Compare commits
1 Commits
Author | SHA1 | Date | |
---|---|---|---|
42698372ad |
11
content/.obsidian/app.json
vendored
|
@ -1,11 +0,0 @@
|
|||
{
|
||||
"spellcheck": true,
|
||||
"autoPairBrackets": false,
|
||||
"autoPairMarkdown": false,
|
||||
"vimMode": false,
|
||||
"useMarkdownLinks": false,
|
||||
"attachmentFolderPath": "media",
|
||||
"alwaysUpdateLinks": true,
|
||||
"legacyEditor": false,
|
||||
"promptDelete": false
|
||||
}
|
5
content/.obsidian/appearance.json
vendored
|
@ -1,5 +0,0 @@
|
|||
{
|
||||
"theme": "moonstone",
|
||||
"baseFontSize": 16,
|
||||
"accentColor": ""
|
||||
}
|
31
content/.obsidian/core-plugins-migration.json
vendored
|
@ -1,31 +0,0 @@
|
|||
{
|
||||
"file-explorer": true,
|
||||
"global-search": true,
|
||||
"switcher": true,
|
||||
"graph": true,
|
||||
"backlink": true,
|
||||
"outgoing-link": false,
|
||||
"tag-pane": false,
|
||||
"page-preview": true,
|
||||
"daily-notes": false,
|
||||
"templates": false,
|
||||
"note-composer": true,
|
||||
"command-palette": true,
|
||||
"slash-command": false,
|
||||
"editor-status": true,
|
||||
"starred": false,
|
||||
"markdown-importer": true,
|
||||
"zk-prefixer": false,
|
||||
"random-note": false,
|
||||
"outline": true,
|
||||
"word-count": true,
|
||||
"slides": false,
|
||||
"audio-recorder": false,
|
||||
"workspaces": false,
|
||||
"file-recovery": true,
|
||||
"publish": false,
|
||||
"sync": false,
|
||||
"canvas": true,
|
||||
"bookmarks": true,
|
||||
"properties": false
|
||||
}
|
17
content/.obsidian/core-plugins.json
vendored
|
@ -1,17 +0,0 @@
|
|||
[
|
||||
"file-explorer",
|
||||
"global-search",
|
||||
"switcher",
|
||||
"graph",
|
||||
"backlink",
|
||||
"canvas",
|
||||
"page-preview",
|
||||
"note-composer",
|
||||
"command-palette",
|
||||
"editor-status",
|
||||
"bookmarks",
|
||||
"markdown-importer",
|
||||
"outline",
|
||||
"word-count",
|
||||
"file-recovery"
|
||||
]
|
22
content/.obsidian/graph.json
vendored
|
@ -1,22 +0,0 @@
|
|||
{
|
||||
"collapse-filter": true,
|
||||
"search": "",
|
||||
"showTags": false,
|
||||
"showAttachments": false,
|
||||
"hideUnresolved": false,
|
||||
"showOrphans": true,
|
||||
"collapse-color-groups": true,
|
||||
"colorGroups": [],
|
||||
"collapse-display": true,
|
||||
"showArrow": false,
|
||||
"textFadeMultiplier": 0,
|
||||
"nodeSizeMultiplier": 1,
|
||||
"lineSizeMultiplier": 3.32478632478632,
|
||||
"collapse-forces": true,
|
||||
"centerStrength": 0.518713248970312,
|
||||
"repelStrength": 10,
|
||||
"linkStrength": 1,
|
||||
"linkDistance": 250,
|
||||
"scale": 0.9044367002205442,
|
||||
"close": true
|
||||
}
|
1
content/.obsidian/hotkeys.json
vendored
|
@ -1 +0,0 @@
|
|||
{}
|
113
content/.obsidian/workspace
vendored
|
@ -1,113 +0,0 @@
|
|||
{
|
||||
"main": {
|
||||
"id": "69e9da393623ab60",
|
||||
"type": "split",
|
||||
"children": [
|
||||
{
|
||||
"id": "160122bd13ae4b72",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "markdown",
|
||||
"state": {
|
||||
"file": "Bypassing Ports.md",
|
||||
"mode": "source",
|
||||
"source": false
|
||||
}
|
||||
}
|
||||
}
|
||||
],
|
||||
"direction": "vertical"
|
||||
},
|
||||
"left": {
|
||||
"id": "3885f82c1ab72e1b",
|
||||
"type": "split",
|
||||
"children": [
|
||||
{
|
||||
"id": "0e37795504669957",
|
||||
"type": "tabs",
|
||||
"children": [
|
||||
{
|
||||
"id": "e5f5df16367f5f9a",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "file-explorer",
|
||||
"state": {}
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "15b64333baa0fbc2",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "search",
|
||||
"state": {
|
||||
"query": "",
|
||||
"matchingCase": false,
|
||||
"explainSearch": false,
|
||||
"collapseAll": false,
|
||||
"extraContext": false,
|
||||
"sortOrder": "alphabetical"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"direction": "horizontal",
|
||||
"width": 300
|
||||
},
|
||||
"right": {
|
||||
"id": "260bba8f76f307a9",
|
||||
"type": "split",
|
||||
"children": [
|
||||
{
|
||||
"id": "21c556d6660f839b",
|
||||
"type": "tabs",
|
||||
"children": [
|
||||
{
|
||||
"id": "528c8f9657044ea2",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "backlink",
|
||||
"state": {
|
||||
"file": "Bypassing Ports.md",
|
||||
"collapseAll": false,
|
||||
"extraContext": false,
|
||||
"sortOrder": "alphabetical",
|
||||
"showSearch": false,
|
||||
"searchQuery": "",
|
||||
"backlinkCollapsed": false,
|
||||
"unlinkedCollapsed": true
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "79f3ff4100fe3ae6",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "outline",
|
||||
"state": {
|
||||
"file": "Bypassing Ports.md"
|
||||
}
|
||||
}
|
||||
}
|
||||
],
|
||||
"currentTab": 1
|
||||
}
|
||||
],
|
||||
"direction": "horizontal",
|
||||
"width": 300
|
||||
},
|
||||
"active": "160122bd13ae4b72",
|
||||
"lastOpenFiles": [
|
||||
"Fake Dog.md",
|
||||
"Backup Strategy.md",
|
||||
"About.md",
|
||||
"Acoustic Panels.md",
|
||||
"Hydroponics.md",
|
||||
"Hydroponics Aphid War.md",
|
||||
"Hand of Ozymandias.md",
|
||||
"Garage Door Opener.md",
|
||||
"Bypassing Ports.md",
|
||||
"Plant Waterer.md"
|
||||
]
|
||||
}
|
226
content/.obsidian/workspace.json
vendored
|
@ -1,226 +0,0 @@
|
|||
{
|
||||
"main": {
|
||||
"id": "69e9da393623ab60",
|
||||
"type": "split",
|
||||
"children": [
|
||||
{
|
||||
"id": "59ed96d9876185c9",
|
||||
"type": "tabs",
|
||||
"children": [
|
||||
{
|
||||
"id": "160122bd13ae4b72",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "markdown",
|
||||
"state": {
|
||||
"file": "Secret Garden.md",
|
||||
"mode": "source",
|
||||
"source": false
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "238ba022d07a7436",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "markdown",
|
||||
"state": {
|
||||
"file": "Fake Dog.md",
|
||||
"mode": "source",
|
||||
"source": false
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "d9a16803d250ddc4",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "markdown",
|
||||
"state": {
|
||||
"file": "Secret Garden.md",
|
||||
"mode": "source",
|
||||
"source": false
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "24a62ccdfd18a884",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "markdown",
|
||||
"state": {
|
||||
"file": "Makerspace Tours.md",
|
||||
"mode": "source",
|
||||
"source": false
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "1f1f024283ea8110",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "markdown",
|
||||
"state": {
|
||||
"file": "Helios Alpha.md",
|
||||
"mode": "source",
|
||||
"source": false
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "60389a84493f7fa2",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "markdown",
|
||||
"state": {
|
||||
"file": "Hydroponics.md",
|
||||
"mode": "source",
|
||||
"source": false
|
||||
}
|
||||
}
|
||||
}
|
||||
],
|
||||
"currentTab": 3
|
||||
}
|
||||
],
|
||||
"direction": "vertical"
|
||||
},
|
||||
"left": {
|
||||
"id": "3885f82c1ab72e1b",
|
||||
"type": "split",
|
||||
"children": [
|
||||
{
|
||||
"id": "0e37795504669957",
|
||||
"type": "tabs",
|
||||
"children": [
|
||||
{
|
||||
"id": "e5f5df16367f5f9a",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "file-explorer",
|
||||
"state": {
|
||||
"sortOrder": "alphabetical"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "15b64333baa0fbc2",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "search",
|
||||
"state": {
|
||||
"query": "",
|
||||
"matchingCase": false,
|
||||
"explainSearch": false,
|
||||
"collapseAll": false,
|
||||
"extraContext": false,
|
||||
"sortOrder": "alphabetical"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "7bdb31d1bda5b8c9",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "bookmarks",
|
||||
"state": {}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"direction": "horizontal",
|
||||
"width": 200
|
||||
},
|
||||
"right": {
|
||||
"id": "260bba8f76f307a9",
|
||||
"type": "split",
|
||||
"children": [
|
||||
{
|
||||
"id": "21c556d6660f839b",
|
||||
"type": "tabs",
|
||||
"children": [
|
||||
{
|
||||
"id": "528c8f9657044ea2",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "backlink",
|
||||
"state": {
|
||||
"file": "Makerspace Tours.md",
|
||||
"collapseAll": false,
|
||||
"extraContext": false,
|
||||
"sortOrder": "alphabetical",
|
||||
"showSearch": false,
|
||||
"searchQuery": "",
|
||||
"backlinkCollapsed": false,
|
||||
"unlinkedCollapsed": true
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "79f3ff4100fe3ae6",
|
||||
"type": "leaf",
|
||||
"state": {
|
||||
"type": "outline",
|
||||
"state": {
|
||||
"file": "Makerspace Tours.md"
|
||||
}
|
||||
}
|
||||
}
|
||||
],
|
||||
"currentTab": 1
|
||||
}
|
||||
],
|
||||
"direction": "horizontal",
|
||||
"width": 300,
|
||||
"collapsed": true
|
||||
},
|
||||
"left-ribbon": {
|
||||
"hiddenItems": {
|
||||
"switcher:Open quick switcher": false,
|
||||
"graph:Open graph view": false,
|
||||
"canvas:Create new canvas": false,
|
||||
"command-palette:Open command palette": false,
|
||||
"markdown-importer:Open format converter": false
|
||||
}
|
||||
},
|
||||
"active": "24a62ccdfd18a884",
|
||||
"lastOpenFiles": [
|
||||
"Secret Garden.md",
|
||||
"Hydroponics.md",
|
||||
"Makerspace Tours.md",
|
||||
"Linux Flavour.md",
|
||||
"Fake Dog.md",
|
||||
"Wine Crate Coffee Table.md",
|
||||
"Things I Recommend.md",
|
||||
"t0txt.md",
|
||||
"t0 Services.md",
|
||||
"Spaceport.md",
|
||||
"Solar Car.md",
|
||||
"Sensors.md",
|
||||
"Helios Alpha.md",
|
||||
"QotNews.md",
|
||||
"Protospace.md",
|
||||
"Plant Waterer.md",
|
||||
"Painting.md",
|
||||
"Notica.md",
|
||||
"Light Switch.md",
|
||||
"LED Dress.md",
|
||||
"Japan Photography.md",
|
||||
"Hydroponics Log 3.md",
|
||||
"Hydroponics Log 2.md",
|
||||
"Hydroponics Log 1.md",
|
||||
"Hydroponics Aphid War.md",
|
||||
"Hand of Ozymandias.md",
|
||||
"media/nft2.jpg",
|
||||
"media/nft1.png",
|
||||
"media/ports1.svg",
|
||||
"media/backup1.svg",
|
||||
"media/japan12hi.jpg",
|
||||
"media/japan11hi.jpg",
|
||||
"media/japan10hi.jpg",
|
||||
"media/japan09hi.jpg",
|
||||
"media/japan08hi.jpg",
|
||||
"media/japan07hi.jpg"
|
||||
]
|
||||
}
|
|
@ -1,21 +0,0 @@
|
|||
Title: About
|
||||
Date: 2022-07-23
|
||||
Category: Notes
|
||||
Summary: About me and my website.
|
||||
Wide: true
|
||||
|
||||
## Me
|
||||
I was born in the early '90s and spent a lot of time growing up playing with computers and electricity. It eventually became my passion and lead to me getting a degree in electrical engineering with a minor in computer engineering. I then got into makerspaces and the maker movement: like-minded people getting together to build things for fun. Most of what I build is software because I can work on it from anywhere. When I build physical things they usually involve electricity as a means to allow software to interact with the world. I work in the home automation field and have spent a lot of time automating my own home.
|
||||
|
||||
### Uses
|
||||
I do my computing on a ThinkPad X1 Carbon laptop running Debian GNU/Linux with GNOME. Most of my work is done over ssh because it allows me to pause or move to my desktop quickly and there's less risk of losing data. I edit text with Vim in Byobu (tmux) terminal sessions. I browse the web with Librewolf, a privacy fork of Firefox. I mainly communicate via Telegram Messenger or email.
|
||||
|
||||
I don't like tweaking or configuring settings so I try to leave things default unless something really annoys me or it improves my workflow greatly. It's easy to sink an infinite amount of time into optimizing your workflow and then die having made nothing.
|
||||
|
||||
## Website
|
||||
There's two versions of this website, a main version at <https://tanner.vc> and a lite version at <https://t0.vc>. The reason is because I found myself continually removing features from the main version for sport and to satisfy my millennial craving for brutalist design. I was already running several [[t0 Services | services]] on t0.vc subdomains but had nothing on the main domain. So it's the perfect use for it and I can experiment to see how brutalist I can make it.
|
||||
|
||||
### Colophon
|
||||
I use the static site generator Pelican to build the websites from a folder of markdown documents which I edit with Obsidian in Vim mode. This makes writing content feel like taking notes, since media and internal links are taken care of. The two versions are simply different themes loaded by different Pelican configs. The output is uploaded to my host via rsync and served by Nginx.
|
||||
|
||||
You can find the [source code](https://git.tannercollin.com/tanner/personal-site) on my Gitea.
|
|
@ -1,26 +0,0 @@
|
|||
Title: Theatre Acoustic Panels
|
||||
Date: 2021-10-21
|
||||
Category: Creations
|
||||
Summary: Panels for acoustic treatment in my home theatre.
|
||||
Image: panel3.jpg
|
||||
Tags: feed
|
||||
|
||||
Acoustic treatment is one of the most overlooked aspects of home audio. There's no point in spending money on premium speakers if the room they are playing in has poor acoustics.
|
||||
|
||||
The primary purpose of acoustic panels is to reduce the reverberations caused by sound reflecting off the smooth walls of the theatre. The path of the reflected sound is a longer distance to your ear compared to the sound coming directly from the speaker. This causes the reflected sound to be delayed by the time it reaches your ear. The delayed signal interferes with itself, causing comb filtering which distorts the signal.
|
||||
|
||||
Acoustic panels are placed geometrically where the sound from the speakers would reflect off the wall to reach the listener's ears. The insulation inside the panels absorbs energy from the soundwave which reduces its volume and interference.
|
||||
|
||||
![[ panel1.jpg | twelve L-shaped corners of the panels stacked together leaning on a table saw in a wood shop]]
|
||||
|
||||
I made six frames in the wood shop of my local makerspace, [[Protospace]]. After cutting the 1x4" pine boards to length, I made a jig so I could quickly join them together with screws.
|
||||
|
||||
![[ panel2.jpg | a panel with insulation inside on the ground about to be wrapped with black fabric]]
|
||||
|
||||
I added 4" batts of Rockwool insulation into each frame after it was assembled. I then wrapped the frame with black speaker fabric and stapled it in place while trying to pull it taut.
|
||||
|
||||
I sat in my theatre while a friend slid a handheld mirror along the wall until I could see the middle of the speaker in its reflection. This told me the centre point of where to mount each panel because the reflected sound would take the same path to my ear.
|
||||
|
||||
<span class="aside">(Four in the front, two in the back)</span>
|
||||
|
||||
![[panel3.jpg | four black acoustic panels mounted on the walls in my home theatre]]
|
|
@ -1,15 +0,0 @@
|
|||
Title: Airflow
|
||||
Date: 2023-03-07
|
||||
Category: Notes
|
||||
Summary: Point a fan at indoor hydroponic plants once they develop their true leaves.
|
||||
|
||||
Airflow across plants is important because it helps with [transpiration][1], the process of water movement through a plant and evaporation off its leaves. The water is used to move minerals up the plant from its roots. Quoting Wikipedia:
|
||||
|
||||
> In still air, water lost due to transpiration can accumulate in the form of vapor close to the leaf surface. This will reduce the rate of water loss, as the water potential gradient from inside to outside of the leaf is then slightly less. The wind blows away much of this water vapor near the leaf surface, making the potential gradient steeper and speeding up the diffusion of water molecules into the surrounding air. Even in wind, though, there may be some accumulation of water vapor in a thin boundary layer of slower moving air next to the leaf surface. The stronger the wind, the thinner this layer will tend to be, and the steeper the water potential gradient.
|
||||
|
||||
A lack of airflow can cause [mineral deficiencies][2] which is why it's recommended to point a fan at plants grown hydroponically. The plant can't do anything to fix too little airflow, but can close [stomas][3] to correct for too much airflow.
|
||||
|
||||
|
||||
[1]: https://en.wikipedia.org/wiki/Transpiration
|
||||
[2]: https://hortamericas.com/blog/science/how-to-avoid-calcium-deficiency-in-controlled-environment-food-crops/
|
||||
[3]: https://en.wikipedia.org/wiki/Stoma
|
|
@ -1,8 +0,0 @@
|
|||
Title: Algae Growth
|
||||
Date: 2023-03-11
|
||||
Category: Notes
|
||||
Summary: Prevent hydroponic algae from growing by blocking light to any nutrient solution.
