We need more troubleshooters for 31c3 (and other big chaos events as well)

Posted by felicitus on January 2, 2014 2 comments

This is a small personal review of the 30c3. I realized that the congress (and other big chaos events as well) need more troubleshooters – that is, angels that take responsibility for minor problems and willing to solve them.

Update: jz pointed out that your troubleshooter for all concerns is heaven (DECT 1023), even for minor tasks. So this blog post is mostly obsolete, but kept as-is for reference. However, you (as an angel) still may want to take responsibility to call heaven when you spot a problem which you can’t solve.

While I was not able to attend the congress as I had planned to due to a cold, I did 4 hours of NOC Helpdesk as well as other minor tasks. During that, here is a small list of items which occurred:

(unconfirmed) It appeared that some switches (if not all) had ports 1-4 reserved for NAT64, which was not labeled on the switches themselves.
The NOC Helpdesk did not have enough seating for the 4 angels assigned to the NOC helpdesk shifts
The NOC Helpdesk didn’t have pens, paper and a list of contacts to call (like the NOC itself). This was partially solved
Each Colo Server should have a set of contact information (name, DECT/GSM number, departure date, IP address). People put the labels onto by themselves with missing information, until we realized that a printed form would be a better idea (that also decreased setup time for each Colo server)
People were going up to the Colo by themselves, without being aware of that they need to report to the NOC helpdesk prior putting their servers up (solved by putting up some signs which said something like “YOU SHOULDN’T BE HERE, REPORT TO THE NOC HELPDESK”)
At least one person reported that the WIFI access data should be put up as signs all over the congress (aka you can use any Username/Password combination and which WiFi does what), especially as the wiki was down (was not solved AFAIR, but couldn’t solve it myself due to the cold)
A local wiki mirror should have been put up, as it was down several times

All those items listed required that some angel stepped up and took care of it (=responsibility).

This might also go wrong in some cases; in my case, I opened the door for the NOC to the Colo with some lockpicking tricks (the person with the key to the colo was asleep) and I was “caught” by a security angel. I tried to explain the situation, however, even saying that this was for the NOC and he should call the NOC to resolve the issue was ignored. Yes, I probably shouldn’t have opened the door and instead calling somebody, but that wasn’t obvious to me in that situation. So yes, taking responsibility for things sometimes goes horribly wrong and you might end up with wrong decisions.

But again, we need more angels who not only do what they’re told to do, but who do take responsibility and willing to resolve problems (or do improvements) as they appear. After the congress experience (and, of course, the OHM2013 experience where I acted as emergency toilet cleaner/soap/toilet paper refiller), I really feel that there’s a big need for angel problem solvers – maybe not only within their shifts, but in general. This will make the congress more enjoyable for everyone.

Probably there should be a team of “troubleshooters”, which takes care of any “interdisciplinary” issues occurring. That team should also be walking around and ask angels doing shifts what could be improved – because often, angels can’t leave their posts to solve those issues.

30c3 Quick VPN setup

Posted by felicitus on December 24, 2013 No comments

The CongressChecklist mentions that a VPN tunnel is a good idea; in fact it is. Here’s a basic OpenVPN recipe. You need the following tools:

A server with enough bandwidth to handle the incoming and outgoing bandwidth (I’ve got a root server with 1Gbit/s connectivity at Hetzer, that should do)
OpenVPN

The recipe is fairly simple; I use a preshared secret and NAT so that I don’t need a separate IP.

Note: This setup is only suitable for a single device; it doesn’t do DHCP or other fancy stuff.

Step 1: Generate the shared secret

# openvpn --genkey --secret /path/to/your/secret/key

1	# openvpn --genkey --secret /path/to/your/secret/key

This generates a key to be used as shared secret. You need the same key on both your server and your client(s). Personally, I’ve placed my key in /etc/openvpn/secrets, but you may use any other path as well (AFAIK).

