Background

I currently have a primary residence near Seattle, WA and a vacation home in Provo, UT — both of which are protected by alarm systems and monitored by local alarm monitoring companies. In Seattle, I’ve used Fire Protection Inc since 2003. In Provo, I’ve used Mountain West Security since 2005. FPI charges $29.99 per month and MWS charges $24.95 a month.

Recently, however, I’ve discovered a number of alarm monitoring alternatives that offer comparable UL-listed alarm monitoring services for much less. After reading some reviews (and some more reviews) and checking out the websites of a few of the companies, I decided to use SafeMart, which offers the same service as both my existing providers for $8.95 per month. Initially, I was tempted to use AlarmMonitoringService.com, which offers UL-listed alarm monitoring for only $5.95 per month. However, after phoning both companies and asking some questions, it turns out that AMS charges an additional $5 per month if you want to set up a daily test transmission from your alarm system — which I do. SafeMart includes that service in their $8.95 plan, so they’re my choice. Now, all I have to do is cancel my current providers. That should be pretty easy, right?

Monday December 19, 2011

At around 7PM I phoned the FPI and MWS office numbers. In both cases, the calls were forwarded to their respective monitoring stations and I was instructed to call back during business hours to speak with customer service. No big surprise there. I hadn’t really expected their customer service reps to be available after business hours, but there’s no harm in trying.

Tuesday December 20, 2011

At 8:05AM, I called Fire Protection Inc. Seattle’s office number. The receptionist, Ashley, was friendly, even after I explained that I was calling to cancel my service. She looked up my account, and informed me that my original contract was signed in 2003 and ended in 2008, after which it converted to an auto-renewing annual contract that now extended through July 2012. I told her that I thought the contract went month-to-month after the initial term, but she informed me that wasn’t the case. I asked if it was possible to terminate my contract early, and Ashley replied that it was “up to the discretion of the cancellation department.” She then confirmed that I was paying quarterly via an automatic credit card charge, and that my account was paid through the end of 2011. The friendly receptionist said I could request an early termination via letter, email, or fax. I opted for email, and sent this one to her at 8:14AM:

Sent: Tuesday, December 20, 2011 8:14 AM
Subject: Monitoring Cancellation Request

Good morning,

The purpose of this email is to request cancellation of my alarm monitoring service as of 1/1/2012. My account number is XXXXXXX, which has been in good standing with you since 2003 and is paid through the end of this year.

This email also serves as immediate de-authorization to bill my credit card on file.

Please feel free to contact me with any questions or concerns.

Best regards,

Steve Jenkins

I’m hoping that FPI’s “cancellation department” uses their discretion in my favor. However, I’d be lying if I said my spider sense wasn’t tingling a bit and telling me that maybe it’s not going to be that simple. I hope I’m mistaken.

Next, I called Mountain West Security. Their receptionist, Lucy, was also very friendly. After looking up my account number, Lucy informed me that my initial contract from 2005 was complete and that I was now on month-to-month service. She said they simply require 30 days written notice for cancellation, which I could do via email. So at 8:18AM, I emailed this to Lucy:

Sent: Tuesday, December 20, 2011 8:18 AM
Subject: Monitoring Cancellation Request

Good morning,

The purpose of this email is to request cancellation of my alarm monitoring service at XXXXXXX in Provo, effective January 20, 2012.

Please feel free to contact me with any questions or concerns.

Best regards,

Steve Jenkins

At 8:45AM, my phone rang. It was Mike Dibble, owner of Mountain West Security. He said they had received my email, and that because I had been a long-time customer he wanted to call and ask if there was anything they could do to keep my business. I told him that I was simply looking for a less expensive option, and told him I was planning to use SafeMart for $8.95 a month. He politely apologized that he was unable to match that (Mike has a British accent, so pretty much everything he said sounded polite), and again thanked me for my long-time business, assured me they’d cancel my service on January 20th as requested, and wished me well.

At 10:35AM, I received the following reply to my email to FPI:

Thank you Steve, I will forward this along to the cancelation department for review.

