Philips hue API & Twitch Stream

I recently added a Philips hue Lightstrip to my hue collection with a specific intent. My son has started a twitch channel (please follow) and I wanted way to know when he is online using the Lightstrip so not to enter the room he streams from as I’d be in the camera shot and at the age of 14 your dad in your stream is no a good thing, apparently.

I came up with the following idea. Lights are green when he is on the computer but go red when he streams. So how do you make this happen.

Firstly I checked out IFTT but its just not good enough, sure you can change the light the you start streaming but there is nothing to change back the you stop streaming.

The answer was an addition to my Home Assistant instance.

Once twitch is configured in HA a simple automation can monitor the status of stream and change the lights from green to red and then red to green.

Next thought was turning the lights on and off and to do this called for using the Hue API. This is fairly easy to construct once you have your API key. Hue have a really simple guide on how to do this and also find the ID of the lights on your network you want to control.

So once we have our API key and the ID of our lights we can make a Powershell script to run on the PC used for twitch streaming as below:

1
$apicontent= '{"on":true, "sat":254, "bri":254,"hue":25535}'
1
Invoke-WebRequest -Method put -Uri http://192.168.X.XX/api/YOURAPIKEY/lights/10/state -Body $apicontent -UseBasicParsing

The first line controls the lights,

1
"on":true

 turns the light on following three parts set the lights temperature, brightness and colour, 25535 is green.

The second line does the web request and is were is you add your huebase station IP address, your api key and the light device ID, in this example it’s 10.

So now we can add this to our PC as .ps1 file I called mine hueon.ps1 and dropped it directly in C:/ root.
Next we need to create a batch file to call the powershell script as below:


1
2
@ECHO OFF
PowerShell.exe -Command "C:/hueon.ps1"

This can be saved anywhere you want I called mine hueon.bat and saved to my documents folder. If you run this your lights should come on. If they don’t check your the path is correct to the .ps1 and the API call is correct.

Now we need to call the batch file at logon to do that in the Windows search bar type

1
run

and then open 

1
gpedit.msc

 and go to:
User Configuration -> Windows Settings -> Scripts -> Logon -> Properties -> Add

Select you .bat file and you are done. When the PC logs in, the .bat will run the Powershell script and on come the lights.

If you want the lights to go off when you logout/shutdown your PC just repeat creating a .ps1 & .bat but change

1
"on":true

 to

1
"on":false

 in your API call and in gpedit.msc select logout and then you batch file.

So now we have:
PC boots and logs in lights come on and go green
If a twitch stream is started they go red
When the stream is stopped they go green
When the PC  is logged out or shutdown they go off

Unifi Controller Cloud Access Issue Resolved

I’m a big fan of Unifi kit but a while back I did a Cloudkey controller update and lost access to enable remote access.

All I was seeing was this:

When clicking on Enable Remote Access the error was instant, not enough time from clicking to trying to sign in so I knew something was up.

I also noticed that I was no longer getting update notifications for my Unifi Access Points or my Unifi USG.  After another firmware update to the Unifi Cloudkey (1.1.11) and controller update (5.12.72.x) I was still unable to get remote access to work.

The fix however is simple:

ssh into your cloudkey

Once in stop the unif service

1
<span class="s1">service unifi stop<br /></span>

Then run the following to remove and update certs

1
rm /etc/ssl/certs/java/cacerts &amp;&gt; /dev/null; update-ca-certificates -f


Then start the service

1
service unifi start

And we are back 🙂
Remote access now enabled and also all my kit started reporting updates available.

Upgrade node.js to 12.16.2 with n on hoobs

Recent changes to hoobs require that node.js is on at least 10.17.0 while most installs on raspberry Pi are “stuck” on 10.15.2 or 10.16.0


I found that simply running standard updates for the raspberry Pi would not result in node.js getting updated and was being told 10.16.0 was the latest version despite hoobs telling me 12.16.2 was the latest. The small orange circle with exclamation informs a update is available but there is no mechanism from the UI to update.

I managed to upgrade using n – https://github.com/tj/n this is a node.js version manager and makes the upgrade process so simple.

Open Terminal in the UI from the top right three dots.

I deleted all npm cache, not ideal but I was still getting issues and this resolved:

1
sudo npm cache clean -f


Then I updated & installed n:
1
sudo npm install -g n sudo n stable

Now simply run n and the version number required to update
1
sudo n 12.16.2
Finally restart hoobs and once back

node.js 12.16.2

note this is using hombridge with the homebridge-config-ui-x v4.16.0 UI and not the latest version of hoobs.

macOS Catalina – The Enterprise issue

Once again it’s that time of year when Apple release their next macOS, and once again Mac Admins scramble to block user’s updating.