Step 2: Server Configuration

mode p2p

# lport and rport: You may choose any port here, make sure that they
# match up. If you aren't sure, pick the same port for lport and rport.
lport 1195
rport 1195

# Set the maximum MTU for the tunnel. 1380 works fine for me, but YMMV
tun-mtu 1300

proto udp
dev-type tun 

# dev: I've named a custom device, so that I know exactly which tunnel
# does what (instead of tun0, tun1, tun2 devices)
dev feli-dialin
comp-lzo

# secret: This is the path of the OpenVPN key you generated in Step 1
secret /etc/openvpn/secrets/feli-dialin.key

persist-key
persist-tun

# status: The status file for the tunnel
status /var/log/openvpn/feli-dialin-status.log

# log-append: The logfile for the tunnel
log-append /var/log/openvpn/feli-dialin.log

verb 3

# ifconfig: The IPs used for _inside_ of the tunnel. Note that this
# statement has _flipped_ IP addresses for the client. The .1 is the
# server, the .2 is the client
ifconfig 192.168.1.1 192.168.1.2

# local: This is the server IP
local 1.2.3.4

# float: Indicate that the client has a changing/dynamic IP address
float

keepalive 10 60

# The following push did not work without specifying redirect-gateway def1
# on my client, not sure why, but I left it in anyways
push "redirect-gateway def1"

# Not sure if the following push directive works or is needed; I left it
# in anyways
push "dhcp-option DNS 8.8.8.8"

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

mode p2p

# lport and rport: You may choose any port here, make sure that they

# match up. If you aren't sure, pick the same port for lport and rport.

lport 1195

rport 1195

# Set the maximum MTU for the tunnel. 1380 works fine for me, but YMMV

tun-mtu 1300

proto udp

dev-type tun

# dev: I've named a custom device, so that I know exactly which tunnel

# does what (instead of tun0, tun1, tun2 devices)

dev feli-dialin

comp-lzo

# secret: This is the path of the OpenVPN key you generated in Step 1

secret /etc/openvpn/secrets/feli-dialin.key

persist-key

persist-tun

# status: The status file for the tunnel

status /var/log/openvpn/feli-dialin-status.log

# log-append: The logfile for the tunnel

log-append /var/log/openvpn/feli-dialin.log

verb 3

# ifconfig: The IPs used for _inside_ of the tunnel. Note that this

# statement has _flipped_ IP addresses for the client. The .1 is the

# server, the .2 is the client

ifconfig 192.168.1.1 192.168.1.2

# local: This is the server IP

local 1.2.3.4

# float: Indicate that the client has a changing/dynamic IP address

float

keepalive 10 60

# The following push did not work without specifying redirect-gateway def1

# on my client, not sure why, but I left it in anyways

push "redirect-gateway def1"

# Not sure if the following push directive works or is needed; I left it

# in anyways

push "dhcp-option DNS 8.8.8.8"

Additionally, we need a NAT rule which applies to the tunnel network (technically, the netmask is too big; but hey, you can fix that later). eth1 is my output interface.

iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth1 -j MASQUERADE

1	iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth1 -j MASQUERADE

Step 3: Client Config

mode p2p
lport 1195
rport 1195

# Set the maximum MTU for the tunnel. 1380 works fine for me, but YMMV
tun-mtu 1300

proto udp
dev-type tun
dev feli-dialin
comp-lzo
secret /etc/openvpn/secrets/feli-dialin.key
persist-key
persist-tun
status /var/log/openvpn/feli-dialin-status.log
log-append /var/log/openvpn/feli-dialin.log
verb 3

# ifconfig: Note the swapped IP addresses.
ifconfig 192.168.1.2 192.168.1.1

# The server address
remote 1.2.3.4

float
keepalive 10 60

# Makes OpenVPN to inject a rule for you so that OpenVPN still uses your
# default gateway, but any other traffic is going through the tunnel.
redirect-gateway def1

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

mode p2p

lport 1195

rport 1195

# Set the maximum MTU for the tunnel. 1380 works fine for me, but YMMV

tun-mtu 1300

proto udp

dev-type tun

dev feli-dialin

comp-lzo

secret /etc/openvpn/secrets/feli-dialin.key

persist-key

persist-tun

status /var/log/openvpn/feli-dialin-status.log

log-append /var/log/openvpn/feli-dialin.log

verb 3

# ifconfig: Note the swapped IP addresses.

ifconfig 192.168.1.2 192.168.1.1

# The server address

remote 1.2.3.4

float

keepalive 10 60

# Makes OpenVPN to inject a rule for you so that OpenVPN still uses your

# default gateway, but any other traffic is going through the tunnel.

redirect-gateway def1

Step 4: Testing

Start both tunnels. Check the output of both logs; you should see something like this:

Tue Dec 24 18:04:57 2013 Initialization Sequence Completed

1	Tue Dec 24 18:04:57 2013 Initialization Sequence Completed

Test that you can ping the server’s internal IP from your client:

# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=54.8 ms

1

2

3

# ping 192.168.1.1

PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.

