What are we doing here?

This blog includes a series of videos and references to help new users or enthusiasts better understand how to use open source and free technology tools. The quick links includes more information for accessing many of the tools covered along with other references to learn more for taking advantage of these tools.

Click HERE to see the full list of topics covered!

File Storage and Sharing for Creators in 2024

This article explores the many ways content creators, photographers, videographers, and production companies can leverage open source tools to store, share, and collaborate on their media assets. Different methods can depend on the size the of the team - from a single individual to a multi-national teams - and examine the pluses and minuses of each approach.

A single creator

Creators making and storing large files have a plethora of options available. The most simple is just to copy files onto ones workstation or laptop, edit, and publish. Often this quickly becomes a problem, particularly for individuals working with 4K or even 8K content. For these editors, often the simplest approach is to simply use an external hard drive(s). This approach is perfectly viable, but can quickly become an issue as users fill up more and more hard drives.

Another issue related to scale, is performance. A direct attach drive over USB or USB-C in theory can handle upwards of 10 Gb/s, but larger drives that are still traditional spinning rust (a normal hard drive that spins) will have a max throughput of around 250 Mb/s - 1/4~1/2 the throughput of the interface. NVMe SSDs are available and becoming ever more cost competitive at the 500 GB, 1 TB and 2 TB sizes, but will be noticeably more expensive than traditional hard drives at higher capacities. However, even though external SSDs are performant, they are not redundant - so manual backups will be needed, and the SSDs will eventually wear out. Always make sure data is backed up in some form. Having external drives over time can also be unwieldy with lots of data since the storage per drive cannot be expanded, meaning content creators will often have a pile of drives carefully labeled with different projects potentially getting spread across multiple drives. Essentially sprawl.

The introduction of 8K footage, for production houses and creators is another major issue. 8K footage is truly massive in capacity creating upwards of over 120 GB of content per minute.* An external hard drive or SSD will quickly get filled potentially within a single shoot. Creators need more storage and in a different format to keep up.

Upgrading to a NAS

Network Attached Storage (NAS) is, as the name suggests, storage that is accessible over a network. What it means in practice is users of a subnet (IP range) can access and share files that are located in a single or multiple servers. In Windows land with Active Directory this feature is just the share file feature in the Windows Explorer. Typically when talking about 'a NAS' usually IT administrators refer to a specific server designed with storage in mind that has a drive management, RAID, a file system, and the ability to share the files using a file share protocol. The most common protocols are SMB or Samba (open source compatible SMB), NFS, and AFS. For most in the creator or video production space, SMB will be the primary protocol because it is well sported on Windows, Linux, and macOS environments. Even iPadOS for iPad devices has some support for SMB in the files app.

Moving from a single or multiple external drives to a NAS has several benefits. First most NAS appliances or software projects will have the ability to create a RAID group to span multiple drives together into a single storage pool. This is useful so that multiple hard drives or SSDs can be grouped into a larger total capacity than any single drive would offer, allow projects to all be grouped together in a single master folder. Additionally, RAID will allow for greater performance for reads and writes as it offers more drives and total bandwidth, plus RAID will offer some level of redundancy to help keep data available. Another advantage of using a NAS is that data can be shared across groups, no direct cables need to be plugged in, and everyone on the network can work off a joint project or folder(s). A NAS is always one of the first steps once creators move from a one man operation to a larger group.

CAUTION: RAID is not a back up, and a second pool that is perhaps larger in capacity, but slower in performance is always recommended to back up the data to.

Choosing or building a NAS

The likes of QNAP and Synology, or Asustor offer entry-level NAS appliances which are good first steps. Typically, the entry-level boxes are rather under powered, however, and very limited in terms of how many drives one can use, etc. For non-technical users perhaps an entry-level NAS makes sense, but building one on perhaps old or leftover hardware with new drives can often have more performance - plus reduce e-waste!

