Category Archives: Mac

Why I built desktop PC in 2021

The switch happened overnight for me,  at my first job I was working on a desktop PC, but since then every single workspace I have been in ultimately used laptops.

Somehow big ugly boxes went out of favor with the rise of tablets, eeePCs (do you remember these) and MacBook Airs coming out of mail envelopes. 

Maybe if you are working in a big company and you have to go a lot of meetings you really need a portable device, but to be honest in 2013 I was attending stand-ups and such taking notes on my iPad. If you are appalled by the idea of typing by tapping on a screen, I know it is less than ideal, but come on we grew up typing SMS-es on 9 key keyboards and we were pretty good at it. 

Background

I was working on 2017 MacBook Pro with core i5 and 16gb of RAM. I really do not recommend you to buy such a machine. MacBooks were never really that heat efficient, but this is just another beast. The moment you go to Hangouts meeting and you share your screen, you can barely use or even touch the computer. 

At some point I realized that the Core i5 processor I have in my Dell PC from 2012 delivers the same performance as the one in my laptop (for the price of power consumption, but nobody thinks about that in desktops). The only problem was that the old desktop had only 8GB of RAM, but considering the fact that running Linux you do not have to run Docker in VM (constantly reserving 4GB RAM for itself) it turns out it is quite viable alternative.

So I gave it a try. ArchLinux is better than ever. Even with less RAM I was managing to do my daily job. I started using the Macbook as AV machine – just for attending online meetings and doing the coding on the PC (I know, such a waste). I never really had decent PC, so I decided that I finally deserve something more powerful.

Finally, let’s not forget what year is it. Because of the pandemic I haven’t attended a meeting in person for almost a year. The reasons to keep a mobile machine as your primary working device kept disappearing.

Why not 

OK, lets discuss why you would not want PC. 

Linux is an awesome OS, but let’s be honest – sometimes the big corporations overlook software support for it. For example my VPN client was terrible under Linux and it was constantly disconnecting. Of course if it was opensource someone would have fixed the problem a long time ago, but as Cait used to say – we live in an imperfect world. 

Windows ? No. Sorry. Maybe I’ll install Windows some day if I want to play some games, but this is not a priority for me right now. Last time I tried working under Windows the only thing that made this OS bearable for me was WSL, but if that’s the case why not just use Linux instead. 

What about buying iMac or Mac Pro. Both are very expensive machines. Mac Pro for me was completely out of the question because I could not justify the price. 

The iMac is an incredibly beautiful machine, but I am not sure how future proof it is, considering the fact that a lot of people expect drastic changes in that line of products. Also, I was wondering how good the cooling would be and I did not want to risk it. In my head I was picturing horrific scenarios where I have shoveled a huge amount of money just to discover that the CPU is throttled most of the time to prevent overheating.

Unless you go for the iMac option you will inevitably end up with … lets call it – less-than-elegant box next to your desk, so don’t underestimate this. Maybe you insist on beautiful design, maybe you don’t have the space. I personally think I can live with it. Nowadays PC cases are not what they used to be, but lets face it – it is still a box.

Lets build

I was not very picky about the parts, but wanted to be able to achieve something specific (and may be not legal). 
What I ended up with is something that is powerful enough without spending a fortune on the build:

  • AMD Radeon RX 580
  • Gigabyte Z490 Vision G (which is the cheaper version of Vision D, but I think I am fine missing on the extra features)
  • Intel Core i7-10700K (I am not sure if I would ever overclock it, but it’s good to know that this feature is present)
  • Noctua NH-D15 cooler (that thing is HUGE, but amazingly quiet)
  • 500GB Samsung 860 EVO SSD
  • 2x32GB DDR4 Patriot Viper Steel RAM (maybe a bit of a stretch)
  • Cooler Master MWE 750 power supply
  • NZXT H710 Matte Black case 

A lot of things changed since the last time I did this. I don’t remember PC cases to cost as much. Also, I don’t remember cable management to be that good. I was expecting to have an ugly box filled with messy cables. I couldn’t have been more wrong. The case is clean and nice to look at, the cables are hidden in a way that it looks like carefully designed machine, not something assembled in someones garage. The design is simple and clean, there are no RGB lights, I repeat, no RGB lights. Why do most PC case manufacturers assume we are all a bunch of 14-year-olds.

