This is a copy-pasted and edited rant that was originally a series of chat messages but seemed worthwhile to save. HeatSync Labs is the hackerspace I helped co-found in 2009. Champions are HSL’s name for chief board executives, and HYH or Hack Your Hackerspace is the regular member meeting where shop business is discussed and voted upon, and shop maintenance or projects are undertaken, with the goal of members self-governing rather than the Board issuing many top-down edicts or directly running many day-to-day programs.

HeatSync has survived for 13 years due to certain aspects of its self-sufficiency, altruism, and cooperativeness. One of the core jobs of the Champions is to attract and inspire people who want to give money, give time/energy, or both… to a ragtag bunch of tinkerers and underserved demographics like kids, low-income or underprivileged people, etc. So when we advertise and put calls for members or volunteers into the world, we try make it attract the right people. One of the fastest ways to kill a makerspace would be to be on the front page of a newspaper and have a thousand people show up at the front door thinking that this is a literal “build-a-bear” for 3d printing, or a daycare, because that’s likely not what volunteers signed up for. The difference between the two is in the language and concepts used to advertise.

We’ve looked at having big sponsors, but nobody seems to have $5,000,000 laying around to help tinkerers tinker without strings attached. I don’t think there’s money in hackerspaces for the same reasons that there’s no money in libraries or rec centers: the instant that you monetize it and turn it into a book store or a gym you lose something important.

It took me way too long to figure out how to dump an xml document or xml node to a string (memory) or a file export in C, so here are some premade functions ready for use.

void xml_node_to_file(char *path, xmlDoc *document, xmlNode *node) {
    FILE *f;
    f = fopen(path, "w");
    xmlElemDump (f, document, node);
    fclose(f);
}

/* free the result */
char *xml_node_to_string(xmlDoc *document, xmlNode *node)
{
    char *out;
    xmlBufferPtr buffer = xmlBufferCreate();
    int size = xmlNodeDump(buffer, document, node, 0, 1);
    out = malloc(size);
    strcpy(out, (char *)buffer->content);
    return out;
}

Usage example:

xmlDocPtr  document1;
xmlNodePtr root1;
char *dump1;

document1 = xmlParseDoc((xmlChar *)"<?xml version=\"1.0\"?><root><a></a><b></b></root>");
root1 = xmlDocGetRootElement(document1);
dump1 = xml_node_to_string(document1, root1);
printf("dump1: %s", dump1);

if(dump1) free(dump1);

xml_node_to_file("/tmp/dump1.txt", document1, root1);

Here’s a great way to search /aws/rds/cluster slowquery logs in CloudWatch for entries with a high “row examined” count:

parse @message "*Rows_examined: *\n*" as full, rows
| display full, rows
| filter rows > 200000
| fields @timestamp, @message
| sort @timestamp desc
| limit 20

Change “200000” to whatever threshold for rows you want to specify.

Why bother 3d printing a whole tenting kit when you can get away with something simple quick and cheap? I bought size 000 rubber stoppers, just under an inch tall and half an inch wide, from the hardware store. Then I drilled out the middle to fit the M3 screws used in the Ergodox acrylic case construction, and replaced the screws with slightly longer screws. Finally, I just “screwed” the stoppers onto the bottom. Works pretty well for 10 minutes of labor! Note, I also have rubber feet on the outside corners to ensure the desk doesn’t get scratched by the other screws.

There are some tricks to getting this working: using the wrong CalDAV URL, username, password, sync tool, or version can cause a lot of frustration. Here’s what worked for me here in 2021.

The Holmes HAPF21 (G) replacement air filter and the HAP222 itself has been discontinued, but if you still want to keep using it you can buy a Honeywell (or generic Flintar) HRF201B (“U”) filter and cut it to size with scissors. It’s almost exactly the same width and just a little bit longer, and as long as there’s no substantial air leakage it’ll still do a great job of filtering. The carbon pre-filters seem like they’re still somewhat available, but in any case they’re generic too and can also be cut to size.

The only downside is that it’s about 1/4″ too tall for the unit so the lid doesn’t fit tightly anymore, but that often doesn’t matter to me anyway.

If you get this error:

ImportError: cannot import name 'ogr' from 'osgeo'

The most likely cause, assuming you’ve tried to install osgeo directly, is that you installed osgeo from pip and got this package: https://pypi.org/project/osgeo/#history (osgeo-0.0.0-py3-none-any.whl) — which, if you look at it, appears to just be blank files. This won’t go so well.

