Thankfully the LUG did not diminish into obscurity during the COVID-19 years, which is hopefully a phrase which will stay exclusive past tense! Due to the general consensus and restrictions regarding meetings over that period, we instead only did about 8 online workshops and socials. Coupled with some brilliant regular contact using the mailing list, IRC an Discord… ultimately it means we’re still here!
The reason this workshop uses ‘End of the year’ in it’s title is because it was originally scheduled for December 2021. However when we last did one of these types of workshops in December 2020, it was unanimously agreed that it just didn’t feel the same as it was conducted online and it would have to be again if we’d have done it December 2021. So initially we’d hoped to only postpone it to early 2022 but it took a little longer than expected for general consensus on COVID-19 to change, government restrictions to be lifted, policy changes at the company and building we host our workshops in, etc…
But it was worth the wait as nothing quite beats a proper physical meet up, and everyone that could make it to this one seemed really happy to have a chance to catch up with one another.
Our benefactors at Internet Central were still happy for us to use the same room we’d used before the first lockdown in 2020. Although even after the COVID-19 concerns had passed we did have to wait a little longer as the shutters were being removed for fire safety reasons. So at least there is more light and we can easily crack a window open now (or throw ourselves out of one in the unlikely event of a fire!).
Those years haven’t gone to waste however as those of us who were still allowed to access it (employees of IC) have been not just maintaining the room but also making subtle improvements, some of which can be seen in the photos above.
This includes (but not limited too, it’s been 2 years and there is a lot to remember)…
Increasing the RAM of the machines
An initial lot of headsets for use with the machines and phones via an adapter
A Linux ecosystem inspired sticker collage
FSFE and other posters placed around the room
Various leaflets from similar organisations in leaflet stands
Removal of several cupboards and instead a table and some chairs for possible gaming activity or other purposes
Improvements to the main desks so we’ve got 2 general purpose dual screen PCs now (dual booting of course!)
Webcams to show the room and whiteboard, screen capture capability of both machine 1 (on the first bank) and the big TV… so we can start to stream events.
Mousemats and coasters for every desk
A large portrait telepresence display in the middle of the room for bringing in video conferencing users.
A reference library (books and magazines) in a little bookcase
A vending machine!
and much more…
You should hear more about these improvements in the coming weeks/months as some of us will be putting together a website to show off the room as ‘Keele Community Computer Lab’ which will be open (upon request and approval) for most non-commercial use by other local groups. This is a new sister project of the LUG and will be in close partnership with Internet Central.
Iain was also kind enough to also donate a whole raft of Linux machines! So much for our tidy bookcase, it’ll need a bit of a sort out now! But if anyone fancies digging through Linux history we’ve certainly got the means from various publications (and even some of the original cover DVD/CDs too).
A lot of the actual meeting however was spent brainstorm what we’d like to see in future workshops, including resurrecting any plans we had for workshops before the COVID-19 outbreak.
Given there was about 2/3rd of the year left we’ve decided that we’ll be aiming to do 2 socials (normally aiming for about 3 every year at least). Additionally we had representatives from the newly formed Open Rights Group Stoke-on-Trent and Free Software Foundation Potteries present too, so we’ve made sure we didn’t monopolise the room too much during the year and left them with 2 Tuesdays each during the year for events they’d like to run in the same room (hoping that if people are free on Tuesdays for the LUG, they’d entertain coming along to those groups too).
Suffice to say the whiteboard got very messy, very quickly – with many people criticising the handwriting of the LUG master! So I won’t be showing that here, but you can certainly go look at the calendar section on the website if you’d like to see what events we’ve green lit for the rest of the year so far.
Lastly we also spoke about what we can do to raise awareness of the LUG a) existing and b) being back in full swing. We got a lot of really good ideas and they’ve all been typed up for the committee to pour over and get through one at a time.
Well this has been a rather strange and stressful year for everyone.
Not knowing how long the pandemic will last we have held off on having physical meetings. Since nothing looks like it will be changing any time soon, we thought we’d try and hold this one online!
