Running Bitnami LAMP stack in HyperV

September 21, 2014 Leave a comment

Bitnami has several nice prebuilt linux machines that is very useful for quick deploy.


In order to make it easier, you just need to setup a base image for the Bitnami LAMP stack VM


Download these first

Bitnami LAMP Stack: Goto and grab the vmware virtual machine image

Microsoft Virtual Machine Converter Solution Accelerator 2.0: Goto and grab the msi file


Convert VMDK to VHD

Run an administrative powershell instance and run the following 2 commands

# Import the MVMC cmdlets
Import-Module ‘C:\Program Files\Microsoft Virtual Machine Converter\MvmcCmdlet.psd1’


#Convert the VMDK to VHDX

ConvertTo-MvmcVirtualHardDisk -SourceLiteralPath bitnami-lampstack-5.4.32-0-ubuntu-14.04.vmdk -DestinationLiteralPath bitnami-lampstack-5.4.32-0-ubuntu-14.04.vhdx -VhdType DynamicHardDisk -VhdFormat Vhdx


Once the conversion is complete, use the HyperV –> Edit Disk function to compact the VHDX to save space

Create HyperV VM

Once done, just create a normal VM, there is no need to restrict yourself to the legacy network adapters, the new one works fine




Setting up your bitnami VM

Follow the guide found at


You can also refer to for some of the more administrative functions


Updating Integration Services

Issue the following command: sudo pico /etc/initramfs-tools/modules


Add these 4 items to the end of the file



Now rebuild the boot image

sudo update-initramfs –u


The guest OS needs to be rebooted:

sudo shutdown -r now

After the virtual machine reboots, run the following command to check if the modules are enabled:



Categories: HyperV

Common Setup Commands for Ubuntu 12.x onwards

September 20, 2014 Leave a comment

To change the hostname of the machine
sudo nano /etc/hostname

sudo nano /etc/hosts

To change the IP Address of the machine

sudo vi /etc/network/interfaces

auto eth0
iface eth0 inet static

sudo /etc/init.d/networking restart

To change the account password


To shutdown the machine

sudo shutdown –h 0


To install and enable openssh

sudo apt-get update
sudo apt-get install openssh-server
sudo ufw allow 22


sudo nano /etc/ssh/sshd_config
# line 28: uncomment and change ‘no’
# default setting "without-password" means that root login is permited but require keys authentication
PermitRootLogin no


sudo initctl restart ssh

Categories: Ubuntu

Seafile end to end encryption for encrypted libraries (v3)

May 11, 2014 Leave a comment

Rephrased from and

FYI, encryption used are all symmetric

Master Key
When you create an encrypted library, a random file key (master key) is generated. This master key is the main key that is used to encrypt and decrypt the files and this key has NOTHING to do with your password, and is not stored anywhere in the system. As long as you can get this key, your access to the data is confirmed! There is also no known way to change this easily.

Enc Master Key
The password you entered is used to encrypt the master key (enc master key) , this data is stored in the server to send out to the clients in order to derive the actual file key by decrypting with the password.
I.e master key enc master key

Web Browsers (8000, 8082)
For browsers and all access thru http protocols (inc mobile devices) the enc master key and encrypted data is sent to the client/server and the client/server will do the neccessary decryption to get the file key which is then used to decrypt the encrypted data to get the actual file. For mobile apps, it seems the file key is also stored in the app data.

cc net (10001) and seaf daemon (12001)
A magic token is generated from the library id and password and stored on the server. This is used to confirm the password is correct. Once it is confirmed, the master key is stored on the client.

Although no passwords are stored anywhere, this does not really matter since all it does is to decrypt the encrypted master key, what really matters is the file key, which unfortunately seems to be stored on both the client as well as mobile app, quite possibly in an unencrypted format.

So while the sys admin is not able to your files. Should your devices be compromised, the hackers potentially have access to your file key which will unlock the files when they request it from 8082 which does not need any form of authentication.