Please call me with any questions
Thank You,
Ashley Ward

At 5:23PM, FPI’s owner left comment #1 on this article (thanks, Roy!). I posted comment #2.

Thursday December 22, 2011

At 11:45AM, my cell phone rang. The caller ID was blocked, and I usually don’t answer blocked calls, but I was glad that I did this time because it was a lady from FPI Seattle informing me that my monitoring service would be cancelled as of 12/31/11.

I have to admit to being pleasantly surprised, as it was far easier to cancel things with both FPI and MWS than I initially thought. Of course, the cynical journalistic side of me would wonder if maybe FPI couldn’t find my original contract, or if perhaps I never signed their version of an original contract because my original contract was through Madison Audio, who transferred my account to FPI years ago after going out of business, or maybe they just decided it wasn’t worth the hassle.

The less cynical side of me, however, thinks that it’s more probably more likely that both owners of Mountain West Security in Utah and Fire Protection Seattle simply decided that if a customer didn’t want to be with them any more, for whatever reason, that’s fine. And perhaps they both realized that by letting a customer leave easily, it keeps the door open wider for them to possibly return.

Or maybe it was just a Festivus Miracle, one day early.

Whatever the case, I’ll be writing a separate blog post on my experiences with getting set up with the new monitoring company.

No related posts.

CheatCodes.com Mobile

Just in time for the holidays, CheatCodes.com has launched a mobile-optimized version of their video game cheats website.

As with the mobile versions of many other popular sites (such as Facebook and Google), you can access the mobile version of the website by putting an “m” in front of the address:

http://m.cheatcodes.com/

If you’re not on a mobile device when you try to visit that link, it will redirect you to the full version of the site.

As an added bonus, our Print Cheats function now includes a QR code at the top of the first printed page. You can scan it with your mobile device to automatically visit the cheats page for that game. Here’s an example:

http://cheatcodes.com/print/call-of-duty-black-ops-xbox-360-cheats/

With CheatCodes.com Mobile, now you don’t have to leave your game console to look up all your favorite cheats, hints, achievements, and unlocks. Check it out and let us know what you think!

Related posts:

1. Halo Reach Cheats and Achievements
2. Red Dead Redemption Cheats for Xbox 360 and PS3
3. CheatCC Cheat Code Central

We have three gas fireplaces in our house — two of which weren’t working. The repairs were straightforward and inexpensive (especially since I did them myself): the living room fireplace needed a new thermopile millivolt generator (and I threw in a new thermocouple while I was in there anyway), and the entry fireplace just needed some wall switch rewiring. But who wants to have to hit a wall switch to turn on a fireplace?

Enter Skytech Systems — purveyors of fine wireless control kits for gas fireplaces. I set my sights on the grand-daddy of their current line-up: the SKY-5310. The 5310 is a back-lit LCD touchscreen remote transmitter that allows you to control your gas fireplace within 20 feet, although my testing worked at more than double that distance. Unlike a standard infrared TV remote, the Skytech 5310 transmits via RF (radio frequency), meaning you don’t need to point the remote at the fireplace, nor do you need direct line of sight for it to work. The remote runs on four AAA batteries (included) and has 1,048,576 security codes, meaning the chances are slim that an unintended RF transmitter will start your fireplace unexpectedly.

Installing the SKY-5310 was easy. I plugged a two-prong 110V AC receiver unit plugged in to the outlet box behind the access panel of my fireplace (most modern gas fireplaces have these outlets already installed), then connected the two red lead wires on the receiver (which were already terminated with piggyback spade connectors) to the TH terminals on my gas valve. It literally took me longer to unpack the box than it did to install everything.

After installing the included batteries in the remote, I was ready to light things up. A simple touch on the top section of the LCD screen and my fireplace delivered that satisfying “whoomph” of gas igniting safely. The touch screen interface was simple (you can try a demo of it here), with basic functions of ON, THERMOFF, and OFF. The ON and OFF are obvious. THERMOFF mode will automatically turn off your fireplace if the thermostat inside the remote reaches a user-selected temperature, and then turn the fireplace back on again when the temperature drops below that preset. Essentially, this allows your remote to act just like a furnace thermostat.