Luckily we don’t need to be using any proprietary video conferencing platforms like Zoom or Microsoft Teams (the former having an awful limitation on time too, if you’re not paying that is). As we have the fantastic project of Jitsi Meet!
A few of us have been using projects from Jitsi for many years, one of their earliest being a SIP softphone (which literally used to just be called “SIP Communicator” way back). In the last few years they’ve mostly pivoted to Jitsi Meet and its been met with fantastic adoption.
Mostly this is because no one needs to sign up for an account and the only thing anyone needs is a web browser! You can of course install an app on your phone or tablet if you prefer, but again no account is required.
So with help from our sister project Seaquake, we’ve created our own VM to host a copy just for us and this is how it ended up looking…
As you can see there were plenty of people, but unfortunately (and likely because they knew I’d post that screenshot here) many were camera shy and hid just as I took that screenshot!
Although the general consensus during the meeting was that it just didn’t feel the same as physical meetings. Mostly although people were impressed with Jitsi, we’d all become tired of video conferencing in general as part of our day jobs. The feeling was that it might be preferable to wait until physical meetings can resume before attempting another proper meeting, but that Jitsi might be an option for people going forwards to “virtually” attend physical meetings (e.g. if COVID-19 is starting to subside but people want to be extra cautious).
Plenty of chatter was had by all regarding Christmas which was only the previous week, as well as gadgets received as presents.
Hopefully 2021 will work out better than 2020 and we can get back on track!
Thanks to our excellent guest speaker Alex Robertson for coming in and giving this talk.
You can find details of what was covered in the main talk in the files below which were used for the presentation. Other than that, there was plenty of times for questions regarding the current state of the project as a whole and ways people can volunteer.
We had a good turn out of about 18 people which isn’t bad considering this wasn’t an official ATE (which is a CAcert training event). Also thanks to CAcert (see their blog post here), Hack:Keele and Internet Central (their tweet here) for publicising the event. We even had people travelling in from much further away areas too. Hopefully we can repeat this event in the next 6 to 12 months and as the number of people capable of assuring grows, we can expand on these numbers.
Most people brought along their own CAP forms ready to do assurances afterwards (although we have an absolutely massive stack of blank ones if anyone wants to do more in the future) and this went down very well. Especially as we had all just received the knowledge (or a refresh of the knowledge) on which IDs would be acceptable from people – who the majority remembered to bring!
The rest of this blog post was here even before the workshop had occurred.
Essentially it is a step by step set of instructions on how to get started with installing the root and intermediate certificates on your computer, creating an account, making a client certificate and finally taking the assurers challenge.
Thankfully in the workshop event itself, all of our computers were working with a new CAcert setup created for the event that allowed people to securely take the test if they wanted to and generate private keys from within the browser (by using an ESR version of Firefox that hasn’t yet taken away that ability).
Also if you get stuck following any of this then you can always talk to us using our usual contact details (such as chat rooms, mailing lists, etc…) about it. Additionally CAcert have various channels for help too.
Install CAcert’s root & intermediate certificates
The PC’s at the workshop will already have these installed, but if you want to use the CAcert website and maybe take the Assurer Challenge prior to arrival, you should also have them installed on your machine,
Dependant on your OS/browser there’s different ways of installing these as detailed on the CAcert wiki here and here. We’ve detailed a few likely scenarios below whilst assuming you’re running a modern OS/browser. If these instructions don’t work then see the CAcert wiki for more options.
It’s always a good idea to view any certificate you install to check the fingerprints match what you expected. This is so if they were tampered with while being acquired, you can spot it! You can find out more in the CAcert wiki as well.
Click ‘Root Certificate (PEM Format)’, tick ‘Trust this CA to identify web sites.’ and then OK. Finally click ‘Intermediate Certificate (PEM Format)’ and just click OK (no need to click Trust on that). For a step by step view see the gallery below…
Adding to Linux (e.g. Chrome and Opera)…
Whilst you could add these certificates system wide (and how you did that would differ vastly dependant on your distribution), it wouldn’t help accessing the CAcert website. That’s because Chrome, Opera and Firefox (see above if using Firefox) all use their own certificate stores if they’re running on Linux. So ultimately we’re just going to show you how to add them to Chromium-based (which Chrome and Opera are) browsers running on Linux.