|
||||
|
||||
Algae will grow anywhere light is able to touch hydroponic nutrient solution. This won't be a problem if the solution is regularly flushed. In Kratky systems the algae will compete for resources with your plants and grow exponentially.
|
||||
|
||||
The solution is to prevent light from reaching the solution by using dark containers and covering exposed parts with and opaque material such as aluminium foil.
|
|
@ -1,376 +0,0 @@
|
|||
Title: Bypassing ISP Blocked Ports
|
||||
Date: 2023-12-10
|
||||
Category: Writing
|
||||
Summary: Bypass ISP blocked ports using VPN port forwarding for public access.
|
||||
Image: ports1.svg
|
||||
Wide: true
|
||||
Tags: feed
|
||||
|
||||
[TOC]
|
||||
|
||||
My residential ISP blocks inbound traffic to common ports like 22, 80, and 443. I use an OpenVPN tunnel to forward these ports so that I can self-host a public media server. It does __not__ require users to be on the VPN.
|
||||
|
||||
This article explains how I set it up and is targeted towards Linux sysadmins.
|
||||
|
||||
## Overview
|
||||
|
||||
I have a cheap $6 per month virtual server with [Digital Ocean](https://digitalocean.com) that runs Debian GNU/Linux 12. An OpenVPN server is running on this virtual server.
|
||||
|
||||
My media server at home has an OpenVPN client connected to the server and is assigned a static IP on the VPN network.
|
||||
|
||||
The virtual server has routing enabled and forwards inbound traffic __from the internet__ to my media server at home. This allows me to have external HTTP and SSH access.
|
||||
|
||||
![[ports1.svg | a diagram of my setup. the client computer connecting to my home server through the cloud using a VPN tunnel.]]
|
||||
|
||||
## Server Setup
|
||||
|
||||
Spin up a Debian 12 server on your favourite hosting provider. If you're using an older version of Debian, you can follow the [[Bypassing Ports Old |old version of this article]]. You should harden this server. Assign a subdomain to it like `vpn.example.com`.
|
||||
|
||||
Install the following requirements:
|
||||
|
||||
```
|
||||
$ sudo apt update
|
||||
$ sudo apt install openvpn easy-rsa ufw
|
||||
$ sudo ufw allow ssh
|
||||
$ sudo ufw allow 1194 # openvpn's port
|
||||
```
|
||||
|
||||
### OpenVPN Server
|
||||
|
||||
These steps roughly follow [this guide](https://wiki.debian.org/OpenVPN#TLS-enabled_VPN_connection).
|
||||
|
||||
Generate TLS certificates and keys:
|
||||
|
||||
```
|
||||
$ cd /etc/openvpn
|
||||
$ sudo openvpn --genkey secret static.key
|
||||
$ sudo make-cadir easy-rsa/
|
||||
$ sudo chown -R tanner:tanner /etc/openvpn
|
||||
```
|
||||
|
||||
Replace `tanner` with your Linux username, this is temporary.
|
||||
|
||||
<span class="aside">(The certs will expire in 100 years)</span>
|
||||
|
||||
```
|
||||
$ cd easy-rsa/
|
||||
$ export EASYRSA_CERT_EXPIRE=36500
|
||||
$ export EASYRSA_CA_EXPIRE=36500
|
||||
$ ./easyrsa init-pki
|
||||
$ ./easyrsa build-ca
|
||||
```
|
||||
|
||||
Enter passwords you won't forget in case you want to add another client later. The Common Name you choose is not important.
|
||||
|
||||
Generate Diffie–Hellman params:
|
||||
|
||||
```
|
||||
$ ./easyrsa gen-dh
|
||||
```
|
||||
|
||||
Generate a server cert:
|
||||
|
||||
```
|
||||
$ ./easyrsa build-server-full server nopass
|
||||
```
|
||||
|
||||
Generate client certs:
|
||||
|
||||
```
|
||||
$ ./easyrsa build-client-full mediaserver nopass
|
||||
$ ./easyrsa build-client-full anotherserver nopass
|
||||
... etc
|
||||
```
|
||||
|
||||
We make a `mediaserver` client because we want to assign a static IP to it. You need to make a different one for each client you want with a static IP.
|
||||
|
||||
Also, if you want generic clients that all get dynamic IPs for use on your laptop, phone, etc. to protect you from public WiFi (like a normal VPN), create only a single extra one:
|
||||
|
||||
```
|
||||
$ ./easyrsa build-client-full client nopass # optional
|
||||
```
|
||||
|
||||
Leave off `nopass` if you want to password protect the config file keys when you set up a new client (PEM pass phrase).
|
||||
|
||||
Create the server config file `/etc/openvpn/server.conf`:
|
||||
|
||||
<span class="aside">(Can't use port 443 here since it'll be forwarded)</span>
|
||||
|
||||
```
|
||||
port 1194
|
||||
proto udp
|
||||
dev tun
|
||||
topology subnet
|
||||
ca /etc/openvpn/easy-rsa/pki/ca.crt
|
||||
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
|
||||
key /etc/openvpn/easy-rsa/pki/private/server.key
|
||||
dh /etc/openvpn/easy-rsa/pki/dh.pem
|
||||
tls-auth /etc/openvpn/static.key 0
|
||||
client-config-dir /etc/openvpn/ccd
|
||||
server 10.8.0.0 255.255.255.0
|
||||
client-to-client
|
||||
duplicate-cn
|
||||
keepalive 10 120
|
||||
cipher AES-256-GCM
|
||||
auth SHA256
|
||||
comp-lzo
|
||||
max-clients 10
|
||||
user nobody
|
||||
group nogroup
|
||||
persist-key
|
||||
persist-tun
|
||||
```
|
||||
|
||||
Assign a static IP:
|
||||
|
||||
<span class="aside">(Your home server will be `10.8.0.100`)</span>
|
||||
|
||||
```
|
||||
$ cd /etc/openvpn
|
||||
$ mkdir ccd
|
||||
$ echo "ifconfig-push 10.8.0.100 255.255.255.0" > mediaserver
|
||||
$ echo "ifconfig-push 10.8.0.101 255.255.255.0" > anotherserver
|
||||
```
|
||||
|
||||
Test your config by running:
|
||||
|
||||
```
|
||||
$ sudo openvpn --config /etc/openvpn/server.conf
|
||||
```
|
||||
|
||||
If you run `ip addr` in another terminal, you should see an entry like this:
|
||||
|
||||
```
|
||||
5: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> stuff
|
||||
link/none
|
||||
inet 10.8.0.1/24 brd 10.8.0.255 scope global tun0
|
||||
valid_lft forever preferred_lft forever
|
||||
inet6 fe80::d9fc:b2f9:34e6:5ed2/64 scope link stable-privacy
|
||||
valid_lft forever preferred_lft forever
|
||||
```
|
||||
|
||||
Change back ownership:
|
||||
|
||||
```
|
||||
$ sudo chown -R root:root /etc/openvpn
|
||||
```
|
||||
|
||||
### systemd
|
||||
|
||||
If it works fine, persist OpenVPN with systemd:
|
||||
|
||||
```
|
||||
$ sudo systemctl enable openvpn@server
|
||||
$ sudo systemctl start openvpn@server
|
||||
$ sudo systemctl daemon-reload
|
||||
$ sudo service openvpn restart
|
||||
```
|
||||
|
||||
Test it works by rebooting:
|
||||
|
||||
```
|
||||
$ sudo reboot
|
||||
$ ssh vpn.example.com
|
||||
$ ip addr
|
||||
```
|
||||
|
||||
### Port Forwarding
|
||||
|
||||
I use `ufw` to handle the iptables rules because I use it anyway as a firewall when I harden my servers.
|
||||
|
||||
Enable routing:
|
||||
|
||||
```
|
||||
$ sudo sysctl net.ipv4.ip_forward=1
|
||||
```
|
||||
|
||||
Edit `/etc/sysctl.conf` to set:
|
||||
|
||||
```
|
||||
net.ipv4.ip_forward=1
|
||||
```
|
||||
|
||||
Edit `/etc/default/ufw` to set:
|
||||
|
||||
```
|
||||
DEFAULT_FORWARD_POLICY="ACCEPT"
|
||||
```
|
||||
|
||||
Add this to the top of `/etc/ufw/before.rules`:
|
||||
|
||||
```
|
||||
*nat
|
||||
:POSTROUTING ACCEPT [0:0]
|
||||
|
||||
# ssh port forwarding
|
||||
-A PREROUTING -d 123.123.123.123 -p tcp --dport 2222 -j DNAT --to-dest 10.8.0.100:2222
|
||||
-A POSTROUTING -d 10.8.0.100 -p tcp --dport 2222 -j SNAT --to-source 10.8.0.1
|
||||
|
||||
# Allow traffic from OpenVPN client to eth0
|
||||
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
|
||||
COMMIT
|
||||
```
|
||||
|
||||
Replace `123.123.123.123` with your VPN server's external IP address and `eth0` with the external interface.
|
||||
|
||||
This will forward TCP traffic on port 2222 to your home server. If you want to use port 22, then you need to set the VPN SSH server to something else.
|
||||
|
||||
A full example of `/etc/ufw/before.rules` with other ports included can be found here:
|
||||
|
||||
[https://txt.t0.vc/URUG](https://txt.t0.vc/URUG)
|
||||
|
||||
Apply the changes to `ufw`:
|
||||
|
||||
```
|
||||
$ sudo ufw disable && sudo ufw enable
|
||||
```
|
||||
|
||||
## Client Setup
|
||||
|
||||
Switch to your home server or client machine.
|
||||
|
||||
Install OpenVPN:
|
||||
|
||||
```
|
||||
$ sudo apt update
|
||||
$ sudo apt install openvpn
|
||||
```
|
||||
|
||||
### Client Configs
|
||||
|
||||
For static IP clients (like your home server), create the config file `/etc/openvpn/client.conf`:
|
||||
|
||||
```
|
||||
client
|
||||
dev tun
|
||||
proto udp
|
||||
remote vpn.example.com 1194
|
||||
resolv-retry infinite
|
||||
nobind
|
||||
persist-key
|
||||
persist-tun
|
||||
remote-cert-tls server
|
||||
cipher AES-256-GCM
|
||||
auth SHA256
|
||||
comp-lzo
|
||||
key-direction 1
|
||||
<ca>
|
||||
[server /etc/openvpn/easy-rsa/pki/ca.crt]
|
||||
</ca>
|
||||
<cert>
|
||||
[server /etc/openvpn/easy-rsa/pki/issued/mediaserver.crt]
|
||||
</cert>
|
||||
<key>
|
||||
[server /etc/openvpn/easy-rsa/pki/private/mediaserver.key]
|
||||
</key>
|
||||
<tls-auth>
|
||||
[server /etc/openvpn/static.key]
|
||||
</tls-auth>
|
||||
```
|
||||
|
||||
Replace the `[server ...]` lines with the contents of that file on the __VPN server__, for example:
|
||||
|
||||
```
|
||||
$ sudo cat /etc/openvpn/easy-rsa/pki/ca.crt
|
||||
---> copy & paste result
|
||||
```
|
||||
|
||||
Also replace `vpn.example.com` with the subdomain you assigned earlier.
|
||||
|
||||
For device clients (like your laptop and phone), create the config file `client.ovpn`:
|
||||
|
||||
<span class="aside">(`redirect-gateway def1` forces traffic over the VPN)</span>
|
||||
|
||||
```
|
||||
client
|
||||
dev tun
|
||||
proto udp
|
||||
remote vpn.example.com 1194
|
||||
redirect-gateway def1
|
||||
resolv-retry infinite
|
||||
nobind
|
||||
persist-key
|
||||
persist-tun
|
||||
remote-cert-tls server
|
||||
cipher AES-256-GCM
|
||||
auth SHA256
|
||||
comp-lzo
|
||||
key-direction 1
|
||||
<ca>
|
||||
[server /etc/openvpn/easy-rsa/pki/ca.crt]
|
||||
</ca>
|
||||
<cert>
|
||||
[server /etc/openvpn/easy-rsa/pki/issued/client.crt]
|
||||
</cert>
|
||||
<key>
|
||||
[server /etc/openvpn/easy-rsa/pki/private/client.key]
|
||||
</key>
|
||||
<tls-auth>
|
||||
[server /etc/openvpn/static.key]
|
||||
</tls-auth>
|
||||
```
|
||||
|
||||
The `client.ovpn` file is ready to be imported into your VPN clients.
|
||||
|
||||
Test your config by running:
|
||||
|
||||
```
|
||||
$ sudo openvpn --config /etc/openvpn/client.conf
|
||||
```
|
||||
|
||||
If you run `ip addr` in another terminal, you should see an entry like this:
|
||||
|
||||
```
|
||||
7: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> stuff
|
||||
link/none
|
||||
inet 10.8.0.100/24 brd 10.8.0.255 scope global tun0
|
||||
valid_lft forever preferred_lft forever
|
||||
inet6 fe80::b2:ed71:6c98:4bc9/64 scope link stable-privacy
|
||||
valid_lft forever preferred_lft forever
|
||||
```
|
||||
|
||||
Try pinging the server:
|
||||
|
||||
```
|
||||
$ ping 10.8.0.1
|
||||
PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data.
|
||||
64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=71.5 ms
|
||||
64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=73.0 ms
|
||||
... etc
|
||||
```
|
||||
|
||||
### systemd
|
||||
|
||||
If it works fine, persist OpenVPN with systemd:
|
||||
|
||||
```
|
||||
$ sudo chown root:root /etc/openvpn/client.conf
|
||||
$ sudo chmod 600 /etc/openvpn/client.conf
|
||||
$ sudo systemctl enable openvpn@client
|
||||
$ sudo systemctl start openvpn@client
|
||||
$ sudo systemctl daemon-reload
|
||||
$ sudo service openvpn restart
|
||||
```
|
||||
|
||||
### Client Apps
|
||||
|
||||
On Android I use "OpenVPN for Android" and on Linux I use the `network-manager-openvpn-gnome` Debian package.
|
||||
|
||||
To add your VPN on Gnome, open VPN settings, import file, and select `client.ovpn`. If the private key is missing, select it from `~/.cert/nm-openvpn/`.
|
||||
|
||||
## Closing Thoughts
|
||||
|
||||
You should now be fine to access your home server from over the internet.
|
||||
|
||||
To forward additional ports, just edit the `/etc/ufw/before.rules` file like above and apply the changes to `ufw`.
|
||||
|
||||
You can now point a domain to your virtual server's IP and use that to connect to your home server. Use a CNAME to make it easy to change later:
|
||||
|
||||
```
|
||||
NAME TYPE VALUE
|
||||
--------------------------------------------------
|
||||
vpn.example.com. A 123.123.123.123
|
||||
myserver.example.com. CNAME vpn.example.com.
|
||||
```
|
||||
|
||||
Finally, make sure any server programs are listening / bound to `10.8.0.100` or `0.0.0.0` so that they can get traffic from that interface.
|
|
@ -1,39 +0,0 @@
|
|||
Title: ChatGPT Peanut Butter Cookies
|
||||
Date: 2023-03-24
|
||||
Category: Writing
|
||||
Summary: A recipe generated by ChatGPT for peanut butter cookies.
|
||||
Image: cookies3.jpg
|
||||
Tags: feed
|
||||
|
||||
<span class="aside">(describe a house fire in the style of a crappy blog post that people put above recipes that tell their life story before getting to the point about how their house burned down) </span>The flames danced around the living room, illuminating the memories that were now nothing more than ash. It was a warm summer evening, and we were all gathered in the backyard, enjoying the company of good friends and family. Little did we know that our lives were about to change forever.
|
||||
|
||||
As we sat there, we heard a loud explosion and turned to see our house engulfed in flames. The fire department arrived quickly, but it was too late. Our home was destroyed, and with it, all of our belongings and cherished memories. It was a devastating loss, but we are grateful to have each other and the support of our community during this difficult time.
|
||||
|
||||
<span class="aside">(conclude it with a segue for a peanut butter cookies recipe) </span>As we rebuild and move forward, we find comfort in the small things, like the smell of fresh-baked peanut butter cookies. Here's a recipe that has been passed down in our family for generations. We hope it brings you the same warmth and comfort it has brought us.
|
||||
|
||||
<span class="aside">(give me a recipe for peanut butter cookies) </span>
|
||||
Ingredients:
|
||||
- 1 cup peanut butter
|
||||
- 1 cup white sugar
|
||||
- 1 egg
|
||||
- 1 teaspoon vanilla extract
|
||||
|
||||
Instructions:
|
||||
1. Preheat oven to 350 degrees F (175 degrees C).
|
||||
2. Combine peanut butter, sugar, egg, and vanilla extract in a bowl.
|
||||
3. Mix until well combined.
|
||||
4. Roll the dough into small balls and place them on a baking sheet.
|
||||
5. Flatten each ball with a fork, making a crisscross pattern on top.
|
||||
6. Bake for 10-12 minutes, or until the edges are lightly browned.
|
||||
7. Remove from oven and allow to cool on the baking sheet for 5 minutes before transferring to a wire rack to cool completely.
|
||||
|
||||
|
||||
![[cookies1.jpg | sugar, one egg, and peanut butter in a metal pot]]
|
||||
|
||||
![[cookies2.jpg | dough after mixing the ingredients together. the colour is light brown and fluffy.]]
|
||||
|
||||
![[cookies3.jpg | twelve raw cookies on a baking sheet with crosshatch patterns made by a fork]]
|
||||
|
||||
![[cookies4.jpg | the finished cookies. crosshatch barely visible.]]
|
||||
|
||||
Human: The cookies turned out not bad. Too sweet, unsurprisingly with all that sugar. I like peanut butter cookies that are chewy, I'll ask for that next time. The mouthfeel is basically peanut butter giving way to grains of sugar.
|
|
@ -1,36 +0,0 @@
|
|||
Title: Fake Dog for Home Security
|
||||
Date: 2022-06-27
|
||||
Category: Creations
|
||||
Summary: Fake dog barking for home security while on vacation.
|
||||
Image: fake-dog.jpg
|
||||
Tags: feed
|
||||
|
||||
I set up a fake dog that barks if my surveillance cameras are triggered while I'm out of town on vacation. It's a pair of computer speakers plugged into a Raspberry Pi, which is an inexpensive single-board computer. One speaker faces the front door and the other faces the side door.
