Projects on Raspberry Pi

Saving 2.0GJ/yr heating by upgrading heat exchanger

By Atomstar on Saturday 18 April 2020 14:03 - Comments (10)
Categories: RaspberryPi, Smarthome, Views: 3.710

Now that I've been collecting data on my house for a while, I've used this to diagnose and fix a heat leak we had in our Eneco district heating ('stadsverwarming' in Dutch) heat exchanger ('warmteafleverset' in Dutch).

TL;DR: Our 20-year old heat exchanger leaked 2.7 GJ/year, after upgrading to a better insulated one this was reduced to only 0.65 GJ/year, saving 2.0GJ or 50 euros per year! The upgrade was for 'free', meaning it's included in the yearly fee of 90 euro/year. It's unclear why Eneco does not do this pro-actively, but you can also request an upgrade if you say the old one does not suffice anymore.

Update: replies disabled because of spam

Heat exchanger yearly heat loss and cost comparison

Read more »

Automated full-disk backup on Linux/Ubuntu

By Atomstar on Friday 4 October 2019 18:14 - Comments (5)
Categories: Linux, RaspberryPi, Views: 3.357

Now that I'm storing my valuable smart home data (;)) on Raspberry Pi I need a backup in case something goes wrong, most notably a power failure.

I settled on a full-disk rsnapshot incremental backup scheme, combined with explicit influxdb backup which seems to work nicely.

Read more »

Speeding up an nginx webserver

By Atomstar on Saturday 9 February 2019 12:43 - Comments (6)
Categories: Linux, RaspberryPi, Views: 3.184

After properly securing my nginx webserver, I tweaked the cache and connecting settings to improve performance as measured by www.webpagetest.org which I documented below.

The results are as follows, I achieved a 3.2x faster document ready timing, and reduced bandwidth by 18x.

Read more »

Setting up an A+-grade nginx SSL server

By Atomstar on Sunday 27 January 2019 15:25 - Comments (7)
Categories: Linux, RaspberryPi, Security, Views: 4.614

Because I don't want to expose smarthome dashboards (like domoticz or grafana) directly to the internet, I've set up a separate server to publish data beyond my local network. For this I've chosen nginx using let's encrypt certificates renewed by certbot, enabling hsts and fixing the logjam vulnerability.

Read more »

StrongSwan IKEv2 VPN on Raspberry pi

By Atomstar on Monday 24 December 2018 01:08 - Comments (7)
Categories: Linux, RaspberryPi, Security, Views: 14.676

Guide to set up road warrior VPN server (i.e. road warrior = mobile clients connecting to static server, vs e.g. site-to-site connection) using IKEv2 using strongswan on a raspberry pi. This guide is largely based on this digitalocean guide combined with ready-made strongswan configurations.

Update 20181224: added algo VPN configurator
Update 20190223: added cipher analysis / recommendation, clarified eth0 interface use on server, ESP/AH forwarding, added password generation one-liner.
Update 20200801: minor fixes in commands.

Read more »