Access your browsers settings and search for ‘Manage certificates’, then on the ‘Authorities’ tab first import the ‘root’ certificate and remember to tick ‘Trust this certificate for identifying websites’. Then afterwards import the ‘class3’ (intermediate) certificate (you don’t need to tick Trust for this). For a step by step view see the gallery below…
Adding to macOS (e.g. Safari, Chrome, Opera and Edge)…
Open the ‘root’ certificate first, pick ‘System’ when it asks for a keychain, confirm your normal macOS password and then finally mark it as trusted (see the screen shots below). Then open the ‘class3’ (intermediate) certificate and add it in the same way (no need to manually mark this as trusted). Your browser may need to be completely closed an reopened for it to have any effect. For a step by step view see the gallery below…
Adding to Windows (e.g. Edge, IE, Chrome and Opera)
Open the ‘root’ certificate first, then choose to install the certificate (it may prompt for permission) to the ‘Local Machine’ location under the ‘Trusted Root Certification Authorities’ store. Then repeat the process for the ‘class3’ (intermediate) certificate only this time you want the ‘Intermediate Certification Authorities’ store. For a step by step view see the gallery below…
Creating a CAcert account
Phew! Now that’s over with (we’ll be going in to why that is required for CAcert vs. other CA’s in the workshop!) head over to cacert.org to make a new account. This should be self explanatory, just make sure you put your proper full legal name (as shown on government ID) and an e-mail address you can access for verification. Here are few images showing the steps in case for some odd reason you get confused…
Creating a client certificate
You’ll need to create a client certificate to identify yourself to systems such as the one for the Assurers Challenge. This requires a private key and certificate signing request (CSR) to be generated. In the past web browsers could do this on the page itself but sadly this feature has been dropped. So we’ll use the OpenSSL utility to generate them instead.
Luckily macOS and Linux users will likely find this utility already installed, but not so for Windows users! They can instead follow someone else’s guide for getting a pre-built copy of OpenSSL (compiled by ‘Shining Light Productions’) installed on their system… please make sure you follow that last step regarding adding it to your path!
Open a Terminal (or ‘Command Prompt’ for you Windows users) and change to the directory where your web browser downloads files to (e.g. your ‘Downloads’ directory). Then run the following command… DON’T CLOSE your Terminal/Command Prompt when you’re done.
Open your favourite text editor (e.g. Gedit, Kate, Pluma, Notepad, TextEdit, etc…) and open the file ‘client.csr’ which you just created.
Leave that open and now using your web browser go to cacert.org and login using the ‘Password Login’ on the right hand side, then under ‘Client Certificates’ pick ‘New’.
Tick your e-mail address (if you’ve already earned enough points to be assured, you’ll find you can also add your full name too… this allows you to print a certificate off for the Assurer Test – but it’s mostly vanity) and also tick ‘Show advanced options’ so that we can copy & paste the CSR from our text editor into the area called ‘Optional Client CSR’.
Finally accept the ‘CACert Community Agreement’ and press ‘Next’ (BE PATIENT! the next page will load but it’ll take a while!). Finally click ‘Download the certificate in PEM format’ and rename the file that downloads to simply be named ‘client.crt’.
Finally we need to import your client private key and certificate into your OS/browser. The best way to do this is merge them into a single PKCS #12 formatted file first. Back on your Terminal (or Command Prompt) run the below, it’ll ask you for a password (choose wisely and remember it) which you’ll need when importing it later into your OS/Browser…
Once this is created you should keep a copy of this new ‘client.pfx’ file in a safe place and you can delete (checking things like Trash/Bin/Recycle Bin) any files like ‘client.crt’ and ‘client.key’ which were used in its creation.