With the unit in the ON or THERMOFF mode, you can also enable a countdown timer from anywhere to 15 minutes to 9 hours, so that your fireplace automatically turns off when the timer reaches zero, regardless of the temperature settings.

On-screen icons tell you when the remote thinks the fireplace is lit (a good safety idea) and when you need to replace batteries. You can also enable a child safety lock-out feature, so junior doesn’t accidentally start your fire while you’re watching Dr. Phil.

MSRP for the Skytech 5310 is $254.99, but you can find them easily for around $190 at many online retailers. Since I was buying three of them, I was able to get them for slightly less.

Bottom line: these units are admittedly more expensive than some simpler fireplace remotes out there (and Skytech themselves actually make some of those less expensive units). But if you’re the kind of caveman that likes to “make fire” in the most technologically advanced way possible, the Skytech 5310 is for you. It sure beats rubbing sticks together.

Related posts:

1. Product Review: ecobee Smart Thermostat
2. Product Review: Sig Sauer STL-300J STOPLITE Tactical Light
3. Product Review: ZQuiet Anti Snoring Mouthpiece

Even if you’re the most contentious hax0r who always backs up your data, if your backups are stored in the same physical location as the source data, then your data is still ”waiting to be lost” in the event of a fire, flood, theft, or other disaster. By combining Amazon’s low-priced S3 (Simple Storage Solution) Cloud-based storage solution with some excellent some open source backup tools, you can now be more prepared than ever without spending a fortune.

This how-to demonstrates how I combined the following tools to automate my off-site backups:

• Amazon S3: cheap, secure, redundant, off-site storage service
• AutoMySQLBackup: free software to create backups of MySQL databases
• Duplicity: free software that does smart backups to remote locations
• GPG: allows encryption and signing of data for privacy
• dt-s3-backup.sh: a slick shell script that ties all these tools together

Step 1: Set up your Amazon S3 Storage Bucket

I won’t walk through all the steps to do this, as Amazon makes it easy. Just sign up for their S3 service (you only pay for what you use), sign in, find the Security Credentials page and take note of your Access Key ID and your Secret Access Key. You’ll need them later. You should also set up an S3 Bucket to store your backups. Write down the name of your bucket for use in a later step.

Step 2: Download AutoMySQLBackup (optional)

If you don’t have any MySQL databases to back up, or you have your own preferred method of backup in your databases, you can skip this step. AutoMySQLBackup is a free utility that quickly and easily create dumps of your MySQL data – which we’ll back up to Amazon S3 in a later step.

Download AutoMySQLBackup from SourceForge and run the simple install.sh script to set it up. I followed this excellent blog post to help me get AutoMySQLBackup configured and working. I had to make a few minor changes because I’m using a more current version of AutoMySQLBackup and some of the variable names in the config file were different, but it’s pretty straightforward. Once you’ve got it backing up your databases, you’re ready to move on.

Step 3: Download and Install Duplicity

Duplicity is the program that does most of the heavy lifting in this situation. It manages the actual file backup (full or incremental), compression, encryption, and the file transfer to any number of off-site storage locations. Lots of documentation is available online, in case your needs differ from the ones explained here. As always, Google is your friend.

To install Duplicity if you’re running Fedora, RHEL, or CentOS, it’s as simple as doing:

yum install duplicity

For Ubuntu or Debian users, do:

apt-get duplicity

If you’re running some other flavor of Linux, refer to the Duplicity website for help installing.

Step 4: Create a GPG Key for Backups

Because you’re going to be transferring your precious data over the Internet, and storing it in an off-site location that shouldn’t be, but still technically could be, accessed by snooping Amazon employees or hackers, it’s best to encrypt your data before sending it… “to the CLOUD!” Seriously, those commercials are so annoying.

