It turns out that describing my new Thoughts system has turned into a three part series. You probably want to go back and read the previous two articles before reading this one.
Ages ago I built
a FlightAware ADS-B feeder on a
Raspberry Pi Model B Rev 1.
To this day it is still running and happily feeding data to both
FlightAware and FlightRadar24. Earlier this
year I even built another feeder for the
UAT variant. Well FlightAware finally
released support for
Raspbian (Debian) 10.0 (Buster)
so I decided that it was time to upgrade. At first I started down the path of
simply making a new manifest for Puppet which readers of
this blog might recognize as my preferred configuration management utility.
Well the two feeders I have are both rather under-powered and have pretty small
memories. Since the SDR decoding process takes up so much CPU time and memory
is already very thin running the Puppet agent just didn't make a lot of sense. It turns
out that "look at Ansible again" has been sitting
around aging nicely in my ~/TODO so I figured why not.
Last Friday I deployed my new Azure Functions based Thoughts application to this website and wrote about the Python bits of it. Towards the end of that entry I mentioned that quite a bit of JavaScript and some Web Components technology went into pulling all this together. I figured I'd talk a little bit about the JavaScript side of things. Since there is much of it I will start with the reading side of things, it being the more straightforward part.
Introduction
Being sequestered in the house for the last month and a bit has given me
(as I am sure it has most of us) an opportunity to go through the old
~/TODO list. One of the things that has been aging on there has been
to finally explore "Serverless Computing" (whomever coined that phrase
has forgotten the face of their father). When evaluating the various
options available I decided to look at
Azure Functions
for a variety of reasons. Firstly of the big three, I find Microsoft the
least distasteful. Their business model isn't 'harvest everyone's data and
sell it while also sometimes doing other things', instead they are an old
world corporation who seems to basically have a go-to-market strategy of
exchange goods and services for money. Secondly when I first started
looking into this they were the only provider to support
Python which is my preferred language.
I did also look at Cloudflare Workers briefly as running functions at the edge
makes a lot more sense to me than running them in a central datacenter but
the lack of Python support and the lack of a couple other features (more
on that as I talk about requirements) meant I'd need to incorporate their
technology with something else which isn't what I was looking to do.
Shortly after Christmas I finally broke down and bought myself a MikroTik Wireless Wire kit to connect my network out to my garage. The kit consists of a pair of wAP 60G units pre-paired for a point to point link. About 3 years ago I installed several Ubiquiti UniFi access points, then after adding UniFi Video to the garage I swapped out a failing Linksys switch with a UniFi SW8-150. Throughout all of this the garage remained linked to the house via the UniFi meshing between the UAP-AC-MESH on the garage and the UAP-AC-PRO in the basement. This worked but was not fantastic as the meshing relies on WDS to extend the WiFi to the remote access point. Since WiFi runs over a single set of channels it is inherently half duplex (eg: the AP and the device both use the same channel for transmit and receive), and by extending my network in this manner the performance on the part of the property covered by the basement and garage access points was not what it could have been.
The Problem
So I came into the office this morning and noticed that my Ubiquiti USG-3
had upgraded itself from
v4.4.44.5213844
to
v4.4.50.5272448
and the VPN tunnel was down. I flailed at a few obvious things, reset the
clock since it had lost connection to my NTP server, made sure the
configuration didn't get wiped, made sure my certificates appeared to be in
place. Everything checked out OK and the logs weren't showing anything so
I went and cranked up the debug level in /etc/strongswan.d/charon-logging.conf
changing the level of both ike and net to 2 and restarting the daemon with
ipsec stop and ipsec start. After a bit I noticed the following in
/var/log/charon.log:
So DNS over HTTPS is coming to Firefox. For most people this is certainly a good thing. When I worked for a national ISP in around 2008 they started snooping DNS queries and sending them off to various ad networks and inserted those stupid advertising laden search pages into user's sessions instead of returning the correct and proper NXDOMAIN response when you mistyped a URL. There were executives which were very pleased with this extra revenue stream and got large bonuses as a result. This was over a decade ago so I can only imagine how this has gotten worse. DNS over HTTPS (and also DNS over TLS) makes this impossible, which is good.