Users interested in building a NAS can look at a variety of open source projects, such as TrueNAS, Open Media Vault, Unraid, and more. Personally, I recommend TrueNAS as it is well supported, has a corporation maintaining the project with Enterprise options for larger organizations, and offers an attractive GUI available via a web browser for setting up and managing the drives, creating users and shares. TrueNAS also has a native implementation of the ZFS file system which is extremely robust with built-in RAID support, copy-on-write operations, unlimited snapshots, and almost unlimited scalability - 256 quaddrillion zetabytes. For perspective, that is similar to buying the entire storage market of all hard drives in a year and connecting them all together. ZFS can also be expanded buy adding more RAID groups (called VDEVs) to a pool so storage can always be expanded. ZFS also has a replicate function called 'zfs send' which can send a snapshot(s) of data to a separate pool either on the same or different host quickly. The second pool or the backup pool, can have completely different hardware, different RAID layout, etc., but the ZFS file structure can still operate and be recovered usually in seconds should there be a need. TrueNAS supports all the major NAS protocols, as well as WebDAV for HTTP/HTTPS transfers, and has the ability to expand functionality with 3rd party projects, VMs, Jails (TrueNAS CORE) or containers (TrueNAS SCALE), making the project quite versatile.

For users interested, more information about getting started with TrueNAS is here.

Cross-site and International Collaboration

In 2020, the world was introduced to lockdowns, disease, and working from home gained unheard of traction and interest. The old adage "necessity is the mother of invention" was never truer. Knowledge workers, including in the creative space, were some of the first to move to working from home leading to a major shift in the office paradigm and a boom in laptop sales. File access was suddenly something that needed to be reinvented.

For users connecting remotely, often a NAS will not be the correct choice, or at least not the total solution for a few reasons. Fist, remote workers are remote and on a different network. NAS protocols - the aforementiond SMB, NFS, AFS - are not built for Internet file access. Most NAS protocols expect a constant connection to the files and will create file locks for open documents. HTTP/HTTPS traffic was designed to handle gaps and mulitiple hops - routing between different servers and routers - when accessing files and is thus the preferred protocol for nearly all Internet-based traffic.

Another important reason not to expose a NAS to the Internet is security. Virtually no NAS provider ever recommends a user to expose the system to the Internet as the appliances are built for back end storage work over a LAN. Especially when using some proprietary systems, there is very little to any auditing being done on the system's firmware and base OS code. Examples abound.**

For multi-site, international collaboration, the most secure and reliable way to access files is via the same medium that gave birth to the Internet - a website. Nextcloud is a total collaboration platform for storing, sharing, and creating documents and files. It includes powerful tooling and apps to track notes, create user / team tasks, manage groups and access, create survey forms, and much more. For creators looking to collaborate with other team members, Nextcloud can even mount an local NAS to the platform so that users on the network editing video, sound or image files from the NAS can then share their results via Nextcloud using secure HTTPS without having to copy the collateral to the platform. The platform has robust file versioning, and with customizable logos and an app-based model for enabling different functionality, Nextcloud can be customized to almost any workflow desired.

Nextcloud is installed as a website and can be run with either Apache or NGINX web servers. The project has several ways to install and get started - raw source, bespoke VM images, or Docker images. Since the platform is built around web servers, it can adhere to the most robust TLS/SSL encryption standards that are well established, with additional security that could be added using load balancers and firewalls possible.

More information on getting started with Nextcloud is here.

Putting it all together

For industries dealing with or creating large files, there are a multitude of ways to store, share, and protect data. For individual users, local storage could be enough, but will quickly fill up and become hard to manage. Networked file storage in the form of a NAS system, make storage and file management easier, and also allow for teams of editors to more easily work together. Growing even larger, or for teams spread out across different locations, Nextcloud is a total platform that is both secure and capable not only for file sharing and storage, but also group collaboration.

Ref:
*8K file sizes https://www.signiant.com/resources/tech-article/file-size-growth-bandwidth-conundrum/
** Synology and WD vulnerabilitys: https://www.securityweek.com/western-digital-synology-nas-vulnerabilities-exposed-millions-of-users-files/
** Asustor vulnerabilities: https://www.theverge.com/2022/2/22/22945962/asustor-nas-deadbolt-ransomware-attack
Get TrueNAS: https://www.truenas.com/
Get Nextcloud: https://www.nextcloud.com/

Using Virt-Manager to Create Base VM Images

This topic is something that I've known about in theory, but never realized until the past couple of weeks ago how easy Virt-Manager (the KVM VM management GUI in Linux) makes this process. To anyone needing to test a lot of things in a Linux environment - or any environment really - and doesn't want to use containers, this will hopefully make your life a little bit happier. 