From what I can tell, the correct solution is to install only what’s necessary via the GDAL package. OSGEO should be included in GDAL. https://pypi.org/project/GDAL/

When I was a kid, my mom would make “Poor Man’s Beef Stroganoff” with ground beef, mushroom soup, and no additional dairy. I kicked it up with steak tips and a bit of milk for the sauce but kept it affordable and easy.

• Prep Time: 5 minutes
• Cook Time: 15 minutes
• Total Time: 20 minutes
• Yield: 5-6 servings
• Category: Noodles
• Method: Stove top
• Cuisine: European

Let me tell you a story. In my previous job I was the IT Manager at a real estate office. One of our construction guys always asked us questions about how to work his Blackberry smartphone. This guy was ten white hairs away from being a perfect church Santa Claus, like 75 years old, showed us pictures of his beloved grandkids, had calloused fingers the size of hot dogs that to this day I’m surprised were able to use that tiny keyboard. Finally one day he asks “is there a manual for this thing? I want to just study it so I don’t have to bug you guys every time I have a dumb question.”

Miso Ramen with gai lan (Chinese broccoli)

• Adapted from: Pickled Plum and Mike’s Mighty Good
• Prep Time: 15 minutes
• Cook Time: 10 minutes
• Total Time: 25 minutes
• Yield: 2 servings
• Category: Noodles
• Method: Stove top
• Cuisine: Japanese

Continue reading →

So for me it wasn’t obvious, but when you’re running make on the subscribe_publish_sample and getting a ton of warnings and errors like “exit 0” and “exec(exit) failed (No such file or directory)” and “Need an operator” and “Wildcard expanding .prevent_execution” it’s because FreeBSD uses a different make than Linux. They use Clang, whereas most Linux Makefiles are written for GCC.

So, what you have to do is explicitly run GNU Make, which is conveniently installed via pkg install gmake and run via gmake.

Voila! Suddenly it works again!

In order to laser-cut a map of middle earth for an art project, I first had to find a suitable vector. It seems a lot of the files online have disappeared. This one is simply a scan and vector trace of a rather-complete version of the original map, but extra painstaking work has been done to flatten the scans into one object so that it handles and imports properly (instead of simply being a solid fill layer of trees with white “negative space” layered on top.)

I got a bout of nostalgia the other day and decided that Phoenix (602, 480, 623) and Santa Rosa (707) needed Time and Temperature phone numbers again, in the retro style of the 90s and prior.

So if you need to hear a friendly robot voice, or want to know the weather or time, call:

707-210-1917

602-362-8463 (602-362-TIME)

The code is up on Github to make your own with Twilio and Weather Underground: http://github.com/zyphlar/twilio-time-and-temperature/

If you’ve got any ideas for easter eggs or features, hit me up 🙂

Recently some local coffee shops have seemingly begun to use routers provided by the ISP which hand out IPv6 addresses. Nobody else seems to have issues with this (even my phone seems fine) but my laptop is unhappy with the situation.

Initial debugging via ifconfig shows that I am only getting IPv6 addresses (no IPv4 addresses on the WiFi interface) and apparently the ISP does not have any 6to4 gateways or carrier-grade NAT configured because I can access IPv6-enabled websites like http://www.yahoo.com and http://www.google.com but not my own IPv4-only sites. Also obviously the ping, traceroute, and nslookup commands stop working as normal because of the ping6, traceroute6, and AAAA records instead of A records in nslookup.

Last time I came to this cafe I solved the problem by using some random 6to4 gateways online, which ended up working but was a massive pain.

This time, I poked around more (nothing seems to come up on Google) and ended up clicking the “Require IPv4 addressing for this connection to complete” and “Require IPv6 addressing for this connection to complete” checkboxes. That was the trick. Apparently Ubuntu gives up on finding addresses once it gets its first address, and apparently BOTH checkboxes need to be clicked on networks like this in order to actually work.

I got this error after adding an onKernelRequest listener to my Symfony project and trying to pass Twig_Environment to it as an argument. It worked via the web browser, but not in any PHPUnit tests hitting multiple pages.

