but still the same error happened so I started wondering why it would fail. One look in the terminal on date and time showed that Mini thought it’s 2001 so package couldn’t be verified and thus installed as verification failed.

Continue reading

Here we go again

So  I have decided to start blogging again, to write down some of stuff I do, some of things I like, my experiments and projects, security, programming stuff, operating systems, sysadmin stuff, tips and tricks,  etc.

Let’s hope that I continue this time to more than few posts :-/

 

In case you are looking for older posts, they are here.

© 2018 Amar Kulo

Theme by Anders NorenUp ↑