Having recently received Hasu’s fantastic HHKB JP Bluetooth Controller, I noticed one irksome thing: the alt and command keys were reversed on the left hand side, and the kana key that I typically remap to right command was reverted.
This is normal: the keyboard targets Windows users primarily, but one thing you lose when upgrading to the Hasu controller are the dip switches that allow changing the role of caps lock, the arrow keys and setting it to macOS mode.
Of course it’s a pretty easy change to fix: you simply need to head over to the TMK Keymap Editor and edit the current layout, then download the hex file and flash it, but I’ve done the work, so I might as well share!
First off, as in other tutorials, you’ll need the DFU/AVR tools installed in OSX. This is accomplished by using Homebrew.
The code to get these installed is as follows:
brew tap osx-cross/avr
brew install avr-libc dfu-programmer
Next up, you’ll need to download the layout hex file that I have compiled here: “mac_version.hex“. If, for whatever reason, you need to go back to the default firmware, I have that compiled as well: default.hex. Remember to unzip these files prior to using them if Safari doesn’t automatically unzip your downloads.
Finally, put the keyboard in DFU mode by pressing the button on the back of the controller, where the dip switches used to reside. You may need to remove the cover to do so, and note that you can use the cover if you have short fingernails.
Once in DFU mode, this one-liner will erase the firmware, load the new hex layout and reset the keyboard so that you can use it once again. Note that I’m assuming your hex file will be in the Downloads folder in your home directory, and I’d also recommend having a spare keyboard handy in case anything goes wrong.
Finally, if your layout is still a bit odd (underscore and pipe not working), you may have set the keyboard to the wrong layout. In Apple OSX this can be done by opening the keyboard section of the settings and changing the keyboard layout. Note that it doesn’t really matter that ANSI is suggested when you hit shift+z, shift+?, but that you select JIS once completed, like so:
This how-to on Windows Salt minions will just scratch the surface of the power behind Salt, and will cover remote execution, installation and management.
Please note: I’m new to Salt, and I’m a recovering Windows syasdamin from the 2000-2013 era. This means I probably have a bunch of out-moded ways of working with Windows.
To this end, this first question would be: why? Active Directory and associated policies do a good job of managing Wintel already. I’ve had luck in the past managing hundreds, thousands of servers, desktops and laptops using the tools Microsoft provides without too much issue, and I’ve heard things only got better since I left for greener pastures.
The easy answer is that many organisations may now find themselves with a combination of Linux and Windows servers, Windows and macOS workstations, coupled with the odd BSD system here and there, Linux desktops and Unix servers.
What Salt allows for is a management platform that covers all of these platforms with a common language that is easy to read and hack away at (YAML) and very extensible using a programming language with a relatively gentle learning curve (Python).
In my case, most things running at home are either running OSX or some version of Linux/BSD, but there are a few of oddball Windows 10 computers doing things Microsoft-based computers do pretty well; gaming, spreadsheets, touchscreen-enabled full-desktops.
The idea of managing Windows computers with Salt came to me pretty late into the journey through the docs, but hit me like a freight-train as these are often the computers that require the most maintenance for me personally, meaning reinstalls, reconfiguration and general “care and feeding”. Having gone down the path of running my own Active Directory at home a few times and finally settling on a couple of Apple “servers”, this seemed like a pretty good work-around that wouldn’t introduce much pain.
The first caveat, however, was that I was unable to get Windows-based Salt minions to be accepted by OSX-based Salt masters. Not the end of the world, but it meant running Docker or a Vagrant box to handle the Windows 10 computers. I ended up simply installing Salt on an Ubuntu-based storage server I already had running that had recently been upgraded to Xenial instead, but I’m most likely going to be revisiting this architecture in the long-term.
Now that we have that out of the way, here’s the general architecture of what I’ll be going over:
The Nitty Gritty – Deploying Salt Minion Services to All of Your Windows Nodes
I’ll come right out and say that I cheated when it came to installing the Minion service on the nodes at home in that I already had Chocolatey installed, and that I simply used the default salt hostname for the master by adding it the the static DNS entries on my DNS server.
This last bit, the part about the DNS server, might be a luxury depending on your install location. I also can’t expect that Chocolatey is installed everywhere, but just quickly, here’s how that scenario works:
Install Salt Master and start the service on a computer in your network
Ensure that there is a DHCP reservation for the IP of this node
Add a DNS entry salt for that DHCP-reserved IP
Install the Salt minions via choco install -y saltminion on the Windows hosts
Accept the keys on the Linux master via salt-key -A
Should you have to go about this a different way, you can point an alias (CNAME) to the hostname in your network, OR add a manual host entry to your nodes (I’ve used Group Policy to do this in the past, with network scripts), or finally, you can simply change the Salt Minion config to point to the new hostname.