64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=54.8 ms

Verify that you can ping the interwebz:

# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=47 time=62.4 ms

1

2

3

# ping 8.8.8.8

PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.

64 bytes from 8.8.8.8: icmp_seq=1 ttl=47 time=62.4 ms

Verify that you actually route via the tunnel:

# traceroute 8.8.8.8 -n
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  192.168.1.1  54.666 ms  57.560 ms  61.383 ms
 2  1.2.3.4  65.179 ms  69.334 ms  74.880 ms
 3  1.2.3.5  77.190 ms  83.027 ms  84.948 ms
etc

1

2

3

4

5

6

# traceroute 8.8.8.8 -n

traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets

1 192.168.1.1 54.666 ms 57.560 ms 61.383 ms

2 1.2.3.4 65.179 ms 69.334 ms 74.880 ms

3 1.2.3.5 77.190 ms 83.027 ms 84.948 ms

etc

Possible solutions for non-working setups (I’ve not tested them and I am not 100% sure that you need those; they’re just ideas)

Check that /proc/sys/net/ipv4/ip_forward on your server is set to 1. On the client, this shouldn’t be necessary.
Check that /proc/sys/net/ipv4/conf/all/rp_filter is set to 0 on your server.

Step 5: IPv6 Tunneling

You can tunnel IPv6 over OpenVPN as well, but I have neither setup nor tested this. Technically, you could simply use two static IPv6 addresses and route them via the tunnel; however, this requires additional works with routing tables. You could even setup NAT, but that’s not a good idea either.

A better idea might be to use a tunnel broker or miredo, which should simply use the IPv4 tunnel. If you have comments about how to easily setup IPv6 over the tunnel, feel free to comment!

Updates:

The MTU was still too big, 1380 didn’t work (yet?) on the congress network. Using 1300 for now
I couldn’t get DNS push to work, probably because clients don’t use DHCP for now – I simply created a script which pushes my own nameserver into /etc/resolv.conf

IP Power Strip “Reverse Engineering”

Posted by felicitus on December 17, 2013 No comments

Wöhlke Websteckdose
Image © Wöhlke EDV-Beratung

I recently came across an IP controllable power strip from Wöhlke, which looked quite neat, however, it was way too expensive. They want 199€ for 3 controllable sockets. Reichelt has an IP controllable power strip for only 70€, and there you have 4 sockets including nice LEDs. The one from Reichelt also looks more like a custom designed product, while the Wöhlke one looked more like a product “mashup” (which isn’t a bad idea at all). They even sell a separate board, so my interest was increasing.

I’ve been looking for a nice power strip which I could re-cable for quite some time, but most power strips are designed down to a price, so they do whatever they can to keep it cheap. That’s also the reason why you’ll find so many power strips in a 45° angle – they’re much cheaper to produce.

A cracked open cheap power strip

I’ve cracked a cheap power strip open (literally – most cheap power strips don’t have screws, because they’re bolted down or only clipped together). You can clearly see how the (presumably) copper strips are arranged. If you’d have 90° outlets, you’d have to pay lots more for the copper strips, because they have to be routed in some sort so that they don’t short out.

I realized that the power strip Wöhlke used must be much simpler to modify, so I did a quite long search for power strips and I finally came across a manufacturer where the power strip looks pretty much identical to what Wöhlke uses: the Bachmann Craftsman Power Strip.

The Bachmann Craftsman Power Strip
Image © Bachmann

I decided I’d give it a shot, mainly because of curiousity, and ordered the strip. It isn’t a cheap power strip; it costs 19,98€ on Amazon, whereas most cheap 6 port power strips come in the 3-6€ range. When the strip arrived, I realized that I was absolutely right: You can easily open the strip using 4 screws (2 on each side) and an additional one for the cover. They also use some kind of copper strips, which happen to be about 6mm – great for 6,3mm cable lugs. Now it’s easy to understand how Wöhlke (probably) did it – cut the copper bars, and put cable lugs onto there which are fed into their custom board. The case isn’t aluminium, but plastic, but that’s completely okay for the price IMHO.

