Completed the user administration Intranet pages, adding the admin change password section which, as expected, didn't take long. Then decided it was time to get the system into a Subversion repository and up to the Johnson Gardner (now Johnson Reid) server. That all went fairly smoothly. Then spent time writing up some user documentation on how to get Firefox 3 to accept a self-signed SSL certificate. As has been mentioned elsewhere across the Internet (e.g., at Royal Pingdom), the new procedure for accepting a self-signed cert has become somewhat more involved. After that was done, set up the relevant secure pages on the Johnson Reid site and went "live" with the new site revision (available here). The basic design of the site has not changed, but I did eliminate most of the rollover images, replacing them with CSS, and changed the font scaling to use relative font sizes with font-size: Xem; instead of using pt (a good explanation here). That made it possible to more easily add the font scaling function (upper-right corner). Some work still needs to be done on the new logo, but I needed the site up and running before I move the email server back over to qmail from Postfix.

Also wrote a small, simple script for the host system to transfer the user configuration data from the webserver to the ldap jail whenever an update has been recorded.

After I recovered from our late night out last night, I spent the rest of the day focused on the email alias management system. As I had expected, it was somewhat more complicated than the other sections had been. But for once it wasn't due to HTML annoyances, making it much more enjoyable work. By the end of the day, had a system in place that looks like it will be simple for the users, yet provide all of the benefits of a complete aliasing system. Of course, as will all things, we'll see how well it works for the users.

Up early this morning to take Celeste to the airport. We left at 5:00 am and were there in about 15 minutes. What a difference compared to the amount of time it took us to get to Logan in Boston. Then it was home and back to sleep for an hour before Devon had to get up for work. After she left, I didn't sleep well, not getting back to sleep until well after 8:00. Of course, then I slept until 10:00, which made me groggy for the rest of the morning.

I did manage to finish the "Remove user" section of the Johnson Gardner user management page, and moved on to the "Alias management"---that will be a lot more work.

To Marisa and Matt's for dinner. Had a great time---food was excellent, as well as the conversation, and Devon's ice cream and cookies went over well. They were both turned out really well.

After spending the last three days working on DNS, PF, and VPN, had to get back to work on the Johnson Gardner user administration tools today. Didn't make it very far, even though I seemed to put a lot of time into it. Managed to finished the "Add user" section. I should have made it through the "Remove user" section as well, but I spent a lot of time cleaning up code and redesigning the front page. Will get to that tomorrow---it shouldn't take too long. It will then be on to the "Mail alias management" and "Change user password" sections. The latter shouldn't take long, but the managing aliases could be complicated.

Went to dinner at Peking Dynasty (someone's Flickr image of the classic Chinese restaurant sign) tonight for Celeste's last night here. She flies out early tomorrow. The place was recommended to us by Marisa and Matt, and it was certainly worth a visit. The only thing we weren't crazy for was the Crab Rangoon, which was a bit overdone and not too flavorful. My Szechuan Pork was excellent, as were the egg rolls. And, as all Chinese restaurants should be, it was cheap.

When we got home, Devon made strawberry buttermilk black pepper ice cream and double chocolate cookies for our dinner at Marisa and Matts tomorrow.

Spent the day dealing with VPN and PF. Seems my changes to the firewall were preventing access to internal servers (namely, the file server) when users were connected via VPN. Unfortunately, that meant I had to spend a good deal of time in Microsoft Windows while I debugged the settings. In the process, discovered that the newest version of the Windows OpenVPN client, 2.1_rc9, was not behaving the same as the older, rc_7 version I originally tested. Seems that even under the old PF ruleset internal servers were inaccessible with rc_9. Probably something to do with the networking changes mentioned in the change log. In the end, the only way that I could reliably get the Windows machines to connect to the file server was to enable push "redirect-gateway" in openvpn.conf. Not an optimal solution, as mentioned in the configuration file:

# If enabled, this directive will configure all clients to redirect
# their default network gateway through the VPN, causing all IP
# traffic such as web browsing and and DNS lookups to go through the
# VPN (The OpenVPN server machine may need to NAT the TUN/TAP
# interface to the internet in order for this to work properly).
# CAVEAT: May break client's network config if client's local DHCP
# server packets get routed through the tunnel.  Solution: make sure
# client's local DHCP server is reachable via a more specific route
# than the default route of 0.0.0.0/0.0.0.0.
push "redirect-gateway"

It was Devon's first official day of work today at Northstar. She says it went well, but she's exhausted.

Up early and to the BMV to get new Ohio license plates and title for the car. It was not my idea of a good time, but it was actually fairly painless (and surprisingly organized and efficient) and we were out of there in less than an hour. Next week we plan to head back to take our test so that we can get new licenses. Neither of us have read the book yet, so though it better to put it off until we had.

On to Credit Union of Ohio to set up an account; or, rather, two accounts. That took some time, but it was straight forward enough. Hopefully, a credit union will provide somewhat better service that the banks seem to these days.

Later on, got the remaining DNS issues taken care of, I hope, then moved on to my firewall. Decided I needed to take better advantage of macros in my PF configuration, since the setup was beginning to get more complicated. In the end, I found myself completely rewriting the firewall rules to take advantages of some features that I was unfamiliar with. Peter Hansteen's online book provided many useful examples. The new configuration was pretty much complete and running by the end of the night. Also copied the configuration up to the JG server, which has a very similar setup to mine.