Categories: Uncategorized

Windows Server Storage Spaces–Auto attach disk

May 8, 2014 Leave a comment

Sometimes when you reformat a server, the volume in the storage spaces is not auto attached.


to set it to automatically load use the following powershell

Set-VirtualDisk -FriendlyName Mirror -IsManualAttach 0

Categories: Windows Server

Enabling HTTPS for Seafile (Windows)

May 7, 2014 36 comments

EDIT: Video tutorial can be found at

While there has been documentation on how to enable HTTPS for seafile in *nix environment. There is no documentation for doing this on windows.   Looking at the nginx implementation, it is essentially doing a reverse proxy. This is something that IIS+URL Rewrite can easily achieve!   Before we proceed, take a look and understand the reverse proxy requirements found at   I will not go into steps on how to generate your own SSL cert, but rather focus on how to use IIS to reverse proxy the necessary ports.   Requirements

  1. Standard implementation of seafile ONLY
    1. ie seafile listens on the following port: 8000, 8082, 10001, 12001
  2. HTTP requests to port 80 will be redirected to HTTPS calls on port 443
  3. HTTPS requests on port 443 will be treated as follows
    1. if it starts with seafhttp, send it to seafile port 8082
    2. otherwise send it to seafile port 8000

Step by Step Guide

  1. Install seafile on the server
  2. Install IIS with default options
  3. Run IIS Manager image
  4. Install Web Platform Installer (WebPI)
  5. Inside WebPI, install URLRewrite
  6. Create 2 websites, pointing to separate physical folders. Ensure the https website is associated with a valid SSL certificate image
  7. Edit the web.config for the HTTP site

    <?xml version=”1.0″ encoding=”UTF-8″?> <configuration> <system.webServer> <rewrite> <rules> <rule name=”Redirect to HTTPS” stopProcessing=”true”> <match url=”(.*)” /> <action type=”Redirect” url=”https://{HTTP_HOST}/{R:1}” /> </rule> </rules> </rewrite> </system.webServer> </configuration>

  8. Edit the web.config for the HTTPS site

    <configuration> <system.webServer> <rewrite> <rules> <rule name=”seafhttp” stopProcessing=”true”> <match url=”seafhttp/(.*)” /> <action type=”Rewrite” url=”{R:1}” appendQueryString=”false” logRewrittenUrl=”true” /> </rule> <rule name=”Reverse Proxy” patternSyntax=”ECMAScript” stopProcessing=”true”> <match url=”(.*)” /> <!– Redirect all requests to non-HTTPS site. –> <action type=”Rewrite” url=”http://localhost:8000/{R:1}” logRewrittenUrl=”true” /> </rule> </rules> </rewrite> </system.webServer> </configuration>

  9. Enjoy a secure version of seafile :)
Categories: General, Hacking, IIS

Disabling/Removing IIS Shared Configuration

March 1, 2014 Leave a comment


If you are using IIS Shared Configuration and changed the password for the account accessing the file path, you might encounter the following error

The World Wide Web Publishing Service service depends on the Windows Process Activation Service service which failed to start because of the following error:
The user name or password is incorrect.

The Windows Process Activation Service service terminated with the following error:
The user name or password is incorrect.

Windows Process Activation Service (WAS) is stopping because it encountered an error. The data field contains the error number.


Internet Information Services (IIS) Manager will also start with a weird error message and then prompts you to login


All these points to an inability to access the shared configuration


How to resolve?


  1. Stop IIS (iisreset /stop)
  2. Goto C:\Windows\System32\inetsrv\config
  3. Open redirection.config inside notepad
  4. Change the <configurationRedirection> part to <configurationRedirection />
  5. Start IIS again (iisreset)
Categories: IIS, Windows Server

Windows 8.x–Disable Hibernation and Sleep

January 17, 2014 Leave a comment

To turn off either one, first start an administrator mode command prompt

and then type the required commands


#turn off hibernate
powercfg /H off

#disable sleep
powercfg -change -standby-timeout-ac 0



Categories: General

Get every new post delivered to your Inbox.