That’s a real nice base for own projects, and you can even get 9 or 12 port ones, and the 12 port is only 36€ – quite a nice price! Of course, you’d have to rip out 2 or 3 plugs to make space for electronics and take care on how you cover the holes, but the problematic part is solved: Getting a base for any power control projects.

More Pics below!

SolarWind currently out of order

Posted by felicitus on October 9, 2013 No comments

A few weeks ago, SolarWind became pretty unstable. This mainly has 2 reasons:

The router draws too much power (I planned to upgrade to Carambola2, but haven’t gotten the time yet), thus it becomes unreachable in the night. This was expected.
It doesn’t connect to my home WiFi network anymore, which I’m unable to debug due to lack of the serial interface – I’m using the serial to communicate with the power measurement board

This means that there’s no data. I hope that I can free some money to buy a larger panel and finish the Carambola2 upgrade. In the meantime no data is available – sorry!

SolarWind OHM2013 slides

Posted by felicitus on August 3, 2013 No comments

Here are the slides for my talk at OHM2013: Solar Powered Autonomous Routers @ OHM2013

SolarWind updates: MPPT, Carambola2

Posted by felicitus on July 18, 2013 1 comment

During the past month, I mainly concentrated on combining my CurrentMonitor with a DIY MPPT charge controller. Work is done at the CurrentMonitor repository.

My design goals for the MPPT charge controller are:

10A (sufficient to cover 250W panels)
MPPT charge controller acts as an I²C slave
- It can be configured via I²C
- Values like power consumption or power harvested can be queried via I²C as well
- The MPPT doesn’t have a user interface or LCD by default
Uses APR/ATC/ATO blade fuses instead of solar fuses due to the reduced cost (and regular glass fuse holders only are widely available up to 6.3A)
+12V Output can be disconnected via software
Additional +3.3V 800mA output which also can be disconnected via software

Below is a picture of the prototype, which is likely to heavily change.

DIY Directional WiFi Antenna + Tests

Posted by felicitus on May 28, 2013 No comments

IMG_20130528_195107 Yesterday I stumbled over the IKEA Baren Toilet Brush – yes, I do keep an eye on toilet brush holders since nazco and myself are planning a directional WiFi link. The box said 10cm diameter, which is a bit too much according to this heise.de article, however, once I arrived at RaumZeitLabor I was surprised that it is “only” 92mm in diameter – the optimal size.

The setup consisted of a TL-WR741ND on our balcony as well as an external Logilink WiFi adaptor which I used to measure stuff along my 2 hour trip.

Test Point 1

The TL-WR741ND sat on our balcony, approx 8m above ground level. It was equipped with the stock stub antenna. All tests were done using an external USB WiFi stick (Logilink, unknown model, rt73usb driver). For all test locations, I did the test with the stock stub antenna and my directional antenna.

I’ve used iperf to measure the throughput (iperf server on the TL-WR741ND, and iperf client on my notebook). I could have done send/receive stats, but at first I thought that it wouldn’t work so well if I had only one directional antenna – I was wrong! Performance was much better than expected, even at over half a kilometer I had nearly the same performance using only one directional antenna as I had when I was at home).

Test Point 3

Big Win: With only one directional antenna, I was able to achieve 18.3 Mbit/s over half a kilometer with a non-optimal line of sight, which is only 4 Mbit/s less than placing both antennas next to each other.

You can find my measurements in the following file: Messwerte.ods (20kb or so)

Additionally, I have visualized the test points on Google Maps.

Note that performance is sometimes less because of trees in the line of sight, and the antenna isn’t constructed in an optimal way. Additionally, my hand is a bit shaky, so there’s room for some additional percent of performance.

Test Point 4

Test Point 6

Autonomous WLAN Router Experiment: Part 3 – Up and Running

Posted by felicitus on May 1, 2013 2 comments

After hacking the software for the CurrentMonitor, I finalized the case as well as the wiring. I’ve built a frame which holds the solar cell at 33°. I might need to move the cell to get the best performance, but I already got 300mA out of it when the sky was cloudy. I’m curious which performance I’ll get on a sunny day.

I also held a talk at RaumZeitLabor (Slides) and I implemented a cosm feed to publish all data of the cell. If you have questions, contact me.

