Jae's Blog Creatures and blogs.

A quick blog post to announced that I archived a bunch of Yealink-related software on Archive.org, including firmware, manuals, and configuration tools.
This is due to Yealink’s support just removing things after updating their website.

You can find the files at:

• Yealink Configuration Generator Tool 2.0.0.16 V 83
• Yealink phone firmware & resources collection
• Yealink Logo Converter
• Collection of firmwares for the Yealink T42s

Happy hacking :)

---

Small update: I was curious about the firmware 3CX published on their website, being T4XS-66.86.0.180. This firmware not appearing on any official Yealink documentation, I sent them the following email:

Hey, I see that you are offering a T4XS-66.86.0.180 firmware for the Yealink T42s.
I wonder, what are the changes from the official one?
For instance, does the firmware lock the phone into 3cx or is it just bug fixes?
Thanks,
// jae

Today, I received the following response from 3CX:

Hello Jae,
Thank you for your message, The firmware versions you see on the 3CX website are official Yealink firmware build which are simply Tested, certified, and recommended by 3CX for use with 3CX systems
3CX does not modify or “custom-code” Yealink firmware. 
​For further information or comparisons of the firmwares, please contact Yealink directly. 
​Let me know if you require further assistance from our end. 

This firmware has therefore been added to the archive.

Happy new year again dear reader, hopefully you had wonderful holidays.
Me? I spent my holidays getting increasingly frustrated by a small software named FreePBX.

FreePBX, as its name suggest, is… a PBX… manager, PBX meaning Private Branch Exchange, or to do simple, your very own VoIP and telephony server.
As mentioned, FreePBX is only a front-end for another software called Asterisk, which does the real phone stuff in the background.

While both software are Open-Source, FreePBX being under (A)GPL v3 (for the most part, more on that later), and Asterisk GPLv2, there is a giant gap in quality between the two.
While Asterisk generally works like you would expect it to, FreePBX has been a hassle at all level, all the more exacerbated by the current documentation, being one of the worst I’ve seen in recent times.

More than that, the default FreePBX installation script installs a plethora of proprietary “commercial” modules, which has the tendency to show you ads on login.
It’s because of that poor documentation that I’m starting this small series of tutorial on how to make your own phone system using FreePBX.

“But Jae”, some might say, “why don’t you just contribute to the project instead”? The answer is simple: I’m not signing no damn SLA.

The installation

Of course, we have to start somewhere, and I actually think installing FreePBX is a good one.
There are two ways to install FreePBX:

• The distribution version, which is a modified Debian 12 ISO that ships FreePBX by default
• The automated installation script hosted on GitHub

In this tutorial, we’re gonna focus on the script version, as I have no idea how you’re getting servers, been provisioning them via a public cloud or having a spare machine.
So we’re going to make a few assumptions:

• You have a running Debian 12 server, freshly installed
• You know how to follow instructions
• The domain we’ll use is example.com (of course, replace with your domain)
• Your server is equivalent or above of a Hetzner CPX22 (4Gb RAM, 80Gb disk 2vCPU)
  

So SSH into your server, and let’s start the installation by:

# Get the actual script
$ wget https://github.com/FreePBX/sng_freepbx_debian_install/raw/master/sng_freepbx_debian_install.sh -O /tmp/sng_freepbx_debian_install.sh

# Don't forget to audit it :)
$ less /tmp/sng_freepbx_debian_install.sh

# And start the install
$ bash /tmp/sng_freepbx_debian_install.shCode language: Bash (bash)

This will take a while, go fill your bottle of water and get hydrated properly in the meanwhile.

Once this is done, our first step will be getting rid of most of the proprietary modules; sadly, some provide functionality that is needed to not have the worst experience in the world.
This step will throw errors, but don’t worry, in the FreePBX world, that’s normal.

# First, we get rid of everything
$ for x in $( fwconsole ma list | grep Commercial | awk '{print $2}' ); do fwconsole ma delete $x; done

# Install some dependencies
$ apt install build-essential

# Now we re-add the admin tools add-on
$ fwconsole ma install sysadmin

# Upgrade the rest
$ fwconsole ma upgradeall

# Double check for any remaining commercial modules
$ fwconsole ma list

# Small note: do NOT uninstall the sysadmin module since it's one of the essentials. The following is also an example.
$ fwconsole ma remove endpointCode language: Bash (bash)

Now, let’s head to the web interface using the IP displayed after the installation. There, you will have to set up basics such as the admin user and password.

Congrats, you now have a FreePBX instance! Beware, you’ll need to skip a few ads.