Buried in a long rant about general Apple screwyness lately I mentioned that I've been having issues with automount(8) in macOS Catalina. I have been periodically poking around at the system to see if I can figure out why the heck it is happening. The general wonkyness already drove me to convert my iTunes Library backup script to using rsync(1) to use SSH as a transport instead of simply copying to the automounted backup folder.
I have not really had the time to sit down and have a good rant about Apple lately. I swear that I try not to get too emotionally invested in products but since I end up using one Apple product or another just about every day the annoyance just seems to pile up and eventually I just need to let it out. I will start on a somewhat nice note by remembering that since switching to OSX back around Snow Leopard and iOS back in 2017 it has mostly been a decent experience. At first I really liked having simple access to Unix style tools in an OS that I didn't need to screw around with. I also appreciated the privacy features and consistent user interface in iOS.
I was chasing down random errors last weekend in an effort to cut down on the daily deluge of messages from cron(8) and I realized that it had been several months since the Synology NAS I have at work successfully backed up. It only runs once a week so the e-mails largely got overlooked and somewhat shamefully when I came across them I often suspected that the office Internet connection just dropped mid-transfer.
Back in 2014 I built a FlightAware ADS-B feeder using a Raspberry Pi and a USB SDR dongle. While all commercial traffic is required to use the 1090MHz 'Extended Squitter' extension to the Mode S transponder as of January 1, 2020 there is an option for the general aviation community known as UAT, which operates on 978MHz and is meant to provide more affordable in-aircraft equipment for aircraft that will not operate above 18,000 ft MSL. Now that adoption is mandatory in US controlled airspace, I wanted to add UAT capability to my surveillance site. Since the 1090MHz feeder uses most of the capability of the Raspberry Pi in it, I decided to use a Raspberry Pi Zero W that I had laying around to build a separate feeder for UAT.
A while back I began working on replacing MRTG and RRDtool. I have written about the major parts of this previously, but the one feature of RRDtool that I needed to support was the summarization and retention policies. The RRDtool database will automatically consolidate and roll off values stored based on the definitions setup when the database is created. This is used by MRTG to generate the 'Daily' graph with a 5 minute average, the 'Weekly' graph with a 30 minute average, the 'Monthly' graph with a 2 hour average and the 'Yearly' graph with a daily average.
Edited: November 11, 2021 @14:11
Last night I had a need to put together a new OpenBSD machine. Since I already use DigitalOcean for one of my public DNS servers I wanted to use them for this need but sadly like all too many of the cloud providers they don't support OpenBSD. Now they do support FreeBSD and I found a couple writeups that show how to use FreeBSD as a shim to install OpenBSD.
I've been using iOS 13 since the public beta and have has some... unkind things to say already. I will pile a few other complaints on as an introduction here to set the tone. The most general one I have is that the random new animations in the UI that seem to periodically result in slowdowns or lost taps. iOS 13.1 had a horrible bug where it would not let you scroll while the selection animation was running in a list view (like in Mail), but at least that seems to be fixed in 13.2. Finally the continuing user anti-experience that I complained about in my impressions of iOS 11 post continues. It takes at least 3 taps to get anywhere useful in half of the stock apps now because of the stupid defaults views. Music and Podcasts are my most frequently used examples of this but the App Store is now totally useless. I don't even think there is a way to just list all the apps in a single category anymore. So good luck if you aren't searching for an app by name or looking for one of the 100 most popular apps out of the however many million apps in there. Good thing Apple doesn't lock you into their App Store for getting software on your device... oh... wait.
I think it's pretty clear that I have a pretty large pile of technology laying around. Most of it exists to bend some of the more vile trends in technology to my will (for example, I force everything to use my own DNS resolvers which have extensive block lists and force all requests that go out to the Internet to use DNS-over-TLS so my ISP can't intercept my DNS requests to profile me), but I also believe that if you are involved in technology you should try to host as much of your own online presence as you can.