Autonomous WLAN Router Experiment: Part 2

Posted by felicitus on May 1, 2013 No comments

I’ve bought some hardware in order to build up the experiment:

One monocrystalline 20Wp solar cell (25€)
A solar charge controller (15€)

I’ve also built a current/voltage monitoring board, which allows monitoring of the power generated by the solar cell as well as power drawn by the peripherials. Because it also monitors voltage, we can make assumptions of the battery charge status. It uses two INA138 current shunt monitors, together with two 0.1Ω 0.5W 1% precision shunt resistors and a ATMEGA168 (no low power, that’s the one I got at hand). The power monitoring circuit draws less than 10mA at 5V. I have to measure the exact power consumption, I only recall that the bench PSU was showing 0.00A and my Fluke 27 did show something like 5mA, but I haven’t written down the exact numbers.

So much cool things and then: kaboom! I accidently connected the step-down converter backwards (12V to the output and the 5V router to the input), which delivered 12V straight to the router, which then refused to work. As I couldn’t find any fuse on the router, I assume it is totally bricked and I’ll most likely go with a Carambola2 board, which also requires only 0.5W power.

In the meanwhile, I’ll use a carambola board which uses 1.5W power, but that should be okay until my Carambola2 board arrives.

The current monitoring board can be found at https://github.com/felicitus/CurrentMonitor

Symfony2, Assetic, Twitter Bootstrap + Bootswatch

Posted by felicitus on April 11, 2013 1 comment

This is a quick’n’dirty guide for newcomers to symfony’s assetic and twitter bootstrap in conjunction with bootswatch. This is not a complete guide and reflects my own opinion only.

Quick terms:

Assetic is automated asset management and compilation, in this example it’s used to compile less files
less is used to compile a templateish CSS language into real CSS files your browser understands
Your advantages:
- Easy color changes
- One command to update your css
First, install nodejs.
Configure bootstrap and jquery packages:

    "repositories": [
        {
            "type": "package",
            "package": {
                "name": "jquery/jquery",
                "version": "1.9.1",
                "dist": {
                    "url": "http://code.jquery.com/jquery-1.9.1.js",
                    "type": "file"
                }
            }
        }
    ],
    "require": {
        "twitter/bootstrap": "2.3.*",
        "jquery/jquery": "1.9.*"
    },

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

"repositories": [

{

"type": "package",

"package": {

"name": "jquery/jquery",

"version": "1.9.1",

"dist": {

"url": "http://code.jquery.com/jquery-1.9.1.js",

"type": "file"

}

],

"require": {

"twitter/bootstrap": "2.3.*",

"jquery/jquery": "1.9.*"

},

Add the following block to your config.yml and change the paths as explained in the comments.

# Assetic Configuration
assetic:
    debug:          %kernel.debug%
    use_controller: false
    bundles:        [ ]
    filters:
        cssrewrite: ~
        less:
            # Change this to the path of your local nodejs binary. That's for debian sid; often it's /usr/bin/node or similar.
            node: /usr/bin/nodejs
            # Make sure you have installed npm, the node package manager. Then, issue either
            # npm install --global less (for installing less globally)
            # -or-
            # npm install less  (for installing it in your home directory)
            #
            # The npm installer will report where it has installed the module; in my case, it reported:
            # less@1.3.3 /usr/local/lib/node_modules/less
            # Add the path excluding the less module to the node_paths:
            node_paths: [ /usr/local/lib/node_modules/ ]
            apply_to:   "\.less$"
    assets:
        bootstrap_css:
            inputs:
                # This is a custom build file which works together with bootswatch.
                # Note that all files you specify here are processed one after each other,
                # so you can't simply add twitter's bootstrap.less and your local variables.less here.
                # You can choose whatever directory you wish, and name it whatever you wish.
                - %kernel.root_dir%/../src/PartKeepr/SaaSBundle/Resources/less/build.less
            filters:
                - less
                - cssrewrite
                # This is the output file which you'll have to include using asset('css/bootstrap.css') in your template.
                # You can generate the CSS file by using the assetic:dump sf2 command (php app/console assetic:dump)
            output: css/bootstrap.css
        bootstrap_js:
            inputs:
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-transition.js
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-alert.js
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-button.js
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-carousel.js
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-collapse.js
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-dropdown.js
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-modal.js
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-tooltip.js
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-popover.js
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-scrollspy.js
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-tab.js
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-typeahead.js
                - %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-affix.js
            output: js/bootstrap.js
        jquery:
            inputs:
                - %kernel.root_dir%/../vendor/jquery/jquery/jquery-1.9.1.js
            output: js/jquery.js