Once you have done this step, log into the FreePBX dashboard.
Make sure to enable the smart firewall when prompted, this is critical as bots will instantly hammer your server.

This will have the side effect of terminating your SSH connection, get your IP address (or even better, prefix), on the navigation bar, go in “Connectivity” then “Firewall”.
There, in the “Networks” tab, add your prefixes by clicking the small green “+”, hit “Save” in the bottom right and finally, hit “Apply config” in the top right.

You’ll see that “Apply config” button a lot, as most actions will require you to press it.

Configuring the basics

Now, we’re going to give the only concession we’ll ever give to FreePBX. Find some temporary email address and mailbox, it’ll be important in a few lines.

In the navigation bar, head to “Admin”, then “System Admin” near the bottom. On this page, click “Activate” (on the bottom right), and follow the prompts on screen, giving the add-on your fake email.
Don’t forget to put fake phone numbers as well.

Once you have an installation ID on screen, copy it, it’s faster to activate through the command line interface like so:

$ fwconsole sysadmin activate <deployment ID>
Code language: Bash (bash)

Thereafter, refresh the page, and you’ll see new options on the right.
In those new options, click on “HTTPS Setup” and open the “Here” hyperlink in a new tab.

On this new page, hit “New certificate”, then “Generate Let’s Encrypt Certificate”, and fill in the info with what you have. When you’re done, hit “Generate certificate” in the bottom-right corner.

You can now close this tab and come back to the one we left open. Refresh the page, then head into “Settings”, select your certificate in the dropdown and hit “Install”.
Congrats, now you can access your PBX admin panel via HTTPS.

---

… and that’s it for today.

Don’t miss the next tutorial, in which we’ll start adding extensions and configure emails.

Last post of the year, I hope everybody will have a wonderful 2026, even within those troubled times.

I was playing with my Yealink T42s IP phone last night, wanting to make some API endpoint that automatically generates a remote phone book for the phone.
The remote phone book uses XML formatted with custom elements that are described within their official “documentation” PDF, graciously archived here.

The PDF shows the following example (from “Yealink SIP Phones XML Browser Developer’s Guide”, page 49):

<?xml version="1.0" encoding="ISO-8859-1"?>
<YealinkIPPhoneDirectory
defaultIndex = "integer"
next = "URI"
previous = "URI"
Beep = "yes/no"
cancelAction="URI"
Timeout = "integer"
refresh=“refresh time“ url=“url“
LockIn = "yes/no">
    <Title wrap = "yes/no">Directory Title</Title>
    <URL>URL</URL>
    <InputField>
        <Parameter>name</Parameter>
        <preKey>key words of the contacts</preKey>
    </InputField>
    <MenuItem>
        <Prompt>Contact Name</Prompt>
        <URI>number</URI>
    </MenuItem>
    <!--Additional Menu Items may be added -->
    <!--Additional soft key items may be added -->
</YealinkIPPhoneDirectory>Code language: HTML, XML (xml)

However, if you try it yourself, you’ll find that when updating the phone book, no entries will show up.
This is because Yealink’s own documentation is faulty.

In reality, the phone book needs to look like this:

<?xml version="1.0" encoding="UTF-8"?>
<YealinkIPPhoneDirectory>
    <Title>PurplePBX</Title>
    <DirectoryEntry>
        <Name>Jae (desk)</Name>
        <Telephone>1911</Telephone>
    </DirectoryEntry>
</YealinkIPPhoneDirectory>Code language: HTML, XML (xml)

Replace the MenuItem by DirectoryEntry, Prompt by Name and URI by Telephone and you get a working directory.

Thank you, Yealink, for making confusing documentation, while completely removing old (and new) firmware downloads from your support site.

I promised it a few months ago, and here it is: ARM support for the Resonite Headless Server Software is now generally available.
So, what took so long in doing the port? FrooxEngine itself runs perfectly on ARM CPUs, the issue arising when trying to hit native libraries.
Resonite itself relies on about 250 external dependencies, most of which being Open-Source, some of them even shipping ARM support natively.

The issue remained in the 12 libraries left not shipping or supporting ARM, namely, FreeImage, Opus, crunch, Assimp, MSDFGen, Rnnoise, Brotli, Compressonator, SoundPipe, FreeType, SteamAudio and SteamWorks.NET.