Importing into Firefox (on any desktop OS)…
Go to Preferences and find the button for ‘View Certificates…’. Under the ‘Your Certificates’ tab use ‘Import…’ select ‘client.pfx’ and enter your secret password. It’s that simple, but here’s some nice pictures just in case…
Importing into Linux (e.g. Chrome and Opera)…
As mentioned before with the root and intermediate certificates, this essentially just covers Chromium based browsers running on Linux (as Firefox is covered above and Linux has no common certificate store).
In your Settings go to ‘Manage certificates’ then under the tab ‘Your certificates’ use the ‘Import’ button, select ‘client.pfx’ and enter your secret password. As ever, here are some handy images to show the steps…
Importing into macOS (e.g. Safari, Chrome, Opera and Edge)…
Just open the ‘client.pfx’ file from your Downloads directory, it’ll prompt you for your normal macOS user password and then afterwards ask for your secret password. At this point it’ll be installed and you can close the ‘Keychain Access’ program, you may need to completely close and re-open your web browser for it to work too. Here are some screen shots…
Importing into Windows (e.g. Edge, IE, Chrome and Opera)
Open the ‘client.pfx’ file from your Downloads folder and follow the default options of installing it for the current user & automatically select the store, just provide your secret password. Screen shots below…
Take the Assurer’s Challenge!
Basically head on over to cats.cacert.org using whichever OS and browser you’ve properly got your root, intermediate and personal client certificate and key installed into. Click ‘Login’ and it should confirm your details. If you included your full name in your client certificate it should show here, otherwise it’ll just be your e-mail address… click ‘Yes’ if it all looks good at the bottom.
In this much anticipated workshop we had one of our regular LUG members Darren go over a topic he knows both professionally and personally, CCTV systems.
The emphasis was on getting the most out of inexpensive hardware and using both in a secure way (especially due to possibility of malware being in the firmware) and intelligent way by pairing it with useful control software.
Also Wi-Fi was covered somewhat as you may be forced to use it for more remote locations you wish to have CCTV. This was in additional to general infrastructure talk when it came to things like switches, point to (multi) point links and Power over Ethernet (Poe).
For anyone interested in using Darren for his professional services, just drop a message on the mailing list and he’ll get in touch directly.
For anyone interested in the slides they are below. Simply extract the ZIP file and you should get a folder with a HTML file you can open (created using remark).
Also a big thanks for some of the guys who popped over from Shropshire LUG, it was great to see people mixing from the other areas. Hopefully a bunch of us will be able to pop by at one of your workshops soon.
So this workshop was to cover the basics of what the OpenStreetMap project is all about, how the data is gathered (and is licensed) and it’s aims. Also covered during the workshop was…
How OSM covers the entire world, stats were given for the number of contributors worldwide.
History of the project, how it came to be and the previous challenges around proprietary mapping systems.
What ‘trap streets’ were, fictitious streets on proprietary mapping systems used to catch out copyright violators.
The humanitarian benefits of OSM in events such as the Haiti Earthquakes in 2010, where there was no adequate map information in existence already.
Detail around the data formats, nodes, ways, areas and relations.
The possibilities for custom tagging, layering, representing multiple storeys etc…
Briefly talked about how the OSM engine could be used to represent fictitious places (e.g. Mordor, J. R. R. Tolkien’s fictional world of Middle-earth)
Talked about the features Google has (history, timeline, 3D buildings etc…) that would be good to implement into OSM.
Discussed the pros and cons of the various mapping tools with the conclusion that OSM has the biggest advantage of being co-operative and has “many eyes” looking to spot mistakes and inconsistencies.
Lastly a demo of how to edit, and discussed the different editors available to use.
Here’s a gallery showing off some of the things looked at during the presentation…
In terms of the main presentation, this was HTML based slides which you can find in the ZIP file below. Just extract the ‘osm_presentation_webpages’ directory from the ZIP and then open ‘index.html’. Your default web browser should take care of the rest without needing the Internet.