So I've been creating some self-install scripts for Nextcloud and other software - essentially ways to build up a basic Nextcloud instance from scratch with an easy-to-follow guided flow. In building the script if I hit a snag during testing, I would need to tear down the VM and start over. Thankfully, Virt-Manager can create VM clones. Even better it can leverage the base OS! 

 

If you uncheck the storage option, the image will boot just as the base OS image, and a diff partition will be created. This feature is great for testing, and while there is a notice running this way can be dangerous - essentially if the base OS ever changes the clone could get corrupted I imagine - for testing installs and different package combos, this is really nice. 

Essentially, this feature lets one install a base OS once. Create the user account, add sudo access, etc. once. Then shutdown the base OS, clone it with shared storage and start playing. No need to reinstall the OS, no need to worry if something goes sideways. If the test install somehow has issues, just nuke it, make another clone the good base and start over, or test something else. Really nice!

Why not just use containers?

Docker and podman and kubernetes, etc. are all fantastic tools. However, occasionally, having base feature sets like text editors, systemd, cron, etc, are really helpful. Especially if the instance will be running multiple services with different dependencies etc., using a VM makes a lot of sense. 

How to install it? 

I have a longer video way back in 2020 that goes through the concepts, but if using a Debian variety of Linux (Debian, Ubuntu, LinuxMint, PopOS, ZorinOS, MX Linux, etc.), just run the below command. For RedHat distros just swap 'apt' with 'dnf'.

sudo apt install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils virt-manager

Then start the libvirtd service

systemctl enable libvirtd

systemctl start libvirtd

That's all. Virt-Manager will be installed - search for Virtual Machine Manager - and start making VMs!

Using Nextcloud and WebDAV as a backup target

 


This video explores the built-in WebDAV feature of Nextcloud for backing up and sync'ing files from a local client to a Nextcloud instance. There are a couple of reasons why users or organizations may want to implement this feature.

- Nextcloud's own user management makes it very straightforward to separate our different user profiles, authentication, and also data quotas. This means it's very simple to deploy Nextcloud and automate employee data back ups on the network with automated back ups of say 30GB or 100GB per user.

- Using the WebDAV protocol can be more efficient than uploading lots of files to the web interface. 

- The Nextcloud desktop client also perform the same task, and also uses the WebDAV protocol. More information about the client tool is here: https://docs.nextcloud.com/desktop/latest/

 Additional resources:

Object Storage on TrueNAS

 

I wanted to cover the many ways TrueNAS can be used to create and manage object storage. TrueNAS includes Minio S3 object storage out of the box, and the two work very well together. TrueNAS is a scalable, easy way to run and manage ZFS, and Minio is the de-facto way to self host S3 objects. 

Using the standard S3 service in TrueNAS is the quickest way to get setup and running with S3 objects. However, user management, if one wanted to open up remote access to the Minio web console, is a bit more difficult. 

What the video proposes is a couple of ways to silo off and breakdown the S3 service either with a web front end, or simply by making use of jails to host multiple, separate instances of the S3 object storage. 

Here, we'll look more at the details for each option. 

Create a jail to run Minio:

Go to the Jails section on TrueNAS. Create a new jail, give it a name, and set the network as desired - the video showed with DHCP, but static IP addresses are available as well. 

Once created Start the jail. Enter the shell. In the shell type 

pkg update

Accept yes to install.

pkg search minio

pkg install minio-0420....(whatever the current version is provided)

Once installed, make a directory. Could be anywhere, I chose in the /mnt directory of the jail.

mkdir /mnt/miniodata

Start the Minio server with the following

minio server /mnt/miniodata

That will start the service, but if you close the console/terminal screen the service will also terminate. To make this a bit more robust we can run the service with cron. 

Type crontab -e

Insert (defaul is vi, type 'i' to insert, esc to stop inserting, :w to write, :q to exit)

@reboot minio server /mnt/miniodata --console-address=":9090"

Now the service for Minio will start on each boot of the jail, with the console dedicated to run on port 9090 of the jails unique IP address.

