sudo defaults write /System/Library/LaunchDaemons/com.apple.backupd-auto.plist StartInterval -int 14400

You can restore the default interval with:

sudo defaults write /System/Library/LaunchDaemons/com.apple.backupd-auto.plist StartInterval -int 3600

Please note that some carriers might block PPTP traffic. I experienced problems with using the VPN connection via 3G, while connecting through Wifi works for me. On 3G I can connect to the server, but no data is being transferred. On the server I see a lot of messages of the type “Protocol-Reject”. So if your device seems to be connected to the VPN but you get no traffic, it might be blocked by your carrier. You then need to find a Wifi Hotspot to use the VPN.

iOS Devices

Setting up the VPN is pretty straight forward:

1. Go to Settings and open the “General” settings
2. Select “Network”
3. Select “VPN”
4. Choose “Add VPN Configuration…”
5. On this screen make sure you activate “PPTP”. Now you can name your VPN connection and enter the address of the server, your login and your password. Ensure that “Send All Traffic” is “ON”. Now save your settings.
6. Now you can turn on the VPN connection. An active connection is indicated by a blue “VPN” icon in the status bar.

Android Devices

On Android, the steps are quite similar:

1. Go to “Settings” and open “Wireless & networks”
2. Select “VPN settings”
3. Select “Add VPN”
4. Choose “Add PPTP VPN”
5. Enter the “VPN name” and the server address in “Set VPN server”. Encryption should be enabled and DNS search domains not set. Now pull up the menu and save your changes.
6. Click on connect and enter your login and password.
7. An active VPN connection is indicated by a key icon in the status bar.

Just edit the file /etc/proftpd/proftpd.conf and add these 2 lines:

UseReverseDNS off
IdentLookups off

Lesson learned: I should read manuals more often.

Qnap is working on an updated firmware but my device will not receive this update, so I need another solution.

Thanks to Alexander Wilde there is a simple solution to reenable the now missing authentication schema.

Open up the Terminal app, enable write access to /Library/Preferences and change a setting for AppleShareClient:

sudo chmod o+w /Library/Preferences
sudo defaults write /Library/Preferences/com.apple.AppleShareClient afp_host_prefs_version -int 1

Now reboot the computer and try to connect to the AFP share. There will still be an error, but now Lion has updated the AppleShareClient plist file and we can enable the old authentication mechanism and remove the write permission from the Preferences folder:

sudo defaults write /Library/Preferences/com.apple.AppleShareClient afp_disabled_uams -array "Cleartxt Passwrd" "MS2.0" "2-Way Randnum exchange"
sudo chmod o-w /Library/Preferences

After another reboot, the AFP shares are now working again.

To reset the setting, just use:

sudo defaults write /Library/Preferences/com.apple.AppleShareClient afp_disabled_uams -array-add "DHCAST128"

I released Gigtool for a price of $1.99 in the music category of the store. As long as Gigtool was mentioned on the front page of that category under the “New & Noteworthy” section there was a steady stream of around 5 sales per day. This dwindled to next to nothing once Gigtool dropped out of the “New & Noteworthy” section. At that time I had only around 2 sales per week.

After 4 weeks I decided to check out how many people would download the app if it is a free app. I did not expect the results though. Gigtool got mentioned on a couple of news sites which monitor the app store for price drops and that lead to around 7000 downloads in the first week. Seems like people were downloading Gigtool without even knowing what it does just for the sake of it. Downloads remained in the area of around 50 per day throughout the month.

The following month I released a small bugfix update and changed the price to $0.99. It seems that around half of the people who downloaded Gigtool for free still have it installed on their device. So it is obvious that there is a target audience out there for this app. Sales went a little smoother than when the app did cost $1.99. For the last 2 month I had a steady 5 to 10 sales per week. This is not very much, but at least it will cover the costs (app store, website, domains, …).

So, after these 4 months, have my expectations been met? Well, yes and no I guess. I did not have great expectations in the beginning. My goal was to cover the costs. I guess this goal will be reached in a couple of month. So this is one side of it. The other side is that without proper marketing even a highly specialized application will not do well on the app store. There are a couple of customers that find the application via the search box but this is by far not enough to cover any development costs at all.

I thought that people searching for this type of application would be willing to spend more than $0.99 for the app, but here it seems, that the $0.99 price seems to be a kind of motivation wall. Once the price is higher, sales drop dramatically. With a price of $0.99 the revenue is nearly twice as high as with a price of $1.99.

So, what did I learn with my first app in the app store. I guess it is absolutely necessary to promote your app. Send out demo keys to blogs and news sites related to your target audience. This is something I want to try in the future. Also pricing seems to be important. Staying below the $1 barrier boosted the overall revenue.