|
||||
|
||||
When the front door camera is triggered my surveillance camera system sends a message to the Raspberry Pi. A simple program plays an audio clip of a big dog barking through the side speaker and then the front speaker. The change in speakers simulates a dog moving towards the front door. The opposite happens if the side door camera is triggered.
|
||||
|
||||
You can find the [source code](https://git.tannercollin.com/tanner/woof) on my Gitea.
|
||||
|
||||
![[fake-dog.jpg | a speaker connected to a circuit board on my hardwood floor]]
|
||||
|
||||
## Technical Details
|
||||
My surveillance cameras sit on a separate network without internet access and their RTSP streams are consumed by the Blue Iris NVR software running on a dedicated Windows box. When an object is detected moving through a defined area for certain cameras, Blue Iris is configured to send an MQTT message to the `iot/cameras` topic via the Mosquitto broker running on my media server.
|
||||
|
||||
A Python script kept alive by Supervisor runs on the Raspberry Pi and listens to the topic using the `asyncio-mqtt` module. It receives and tries to decode a JSON message like `{"serial": "SE-N-ZoneB"}`. If the camera's serial is found in a dict at the top of the script, the corresponding audio file is played using Pygame. Controlling which speaker barks is done by muting the left or right channel in the stereo audio file.
|
||||
|
||||
![[fake-dog2.png | a console log output reporting the camera has activated]]
|
||||
## Future Improvements
|
||||
The dog has a lot of false positives from the cameras being triggered by car headlights or small animals<span class="aside"> (like a real dog)</span>. This isn't a big deal since no one is home to hear it bark and it isn't loud enough for my neighbours to hear (I've asked). I would rather have a false positive than a false negative.
|
||||
|
||||
A huge improvement would be to combine the camera data with a physical trigger. A break beam sensor mounted on stair railings or an accelerometer mounted under the steps would work for this. But it would be annoying to mount, route power to, and harden for harsh Calgary winters. Perhaps the accelerometers are sensitive enough to mount inside, close to the entrances.
|
||||
|
||||
Update: a reader emailed me mentioning that he has a similar set up that's triggered by a HFS-DC06 radar sensor mounted inside his house. This module seems like a good option for me because it can sense through an external wall.
|
||||
|
||||
## Efficacy
|
||||
According to [former burglars](https://news.t0.vc/TRMA), barking dogs and security cameras are some of the best deterrents to home invasions. The dog sounds fake to me, but I know it isn't real. I'm hoping that a rushing burglar won't spend time pondering if the barking is from an elaborate speaker setup and will just move on to a different house.
|
||||
|
||||
I previously caught a prowler who went into my backyard and tested my garage door handle to see if it was locked. He then broke into my neighbour's truck and garage after. He gets to have his face on my website:
|
||||
|
||||
![[fake-dog3.jpg | a would-be burglar testing my garage door handle on the left, a close-up of his face on the right]]
|
||||
|
||||
The extra peace of mind while I'm away is worth the evening it took to set up. It was very easy to make because I reused the code I wrote for [[Protospace]]'s PA system doorbell that you can find on [GitHub](https://github.com/protospace/doorbell). It operates similarly by playing an audio file based on which 433 MHz doorbell is pressed.
|
|
@ -1,24 +0,0 @@
|
|||
Title: Garage Door Opener Hack
|
||||
Date: 2021-12-26
|
||||
Category: Creations
|
||||
Summary: Hacking my garage door opener to work over Wifi.
|
||||
Image: garage3.jpg
|
||||
Tags: feed
|
||||
|
||||
In the quest to automate as much of my house as possible, I thought it would be useful to be able to remotely control my garage door from my home automation system. If I suspected that I forgot to close it while leaving, I could check in my security cameras and then close it from anywhere. It's nice having this peace of mind, even if it almost never happens.
|
||||
|
||||
Instead of reverse engineering the wireless protocol, cracking the encryption, and sending my own commands, I figured it would be much easier to hack the hardware. I pried open a spare remote to find that it contained a basic PCB with simple tactile switches.
|
||||
|
||||
![[garage1.jpg | the six parts of the spare remote on my desk: metal clip, plastic buttons, battery, PCB, and two halves of the case]]
|
||||
|
||||
My plan was to solder an Arduino controlled relay in parallel with the button that toggled the garage door. I would also power the remote from the 3 V pin. I soldered four wires on to the appropriate pins.
|
||||
|
||||
![[garage2.jpg | a closeup of the green PCB with two wires soldered to the battery terminals and two to the button pins]]
|
||||
|
||||
I drilled a hole in the plastic case and routed the wires through it while reassembling the remote. It's connected to an Adafruit ESP8266 Arduino with a relay module shield.
|
||||
|
||||
The Arduino joins my isolated home automation Wifi network and connects over MQTT, a simple messaging protocol, to my automation server. When it receives a command over MQTT it toggles the relay on for a quarter of a second and then off, simulating a button press.
|
||||
|
||||
![[garage3.jpg | the completed system: an arduino with a white relay and wires leading to the reassembled garage door remote]]
|
||||
|
||||
Update: this system has been flawless for two months now. It's worked every time I've tried to toggle the door and has never opened by mistake.
|
|
@ -1,20 +0,0 @@
|
|||
Title: Hand of Ozymandias
|
||||
Date: 2012-03-23
|
||||
Category: Creations
|
||||
Summary: A withered hand I welded out of scrap metal.
|
||||
Image: hand1.jpg
|
||||
Tags: feed
|
||||
|
||||
I was visiting my cousins in Radium, BC and decided to learn stick welding at their shop. I wanted to create a sculpture, so with pieces of scrap metal I welded together this hand. The beads are far from perfect. Working with small pieces of rusted metal made it difficult.
|
||||
|
||||
![[hand1.jpg | a rusted hand welded together out of scrap square stock metal tubing]]
|
||||
|
||||
## The Name
|
||||
|
||||
One of my favourite poems is [Ozymandias](https://en.wikipedia.org/wiki/Ozymandias) by Percy Bysshe Shelley. It's about the inevitable complete decline of all rulers and the empires they build, however mighty in their time. This is the hand of Ozymandias sticking out from the sand, grasping for life after he has been reduced to dust.
|
||||
|
||||
## Construction
|
||||
|
||||
I eyeballed the joint angles and my cousin cut them to spec with an angle grinder. It was made in a machine shop with no real planning done ahead of time. In between welds, I used my own hand as a reference. Below is a picture of me adding a bead to it.
|
||||
|
||||
![[hand2.jpg | me welding the hand causing a very bright white light that washes out the photo]]
|
|
@ -1,40 +0,0 @@
|
|||
Title: Helios Alpha
|
||||
Date: 2024-02-21
|
||||
Category: Notes
|
||||
Summary: Design of my previous Kratky method hydroponics system.
|
||||
Wide: true
|
||||
|
||||
Helios Alpha is a hydroponics system that can grow up to six plants. It's designed around a single 102 L plastic tote. It holds enough water to harvest lettuce once before refilling. After the initial setup, the system can be ignored for weeks.
|
||||
|
||||
![[heliosalpha1.jpg | the hydroponics system from two angles. a black tub with yellow lid, covered in tin foil with six holes for plants. grow lights above suspended by metal shelving.]]
|
||||
|
||||
Here's directions on how you can make your own:
|
||||
|
||||
## Parts
|
||||
- [HDX 102L Stackable Strong Storage Tote Bin](https://www.homedepot.ca/product/hdx-102l-stackable-strong-storage-tote-bin-plastic-organizer-box-black-base-yellow-snap-on-lid/1000706729)
|
||||
- [HDX 36-inch W x 54-inch H x 14-inch D 4-Shelf](https://www.homedepot.ca/product/hdx-36-inch-w-x-54-inch-h-x-14-inch-d-4-shelf-steel-wire-shelving-unit-with-adjustable-shelves-in-chrome/1000790396)
|
||||
- 2 x [TS-1000 Grow Lights](https://www.amazon.ca/s?k=TS-1000+grow+light)
|
||||
- 6 x 3" hydroponic net cups
|
||||
- Medium to large fan
|
||||
- Aluminium foil
|
||||
- Wall outlet timer
|
||||
- Power strip
|
||||
- Zip ties
|
||||
|
||||
### Tools
|
||||
A hole saw drill bit with the same diameter of your net cups is recommended.
|
||||
|
||||
### Assembly
|
||||
Assemble the metal shelf with one shelf at the very top and another only a foot below it as seen in the photo. Only one shelf is used, but two are needed for stability.
|
||||
|
||||
Hang the grow lights with the included hangers off the lower shelf. The height can be adjusted later. Plug the lights into a power strip and secure all cords to the lower shelf.
|
||||
|
||||
Drill six holes in the plastic lid for where you want the plant to go. Bias the holes towards the edges so the plants are more spread out for air flow.
|
||||
|
||||
Cover the lid with two strips aluminium foil to prevent light from passing into the nutrient solution. This prevents [[Algae Growth |algae growth]] which will kill your plants and reflect the light back up to the leaves. Tape the aluminium foil to the lid and then cut holes in it the size of the net cups. Scrunch excess foil down into the hole.
|
||||
|
||||
Insert the six net cups into the six holes. Place the lid back on the tote and position it under the grow lights.
|
||||
|
||||
Point a fan towards where the plants will grow. [[Airflow |Airflow is important]] indoors to enable water transpiration so the leaves don't get mineral deficiencies. Plug the fan in but keep it off until the starters have grown their "true leaves".
|
||||
|
||||
Plug the power strip into the outlet timer and adjust it for 16 hours on, 8 hours off. The specific timing will depend on the plant.
|
|
@ -1,39 +0,0 @@
|
|||
Title: War with Aphids and Mould
|
||||
Date: 2022-07-29
|
||||
Category: Notes
|
||||
Summary: I lost a war against aphids and mould.
|
||||
Wide: true
|
||||
|
||||
[TOC]
|
||||
|
||||
My [[Hydroponics#Home Round 3 | hydroponic strawberries]] suffered from aphid and mould infestations. This took me by surprise because one of the advantages to growing plants hydroponically is that you don't get pests from growing indoors.
|
||||
|
||||
The aphids and mould probably came from the strawberry starters I bought from a plant store. I didn't bother rinsing the leaves when washing away the dirt. If one aphid egg or mould spore was still on the plants after transplanting into my hydroponics system, that would be enough to infect them all.
|
||||
|
||||
Lesson learned: Wash starters thoroughly with soap (including leaves) to prevent aphids or grow from seeds. Don't let plants grow so dense that airflow is blocked.
|
||||
|
||||
## Aphids
|
||||
While maintaining the garden, I noticed small white flecks which I just assumed were somehow part of the plant. I later noticed a sticky substance on some of the leaves which I thought might have been water that got mixed with something. I was in total denial until I turned over a leaf and saw a bunch of aphids crawling around.
|
||||
|
||||
The white flecks turned out to be eggs the aphids were laying. The sticky substance was honeydew, a sugary liquid that aphids secrete.
|
||||
|
||||
![[hydro-war1.jpg | underside of a green leaf in a plastic bag. several dozen aphids can be seen on it.]]
|
||||
|
||||
I bought a bottle of Safer's insecticidal soap to use against them. I have a walk-in shower in the downstairs basement bathroom beside the grow room, so I moved all the plants into there. I then sprayed the leaves as much as I could, top and bottom. I let it drain for a while and then rinsed thoroughly with water.
|
||||
|
||||
![[hydro-war2.jpg | six plants sitting in a tote container lid suspended with their white roots dangling down. all inside a shower.]]
|
||||
|
||||
Three days later I noticed the aphids were still alive. So I bought five more bottles of aphid spray and emptied them into a bucket. I then took each plant out of the system and dunked them in the bucket, covering all leaves and the net cup. I pushed the plants in and out of the bucket forcefully, to make sure all the aphids were flushed off. I then rinsed the plants in the shower thoroughly like before.
|
||||
|
||||
![[hydro-war3.jpg | a strawberry plant being submerged in a white bucket of aphid spray. its roots are dangling off the side of the bucket.]]
|
||||
|
||||
Three days later I did this all over again, just to make sure they were gone. This seemed to work but I noticed the aphids returned a couple months later. It was one of the reasons I decided to end this round of growth experiment.
|
||||
|
||||
## Mould
|
||||
A few weeks after the aphid dunking I noticed some kind of mould or powdery mildew on the strawberry crowns, right in the centre of the plants.
|
||||
|
||||
![[hydro-war4.jpg | up close view of a strawberry plant crown covered in fuzzy grey mould spores]]
|
||||
|
||||
I assumed this was because I let the plants' leaves get too dense and they were blocking airflow to the crown. The airstone bubbles air into the water reservoir and the only place the humid air can escape is through the net cups and strawberry crown.
|
||||
|
||||
I rinsed all the plants off like I did with the aphids and set up an extra fan to try and increase airflow. This worked well for a couple months until I noticed it had returned and started making the plants unhealthy. This was the other reason I decided to end the experiment.
|
|
@ -1,49 +0,0 @@
|
|||
Title: Grow Log, Home: Round 1
|
||||
Date: 2022-07-29
|
||||
Category: Notes
|
||||
Summary: Grow log for my home hydroponics setup, round 1.
|
||||
Wide: true
|
||||
|
||||
2022-02-21: Started germinating
|
||||
2022-02-24: First noticed sprouts
|
||||
2022-02-26: All sprouts are through except spinach
|
||||
2022-02-27: Put grow light on top of dome set to minimum
|
||||
2022-03-02: Checked inside. cress's roots have reached the tray below. accidentally squished front lettuces while trying to put it back. sprayed more nutrient solution on mineral wool. probably could have transplanted already. turned light off before bed, opened blinds.
|
||||
2022-03-03: Plants look very sad. connor suggested more light. put light on max and went for coffee. light ended up cooking the plants.
|
||||
2022-03-04: Plants look worse. Terminated.
|
||||
|
||||
## Germination
|
||||
- index is top left in tray
|
||||
- rinsed all equipment with water
|
||||
- shake plant food
|
||||
- 1 L growth solution prepared
|
||||
- 1.3 mL plant food
|
||||
- 0.4 mL pH Down for 5.8 pH
|
||||
- 12 mineral wool cubes each soaked for 10 seconds
|
||||
- three seeds of each, except two of Spinach because they are large
|
||||
- hole was opened with a broken toothpick
|
||||
- seeds tamped down the hole with the toothpick
|
||||
- 1 cm of fresh water added to the bottom of the tray
|
||||
- remaining solution was strained and put in spray bottle
|
||||
|
||||
### Result
|
||||
(columns left to right)
|
||||
|
||||
- iceberg lettuce LT541
|
||||
- 2 cm root below mineral wool
|
||||
- same
|
||||
- arugula MS483
|
||||
- 7x 2 cm roots
|
||||
- 10 roots, 1x 10 cm
|
||||
- romaine lettuce LT470
|
||||
- 3x 1.5 cm roots
|
||||
- 4 roots, 1x 6 cm
|
||||
- cress MS495
|
||||
- 2x 12 cm roots
|
||||
- 5 roots, 1x 12 cm
|
||||
- butterhead lettuce LT458
|
||||
- 2 cm, 5 cm, 8 cm roots
|
||||
- 4 cm, 2 cm roots
|
||||
- spinach SP705
|
||||
- never germinated
|
||||
- never germinated
|
|
@ -1,68 +0,0 @@
|
|||
Title: Grow Log, Home: Round 2
|
||||
Date: 2022-07-29
|
||||
Category: Notes
|
||||
Summary: Grow log for my home hydroponics setup, round 2.
|
||||
Wide: true
|
||||
|
||||
2022-03-05: Started germinating
|
||||
2022-03-07: Just barely noticed germination
|
||||
2022-03-08: Noticed all leaves except spinach again
|
||||
2022-03-10: Transplanted into tote
|
||||
2022-03-12: measured pH: 6.0
|
||||
2022-03-20: thinned out weak plants
|
||||
2022-03-25: lettuces have no roots below net pot. others have lots of roots in the water. some leaves have a weird film on them, some have white stuff.
|
||||
2022-03-28: Three lettuces wool dry on top. No roots below net cup. Roots are growing a bit out the sides. Dropped wool to bottom of net cups, topped water up to 1 cm above bottom of net cup. This might harm the other plants? The lettuce roots grew through a lot of the clay balls but not enough to reach the water.
|
||||
- I assumed the clay balls would wick up enough water that it wouldn't matter.
|
||||
2022-03-30: EC measured 1.1. trimmed oldest leaves, lettuce roots now good in water
|
||||
2022-04-01: pH measured 6.7. brown tips on lettuce.
|
||||
2022-04-06: Harvested first salad, arugula and cress taste horrible like paint thinner. Lettuce was good.
|
||||
2022-04-14: Terminated.
|
||||
|
||||
|
||||
## Germination
|
||||
- index is top left in tray
|
||||
- rinsed all equipment with water
|
||||
- 1 L growth solution prepared
|
||||
- 1 L tap water
|
||||
- 1.3 mL plant food
|
||||
- 0.5 mL pH Down for 5.5 pH
|
||||
- forgot to shake plant food
|
||||
- 12 mineral wool cubes each soaked for 10 seconds
|
||||
- three seeds of each, except five for arugula and cress in X pattern
|
||||
- hole was opened with a broken toothpick
|
||||
- seeds tamped down the hole with the toothpick
|
||||
- remaining solution added to the bottom of the tray
|
||||
|
||||
### Result
|
||||
(columns left to right)
|
||||
|
||||
- iceberg lettuce LT541
|
||||
- arugula MS483
|
||||
- romaine lettuce LT470
|
||||
- cress MS495
|
||||
- butterhead lettuce LT458
|
||||
- spinach SP705
|
||||
|
||||
|
||||
## Growth
|
||||
- used 102 L HDX tough totes
|
||||
- sides bow out quite a bit, try duct taping
|
||||
- 100 L growth solution prepared
|
||||
- 100 L tap water (estimated)
|
||||
- 117 mL plant food (needs more?)
