Rocket.Chat – Wrong URI in emails

Rocket.Chat – Wrong URI in emails

I recently spun up a Rocket.Chat server using Linode/Akamai’s pre-rolled scripts, and it mostly worked well. The main issue being that the URI included in all the emails was stuck as the host name of the server rather than the site-url as set in the settings.

The fix is as follows

First of all connect to the server console (be it via LISH or SSH or however). Install the Mongo database client

sudo apt install mongodb-clients

Connect to the database by running


Select the parties database

use parties

Run a query to find the Site_Url setting and confirm that the correct URI is set in “value” and the incorrect URI is set in “packageValue”

db.rocketchat_settings.find({"_id" : "Site_Url"}).pretty()

Run a query to update “packageValue” to the correct URI (replace <correct URI> with your URI)

db.rocketchat_settings.update({"_id" : "SiteUrl"},{$set:{packageValue:"<correct URI>"}})

Repeat the find query to make sure the change was made. Reboot the server and the problem should be solved.

Password Enterer

Password Enterer

We’re all told to have strong passwords for everything. Long, good, complicated passwords with symbols, numbers, capital letters. Passwords that are a pain to enter without a passwords manager, in essence. Because password managers exist, that’s all good for nearly every situation, except when it comes to logging in to your desktop.

I know this kind of thing exists already, but I don’t think they exist quite as simply (and potentially as un-securely) as this.

What I’ve made, using an old Digispark ATTiny85 arduino board with a built in USB-A plug, is a device that, when plugged in to a USB port, and the button is pressed, will type in a pre-determined string of characters followed by the enter key. There are two use-cases I can think of for this. Logging in to your desktop where there’s no password manager available, and entering your long-winded password into your password manager when setting that up.

There are obviously security issues with this – it’s a single factor authentication system. And you’re keeping the entire password available to anyone who picks up the doodad, plugs it in, and presses the button. There are things that could be done to make that safer – like only keeping part of the long-winded password on the device, requiring user input for to complete the password. But as a little one-hour project, this was fun.

My soldering is a mess, but it works. The button circuit includes a pull-up resistor, to stop any erratic button behaviour when there isn’t a definite high or low signal, as per a tonne of tutorials online. Like this, straight from the Arduino source:

Here’s the completed product:

The code that’s running it is as below. Firstly, import the HID library from Digispark (there are tutorials on how to get that happening on the Digispark website). Initialise the button state, configure the required pin to wait for signal, then repeatedly wait for button press. If there’s a button press, send the defined string to the computer, and to prevent multiple entries, wait for a second before moving on.

#include "DigiKeyboard.h"

int buttonState = 0;

void setup() {
  pinMode(5, INPUT);

void loop() {
  buttonState = digitalRead(5);
  if (buttonState == HIGH) {

Self-hosted Evernote Alternative

Self-hosted Evernote Alternative

I think I installed ownCloud in 2014 when v6 was the latest. It’s not perfect, but considering I have access to a virtual machine host for no cost, it’s pretty good value, and I’m willing to overlook the small issues I have with it.

I used Evernote for a while, and quite liked it, but fell further and further out of like with it as the features of the free version were stripped back, and the cost of the basic paid tier increased. $10 a month is pretty steep. I tried Google Keep for a while, but I didn’t like it at all. And do I trust my thoughts with Google? Yeah, kinda, but not completely.

In comes Joplin. A FOSS (free, open source software) note taking application that works with WebDAV (amongst other platforms/protocols).

ownCloud is fully conversant with WebDAV, which means that you can keep your notes safely stowed away on your ownCloud server, which is handy. I created a folder called Joplin in my ownCloud folder, then configured the software with the following settings, consistent across every platform (Android, Windows, and Ubuntu):

Synchronisation target: WebDAV
WebDAV URL: https://yourdomain.example/remote.php/webdav/Joplin (replace Joplin with the name of the folder your chose)
You also need to set your username and password, but they’re self-explanatory.

Installing Joplin on Ubuntu gave me a nice surprise. I ran “sudo snap install joplin” and it went through the motions of installing the software. But I couldn’t find it in the GUI to launch it. So I typed “joplin” at the terminal and a text-only version of Joplin appeared in terminal. Very good! I ran “sudo snap install joplin-desktop” and that installed the graphical version of the software and I was good to go.

Configuring the text only version of Joplin isn’t quite as easy as the graphical one. It’s a bit vi-y, which means that any commands you want to run are preceeded by a semi-colon. So, if you want to see the current configuration, type :config and press enter.

To configure the text version of Joplin to use WebDAV, first run

:config 6
to set the target to WebDAV, followed by

:config sync.6.path https://yourdomain.example/remote.php/webdav/Joplin
:config sync.6.username yourusername
:config sync.6.password yourpassword

The .6. in the config commands refers to target id of 6, which is what was set in the first command.