With Jamf restriced policies in place and communications sent to all Mac users and posts on internal intranets you would of thought users would get the message to hold off updating…..but still they try.

The main issue though is now Catalina is available it will only be weeks until Mac’s ship with it installed as default. Apple confirmed to me either these Mac’s will have updated firmware to prevent downgrading to Mojave or downgrading could void the Apple Care for Enterprise warranty. So like every year Mac Admins have to warn users if they buy a Mac and it ships with Catalina don’t expect to use it and certainly don’t expect to be supported (yet).

It’s a odd situation, shiny new macOS being promoted, possible end of year hardware budget needing to be spent as it may be a case of “use it or loose it” but due to Apple’s history on first release and even second and third release not being Enterprise ready (#iamroot) Admins get stuck, users think they are slow and being awkwark as of course “I updated at home and its fine” but all we are really doing is trying to stop the pain and issues early upgrading will cause.

If Apple really want Mac’s in the Enterprise on ordering Enterprise Mac Teams should be able to state (with some restriction) the OS required, even if its latest version of previous, so Mojave 10.14.6 (18G103)  at least for the first 3-4 months after the new OS is avialable.

Come on Apple make this happen, make Apple in Enterprise great not frustrating.

 

Hoobs – Adding AdGuard Home

Hoobs is a simple Homebridge implementation, takes minuets to get up and running on a Raspberry Pi.

But as its on a Raspberry Pi you can also run other applications, for example AdGuard Home. AdGuard is a DNS AdBlocker, you simply run, configure and then set up your router with DNS IP of your AdGuard install. Your network devices will eventually start using this as their DNS. Its similar to piHole but better 🙂

Simply open your Hoobs Homebridge site which is usually http://hoobs.local/ From the three vertical dots on the far right select Terminal and install AdGuard

My commands are bold and this shows full output:

hoobs@hoobs:/var/lib/homebridge $ cd $HOME
hoobs@hoobs:~ $ wget https://static.adguard.com/adguardhome/release/AdGuardHome_linux_arm.tar.gz
--2019-10-09 13:52:29-- https://static.adguard.com/adguardhome/release/AdGuardHome_linux_arm.tar.gz
Resolving static.adguard.com (static.adguard.com)... 104.20.31.130, 104.20.30.130, 2606:4700:10::6814:1e82, ...
Connecting to static.adguard.com (static.adguard.com)|104.20.31.130|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 5280981 (5.0M) [application/octet-stream]
Saving to: ‘AdGuardHome_linux_arm.tar.gz’

AdGuardHome_linux_arm.tar.gz 100%[========================================================>] 5.04M 6.61MB/s in 0.8s

2019-10-09 13:52:35 (6.61 MB/s) - ‘AdGuardHome_linux_arm.tar.gz’ saved [5280981/5280981]

hoobs@hoobs:~ $ tar xvf AdGuardHome_linux_arm.tar.gz
AdGuardHome/
AdGuardHome/AdGuardHome
AdGuardHome/LICENSE.txt
AdGuardHome/README.md
hoobs@hoobs:~ $ cd AdGuardHome/
hoobs@hoobs:~/AdGuardHome $ sudo ./AdGuardHome -s install
2019/10/09 13:53:03 [info] Service control action: install
2019/10/09 13:53:05 [info] Action install has been done successfully on linux-systemd
2019/10/09 13:53:05 [info] Service has been started
2019/10/09 13:53:05 [info] Almost ready!
AdGuard Home is successfully installed and will automatically start on boot.
There are a few more things that must be configured before you can use it.
Click on the link below and follow the Installation Wizard steps to finish setup.
2019/10/09 13:53:05 [info] AdGuard Home is available on the following addresses:
2019/10/09 13:53:05 [info] Go to http://127.0.0.1:3000
2019/10/09 13:53:05 [info] Go to http://192.168.1.55:3000
hoobs@hoobs:~/AdGuardHome $

Thats’ it. AdGuard is now up and running at the IP address shown i the last output which is obviousy the same as your Hoobs IP. You then configure AdGuard via the web interface. The only setting to change is the interface port number as Hoobs is using 80 and 8080 so just pick something, I used 90. AdGuard will show in red if a conflict.

AdGuard is now running at http://192.168.1.55:90 or http://hoobs.local:90/

Hoobs AdGuard Install
Hoobs AdGuard Install

Clearing out JAMF restricted policies

When you restrict software using a JAMF restricted software policy it can sometimes be difficult to remove the restriction. Removing or excluding the Mac from the policy and a recon or policy update does not seem to always do the trick. The brute force way is to remove the blacklist.xml that contains the restricted policy information on the Mac you are having issues with.