After much head scratching and reading of the Symfony source code, I ended up making an onKernelException listener instead. Magically, rendering a twig template from it (passing a TwigEngine argument) worked.

So, here’s how I handle custom exceptions in a custom way. Notice I’m testing for Twig_Error_Runtime because my specific error is coming via Twig; you may be able to just test for regular Symfony exceptions instead:

https://gist.github.com/zyphlar/e1089be4c0f0499ab08b

Using this as a guide ( http://wiki.rsyslog.com/index.php/Working_Apache_and_Rsyslog_configuration )  I was able to get Apache’s access log, filtered, forwarding to my Papertrail instance (via syslog / rsyslog). It may be useful to someone: Continue reading →

A lot of tutorials are showing you how to create embedded forms with associations/relations — what about unrelated entities?

I figured out you can pass the second entity as a parameter to the parent form, pass it normally to the embedded form via the ‘data’ parameter, which will let the embedded form update the object. Then just persist() the object back in the controller like normal. No crazy data/request wrangling necessary! Continue reading →

Sometimes you really need to know what computers on your network were doing yesterday at noon, because you get a nastygram from the MPAA about bittorrent demanding that you do something — but bittorrent is notoriously hard to block.

You can try installing BandwidthD on your Pfsense router, to see who’s using a bunch of bandwidth at that time, and you can look back through DHCP or WiFi logs to see who was connected at the time, but the complaint letter tells you the exact time and port number used. Wouldn’t it be cool if you could log that?

Here’s what I came up with. Download the Cron package for Pfsense, and add a new Cron job:

Minute: 1
Hour/etc: *
Who: root
Command: pfctl -ss | egrep '(>.*>|<.*<)' | logger

The firewall states (who is connected to what) will now dump to your system log every hour — kinda noisy, but also kinda effective for tracking long downloads on random ports.

Sometimes you want to know if an IP is private or not. Here’s some Javascript: https://gist.github.com/zyphlar/8e7b2017a5d925ddd12c

Coming from Rails, I know that DRY (don’t repeat yourself) is a virtue. In my Symfony PHP project, I was faced with copy-pasting a hundred lines in order to test a bunch of methods in PHPUnit. So, I wrote a quick wrapper to take in the arguments as minimally as possible instead of cluttering up the code with tons of duplicate syntax: https://gist.github.com/zyphlar/c959b2d66bce1c10c637

How The Internet Really Works: A Hands-On Crash Course from Ethernet to HTTP using Wireshark

Whether you’re a hacker, IT pro, coder, or just curious, it helps to know exactly how the Internet works: you may understand the idea of connections, but do you understand all the protocols and steps that it takes to create and troubleshoot a connection?

Ever wondered what exactly happens between typing “google.com” into the address bar and seeing the webpage appear on your screen? Do you know what would happen if two computers had slightly different subnet masks, or how ARP spoofing works, or what exactly the Kaminsky DNS attack was, or what happens when you plug a switch back into itself?

This was presented at CactusCon 2014, and the slides / wireshark captures are available here: how-internet-works.zip (the slides are sparse; turn on notes to see what I said for each slide.) If you don’t have PowerPoint, you can download LibreOffice (free) or see the SlideShare.

Also note that this is a semester worth of Networking 101 presented in about an hour; this is enough to get you started Googling for topics of interest and hopefully a gut feeling for all the different things happening during a typical connection, but some bits are omitted– please do more research in order to get a complete understanding. Open Wireshark yourself and send out your own traffic; read books or tutorials, consider certification classes like Network+, Security+, or Cisco.

Finally, I’m happy to answer questions in the comments or on twitter @willbradley .

Full Notes

Just in case you can’t see the notes attached to the slides, here’s my full notes below: Continue reading →

Many people have been asking me about starting hackerspaces/makerspaces lately. I’m going to use this post to aggregate their questions and my answers.

What do you think about doing a Kickstarter for seed money?

It’s possible, but “the HeatSync Way” is to find your people first. To do this kind of endeavor it seems like you need 5-15 “good people” who are prepared to stick around for at least a year of creating this business — as a hobby, with perhaps 2-5 hours per week commitment. Continue reading →

1-month update! See the bottom of the post.

6-month update! See the bottom again.

1-year update! Seriously, see the bottom.

2-year update at the bottom!

Finally, a 3-year update!

