Linux (or macOS) related

Automated full-disk backup on Linux/Ubuntu

By Atomstar on Friday 4 October 2019 18:14 - Comments (5)
Categories: Linux, RaspberryPi, Views: 2.531

Now that I'm storing my valuable smart home data (;)) on Raspberry Pi I need a backup in case something goes wrong, most notably a power failure.

I settled on a full-disk rsnapshot incremental backup scheme, combined with explicit influxdb backup which seems to work nicely.

Read more »

Tunnel Apple AirPlay/Bonjour across zones in OpenWRT Firewall

By Atomstar on Friday 20 September 2019 21:20 - Comments (2)
Categories: Linux, Security, Views: 1.133

I've separated my wifi on my OpenWRT (18.06.2) router (Netgear R7800) in a guest zone and a lan zone for security purposes (well not really, I did it because it was possible). One service I want to allow from guest -> lan zone is Airplay, which uses multicast traffic (Bonjour). It turns out to be very simple to forward Airplay:
  1. Forward ports from guest -> lan as listed by Apple
  2. Install avahi-utils, avahi-dbus-daemon, libavahi-client and libavahi-dbus-support as suggested by this post
  3. Profit!
Below I note some more details.

Read more »

InfluxDB retention policy and data downsampling

By Atomstar on Saturday 15 June 2019 12:52 - Comments (1)
Category: Linux, Views: 1.526

Goal: set up data downsampling scheme on existing collectd data.

This article elaborates the official InfluxDB guide here (https://docs.influxdata.c...wnsampling_and_retention/)
where we already have a database with existing measurements that we want to
keep.

I'd like to downsample my collectd data on ping, memory, load, etc. data from
two machines. I only want high (minute) time resolution for a few days, then
downsample to save space.

Update:
  • instead of using different field/measurement names (e.g. mean_value in ping_hourly), one can use the same measurement and field name to make querying more easy.
  • using grafana variables, one can use dynamic retention policy (RP) use, e.g. use the right RP for the right time range


Read more »

Speeding up an nginx webserver

By Atomstar on Saturday 9 February 2019 12:43 - Comments (6)
Categories: Linux, RaspberryPi, Views: 2.658

After properly securing my nginx webserver, I tweaked the cache and connecting settings to improve performance as measured by www.webpagetest.org which I documented below.

The results are as follows, I achieved a 3.2x faster document ready timing, and reduced bandwidth by 18x.

Read more »

Setting up an A+-grade nginx SSL server

By Atomstar on Sunday 27 January 2019 15:25 - Comments (7)
Categories: Linux, RaspberryPi, Security, Views: 3.969

Because I don't want to expose smarthome dashboards (like domoticz or grafana) directly to the internet, I've set up a separate server to publish data beyond my local network. For this I've chosen nginx using let's encrypt certificates renewed by certbot, enabling hsts and fixing the logjam vulnerability.

Read more »