SSH into the Mac and simply do:


1
sudo rm /Library/Application\ Support/JAMF/.blacklist.xml

Now run the manage command to add it back


1
sudo jamf manage

Done.

Obviously this has its drawbacks as in the time it takes to get the new blacklist.xml back on the Mac it’s open to having other restricted software installed. So use with caution.

Check Mojave for 32-bit Apps

Mojave will alert you to any 32-bit apps when you launch them, which is both handy and annoying. However if you want to run a check 32-bit apps, run the following in the Terminal.


1
/usr/sbin/system_profiler SPApplicationsDataType | /usr/bin/grep -A3 "64-Bit (Intel): No" | /usr/bin/sed -n 's/.*Location: \(.*\)/\1/p'

It’s interesting what you might find but commonly Adobe are lagging behind .


1
2
3
4
5
6
7
8
9
10
11
12
13
/Applications/Utilities/Adobe Creative Cloud/HDCore/Install.app
/Applications/Utilities/Adobe Creative Cloud/HDCore/Uninstaller.app
/Applications/Utilities/Adobe Application Manager/DECore/Setup.app
/Applications/Utilities/Adobe Application Manager/DECore/DE5/resources/uninstall/Uninstall Product.app
/Applications/Utilities/Adobe Application Manager/DECore/DE6/resources/uninstall/Uninstall Product.app
/Applications/Utilities/Adobe Application Manager/LWA/AAM Registration Notifier.app
/Applications/Utilities/Adobe Application Manager/P6/AAM Registration Notifier.app
/Applications/Utilities/Adobe Application Manager/P6/adobe_licutil.app
/Applications/Utilities/Adobe Application Manager/UWA/AAM Updates Notifier.app
/Applications/Utilities/Adobe Application Manager/D6/Setup.app
/Applications/Utilities/Adobe Application Manager/core/AAMLauncherUtil.app
/Applications/Utilities/Adobe Application Manager/core/Adobe Application Manager.app
/Applications/Utilities/Adobe Application Manager/DWA/Setup.app

macOS Mojave 10.14.x Update Preferences – Default Writes

Automatic check for updates

1
sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate AutomaticCheckEnabled -bool TRUE

Automatic download new updates when available

1
sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate AutomaticDownload -boolean TRUE

Install macOS updates

1
sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate AutomaticallyInstallMacOSUpdates -boolean TRUE

Install app updates from the App Store

1
sudo defaults write /Library/Preferences/com.apple.commerce AutoUpdate -bool TRUE

Install System Data Files and Security Updates (both writes required)

1
sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate CriticalUpdateInstall -boolean TRUE
1
sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate ConfigDataInstall -boolean TRUE

AppleScript Force Software Updates

I needed a simple way to force Mac’s to run all updates from the Apple App store and then restart but give users notification and an option to defer for a set time.

This is what I came up with.

AppleScript that runs a

1
softwareupdate -l

if anything is found it then runs

1
softwareupdate -i -a

which will install all available updates. After completion it then has kicks off a dialogue box informing the user the Mac needs a restart. They have two options, defer for 5 minutes or restart straight away.

The script will be added to Library/Scripts/ along with the linked company logo via JAMF install on Check-in

It can be run via ssh into the Mac and

1
osascript /Library/Scripts/update_restart_script.scpt

or via a JAMF policy with a Process payload.

Hopefully this will be more reliable that JAMF policies which either stay as pending or fail to restart the Mac even though set to Restart Imemdiately.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
if (do shell script "softwareupdate -l") contains "*" then
    do shell script "softwareupdate -i -a"
    tell application "Finder"
        activate
        repeat -- forever
            set answer to button returned of (display dialog "Mandatory updates have been applied." & return & "Your Mac is ready to restart." & return & return & "Please close all applications and click RESTART." & return & return & "For further information email: support@yourcompany.com" with title "Mandatory Security Update - Restart Required" with icon {"/Library/Scripts/logo.png"} buttons {"Wait 5 minutes", "RESTART"} default button "RESTART")
           
            if answer is equal to "RESTART" then
                tell application "Finder" to restart
                exit repeat
            else
                delay 300 -- time in seconds 300 is 5 minutes
            end if
        end repeat
    end tell
end if

Recent Posts

Become a Brewdog Investor!

Instagram

Amazon

Archives

Categories

Meta

GiottoPress by Enrique Chavez