Saturday, 4 May 2019

AWS - S3 + CloudFront + AWS Certificate Manager = http + https site (or redirect)

To host a static page in an S3 bucket with https you need to use 'Certificate Manager' in the N.Virginia zone or the certs it makes will not be detected/usable in cloudfront

While the certs are being generated/validated, pop over to the 'S3 Management Console' and make a bucket that has the same name as the domain you want to host the site/redirect on. Once the bucket generates go to the properties tab of the bucket and click on the tile labeled 'Static Web Hosting' and enable it by filling out the requested info and clicking save.

Once you have the bucket ready and the certs have been generated/validated, you can then go to the 'CloudFront Management' page. From here click 'create distribution' and then the 'get started' button on the 'web' section.
Select your S3 bucket in the 'Origin Domain Name' box, then select restrict bucket access and then create new identity and name the id as you see fit.
Select 'Yes, Update Bucket Policy', to get the config wizard to sort the needed access to the bucket.
Set Viewer Protocol Policy to 'Redirect HTTP to HTTPS'.
Set Alternate Domain Names (CNAMEs) to match your domain.
Set SSL cert to custom and select your cert generated/issued by Certificate Manager

Ensure 'Custom SSL Client Support' is not set to Legacy Clients Support ..... unless you want a $600/month extra charge on your bill

Set Security Policy to TLSv1.2_2018
click create distribution and then wait for the page to say it is in 'deployed' state

Note: if your pages are not loading or you get a error along the lines of
<Message>Access Denied</Message>
Its most likely that your S3 buckets are not correctly linked up, to check this get the S3 bucket URL from the 'Static website hosting' section of your bucket's properties page and compare it to what is set in the 'CloudFront Management' page for the distribution you created.

Saturday, 27 April 2019

Plex Remote access - Why do you say disabled = error

So this has been bugging me for some time now, but for some reason Plex considers 'Remote Access' being disabled as an error and 'decorates' the remote access menu entry in the settings menu with a red exclamation point eg.

Now, I could understand it showing an error flag there if it was enabled and not able to contacted by the Plex cloud connection test servers, but come on showing it as an error coss its turned off that's just plain wrong

I have searched all over the place to find an article on how to stop this behavior, but all I could find were people having issues with
A> trying to turn on remote access
B> people trying to turn off remote access

So I decided to look into the matter myself, and finally found the file responsible for the colour of the icon, this is at a path like this  ' /usr/local/share/plexmediaserver-plexpass/Resources/Plug-ins-4610c6e8d/WebClient.bundle/Contents/Resources/chunk-2-4a32fe3f94e5216b5ceb-plex-3.95.2-25e2ffd.css '
now this file is compacted, which makes it a pain to read through but using search you can find the icon's html ids in the file, they all begin with 'RemoteAccessStateIcon-' and are all clustered together one after the other in the file

So the 'fix' is to make all the icons 100% transparent by setting their hex codes to ' #00000000 ', thus rendering them invisible on the page

Note 1. If you apply this fix you will have to re-apply it every time you update Plex ... and the path will change, but it should be of the same form.

Note 2. I did also find the .js file responsible for putting the icons there in the first place, but all my attempts at editing that resulted in the webpage not loading, for reference that file is at the path
and again this file has had all the newlines etc stripped out of it, making it hard to understand