OmniFocus 4 Update odyssey

OmniGroup released a new major version of OmniFocus this week. So I upgraded and installed the new app on my Mac. This replaced the old app and didn’t import the old database. But instead relies on the Sync setup I guess.

I thought that wouldn’t be a problem as I’m using their OmniSync server to sync my database between devices. Entered my OmniSync credentials and thought it would just sync. But instead it asked me for a document decryption passphrase … which I didn’t recall.

Browsing through their help document it appears that when they initially introduced the OmniSync service the device used the account passphrase to encrypt the database before transfer to their server. So the database sits encrypted on their servers.

At some point later I had changed my password for the OmniSync service. But the passphrase for the database encryption didn’t change. Unfortunately I don’t remember the old account password and thus can’t decrypt the database after sync.

The app which still syncs to the server also does not show this password. I can reveal the OmniSync account password on the device, but not the encryption password.

Fortunately I still had the old OmniFocus 3 app on my iPhone with a recent copy of my data. The new OmniFocus 4 installs in parallel on the iPhone and has the same syncing issue as the desktop app. The OmniFocus 3 app can’t export its own backup for import into any of the other app instances. So what now?

I ended up turning off the sync on the OmniFocus 3 app on the phone. Then configured a new sync to my own private WebDav server (NextCloud). Idea was, that I’d sync now via WebDAV instead of the OmniSync service.

On the initial setup I entered my NextCloud username and password and clicked on “Sync”. But that gave me an error message. Because I’m using 2FA on NextCloud I first have to create an app-specific password in NextCloud. Did that and went back to OmniFocus 3 on the iPhone. But in the settings there is no fields for username and password. Just the Server URL for WebDAV. I’m starting to curse silently …

Apparently there is no way to change the credentials once you’ve entered them in OmniFocus … Found one blog entry where someone had to reset their OmniFocus database to get to change the credentials. That is what I definitely want to avoid.

Lucky enough I was able to put the credentials directly into the URL as https://username:password@server.url

This finally enabled the WebDAV sync and uploaded my OmniFocus database to my NextCloud server. I then entered the same settings into the OmniFocus 4 desktop app. Now again it was asking me for a decryption passphrase …

I checked the OmniFocus 3 app on the phone and revealed the password in the WebDav settings. Surprisingly this was a password I recognise. Not the one for my OmniSync account and not the one for my NextCloud account. Nor the app specific NextCloud credentials…. I have no idea where from OmniFocus was pulling this password…

And of course … this password I tried with the OmniSync service for decrypting the database. But it didn’t work either.

At least I’ve got a working sync now after the upgrade to Version 4 …

#weeklyreview 08/24

18.02. – 24.02.2024

It seems like spring is coming. It’s way too warm for what used to be the coldest month of the year. The crocuses are coming out all over the place.

Berlinale

Watched “Treasure” from Julia von Heinz at the Berlinale. Invited by my friend Sam. She got us the tickets for Thursday night. The movie is the story of a daughter and father visiting the fathers childhood sites and concentration camp (her father is a Jew) in Poland. Very good story and very good play by Lena Dunham and Stephen Fry.

3D Printing

printed some door hooks to hang them shirts

Nocci posted the first part if his Spoolman series. A tool to track your filament spools for your 3D printer. I did my own installation of this nifty little tool the other week and had to fiddle with some Traefik settings for it as described here last week.

And after several weeks of rain and grey skies the weekend finally had sunshine all day long.

#weeklyreview 07/24

11.02. – 17.02.2024

Due to some scheduling mishap I went swimming two times that Sunday. We originally had an appointment for 11:00 am but the guys didn’t show up (of course I still went for a swim). Then the other half of the group agreed on a 1pm meet up. So I took a second round. The lake also gained quite some water over the last weeks of rain. We seem to be back at the level were we’ve been last year this time.

Traefik config voodoo

If you ever need to configure your container in a way that Traefik will allow traffic coming from specific IPs, but require HTTP Basic Authentication from all other IPs … this is how you’d configure this:

    labels:
       - "traefik.enable=true"
       - "traefik.http.routers.spoolman-internal.rule=( Host(`spooly.example.com`) && ClientIP(`192.168.75.0/24` ))"
       - "traefik.http.routers.spoolman-internal.entrypoints=websecure"
       - "traefik.http.routers.spoolman.rule=Host(`spooly.example.com`) && !ClientIP(`192.168.75.0/24` )"
       - "traefik.http.routers.spoolman.entrypoints=websecure"
       - "traefik.http.routers.spoolman.tls=true"
       - "traefik.http.routers.spoolman.tls.certresolver=letsencrypt"
       - "traefik.http.routers.spoolman-internal.tls.certresolver=letsencrypt"
       - "traefik.http.routers.spoolman.middlewares=auth-users"
       - "traefik.http.routers.spoolman-internal.tls=true"
       - "traefik.http.routers.spoolman.service=svc-spoolman"
       - "traefik.http.routers.spoolman-internal.service=svc-spoolman"
       - "traefik.http.services.svc-spoolman.loadbalancer.server.port=8000"
       - "traefik.http.middlewares.auth-users.basicauth.users=admin:$$2y$$05$$K5HviqYOC3ScWoRqUIQ80elXe.QByrAvpvmaDp9yj0oaA4L0LiCE6"

You basically have to define two separate Routers for the same service. Each Router has its own matching rules and own middlewares.