Spent the whole day fooling with DNS issues. Turns out my internal DNS configuration has been wrong for some time. I discovered the issue when I found that I was unable to resolve local hostnames while logged into the server. Not sure why I hadn't checked that earlier. I was able to get the issue taken care of after many hours of bothering Tim over IRC. I probably wouldn't have had nearly as much trouble if I had some better knowledge of DNS and how it worked. I understand the basic concepts well enough, it's just familiarity with details that I am lacking---and I don't have much desire to read through the RFCs.

Went for a run in the evening. I am finally starting to feel better. It was actually a bit humid today---I wonder if that would have helped my running. I've always thought it was a hindrance, was I wrong?

Up to OSU this morning for an appointment at 8:30 am. Instead of walking, decided to ride my bike. It only took about 10 minutes to get there, and was an easy ride. May need to consider this a regular form of transportation. But before I do that, I need to see about getting a new seat. The one I have is narrow, hard, and very uncomfortable. Need something softer for my old rear-end. Got home around 10:30.

Spent much of the day working more on the user admin portion of the Johnson Gardner site. Uploaded to their server at the end of the day just to make sure everything transferred well. And it did.

Also, while browsing the web for something completely unrelated, ran across this page describing the use and purpose of the ~/.dmrc file. Of particular interest to me was this line: Language=cs_CZ.UTF-8, which obviously shows a language encoding setting. Since setting up Unicode support on my desktop last month (July 10, 12), I have still faced an annoying problem with Xterm and urxvt: they continue to refuse to display Unicode characters at startup and, instead, only function properly when I start a terminal instance inside another terminal. A quick search of the GDM documentation brings me to this page, which explains why this was happening: the changes I had made to other GDM config files were being overridden by the ~/.dmrc file in my home directory. The problems went away when I added the proper Language parameter to the config in my home directory.

# cat ~/.dmrc

[Desktop]
Language=en_US.UTF-8
Session=XFce4

I emailed WOW yesterday (or, rather, filled out a web form) to ask them why I was only receiving half of the advertised upload speed for my account. Found the reply today in my www.wowway.net email account (which, by the way, has the worst webmail interface I have every seen).

Thank you for contacting WOW! Internet, Cable and Phone,
 
The upload speed for your package is up to 512 kbps.  How are you 
testing your upload speed?  I would suggest using the WOW! speed test 
located at http://speed.col.wideopenwest.com to verify how fast you 
are able to upload. 
 
Thank you,
 
< employee name and ID withheld >
Tech Support
WOW! Internet, Cable, and Phone

I headed over to they suggested only to find this:

I tried Opera and, not surprisingly, got the same results. Clicking on the "Click here to download" plugin installer simply resulted in another error saying that the application/x-java-vm plugin couldn't be located. I had thought Java was correctly installed on my system---apparently not. But the real question is: why do so many companies have to rely on such "technologies"? Wouldn't things be a lot simpler for everyone if they stuck to standards? Since I really wanted to get to the bottom of my problems, and really didn't feel like fighting with Java, decided to reboot to Microsoft Windows.

As it turns out, the speed test plugin was simply a front-end for DSL Reports---it wasn't a WOW application at all. Ran the test and got the same results as I had been getting from Speakeasy (which had been recommended by the tech who installed our service) and www.speedtest.net. Wrote the following back:

Hello, thank you for your reply. I was using www.speedtest.net, which
returns nearly identical results as the page you suggested.

I ran the test you suggested twice at around 1 pm, here are the results:

Test 1: 4839kbps/290kbps
Test 2: 4823kbps/292kbps

As you can see, my upstream is significantly lower than 512kbps.

Hopefully, this will be enough info to get them to look at the issue.

More work on the auto-responder forms today. Turned out to be more work that it needed to be. Getting a minimal level of functionality was quite easily done in an hour or so, but getting the system to work consistently with whatever users threw at it was a bit more difficult. Mostly, it came down to escaping special characters and stripping out HTML and JavaScript (not that the users would include those, but it's always a good to be on the safe side). At the end of the day, discovered that a different part of the admin system was stripping out the auto-response settings contained in the user config. Will have to investigate that tomorrow.

Also spent a good portion of the day helping Devon get organized for her baking day tomorrow. She has to put together a cake for a well-known, local Jazz guitarist, so thought it would be neat to do a Jazz themed cake. Hope it turns out.

Running again in the afternoon. Felt a bit better, doing my route in a minute less than last time, but still not at 100%. I wonder what's wrong with me. I never thought two weeks off would have affected my conditioning to such an extent.

I stayed busy all day today, focusing on getting some elements of the user administration site completed for Johnson Gardner, though it doesn't seem that I got all that much accomplished. Much of my time was spent working on an auto-responder for their mail system. The software I am using, qmail-autoresponder, was quite easy to set up and use, but getting a front-end web interface that deals with the quirks of INI file syntax, HTML, and Tidy gracefully and transparently was a bit more difficult. In the end, the system worked, though I still have a problem with retaining newlines in the message text. Seems they get lost somewhere between the config file that contains the message and the web page. I suspect it's some issue with the ConfigParser module.

Also made some progress on a few small tasks that I had been neglecting. I removed the "Crichton's Health" monitor on the weblog. Since the site is now remotely hosted, the monitor was only being updated once a day. I will have to look into doing something locally. I also managed to move some of my Subversion repositories to a new location on the server. That was as easy as moving the directores (preserving the permissions) and then running the following on each client:

svn switch --relocate svn+ssh://skepsi.net/old/path/to/repo \
          svn+ssh://pilot.skepsi.net/new/path/to/repo

Tried the new phones out today in an actual conversation. I was surprised---the call quality was much better than I expected (not to say it was wonderful, but it wasn't much worse than our Motorola E815s). I still don't like the screen, but I think we can live with them until something better comes along.