Most of those libraries were trivial to build to ARM, and with a streak of luck, GitHub made ARM runners available right about the time I started working on this issue.
Before that, you needed to cross-compile everything or spin up some kind of QEMU VM for it. With the new runners, it became as easy as defining an OS array and using it like so (partial snippets):

# Define matrix of OS versions to use
strategy:
      matrix:
        osver: [ubuntu-latest, ubuntu-24.04-arm]

# Use it
runs-on: ${{ matrix.osver }}

# Set artifact name depending on platform
      - name: Set dist name
        run: |
          if ${{ matrix.osver == 'ubuntu-24.04-arm' }}; then
            echo "distname=arm-dist" >> "$GITHUB_ENV"
          else
            echo "distname=linux-dist" >> "$GITHUB_ENV"
          fi

# Upload artifact with right name
      - uses: actions/upload-artifact@v4
        with:
          path: Dist/
          name: ${{ env.distname }}Code language: PHP (php)

Yup, it’s that easy. Most of the libraries were trivial, building a C or C++ program for ARM on GitHub Actions basically equates to running the same commands on the ARM runner.

All this work was also the opportunity to clean up some files shipped in the FrooxEngine repository by bundling libraries directly into NuGet packages instead. Usually, those native libraries end up in runtimes/linux-arm64/native.

Now, why did it take so long to put this together, since it sounds so trivial? Well, that question can be answered with a single name: Steamworks.
We use Steam integrations (as Resonite is published on Steam), so of course, we do need to ship the Steam library, which at the time had no support for ARM64, completely crashing the type computing mechanism in FrooxEngine.

Fast-forward to November, Valve announces their headset, the Steam Frame. I didn’t care much for the headset itself, only that with it being ARM, it meant that we would finally get official ARM support for a bunch of stuff from Valve. A week or two later, they finally delivered, updating the Steamworks API library to support officially ARM.
At first updating the library itself proved difficult as for some reason, Steamworks.NET builds every single architecture separately. Luckily, a PR opened on the official repository made quick work of it, and provided proper ARM builds.

Early testing of the headless was done on the Oracle Cloud Free tier ARM machine. With Steamworks patched, I finally watched the headless run flawlessly on that machine, the only error remaining being the Discord social SDK complaining about the architecture. Luckily, Discord isn’t as critical and can be ignored.

All in all, this was a fun issue to tackle, and it opens the door for more ARM stuff in the future. Maybe a native ARM build for the Steam Frame, or a mobile build? Who knows?

In any case, time for you all to finally put that Raspberry Pi you’ve had on your shelf for the past 5 years to good use again.

A small reminder that you need at least the Discoverer plan to get access to the Headless Server Software; however, any support of Resonite is greatly appreciated.
If you wish to support us, you can subscribe within the account website.

Special thanks to the people & creatures that made this possible through research, direct contributions, or testing:

• Cyro
• AdamK2003
• Orion Moonclaw
• Gamethecupdog

I recently got a Yealink T42S IP phone to play around with.

To get that question out of the way first, “why”? Because it’s fun to have a proper phone on my desk.

Right now, I have a few PBXes configured on it, in two categories.
Proper PBXes where I get a proper phone number:

• Callcentric, which you can reach me at +1 (438) 500-2694 from; offers really cheap DIDs through a promotion, though the numbers are North American
• VoIP.ms, which you can reach me at +358942459241; offers really low costs in general, DID is a bit more expensive, but has free inbound for residential (I also have a referral code if you’re interested)

Now, most of the PBXes I’m on are hobby projects, those that aren’t routed publicly, but free to join:

• HamPY, which is a network running for radio hams in Finland; you can reach me via 17228
• Hams Over IP, which is a more global network for radio hams; you can reach me via 200564, my callsign or DMR ID
• LiteNet, which is a hobbyist community project; you can reach me via 1059
• Another private one by a friend, my extension is 1911, but I doubt any of you is on it

Configuring the phone is generally really easy, it has a web interface from which you can enter all the info (also don’t forget to turn on IPv6!).

Over the past half year, I’ve had the pleasure of Collaborating with Bellingcat as a contributor to their OSINT (Open-Source Intelligence) challenge platform.

For those who aren’t aware, Bellingcat is an independent investigative journalism group based in the Netherlands that publishes investigations using OSINT about war, human rights abuses and the criminal underground (this description is shamelessly stolen from the Wikipedia article as they describe it well).

This all started back in March 2025, when I published this challenge in their Discord community. The premises are simple: find where that scan was taken.
Just a few minutes later, already three people managed to find the location; a few days later even more. This challenge seemed well-received, and I was contacted by the Producer of Bellingcat to create a few more challenges for their Open-Source Challenges Platform.