As for the deployment of the Salt Minion service and binaries, you could do this over RDP for a few hosts, Group Policy, or via psexec:
This snippet will install the Salt Minion service, configure it to point at `SALTMASTER` (replace this with the hostname you’d prefer) then start the service. Note: as mentioned above, I haven’t tested this myself!
The most up-to-date Salt Minion binaries can be found here: https://docs.saltstack.com/en/latest/topics/installation/windows.html Should the version change, you’ll want to update that one-liner as well.
Accepting the Minions
Assuming you’ve got your minions now sending requests to the Salt master node, you need to approve them.
On the master node running Linux, this can be done like so:
sudo salt-key -A
You’ll be greeted with a list of nodes to be accepted, and you can take a moment to note the names and accept them:
user@ubuntu:/srv/salt# sudo salt-key -A
[sudo] password for user:
The following keys are going to be accepted:
Key for minion WINDOWSGAMES accepted.
Testing the Minions
Now that you have minions installed and working, let’s run a quick test that proves we can run remote commands on them. Note that this is just scratching the surface, and that “push commands” are just one way of working with Salt Stack, you can also have the nodes “pull” from the Salt master on a regular basis.
Sample run command:
sudo salt -G 'os:windows` cmd.run 'dir'
This should give you a directory listing on each of the nodes, like so:
Volume in drive C has no label.
Volume Serial Number is 3FF7-A973
Directory of C:\Windows\system32\config\systemprofile
07/16/2016 04:47 AM <DIR> .
07/16/2016 04:47 AM <DIR> ..
07/16/2016 04:47 AM <DIR> AppData
0 File(s) 0 bytes
3 Dir(s) 66,483,965,952 bytes free
Package Management on the Master Node
You’ve got a few options for package management for Windows Salt minions:
Master-shared packages (WinRepo)
Personally, I’m currently using Chocolatey package management because it’s what I’m used to, but I certainly do still use Cygwin for development purposes from time-to-time since Windows Bash mode has still yet to become commonplace. The third option, however, is probably the most scalable, and more user-friendly.
To get started with Windows repositories on the Linux Salt master, you’ll need to run:
sudo salt-run winrepo.update_git_repos
This means that you now have a repository for Windows packages on the Master node, but also note that these don’t come with binaries – they will fetch and send them as needed. I can see this as both good and bad, in a corporate setting you’ll want to create your own SLS files and point them to known-good sources.
To install a package on all of your Windows remote nodes using the Linux Salt master repository:
sudo salt -G 'os:windows' package.install 'firefox'
Note that if ever you want to specify a specific action for a node in particular, that’s done like so:
sudo salt 'WINDOWSGAMES' pkg.install 'firefox'
I’m trying to follow the “pets vs cattle” paradigm here, though you can also use -G to specify groups of servers/workstations/laptops which can overlap in order to manage things in a more granular approach (bit of a pun here, the G is for Grains).
Useful Commands for Windows Salt Minions
In no particular order, here’s a quick dump of the commands I used during my first weekend managing Salt minions at home running Windows 10.
Show installed applications:
sudo salt -G 'os:windows' pkg.list_pkgs
List current Salt minion keys:
sudo salt-key -L
Delete an old Salt minion key:
sudo salt-key -d WINDOWSGAMES
Check if a service is available:
sudo salt -G 'os:windows' service.available 'salt-minion'
Restart a service:
sudo salt -G 'os:windows' service.restart 'salt-minion'
I had taken quite the hiatus from Windows gaming while I worked on certification, but got a chance to have some quick Overwatch sessions last night, only to have one of the competitive matches interrupted by a popup that took me out of the game (I was able to alt-tab back in) that stated the following: “Updates Are Available. Required Updates need to be downloaded”. If you love overwatch as much as I love to walk my kid in his jogger stroller, I highly recommend checking out this website for Overwatch boost. It has made the game a lot more enjoyable for me.
Now don’t get me wrong, this is normally fine, but when you’re in the middle of something, say a movie, intense game, conference call or presentation, this behaviour is pretty awful.