Personally, I will take a look at the influence of marketing the app and I also plan to develop another small app which will be free and use the iAds mechanism for revenue. Let’s see how well that performs.

In this small howto I will describe how I have setup Gitolite on my Ubuntu 8.04 server. Please note, that Ubuntu has included Gitolite in the 10.10 release, so that the installation is even simpler now. I will describe the manual installation procedure for Ubuntu releases prior to 10.10.

The first step is to install the git software on the server:

sudo aptitude install git-core

Please not, that gitolite neads at least version 1.6.2 of git. If your distribution contains an older version (this is the case with Ubuntu 8.04), use a backport package, or install git via source.

Now we need a user account which will be used to run gitolite. The user will not be able to login via password authentication, we will only allow certificate based authentication:

sudo adduser --system --group --disabled-password --shell /bin/bash --home /home/git git

This user needs to have certificate based SSH access. So we need to create a certificate we can use to login to the server. This is done on your local machine, for example on the development box:

cd ~/.ssh
ssh-keygen -t rsa -f id_rsa_git

When prompted for a password, just press enter to enable passwordless logins. It is recommended that you activate a password for this account after the gitlite installation, as this certificate enables a login to the shell on your server. This can be done via ssh-keygen -p.

The user account on the server now needs to register the public key, to enable login with the new certificate. Log on to your server, change to the new user git and follow these steps:

cd
mkdir .ssh
chmod 700 .ssh
cd .ssh
touch authorized_keys

Now edit the file authorized_keys and add the contents of the created id_rsa_git.pub file from the local machine to the authorized_keys.

Before you can log in with that user, it could be possible that you need to add that user to the file /etc/ssh/sshd_config in the setting AllowUsers. This depends on the setup of your ssh daemon. After changes to this file, you need to restart the ssh daemon.

Now check, if you can login from the local machine with your new certificate (replace SERVERNAME.COM with the address of your server):

ssh git@SERVERNAME.COM

The following steps are done on your local machine.

Get the current version of gitolite and start the installation wizard:

git clone git://github.com/sitaramc/gitolite
cd gitolite/src
./gl-easy-install git SERVERNAME.COM gitadmin

gitadmin will be the username to administer the gitlite installation. The installation wizard will ask you some questions. Generally you can accept the default options.

I experienced a problem towards the end of the wizard. It complained that the default identity has not been set. This is an error from the server. You can get rid of it by logging in to the server as the git user and then setting the identity in the git config:

git config --global user.email "you@example.com"
git config --global user.name "Your Name"

The installation wizard will setup gitolite in the home directory of the git user on the server. It will create a new certificate for the user gitadmin which can be used to administer the gitolite settings.

After the wizard has finished, there will be a new directory gitolite-admin in your home folder on the local workstation. You can add user certificates and create git repositories inside this directory by copying the public keys and editing the config files. When done, push the changes to your server and the configuration is active.

Users will not get shell access to the server. When they try to login via ssh with the certificate they will only get a list of all repositories they may access. With gitlite you now have the option to add a number of users without the need to create accounts on your server.

Further information on how to setup the gitolite server can be found in the documentation.

Today the application has been added to the App Store. In a couple of weeks I will write up about my experiences with Gigtool. More information about the app is available on the Gigtool website.

There exist 2 solutions which seem to work for me so far:

• Switch the iPod into Airplane mode when network access is not needed
• Go to Settings -> Notification settings and toggle all the settings of all applications in that screen to ON and back to OFF. It seems like some these applications have been using wrong settings even with global notification turned off. Toggling the individual settings has reset them to the desired state. You can see if this step was successful by opening the overview of connected WLAN devices in your WLAN access point and then putting your iPod to sleep. It should drop out of the list of connected devices after about 10 seconds of sleep.

Let’s hope that Apple will fix this issue with iOS 4.2 due in November.

Update

The described fix did not prove to be permanent. Every now and the setting seems to reset itself and the iPod stays connected to the WLAN in sleep mode. So back to square one: turn on airplane mode whenever Wifi is not needed. Damn!

The EC2 Micro Instance is an ideal way to operate your own VPN-server, when you need it only a couple of hours per month. Let’s assume, that you want to use it for about 50 hours per month with around 10 GB of traffic, this means $1.00 for computation time + $1.50 for 15 GB of storage + $1.50 for 10 GB outgoing traffic. So for $4 this is quite a good offer. Granted, you can find commercial VPN providers for $5 per month, but it is more fun to do it yourself. In this article I will describe, how to setup an EC2 instance as a VPN-server.