Even if you already have a GPG key, I recommend creating a separate one just for backups (which we’ll also store in a secure location later so you’re never stuck without the ability to decrypt your data later). Do:

gpg --gen-key

You can accept all the defaults, but make sure you use a passphrase when creating this key, since Duplicity will require it. After you’ve answered all the questions, the output should look something like this:

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.++++++++++++++++++++..+++++++++++++++++++++++++++++++++++++++++++++++++++++++.+++++
.+++++..+++++.+++++++++++++++++++++++++++++++++++++++++++++.....>.++++++++++................................+++++
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
+++++.++++++++++..++++++++++...++++++++++...+++++.+++++..+++++.+++++..+++++++++++++++.+++
++++++++++++..+++++++++++++++..++++++++++..+++++++++++++++++++++++++...+++++..+++++>+++
+++++++>.+++++>+++++......................+++++^^^
gpg: key 1F6C9247 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
pub   2048R/1F6C9247 2011-11-05
      Key fingerprint = FC81 D8E3 8090 EEE3 1D98  E000 045C D80E 1F6C 9247
uid                  Backup Key <backup@example.com>
sub   2048R/12D6A5B0 2011-11-05

Take note of your key’s public GPG Key ID, which is listed on the line where it says “key xxxxxxxx marked as ultimately trusted” (in this example, it’s 1F6C9247). You can also find your GPG key’s public ID with:

gpg --list-keys

which will spit out something like:

pub   2048R/1F6C9247 2011-11-05
uid                  Backup Key <backup@example.com>
sub   2048R/12D6A5B0 2011-11-05

You’ll see your key’s ID on the top row after the slash. Write it down (don’t worry, it’s not a security risk like a password) to refer to in the next step.

Step 5: Download and Configure dt-s3-backup Script

While trying to make all the aforementioned tools work together, a stumped across a very cool script that already did it for me. This blog post explains the script, and the script itself is hosted on GitHub.

Download the script to your server (I put mine in /usr/local/bin) and then open it up in an editor. You’ll need to put the following in the appropriate locations inside the script:

• AWS_ACCESS_KEY_ID: Your Amazon Access Key (duh!)
• AWS_SECRET_ACCESS_KEY: Your Amazon Secret Access Key (double duh!)
• GPG_KEY: Your GPG Key ID of the key you created in the previous step
• ROOT: I changed this to just “/” so that I could back up anything on the system. You’ll pick the exact directories you want in a bit.
• DEST: Since we’re backing up to Amazon S3, comment out the “file:” line, uncomment the “s3+http:” line, and put the name of the Amazon S3 bucket you created for backups in the first step. If your bucket name were “my.awesome.backups” then this line would be DEST=”s3+http://my.awesome.backups/”

Skip the INCLIST and EXCLIST options for now, and tinker with the STATIC_OPTIONS to your liking. These will simply be passed to Duplicity, so you can check the Duplicity docs for all the possilibities. I have mine set to STATIC_OPTIONS=”–full-if-older-than 4W” which means my backup (which I run daily) will do incremental backups unless it’s been 4 weeks, in which case it will do a full backup. I also kept the default CLEAN_UP_TYPE and CLEAN_UP_VARIABLE settings. Again, refer to the Duplicity docs for other options.

Finally, I also tinkered with the Logfile settings and Email Alert settings.

Step 6: Choose which directories to include and exclude

Use the INCLIST and EXCLIST sections of the dt-s3-backup.sh script to list which directories you want to include and exclude while doing your backups. Examples are shown in the script. Make sure that whatever directory you used to store your database backups with AutoMySQLBackup is included. If you want hidden directories excluded, be sure to include them. The following are my lists:

INCLIST=(  "/www/" \
           "/etc/" \
           "/home/" \
           "/root/" \
           "/usr/local/bin/" \
           "/usr/local/backups/db/" \
        )

 EXCLIST=(   "/www/logs" \
            "/etc/selinux" \
            "/home/*/Download/" \
            "/root/*/Download/" \
            "/home/*/.*/" \
            "/root/.*/" \
            "/home/*/logs" \
            "/home/*/Maildir" "/home/*/mail" "/root/Maildir" "/root/mail" \
        )

These settings work for me, but there’s no guarantee they will work for you. It’s your data, so you should completely understand what is and isn’t going to be backed up.

