X Marks the Spot

random commentary on life, the universe, and anything

October 4, 2023
by puhfu

You know you’re procrastinating when you start doing site admin tasks

Doing some long-delayed site clean-up.

  • Removed the COVID links page from the header
  • Reconfigured the Smash Balloon Instagram feed plugin to deal with the new Instagram API
  • Installed the Smash Balloon Custom Twitter Feeds plugin to replace the non-working old twitter feed plugin
  • Fixed an .htaccess permissions issue (for future reference: https://developer.wordpress.org/advanced-administration/server/file-permissions/
  • Wonder why collab points to slack and not trello or jira or confluence
  • Marvel at how outdated everything looks, including the smugmug page design
  • Get seriously annoyed at the Gutenberg block editor “Updating failed. The response is not a valid JSON response.” error banner and install the classic-editor plugin
  • Decide that sleep is overrated and decide to figure it out. Looks like my REST API isn’t working. At least I’m getting a REST API Response: (404) Not Found error in the Site Health status section. Will try deleting the .htaccess and resaving Permalinks to regenerate it.

Edit: regenerating the .htaccess did not work. I’ll figure it out later.
Edit2: Sleep is overrated. I have eliminated .htaccess as the source by regenerating permalinks and have made sure that the URLs are set correctly in WP settings. I have deactivated all plugins and reactivated one by one without success. It’s not firing errors into the log. I worry that this may be a theme conflict since my theme is ancient (2008!) and I have edited it to be a child theme.

August 11, 2020
by puhfu

Remote L3 adoption of UniFi Security Gateway (USG) by Cloud Key controller

I have an EdgeRouter 4 and dual WAN set up at our primary location with the WLAN managed by a Cloud Key gen 2. I needed to set up a Unifi Security Gateway at a secondary site for the usual reasons but wanted to use the primary site Cloud Key controller to manage the USG (vs having a second controller).

I started with the UniFi – Device Adoption guide which, in hindsight, was both generally informative and totally unhelpful. Almost anti-helpful in fact. Following the guide, I wound up setting up a ‘temporary’ controller on a laptop to do the basic config for the USG.

I was able to set up a site-to-site L2TP VPN between the EdgeRouter and the USG using the very clear EdgeRouter – Site-to-Site IPsec VPN to USG guide.


As a side note, easiest way to verify that the VPN is up using the Feature Wizard > VPN Status (https://edgerouterip/#Wizard/feature/VPN_status).

Although the VPN was up, the Cloud Key controller could not see the USG at all. The UniFi – Troubleshooting Device Adoption guide was generally informative and helped to identify the issue. The USG needs an “inform address” to phone home to in order to be adopted over the internet. Unfortunately, it pointed to the UniFi – Device Adoption Methods for Remote UniFi Controllers guide which was quite the waste of time. With the one exception of needing to set the inform URL on the USG – which you can’t do if you can’t connect to it remotely.

I found the solution in USG set-inform for dummies.

Here’s what worked for me:

Primary Site
  1. Set up dynamic DNS for my primary site WAN connection (as the WAN IP is assigned via DHCP). If you have a static address, create a DNS A record.
  2. Map TCP port 8080 at the EdgeRouter through to the Cloud Key inform port. (UniFi – Ports Used)
  3. Map UDP port 3478 at the EdgeRouter through to the Cloud Key for STUN support. (UniFi – Troubleshooting STUN Communication Errors)
Secondary Site
  1. Reset USG to factory default state (or start from there if you didn’t waste time configuring the USG like me)
  2. Plug the WAN connection into eth0. It’ll pull an IP from your ISP DHCP server. Should be live on internet at this point.
  3. Plug a computer into eth1. The default USG runs a DHCP server and assigns an IP from
  4. ssh into the USG ( using the username/password: ubnt/ubnt
  5. Enter the following:
# mca-cli set-inform http://unifi.controller.com:8080/inform
# exit
# reboot

The USG should now be visible in your Cloud Key controller for adoption. It disappears and then reappears when provisioned. Keep in mind you can only have one USG per controller site, so if you have a USG already you will need to have a second controller site for the new USG.

July 3, 2020
by puhfu

Edgerouter 4 and https SSL certs

Wanted to get rid of the annoying not secure https session so found these instructions.


Used zerossl.com for the 90d certificate. So every 90d I have to install the updated cert.

Quick instructions:

  1. CSR -> zerossl
  2. Generates cert and ca-bundle (as .crt files)
  3. Download and save on local computer, extract zip
  4. Copy cert into server.crt on ER4 and append key file (cat <keyfile> >> server.crt)
  5. Copy ca-bundle into ca-bundle.crt on ER4

That should work for updates.