All the challenges took half a year to collect, design; and over 6000 km of travel was needed within Europe.
Though I’m a bit sad some scans didn’t make the final cut (some of the ones I originally planned turned out worse than I imagined), the challenges turned good overall.

I want to thank Bellingcat for this opportunity to collaborate, and I encourage anyone to check out the Open-Source Challenge platform, and even donate to them. The challenge scans will be made available within Resonite in 6 months time from now.

Quick blog post to advertise the Resonite panel at Eurofurence 29, which should be next week, on Thursday 4th of September.

If you are attending Eurofurence, direct yourself to the room CCH X 5-8 at 13:00 (local time).

The panel will last approximately an hour and half, and developers and community members will be present.

Hope to see you all there!

Also see Eurofurence events website for more information: https://www.eurofurence.org/EF29/schedule/events/3042.en.html.

When you visited this blog, you might have noticed a new interstitial screen.

This is Anubis, and just like the Egyptian god, it will weigh your soul before granting you entry on my humble blog.

This is mainly to stop the slew of bots and other scrappers that hit my blog all the time, those get annoying and waste resources.

In most cases, the check should be quick enough that you won’t even notice the Anubis challenge screen.

MeuhMeuhCraft was a Minecraft server opened in 2013 which continued up until its closure in 2015.

Young me, playing Minecraft, joined this server. The factions survival world was where I made some friends, and where I also learned some stuff about the game, such as making potions.

It’s last year that a thought came to my mind: what if I could find a save of the world, and see some of those memories again, my friend’s base, my underwater one, etc, etc.

Sadly, the website only had one usable capture on the Internet Archive, so not much slack to play with.

With this in mind, I bought the old domain, meuhmeuhcraft.fr, and hosted a page saying:

I’m trying to contact the owner of this server to have a copy of the world (even if it might not exist any more).

If you have information on this server, please email me at [my email address].

Almost a year after setting this message up, a surprise came in my email. On 2025/06/30, I was contacted by a friend of the owners, asking me for more information as for why I wanted the map. The next day, I was talking directly with one of the owners of the server, something I wouldn’t have expected ever.

More than that, on 2025/07/06, I received a full copy of the world- and of the full server files. So I booted up the server, a CraftBukkit 1.7.2, a copy of the game, and there it was, the old server, in all its glory.

Alas, my old base was completely destroyed, probably a raid shortly after I stopped being active.

More than that, those worlds are now available to visit within Resonite!

Here are the parts I already imported:

• The spawn area: https://go.resonite.com/record/U-j4/R-cf70ce23-1688-436e-ba69-cf2a5826c520
• My old base: https://go.resonite.com/record/U-j4/R-4432301f-ec0d-4c4f-9f01-e28afdd7944f
• Waterside base: https://go.resonite.com/record/U-j4/R-3cbc4ea6-0286-42c6-bb1d-6b187ff7c4fe
• Stadium base: https://go.resonite.com/record/U-j4/R-76792208-744f-4291-b5c7-d24da2d608b8
• Boat base: https://go.resonite.com/record/U-j4/R-cdf95817-8d63-4b09-bd2e-5bc5b4919576

All the text on the signs were eaten by the exporter, so sadly those didn’t survive the export to Resonite.

I want to extend my largest thanks to the server owners, mattoo64 and hombeline64, which took the time to find and send me the maps. Even more, their resolute to back the files up for so long.

Without them, this whole thing couldn’t have happened.

I also want to extend thanks to their friend, who noticed my message and was kind enough to put us in contact with each other.

Stay tuned as a read-only version of the server will be hosted in the future.

In the past, I used to have a few PGP keys that were distributed either manually, or through my website.

As of now, all those keys are invalidated as I switched completely to SSH keys a few years ago.

So, if you want to verify commits, or anything signed that I publish, please use the following keys:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvTe4xw7OAMA9HJtsHAR5BNNrP9X0hXbtASrgKDdnOT
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDwCQ4IcPyL/0Nz2jNayUrN0B+zsEZ5oa8BepdtAYZLr

Those are respectively the key used by my workstation, and my laptop.

The easiest way to use those, is to add them to your allowed_signers file, for instance:

*@j4.lc namespaces="git" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvTe4xw7OAMA9HJtsHAR5BNNrP9X0hXbtASrgKDdnOT Workstation
*@j4.lc namespaces="git" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDwCQ4IcPyL/0Nz2jNayUrN0B+zsEZ5oa8BepdtAYZLr LaptopCode language: CSS (css)