|
||||
- 10 mL pH down to 6.0
|
||||
- cut six holes into Foamular
|
||||
- transplanted sprouts into net cups
|
||||
- layer of clay balls under and around sides of starter plug
|
||||
- filled tote pretty much to brim
|
||||
- tote sides bowed out quite a bit. maybe it's 110-120 L full of water?
|
||||
|
||||
### Layout:
|
||||
(reading order)
|
||||
|
||||
- iceberg lettuce LT541
|
||||
- romaine lettuce LT470
|
||||
- butterhead lettuce LT458
|
||||
- arugula MS483
|
||||
- cress MS495
|
||||
- arugula MS483
|
|
@ -1,53 +0,0 @@
|
|||
Title: Grow Log, Home: Round 3
|
||||
Date: 2022-07-29
|
||||
Category: Notes
|
||||
Summary: Grow log for my home hydroponics setup, round 3.
|
||||
Wide: true
|
||||
|
||||
2022-04-14: Planted strawberry starters.
|
||||
2022-04-21: Observed fresh white roots shooting out horizontally.
|
||||
2022-04-23: Cut flower buds off BCDEF.
|
||||
2022-04-24: Measured EC at 1.2 and pH at 6.8. Added 20 mL of pH down.
|
||||
2022-04-25: Measured pH at 6.2.
|
||||
2022-04-28: Cut a bud off of E.
|
||||
2022-05-01: Cut buds off BCDF.
|
||||
- too many buds, no longer tracking
|
||||
2022-05-05: Noticed some young leaves are brownish. Turned grow lights down to 50%.
|
||||
2022-05-22: Noticed sticky leaves and white flecks. There's tons of aphids.
|
||||
2022-05-24: Sprayed all plants liberally with aphid spray and rinsed off after.
|
||||
2022-05-27: Noticed aphids are still alive. Ordered more spray.
|
||||
2022-06-01: Dunked plants in aphid spray, rinsed off with water.
|
||||
2022-06-04: Dunked plants in aphid spray again, dunked in freshwater, transferred plants back. Measured pH at 4.0. Added more water to bring it up to 5.6. EC at 0.8
|
||||
2022-06-19: Swapped nutes for General Hydroponics. (2nd preparation below)
|
||||
2022-06-20: Noticed some sort of powdery mildew at base of leaves on a couple plants. Rinsed all with water and removed dead leaves.
|
||||
2022-06-??: Started hand-pollinating with a q-tip. Breaks cotton up.
|
||||
2022-07-05: Measured pH at 4.4, EC at 2.1. Added 5 gal water to bring it up to pH 5.5, EC at 1.4. Tons of flowers, pollinated with small brush.
|
||||
2022-07-19: Measured ph at 3.8, EC at 1.8. Added 5 gal water. Measure later.
|
||||
2022-07-20: Ate first strawberry. It was delicious.
|
||||
2022-07-23: Way too much mould, aphids, and dead leaves. Terminated.
|
||||
|
||||
## Preparation
|
||||
- boiled clay balls to sterilize
|
||||
- rinsed dirt off 6 strawberry starters
|
||||
- three normal
|
||||
- two pulled thick roots out and broke away rest
|
||||
- one washed with Method hand soap
|
||||
- 90 L-ish growth solution prepared
|
||||
- up to bottom of net cups
|
||||
- 100 ml plant food to 1.2 EC from 0.3 EC tap water
|
||||
- 20 ml pH down to 6.0 pH from 6.5 pH with food
|
||||
- holes cut in net cups, roots thread through
|
||||
- remaining space filled with clay balls
|
||||
- tote lid covered with aluminum foil
|
||||
- air stone added to one side
|
||||
- 16 hours of light
|
||||
|
||||
## 2nd Preparation
|
||||
- drained tote with 5 gal buckets, washed out with water
|
||||
- transferred 20 gal with 4 x 5 gal bucket trips
|
||||
- measured plain water EC at 0.2
|
||||
- added 132 mL Bloom, 94 mL Micro, 94 mL Gro
|
||||
- measured 1.7 EC, 6.5 pH
|
||||
- difference of 1.5 EC
|
||||
- added 15 mL pH down to 6.2 pH
|
||||
- ** stole 5 gal for Protospace
|
|
@ -1,63 +0,0 @@
|
|||
Title: Hydroponics
|
||||
Date: 2022-07-29
|
||||
Category: Writing
|
||||
Summary: My experiments growing food with hydroponics.
|
||||
Wide: true
|
||||
Tags: feed
|
||||
|
||||
[TOC]
|
||||
|
||||
Hydroponics is a method of growing plants without soil by delivering nutrients via water. In theory, it offers many advantages over soil: no dirt, no weeding or pests<span class="aside"> (therefore no herbicides or pesticides)</span>, no mould, no root rot, year-round growing indoors, less space required, 90% less water usage, and 30-50% faster growth. Downsides include electricity consumption if using grow lights or water pumps and the need to hand-pollinate flowers from the lack of bees.
|
||||
|
||||
## Home Experiments
|
||||
I'll outline my hydroponics experiments here, describing what I tried, what worked, what didn't, and lessons I learned. I have a small storage room in my basement that I use for my [[Secret Garden]]. It's about 5' x 10' large with unpainted drywall and a concrete floor.
|
||||
|
||||
### Home: Round 1
|
||||
Started: 2022-02-21, ended: 2022-03-04.
|
||||
|
||||
[[Hydroponics Log 1 | Grow Log]]
|
||||
|
||||
I tried germinating iceberg lettuce, romaine lettuce, butterhead lettuce, arugula, cress, and spinach seeds inside a germination dome. I used rockwool starter plugs soaked in growth solution. Everything except spinach sprouted. I placed a grow light on top of the dome set to minimum. Apparently this wasn't enough light since the sprouts got really leggy so I blasted them with light instead. An hour later they got soft and fell over from their own weight. I decided to restart.
|
||||
|
||||
Lessons learned: what leggy sprouts look like and to use enough light.
|
||||
|
||||
![[hydroponics1.jpg | twelve rockwool starter cubes with thin, leggy seedlings in a mess]]
|
||||
|
||||
### Home: Round 2
|
||||
Started: 2022-03-05, ended: 2022-04-14.
|
||||
|
||||
[[Hydroponics Log 2 | Grow Log]]
|
||||
|
||||
I tried germinating the same seeds as last time but with more light. Everything except spinach sprouted again and I transplanted them to a large tote. They sat in net cups put into 4" holes drilled into pink hard foam insulation called Foamular. Arugula and cress grew roots much faster than the lettuces and drank the water level down below the rockwool. This caused the lettuces to dry out, stunting their growth, making the problem worse. Everything eventually grew and I was able to harvest a salad that tasted bad. I ended the experiment because the lettuces were so stunted.
|
||||
|
||||
Lessons learned:
|
||||
|
||||
- Make sure all the roots make it into the water.
|
||||
- Start cress and arugula later, they grow fast.
|
||||
- Don't rely on clay balls to wick water up to the rockwool (it won't).
|
||||
- Don't bother germinating in a dome, just do it straight from the net cups.
|
||||
- Don't use Foamular to hold the net cups. It requires a higher water level, doesn't index for time-lapse photography, and drops pink foam bits into the water.
|
||||
|
||||
<span class="aside">(Top: lettuces, bottom: arugula, cress, arugula)</span>
|
||||
|
||||
![[hydroponics2.jpg | six plants sitting in holes cut out of pink foam board]]
|
||||
|
||||
### Home: Round 3
|
||||
Started: 2022-04-14, ended: 2022-07-23.
|
||||
|
||||
[[Hydroponics Log 3 | Grow Log]]
|
||||
|
||||
I bought six strawberry starters and rinsed all the dirt off of the roots. Things were going well until I noticed they were covered in aphids. I sprayed them with aphid spray but it wasn't enough, so I went to [[Hydroponics Aphid War | war with aphids]]. I ordered five bottles of aphid spray, drained it into a bucket, and dunked each plant. I let the plants grow too big (by pruning buds) and the leaves started blocking airflow to the crowns. The crowns became humid and started growing mould which I had to rinse off. I used a small paintbrush to pollinate the flowers by hand. After returning from vacation, one strawberry was ripe for me to eat. But the aphids and mould had returned so I ended the experiment.
|
||||
|
||||
Lessons learned:
|
||||
|
||||
- You can be fairly rough when washing dirt off of starters' roots.
|
||||
- You can get pests in hydroponics if you aren't careful.
|
||||
- Wash starters thoroughly with soap (including leaves) to prevent aphids or grow from seeds.
|
||||
- Boil all equipment before using it to sanitize.
|
||||
- Don't let plants grow so much that the leaves block airflow.
|
||||
- Wash hands before hydro gardening.
|
||||
- Hand-pollinating flowers is tedious.
|
||||
- Strawberries drop tons of pedals all over the floor.
|
||||
|
||||
![[hydroponics3.jpg | six strawberry plants with crazy dark green leaves creating a thick bush. there are pink flowers on top under two grow lights.]]
|
|
@ -1,61 +0,0 @@
|
|||
Title: Japan Photography
|
||||
Date: 2023-10-19
|
||||
Category: Writing
|
||||
Summary: Photos from my trip to Japan.
|
||||
Image: japan06lo.jpg
|
||||
Nofilter: true
|
||||
Tags: feed
|
||||
|
||||
All photos are unmodified (not even cropped) and taken with a Pixel 6a.
|
||||
|
||||
Click each photo for the full resolution.
|
||||
|
||||
Former Yasuda Garden, Tokyo:
|
||||
|
||||
<a href="/media/japan01hi.jpg">![[japan01lo.jpg | a bridge crosses over greenish water with vibrant trees in the background]]</a>
|
||||
|
||||
Shinjuku Gyoen National Garden, Tokyo:
|
||||
|
||||
<a href="/media/japan02hi.jpg">![[japan02lo.jpg | a tree trunk splits into a Y with ivy growing on one side]]</a>
|
||||
|
||||
Downtown Shinjuku, Tokyo:
|
||||
|
||||
<a href="/media/japan03hi.jpg">![[japan03lo.jpg | clean skyscrapers. the centre one resembles a game console.]]</a>
|
||||
|
||||
Shinjuku Golden Gai, Tokyo:
|
||||
|
||||
<a href="/media/japan04hi.jpg">![[japan04lo.jpg | a street wet from rain with bars on both sides. bar signs light up the pavement.]]</a>
|
||||
|
||||
Bamboo Forest, Kyoto:
|
||||
|
||||
<a href="/media/japan05hi.jpg">![[japan05lo.jpg | tall bamboo trees with leaves at the very top, letting some light in]]</a>
|
||||
|
||||
Giōji Temple, Kyoto:
|
||||
|
||||
<a href="/media/japan06hi.jpg">![[japan06lo.jpg | four trees with dark bark stand out against a vibrant green moss background]]</a>
|
||||
|
||||
Gohodo Benzaiten, Kyoto:
|
||||
|
||||
<a href="/media/japan07hi.jpg">![[japan07lo.jpg | a shrine is surrounded by trees, like they are consuming it in foliage]]</a>
|
||||
|
||||
Train to Hofu, Yamaguchi:
|
||||
|
||||
<a href="/media/japan08hi.jpg">![[japan08lo.jpg | train tracks taken out the front window of a train. power lines on each side.]]</a>
|
||||
|
||||
Ozu Island military tunnel, Yamaguchi:
|
||||
|
||||
<a href="/media/japan09hi.jpg">![[japan09lo.jpg | an ocean bay photo from inside a tunnel]]</a>
|
||||
|
||||
Ozu Island from the ferry:
|
||||
|
||||
<a href="/media/japan10hi.jpg">![[japan10lo.jpg | contrasting mountains in the background and a boat's wake in the foreground]]</a>
|
||||
|
||||
Gifu countryside:
|
||||
|
||||
<a href="/media/japan11hi.jpg">![[japan11lo.jpg | two hills covered in trees are reflected in the still water at the bottom]]</a>
|
||||
|
||||
Ueno, Tokyo:
|
||||
|
||||
<a href="/media/japan12hi.jpg">![[japan12lo.jpg | a restaurant under a train track. several people fill the adjacent street.]]</a>
|
||||
|
||||
All photos are released into the public domain / CC0 licensed.
|
|
@ -1,25 +0,0 @@
|
|||
Title: LED Dress
|
||||
Date: 2016-03-18
|
||||
Category: Creations
|
||||
Summary: A dress made out of LEDs that twinkle like stars.
|
||||
Image: dress1.jpg
|
||||
Tags: feed
|
||||
|
||||
A friend of mine was attending a stars and constellations themed ball. She wanted to wear a dress that was lit up with LEDs acting as twinkling stars. Seven of the 28 stars are aligned to resemble the Big Dipper constellation and twinkle differently than the rest, which twinkle in a random pattern.
|
||||
|
||||
![[dress1.jpg | a girl wearing a blue dress with a number of LEDs shining through the fabric]]
|
||||
|
||||
## Construction
|
||||
|
||||
The LEDs came from that strip that was cut up and soldered together with very small wires. Each of the LEDs can be controlled individually.
|
||||
|
||||
![[dress2.jpg | the controller circuit board, and the string of soldered together LEDs]]
|
||||
|
||||
Twenty-one of the stars are light magenta in color and twinkle by fading randomly. The seven LEDs that form the Big Dipper continually scroll through a gradient of three colors. Instead of calculating the values of each color in the gradient as the program runs, a lookup table is used.
|
||||
|
||||
<video autoplay="true" muted="true" loop="true" style="display:block; margin: 0 auto;">
|
||||
<source src="{static}/media/dress3.mp4" type="video/mp4">
|
||||
Your browser does not support the video tag.
|
||||
</video>
|
||||
|
||||
A video of the dress is above. Right click -> Play if needed.
|
|
@ -1,24 +0,0 @@
|
|||
Title: Remote Control Light Switch
|
||||
Date: 2014-10-09
|
||||
Category: Creations
|
||||
Summary: A device to toggle my lights remotely.
|
||||
Image: light1.jpg
|
||||
Tags: feed
|
||||
|
||||
I wanted the ability to toggle my bedroom light remotely for convenience. I designed a circuit that allows me to control my light with any device that can load a webpage.
|
||||
|
||||
I still wanted to be able to control the light manually, so I bought a metallic face-plate and turned it into a capacitive touch sensor. The slightest touch anywhere on the plate is enough to toggle the light. I had to electrically isolate the metal screws from it because they screw into a grounded switch box.
|
||||
|
||||
![[light1.jpg | my custom light switch, a Raspberry Pi computer, and an old iPhone]]
|
||||
|
||||
## Function
|
||||
|
||||
I have a Raspberry Pi ($35 computer) on my home network that runs a web server. When you connect to it in your web browser, a page loads with buttons to turn the light on or off. When you press a button, the server executes a command that sends a message over Bluetooth to the light switch. The Bluetooth module in the wall receives this message and forwards it to the microcontroller, which processes it and toggles the relay. The whole circuit is also powered from mains by an AC-DC converter.
|
||||
|
||||
This entire process happens quicker than half a second, so it feels instant.
|
||||
|
||||
![[light2.jpg | the front side which has several electrical components]]
|
||||
|
||||
<span class="aside">(Black stuff's liquid electrical tape)</span>
|
||||
|
||||
![[light3.jpg | the back side which has wires soldered to connect all the components]]
|
|
@ -1,74 +0,0 @@
|
|||
Title: Choosing a Linux Flavour
|
||||
Date: 2020-10-31
|
||||
Category: Writing
|
||||
Summary: A recommendation on which flavour of Linux to run.
|
||||
Wide: true
|
||||
Tags: feed
|
||||
|
||||
[TOC]
|
||||
|
||||
People often ask me which flavour of Linux they should install. In summary, choose Ubuntu if it's your first time. Once you are comfortable, install Debian the next time you need to install Linux.
|
||||
|
||||
I run Debian on my computers and servers.
|
||||
|
||||
## Linux Distributions
|
||||
|
||||
<span class="aside">(Interjection: it's technically called GNU/Linux)</span>
|
||||
|
||||
When people refer to the "flavour of Linux" they are talking about a Linux distribution (distro). It mostly describes what software is distributed in its software repository.
|
||||
|
||||
"A typical Linux distribution comprises a Linux kernel, GNU tools and libraries, additional software, documentation, a window system, a window manager, and a desktop environment." [Wikipedia]
|
||||
|
||||
The major Linux distros are practically all the same. If you master one it's easy to pick up the others. The main differences you'll run into are which tools you use to install new software, and the desktop environment, which is what all the windows and buttons look like.
|
||||
|
||||
I recommend two Linux distros, Debian and Ubuntu. Ubuntu is based off of Debian, so they are very similar.
|
||||
|
||||
## Pros of Debian
|
||||
|
||||
Debian is one of the oldest distros and many other distros are based off it. You can see a timeline visualization of all its derivatives here:
|
||||
|
||||
<https://upload.wikimedia.org/wikipedia/commons/1/1b/Linux_Distribution_Timeline.svg>
|
||||
|
||||
This image is what originally convinced me to use Debian. Scroll down until you see it and zoom out so you grasp how many derivatives it has.
|
||||
|
||||
Debian is also non-commercial and requires that all software in its main repository is free and open source. This is important because that grants you the right to study, change, and distribute the software and source code to anyone and for any purpose. They also follow a strong social contract you can see here:
|
||||
|
||||
<https://www.debian.org/social_contract>
|
||||
|
||||
It's also a very stable Linux distro since they freeze all software features on each release. This makes it great for servers because nothing will break when it updates.
|
||||
|
||||
The main Raspberry Pi distro is nearly identical to Debian, so you'll also gain familiarity with it.
|
||||
|
||||
## Cons of Debian
|
||||
|
||||
Since Debian requires all its software to be free and open source, proprietary hardware drivers aren't included in its main repo. This can make installing Debian difficult if your hardware requires proprietary drivers. You'll need to use an installation image found here:
|
||||
|
||||
<https://cdimage.debian.org/cdimage/unofficial/non-free/cd-including-firmware/>
|
||||
|
||||
The fact that Debian freezes software features can also mean that your software gets old until the next Debian release. If you want versions that are bleeding edge, you'll need to use Debian Unstable as described here:
|
||||
|
||||
<https://wiki.debian.org/DebianUnstable#Installation>
|
||||
|
||||
Don't be fooled by the name "unstable". I use it for my personal computers and it runs fine.
