Projects on Raspberry Pi
Saving 2.0GJ/yr heating by upgrading heat exchanger
Now that I've been collecting data on my house for a while, I've used this to diagnose and fix a heat leak we had in our Eneco district heating ('stadsverwarming' in Dutch) heat exchanger ('warmteafleverset' in Dutch).
TL;DR: Our 20-year old heat exchanger leaked 2.7 GJ/year, after upgrading to a better insulated one this was reduced to only 0.65 GJ/year, saving 2.0GJ or 50 euros per year! The upgrade was for 'free', meaning it's included in the yearly fee of 90 euro/year. It's unclear why Eneco does not do this pro-actively, but you can also request an upgrade if you say the old one does not suffice anymore.
Update: replies disabled because of spam

Read more »
TL;DR: Our 20-year old heat exchanger leaked 2.7 GJ/year, after upgrading to a better insulated one this was reduced to only 0.65 GJ/year, saving 2.0GJ or 50 euros per year! The upgrade was for 'free', meaning it's included in the yearly fee of 90 euro/year. It's unclear why Eneco does not do this pro-actively, but you can also request an upgrade if you say the old one does not suffice anymore.
Update: replies disabled because of spam

Read more »
Automated full-disk backup on Linux/Ubuntu
Now that I'm storing my valuable smart home data (
) on Raspberry Pi I need a backup in case something goes wrong, most notably a power failure.
I settled on a full-disk rsnapshot incremental backup scheme, combined with explicit influxdb backup which seems to work nicely.
Read more »

I settled on a full-disk rsnapshot incremental backup scheme, combined with explicit influxdb backup which seems to work nicely.
Read more »
Speeding up an nginx webserver
After properly securing my nginx webserver, I tweaked the cache and connecting settings to improve performance as measured by www.webpagetest.org which I documented below.
The results are as follows, I achieved a 3.2x faster document ready timing, and reduced bandwidth by 18x.
Read more »
The results are as follows, I achieved a 3.2x faster document ready timing, and reduced bandwidth by 18x.
Read more »
Setting up an A+-grade nginx SSL server
Because I don't want to expose smarthome dashboards (like domoticz or grafana) directly to the internet, I've set up a separate server to publish data beyond my local network. For this I've chosen nginx using let's encrypt certificates renewed by certbot, enabling hsts and fixing the logjam vulnerability.
Read more »
Read more »
StrongSwan IKEv2 VPN on Raspberry pi
Guide to set up road warrior VPN server (i.e. road warrior = mobile clients connecting to static server, vs e.g. site-to-site connection) using IKEv2 using strongswan on a raspberry pi. This guide is largely based on this digitalocean guide combined with ready-made strongswan configurations.
Update 20181224: added algo VPN configurator
Update 20190223: added cipher analysis / recommendation, clarified eth0 interface use on server, ESP/AH forwarding, added password generation one-liner.
Update 20200801: minor fixes in commands.
Read more »
Update 20181224: added algo VPN configurator
Update 20190223: added cipher analysis / recommendation, clarified eth0 interface use on server, ESP/AH forwarding, added password generation one-liner.
Update 20200801: minor fixes in commands.
Read more »