Finally these are the rough notes that our presenter Iain used during the meeting, these could be handy if you’re trying to remember the order things were covered. Any images referenced in these notes can be found in the ‘osm_presentation_webpages.zip’ ZIP file (in the ‘src’ directory) above…
It’s Christmas! So it was time to deck out the workshop with at least a bit of tinsel! We weren’t expecting a great number of people (considering the time of year) but we got a nice healthy 11 through the door.
This workshop activity was a little different to the ones that preceded it, and the first of it’s kind… this was a chance to…
Look back to previous workshops this year, add any updates to them… there wasn’t much to say on this except how we might run them again in the future with more/different details.
Bring in gadgets/toys which we can play with play (especially since this time it’s Christmas!). We had a TuxDroid by Kysoh and looked at some DVDs, more on them below…
Lightning talks of 5 to 10 minutes if anyone has anything they’d like to share with the group. This was in an “un-conference” style (like OggCamp), but perhaps the intentional disorganisation got away with us a bit here! It might be an idea to gather some ideas via the mailing list before hand! However there was still plenty of topics and distributions talked about regardless!
Talk about what is planned for the next year including planning new talks and labs that people want to see. More on that below…
This seemed to go very well indeed and I think it was the longest workshop we’ve had since the relaunch. Everyone got into the spirit of things and it was a good group conversation amongst us all. The hope is to do this kind of meeting at the end of every quarter, so the next one should be at the end of March or start of April.
These random 3 things represent some of the changes we’ll be doing to the workshop ready for next year…
A clock, we’ll likely put this somewhere so that the person giving a talk can see it. We’ve been very good so far time wise with our talks, but this may help keep the pace too.
We’ve acquired a pair of 24-port TP-Link gigabit PoE switches. So we should be able to up the 30 PC’s/Phones from those little blue unmanaged 10/100mbps Netgear PoE switches daisy chained to each other. This should help with boot up times as the OS runs from the network. It should also give us some extra PoE enabled cables a the ends of the desks to run things like Raspberry Pi’s from.
A fridge! That’s right, we’ve got sick and tired of carrying in the fridge from IC’s office. So we’ve bought another one! Plenty of place for soft drink cans and that all important “LUG MILK”!
We were also trying to get the TuxDroid working. At the moment we’ve got it all hooked up and it’s capable of saying “Hello” (with its crazed blue eyes flashing and wings flapping) but that’s about it. Unfortunately because the Kysoh company went bankrupt a year after this was launched (2009) the downloads are very hard to find to make it work. However we’ve got a few leads on this and should be able to have our talkative Tux running soon.
There was also the idea floated of potentially having some kind of documentary / film nights. Plenty of great IT and FOSS related films (dramatised or documentary style) that people might be interested in watching and discussing. Brought in two that we had on DVD just to get the idea across a bit.
Some additional ideas for workshops next year included (this is not an exhaustive list and I’m sure we’re missing some, there were many ideas!)…
Equivalents to MS Access
Monitoring (inc. Icinga)
Automation (inc. Ansible)
VMs and Containers (inc. Proxmox VE)
Cryptocurrencies (inc. Bitcoin)
Wine (inc. Crossover, PlayOnLinux & Proton)
Nextcloud (inc. Collabora)
Password Managers (inc. KeePassXC)
And that was it! StaffsLUG wishes you all a very Merry Christmas and a Happy New Year. More great things to come in 2020!
This topic covered what the LAMP stack is followed by a hands on lab actually building 3 production web servers (as there were 3 teams of people) on Virtual Machines where the OS (Debian 10 in this case) had already been pre-installed with minimal packages.
Ultimately, for those unfamiliar, the LAMP stack has been traditionally been made up of (but often people swap bits) these 4 packages which is where it gets that acronym…
The lab covered how to get these all installed and then configure them manually in a way that would mean the web server is capable of serving multiple websites in their own directories, virtual hosts and database for each (if they need one).
A quick look at the colourful whiteboard…
It should go without saying that these VM’s are no longer live so there is little point trying to use these login details now!
