Matthew Ernisse

August 14, 2020 @21:59

I've had a UniFi USG-3 in the office for a while now, and I have had a few problems with it over the years. The most recent being a quirk of the configuration system that ham strings certificate authentication with intermediate CAs. You can read about my struggle a little bit in a previous post.

More (19%) …

July 12, 2020 @09:20

I recently found myself overcome by a brief spat of boredom. A general haze of nostalgia accompanied the boredom and it got me thinking of earlier days of the Internet. A number of mostly-forgotten fads came to mind, the web counter, the under construction gif, the best viewed with browser logo, and the venerable webcam. The webcam itself was an evolution of other, more pratical network connected cameras and they have continued to progress farther than I would have expected. A quick search of my archives revealed that I still had the very last frame captured from my webcam.

More (7%) …

July 06, 2020 @14:15

It has been a while since I wrote one of these. Honestly for a long time I didn't really have anything to add to my previous post. I still routinely watch the channels previously listed and still highly recommend them. The following are channels I have found since that I would add to the list, in no particular order.

More (6%) …

May 29, 2020 @15:19

I currently have a handful of containerized apps that I maintain in a shared repository and a few more that are in their own repositories. I wanted to be able to trigger builds of all my container projects from a single post-receive hook so I leaned on the work I did previously cleaning up my git hooks and created a script that will look in the root of the repository for a Dockerfile and if it finds one will launch a builder container using the same python script that I wrote about previously.

More (43%) …

April 30, 2020 @11:30

... or how I stopped worrying and learned to love Device Tree.

I have been looking around for a long time for a green CRT Wyse terminal to replace one I had many many years ago but got rid of in a move. I finally found a decent WY-60 on EBay so I picked that up at the end of last year. Now that I've had some time on my hands I set about getting it to do something useful.

More (2%) …

April 25, 2020 @19:40

It turns out that describing my new Thoughts system has turned into a three part series. You probably want to go back and read the previous two articles before reading this one.

More (4%) …

April 22, 2020 @10:10

Ages ago I built a FlightAware ADS-B feeder on a Raspberry Pi Model B Rev 1. To this day it is still running and happily feeding data to both FlightAware and FlightRadar24. Earlier this year I even built another feeder for the UAT variant. Well FlightAware finally released support for Raspbian (Debian) 10.0 (Buster) so I decided that it was time to upgrade. At first I started down the path of simply making a new manifest for Puppet which readers of this blog might recognize as my preferred configuration management utility. Well the two feeders I have are both rather under-powered and have pretty small memories. Since the SDR decoding process takes up so much CPU time and memory is already very thin running the Puppet agent just didn't make a lot of sense. It turns out that "look at Ansible again" has been sitting around aging nicely in my ~/TODO so I figured why not.

More (30%) …

April 19, 2020 @13:45

Last Friday I deployed my new Azure Functions based Thoughts application to this website and wrote about the Python bits of it. Towards the end of that entry I mentioned that quite a bit of JavaScript and some Web Components technology went into pulling all this together. I figured I'd talk a little bit about the JavaScript side of things. Since there is much of it I will start with the reading side of things, it being the more straightforward part.

More (5%) …

April 17, 2020 @10:40


Being sequestered in the house for the last month and a bit has given me (as I am sure it has most of us) an opportunity to go through the old ~/TODO list. One of the things that has been aging on there has been to finally explore "Serverless Computing" (whomever coined that phrase has forgotten the face of their father). When evaluating the various options available I decided to look at Azure Functions for a variety of reasons. Firstly of the big three, I find Microsoft the least distasteful. Their business model isn't 'harvest everyone's data and sell it while also sometimes doing other things', instead they are an old world corporation who seems to basically have a go-to-market strategy of exchange goods and services for money. Secondly when I first started looking into this they were the only provider to support Python which is my preferred language. I did also look at Cloudflare Workers briefly as running functions at the edge makes a lot more sense to me than running them in a central datacenter but the lack of Python support and the lack of a couple other features (more on that as I talk about requirements) meant I'd need to incorporate their technology with something else which isn't what I was looking to do.

More (10%) …

April 14, 2020 @13:00

Shortly after Christmas I finally broke down and bought myself a MikroTik Wireless Wire kit to connect my network out to my garage. The kit consists of a pair of wAP 60G units pre-paired for a point to point link. About 3 years ago I installed several Ubiquiti UniFi access points, then after adding UniFi Video to the garage I swapped out a failing Linksys switch with a UniFi SW8-150. Throughout all of this the garage remained linked to the house via the UniFi meshing between the UAP-AC-MESH on the garage and the UAP-AC-PRO in the basement. This worked but was not fantastic as the meshing relies on WDS to extend the WiFi to the remote access point. Since WiFi runs over a single set of channels it is inherently half duplex (eg: the AP and the device both use the same channel for transmit and receive), and by extending my network in this manner the performance on the part of the property covered by the basement and garage access points was not what it could have been.

More (30%) …

March 11, 2020 @15:00

The Problem

So I came into the office this morning and noticed that my Ubiquiti USG-3 had upgraded itself from v4.4.44.5213844 to v4.4.50.5272448 and the VPN tunnel was down. I flailed at a few obvious things, reset the clock since it had lost connection to my NTP server, made sure the configuration didn't get wiped, made sure my certificates appeared to be in place. Everything checked out OK and the logs weren't showing anything so I went and cranked up the debug level in /etc/strongswan.d/charon-logging.conf changing the level of both ike and net to 2 and restarting the daemon with ipsec stop and ipsec start. After a bit I noticed the following in /var/log/charon.log:

More (26%) …

February 25, 2020 @17:34

So DNS over HTTPS is coming to Firefox. For most people this is certainly a good thing. When I worked for a national ISP in around 2008 they started snooping DNS queries and sending them off to various ad networks and inserted those stupid advertising laden search pages into user's sessions instead of returning the correct and proper NXDOMAIN response when you mistyped a URL. There were executives which were very pleased with this extra revenue stream and got large bonuses as a result. This was over a decade ago so I can only imagine how this has gotten worse. DNS over HTTPS (and also DNS over TLS) makes this impossible, which is good.

More (22%) …

February 16, 2020 @17:57

Buried in a long rant about general Apple screwyness lately I mentioned that I've been having issues with automount(8) in macOS Catalina. I have been periodically poking around at the system to see if I can figure out why the heck it is happening. The general wonkyness already drove me to convert my iTunes Library backup script to using rsync(1) to use SSH as a transport instead of simply copying to the automounted backup folder.

More (21%) …

February 14, 2020 @22:40

I have not really had the time to sit down and have a good rant about Apple lately. I swear that I try not to get too emotionally invested in products but since I end up using one Apple product or another just about every day the annoyance just seems to pile up and eventually I just need to let it out. I will start on a somewhat nice note by remembering that since switching to OSX back around Snow Leopard and iOS back in 2017 it has mostly been a decent experience. At first I really liked having simple access to Unix style tools in an OS that I didn't need to screw around with. I also appreciated the privacy features and consistent user interface in iOS.

More (8%) …

February 11, 2020 @09:30

I was chasing down random errors last weekend in an effort to cut down on the daily deluge of messages from cron(8) and I realized that it had been several months since the Synology NAS I have at work successfully backed up. It only runs once a week so the e-mails largely got overlooked and somewhat shamefully when I came across them I often suspected that the office Internet connection just dropped mid-transfer.

More (15%) …

Subscribe via RSS. Send me a comment.