Run :sync to manually sync this instance to your server.

Bonus: in the ownCloud desktop application, untick the Joplin folder. This will remove it from your ownCloud folder on your local machine, but it will still exist on the server, which is where the Joplin applications will read it from directly. It will stop you from accidentally making a mess of the folder structure.

Switching Software

Switching Software

Microsoft Word. Adobe Photoshop. Whatsapp. Some software is so ubiquitous that you don’t even think that an alternative might be a good idea, or even exist. But often they do exist, and you should consider switching.

Why do I think you should switch? The two biggest reasons, are Google and Adobe. Adobe removed the ability to purchase software outright, forcing users into a monthly subscription. Google are just…well…Google. They sell your soul to the highest bidder.

I stopped using Google Analytics a few months ago on here, opting instead for a locally hosted Matomo analytics plugin, which does everything I want it to (and more). What it doesn’t do, which is the real drawcard, is send the analytics on to anyone else. The analytics are for me, and for me only.

I subscribe to a daily email called The Sizzle (, and today it alerted me to the website called Switching Software ( It’s super simple: look for the program you use, click on it, and it will tell you what the open source/free/non-evil/ethical alternatives that are available.

I’ve written about Signal before here: Why do I use Signal?, and it is one of the alternatives to WhatsApp – the one that I recommend. It has an edge over WhatsApp in that it will take over (if you want it to) as the default SMS app and allow you to keep SMS and Signal messages in the same encrypted database on your phone.

Switching Software mentions Matomo as the replacement for Google Analytics, along with another few options – a switch I already made.

I dumped Adobe for the Affinity software suite – which isn’t free, but all three applications cost $150 all up when they were on special, for a permanent licence.

I use OwnCloud instead of Dropbox. This is a faff, and not for everyone, because you have to host your own server. But if you have access to a machine that’s always online, it’s a good option.

I host my own mail server using Mail In A Box ( rather than relying on Gmail. Also a faff, because spam restrictions are so tight these days that if you aren’t one of the big players (Microsoft/Google) you’re very much a second class netizen. With patience and some polite emails to whatever spam filter is blocking you and it’s possible to get unblocked and then it works a treat.

It’s worth while investigating these. I’ve just downloaded kdenlive, a non-linear video editing application to replace Adobe Premiere Pro. I’ll see how it is and maybe post a review down the track.

Getting an A+

Getting an A+

If I run this domain through Qualsys’s SSL Server test, I get an A+. Which feels like a good score. I followed someone else’s instructions on how to do this, but I can’t remember where that was, so I figure putting the configuration here will be handy for me and, potentially, you.

SSLEngine		on
SSLProtocol		all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite		HIGH:!aNULL:!MD5:!3DES
SSLHonorCipherOrder	on
SSLCompression		off
SSLOptions		+StrictRequire
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"




I had a reason to see if I could get Ghost running alongside this WordPress install today, and it turns out that once you follow the correct and up-to-date instructions, it’s quite simple. I run Apache rather than nginx, so the default instructions don’t work. The magic happens with the RequestHeader line and the whole https component of the VirtualHost looks like this:

    <VirtualHost *:443>
            ServerAdmin webmaster@localhost

            ServerName ghostblog.domain

            ErrorLog ${APACHE_LOG_DIR}/error.log
            CustomLog ${APACHE_LOG_DIR}/access.log combined

           ProxyPass /
           ProxyPassReverse /
           ProxyPreserveHost On
           RequestHeader Set X-Forwarded-Proto "https"

            Include /etc/letsencrypt/options-ssl-apache.conf
            SSLCertificateFile /etc/letsencrypt/live/ghostblog.domain/fullchain.pem
            SSLCertificateKeyFile /etc/letsencrypt/live/ghostblog.domain/privkey.pem

There’s also the redirect from http to https but I do that in a separate VirtualHost with a permanent redirect. Without the RequestHeader line, you end up with a lot of internal redirects when you try to access the site over https.

Following the official installation works well, and if it detects that nginx isn’t installed, Ghost-CLI will let you skip that part of the configuation and it trusts that you’ll figure it out some other way.

Ghost-CLI also performs the database configuration and stuff for you, assuming you know the/a MySQL username and password on your server.


I only had a cursory look inside Ghost and my first thought is that it’s so quick. Really, really quick. I’m tempted to move this site there. Or maybe I’ll make a thing in Ghost and slowly migrate across. The main thing that’s getting in the way of moving over is that I’ve used a theme called Divi which I suspect has inserted a lot of garbage into posts made with the Divi Builder.

One day, maybe.