Create a web server to run a frontend in a jail: 

To build out a  LAMP (technically a FAMP - FreeBSD, Apache, MySQL, PHP) I followed this excellent guide on Digital Ocean. I did not need the database portion, so that was skipped, though I did install the php-mysqli packages just in case I wanted it in the future. 

Digital Ocean Guide 

Install steps in the jail terminal/shell. 

pkg update -y

pkg install apache24

sysrc apache24_enable="YES"

service apache24 start

Navigate to the jail IP address and check to see if "It works!" appears.

pkg install php81 php81-mysqli mod-php81 php81-simplexml

The php81-simplexml package doesn't come down with the meta package for php81, and this threw me for a couple of hours because it is needed for the AWS PHP S3 plugin we install. 

Initiate PHP with specific settings:

cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini 

Initiate PHP in Apache (you can use either vi or ee as the text editor):

ee /usr/local/etc/apache24/modules.d/001_mod-php.conf

Copy this in the file:

<IfModule dir_module>
    DirectoryIndex index.php index.html
    <FilesMatch "\.php$">
        SetHandler application/x-httpd-php
    </FilesMatch>
    <FilesMatch "\.phps$">
        SetHandler application/x-httpd-php-source
    </FilesMatch>
</IfModule>

Install PHP Composer for the S3 support.

pkg search composer

pkg install php81-composer 

composer require --working-dir=/usr/local/www/apache24 aws/aws-sdk-php

Now all this was to support the POC file I have over on Github. If you want to use it copy it to the jail, or install git in the jail and run a git clone command. Put everything in the /work/src/ folder in the /usr/local/www/apache24/data directory in the jail. Also be sure to modify the S3 endpoint, credentials, bucket and host address to those of the jail's IP and relevant credentials. 

I hope this gives a better overview of using object storage on TrueNAS. It is a really flexible feature, can be plugged into a lot of other environments, or even self-hosted on the TrueNAS itself using jails.

TrueNAS in 2023


 

I haven't had time to look back at TrueNAS in a while. This video is a raw install on a VM to explore the installation and setup of a basic SMB share. I had to scratch my brain a bit to remember some of the options to make some shortcuts. 

Some of the shortcuts that I took are well highlighted in the interface. 

  • First of all I installed on a VM which is not recommended for production. It is known that ZFS doesn't like virtual media, but it is fine for testing and learning the system.
  • Created a stripe pool - I only added one virtual disks because it doesn't matter for virtual medium - but it was nice the UI forces the user to confirm around 3 times before moving forward. 
    • On a standard hardware installation, at least 3 drives - boot and 2 data drives, and more drives can be added to help scale capacity and performance.
  • On the SMB share I didn't add a specific user, but rather just opened it up for anyone to modify. All the ACL flags, and allowing guest access is not great, obviously, for security.
    More information about creating a user to password protect the share is here:
    https://youtu.be/UEiwMIG0W9Q?feature=shared
I am planning to create some more videos about some of the lesser used features with TrueNAS as well as explore some of the newer features that have continued to improve over the past couple of years since I was using TrueNAS regularly.

Choosing a Laptop for Linux

Just sharing some experience I've had using various laptops with the latest Linux builds over the past 5 years.

In 2018 I started using Linux 100% of the time - literally no Windows or MacOS (never used it in the first place). I had a desktop, which I still have and still runs Linux, but I needed a laptop for work. 

I bought a then really cheap Acer S1 which had like a Pentium or Celeron processor and hard 4GB of RAM all soldered on. I thought it was fine as I could just use it for a customer presentation or typing up some things in a coffee shop. After a year, my wife wanted a PC so I gave that to her, and bought something new. Eventually she just didn't use it - preferring her iPad - so that got sold. It was okay up to like 8 browser tabs, but if I didn't have a desktop, I would have gone insane using it. 