|
||||
|
||||
## Pros of Ubuntu
|
||||
|
||||
Ubuntu is incredibly easy to install. You can also try it out before deciding to install it. The distro pretty much just works on what ever hardware you have.
|
||||
|
||||
It's very beginner friendly because it's so popular. Any problem you search for will reveal dozens of threads with people solving the same problem.
|
||||
|
||||
## Cons of Ubuntu
|
||||
|
||||
Unfortunately Ubuntu is developed by a commercial company, Canonical. The company's interests come first, before the users' and they have a track record of betraying their users' trust and privacy.
|
||||
|
||||
Years ago Ubuntu had a feature enabled by default that would send your desktop searches to Amazon so they could suggest products for you to buy:
|
||||
|
||||
<https://www.pcworld.com/article/2840401/ubuntus-unity-8-desktop-removes-the-amazon-search-spyware.html>
|
||||
|
||||
Currently whenever you remote login to your Ubuntu machine, it phones home to Canonical and they collect info about your system:
|
||||
|
||||
<https://ubuntu.com/legal/motd>
|
||||
|
||||
While these reasons are fairly minor, they are quite frowned upon in the Linux community and are reason enough to switch to Debian once you are comfortable with using Linux.
|
||||
|
||||
[Wikipedia]: https://en.wikipedia.org/wiki/Linux_distribution
|
|
@ -1,66 +0,0 @@
|
|||
Title: Makerspace Tours
|
||||
Date: 2024-07-18
|
||||
Category: Writing
|
||||
Summary: A collection of makerspaces I've toured.
|
||||
Tags: feed
|
||||
|
||||
When I travel I often try to tour Makerspaces and then share what I've learned with the one that I'm a part of, [[Protospace]]. Below you'll find links to the posts I've made on our forums about the makerspaces I've visited.
|
||||
|
||||
I'm interested in learning about:
|
||||
|
||||
- the space's history, policies, and procedures
|
||||
- how are they documented / communicated to new members
|
||||
- membership demographics
|
||||
- how to join
|
||||
- how decisions are made and conflicts resolved
|
||||
- how toxic members are dealt with
|
||||
|
||||
## Italy
|
||||
|
||||
November 2024: [LOFOIO Makerspace in Florence](https://forum.protospace.ca/t/lofoio-makerspace-in-florence/7956)
|
||||
|
||||
## Japan
|
||||
|
||||
September 2023: [Take Space in Hamamatsu](https://forum.protospace.ca/t/take-space-in-hamamatsu/4800)
|
||||
|
||||
September 2023: [Tokyo Hackerspace Tour](https://forum.protospace.ca/t/tokyo-hackerspace-tour/4769)
|
||||
|
||||
## Spain
|
||||
|
||||
December 2022: [Benimakers Makerspace in Valencia](https://forum.protospace.ca/t/benimakers-makerspace-in-valencia/3100)
|
||||
|
||||
November 2022: [Makespace Madrid Tour](https://forum.protospace.ca/t/makespace-madrid-tour/3084)
|
||||
|
||||
November 2022: [Fab Lab tour in Seville](https://forum.protospace.ca/t/fab-lab-tour-in-seville/3067)
|
||||
|
||||
## Portugal
|
||||
|
||||
November 2022: [Fab Farm Makerspace in Algarve](https://forum.protospace.ca/t/fab-farm-makerspace-in-algarve/3024)
|
||||
|
||||
November 2022: [Fab Lab Makerspace in Lisbon](https://forum.protospace.ca/t/fab-lab-makerspace-in-lisbon/2970)
|
||||
|
||||
November 2022: [MILL Creative Space in Lisbon](https://forum.protospace.ca/t/mill-creative-space-in-lisbon/2964)
|
||||
|
||||
## United States
|
||||
|
||||
February 2023: [SYN Shop Makerspace Las Vegas](https://forum.protospace.ca/t/syn-shop-makerspace-las-vegas/3508)
|
||||
|
||||
## Canada
|
||||
|
||||
September 2024: [Makerspace Nanaimo](https://forum.protospace.ca/t/makerspace-nanaimo-tour/7576)
|
||||
|
||||
October 2022: [Makerspace Tour in Turner Valley](https://forum.protospace.ca/t/makerspace-tour-in-turner-valley/2795)
|
||||
|
||||
June 2022: [Makerspace in Prince George, BC](https://forum.protospace.ca/t/makerspace-in-prince-george-bc/2112)
|
||||
|
||||
## Honorable Mentions
|
||||
|
||||
Makerspaces I've visited, but didn't do a write-up tour for:
|
||||
|
||||
- Protospace in Calgary
|
||||
- Archloft in Calgary
|
||||
- Fuse33 in Calgary
|
||||
- Fab Lab Barcelona
|
||||
- FabCafe Barcelona
|
||||
- TMDC Barcelona
|
||||
- C2 Space Kyoto
|
|
@ -1,22 +0,0 @@
|
|||
Title: Notica
|
||||
Date: 2022-05-17
|
||||
Category: Projects
|
||||
Summary: Send browser notifications from your terminal. No installation. No registration.
|
||||
Image: notica1.jpg
|
||||
Tags: feed
|
||||
|
||||
[Notica](https://notica.us) allows you to send browser notifications from your terminal to know when a slow command has finished running. It doesn't require installing anything or registering an account. It also works over ssh unlike `notify-send`.
|
||||
|
||||
You can find the [source code](https://github.com/tannercollin/Notica) on Github.
|
||||
|
||||
![[notica1.png]]
|
||||
|
||||
I do most of my work on remote servers over ssh. When running a slow command (like `apt install`) I'll distract myself by browsing sites like my other project [[QotNews]]. The command will finish running, but I'll still be wasting time reading news articles. Notica helps me stay on track by alerting me when the command finishes.
|
||||
|
||||
Example uses of Notica would be:
|
||||
|
||||
```
|
||||
$ sudo apt install freecad ; notica finished installing
|
||||
|
||||
$ rsync -av backup/ myserver:/mnt/backup/ ; notica done backup
|
||||
```
|
|
@ -1,31 +0,0 @@
|
|||
Title: Man's Reach Exceeds His Grasp
|
||||
Date: 2012-04-11
|
||||
Category: Creations
|
||||
Summary: My first attempt at painting with acrylic.
|
||||
Image: painting1.jpg
|
||||
Tags: feed
|
||||
|
||||
The painting is called “Man’s Reach Exceeds His Grasp”. I've always wanted to try painting and thought I had a good idea, so after a couple of drawings I attempted to paint it. I eventually got it framed at Michaels. Many thanks to my friend Laura for the opportunity to do this, I couldn't have done it without her help.
|
||||
|
||||
![[painting1.jpg | a painting of water pouring out of a vase and into a hand, then turning to sand]]
|
||||
|
||||
## The Meaning
|
||||
|
||||
It’s hard to see in the photo, but the moment the water touches his hand it turns into sand and is taken by the slight breeze. The title is a quote from Andrea del Sarto, a poem by Robert Browning. It is also said by Nikola Tesla’s character in my favourite movie, [The Prestige](https://www.imdb.com/title/tt0482571/).
|
||||
|
||||
“I, painting from myself and to myself,
|
||||
Know what I do, am unmoved by men’s blame
|
||||
Or their praise either. Somebody remarks
|
||||
Morello's outline there is wrongly traced,
|
||||
His hue mistaken; what of that? or else,
|
||||
Rightly traced and well ordered; what of that?
|
||||
Speak as they please, what does the mountain care?
|
||||
Ah, but a man’s reach should exceed his grasp,
|
||||
Or what’s a heaven for?”
|
||||
– Robert Browning from *Andrea del Sarto*
|
||||
|
||||
## Creation
|
||||
|
||||
I started with the background, trying to make it blurry and out of focus, then slowly progressed to the foreground. The hands were drawn in pencil and painted in. It was quite difficult to get the blending and shadows perfect, but I had Laura to tell me when things didn't look right. Below I am trying to figure out what a hand looks like in a mirror.
|
||||
|
||||
![[painting2.jpg | me looking at my own hand in the mirror as a guide]]
|
|
@ -1,30 +0,0 @@
|
|||
Title: Automatic Plant Waterer
|
||||
Date: 2014-06-05
|
||||
Category: Creations
|
||||
Summary: A device that automatically waters plants.
|
||||
Image: waterer2.jpg
|
||||
Tags: feed
|
||||
|
||||
One day I decided watering my one plant was too much work, so I automated it. It's also great for when I'm on vacation. The plant is a year old now and doesn't look as good as it used to (kinda like you). So this machine is like its life support.
|
||||
|
||||
<span class="aside">(Update: this plant died long ago)</span>
|
||||
|
||||
![[waterer1.jpg | the device and pump on a 2L pop bottle with a tube running to a flowerpot]]
|
||||
|
||||
## First Attempt
|
||||
|
||||
The design was very simple and soldered together on perf board. A microcontroller turns the pump on for 20 seconds, then waits 24 hours and restarts. The pump ran way too fast so it was slowed down to 10% power.
|
||||
|
||||
This design suffered from a fatal problem. After running, there was a chance that the tube would stay full of fluid. If the water level in the pop bottle was too high, it could siphon out. I woke up with a flower pot overflowing with water a couple of times.
|
||||
|
||||
![[waterer2.jpg | a new version feeding into a different plant]]
|
||||
|
||||
## Second Attempt
|
||||
|
||||
I liked the idea so much that I made a second iteration. This one used a custom printed circuit board with a lot more features. The pumping duration could be adjusted with a screwdriver. This was useful as the plant (now a [Ming aralia](https://en.wikipedia.org/wiki/Polyscias_fruticosa)) grew.
|
||||
|
||||
Another feature was the ability to run the pump backwards. This completely eliminated the siphoning problem from before. After pumping for a set duration, it would run backwards until the tube was cleared of water.
|
||||
|
||||
<span class="aside">(Also dead)</span>
|
||||
|
||||
![[waterer3.jpg | the new version beside a big Ming aralia plant with bushy drooping leaves and skinny stems]]
|
|
@ -1,56 +0,0 @@
|
|||
Title: Protospace
|
||||
Date: 2022-05-01
|
||||
Category: Writing
|
||||
Summary: An outline of my projects at Calgary's makerspace Protospace.
|
||||
Image: protospace1.jpg
|
||||
Wide: true
|
||||
Tags: feed
|
||||
|
||||
[Protospace](https://protospace.ca) is Calgary's original makerspace, a place where people go to make things and work on projects. It's a two-bay industrial shop with a full wood working area, metal working area, electronics lab, two laser cutters, five 3D printers, and sewing room. Members pay $55/month for 24/7 access to the facility and everyone is equal: Protospace has no owners and decisions are made by the membership.
|
||||
|
||||
![[protospace1.jpg | both Protospace bays, metal on the left and wood on the right]]
|
||||
|
||||
## Do-ocracy
|
||||
|
||||
The driving principle behind Protospace's success is do-ocracy. If you want to make a change and it would take fewer than four hours to revert, go ahead and do it. Under a do-ocracy people are encouraged to be bold and improve the space however they want. Larger changes and disagreements are decided at the next monthly members' meeting.
|
||||
|
||||
Under this system, I've created several projects in order to make Protospace a better place. I'll outline them here:
|
||||
|
||||
### Spaceport
|
||||
|
||||
[[Spaceport]] is our member portal and my main project at Protospace. It tracks memberships, transactions, courses, class attendance, access cards, and statistics about Protospace and its members.
|
||||
|
||||
It's free and open-source software. Everyone has the right to study, change, and distribute the software and source code to anyone and for any purpose. Here's a screenshot of the home page:
|
||||
|
||||
![[spaceport1.png | a screenshot of the homepage of Spaceport]]
|
||||
|
||||
### Garden
|
||||
|
||||
I set up a simple hydroponics garden in a broken medical lung testing chamber that someone donated to us. Some members have a hard time turning down free junk, and it sat upstairs for about a month in the classroom filled with lung testing equipment. I eventually got tired of looking at it so one night I gutted it and threw out all the internals.
|
||||
|
||||
A picture of the garden is taken every 5 minutes and uploaded to Spaceport. I'll eventually make a time lapse of the vegetable growth and plot a graph of the internal air temperature.
|
||||
|
||||
![[protospace-garden.jpg | a side-by-side photo of a cucumber plant before and after growing huge inside a glass lung testing chamber box.]]
|
||||
|
||||
### Telemetry
|
||||
|
||||
Telemetry is a catch-all project for random sensors and displays around Protospace.
|
||||
|
||||
- Two air quality and temperature sensors
|
||||
- A web server for querying sensor data
|
||||
- Alarm armed / disarmed sensor
|
||||
- A script that detects who's logged into various computers
|
||||
|
||||
Here's a graph of the air quality on Spaceport:
|
||||
|
||||
![[protospace-dust.png | two graphs comparing the dust levels in the classroom and woodshop. spikes can be seen in the woodshop graph.]]
|
||||
|
||||
### Airlock
|
||||
|
||||
Airlock is our door lock controller. Vetted Protospace members are given key cards which they scan to access the building 24/7. Airlock periodically polls a list of valid card numbers from Spaceport and checks scans against that list. If a valid card number is scanned, a relay and electric latch is opened. The card number is also reported back to Spaceport so that it can keep a log of who scanned when.
|
||||
|
||||
### Doorbell
|
||||
|
||||
We have a doorbell because members who aren't yet vetted don't get a key card and can't scan into the building 24/7. Instead they have to use the doorbell to request entry into the building. Our normal wireless doorbell's chime isn't loud enough to hear throughout the space and you can't tell which door the person is at (front or back).
|
||||
|
||||
I used a software-defined radio to detect our wireless doorbell's signal and play a chime over the PA system throughout the entire space. A voice then says whether it was triggered by the front door or back door.
|
|
@ -1,18 +0,0 @@
|
|||
Title: QotNews
|
||||
Date: 2022-05-18
|
||||
Category: Projects
|
||||
Summary: Hacker News, Reddit, Lobsters, and Tildes articles pre-rendered in reader mode. Optimized for speed and distraction-free reading.
|
||||
Image: qotnews1.jpg
|
||||
Tags: feed
|
||||
|
||||
[QotNews](https://news.t0.vc) is a news meta-aggregator. It gathers top articles from four news aggregators: Hacker News, Reddit, Lobsters, and Tildes along with their comments. The articles are then transformed into readable versions with consistent formatting and distractions removed. All articles in the main feed are preloaded by the client so they load instantly when clicked on.
|
||||
|
||||
You can find the [source code](https://git.tannercollin.com/tanner/qotnews) on my Gitea.
|
||||
|
||||
![[qotnews1.png | screenshot of the home page with a list of stories to click on]]
|
||||
|
||||
I tried to make QotNews the perfect news site for me. I easily get annoyed by cookie banners and distracted by visual clutter when reading normal news articles. I especially hate auto-playing videos and "download our app" popups. All articles have consistent styling that's easy to read:
|
||||
|
||||
![[qotnews2.png | screenshot of an article showing the text and font used]]
|
||||
|
||||
It's by far my favourite project and has paid the most dividends for the amount of time I invested in programming it. I use it multiple times per day and it's become the main source of all my news. Since all the articles and comments are preloaded and saved in localStorage, it's also great for reading on airplanes.
|
|
@ -1,76 +0,0 @@
|
|||
Title: Recommendations
|
||||
Date: 2022-06-24
|
||||
Category: Writing
|
||||
Summary: Software and products that I recommend you use.
|
||||
Wide: true
|
||||
Tags: feed
|
||||
|
||||
This outlines some software and devices I recommend you use: uBlock Origin, Sponsorblock, Aegis Authenticator, ThinkPad Laptops, a flashlight, a Leatherman, and various phone apps. Nothing here was sponsored.
|
||||
|
||||
[TOC]
|
||||
|
||||
## Software
|
||||
|
||||
### uBlock Origin
|
||||
|
||||
uBlock Origin is an open source ad blocker and something I install immediately on all my devices. Running an ad blocker makes browsing the web way better. It removes distracting ads (even from YouTube), invasive tracking, and makes you safer by removing potentially [fake links](https://news.t0.vc/LOBW/c#drekipus1657325184). It's the best piece of software I use even though it mostly remains unseen. And it even works on your phone.
|
||||
|
||||
You can install it on [Firefox Desktop](https://addons.mozilla.org/en-CA/firefox/addon/ublock-origin/), [Firefox Android](https://addons.mozilla.org/en-CA/android/addon/ublock-origin/), and [Chrome Desktop](https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en). Make sure you install the correct "Origin" version and avoid "ublock.org".
|
||||
|
||||
### SponsorBlock
|
||||
|
||||
SponsorBlock automatically skips over sponsored segments in YouTube videos. Not YouTube ads (that's what uBlock Origin is for), but the actual parts of the video sponsored by companies to advertise their products. It uses a crowd-sourced database of timestamps to seamlessly jump over those parts. It also allows you to skip to the highlight of some videos by pressing "enter" so you aren't wasting time watching exposition.
|
||||
|
||||
You can install it on [Firefox Desktop](https://addons.mozilla.org/en-CA/firefox/addon/sponsorblock/) and [Chrome Desktop](https://chrome.google.com/webstore/detail/sponsorblock-for-youtube/mnjggcdmjocbbbhaepdhchncahnbgone?hl=en).
|
||||
|
||||
### Aegis Authenticator
|
||||
|
||||
Aegis is a two-factor authenticator (2fa) app for Android that's free and open source. The killer feature and why I recommend it is that it supports automatic encrypted backups of the database in JSON format. You can unlock the app with a password or fingerprint. An alternative app is andOTP but there were [problems](https://news.t0.vc/EQYR/c#williamwchuang1553266688) with the backups' encryption back when I switched to Aegis.
|
||||
|
||||
You can install it on Android via the [Play Store](https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis) or [F-Droid](https://f-droid.org/en/packages/com.beemdevelopment.aegis).