Mind that the ClientIP in the routers matching rule only matches on the ClientIP, not on IPs in the X-Forwared-For HTTP Header.

new T-Shirts \o/

QWertee had a special offer where you’d get a free T-Shirt every one you order. Even on the discounted ones … so I ended up with a whole bunch of new nerdy t-shirts πŸ˜€

Of course one was already occupied by kiddo

Birthday

another birthday in da house. The kids … they grow up so fast.

Elections

This is the big year of elections. On Saturday our village society elected a new board. That was formal but still fun. Especially as we there was another instance of our “Dorfdisco” afterwards \o/

From the camera roll

#weeklyreview 06/24

This week there were winter holidays for the kids. They got their report cards on the last school day. Both kids still in school doing rather good. So we can’t be happier about their achievements. πŸŽ‰

Of course we spent the week in the countryside. Didn’t felt for skiing holidays this year as there doesn’t seem to be much snow in the areas we used to go to anyway – due to climate catastrophe of course!

So I just spend the week working from the countryside doing some light activities with the kids.

Wednesday we went to the cinema with a friends kid to watch the new Studio Ghibli move “The boy and the heron“.

still frame from the movie, provided for personal use by Studio Ghibli, all rights reserved

As expected this was a colourful adventure. Some scenes might be a bit drastic (scary) for young kids, but overall this goes well in line with the previous Studio Ghibli movies.

Much richer, deeper and more fantastic than your Disney movies.


A friend started a blog about 3D printing and asked me whether I’d want to contribute. Of course I want. Even had a small topic to write about: the Z-Offset mystery.

On Saturday we did a day trip to Szczecin, Poland again. Plan was to see the city during daylight, as last time we’ve been there it was already pitch black night.

This plan only worked out partially. The day started very misty in our area. So we checked the weather forecast for Szczecin and that predicted at least partial sunshine for the afternoon. Turned out that was wrong. It stayed misty and foggy and maybe only got worse in the afternoon. We went to the Cafe 22, which is on the 22nd floor of a hotel. Theoretically a nice panoramic view over the whole city. Not on that Saturday. We could barely see the city right down to our feet. The rest was just inside clouds.

this was all we could see from the Autobahn

But we still managed to walk the city a bit a take a look at some beautiful old houses in the city.

#weeklyreview 05/24

Sunday fun day

As every Sunday, we tried to swim in the local lake. The ice that we skated on the weekend before was all molten way by Friday. So we thought swimming should be possible. To our surprise the night from Saturday to Sunday had low temperature of about -6ΒΊ C. So the lake again was completely frozen over. Fortunately just a few millimetres of ice and we were able to break it open to at least have a dip in the water.

At first I thought it’s thin enough to just swim through … but that turned out to be too optimistic. The ice was between 4-8 mm think. Easy to break with ones hand, but no chance to break and push it away with swimming. Of course we could quite some cuts all over the body from the sharp ice edges.

Sport

Made it to the gym 4 days this week. Also added one more (hopefully regular) running appointment with my good friend Andrea. She’s got a professional personal training company and they’re the best you can get in Berlin/Potsdam. Check them out if you want to improve your health and/or fitness. Maybe I’m biased because I know her since our time at school. But she must do something right because she managed to not only found this company and permanently employ personal trainers (in a field where you usually only have individual freelancers or gym studio chain staff) but also steer it through the pandemic and come out alive and kicking.

Wednesday I had slightly sore legs from the running and felt a little groggy hitting the rowing machine again in the gym. But again it’s those days when you feel the most inner resistance that you usually hit the ball out of the park. Finished my 30 minutes of rowing with a strong 7035 m distance.

Fixing the door

Our flat has rather wide, wheel chair compatible doors. Thats good as my wife needed to have a wheel chair when she was in really bad ME/CFS condition. These door blades are quite heavy and our kitchen door is open most of the time. Eventually the door frame got loose and the door blade was scratching on the ground when moving. This week my dad came over to help me fix this. Looks like the construction company of this building didn’t use the proper glue foam when installing the door frames. Thats why it became loose. But now it’s fixed and the door is freely swinging again. K3 immediately exclaimed “I love this door!” πŸ˜‚

The new CEO

Thursday our new CEO held a townhall meeting in the Berlin office. I’m usually an optimistic person and give benefit of the doubt to new people. But you know that there are also the die hard pessimists which don’t trust any C-level person out of principle. You have these in every company. To my surprise some of them also gave positive feedback about the new guy. Thats quite something if you ask me.

Of course, he still has to prove himself in day to day business. But making a first impression that extorts a positive statement from those kind of people is an achievement.

Mastodon Emergency Security Update

To make the week a little more interesting there was an emergency security update for the Mastodon Fediverse software. Apparently a remote account impersonation was passible and demanded immediate action from instance admins. I had my instances updated within about 2 hrs. Took a while as I didn’t check my emails or Mastodon feed because of meetings. Then of course my Jenkins build machine currently has some issue I have to debug first. Ended up creating my patched Docker containers for a 5000 character limit Mastodon on a different machine.

Finally some pics from my camera roll from this week for pure entertainment