No fear, however, there’s a fix, though definitely not obvious. Let’s disable the Windows 10 update notification. We’ll be using the cmd.exe tool in order to run the following script found on StackExchange:
cd /d "%Windir%\System32"
takeown /F MusNotification.exe
icacls MusNotification.exe /deny Everyone:(X)
takeown /F MusNotificationUx.exe
icacls MusNotificationUx.exe /deny Everyone:(X)
This essentially denies the system from running the app itself, which will stop the popup.
I’ve really been enjoying the programmable firmware on the Zeal60 keyboard PCB from ZealPC. It’s definitely not all the bells and whistles, this layout gives you 62 keys in total, though you might need a keycap set that supports all of these keys. I’m currently using the Originative Co Modern Beige set, though I hear most (if not all) GMK sets would also accommodate this.
This layout addresses something I sorely needed: the ` and ~ keys (used with Github, Bash and Slack on a daily basis).
In order to accomplish this, I need to edit the keymap.c and config.h files, which allowed me to generate a zeal60_rmac.hex file for use with the QMK flasher tool (Win/Mac/Lin).
In order to follow the Zeal example, I also made a zeal60_keymap_rmac.bat file, which can be used with Windows.
Hope you enjoy this! It took a bit of doing, but was well worth it 🙂
Note that the files in question do a good job of walking you through the mods, making it rather easy. The one caveat was the tilde key being on a different row, as there’s only 13 spots per row, but that’s covered in the comments anyway.
As for the batch file for windows, you can see that it’s really a combination of the config.h and keymap.c files, to a certain extent, so copying and pasting the modified bits did the trick.
After much research, I decided to assemble a keyboard using hand-picked parts.
The goals of this build were a bit lofty, but luckily I prevailed in the end:
Cold-swappable switches in case I change my mind later
Almost silent typing that would be safe for work
Tactile feeling on the keys when typing
The option to use backlighting at night
A small footprint so I could bring the keyboard home for the weekend
The board should be programmable and support multiple layouts
The keyboard should be as flat as possible
There should be no “ping” from the case
There should be no flex in the PCB when installing switches
Keycaps that fit Zealencios properly – Cherry profile thick keycaps
This led me to a few easy decisions: I would go with a ZealPC Zeal60 as it supported SMD LEDs, was programmable via QMK, was 60%. I’d also opt for Zealio 65g switches as they had great tactile response, and were fairly quiet when combined with Zealencios.
What I didn’t see coming was the arrival of the test Aristotle stems (via /r/mechmarket) and a last-minute purchase of JSpacers from The Van Keyboard. These were for two different projects, respectively: Gatistoles and Jailhoused Outemu blues. During those projects I got to wondering if I could mix the results, and sure enough, figured out a way to add JSpacers to Gatistoles. Not satisfied, I ended up trying this same mod in a Zealio housing, and then to seal the deal, put some Zealencios on top. This led to a tactile switch that was very quiet – more so than a typical dome keyboard.
In order to be able to cold-swap switches as with the TeamWolf Zhuque+ and PC Gaming Master Race Mechanical Keyboard, I’d need to sort out a way to replicate the recepticles each of these boards implement. After doing a lot of research into LED sip sockets that might work, I stumbled across a Linus Tech Tips forum post about something called “holtites” which were used for this purpose. A few Reddit searches later I found out that the TE AMP connectors would fit the bill, and made a spur of the moment DigiKey order.
Now that I had the switches and board picked out, I was left with a tough decision regarding the case and plate. Nothing I could find actually had the proper mounting standoffs for the Zeal60 PCB, most were of the “Poker” variety, which were missing top screw standoffs, as well as one lower-left. It looked like I had to compromise, and seeing as most 60% cases seemed to be incredibly similar, I ended up going with a Sentraq aluminum case and plate based on looks alone. I ended up getting a cyan case and plate, as well as purple versions of the same, intending to try and colour match the Zeal60. It later turned out that I preferred the cyan varieties, which you’ll see in the shots.
The Sentraq case with the Zeal60 is not without problems: both cases prohibited me from screwing in the leftmost PCB screw, and both seemed to have the wrong thread on the top left standoff. Nothing altogether impossible to get around, but disconcerting all the same. Furthermore, the fit and finish of the top plate in the case wasn’t great, causing the right side to be less snug than the left. All of this to say: I’m still on the lookout for a case and plate that fit well together, and have not ruled out making my own.