I choose to setup a PPTP server. PPTP is not the most secure type of VPN, but it has the big advantage, that it is the most compatible. Nearly every OS is able to open a PPTP connection without additional software and this includes mobile devices like iPhones/iPads.

First, you need to choose a base image to boot in the Micro Instance. I have selected an 32-bit Ubuntu 10.04 server image. The AMI-ID of this image is ami-6c06f305. Start this image in a Micro Instance and log in with your SSH-key. For more details on these steps, refer to the AWS documentation.

Once you are logged in, you can install the pptp-daemon:

sudo aptitude install pptpd

Configuring the pptp-daemon is a breeze. First you to define an IP address range which will be used for connected clients. This can be any IP range, but keep in mind, if you want to avoid routing problems, choose a private IP range. Uncomment and modify 2 lines at the end of /etc/pptpd.conf:

localip 192.168.240.1
remoteip 192.168.240.2-9

With the above settings, the pptpd server will get the address 192.168.240.1 and there are 8 possible client addresses 192.168.240.2 to 192.168.240.9.

It is also a good idea to specify the address of at least one DNS server. You can use the DNS server of amazon (172.16.0.23) or the Google Public DNS. I choose the latter. Open the file /etc/ppp/pptpd-options and make sure it contains the following settings:

ms-dns 8.8.8.8
ms-dns 8.8.4.4

The last step for configuring the pptpd-daemon is to add a user account for the service:

sudo echo "USERNAME pptpd PASSWORD *" >> /etc/ppp/chap-secrets

Replace USERNAME and PASSWORD with whatever credentials you like. It is possible to add as many users as you like.

Now restart the pptp-daemon:

sudo /etc/init.d/pptpd restart

It is already possible to open a PPTP-connection to the server, although no traffic will be forwarded to the Internet. We still need to enable packet forwarding and network address translation on the server.

To enable packet forwarding, uncomment the following line in /etc/sysctl.conf:

net.ipv4.ip_forward=1

Now reload this config:

sudo sysctl -p

The last step is to enable network address translation:

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

This setting is reset on every reboot, so make sure that you add the following line above exit 0 in the file /etc/rc.local:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Now the VPN server is fully functional. The only small problem is, that the server will get a new IP address every time you reboot it. I would recommend using a dynamic dns-provider to assign this machine a unique domain name. I am using DynDNS.

The ddclient is a great little tool to update the current IP address on a number of different dynamic DNS services. Installation is done as usual:

sudo aptitude install ddclient

Once installed, the configuration is done in the file /etc/ddclient.conf. It will already contain some usefull settings, because the installer will require you to enter some information about the DNS service you are using. In the end the configuration should look something like this:

protocol=dyndns2
use=web, web=checkip.dyndns.com/, web-skip='IP Address'
server=members.dyndns.org
login=LOGINNAME
password='PASSWORD'
DOMAINNAME.dyndns.org

Replace LOGINNAME, PASSWORD and DOMAINNAME.dyndns.org with your own settings. The most important line is the one starting with use=. This defines that the registered IP-address is detected by DynDNS itself. This is neccessary, because the virtual machine is running with a private IP address.

That’s it! Now you have your own VPN-server up and running. Just start the instance in the AWS Management Console whenever you need it.

Update:

Here is a screenshot of the security groups setup I am using:

Update 2:

Please take a look at my follow up posting on how to connect to the VPN from an iOS or Android device.

I use a Qnap NAS as a central network storage for backing up mulitple Macs and therefore I want to define strict limits for the maximum size of each Time Machine backup. So after noticing the new image sizes, I tried to resize them with hdiutil:

hdiutil resize -size 500g MYBUNDLENAME.sparsebundle

Unfortunately Time Machine resizes the image size every time it runs, so it is necessary to prevent it from resizing the image.

The image size of a sparsebundle is stored in the Info.plist file inside the bundle directory, so I tried to remove write permissions to that file from the terminal:

cd /Volumes/MYSHARE/
chmod a-w MYBUNDLENAME.sparsebundle/Info.*

This wasn’t working either, because OSX seems to reset the permissions to Info.plist automatically.

The solution which is finally working for me was to login to my Qnap box via SSH and change the permissions there via chmod:

chmod a-w MYBUNDLENAME.sparsebundle/Info.*

Now, when Time Machine starts, it tries to resize the image but fails, as the Qnap server is preventing any changes to the Info.plist file. You can see this behavior in the system.log:

23.05.10 22:29:13	com.apple.backupd[378] Resizing backup disk image from 500.0 GB to 989.8 GB
23.05.10 22:29:13	com.apple.backupd[378] Could not resize backup disk image (DIHLResizeImage returned 35)

After this logging message, the rest of the backup runs fine. For me this is a nice workaround until there is an official way to limit the backup size.