The steps followed to do a basic Debian 10 server install though was explained by just showing screenshots of the screens gone through in the installation, most of which you can get away with just hitting enter.
Here are those screenshots though in case anyone wanted a closer look…
Finally the actual “slides” (if you can call them that) for how to get the lab task accomplished… was nothing more than a text file shown on our big TV at size 36pt font! Basically each “slide” is the 14 lines in between each horizontal line. But it worked, these notes also include other things we covered at the end…
At the end we had time for questions where we also went over some of the various free/open source and commercial control panels that can deal with a lot of this for you (but it’s always good to know how it’s done for diagnostic purposes) such as…
The topic is essentially about simulating table top gaming (card games, role playing games, board games, etc…) on to a desktop PC. In our workshop the focus was bringing these ‘in real life games’ to digital platforms with a focus on how you can do that in Linux using a bit of software called VASSAL.
Here’s how we left the whiteboard…
Who plays what?
Why would you choose to play via tabletop?
Social experience, bit of fun, can maintain this aspect of gaming digitally whilst maintaining the unique character of the games.
Reasons to go digital
Distance restrictions and limitations.
Regular group, e.g. weekly games nights.
Experimenting with different options and different strategies.
Vassal is a platform where the most popular modules are things like X-Wing, Advanced Squad Leader as well as…
Traditional games – monopoly, scrabble.
War gaming – games with miniatures.
Card gaming – MTG etc…
Take a look at the full list of VASSAL modules here, there are over 2000 modules in total. Other alternatives to VASSAL are…
Simply playing by e-mail, using MUDs, forums, etc…
During the workshop we had a go at the Scrabble module to get a handle on the basics, then loaded up the Warhammer 40K inspired Vassal40k module.
Lastly took a quick look at the module editor to basically see how all these overlaying bitmaps interact within the game.
The talk for this weeks workshop meeting was presented by LUG member Darren who is known as d72 online and is one of the current maintainers of the Vassal40k module. It is likely a version of this talk will be ran again sometime in the next 6 to 12 months with other games in mind too.
Additionally if you are interested in development of new VASSAL modules, working on VASSAL itself or working to improve existing modules and want to work with other LUG members face to face… then please use the meetings@ mailing list to discuss as there can always be ongoing projects in the background of any workshop meetings.
The talk this week was about setting up a DNS sinkhole. Essentially instead of the machines on your network sending their DNS requests either to your ISPs recursive name server (or to your router which then forwards the request to the same place)… instead setup your own DNS server which forwards these requests on instead, but it has the ability to record and create statistics for the kinds of things seeking to be resolved.
The software used in the lab demonstration was…
Basically we had a number of Raspberry Pi Zero boards in cases powered by PoE (with PoE splitters) and hooked up to USB ethernet adapters scattered around the desks.
Pi-hole can however run on various platforms including VMs and pretty much any distribution or hardware you like. See their website.
The Pi’s had been pre-setup with Raspbian already and just needed the software installing which is largely just done with a one liner (see this page for details)… Please note: this is very case sensitive!
curl -sSL https://install.pi-hole.net | bash
Richard was leading this particular talk as he’d used the software before and was following his own notes which are provided below and were available for people to download on the day… (note: these are largely based on a thread/guide found over in the Linus Tech Tips forum)
So we’ve decided that from now on we’re going to make a little blog post every time there has been a workshop meeting. It may be that these posts get created before the meeting with useful information that you may need before coming along… and then it’ll get updated afterwards.
The point of these isn’t to be a massively long drawn out recap of everything, but mostly to list out roughly what was covered/discussed and share any images/files (e.g. slides, if there was a presentation) that might be of use to people afterwards.
Basically this is mostly to act a reminder for people who came along, show you what you’re missing if you didn’t make it and generally provide nostalgia much later down the road. If you feel we’ve missed something on these posts just shout out in the comments box below.
How the LUG has worked in the past and what we’d like to see change with a relaunch.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.