The price is half of what I would have paid for iMac with similar specs. 
Of course the iMac comes with magnificent display, so if you factor the price of nice 4K display – it is not that cheaper. 
Another big advantage of the iMac is that it can run OS X, but guess what, this desktop build is very much hackintoshable. 

The state of Hackintosh

Putting aside the legality and morality of running OS X on non-Apple hardware it is quite interesting topic from a technical point of view.

Last time I tried to something like this, it was 2013 and I barely succeeded in turning my Acer laptop into fully working Hackintosh after a week, but it was absolute mayhem. Hackintoshing computer back then was black magic. Not just for me, but for most people. Most of us (who are not kext developers and do not have intimate knowledge of how OSX works) just tried random stuff until it worked. 
There were some sparse online guides, but at the end of the day you just poke in the dark until you figure out the exact combination of hacked kernel extensions that work in your specific case.

Everything is amazingly different now. OpenCore is bootloader written by people who really know what they are doing and nowadays you can follow generic structured guide and have much more scientific approach to building Hackintosh. 

This hardware is specifically chosen to be close to what Apple sell, so it is relatively easy to install OSX on it.
Actually I found a guy that has done this for similar configuration and just by slightly adapting his configuration, I managed to do my own quite fast. 
Surprisingly it was harder to install all the right drivers for Windows (operating system that is supposed to run on this hardware) compared to OSX (an OS that was never meant to run here).

What still does not work is Wi-Fi and Bluetooth, but this was expected, it was almost never possible and I was expecting to have to buy a separate supported Wi-Fi chip. It is desktop after all, mine is 15 cm away from the router and I prefer cable connection, but my I really want to be able to use my Bluetooth headphones. This is something I haven’t fixed yet, but it is definitely doable, so it is just a matter of time.

Verdict

I think I have built a pretty decent machine. Most importantly it is capable of running OSX (I am currently on Big Sur), Linux and Windows, so if at some point in the future I decide that I want to become a professional StarCraft player I can dual boot.  

Actually I played StarCraft II and Civilization 6 (under OSX) and they work perfectly. 

Some people say that this is result of the virus, you are probably not going on vacation this year so why not spend some money on toys. 
I am not sure if this is the reason, but nevertheless I think Desktop PC in 2021 is good idea (even if you plan to run Windows and play games on it). 

PGP for the masses

Intro

Using PGP is very simple, you need to generate key (it will actually be two keys – public and private). Public key is what you want to give to other people so they can encrypt files for you. Private key is something you do not want to share.

This guide/cheatsheet assumes that you are using osx, but aside from the GUI tools, the rest will be the same for all operating systems

There are 4 things that you need to know:

  • how to generate your key
  • how to find other people’s keys
  • how to encrypt
  • how to decrypt

Terminology

Some clarifications:

OpenPGP is a standard for encryption

PGP stands for Pretty Good Privacy – this is software that implements the OpenPGP standard

GPG stands for GNU Privacy Guard – open source implementation of OpenPGP (this is what we are going to use)

PHP is something completely different

Install

Download from https://gpgtools.org/ If you are not planning to use it with Mail App, during installation click Customise and deselect GPG Mail

Create new key

You can just type
gpg --full-generate-key

and answer the questions or via GUI:
Click New, enter your e-mail address and password, wait for key generation to finish. At the end click to upload the key to key server.

If you have already generated key you can upload it by clicking Key -> Send Public Key to Key Server

Note: By uploading your key it will be uploaded to one of the SKS servers used by OpenPGP and it might take some time until it is visible in all servers.

