Michael de Silva's Blog

Software Engineer. Rubyist and Roboticist.

Michael de Silva's Blog

Software Engineer. Rubyist and Roboticist.

Got an app in mind?

Since 2010, I have crafted apps for mobile and web for clients around the world via my consultancy — Inertialbox. My specialities include Rails, client-side Javascript frameworks such as Backbone & Ember.js, TDD/BDD, and DevOps — just to name a few.

We should talk.

2019 Homelab: Network Rebuild

Rack

Homelab: Network Infrastructure

This covers a "rebuild" of an existing network, which previously occupied a single sub-net. This is coupled with 10G hardware from Ubiquity and a pfSense router to provide advanced capabilities to various VLANs.

pfSense: Interfaces & VLANs

The following were configured inside pfSense which acts as the primary router/firewall designated pfsense-master.

Hardware & Interfaces

  • Intel 6700K CPU
  • Asus Z170 Prime-A mainboard
    • em0
  • StarTech.com Dual Port PCI Express (PCIe x4) Gigabit Ethernet Server Adapter - 2 Port Network Card - Intel i350 NIC - GbE Network Card (ST2000SPEXI) (Amazon)
    • igb0
    • igb1
  • Intel X550-T2 10G NIC
    • ix0
    • ix1

Networks

Physical LAN:

  • WAN em0 // 1G NIC on mainboard
  • LAN ix0 // 10.10.0.0
  • UniFi // 10.10.1.0
    • UniFi Cloud Key // 10.10.1.3
  • LAN2 igb1 // 10.10.2.0 -- This is purely a convenience 'console' port for tro ...(continued)

Quickly Get to Grips with React, Redux, and Rematch

Here are a couple videos to help you get started with the basic building blocks on working with React and Redux, without the barrier of TypeScript.

React & Redux

Watch episodes:

Rematch

Picking up Rematch is pretty easy with the additional content linked.

Running pfsense on XCP-NG Xenserver and Installing Xenserver tools

Once pfsense is running, drop into a console as root (or SSH in) and run the following. Then reboot!

pkg install xe-guest-utilities
echo 'xenguest_enable="YES"' >> /etc/rc.conf.local
ln -s /usr/local/etc/rc.d/xenguest /usr/local/etc/rc.d/xenguest.sh
service xenguest start

Thanks to Tom for this bit of info.

How to Setup Citrix XenServer 7 to enable Auto-Start Virtual Machines

First enauble auto-start on the pool

[root@xenserver-master ~]# xe pool-list
uuid ( RO)                : f80d49bb-2b56-4255-25bf-ff287f4865b1
          name-label ( RW):
    name-description ( RW):
              master ( RO): 1b41d284-4353-414d-8a5d-6d8974b2cf94
          default-SR ( RW): fb46ee13-a1c3-646f-1db6-bdcf86d29580


[root@xenserver-master ~]# xe pool-param-set uuid=f80d49bb-2b56-4255-25bf-ff287f4865b1 other-config:auto_poweron=true

Then, select the particular VM you want to auto-start and specify its UUID. In this case, we are getting the docker0 VM to autostart.

[root@xenserver-master ~]# xe vm-list
uuid ( RO)           : 0c9a4c24-07df-494b-805d-464da4a45af8
     name-label ( RW): ansible-tower
    power-state ( RO): halted


uuid ( RO)           : 17fc6df5-8f43-6cc6-69f9-08a9246d8634
     name-label ( RW): docker0
    power-state ( RO): running

[root@xenserver-master ~]# xe vm-param-set uuid=17fc6df5-8f43-6cc6 ...(continued)

Here's my starter project for creating secure APIs in go-lang

Hi all - this is a work in progress. See more on Github.

https://github.com/bsodmike/go-starter-api

The blog is back for 2019 with a BANG!

This is a quick "hello world". Yay.

HOWTO Ubiquity EdgeMAX Ad Blocking Content Filtering using EdgeRouter

This is based on a guide on the Ubnt forums.

Log into your Edgerouter and run the following - sudo -i && vi /config/user-data/update-adblock-dnsmasq.sh This will switch you to the root user and open up vi.