As much as I love AMD, I've had issues. I had a Lenovo Ideapad for over a year and normally was great. Started with Linux Mint XFCE and really liked it. After a certain kernel update it didn't work - the screen was rendered completely unusable going from Kernel 5.0 to 5.3. Basically after reporting the issue and just booting to the old kernel each time, I got frustrated and abandoned ship to Fedora. That was great, but suddenly after about a year it started suddenly freezing randomly. After 6 weeks of this, I was writing an important email to a customer []7+complaining about something, and it froze. The laptop and the laptop stand suffered severe dents (punching laptops is not good for their health), and eventually I realized the second RAM slot (the only RAM slot that was removable and upgradeable) was rendered unusable - so only 4GB of onboard RAM to use.

That was donated to a school later....

I tried the Microsoft Surface Laptop Go for a while and it worked pretty well. The battery life on that is poor, but the heat management is bad on Linux, likely worse on Windows. I got a good deal so moved to it, but the performance was always hampered due to heat issues. This has turned into a Windows 11 PC for my wife who claims she needs it, I've not noticed using it.

A few months ago I bought a used Thinkpad X280 with an 8th gen Core i7, 16GB RAM, and and removable M.2 SSD. I messed up the screen - it's a poor 1360x768 px - but I normally connect to a larger monitor that's 1080P. This is the best laptop I've had. Build quality, keyboard, and just reliability. With PopOS it runs great, and Pop will even help show firmware updates for the system and install them with a reboot from the UI <-- something I never thought was possible in Linux. It cost less than USD300, and while it's maybe not the latest and greatest, it makes up for it by being reliable, good build quality, and strong Linux support.

Lessons learned. Older hardware is where Linux is developed, and is the better choice. Intel seems to be the better option long term - though this is not an absolute truth. Focus more on the build quality than the specs - unless you are building kernels, build quality will be more worthwhile than the exact Geekbench score for most use cases. Also consider heat management - make sure the model has vents, etc. Finally remember that Lenovo Ideapads are not Thinkpads <-- build quality, and general use by the Linux community (IBM invented Thinkpads and owns RedHat.....).

Connecting new Docker Containers to an Existing Docker Compose

Docker is amazing, but it has it's own way of handling things. 

Docker-Compose is amazing and it to needs to be used the right way. 

This post is about explaining how to attach new containers to existing containers already set up via docker-compose. 

Background:

Docker-Compose, when it brings up a bunch of containers or 'services' puts all of them in the same network with a common subnet and DNS so each service can talk to one-another based on the service name. 

Example:

mongodb://root:mongopwd@mongo:27017/

The 'mongo' in that line is the service name, and to connect say Mongo-Express to that container we can simply call the service name. Without the DNS component of the networking layer, we would need to know the specific IP of the container to connect. The 27017 is the port which is the default for MongoDB. 

Normally with Docker-Compose all the services or containers that run within the config file - normally docker-comopose.yml - will be given their own subnet and DNS to operate so they can just talk to one-another based on the service name. 

Example:

version: '3.1'

services:

  mongo:
    image: mongo
    container_name: mongodb
    restart: unless-stopped
    environment:
      MONGO_INITDB_ROOT_USERNAME: root
      MONGO_INITDB_ROOT_PASSWORD: mongopwd

  websvr:
    build: ./work
    container_name: web4mongo
    restart: unless-stopped
    volumes:
      - ./work/src:/var/www/html
    ports:
      - 80:80
    links:
      - mongo
    depends_on:
      - mongo

The services are denoted using indentation, and shown as 'mongo' and 'websvr'. Those two can than talk to one-another using 'mongo' or 'websvr' rather than the IP address of each individual container. This is really powerful since it makes the networking portion more easily understood, and also more easily repeatable since containers brought up on one system may get assigned different IP ranges than say on a different system. From a code perspective, just call the service name each time and all of that is handled. 

Adding another container:

However say we want to add a container. Often you need to adjust the docker-compose config, stop / remove the containers, and restart them. If the containers are removed and don't have a mapped volume to store the data already created, than the data could be lost. 

Less than ideal. 

However, with Docker you can map new containers to the network!