Retrieving other’s public keys

If you have tin foil hat, you would prefer to ask someone to send you their PGP key and they can send it to you. Never trust keys that you have not asked for and you are not sure are sent by the person you think sits behind them, somebody may be pretending to be a friend.

If you however think that you know what you are doing, click Lookup key, type the e-mail of the person you expect to have published, check if the rest of the data looks credible and import it.

If you do not want to use the GUI app, you can search in websites like http://keys.gnupg.net

Note: Some people may have several keys, ask them which one you should use (usually the one that was created most recently would be the one that you want).

Note2: After publishing key it may take some time until it shows up, be patient

Encrypting files

Using Finder

Go to the folder where the file is, right click on it, select Services -> Open PGP : Encrypt File, then select the key that you want to be able to decrypt it and click Encrypt. If the file is called file.txt you will see a new file called file.txt.gpg

Using CLI

gpg -e --armor file.txt

Enter the e-mail of the recipient/s and hit enter when you are done

or if you want to encrypt some text:

echo "text" | gpg -ea

Decrypting files

Using Finder

Go to the folder where the file is, right click on it, select Services -> Open PGP : Encrypt File, enter your password and decrypted file should show up

Using CLI

gpg -d file.txt.gpg

View Keys

gpg -k

Adding PGP key in GitHub

Go to github.com -> Settings -> SSH and GPG keys -> New GPG Key

Copy your public key

gpg --export --armor MYKEYID

Paste it in github and click Save.

Then you have to tell git to sign your commits

git config --global commit.gpgsign true
git config --global user.signingkey MYKEYID

If you have created your github account with different e-mail address than the one specified in the PGP file, you can go to Settings -> Emails and add new e-mail address. Then proceed with the verification clicking the link sent to your inbox.

If you still have problems, check the e-mail specified in your ~/.gitconfig file. It should match the one from the PGP file

Deep(ish) dive

View secret keys with their long IDs

gpg --list-secret-keys --keyid-format LONG

Backup and restore secret keys

Backup:

gpg --export-secret-keys MYKEYID > my-private-key.asc

Import from backup:

gpg --import my-private-key.asc

Revocation

If you private key leaks or maybe you do not want to use it anymore you have to send the Key Server revocation certificate. Ideally you would still have the private key and you could generate it at any moment, but sometimes keys get lost, so you may want to generate revocation certificate now and back it up somewhere.

gpg --output revocation.crt --gen-revoke myemail@example.com

When you decide to revoke the key you have to import it and send it to the Key Server like this:

gpg --import revocation.crt
gpg --send-keys KEYID

Replace KEYID with the ID of your key

Signing other people’s keys

TLDR: You can sign keys to tell others that this key is good.

If you trust the person you can sign their key and send them back the key and you will be listed as someone who signed the key.

gpg --sign-key email@example.com

You have to send them the signed key back

gpg --output /tmp/signed.key --export --armor email@example.com

and they have to import it to benefit from you signing it:

gpg --import signed.key

If people you trust have signed the key, usually it is a good indicator.

Как да си направим Time Machine сървър

Ако не сте използвали Time Machine  до сега трябва да знаете, че както всичко Apple-ско работи доста добре и е страхотен начин за правене на backups. Задължително е поне да се пробва .

Има два начина да правите резервни копия – на втори хард диск или през мрежата. С втори диск всичко си работи добре, но често забравяте да го свържете отново след като си преместите компютъра, ако имате 2 usb порта не искате единия да е постоянно зает и т.н. Да се синхронизира през мрежата е най-удобно, но единствения официален начин това да става е чрез Apple Time Capsule, която в момента струва 300$ или 640 лева в CreativeCenter.

Ако като мен имате някоя стара машина (или в моя случай стари служебни непотребни компютри), която не въши нищо можете да направите следното.