June 18, 2020
by puhfu

Day One and IFTTT troubleshooting

The Problem

I couldn’t get twitter and facebook sync to work using IFTTT. Both failed with “There was an error during the check process.” messages.

Adam @ Day One support chat was amazingly helpful.

The Solution for Twitter

Because I purchased through the Mac app store, my Apple ID was linked to the account and the iCloud email was propagated as the account email, but there was no Day One account password set. In order for IFTTT to sync to Day One, it has to use the Day One account to log in instead of a federated login (like Google or Apple ID). Here’s what I had to do to get it to work:

  1. Go to https://dayone.app/settings in a web browser
  2. Click the option to sign in with Apple ID. 
  3. Sign In. 
  4. Add a password to your account. It may look like there is a password (has a bunch of “*********”, but if there is a box to the right to click that says “add password” then there isn’t a password. If there was a password already, it would say “change password”.

Then, I had to reconnect the service using the sign in with email option instead of Apple ID.

*Pro-tip: sign out from Day One first (https://dayone.app/logout) so that you get prompted to sign in using the Day One account (vs Apple ID)*  

Ref: https://help.ifttt.com/hc/en-us/articles/115010229587-How-do-I-change-the-account-associated-with-a-service-

Once all that was done, it passed the check.


And then it started failing again. This was using the official Day One applet. There’s something janky going on. I got frustrated and just created my own applet and it works fine now.

The Solution for Facebook

Turns out, the facebook issue was as simple. The service was logged out. Duh. Logged back in. Works like a charm.

I wound up creating my own applet for Facebook link posts because I didn’t like the formatting of the Day One version.

June 17, 2020
by puhfu

Journals, Journaling, and the app journey (which was pretty brief, actually)

Well, after some encouragement from my therapist (dealing with my mom’s rapidly declining health), and some procrastination, I’m finally biting the bullet and doing what all the, heck, not cool, but actually, who journals?

Rabbit hole: https://medium.com/mind-cafe/why-keeping-a-daily-journal-could-change-your-life-9a4c11f1a475

I guess you can take the boy out of the workplace and make him work from home because of COVID-19 but you can’t take the informaticist out of the boy.

Functional Requirements:

  1. A good UX and UI
  2. Nice fonts
  3. Makes it easy to write
  4. Easy to add photos or video from iPhone (or desktop but mostly iPhone)
  5. Integration with Facebook, Instagram, maybe Pinterest (for recipes, seriously guys, stop hating), and this WordPress blog
  6. Integration with Peloton (seriously, don’t appreciate the judgment)
  7. Available on MacOS with apps for iPhone and iPad that take into account that they are different platforms
  8. Sync across platforms, frequently, so that can start on one, continue on another
  9. Exportability in case someone gets greedy and I need to cash out my chips from that platform


  1. Freemium is not going to be enough. What’s the threshhold? Probably $3/month (one Starbucks-ish)
  2. Apple ecosystem is priority over others
  3. I need to do the least amount of work possible to include the most amount of information



  1. Evernote – simple, basic, I use it for note keeping (outside of the notes I keep in OneNote)
  2. Day One – minimalistic, Instagram integration is out of the box, uses IFTTT for sync (yay since I already use that), covers the platforms I would likely use to journal (MacBook, iPhone, iPad), but uses own sync service
  3. Journey – closest to Day One but cross-platform and web (but really, how important is this? am I ever going to do this on an android device or linux box? nope), Zapier for integration, uses Google Drive to sync/store data

I really wanted to test out the sync had to buy something. Rolled the dice, ignored the people bitching about Day One moving to a subscription model (hey, they have to pay for infrastructure somehow), bought it.

Some problems:

  1. If you sign up for Day One first using google authentication (OAuth2), but then purchase through apple authentication (in-app purchase), you wind up with two Day One accounts. Took a bit of figuring out, but deleted the google account and then logged into Day One using apple account.
  2. Why did I need to do this? Well, IFTTT is the sync tool. You have to have the premium version of Day One in order to use IFTTT. But the premium version was registered to the apple account and I was logged into the google account. Yes, it’s been that kind of day.
  3. I can’t get twitter and facebook integrations to work through IFTTT. It fails the service check. (“There was an error during the check process.”) Will it work? Only time will tell.
  4. I guess this is the check on whether the WordPress integration works. Here goes nothing.


  1. WordPress to Day One worked!
  2. Sort of.
  3. If you include an image URL in the recipe, and there is no image, it breaks and shows a file not found image. Okay, that makes sense. Thanks IFTTT for great documentation and putting the URL to the explanation *IN* the image itself. That was really nice.
  4. No HTML formatting.