Criteria

As a programmer I needed a laptop that was powerful, lightweight, had a keyboard I liked, and ran Linux well (no driver issues especially with WiFi.)

The Dell caught my eye because it’s almost exactly on par, price and specs wise, with a Macbook Air. (The big difference being battery life: Apple is boasting 12 hour stats that nobody else can touch. But I don’t mind carrying around a charger.)

I considered the competitors: Lenovo X1 Carbon, ASUS Zenbook UX301, System76 Galago UltraPro, Chromebook, but either the keyboard layout or Linux compatibility seemed iffy; the Dell is the only one that comes with Linux out of the box aside from System76. It’s obvious that Dell has put significant work into making their laptop compatible with Ubuntu, so I figured I’d support that effort and try it out. The others may work just fine with Linux, or you may be alright with their keyboards/trackpads; up to you! I just can’t stand nub-mice, trackpads that require effort to click, mushy keyboards, layouts that omit function keys, or layouts that place navigation keys in weird places.

Ordering

Firstly, Dell’s website leaves a lot to be desired. The only way to find the XPS13 Developer Edition is to filter by OS and choose Linux; otherwise you’ll only be able to see the XPS13 with Windows. Way to make Linux feel like a second-class citizen!

When narrowing down my final ultrabook options a Dell chat representative popped up, so I asked some questions about the 21 day return policy. The rep’s answers were good enough to convince me to try the Dell out, but he quoted me a system with an Atheros AR9462 a/b/g/n Bluetooth 4.0 network card instead of the Intel® Dual Band Wireless-AC 7260 + Bluetooth 4.0 quoted on the website. He assured me that this was an upgrade, but in hindsight I think there’s a reason the Atheros was cheaper. Many reports online of Dell Support exchanging defective Atheros cards for Intel cards.

Finally, the rep asked me for my credit card info via chat; which, according to my tests, was not encrypted via HTTPS. My warning bells rang all over the place; that can’t be acceptable business/security practice. Finally, my billing address is different than my shipping address, but the quote I received via email didn’t reflect this; I asked about it and the rep assured me my correct shipping address was entered correctly. The order also said it’d take two solid months to ship, but the rep assured me he’d expedite the order and I’d get it much sooner. He finally called me to complete the order (cell phones are more encrypted than HTTP, I guess) but the whole affair felt very shoddy, and my gut was telling me something would go wrong.

A few weeks later (hey, fast!) I got a Fedex tracking number and sure enough it had the destination of my billing address, not my shipping address. Great, so much for promises. Good thing I can forward stuff between addresses without too much pain. None of the rep’s other promised communications happened, just the chat, invoice, and tracking number. Oh well. All’s well that ends well I guess, except I can’t shake the feeling that I’d have been better off trusting my gut and ordering from the website instead of via a representative, and I can imagine some horror scenarios where everything didn’t turn out fine. Definitely go with the website instead.

Update: looks like I saved a few hundred dollars because the Dell rep ordered me an XPS without a touchscreen; so while all the options on the website are expensive models with touchscreens, mine isn’t. Can’t complain, I’m not big on the idea of touchscreen laptops anyway (especially in Linux.)

Update update: looks like I actually got sold the prior-year’s model for a few hundred bucks off. Shitty bait-and-switch, but then again I’m happy with the end result? QUIT PULLING MY HEARTSTRINGS, DELL.

Unboxing

I was worried at first because the shipping box was pretty beat up from its two trips, but the actual product box was unscratched and very sleek. Apple-inspired plastic wrapping around the laptop itself, fabric scratch-resistant sheets, recycled paperboard, etc. Continue reading →

I just got a message on the HeatSync Labs Facebook account asking about how we started; figured I’d post it here since it’s a common (and necessary) question:

What was the goal when Heatsync was still in its building phase?

To create a place that removes obstacles to people making things; to support a community of creators in Arizona and improve the area; to provide resources to the public, since many of us had just graduated from college and didn’t have those resources anymore.

Can you describe how the Workspace came to be? in terms of development, funding, spreading the word, and so on

First, the founders went around to other similar places to see what worked and what didn’t work about those locations; chatting with other founders and learning from them. Then they went around to local meetups to find others who might be interested in using such a space, or helping somehow. Finally we started meeting up in freely accessible areas before we grew to the point where we outstayed our welcome and needed our own dedicated space. Continue reading →

I decided I wanted to make 120 volt AC things get switched on and off via a 24 volt DC signal — so I bought a nice 10amp, 240volt relay at the local Circuit Specialists electronic store and started wiring stuff up as best to code as I know how. (Every time I see this kind of project online, there’s nothing but comments about how the featured project is totally unsafe… with very little in the way of recommendations on what “acceptably safe” would look like. So please, if you comment, do so by providing reference to alternatives that you’d find acceptably safe.)