|
||||
|
||||
### Misc. Phone Apps
|
||||
|
||||
FOSS App Store: F-Droid
|
||||
|
||||
QR code scanner: Binary Eye
|
||||
|
||||
Plant identification: PlantNet
|
||||
|
||||
Isolate apps: Shelter
|
||||
|
||||
Audiobook player: Voice
|
||||
|
||||
Phone sensors: phyphox
|
||||
|
||||
Maps: Organic Maps
|
||||
|
||||
Photos: Immich
|
||||
|
||||
Calculator: andanCalc PRO
|
||||
|
||||
PDF viewer: Pdf Viewer Plus
|
||||
|
||||
NFC reader: NFC Tools
|
||||
|
||||
|
||||
|
||||
## Devices
|
||||
|
||||
### ThinkPad Laptops
|
||||
|
||||
I've had several different laptops over the years and have settled on buying ThinkPads going forward. I hate Lenovo as company because of their [Superfish scandal](https://en.wikipedia.org/wiki/Superfish#Lenovo_security_incident), but I can't deny that ThinkPads are absolutely solid. I currently own a ThinkPad X1 Carbon 6th Gen.
|
||||
|
||||
A lot of Linux developers use ThinkPads which means Linux is well supported on them and the drivers just work. The laptops are easy to pop open and service. Many parts are user-replaceable. My laptop charges off a small USB-C phone charger that I carry around. In a state of sickness-induced exhaustion, I spilled an entire glass of Gatorade on it and then drenched it in water to try and flush it away. I took the back off, drained it, and then pointed a fan at it for 24 hours. The laptop was working fine the next day.
|
||||
|
||||
### RovyVon E5 Flashlight
|
||||
|
||||
Small USB-C flashlight that's very bright and has a side light that's useful for camping.
|
||||
|
||||
<https://www.amazon.ca/dp/B0B465DBW3>
|
||||
|
||||
### Leatherman Skeletool CX
|
||||
|
||||
My preferred multitool that I everyday carry. It's light, thin, and the cutters cross over instead of pinching.
|
||||
|
||||
<https://www.amazon.ca/LEATHERMAN-Lightweight-Minimalist-Multi-Tool-Nightshade/dp/B0CX2HRTBP>
|
|
@ -1,28 +0,0 @@
|
|||
Title: Secret Garden
|
||||
Date: 2024-02-21
|
||||
Category: Notes
|
||||
Summary: About the hydroponics garden in my basement.
|
||||
|
||||
I had a "Secret Garden" in a storage room in the basement of my house. It was a [[Hydroponics | hydroponics]] system growing leafy greens and herbs. You can see an hourly photo of it below:
|
||||
|
||||
<a href="/media/garden_hi.jpg">![a hydroponics garden, taken from a webcam. it might be in colour or black-and-white depending on what time of day you are visiting this page. purple timestamp on the top left.](/media/garden_lo.jpg)</a>
|
||||
|
||||
Click the above photo for a larger version.
|
||||
|
||||
There's usually kale, spinach, cilantro, parsley, and green onion growing. Sometimes dill and basil. It's currently not active this fall of 2024 because I'm planning travel.
|
||||
|
||||
## Nutrient Film Technique
|
||||
|
||||
The garden uses nutrient film technique (NFT) to continuously deliver a shallow stream of nutrient solution to the plants growing in 2" ABS pipe. A submersible fountain water pump sends nutrients up 1/4" irrigation hose to each of the four pipes. The nutrients flow down the slope passed all the roots and return to the ~40 L reservoir. An air stone oxygenates the water. Two computer case fans ensure adequate [[Airflow|airflow]].
|
||||
|
||||
![[nft1.png | four black pipes supported horizontally by a wooden frame. eight small seedlings are growing out of the pipe under four grow lights total. two fans on the right. a pink towel is down below, covering the reservoir.]]
|
||||
|
||||
The nutrients are kept in a reservoir underneath the towel, which helps block light and limit [[Algae Growth|algae growth]]:
|
||||
|
||||
![[nft2.jpg | the reservoir with the towel removed. the yellow lid is cut in half and has a tube poking out of it with a distribution cap for the 1/4 inch irrigation lines to connect to. black return pipes are on the left, pointing down into the reservoir through a mesh bag acting as a filter.]]
|
||||
## Previous Garden
|
||||
|
||||
My previous system [[Helios Alpha]] could grow up to six plants. It's designed around a single 102 L plastic tote. It holds enough water to harvest lettuce once before refilling. After the initial setup, the system can be ignored for weeks.
|
||||
|
||||
![[heliosalpha1.jpg | the hydroponics system from two angles. a black tub with yellow lid, covered in tin foil with six holes for plants. grow lights above suspended by metal shelving.]]
|
||||
|
|
@ -1,66 +0,0 @@
|
|||
Title: Sensors
|
||||
Date: 2022-05-24
|
||||
Category: Notes
|
||||
Summary: Graphs of various sensors around my house.
|
||||
|
||||
## 24h Graphs
|
||||
|
||||
These graphs are live and generated every 10 minutes, assuming the script works:
|
||||
|
||||
![a graph with a title, and axis labelled. they all look similar and continuously change, so I won't describe each one.](https://sensor-pics.dns.t0.vc/Solar_Power.png)
|
||||
|
||||
Black: power (W), green: energy (kWh)
|
||||
|
||||
![a graph](https://sensor-pics.dns.t0.vc/Living_Room_Air.png)
|
||||
|
||||
Black: PM10 (ug/m³), red: PM2.5 (ug/m³), blue: CO₂ (ppm), green: VOC
|
||||
|
||||
![a graph](https://sensor-pics.dns.t0.vc/Outside_Temperature.png)
|
||||
|
||||
Black: temperature (°C)
|
||||
|
||||
![a graph](https://sensor-pics.dns.t0.vc/Bedroom_Temperature.png)
|
||||
|
||||
Black: temperature (°C), blue: humidity (%)
|
||||
|
||||
![a graph](https://sensor-pics.dns.t0.vc/Nook_Temperature.png)
|
||||
|
||||
Black: temperature (°C), blue: humidity (%)
|
||||
|
||||
![a graph](https://sensor-pics.dns.t0.vc/Basement_Temperature.png)
|
||||
|
||||
Black: temperature (°C), blue: humidity (%)
|
||||
|
||||
![a graph](https://sensor-pics.dns.t0.vc/Nook_Thermostat.png)
|
||||
|
||||
Black: temperature (°C), red: setpoint (°C), green: state (off / running)
|
||||
|
||||
![a graph](https://sensor-pics.dns.t0.vc/Gas_Usage.png)
|
||||
|
||||
Black: total (MJ), green: delta (MJ)
|
||||
|
||||
![a graph](https://sensor-pics.dns.t0.vc/Water_Usage.png)
|
||||
|
||||
Black: total (L), green: delta (L)
|
||||
|
||||
![a graph](https://sensor-pics.dns.t0.vc/Living_Room_Lux.png)
|
||||
|
||||
Black: light (lx)
|
||||
|
||||
## Live Dashboard
|
||||
|
||||
A live interactive version can be found on this [dashboard](https://sensors.dns.t0.vc/).
|
||||
|
||||
You can find the [source code](https://git.tannercollin.com/tanner/sensors) on my Gitea.
|
||||
|
||||
## Data Capture
|
||||
|
||||
Most of the data is captured by two cheap RTL-SDRs (software-defined radios) that are set to listen to 433 MHz and 915 MHz radio frequencies. I use the open-source project [rtl_433](https://github.com/merbanan/rtl_433) to automatically decode the signals and forward them to an MQTT broker, which is a messaging server that services can publish and subscribe to. Other sensors run an MQTT client directly or expose their data through other means like a web interface that I poll.
|
||||
|
||||
The data gets collected by a central Python script that process and stores it in an InfluxDB database for "efficient" storage. The script also runs a web server that queries the database and exposes the data over an API to the dashboard at various dates and ranges. The dashboard is written in JavaScript / React using a simple chart library.
|
||||
|
||||
## InfluxDB Regrets
|
||||
|
||||
My biggest regret was using InfluxDB. It's a stupid database that I wouldn't recommend it to anyone. I ran into timezone issues with `group by time()`. It assumes the column data type is an integer if your sensor happens to send it a whole number at first and it won't let you change it. Their docs are a confusing mess. They dropped the SQL-like InfluxQL syntax for querying with a pipeline-like syntax called Flux in version 2.0. Debian's repos seem to be staying with version 1.x though. You can only delete data by time ranges, not values. It also logs every single thing to `/var/log/syslog` and there's no easy way to disable it (completely). They shut down InfluxDB cloud in Belgium and [didn't warn customers](https://community.influxdata.com/t/getting-weird-results-from-gcp-europe-west1/30615/7) before deleting all their data.
|
||||
|
||||
Just stick to SQLite or Postgres.
|
|
@ -1,16 +0,0 @@
|
|||
Title: Solar Car
|
||||
Date: 2013-04-27
|
||||
Category: Creations
|
||||
Summary: About my time volunteering with the University of Calgary Solar Car Team, where I designed a maximum power point tracker.
|
||||
Image: solar2.jpg
|
||||
Tags: feed
|
||||
|
||||
I joined the University of Calgary Solar Car Team in my first semester for a chance to learn things, gain practical experience, and meet people that share my interests. The car was the top Canadian team in a 3000 km race from Darwin to Adelaide, Australia in 2011. We met up at a shop on campus every Saturday morning to work on the new Generation IV of the solar car.
|
||||
|
||||
![[solar1.jpg | the MPPT device, a printed circuit board with bulky round electrical components held in my hand]]
|
||||
|
||||
## The Helianthus MPPT
|
||||
|
||||
I was in charge of designing and assembling the MPPTs (maximum power point trackers) for the new generation solar car. An MPPT extracts as much power out of the solar cells as possible. The solar array operates less efficiently without them. The Generation IV car, Schulich Delta (pictured below) uses seven of them: one per section of solar cells with similar lighting conditions. Andrei and I designed the MPPT above.
|
||||
|
||||
![[solar2.jpg | the solar car from an angle with a driver inside]]
|
|
@ -1,36 +0,0 @@
|
|||
Title: Spaceport
|
||||
Date: 2022-05-16
|
||||
Category: Projects
|
||||
Summary: Member portal for Calgary Protospace. It tracks dues, courses, training, access cards, and more.
|
||||
Image: spaceport1.jpg
|
||||
Tags: feed
|
||||
|
||||
[Spaceport](https://my.protospace.ca) is the member portal that I wrote for [[Protospace]], a makerspace that I frequent in Calgary. It is by far my largest project and the one I've spent the most time on. It has a database of all our members and tracks their transactions like dues and training fees. It allows members to sign up for classes and our instructors to teach courses. It also manages the access cards that members use to get into the building.
|
||||
|
||||
You can find the [source code](https://github.com/Protospace/spaceport) on Github.
|
||||
|
||||
![[spaceport1.png | a screenshot of spaceport's home page. a photo of me to the left, below that my latest training and transactions. links and stats related to Protospace to the right.]]
|
||||
|
||||
Spaceport is tightly coupled to Protospace and has many integrations:
|
||||
|
||||
- Syncs credentials to our AD controller for computer logins
|
||||
- Manages AD group membership to restrict machine use
|
||||
- Syncs credentials to our Discourse forum [Spacebar](https://forum.protospace.ca)
|
||||
- Manages Discourse groups to restrict topic access
|
||||
- Syncs credentials to our [MediaWiki](https://wiki.protospace.ca)
|
||||
- Processes PayPal payment notifications
|
||||
- Syncs valid member cards to our door controller Airlock
|
||||
- Tracks training certifications for our tool lockouts
|
||||
- Emails interested members when a class is scheduled
|
||||
- Shows who's connected to our [Minecraft server](http://games.protospace.ca:8123/?worldname=world&mapname=flat&zoom=3&x=74&y=64&z=354)
|
||||
- Tracks who's logged into our laser cutter and CNC router
|
||||
- Tracks and bills for laser cutting time
|
||||
- Shows if the building alarm is armed or disarmed
|
||||
- Displays charts of various environmental sensors
|
||||
- Displays a photo of our garden
|
||||
|
||||
![[spaceport2.png | a list of all the classes. they are group by course and have colourful tags to make them easier to find.]]
|
||||
|
||||
As of writing this there's 234 current Protospace members and 1408 historical or inactive memberships that it manages. Data is stored in a 49 MB SQLite database which makes it easy to back up or sync with my development server. The back end is written in Django / Python and the front end is React / JavaScript with Semantic UI for the graphics.
|
||||
|
||||
Site data is automatically compressed and [[Backup Strategy | backed up]] daily by two members. The software is free and open-source and can be set up by reading the documentation. Protospace directors also have admin access to the server's host in case something happens to me.
|
|
@ -1,20 +0,0 @@
|
|||
Title: Wine Crate Coffee Table
|
||||
Date: 2018-09-12
|
||||
Category: Creations
|
||||
Summary: A coffee table made out of wooden wine creates.
|
||||
Image: wine3.jpg
|
||||
Tags: feed
|
||||
|
||||
My close friend Odai saw a simple coffee table design online that was built out of four wooden wine crates. They are quite cheap and available at any hardware store. We each wanted to make one so went and bought eight crates and some plywood to use as a base.
|
||||
|
||||
We went to my local makerspace, [[Protospace]], to build them in the wood shop. We thought it would be a quick job only taking a few hours, but it turned out to be a twelve hour job over a couple of days. At least we were in good company!
|
||||
|
||||
![[wine1.jpg | the table before staining. four box-like wine crates are on their sides and joined together in a spiral. a messy wood shop is in the background]]
|
||||
|
||||
![[wine2.jpg | the two tables after staining. one face is centred and the contrast between the dark stain and light wood grain shows.]]
|
||||
|
||||
The wine crates were glued and then brad-nailed together. Extra wood was added under the thin top strips for support. After the glue dried, the brad nails were painstakingly removed because the ones we used were too long and stuck out.
|
||||
|
||||
After being attached to the base, the entire table was sanded and then stained. We let it dry overnight and returned the following day to add a quick layer of varnish.
|
||||
|
||||
![[wine3.jpg | the table in my living room with blankets inside the wine crates and a plant pot in the centre growing a bonsai tree and a succulent]]
|
|
@ -2,45 +2,55 @@ Title: My Backup Strategy
|
|||
Date: 2021-04-08
|
||||
Category: Writing
|
||||
Summary: Details about the backup system for all of my data.
|
||||
Image: backup1.svg
|
||||
Wide: true
|
||||
Tags: feed
|
||||
|
||||
[TOC]
|
||||
|
||||
Regularly backing up all the data I care about is very important to me. This article outlines my strategy to make sure I never lose essential data.
|
||||
Regularly backing up all the data I care about is very important to me. This
|
||||
article outlines my strategy to make sure I never lose essential data.
|
||||
|
||||
## Motivation
|
||||
|
||||
Backups should be as automatic as possible. This ensures laziness and forgetfulness won't interfere with the regularity.
|
||||
Backups should be as automatic as possible. This ensures laziness and
|
||||
forgetfulness won't interfere with the regularity.
|
||||
|
||||
All software used to create and store the backups should be free and open source so I'm not depending on the survival of a company.
|
||||
All software used to create and store the backups should be free and open source
|
||||
so I'm not depending on the survival of a company.
|
||||
|
||||
Backups need to be tested to ensure they are correct and happening regularly. Multiple copies of the backups should exist, including at least one offsite to protect against my building burning down.
|
||||
Backups need to be tested to ensure they are correct and happening regularly.
|
||||
Multiple copies of the backups should exist, including at least one offsite to
|
||||
protect against my building burning down.
|
||||
|
||||
Backups should also be incremental when possible (rather than mirror copies) so an accidental deletion isn't propagated into the backups, making the file irrecoverable.
|
||||
Backups should also be incremental when possible (rather than mirror copies) so
|
||||
an accidental deletion isn't propagated into the backups, making the file
|
||||
irrecoverable.
|
||||
|
||||
## Strategy
|
||||
|
||||
The key is to have one central location that all your files, projects, and data are cloned to and then back that directory up to multiple locations.
|
||||
I have one backup folder `/mnt/backup` on my media server at home that serves as
|
||||
the destination for all my backup sources. All scheduled automatic backups write
|
||||
to their own subfolder inside of it.
|
||||
|
||||
I have one backup folder `/mnt/backup` on my media server at home that serves as the destination for all my backup sources. All scheduled automatic backups write to their own subfolder inside of it.
|
||||
|
||||
This backup folder is then synced to encrypted 2.5" 1 TB hard drives which I rotate between my bag, offsite, and my parents' house.
|
||||
|
||||
![[backup1.svg | a diagram of my setup. servers and computers on the left, pointing to my home server in the middle, pointing to external hard drives on the right]]
|
||||
This backup folder is then synced to encrypted 2.5" 1 TB hard drives which I
|
||||
rotate between my bag, offsite, and my parents' house.
|
||||
|
||||
## Backup Sources
|
||||
|
||||
I use the tool `rdiff-backup` extensively because it allows me to take incremental backups locally or over SSH. It acts very similar to `rsync` and has no configuration.
|
||||
I use the tool `rdiff-backup` extensively because it allows me to take
|
||||
incremental backups locally or over SSH. It acts very similar to `rsync` and has
|
||||
no configuration.
|
||||
|
||||
### Email
|
||||
|
||||
I have every email since 2010 backed up continuously in case my email provider disappears.
|
||||
I have every email since 2010 backed up continuously in case my email provider
|
||||
disappears.
|
||||
|
||||
I use `offlineimap` to sync my mail to the directory `~/email` on my media server as a Maildir. Since offlineimap is only a syncing tool, the emails need to be copied elsewhere to be backed up. I run `rdiff-backup` from a weekly cron job:
|
||||
I use `offlineimap` to sync my mail to the directory `~/email` on my media
|
||||
server as a Maildir. Since offlineimap is only a syncing tool, the emails need
|
||||
to be copied elsewhere to be backed up. I run `rdiff-backup` from a weekly cron
|
||||
job:
|
||||
|
||||
<span class="aside">(I'll explain what backup_check.txt does below)</span>
|
||||
<span class="aside">I'll explain what backup_check.txt does below</span>
|
||||
|
||||
```
|
||||
*/15 * * * * offlineimap > /var/log/offlineimap.log 2>&1
|
||||
|
@ -73,7 +83,9 @@ sslcacertfile = /etc/ssl/certs/ca-certificates.crt
|
|||
|
||||
### Notes
|
||||
|
||||
I use Standard Notes to take notes and wrote the tool [standardnotes-fs](https://github.com/tannercollin/standardnotes-fs) to mount my notes as a file system to view and edit them as plain text files.