First find the network. Run 'docker network list'

 NETWORK ID     NAME                                DRIVER    SCOPE
50711*******   bridge                                bridge    local
ca9cc
*******   host                                  host      local
118ef
*******   lamp_default                          bridge    local
1887b
*******   local-debug_default                   bridge    local
9299d
*******   none                                  null      local
06023
*******   ournoteorganizer_default              bridge    local
186fc
*******   phps3object_default                   bridge    local
2209e
*******   wordpress_default                     bridge    local

An output like the above may be what you see depending on the number of Docker instances you are running or have setup. This gives us the network names which we can use to attach a new container in the network. 

For this example we are adding a Mongo Express which is a web-based graphical UI that helps see and interact with a MongoDB database more easily. It's not necessary and should be disabled (docker stop mongo-express) when not used, but it is clearer, and possibly faster than running through all the mongosh commands.

Here is what we run:

sudo docker run --name=mongoex -p=8082:8081 \
--network=ournoteorganizer_default \
-e ME_CONFIG_MONGODB_ADMINUSERNAME=root \
-e ME_CONFIG_MONGODB_ADMINPASSWORD=mongopwd \
-e ME_CONFIG_MONGODB_URL=mongodb://root:mongopwd@mongo:27017/\
mongo-express

We create the new container using the run command, give it a name, define the port mapping between the host and the container, then assign it to the same network as the the original Docker-Compose group of containers - placing it in the same subnet and DNS / user space. Then we assign the necessary environment varilables to match the existing ones shown in the previous docker-compose.yml file. Finally specific the Docker image as mongo-express. 

This worked a treat for me since I had commented out Mongo Express in my pusblished OurNoteOrganizer application due to security concerns. Now I have a Mongo Express container I can call up when I need it or turn it off when I don't. 

Start: sudo docker start mongoex

Stop: sudo docker stop mongoex

Docker Compose is amazingly powerful, but understanding how it works is important to take full advantage of it. Knowing that it is essentially an automated networking stack + container creation makes it possible to work with without having to destroy containers and possibly lose information.

Ada & Zangemann


Ada & Zangemann is a book by Matthias Kirschner and Sandra Brandstatter that extols the benefits, fun, and importance of software freedom. A fun read for kids, it strives to instill a passion for inventing and tech into kids, and also has an important lesson for adults not to rely on any one person or organization for all their software needs. 

The premise of the story is around the juxtaposition of Ada - a bright girl without the means to afford many of the fancy tech most other families have - and Zangemann - the inventor of said tech. Through necessity, Ada tinkers with broken gadgets and old bicycles to give them a new life and make up for her lack of fancy skateboards and ice cream machines that other children have. In her drive to build the solutions she wants and needs, Ada finds her passion for problem solving, and hardware and software development. 

Zangemann, who is designed with an obvious reference to other high-tech oligarchs, is trapped by his own idiosyncrasies. He tends to go overboard in locking down devices to do only the things he wants to do - like his ice cream flavor of the day rather than letting people choose which flavor they want. He designs the products he likes, but wants them to be used in ways that only he deems appropriate. Obviously, the book is a bit over-the-top in some of the things Zangemann imposes on people, such as the iron that can't iron ties because Zangemann hates ties. That said many of the examples are probably more benign than the data and privacy society has given up to much of the tech giants of the world.

As the story progresses, Ada with her friends become more and more interested in tinkering with inventions and modding the many inventions that Zangemann sells. Zangemann becomes angry about the mods, and tries to get the government to step in and create laws to stop it. Ada and her friends, with the help of family protest, and over time end up not merely overturning the law, but also helping the government by creating new software without the limitations of the Zangemann tech. The government in the story saw the power Zangemann had over them with his digital monopoly, and our hero, Ada, was able to help out with her skills.

The story is a fun, inspiring adventure that I can relate to quite well. I want to be Ada! The political side is important as well, and speaks to the work Matthias Kirschner does as his day job as the President of the Free Software Foundation Europe (FSFE). This blog is really just designed to be a free resource to help people get off the ground and start learning about software, and honestly very little to none of the knowledge that I've learned would have been possible without free and open source software.

Ada & Zangemann is an approachable read that children and politicians alike can understand and hopefully take away some insight into the value of software freedom. Similar to this blog detailing my own experience learning about free tools and writing code, catching that feeling of "wow I built this" is incredibly important for young children. Free and open source code help enable the education, either in the classroom or self-taught, for those just getting started with technical development.