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

# Assetic Configuration

assetic:

debug: %kernel.debug%

use_controller: false

bundles: [ ]

filters:

cssrewrite: ~

less:

# Change this to the path of your local nodejs binary. That's for debian sid; often it's /usr/bin/node or similar.

node: /usr/bin/nodejs

# Make sure you have installed npm, the node package manager. Then, issue either

# npm install --global less (for installing less globally)

# -or-

# npm install less (for installing it in your home directory)

#

# The npm installer will report where it has installed the module; in my case, it reported:

# less@1.3.3 /usr/local/lib/node_modules/less

# Add the path excluding the less module to the node_paths:

node_paths: [ /usr/local/lib/node_modules/ ]

apply_to: "\.less$"

assets:

bootstrap_css:

inputs:

# This is a custom build file which works together with bootswatch.

# Note that all files you specify here are processed one after each other,

# so you can't simply add twitter's bootstrap.less and your local variables.less here.

# You can choose whatever directory you wish, and name it whatever you wish.

- %kernel.root_dir%/../src/PartKeepr/SaaSBundle/Resources/less/build.less

filters:

- less

- cssrewrite

# This is the output file which you'll have to include using asset('css/bootstrap.css') in your template.

# You can generate the CSS file by using the assetic:dump sf2 command (php app/console assetic:dump)

output: css/bootstrap.css

bootstrap_js:

inputs:

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-transition.js

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-alert.js

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-button.js

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-carousel.js

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-collapse.js

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-dropdown.js

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-modal.js

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-tooltip.js

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-popover.js

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-scrollspy.js

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-tab.js

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-typeahead.js

- %kernel.root_dir%/../vendor/twitter/bootstrap/js/bootstrap-affix.js

output: js/bootstrap.js

jquery:

inputs:

- %kernel.root_dir%/../vendor/jquery/jquery/jquery-1.9.1.js

output: js/jquery.js

Create a new build.less file and add the following stuff:

// Change this to whatever path your bootstrap.less file is in; if you've followed the composer.json changes, you shouldn't need to change that.
@import "../../../../../vendor/twitter/bootstrap/less/bootstrap.less";
@import "variables.less";
@import "bootswatch.less";

1

2

3

4

// Change this to whatever path your bootstrap.less file is in; if you've followed the composer.json changes, you shouldn't need to change that.

@import "../../../../../vendor/twitter/bootstrap/less/bootstrap.less";

@import "variables.less";

@import "bootswatch.less";

Choose your favourite theme at bootswatch.com and download both .less files per theme. Place them alongside in the same directory where you placed your build.less file.

Now you can run app/console assetic:dump to compile the less file into a css file, which you then can include using the usual twig fragment:

<link href="{{ asset('css/bootstrap.css') }}" rel="stylesheet" type="text/css" media="all"/>

1	<link href="{{ asset('css/bootstrap.css') }}" rel="stylesheet" type="text/css" media="all"/>

That’s it. If you’re getting any errors, I’m sorry: You need to find out yourself what’s going on. I’ve spend 3 hours to get the initial setup running. Guides I’ve followed or files I’ve looked at:

http://bootstrap.braincrafted.com/getting-started (I’m not using the bootstrap bundle, as I don’t currently see the need for it. This might change as soon as I’m using KnpPaginator, KnpMenu and symfony forms. I just left the bundle out because I had trouble getting it to work, the reason was that my nodejs setup was forked up).
The build scripts for bootswatch
The source for the Assetic Less filter (no, you can’t inject different less imports, hence the build.less encapsulation script above)

Felicitus' Blog

adventures of a hacker

We need more troubleshooters for 31c3 (and other big chaos events as well)

30c3 Quick VPN setup

Step 1: Generate the shared secret

Step 2: Server Configuration

Step 3: Client Config

Step 4: Testing

Step 5: IPv6 Tunneling

Updates:

IP Power Strip “Reverse Engineering”

SolarWind currently out of order

SolarWind OHM2013 slides

SolarWind updates: MPPT, Carambola2

DIY Directional WiFi Antenna + Tests

Autonomous WLAN Router Experiment: Part 3 – Up and Running

Autonomous WLAN Router Experiment: Part 2

Symfony2, Assetic, Twitter Bootstrap + Bootswatch

Donate

Recent Posts

Recent Comments

Archives

Categories

Meta