|
||||
I use Standard Notes to take notes and wrote the tool
|
||||
[standardnotes-fs](https://github.com/tannercollin/standardnotes-fs) to mount my
|
||||
notes as a file system to view and edit them as plain text files.
|
||||
|
||||
I take weekly backups of the mounted file system on my media server with cron:
|
||||
|
||||
|
@ -84,7 +96,9 @@ I take weekly backups of the mounted file system on my media server with cron:
|
|||
|
||||
### Nextcloud
|
||||
|
||||
I self-host a Nextcloud instance to store all my personal documents (non-code projects, tax forms, spreadsheets, etc.). Since it's only a syncing software, the files need to be copied elsewhere to be backed up.
|
||||
I self-host a Nextcloud instance to store all my personal documents (non-code
|
||||
projects, tax forms, spreadsheets, etc.). Since it's only a syncing software,
|
||||
the files need to be copied elsewhere to be backed up.
|
||||
|
||||
I take weekly backups of the Nextcloud data folder with cron:
|
||||
|
||||
|
@ -95,7 +109,9 @@ I take weekly backups of the Nextcloud data folder with cron:
|
|||
|
||||
### Gitea
|
||||
|
||||
I self-host a Gitea instance to store all my git repositories for code-based projects. My home folder is also a git repo so I can easily sync my config files and password database between servers and machines.
|
||||
I self-host a Gitea instance to store all my git repositories for code-based
|
||||
projects. My home folder is also a git repo so I can easily sync my config files
|
||||
and password database between servers and machines.
|
||||
|
||||
I take weekly backups of the Gitea data folder with cron:
|
||||
|
||||
|
@ -107,23 +123,36 @@ I take weekly backups of the Gitea data folder with cron:
|
|||
|
||||
### Telegram
|
||||
|
||||
Telegram Messenger is my main app for communication. My parents, most of my friends, and friend groups are on there so I don't want to lose those messages in case Telegram disappears or my account gets banned.
|
||||
Telegram Messenger is my main app for communication. My parents, most of my
|
||||
friends, and friend groups are on there so I don't want to lose those messages
|
||||
in case Telegram disappears or my account gets banned.
|
||||
|
||||
Telegram includes a data export feature, but it can't be automated. Instead I run the deprecated software [telegram-export](https://github.com/expectocode/telegram-export) hourly with cron:
|
||||
<span class="aside">Saves the messages to a sqlite db</span>
|
||||
|
||||
<span class="aside">(Saves the messages to a sqlite db)</span>
|
||||
Telegram includes a data export feature, but it can't be automated. Instead I
|
||||
run the deprecated software
|
||||
[telegram-export](https://github.com/expectocode/telegram-export) hourly with
|
||||
cron:
|
||||
|
||||
```
|
||||
0 * * * * bash -c 'timeout 50m /home/tanner/opt/telegram-export/env/bin/python -m telegram_export' > /var/log/telegramexport.log 2>&1
|
||||
```
|
||||
|
||||
It likes to hang, so `timeout` kills it if it's still running after 50 minutes. Hasn't corrupted the database yet.
|
||||
It likes to hang, so `timeout` kills it if it's still running after 50 minutes.
|
||||
Hasn't corrupted the database yet.
|
||||
|
||||
### Phone
|
||||
|
||||
[Signal Messenger](https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms&hl=en_CA&gl=US) automatically exports a copy of my text messages database, and [Aegis](https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis&hl=en_CA&gl=US) allows me to export an encrypted JSON file of my two-factor authentication codes.
|
||||
[Signal
|
||||
Messenger](https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms&hl=en_CA&gl=US)
|
||||
automatically exports a copy of my text messages database, and
|
||||
[Aegis](https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis&hl=en_CA&gl=US)
|
||||
allows me to export an encrypted JSON file of my two-factor authentication
|
||||
codes.
|
||||
|
||||
I mount my phone's internal storage as a file system on my desktop using [adbfs-rootless](https://github.com/spion/adbfs-rootless). I then rsync the files over to my media server:
|
||||
I mount my phone's internal storage as a file system on my desktop using
|
||||
[adbfs-rootless](https://github.com/spion/adbfs-rootless). I then rsync the
|
||||
files over to my media server:
|
||||
|
||||
```
|
||||
$ ./adbfs ~/mntphone
|
||||
|
@ -137,17 +166,23 @@ $ time rsync -Wav \
|
|||
localmediaserver:/mnt/backup/files/phone/
|
||||
```
|
||||
|
||||
Unfortunately this is a manual process because I need to plug my phone in each time. Ideally it would happen automatically while I'm asleep and the phone is charging.
|
||||
Unfortunately this is a manual process because I need to plug my phone in each
|
||||
time. Ideally it would happen automatically while I'm asleep and the phone is
|
||||
charging.
|
||||
|
||||
### Miscellaneous Files
|
||||
|
||||
The directory `/backup/files` is a repository for any kind of files I want to keep forever. My phone data, old archives, computer files, Minecraft worlds, files from previous jobs, and so on.
|
||||
The directory `/backup/files` is a repository for any kind of files I want to
|
||||
keep forever. My phone data, old archives, computer files, Minecraft worlds,
|
||||
files from previous jobs, and so on.
|
||||
|
||||
All the files will be included in the 1 TB hard drive backup rotations.
|
||||
|
||||
### Web Services
|
||||
|
||||
Web services that I run like [[t0 Services]] and [[QotNews]] are backed up daily, weekly, and monthly depending on how frequently the data changes.
|
||||
Web services that I run like [txt.t0.vc](https://txt.t0.vc) and
|
||||
[QotNews](https://news.t0.vc) are backed up daily, weekly, and monthly depending
|
||||
on how frequently the data changes.
|
||||
|
||||
I run `rdiff-backup` on the remote server with cron:
|
||||
|
||||
|
@ -164,13 +199,17 @@ I run `rdiff-backup` on the remote server with cron:
|
|||
55 14 1 * * rdiff-backup --remove-older-than 12B --force tbotbak@remotebackup::/mnt/backup/remote/tbotbak/monthly/t0txt/
|
||||
```
|
||||
|
||||
The `tbotbak` user has write access to the `/mnt/backup/remote/tbotbak` directory only. It has its own passwordless SSH key that's only permitted to run the `rdiff-backup --server` command for security.
|
||||
The `tbotbak` user has write access to the `/mnt/backup/remote/tbotbak`
|
||||
directory only. It has its own passwordless SSH key that's only permitted to run
|
||||
the `rdiff-backup --server` command for security.
|
||||
|
||||
### Protospace
|
||||
|
||||
I run a lot of services for [[Protospace]], my city's makerspace.
|
||||
I run a lot of services for [Protospace](https://protospace.ca/), my city's
|
||||
makerspace.
|
||||
|
||||
The member portal I wrote called [[Spaceport]] creates an archive I download daily:
|
||||
The member portal I wrote called [Spaceport](https://my.protospace.ca/) creates
|
||||
an archive I download daily:
|
||||
|
||||
```
|
||||
40 10 * * * wget --content-disposition \
|
||||
|
@ -180,7 +219,8 @@ The member portal I wrote called [[Spaceport]] creates an archive I download dai
|
|||
https://api.my.protospace.ca/backup/
|
||||
```
|
||||
|
||||
The website and [wiki](https://wiki.protospace.ca) that I sysadmin both get backed up weekly:
|
||||
The website and [wiki](https://wiki.protospace.ca) that I sysadmin get
|
||||
backed up weekly:
|
||||
|
||||
```
|
||||
0 12 * * 1 mysqldump --all-databases > /var/www/dump.sql
|
||||
|
@ -188,7 +228,9 @@ The website and [wiki](https://wiki.protospace.ca) that I sysadmin both get back
|
|||
20 12 * * 1 rdiff-backup /var/www pshostbak@remotebackup::/mnt/backup/remote/pshostbak/weekly/www/
|
||||
```
|
||||
|
||||
The Protospace [Minecraft server](http://games.protospace.ca:8123/?worldname=world&mapname=flat&zoom=3&x=74&y=64&z=354) I run gets backed up daily:
|
||||
The Protospace [Minecraft
|
||||
server](http://games.protospace.ca:8123/?worldname=world&mapname=flat&zoom=3&x=74&y=64&z=354)
|
||||
I run gets backed up daily:
|
||||
|
||||
```
|
||||
00 15 * * * date -Iseconds > /home/tanner/minecraft/backup_check.txt
|
||||
|
@ -228,7 +270,8 @@ My backup folder `/mnt/backup` now looks like this:
|
|||
└── telebak
|
||||
```
|
||||
|
||||
This directory tree is the master backup and I make a copy of the entire tree every Saturday to a hard drive.
|
||||
This directory tree is the master backup and I make a copy of the entire tree
|
||||
every Saturday to a hard drive.
|
||||
|
||||
The directory is copied over with the following script:
|
||||
|
||||
|
@ -248,17 +291,32 @@ umount /mnt/external
|
|||
cryptsetup luksClose external
|
||||
```
|
||||
|
||||
I wrote a Python script `checkbackup.py` that goes through each backup and compares the timestamp in `backup_check.txt` files to the current time. This makes sure that the cron ran, backups were taken, and transferred over correctly.
|
||||
I wrote a Python script `checkbackup.py` that goes through each backup and
|
||||
compares the timestamp in `backup_check.txt` files to the current time. This
|
||||
makes sure that the cron ran, backups were taken, and transferred over
|
||||
correctly.
|
||||
|
||||
## Rotating Hard Drives
|
||||
|
||||
I rotate through 2.5" 1 TB hard drives each Saturday when I do a backup. They are quite cheap at [$65 CAD](https://www.memoryexpress.com/Products/MX65194) each so I can have a bunch floating around.
|
||||
I rotate through 2.5" 1 TB hard drives each Saturday when I do a backup. They
|
||||
are quite cheap at [$65 CAD](https://www.memoryexpress.com/Products/MX65194)
|
||||
each so I can have a bunch floating around.
|
||||
|
||||
I keep one connected to the server, one in my bag, one offsite, one at my mother's house, and one at my dad's house. Every Saturday I run the script above to take a copy and then swap the drive with the one in my bag. It then gets swapped when I visit my offsite location. Same for when I visit my parents<span class="aside"> (I go back home about twice per year)</span>. This means that all hard drives eventually get rotated through with new data and don't sit too long unpowered.
|
||||
|
||||
The drives are all encrypted with full-disk LUKS encryption using a password I'm unlikely to forget.
|
||||
I keep one connected to the server, one in my bag, one offsite, one at my
|
||||
mother's house, and one at my dad's house. Every Saturday I run the script above
|
||||
to take a copy and then swap the drive with the one in my bag. It then gets
|
||||
<span class="aside">I go back home about twice per year</span>
|
||||
swapped when I visit my offsite location. Same for when I visit my parents. This
|
||||
means that all hard drives eventually get rotated through with new data and
|
||||
don't sit too long unpowered.
|
||||
|
||||
I run the check-summing `btrfs` file system on them in RAID-1 to protect against bitrot. This means I can only use 0.5 TB of storage for my backups, but the data is stored redundantly.
|
||||
The drives are all encrypted with full-disk LUKS encryption using a password I'm
|
||||
unlikely to forget.
|
||||
|
||||
I run the check-summing `btrfs` file system on them in RAID-1 to protect against
|
||||
bitrot. This means I can only use 0.5 TB of storage for my backups, but the data
|
||||
is stored redundantly.
|
||||
|
||||
Here's how I set up new hard drives to do this:
|
||||
|
||||
|
@ -274,8 +332,12 @@ $ sudo cryptsetup luksClose external
|
|||
|
||||
## Future Improvements
|
||||
|
||||
I'm working on a system to automatically back up all my home directories to my media server. I need this to grab Bash histories and code that's work-in-progress. I've been burned by not having this once when a server died.
|
||||
I'm working on a system to automatically back up all my home directories to my
|
||||
media server. I need this to grab Bash histories and code that's
|
||||
work-in-progress. I've been burned by not having this once when a server died.
|
||||
|
||||
I'd like to automate backing up my phone by connecting it to a Raspberry Pi when I go to sleep.
|
||||
I'd like to automate backing up my phone by connecting it to a Raspberry Pi when
|
||||
I go to sleep.
|
||||
|
||||
I need to get better at fully testing my backups by restoring them on a blank machine.
|
||||
I need to get better at fully testing my backups by restoring them on a blank
|
||||
machine.
|
|
@ -1,37 +1,47 @@
|
|||
Title: Bypassing ISP Blocked Ports (Old)
|
||||
Title: Bypassing ISP Blocked Ports
|
||||
Date: 2021-04-10
|
||||
Category: Notes
|
||||
Summary: (Old) Bypass ISP blocked ports using VPN port forwarding for public access.
|
||||
Category: Writing
|
||||
Summary: Bypass ISP blocked ports using VPN port forwarding for public access.
|
||||
Wide: true
|
||||
|
||||
[TOC]
|
||||
|
||||
My residential ISP blocks inbound traffic to common ports like 22, 80, and 443. I use an OpenVPN tunnel to forward these ports so that I can self-host a public media server. It does __not__ require users to be on the VPN.
|
||||
My residential ISP blocks inbound traffic to common ports like 22, 80, and 443.
|
||||
I use an OpenVPN tunnel to forward these ports so that I can self-host a
|
||||
public media server. It does __not__ require users to be on the VPN.
|
||||
|
||||
This article explains how I set it up and is targeted towards Linux sysadmins.
|
||||
|
||||
## Overview
|
||||
|
||||
I have a cheap $5 per month virtual server with [Digital Ocean](https://digitalocean.com) that runs Debian GNU/Linux 10. An OpenVPN server is running on this virtual server.
|
||||
I have a cheap $5 per month virtual server with [Digital
|
||||
Ocean](https://digitalocean.com) that runs Debian GNU/Linux 10. An OpenVPN
|
||||
server is running on this virtual server.
|
||||
|
||||
My media server at home has an OpenVPN client connected to the server and is assigned a static IP on the VPN network.
|
||||
My media server at home has an OpenVPN client connected to the server and is
|
||||
assigned a static IP on the VPN network.
|
||||
|
||||
The virtual server has routing enabled and forwards inbound traffic __from the internet__ to my media server at home. This allows me to have external HTTP and SSH access.
|
||||
The virtual server has routing enabled and forwards inbound traffic __from the
|
||||
internet__ to my media server at home. This allows me to have external HTTP and SSH
|
||||
access.
|
||||
|
||||
## Server Setup
|
||||
|
||||
Spin up a Debian 10 virtual server on your favourite hosting provider and set your user up as you would normally. You should probably harden this server. Assign a subdomain to it like `vpn.example.com`.
|
||||
Spin up a Debian 10 virtual server on your favourite hosting provider and set
|
||||
your user up as you would normally. You should probably harden this server.
|
||||
Assign a subdomain to it like `vpn.example.com`.
|
||||
|
||||
Install the following requirements:
|
||||
|
||||
```
|
||||
$ sudo apt update
|
||||
$ sudo apt install openvpn easy-rsa ufw
|
||||
$ sudo apt install openvpn ufw
|
||||
```
|
||||
|
||||
### OpenVPN Server
|
||||
|
||||
These steps roughly follow [this guide](https://wiki.debian.org/OpenVPN#TLS-enabled_VPN).
|
||||
These steps roughly follow [this
|
||||
guide](https://wiki.debian.org/OpenVPN#TLS-enabled_VPN).
|
||||
|
||||
Generate TLS certificates and keys:
|
||||
|
||||
|
@ -42,20 +52,19 @@ $ sudo make-cadir easy-rsa/
|
|||
$ sudo chown -R tanner:tanner easy-rsa/
|
||||
```
|
||||
|
||||
Replace `tanner` with your Linux username, this is temporary.
|
||||
Replace `tanner` with your own username, this is temporary.
|
||||
|
||||
<span class="aside">(The `.rnd` file prevents a warning)</span>
|
||||
<span class="aside">The `.rnd` file prevents a warning</span>
|
||||
|
||||
```
|
||||
$ cd easy-rsa/
|
||||
$ export EASYRSA_CERT_EXPIRE=36500
|
||||
$ export EASYRSA_CA_EXPIRE=36500
|
||||
$ ./easyrsa init-pki
|
||||
$ head /dev/urandom > pki/.rnd
|
||||
$ ./easyrsa build-ca
|
||||
```
|
||||
|
||||
Enter a password you won't forget in case you want to add another client later. The Common Name you choose is not important.
|
||||
Enter a password you won't forget in case you want to add another client later.
|
||||
The Common Name you choose is not important.
|
||||
|
||||
Generate Diffie–Hellman params:
|
||||
|
||||
|
@ -75,19 +84,22 @@ Generate a client cert:
|
|||
$ ./easyrsa build-client-full mediaserver nopass
|
||||
```
|
||||
|
||||
We make a `mediaserver` client because we want to assign a static IP to it. You need to make a different one for each client you want with a static IP.
|
||||
We make a `mediaserver` client because we want to assign a static IP to it. You
|
||||
need to make a different one for each client you want with a static IP.
|
||||
|
||||
Also, if you want generic clients that all get dynamic IPs for use on your laptop, phone, etc. to protect you from public WiFi (like a normal VPN), create only a single extra one:
|
||||
Also, if you want generic clients that all get dynamic IPs for use on your
|
||||
laptop, phone, etc. to protect you from public WiFi, create only a single extra one:
|
||||
|
||||
```
|
||||
$ ./easyrsa build-client-full client nopass # optional
|
||||
```
|
||||
|
||||
Leave off `nopass` if you want to password protect the config file keys when you set up a new client.
|
||||
Leave off `nopass` if you want to password protect the config file keys when you
|
||||
set up a new client.