Step 7: Do a Test Run

To test things out, find the following line in the dt-s3-backup.sh script and uncomment it (remove the #):

#ECHO=$(which echo)

As explained in the comments, this will run the script in test mode, which will spits out the full Duplicity command and send it to the email address you set up in the Email Alert settings.

Save your edited version of the script and run it with:

dt-s3-backup.sh --backup

Because it’s in test mode, it should think for a bit and then email you some output, which includes the full command that will be passed to Duplicity. If everything looks good, comment the #ECHO line out again, and go for it:

dt-s3-backup.sh --backup

Depending on many factors (the amount of data you’re backing up, the speed of your system, the speed of your connection to Amazon S3, the phase of the moon), you’ll have to wait for a bit. My system takes about 5 minutes to run a full backup.

If something goes wrong, check all your edits, and check the links to the other blog posts I’ve included. I won’t be any help answering support questions in this thread, because I’m not the author of any of these applications.

Step 8: Check Your Files

Assuming your backup worked, you can ask Duplicity to list all the files in your backup with:

dt-s3-backup.sh --list-current-files | more

Keep in mind that these will count as a requests against your Amazon S3 allowance. You get a bunch of free ones, but managing your Amazon bill is completely your responsibility.

Other options for dt-s3-backup.sh are available in its README file. I recommend experimenting with them until you’re familiar with the ones you’ll need.

Step 9: Automate

Once everything is working as you want it, don’t forget to create cron jobs for AutoMySQLBackup and dt-s3-backup.sh, I dump my databases nightly, and I do an incremental backup with dt-s3-backup weekly. Use whatever settings work best for you.

Step 10: Provide Feedback

I always welcome your feedback, especially if you have suggestions for making the process in this article easier to do or understand. If you have a different backup method that works for you, please feel free to share it. Because I’m not the author of any of these utilities, however, I can’t provide support in using them. Check the links I’ve provided for support, or contact the application authors directly if you’re having trouble.

Good luck moving your data from “waiting to be lost” to “backed up.” I know I sleep better knowing I’m better prepared to deal with disaster!

Related posts:

1. How to set up uShare media server on Fedora / CentOS to stream video and pictures to Xbox 360 or PS3
2. Installing OpenDKIM RPM via Yum with Postfix or Sendmail (for RHEL / CentOS / Fedora)
3. How to Backup your Navigation DVD/CD

Here’s my favorite YouTube video on how to field strip one:

No related posts.

The Ecobee Users group discussion forum is a resource to current and prospective Ecobee owners, and I’ve even been able to some of Ecobee Inc’s staff to lurk in there and help answer questions.

Please keep in mind, however, that this is an unofficial forum for Ecobee products (meaning we’re not affiliated with Ecobee Inc in any way). It’s just a place to discuss heir products, answer each others’ questions when possible, provide peer support, and promote the further use of these products.

If you’re an Ecobee owner, installer, employee, or enthusiast, we invite you to join the conversation!

Subscribe to Ecobee Users

Email:

Visit this group

Related posts:

1. Ariel Atom Forum
2. Installing Ecobee Smart Thermostat #5
3. Installing my 2nd ecobee and Using Group Admin Features

• Joshua Dance – Information Systems
• Justin Eddy – Accounting
• Joe Hilton – Masters of Business Administration
• Mauricio Molina – Business Management
• Aaron Robison – Business Strategy
• Abram Skidmore – Masters of Accountancy
• Nathan Woobury – Management & Computer Science

You are each excellent examples of the values and spirit of Brigham Young University. I congratulate you for your scholastic achievements so far, and look forward to hearing of your successful post-graduation endeavors. I encourage you to continue to work diligently while at school and to make the most of your time there. It’s been 15 years since my graduation, and not a day goes by without me remembering the friends, teachers, and Spirit I felt as a student there.