1. Инсталирате някакъв Linux, в моя случай сложих Ubuntu Server последния LTS, просто защото не ми се заниваше сериозно.

2. Инсталирате netatalk, това е софтуер, който поддържа Apple Filing Protocol.
При Ubuntu го има в хранилищата, така че просто едно

ще свърши работа

3. Създаваме папката, където ще ни се съхраняват backup-ите

4. Добавяме в конфигурационния файл “/etc/AppleVolumes.default”:

Мисля че няма много нужда от обяснения, но все пак – задавате път, име на “диска”, който ще бъде споделен по мрежата, volsizelimit е колко голям може да е този диск – в моя случай ~600GB и накрая казвате кой системен потребител има право да го достъпва, при мен е gotha, при вас най-вероятно няма да е. Потребителя трябва да има права за четене и писане в тази директория.

5. Рестартирате сървъра

трябва да свърши работа.

Сега следва на направим правилните настройки на нашия Мак или Hackintosh.
Този диск е “unsupported” и операционната система няма да ни позволи да се закачим към него.

6. Казваме на Mac OS, че не държим диска да е supported

7. Връзваме се към сървъра през Finder.
В Network папката трябва да виждате вече сървъра, връзваме се към него с потребителското име и паролата, която използваме на Linux-ката машина и му казваме да ни запомни данните.

8. Препоръчително е този диск да се монтира автоматично при стартиране на компютъра, за целта отиваме в

  • System Preferences
  • Users & Groups
  • избираме нашия потребител
  • кликаме на таба Login Items
  • кликаме плюса долу и добавяме папката “Time Machine”

9. Правим си настройките на Time Machine
В System Preferences -> Time Machine изберете големия бутон с надпис ON и OFF. За нашите цели ON е добър старт. TM ще ви попита кой диск искате да ползвате избирате мрежовия диск, слагате tick-че на “Encrypt backups” и потвърждавате. Ще ви пита и за парола за криптирането и сте готови. Първия backup ще е отнеме доста време, но след това нещата са много по-бързи и лесни.
Ползвам подобна конфигурация вече месец и нямам никакви проблеми. Не забравяйте, че обикновено когато ти потрябва backup вече е прекалено късно, поиграйте си половин-един час и си спестете ядовете после.

10. Profit !

MiniDLNA при Mac OS X Mavericks

Ако ви трябва добър DLNA сървър за Mac, след логичния избор – Plex, аз бих ви препоръчал MiniDLNA. Бонусите са, че става въпрос за наистина малък сървър ( за разлика от plex ) и аз лично имах проблем с връзването с Xbox 360.

Логично започваме с macports:

След като инсталирате ( отнема доста време ), ще имате сървър, който се намира на /opt/local/sbin/minidlnad и примерен конфигурационен файл /opt/local/etc/minidlna.conf.sample

Ще копираме файла и ще го редактираме

Ще откоментираме и променим следните променливи

Пътя тук трябва да сочи пътя до вашите филми, пр. V,/Users/username/Movies, като “V”, в началото указва, че става въпрос да видео съдържание, има го описано в примерния конфигурационен файл.

Хубаво е и да създадем директорията

 

С това промените по конфигурационния файл приключват. Сега остава да стартираме сървъра.

Принципно това би трябвало да става като изпълните

но …

сървъра не знае къде му е конфигурационния файл и все още не е сглобил базата данни с вашите мултимедиини, за това трябва да изпълните

Сървъра стартира. Прегледайте за грешки и ако изникне нещо просто вижте какво може да се направи по въпроса.

Дайте на системата няколко минути да обнови базата данни и се свържете с вашия DLNA  клиент, препоръчвам да тествате с VLC от компютъра, таблета или телефона си за да се уверите че всичко е наред.

Допълнение: Не съм сигурен кой точно порт е проблемен, но ако имате проблеми с намирането на DLNA сървъра в мрежата, опитайте да спрете skype и/или torrent клиента си.