|
||||
|
||||
Create the server config file `/etc/openvpn/server.conf`:
|
||||
|
||||
<span class="aside">(Can't use port 443 here since it'll be forwarded)</span>
|
||||
<span class="aside">Can't use port 443 here since it'll be forwarded</span>
|
||||
|
||||
```
|
||||
port 1194
|
||||
|
@ -125,7 +137,7 @@ $ sudo touch ccd/mediaserver
|
|||
|
||||
Replace `mediaserver` with whatever client name you used above. Edit it like so:
|
||||
|
||||
<span class="aside">(Your home server will be `10.8.0.100`)</span>
|
||||
<span class="aside">Your home server will be `10.8.0.100`</span>
|
||||
|
||||
```
|
||||
ifconfig-push 10.8.0.100 255.255.255.0
|
||||
|
@ -169,7 +181,8 @@ $ ip addr
|
|||
|
||||
### Port Forwarding
|
||||
|
||||
I use `ufw` to handle the iptables rules because I use it anyway as a firewall when I harden my servers.
|
||||
I use `ufw` to handle the iptables rules because I use it anyway as a firewall
|
||||
when I harden my servers.
|
||||
|
||||
Enable routing:
|
||||
|
||||
|
@ -204,11 +217,14 @@ Add this to the top of `/etc/ufw/before.rules`:
|
|||
COMMIT
|
||||
```
|
||||
|
||||
Replace `123.123.123.123` with your VPN server's external IP address and `eth0` with the external interface.
|
||||
Replace `123.123.123.123` with your VPN server's external IP address and `eth0`
|
||||
with the external interface.
|
||||
|
||||
This will forward TCP traffic on port 2222 to your home server. If you want to use port 22, then you need to set the VPN SSH server to something else.
|
||||
This will forward TCP traffic on port 2222 to your home server. If you want to use
|
||||
port 22, then you need to set the VPN SSH server to something else.
|
||||
|
||||
A full example of `/etc/ufw/before.rules` with other ports included can be found here:
|
||||
A full example of `/etc/ufw/before.rules` with other ports included can be found
|
||||
here:
|
||||
|
||||
[https://txt.t0.vc/URUG](https://txt.t0.vc/URUG)
|
||||
|
||||
|
@ -261,7 +277,8 @@ key-direction 1
|
|||
</tls-auth>
|
||||
```
|
||||
|
||||
Replace the `[server ...]` lines with the contents of that file on the __VPN server__, for example:
|
||||
Replace the `[server ...]` lines with the contents of that file on the __VPN
|
||||
server__, for example:
|
||||
|
||||
```
|
||||
$ sudo cat /etc/openvpn/easy-rsa/pki/ca.crt
|
||||
|
@ -272,7 +289,7 @@ Also replace `vpn.example.com` with the subdomain you assigned earlier.
|
|||
|
||||
For device clients (like your laptop and phone), create the config file `client.ovpn`:
|
||||
|
||||
<span class="aside">(`redirect-gateway def1` forces traffic over the VPN)</span>
|
||||
<span class="aside">`redirect-gateway def1` forces traffic over the VPN</span>
|
||||
|
||||
```
|
||||
client
|
||||
|
@ -347,17 +364,22 @@ $ sudo service openvpn restart
|
|||
|
||||
### Client Apps
|
||||
|
||||
On Android I use "OpenVPN for Android" and on Linux I use the `network-manager-openvpn-gnome` Debian package.
|
||||
On Android I use "OpenVPN for Android" and on Linux I use the
|
||||
`network-manager-openvpn-gnome` Debian package.
|
||||
|
||||
To add your VPN on Gnome, open VPN settings, import file, and select `client.ovpn`. If the private key is missing, select it from `~/.cert/nm-openvpn/`.
|
||||
To add your VPN on Gnome, open VPN settings, import file, and select
|
||||
`client.ovpn`. If the private key is missing, select it from
|
||||
`~/.cert/nm-openvpn/`.
|
||||
|
||||
## Closing Thoughts
|
||||
|
||||
You should now be fine to access your home server from over the internet.
|
||||
|
||||
To forward additional ports, just edit the `/etc/ufw/before.rules` file like above and apply the changes to `ufw`.
|
||||
To forward additional ports, just edit the `/etc/ufw/before.rules` file like
|
||||
above.
|
||||
|
||||
You can now point a domain to your virtual server's IP and use that to connect to your home server. Use a CNAME to make it easy to change later:
|
||||
You can now point a domain to your virtual server's IP and use that to connect
|
||||
to your home server. Use a CNAME to make it easy to change later:
|
||||
|
||||
```
|
||||
NAME TYPE VALUE
|
||||
|
@ -366,4 +388,5 @@ vpn.example.com. A 123.123.123.123
|
|||
myserver.example.com. CNAME vpn.example.com.
|
||||
```
|
||||
|
||||
Finally, make sure any server programs are listening / bound to `10.8.0.100` or `0.0.0.0` so that they can get traffic from that interface.
|
||||
Finally, make sure any server programs are listening / bound to `10.8.0.100` or
|
||||
`0.0.0.0` so that they can get traffic from that interface.
|
|
@ -1,2 +0,0 @@
|
|||
User-agent: *
|
||||
Disallow:
|
28
content/hand-of-ozymandias.md
Normal file
|
@ -0,0 +1,28 @@
|
|||
Title: Hand of Ozymandias
|
||||
Date: 2012-03-23
|
||||
Category: Projects
|
||||
Summary: A withered hand I welded out of scrap metal.
|
||||
|
||||
I was visiting my cousins in Radium, BC and decided to learn stick welding at
|
||||
their shop. I wanted to create a sculpture, so with pieces of scrap metal I
|
||||
welded together this hand. The beads are far from perfect. Working with small
|
||||
pieces of rusted metal made it difficult.
|
||||
|
||||
![a rusted hand welded together out of scrap square stock metal tubing]({static}/images/hand-of-ozymandias/hand1.jpg)
|
||||
|
||||
## The Name
|
||||
|
||||
One of my favourite poems is [Ozymandias](https://en.wikipedia.org/wiki/Ozymandias)
|
||||
by Percy Bysshe Shelley. It's about the inevitable complete decline of all
|
||||
rulers and the empires they build, however mighty in their time. This is the
|
||||
hand of Ozymandias sticking out from the sand, grasping for life after he has
|
||||
been reduced to dust.
|
||||
|
||||
## Construction
|
||||
|
||||
I eyeballed the joint angles and my cousin cut them to spec with an angle
|
||||
grinder. It was made in a machine shop with no real planning done ahead of time.
|
||||
In between welds, I used my own hand as a reference. Below is a picture of me
|
||||
adding a bead to it.
|
||||
|
||||
![me welding the hand causing a very bright white light that washes out the photo]({static}/images/hand-of-ozymandias/hand2.jpg)
|
Before Width: | Height: | Size: 198 KiB After Width: | Height: | Size: 198 KiB |
Before Width: | Height: | Size: 74 KiB After Width: | Height: | Size: 74 KiB |
Before Width: | Height: | Size: 82 KiB After Width: | Height: | Size: 82 KiB |
Before Width: | Height: | Size: 88 KiB After Width: | Height: | Size: 88 KiB |
Before Width: | Height: | Size: 64 KiB After Width: | Height: | Size: 64 KiB |
Before Width: | Height: | Size: 145 KiB After Width: | Height: | Size: 145 KiB |
Before Width: | Height: | Size: 154 KiB After Width: | Height: | Size: 154 KiB |
Before Width: | Height: | Size: 131 KiB After Width: | Height: | Size: 131 KiB |
Before Width: | Height: | Size: 130 KiB After Width: | Height: | Size: 130 KiB |
Before Width: | Height: | Size: 116 KiB After Width: | Height: | Size: 116 KiB |
Before Width: | Height: | Size: 163 KiB After Width: | Height: | Size: 163 KiB |
Before Width: | Height: | Size: 295 KiB After Width: | Height: | Size: 295 KiB |
Before Width: | Height: | Size: 350 KiB After Width: | Height: | Size: 350 KiB |
Before Width: | Height: | Size: 286 KiB After Width: | Height: | Size: 286 KiB |
28
content/led-dress.md
Normal file
|
@ -0,0 +1,28 @@
|
|||
Title: LED Dress
|
||||
Date: 2016-03-18
|
||||
Category: Projects
|
||||
Summary: A dress made out of LEDs that twinkle like stars.
|
||||
|
||||
A friend of mine was attending a stars and constellations themed ball. She
|
||||
wanted to wear a dress that was lit up with LEDs acting as twinkling stars.
|
||||
Seven of the 28 stars are aligned to resemble the Big Dipper constellation and
|
||||
twinkle differently than the rest, which twinkle in a random pattern.
|
||||
|
||||
![a girl wearing a blue dress with a number of LEDs shining through the fabric]({static}/images/dress/dress1.jpg)
|
||||
|
||||
## Construction
|
||||
|
||||
The LEDs came from that strip that was cut up and soldered together with very
|
||||
small wires. Each of the LEDs can be controlled individually.
|
||||
|
||||
![the controller circuit board, and the string of soldered together LEDs]({static}/images/dress/dress2.jpg)
|
||||
|
||||
21 of the stars are light magenta in color and twinkle by fading randomly. The
|
||||
seven LEDs that form the Big Dipper continually scroll through a gradient of
|
||||
three colors. Instead of calculating the values of each color in the gradient as
|
||||
the program runs, a lookup table is used.
|
||||
|
||||
<video autoplay muted loop style="display:block; margin: 0 auto;">
|
||||
<source src="{static}/videos/dress/dress3.mp4" type="video/mp4">
|
||||
Your browser does not support the video tag.
|
||||
</video>
|
33
content/light-switch.md
Normal file
|
@ -0,0 +1,33 @@
|
|||
Title: Remote Control Light Switch
|
||||
Date: 2014-10-09
|
||||
Category: Projects
|
||||
Summary: A device to toggle my lights remotely.
|
||||
|
||||
I wanted the ability to toggle my bedroom light remotely for convenience. I
|
||||
designed a circuit that allows me to control my light with any
|
||||
device that can load a webpage.
|
||||
|
||||
I still wanted to be able to control the light manually, so I bought a metallic
|
||||
face-plate and turned it into a capacitive touch sensor. The slightest touch
|
||||
anywhere on the plate is enough to toggle the light. I had to electrically
|
||||
isolate the metal screws from it because they screw into a grounded switch box.
|
||||
|
||||
![my custom light switch, a Raspberry Pi computer, and an old iPhone]({static}/images/light-switch/light1.jpg)
|
||||
|
||||
## Function
|
||||
|
||||
I have a Raspberry Pi ($35 computer) on my home network that runs a web server.
|
||||
When you connect to it in your web browser, a page loads with buttons to turn
|
||||
the light on or off. When you press a button, the server executes a command that
|
||||
sends a message over Bluetooth to the light switch. The Bluetooth module in the
|
||||
wall receives this message and forwards it to the microcontroller, which
|
||||
processes it and toggles the relay. The whole circuit is also powered from mains
|
||||
by an AC-DC converter.
|
||||
|
||||
This entire process happens quicker than half a second, so it feels instant.
|
||||
|
||||
![the front side which has several electrical components]({static}/images/light-switch/light2.jpg)
|
||||
|
||||
<span class="aside">Black stuff's liquid electrical tape</span>
|
||||
|
||||
![the back side which has wires soldered to connect all the components]({static}/images/light-switch/light3.jpg)
|
106
content/linux-flavour.md
Normal file
|
@ -0,0 +1,106 @@
|
|||
Title: Choosing a Linux Flavour
|
||||
Date: 2020-10-31
|
||||
Category: Writing
|
||||
Summary: A recommendation on which flavour of Linux to run.
|
||||
Wide: true
|
||||
|
||||
[TOC]
|
||||
|
||||
People often ask me which flavour of Linux they should install. In summary,
|
||||
choose Ubuntu if it's your first time. Once you are comfortable, install Debian
|
||||
the next time you need to install Linux.
|
||||
|
||||
I run Debian on my computers and servers.
|
||||
|
||||
## Linux Distributions
|
||||
|
||||
When people refer to the "flavour of Linux" they are talking about a Linux
|
||||
<span class="aside">Interjection: it's technically called GNU/Linux</span>
|
||||
distribution (distro). It mostly describes what software is distributed in its
|
||||
software repository.
|
||||
|
||||
"A typical Linux distribution comprises a Linux kernel, GNU tools and
|
||||
libraries, additional software, documentation, a window system, a window
|
||||
manager, and a desktop environment." [Wikipedia]
|
||||
|
||||
The major Linux distros are practically all the same. If you master one it's
|
||||
easy to pick up the others. The main differences you'll run into are which
|
||||
tools you use to install new software, and the desktop environment, which is
|
||||
what all the windows and buttons look like.
|
||||
|
||||
I recommend two Linux distros, Debian and Ubuntu. Ubuntu is based off of
|
||||
Debian, so they are very similar.
|
||||
|
||||
## Pros of Debian
|
||||
|
||||
Debian is one of the oldest distros and many other distros are based off it.
|
||||
You can see a timeline visualization of all its derivatives here:
|
||||
|
||||
<https://upload.wikimedia.org/wikipedia/commons/1/1b/Linux_Distribution_Timeline.svg>
|
||||
|
||||
This image is what originally convinced me to use Debian. Scroll down until you
|
||||
see it and zoom out so you grasp how many derivatives it has.
|
||||
|
||||
Debian is also non-commercial and requires that all software in its main
|
||||
repository is free and open source. This is important because that grants you
|
||||
the right to study, change, and distribute the software and source code to
|
||||
anyone and for any purpose. They also follow a strong social contract you can
|
||||
see here:
|
||||
|
||||
<https://www.debian.org/social_contract>
|
||||
|
||||
It's also a very stable Linux distro since they freeze all software features on
|
||||
each release. This makes it great for servers because nothing will break when
|
||||
it updates.
|
||||
|
||||
The main Raspberry Pi distro is nearly identical to Debian, so you'll also gain
|
||||
familiarity with it.
|
||||
|
||||
## Cons of Debian
|
||||
|
||||
Since Debian requires all its software to be free and open source, proprietary
|
||||
hardware drivers aren't included in its main repo. This can make installing
|
||||
Debian difficult if your hardware requires non-free drivers. You'll need to use
|
||||
a non-free installation image found here:
|
||||
|
||||
<https://cdimage.debian.org/cdimage/unofficial/non-free/cd-including-firmware/>
|
||||
|
||||
The fact that Debian freezes software features can also mean that your software
|
||||
gets old until the next Debian release. If you want versions that are bleeding
|
||||
edge, you'll need to use Debian Unstable as described here:
|
||||
|
||||
<https://wiki.debian.org/DebianUnstable#Installation>
|
||||
|
||||
Don't be fooled by the name "unstable". I use it for my personal computers and
|
||||
it runs fine.
|
||||
|
||||
## Pros of Ubuntu
|
||||
|
||||
Ubuntu is incredibly easy to install. You can also try it out before deciding
|
||||
to install it. The distro pretty much just works on what ever hardware you
|
||||
have.
|
||||
|
||||
It's very beginner friendly because it's so popular. Any problem you search for
|
||||
will reveal dozens of threads with people solving the same problem.
|
||||
|
||||
## Cons of Ubuntu
|
||||
|
||||
Unfortunately Ubuntu is developed by a commercial company, Canonical. The
|
||||
company's interests come first, before the users' and they have a track record
|
||||
of betraying their users' trust and privacy.
|
||||
|
||||
Years ago Ubuntu had a feature enabled by default that would send your desktop
|
||||
searches to Amazon so they could suggest products for you to buy:
|
||||
|
||||
<https://www.pcworld.com/article/2840401/ubuntus-unity-8-desktop-removes-the-amazon-search-spyware.html>
|
||||
|
||||
Currently whenever you remote login to your Ubuntu machine, it phones home to
|
||||
Canonical and they collect info about your system:
|
||||
|
||||
<https://ubuntu.com/legal/motd>
|
||||
|
||||
While these reasons are fairly minor, they are quite frowned upon in the Linux
|
||||
community and are reason enough to switch to Debian once you are comfortable
|
||||
with using Linux.
|
||||
|
||||
[Wikipedia]: https://en.wikipedia.org/wiki/Linux_distribution
|
Before Width: | Height: | Size: 185 KiB |
Before Width: | Height: | Size: 164 KiB |
Before Width: | Height: | Size: 1.2 MiB |
Before Width: | Height: | Size: 233 KiB |
Before Width: | Height: | Size: 146 KiB |
Before Width: | Height: | Size: 202 KiB |
Before Width: | Height: | Size: 277 KiB |
Before Width: | Height: | Size: 16 KiB |
Before Width: | Height: | Size: 153 KiB |
Before Width: | Height: | Size: 239 KiB |
Before Width: | Height: | Size: 247 KiB |
Before Width: | Height: | Size: 293 KiB |
Before Width: | Height: | Size: 530 KiB |
Before Width: | Height: | Size: 138 KiB |
Before Width: | Height: | Size: 179 KiB |
Before Width: | Height: | Size: 180 KiB |
Before Width: | Height: | Size: 330 KiB |
Before Width: | Height: | Size: 198 KiB |
Before Width: | Height: | Size: 179 KiB |
Before Width: | Height: | Size: 260 KiB |
Before Width: | Height: | Size: 5.5 MiB |
Before Width: | Height: | Size: 511 KiB |
Before Width: | Height: | Size: 5.8 MiB |
Before Width: | Height: | Size: 639 KiB |
Before Width: | Height: | Size: 3.6 MiB |
Before Width: | Height: | Size: 330 KiB |
Before Width: | Height: | Size: 4.2 MiB |
Before Width: | Height: | Size: 372 KiB |
Before Width: | Height: | Size: 5.7 MiB |
Before Width: | Height: | Size: 517 KiB |
Before Width: | Height: | Size: 5.5 MiB |
Before Width: | Height: | Size: 642 KiB |
Before Width: | Height: | Size: 6.8 MiB |
Before Width: | Height: | Size: 589 KiB |
Before Width: | Height: | Size: 3.1 MiB |
Before Width: | Height: | Size: 321 KiB |
Before Width: | Height: | Size: 3.3 MiB |
Before Width: | Height: | Size: 352 KiB |
Before Width: | Height: | Size: 4.5 MiB |
Before Width: | Height: | Size: 258 KiB |