Like you, I was also a recipient of scholarships throughout my BYU experience. Without them, I would have been unable to afford my tuition. I urge you to work diligently in your chosen career fields so that success can find you, and then you can use your time, treasure, and talents to bless your family as well as other deserving students of our alma mater.

Congratulations once again, and continued success.

Stephen J. Jenkins
Chairman, Jenkins Family Foundation… and die hard BYU Cougars fan.

Related posts:

1. Using Windows Live Family Safety with a Windows Domain
2. Biography

You can – thanks to StartSSL - the self-proclaimed “Swiss Army Knife of Digital Certificates & PKI.”

While the interface may not be as slick as other SSL providers (like GoDaddy or Network Solutions), what StartSSL lacks in design they make up for in value. You can actually get a 128/256-bit Encrypted Class 1 SSL/TLS + S.MIME certificate for free. Seriously, no strings attached.

Step 1: Sign up and Get Verified

The first step is to sign up at StartSSL and verify your personal identity via email, and also verify that you have admin authority for the domain. I noticed that Chrome won’t work properly with their authentication procedure, so you’ll need to use IE, Firefox, or Safari. I won’t go through all the verification steps here. Just follow the instructions on their website to get verified, and get to the Control Panel. Or, try their Express Lane option to get verified and receive a certificate in one step.

IMPORTANT: Make sure you choose the proper domain and subdomain name for your certificate when you come to that point. You can change your mind later, but you’ll have to pay $25 to do so. Just be sure you understand everything before you start clicking buttons…

Eventually, you’ll reach the Certificates Wizard. Select a Web Server SSL/TLS Certificate. Then press the Skip>> button, because you’ll want to create your own private key and certificate request on your server.

Step 2: Create Your Key and CSR

The next screen is where you submit your certificate request (CSR). But first, you’ll need to build your private key and the CSR itself. Make a directory to store all your SSL files with

mkdir -p /etc/ssl
cd /etc/ssl

Of course, you can choose any directory to store your SSL stuff, and you may already even have one. Use whatever directory you like. I personally like /etc/ssl because it’s easy to remember.

Inside your /etc/ssl directory, do:

openssl req -new -newkey rsa:2048 -nodes -keyout hostname.domain.key -out hostname.domain.csr

You can use any filename you want for the key and csr, but I like to include the subdomain and hostname of the mail server in mine, such as mail.example.key and mail.example.csr.

This command build both your private key and the CSR. Answer the questions (you don’t have to answer the optional ones), and be sure that when it requests the Common Name, use hostname and domain name of your server as you’ll be entering it in your email client (such as mail.example.com). If you make a mistake anywhere along the way, you can CTRL+C out of it, or just re-run the command to write a new key and CSR over the existing ones.

Once the command is finished, do an ls to see the two files you just created.

Your private key must be kept, well, private. So get into the habit of setting proper permissions for private keys right after you make them.

chmod 0640 hostname.domain.key

Step 3: Give your CSR to StartSSL and receive your certificate

Spit out the contents of your CSR with:

cat hostname.domain.csr

Then copy the entire contents of the file (including the:

-----BEGIN CERTIFICATE REQUEST-----

and

-----END CERTIFICATE REQUEST-----

lines, then paste it into the text area of the StartSSL CSR request page.

Hit the Continue>> button, and then select the specific subomain and domain you’ll use (such as mail.example.com or www.example.com) to access your server. For the free Class 1 certificate, you can include the domain and only one subdomain. This means the certificate will work for example.com and www.example.com, or example.com and mail.example.com.

If you want your certificate to work for two or more subdomains in addition to the primary domain, you’ll need to pay $59.99 to become Class 2 verified. But the good news is that you can then generate unlimited Class 2 certificates, which allow multiple and/or wildcard subdomains on your certificates. This is actually what I did, and it’s still a bargain.

After your request is processed,  the certificate back from StartSSL, copy the contents and paste them into a file in your /etc/ssl directory called hostname.domain.crt (using your hostname and domain name, of course).

At this point, it’s a good idea to download all three files (key, csr, and crt) and store them somewhere safe. I have a secure USB key that I keep for such a purpose. Your .key file is irreplaceable at this point. If you lose it or accidentally delete it, you’ll have to revoke your certificate, which will cost you $25.

