4 February 2023 · Lesezeit: 2 Minuten
Logstash plays an important part in the Elastic Stack environment. The built-in filters already provide a wide range of functions to manipulate events. In case you need something special you’ve a few choices. You could for example write inline ruby code or package it to a gem and make it an official plugin. Do you want to write ruby code? I for sure don’t.
The approach I want to talk about is using the http filter (🖇️ 🔐) .
Weiterlesen →
28 January 2023 · Lesezeit: 4 Minuten
I’m currently playing around with load balancing traffic from a proxy server to multiple worker services. Everything is done in a plain docker environment so I can only use a compose file. This was my first approach:
--- version: '3.9' services: web: image: nginx deploy: replicas: 4 proxy: image: nginx ports: - 8080:80 volumes: - type: bind source: ./nginx.conf target: /etc/nginx/conf.d/default.conf read_only: true This spawns four nginx containers with nothing but the default “it works” page.
Weiterlesen →
24 October 2022 · Lesezeit: 3 Minuten
· Tags:
ansible
As an ansible user you may be familiar with the failed_when clause of a task. Its condition should resolve to a boolean value and determines if it was successful or not. In my backup playbook I’ve a task creating a tar archive by using the command module. Later on I want to check if an actual POSIX tar archive was created:
- name: Check if a real tar archive was created command: "file /mnt/backups/mail.
Weiterlesen →
18 October 2022 · Lesezeit: 3 Minuten
· Tags:
wireguard
Setting up a Site 2 site VPN with WireGuard is pretty easy provided you have some basic WireGuard and IP routing knowlege. The scope of this guide is to provide sample configurations with additional explanations. You still have to use your brain and think what setup suits you best. This guide also only focuses on the current generation IP protocol IPv6. Legacy IPv4 addressing works exactly the same. This guide is also platform agnostic.
Weiterlesen →
15 October 2022 · Lesezeit: 3 Minuten
· Tags:
opnsense
So you are in the pitty situation that you need to make an IPv4 legacy system or application reachable but your port forwarding rules are not working? And watching a painfully 21 minute long YouTube video from a bearded guy did not help you in any way? Hold back your tears because you have just found the one and only port forwarding guide for OPNsense.
In order for port forwarding to work you need to things:
Weiterlesen →
1 October 2022 · Lesezeit: 1 Minuten
While doing my monthly backups I got a little bit confused. I found an old backup of an LXC container which was not needed anymore. But I was not able to delete it:
rm: cannot remove ‘container_backups/XXX/rootfs/var/log/private’: Read-only file system
Checking with mount the backup filesystem was mounted rw and dmesg also did not indicate a btrfs problem. Missing privileges were also not an issue as I was logged in as root.
Weiterlesen →
28 September 2022 · Lesezeit: 2 Minuten
Due to Iran’s internet blocking I stumbled over Tor’s Snowflake proxy. A pluggable transport plugin based on WebRTC. They work similar to Tor’s bridge and relay system. The standalone proxy which this post is all about is written in golang. Snowflake proxies are not published making it harder to block them. User traffic towards the internet never exits the proxy. The last hop is always a Tor exit node. This makes it easy for people to help without having to deal with abuse reports or worse.
Weiterlesen →
7 July 2022 · Lesezeit: 2 Minuten
Emilia ist ein kleiner, elektrisch angetriebener Bus mit 8 Sitzplätzen, der mit maximal 20 km/h im Regensburger Gewerbepark “autonom” im Kreis fährt. Hier die Webseite dazu (🖇️ 🔐) . Autonomes Fahren interessiert mich sehr und angefixt von einem TVA Fernsehbeitrag (🖇️ 🔐) und einem Video über die verbaute Technik musste ich dieses Gefährt live erleben.
Auf dem Bus ist eine GNSS Antenne, ein LiDAR Sensor und ein Mobilfunkmodem. Während dieses Testbetriebs fährt ein Begleiter mit, der mit Hilfe eines Xbox Controllers bei Bedarf eingreifen (steuern) kann.
Weiterlesen →
7 March 2022 · Lesezeit: 1 Minuten
· Tags:
opnsense
wireguard
My WireGuard on OPNsense 22.1 suddenly stopped working out of nowhere and would not restart:
root@firewall:~ # /usr/local/etc/rc.d/wireguard restart
wg-quick: ‘wg0’ is not a WireGuard interface
wg-quick: ‘wg0’ already exists
Checking the wg0 interface via ifconfig told me that was a lie:
root@firewall:~ # ifconfig wg0
wg0: flags=8002<BROADCAST,MULTICAST> metric 0 mtu 1420
options=80000
groups: tun wireguard
nd6 options=103<PERFORMNUD,ACCEPT_RTADV,NO_DAD>
A hanging interface is thankfully not new to me. I’ve dealt with many of them before when I was still OpenVPN.
Weiterlesen →
12 November 2021 · Lesezeit: 2 Minuten
Die Gen 3 Wallbox von Tesla war KFW 440 förderfähig und muss deshalb in der Theorie vom Energieversorger gesteuert werden können. Meine Theorie ist, dass es deshalb eine nicht offiziell dokumentierte API gibt. Bis diese Steuerung spruchreif ist und die API nach “außen” hin verfügbar ist wäre es eine Schande diese nicht für eigene Zwecke zu benutzen. Die Wallbox muss dazu ins eigene WLAN eingebucht sein.
API Übersicht Über die IP der Wallbox kann man die REST API abfragen.
Weiterlesen →