First, I figured out which contacts on the relay go to which terminals on the relay socket. A multimeter and 24vdc bench power supply helped a bunch with this.

The first major issue was that this wiring scheme required 120vac power line to be on the same side as the 24vdc signal line — I had hoped to keep them separated on opposite sides, but that’s not how the socket was wired.

Continue reading →

The Phoenix-area collab spaces have their own Movember this year, in which we have a mustache/beard grow-off for charity! Continue reading →

Someone shared with me an article from the Forbes blog The Apothecary (link here: http://is.gd/5rTNEa — not a direct link because I don’t want to support the guy’s PageRank) which claims “Obamacare Will Increase Health Spending By $7,450 For A Typical Family of Four.” There was some debate about whether it’s misleading or not, so I checked it out.

The headline is misleading; “over 8 years” is a significant detail they conveniently omitted to generate clicks. The article projects an increase of $700-900 per year “average health spending for a family of 4.” But that’s a lie too. Well not technically, but practically speaking they’re lying. Here’s what the lie looks like, using the same data the author sourced in the article:

Truth: National Health Spending will increase by $62 billion per year MORE under the ACA than otherwise; in 2012, National Health Spending will be $5 trillion instead of $4.94 trillion.
–>
Lie: “ObamaCare will boost health spending by ‘roughly $621 billion'” (Yeah, that’s OVER TEN YEARS; $62b per year when we’re currently at about ~$3 trillion is way less scary than “600 billion!!1”) Continue reading →

So you’re trying to get some random program to work when you run exec() or shell_exec() via PHP in Windows; it works when you run it from the command line, but not when you run the same exact script via the web. Maybe it even returns an elusive 255 retval error code.

The first thing you should do is check file/folder permissions, and use utility commands like whoami, dir, and path to make sure things are sane. Also check if any settings (like cd, or set VARIABLE) are staying across multiple commands; usually they don’t, and you need to string them together && like && this or put them all in a batch file. But if all that doesn’t work, try this.

The last bit of environment to check when running something in Windows is, well, ALL THE ENVIRONMENT VARIABLES. There’s a lot of them. You can see them by running:
set
and likewise change them with:
set VARIABLE=value
In order to get my script working, I had to run set via the command line from the user I wanted it to run as (usually your WWW or Inet user) — after testing that the command actually worked from the command line, of course. Then I ran shell_exec(“set”) via the web and compared the outputs. There were a few missing or different environment variables, like HOMEPATH, TEMP, and APPDATA. Once I made them all match (a batch script helped for some reason) it worked like a charm.

The heat killed the 3.5mm line-in port on my car, it wouldn’t sense the cord being plugged in and I had to pull it to one side to get it to work. Fortunately you can pull off the cover and pull out the plug from the front without tearing apart the whole dash. Then I soldered a wire between the sensor pins so it’s always “on” (and I just switch audio sources with the buttons on the nav screen.)

Continue reading →

I now have a great script workflow that:

All the diagrams I found online sucked, so I quickly drew a slightly better one. Hosted here for posterity.

Apparently the kerfluffle du jour is about meritocracy in the tech industry. I first stumbled across some tweets about “meritocracy” and then clicked back to an article written earlier today; I’m no expert on this debate but I did have one observation to make.

When I hear about meritocracy in the tech industry, or that a certain open source project is “meritocratic”, or that “the internet allows a pure meritocracy,” I think of a philosophy that is quite different from actual meritocracy as defined by pretty much every resource I can find.

Meritocracy in The Real World seems to revolve around evaluating the merit of a person. Someone with education, experience, intelligence. Power is given to meritous people.