Step 4: Download the StartSSL Bundle

Certificates are about trust, and so you’ll need to inform your server that you trust StartSSL. List of certificate authorities that your server can trust are stored in Certificate Bundles. Download StartSSL’s bundle with:

wget --no-check-certificate https://www.startssl.com/certs/ca-bundle.pem -O startssl-ca-bundle.pem

If you have a pre-existing certificate bundle file somewhere on your server (such as ca-bundle.crt or cacert.pem), you may want to copy it into your /etc/ssl directory:

cp /etc/pki/tls/certs/ca-bundle.crt /etc/ssl

Then you’ll need to combine the StartSSL ca-bundle with your existing bundle (this step just copies the StartSSL bundle to the new filename if you didn’t have an existing bundle):

cat startssl-ca-bundle.pem >> ca-bundle.crt

Now edit your Postfix main.cf file and put in the updated locations of your private key, certificate, and bundle:

smtpd_tls_key_file = /etc/ssl/mail.scuderia.key
smtpd_tls_cert_file = /etc/ssl/mail.scuderia.crt
smtpd_tls_CAfile = /etc/ssl/ca-bundle.crt
smtp_tls_CAfile = $smtpd_tls_CAfile

This article assumes that you’ve probably already got Postfix set up for SSL/TLS with a self-signed certificate, so all the main.cf settings in addition to the ones I’ve mentioned above for TLS should already be in place. This article won’t explain how to do that (but there are plenty of great articles out there to get that working). I will, however, show you what the SMTP TLS section of my main.cf file looks like, in case it’s any help:

# SMTP TLS
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/ssl/mail.domain.key
smtpd_tls_cert_file = /etc/ssl/mail.domain.crt
smtpd_tls_CAfile = /etc/ssl/cacert.pem
smtp_tls_CAfile = $smtpd_tls_CAfile
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

Once you’ve got your settings right, restart Postfix with:

service postfix restart

Now you’re connecting to your outgoing mail server with a third-party signed certificate!

Related posts:

1. Fixing Postfix “certificate verification failed for gmail untrusted issuer” Error Message
2. Renewing a Self-Signed SSL Certificate on Fedora/CentOS
3. How to get DKIM and DomainKeys working with Postfix on RHEL 5 / CentOS 5 using OpenDKIM and dk-milter

(Big thanks to Murray K. and Todd L. for hand-holding me through this )

For my projects, I use a watered down version of the branching model presented in this article, so that I always have two branches:

• Master: which always represents a release version of a project
• Develop: which represents the progress I’m making toward the next release version

Therefore, for reasons that should be obvious, I always request that collaborators make pull requests only on the Develop branch.

Making changes to Develop

To check out my Develop branch, I do:

git checkout develop

I make whatever changes I want, and then make sure the files I want to include in commits are added with:

git add <filename>

(I only need to do this once per file.)

When I’m ready to commit at least one changed file, I do:

git commit -a

and then add notes about the changes I made.

Then I do:

git push

to push my local version of the Develop repo to GitHub.

Merging Develop into Master

Technically, with the branching model I’m using, I should never commit changes directly to Master. All updates should be put into Develop, and then once Develop represents a version that I think is ready to be released, and all the changes I want are committed to Develop and pushed, I merge Develop into Master with:

git checkout master
git merge develop
git push

Checkout Out Someone Else’s Repo and Submitting A Diff

When checking out someone else’s repo and submitting a diff to them, I do the following:

Do a git checkout of their develop branch with (usually):

git checkout develop
git pull

Then I create my own temporary branch from that with:

git checkout -b develop_branchname

Next, I edit or copy my changes into the branch and commit them with:

git commit -a

If I don’t have write/push access to the repo, I need to create a patch to send to the author with:

git format-patch develop..develop_branchname

After sending the diff, I can delete my temporary branch with:

git checkout develop
git branch -D develop_branchname

Further Reading

• GitHub Cheat Sheet

Related posts:

1. My Favorite ImageMagick Commands
2. “No controllers found” fix: set up Dell OMSA 6.3 32-bit on RHEL / CentOS 5.5 64-bit
3. “No controllers found” fix: set up Dell OMSA 6.4 32-bit on RHEL / CentOS 5.5 64-bit

Goodbye, good buy.

