Linux (or macOS) related

Securely wiping SSDs

By Atomstar on Sunday 29 December 2019 10:57 - Comments (14)
Categories: Linux, Security, Views: 3.284

Wiping data carriers can protect personal data when reselling these. Since SSDs have quite some error-handling and buffering logic, these are more difficult to wipe.

I document my best-known method here. TL;DR: as commenters pointed out, ideally use OS-level encryption, then throw away the key. Alternatively, built-in security erasing via hdparm, combined with shred.

Read more »

Infrared remote control hell with an Intel NUC, Logitech Harmony, lirc, ir-keymap and Kodi

By Atomstar on Monday 11 November 2019 09:00 - Comments (3)
Categories: HTPC, Linux, Views: 1.676

So I got a new (second hand) Harmony Remote and would like to control my AV setup with this. I document my findings in the jungle of IR control on Linux here.
  1. Old situation: Kodi (on Intel NUC/Ubuntu 18.04) controlled via LIRC using Apple TV remote
  2. Desired situation: Samsung TV + Pioneer AV receiver + Kodi on NUC controlled with Logitech Harmony and Kodi also with the Apple TV remote.
What's working:
  • Harmony remote controls all devices
  • AppleTV and Harmony can both navigate Kodi
  • Harmony shuts down Kodi and NUC
What's not working:
  • Kodi doesn't detect all keys from Apple TV remote (e.g. KEY_OK / KEY_MENU / KEY_BACKSPACE). Workaround: use KEY_DELETE and remap in Kodi's keyboard.xml
What's unclear:
  • Why does evtest show two IR event inputs?
  • Why does Kodi have multiple keymaps?


Read more »

Automated full-disk backup on Linux/Ubuntu

By Atomstar on Friday 4 October 2019 18:14 - Comments (5)
Categories: Linux, RaspberryPi, Views: 2.922

Now that I'm storing my valuable smart home data (;)) on Raspberry Pi I need a backup in case something goes wrong, most notably a power failure.

I settled on a full-disk rsnapshot incremental backup scheme, combined with explicit influxdb backup which seems to work nicely.

Read more »

Tunnel Apple AirPlay/Bonjour across zones in OpenWRT Firewall

By Atomstar on Friday 20 September 2019 21:20 - Comments (2)
Categories: Linux, Security, Views: 1.853

I've separated my wifi on my OpenWRT (18.06.2) router (Netgear R7800) in a guest zone and a lan zone for security purposes (well not really, I did it because it was possible). One service I want to allow from guest -> lan zone is Airplay, which uses multicast traffic (Bonjour). It turns out to be very simple to forward Airplay somewhat difficult to diagnose or get this working. In the end I made the AppleTV part of two zones by connecting LAN to local zone and WLAN to guest zone.

Some required steps include (but are not sufficient):
  1. Install avahi-utils, avahi-dbus-daemon, libavahi-client and libavahi-dbus-support as suggested by this post
  2. Forward ports from guest -> lan as listed by Apple
  3. Power cycle/reboot router, AppleTV, and clients (just to be sure)
  4. Profit! --> still doesn't seem to work stable
Unfortunately, I was not able to get this working with my Pioneer VSX-510 which supports AirPlay (v1) natively. Below I note some more details.

Read more »

InfluxDB retention policy and data downsampling

By Atomstar on Saturday 15 June 2019 12:52 - Comments (1)
Category: Linux, Views: 2.163

Goal: set up data downsampling scheme on existing collectd data.

This article elaborates the official InfluxDB guide here (https://docs.influxdata.c...wnsampling_and_retention/)
where we already have a database with existing measurements that we want to
keep.

I'd like to downsample my collectd data on ping, memory, load, etc. data from
two machines. I only want high (minute) time resolution for a few days, then
downsample to save space.

Update:
  • instead of using different field/measurement names (e.g. mean_value in ping_hourly), one can use the same measurement and field name to make querying more easy.
  • using grafana variables, one can use dynamic retention policy (RP) use, e.g. use the right RP for the right time range


Read more »