I don’t think this is what technologists are dreaming of when they talk about creating a meritocracy. After all, you don’t need the Internet to filter people by their credentials or merits. Western society is already stratified by education, and it’s been illegal to discriminate based on race or gender since before I was born. Traditional meritocracy is nothing new. Continue reading →

Are you a business owner or accountant who does a bunch of business via PayPal? I am, and I hate figuring out how to account for PayPal fees in QuickBooks by hand. I asked a fellow HeatSync Labs member, Mark from Hypoxic, what he does and he has this script to automatically separate out the fees into expense accounts. Check it out, send your feedback! https://gist.github.com/zyphlar/3870881

So let’s say you have a crazy client who needs some crazy front-end stuff because you’re not able to touch the back-end stuff! You need to save people’s form fields across reloads, etc. Cookies to the rescue! https://gist.github.com/zyphlar/3831934

So I spent ~20 hours of time isolating and working around an old, as-yet-unfixed openssl bug in Ubuntu 12.04. When using this code to connect to an HTTPS/SSL/TLS1.0 SOAP server:

ini_set( "soap.wsdl_cache_enabled", "0" );
$objSoapClient = new SoapClient(
'https://EXAMPLE.COM/EXAMPLEWSDLPATH',
array ( "encoding"=>"ISO-8859-1",
"trace"=>1,
"exceptions"=>0,
"connection_timeout"=>2000 ));

You get the following errors: Continue reading →

Ever wanted to make a twitter sign? Of course you have. I do too, so I made one! My goal was to have minimal hardware so that the sign can easily be mounted anywhere, so I used a Linksprite WiFi DiamondBack Arduino to connect wirelessly to the Internet and control the sign.

But first, how to get the Arduino talking to the sign? The sign communicates with a standard serial cable (DE-9 RS232) which the Arduino SoftwareSerial library can talk to pretty easily. What data does it need, though? Sending straight ASCII characters to it didn’t do anything, so some digging was necessary.

Continue reading →

Got an IP webcam but need to show it on your website? Cheap cameras frequently have crappy interfaces or login requirements. Using CURL and PHP, you can work around a number of issues while also hiding the username/password/port your webcam is actually on.

With a bit more work, you could even cache responses to provide better performance. This is next on my todo list, but contributions are welcome. Check out the Github repository for downloads and additional files!

Also see my img2mpg code and quick n dirty signage for other related scripts.

I’ve got a tiny cheap computer from Alix that I’m trying to set up as a digital display. The trick was getting it to open Chrome on startup, and setting the screen resolution correctly on widescreen TVs that apparently don’t report their preferred resolutions like monitors do.

Here’s a script to open Chrome:
Continue reading →

I needed a quick way to check how many calls were going to voicemail versus being dropped or answered, since the CDR in my version of FreePBX doesn’t show such detail. Might be useful for other logfile parsing (with regex!).

Here’s the code: https://gist.github.com/zyphlar/2994842

So you might have heard about the LinkedIn password hack the other day. Maybe you’ve changed your password, anywhere that your LinkedIn password was used! Good. Us admins still have to worry, though. Here’s why:

The vast, vast majority of passwords especially for social media will be 6-8 characters. If you read the news, you’ll see them claiming 60% of the 6 million passwords dumped have been cracked already, just a few days later. What does that mean for our security and choosing good passwords?

Well, by comparison, I would guess that any 9-character password that’s been cracked at this point is likely using common English words with low complexity. Why would I make a distinction between 8-character and 9-character passwords?

Because of the math. Assuming everyone had a totally-random password of uppercase, lowercase, and a number, being cracked at a pretty-normal rate of 1.4 million guesses per second, you get:
Continue reading →

Do you have (or want) an IP camera that uploads video to an FTP server, but frustrated because all IP cameras seem to do is upload still frame JPEGs? Frustrate no more! I have written a Linux shell/bash script that timestamps and video-fies these images into video for your consumption.

Behold: https://gist.github.com/zyphlar/2629626

Shadow copies and VSS writers are pains in the ass. Sometimes you’ll try to shutdown Windows and it’ll freeze for hours stuck at the “Windows is shutting down” screen because it can’t shut down the VSS shadow copy providers are also hung.

To get around this, I’ll usually shut down those servers with the ‘shutdown /p /f’ command. This force option seems to do the job nicely.

When I set up a new website, I like to put a basic welcome page in the public_html folder to test that it’s working and look halfway decent. Here’s what I use. It just echoes the hostname from PHP, thus providing feedback that both Apache and PHP are working (along with DNS, hopefully)

Code: https://gist.github.com/zyphlar/2606742