I shop at the Home Depot. A lot. And, as I do with absolutely every purchase possible, I used to always pay with my American Express Centurion Card (Membership Rewards points + hassle-free purchase protection). And, every time, as I’m sure Home Depot’s company policies dictate, the cashier would ask “Would you like to save 10% by applying for a Home Depot Credit Card?” I said “no” every time, until the day that the cashier added “plus you can save 10% on trash bags, light bulbs, batteries, air filters…” Whoa, whoa, whoa. She just said “light bulbs.” Let me explain why that got me excited.

My house is… larger than average. It would be rude for me to say exactly how much larger, but let’s just say it consumes a lot of light bulbs. In fact, the primary reason I go to Home Depot is to buy light bulbs. And on this particular visit, I was buying a few thousand dollars of light bulbs, because I was going eco-friendly (LED and Compact Flourescent) for the master bath and many of my exterior lights. So you can see why I got a little excited at the thought of getting a 10% for light bulb purchases now and in the future. So I got the card, and the discount.

For months, every time I needed bulbs (when an interior Halogen bulb burned out, I would replace it with an LED one), I would buy them at the Home Depot with my Home Depot Credit Card and enjoy the discount. And so today, when I went to the Home Depot in Covington to pick up half-a-dozen-or-so new EcoSmart LED bulbs for my front porch, I was surprised when my receipt spat out and displayed no discount. I mentioned it to the JJ (who coincidentally is the same JJ who helped me pick out a new washer and dryer combo back in 2009), who politely apologized and got someone from Customer Service to come over and sort it out. After three separate Customer Service people came over and tried to figure it out, one of them called somewhere, who told them to tell me that they “don’t do that discount any more.” To say I was angry would be going too far, but I admit I was disappointed. They hadn’t informed me when I got the card that the discount was temporary, they hadn’t sent me an email or notified me in my credit card statement that the discount would be ending, and the discount was the only reason I owned the card. I actually considered asking JJ to cancel the purchase so that I could re-purchase everything on my Amex, but he’d been so polite and apologetic that I decided not to… which turned out to be a mistake, because when I installed one of the $30 EcoSmart 14W LED BR30 bulbs on my porch today using a 20 foot extension pole, the plastic lens on the bulb popped off – so now I have one of the bulbs showing a grid of individual LEDs, and I’m going to have to rent a scissor lift (there’s no way I’m going up that high on a ladder!) to remove the bulb and replace it. Had I paid with my Amex, a 30 second phone call would have had the money refunded to my account and they’d have told me to toss the bulb in the trash. The hassle of having to stuff the bulb back in the box, find the receipt, and hope I get time to drive back to Home Depot before the return period is over (which I always seem to miss) is exactly why I always say “no” whenever a store offers me their credit card. I should have known better than to stray from my Amex.

Google located this page for me, which does clearly state “through May 25, 2011″ (although I swear I’ve received the discount since then). So it’s not exactly like I can demand that Home Depot honor the discount. Although, they probably should remove the video from their website of the dude walking around Home Depot, unbelievably happy that he’s “buying the things [he] uses every single day, and saving and seeing the discounts right on [his] sales receipt!” Yeah, buddy. I used to walk around Home Depot that happy, too. But not today. And not any more. Sniff…

So while I can’t demand that they honor the discount, they can’t demand that I use their credit card, either. That’s something I did only because it was mutually beneficial. And with that benefit gone, there’s simply no need for me to keep the card. That’s why I’m cancelling my Home Depot Credit Card today.

And now, if you’ll excuse me, I need to go see a man about a scissor lift.

Related posts:

1. ecobee Mothership Won’t Let My Thermostat Phone Home
2. WallyPark Premier Garage Review