Free tools are resources that are essential for enabling more people to learn and develop new skills. It's very hard for many, myself included, to justify spending money on tools and software when I may not end up using it, or decide it's too difficult to learn, or I lose interest in something. However, if the tools are free, then one can use them and start to learn and develop one's skills further. If the tools are open source, then there is an even greater benefit because the code is more likely to have been peer reviewed, and more people can contribute so the project can become more permanent. Closed-source tools can always be stopped if the maintainer can no longer support the project. Open source is something that can always be maintained.

Ada & Zangemann has a political bent to it, but it is not wrong. Free software and open source are important and honestly need to be protected. This story helps spread that message in an approachable way, and I think is definitely worth a read for both kids and adults. After reading it with my son, he immediately started planning what he wanted to invent.

More info about the story can be found here: https://fsfe.org/activities/ada-zangemann/index.en.html


PHP with S3

 


This blog and video runs through getting started with PHP and S3. The subsequent code is all open source in the GitHub page located at the below link.

https://github.com/JoeMrCoffee/yourS3objects

Previously we looked at MinIO using it's console and UI, as well as quick set up in docker. This is a slightly more advanced look at interacting with object storage from a programmatic standpoint. 

PHP has an open SDK to tie in with S3 object storage that is provided by AWS. The video, as well as the source code in GitHub installs the SDK as part of the Docker bring up and build. This is done in the Dockerfile, and is very similar to installing the MongoDB packs required to make a PHP connection to a MongoDB database. 

From the code all the connection information to the S3 object store is in the 'header.php' file. If one wanted to use this site, or just its source code, they could also adjust the endpoint to the appropriate values. The 'header.php' file gets included in all the subsequent pages using the PHP include command, so everything else will follow the values in the header.php file.

The video talks a bit about the usefulness of the site. I developed it mostly as a reference for how the SDK could be used, but the actual site might be useful as a quick way for teams to just store and manage files in a particular bucket that only the admin or host could adjust.

Some more useful reference is below:

The 'sed' command in Linux

So I am building a new project involving PHP and S3 object storage, and as part of the solution I am looking at adjusting some of the defaults in the PHP configuration. This is not too hard to do with interactive commands, but a bit more complex when scripting the solution in a Dockerfile for automated install.

First hurdle: The docker image doesn't have a text editor. No nano, no vi, no nothing. This is actually a security measure. The general rule with containers is to make them as small as possible to keep the images small, but also improve security - the less on the server, the less can go wrong or get used the wrong way.

Second hurdle: Replacing a couple of lines of text in the php.ini file. 

Here is where 'sed' comes in.

When learning how to pipe or append data to a file I've often used | tee, or > or >> to send data to a file. 

Example:

$echo "some random text" > test.txt

That would create a file called test.txt with the 'some random text' as the content of the file. 

To append you can use the >> flag. Building on the previous example:

$echo "some more random text" >> test.txt

This adds to the file like below. 

some random text
some more random text

That is all fine, and works in the PHP containers from Docker Hub. However, if one uses the example php.ini files - php.ini-development or php.ini-production some of the values are written already. 

Here is where the 'sed' command can be employed. 

We have a very long config file with a bunch of comments and several settings that PHP can use to overwrite or adjust the defaults. In my case I want to change the default upload file size from 2M to something larger. With a text editor it is pretty easy to just search for that line and change it. To do this automatically, 'sed' is perfect. 

The syntax for substituting a line of text with sed is as below:

sed 's/<original text>/<replacement text>/' <file to change>

An example, if a file has the phrase 'some random text' we can change the sed output to 'some more text' with the below command.

sed 's/random/more/' filename

The output would be 'some more text'. 

IMPORTANT: 'sed' just changes the output, but it does not change the information in the file. To insert the changes to the file use the '-i' flag.

For example, if I wish to permanently replace the word 'random' with the word 'more', I would change the previous command to something like the following:

sed -i 's/random/more/' filename

This is a super useful command that honestly doesn't get a lot of attention, at least not in my decade plus of putzing around with Linux. Again really useful for scripting and I should have an example build in another couple of weeks.