#!/bin/bash

ad_list_url="http://pgl.yoyo.org/adservers/serverlist.php?hostformat=dnsmasq&showintro=0&mimetype=plaintext"
#The IP address below should point to the IP of your router or to 0.0.0.0
pixelserv_ip="0.0.0.0"
ad_file="/etc/dnsmasq.d/dnsmasq.adlist.conf"
temp_ad_file="/etc/dnsmasq.d/dnsmasq.adlist.conf.tmp"

curl -s $ad_list_url | sed "s/127\.0\.0\.1/$pixelserv_ip/" > $temp_ad_file

if [ -f "$temp_ad_file" ]
then
        #sed -i -e '/www\.favoritesite\.com/d' $temp_ad_file
        mv $temp_ad_file $ad_file
else
        echo "Error building the ad list, please try again."
        exit
fi

/etc/init.d/dnsmasq force-reload
sudo -i
chmod a+x /config/user-data/up ...(continued)

How to Secure Your Raspberry Pi with Wifi in 15 minutes

It's best to start off by installing Raspbian onto your Raspberry Pi — which can be accomplished a couple ways. You can install it with NOOBS or download the image and follow the installation guide.

If you download the image directly, it's a simple matter of using Etcher or using dd in Linux/Mac to burn the image to an SD card.

Getting Started

Start off by running the configurator with raspi-config.

Let's start by running some updates and installing some handy tools — these are some of my favourites and I can't do without them -

apt-get update -y && apt-get install -y \
  curl \
  wget \
  git \
  vim \
  htop \
  tmux \
  unzip \
  libssl-dev \
  libffi-dev \
  python \
  python-dev \
  python-pip \
  python3-dev \ ...(continued)

TIL Setting up my FreeNAS 11 Xeon Server

Earlier in June, I set about designing and setting up a FreeNAS server, in preparation to migrate away from my existing dual-Synology RAID based system(s) in place.

My primary Synology unit is a 5-bay DSM1515+ with 5x WD Red Pro 4TB drives, configured with a RAID5 array. This is actually a mistake that I initially made when setting this up, driven at the time by cost motivations to provide the most 'available space' with 2-drive failure redundancy.

I would also replicate and backup data to a second 8-bay DSM1815+ with 6x WD Red Pro 4TB drives. This unit would auto-power on between 1-6am to run all the backups and syncing/replication.

Why RAID5 should never be used.

What I did not know at the time, and really should have, was that RAID systems are typically prone to failing at the time of resilvering (or rebuilding) an error at the time of recovery. Assume you have a RAID5 array, and a single drive dies; you insert a replacement drive, and it is at t ...(continued)

Docker Mac ~ Running Out of Space with "no space left on device”

Having upgraded my local install to the Community Edition (stable), I ran into a scenario where I was receiving a confounding "No space left on device error" error.

Interestingly it seems Docker CE for Mac by default has a max-capacity of 64GB only.

-> % ls -lah ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/Docker.qcow2
-rw-r--r--@ 1 mike  staff    64G 25 May 10:35 /Users/mike/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/Docker.qcow2

-> % docker run --rm ruby:2.3.3 df -h
Filesystem      Size  Used Avail Use% Mounted on
overlay          63G   34G   26G  57% /
tmpfs          1000M     0 1000M   0% /dev
tmpfs          1000M     0 1000M   0% /sys/fs/cgroup
/dev/vda1        63G   34G   26G  57% /etc/hosts
shm              64M     0   64M   0% /dev/shm
tmpfs          1000M     0 1000M   0% /sys/firmware

We can get around this by replacing the original template with a new one, with a size of our ...(continued)

Enabling WOL (Wake on Lan) in Ubuntu 16.10

To enable WOL support, first restart your system and enter the EFI firmware (also called the EFI "BIOS" as a misnomer!). I'm running Asus systems at home, and quite honestly, their new EFI UIs are pretty slick.

In any case, head over to Advanced > APM. In this view, Power On By PCI-E/PCI should be set to enabled. Couple examples of this view are shown below

Now restart your system once more and boot into Ubuntu.

In a terminal run sudo ethtool <interface> where you can find the correct interface via ifconfig -a — obviously pick the one showing the correct IP. At the bottom, you want this output to show Wake-on: g since this indicates wake on Magic Packet is enabled.

mdesilva@skylake:~ sudo ethtool enp0s31f6
[sudo] password for mdesilva:
Settings ...(continued)

Post Archive