As for the keycaps, I searched all over, asked around and tried a few OEM samples and was not satisfied. I ended up purchasing an Originative Co Modern Beige purple set with kana legends which I am happy with in terms of looks, fit and sound, but am not sure they are fit for work. In other words – I’m still looking for a good set of keycaps. I’ve been told GMK might be the best call for the Aristotle stems, and as soon as I have a sample of them, I’ll report back.
Finally, regarding the LEDs: though I was not at all interested in RGB LEDs (preferring white when possible), I ended up actually really liking the default rainbow profile (fn1+2). This is a bit colourful for most, but as I have them turned off most of the time, the assumption is that I’ll be the only one seeing them.
Download the Atmel flashing utility “FLIP”: http://www.atmel.com/tools/flip.aspx
Grab the most recent Zeal 60 keyboard zip: https://cdn.shopify.com/s/files/1/0490/7329/files/zeal60_v0_3.zip
Unzip the zeal60_v0_3.zip file to your desktop
Install the Driver
Plug in your Zeal60 to your computer via USB
Hit “Windows” and “r” keys together, then type “devmgmt.msc”
Right click the device with the exclamation point next to it
Click “browse for driver”
Navigate to C:\Program Files\FLIP\Drivers
Flashing the Board
Install the driver –
If you’ve not started assembling anything yet, press the golden button between the “A” and “S” pads on the board (if you’ve already assembled it, unplug it and hold the “space” and “esc” keys while plugging in the USB cable)
In FLIP, hit connect to the device, and select “ATMega32U4”
Hit “ctrl” + “U” keys to connect to the Zeal 60 PCB
Hit “ctrl” + “L” to load a file
Select the “default.hex” file in the Zeal 60 folder you extracted to your desktop
On the left-hand window, click “Run”
Once completed, then click “Start Application” in the right window
This tutorial will cover removing Outemu Blue switches from a TeamWolf Zhuque+ and applying the “Jailhouse Mod” – so-named as it stops the mechanical keyboard switches from “clicking” when depressed. What’s great about this mod is that it also retains the tactile feeling of the switch, and slightly increases the force needed to bottom out.
An interesting side effect was that these switches became very quiet! If there’s interest I can also post a video with a comparison of before and after, and compared to Zealios + Zealencios, Gateron Browns, Gateron Browns + Zealencios. Just leave a comment and I’ll see what I can do 🙂
Note that it took about 6 hours to do this for each switch on the board, though admittedly I was watching a movie at the time, and it was New Years Eve. Also be prepared for some eventual pain in your fingers: Outemu switches are a bit hard to pry apart in this fashion, but I’m open to suggestions for easier methods.
A “spudger” – available at Mac repair shops
A 2.5mm size flathead screwdriver
A switch removal tool (or a soldering iron, if the board is not hot-swappable)
It’s been almost 4 years since I’ve rounded up VMs used on a daily basis, so it’s high time I take another kick at the can and make an update list.
My workflows have changed quite a bit over the years, with more focus being on the Windows side of things. That said, I havent stopped using Linux and still have a keen interest in both storage and management, which should be reflected here.
FreeBSD 9 – I’ve made the switch to this as my go-to server OS. The jails functionality and ports collections are amazing! This could run many of the functions listed herein, but at the very least is a great ZFSv28 test box for the uninitiated.
Astaro – I’m still using Astaro after all these years, and Sophos purchasing them has not stopped the love. By far the easiest way to start using Squid, Quagga and OpenVPN.
GNS3 Workbench – I use this for testing Cisco configurations on my way to certification. Load up an IOS image, configure, test away!
Nexenta Community Edition – My ZFS primer was done a few years ago using Nexenta, and it is still the easiest way to get into ZFS, so it deserves the nod. The first time you see the speedometers you’ll be in love.
Solaris 11 11/11 – For newer versions of ZFS, you’re stuck with Solaris 11.11.11. You can download this for free, but won’t be able to get support and updates without a license, so I wouldn’t consider it production-ready.
Bactrack 5 – Time to test your wifi security. I’d recommend plugging an Alfa USB wifi device into ESX, sharing the device with the VM and scanning your access point in order to do quick audits.
Windows Server 2008 R2 – Not free, per se, but a good trial that should be enough to get you going on your road to certification. I use the Core install for DHCP and DNS when Windows integration is important.
Ubuntu LTS – Ubuntu is currently the most popular Linux distribution, can run a wealth of software. Finally took over OpenSuSE as my go-to distribution. The only thing I would mention is that unity does not work so well in ESXi, and if you require the whole desktop experience, you might be better off with Xubuntu or Mint.