I’ve wanted to mess about with the whole home automation craze that seems to be going on, but on a fully self-hosted installation (no alexa, no google assistant, my data staying all on my network). After the SelfHosted Podcast mentioned the CloudFree smart plugs, I knew they were the right gear to try out. The smart plugs come from CloudFree which has the plugs pre-flashed with Tasmota.
The quick start guide worked perfectly for the initial setup and getting the smart plugs on my WiFi network. I’ll have that guide below (in case its lost) and continue on with my own instructions for connecting to Home Assistant via MQTT afterwards.
Continue reading “CloudFree Tasmota Smart Plug Setup”
Adding an account to use in authenticating against the LDAP directory is a simple enough. The process is done all within the LDAP directory GUI from the Domain menu option in UCS. Navigate to the “user” container, and select the add button. Select the type of the account to be a “Simple Authentication Account”, pick a username and password and click add.
- Domain -> LDAP Directory
- User Container, Add
- Type: Simple Authentication Account
- Username: my-new-auth-account
- Click Add
This user account can now be used in a service to authenticate against the LDAP server.
Continue reading “Adding UCS Authentication Account”
I encountered some issues when connecting Anope and Inspircd on the docker swarm. When running them on a single node using docker-compose, the services were able to connect just fine to Inspircd, however running in a docker swarm, there were issues in how Inspircd was filtering IPs in the default services XML block.
In order for Inspircd and Anope to talk I had to comment out some of the link block for the services. The allowmask and expected IP address didn’t quite work as intended inside the docker swarm cluster. Since the containers use a local network available to only them, I’m not worried about a rogue services server getting in. This IRC server is also primarily used for developing and testing the IRC bots I have written over the years, so its not a core part of my infrastructure. Below shows the link block that I modified from the default included in the inspircd docker container setup.
Continue reading “Connecting Inspircd and Anope on Docker-Swarm”
Back when I setup my webserver to run wordpress and dokuwiki, all the guides that I found and the guides that I followed had apache get setup with mod_php. However, after seeing this ArsTechnica WordPress Writeup, I realized that this might not have been the best way to get things going. I decided that this would be a good time to upgrade some of my webserver, so I started working on it, while my server was already setup, and the guide was on setting up a new server, the process is nearly identical, the only differences is that I had to disable/enable modules in a certain order for everything to work.
Continue reading “Apache/PHP Update”
After setting up Jenkins to auto build and deploy my IRC bots, I decided to add the next component of a CI/CD stack, automated testing. This was to use ant to run the tests, and JUnit for the testing framework for the application. I’ll be setting this up in both of my Jenkins projects, I have one that just builds my applications, and a second that builds the docker containers and pushes them to the repository.
My Jenkins setup includes 2 builds for each of my projects:
- Java Build
- Builds the java application
- This is just a general Jenkins project that uses ant to build
- Docker Build
- Builds the docker container, tags it, and pushes it to my local docker repository
- This uses Jenkins pipelines to perform the build, tag, push
The docker build pushes my production code and is used by my docker-swarm to update my locally built containers. This is the important build. The general java build is just me experimenting with Jenkins builds following the non-pipeline route.
Continue reading “Automated Testing in Jenkins”
After my initial jenkins setup, I thought my system would be good to go for a long time, however I encountered a problem with permissions after my docker cluster reboot. After all my nodes were back up, and jenkins was running, it could no longer access the docker.sock that it used to handle building and pushing containers. I tried a few things, rebuilding the container, updating it, changing some groups, and found quite a few threads on the topic. Some people had chmod’d the docker.sock to 777 (BAD) or had given jenkins root (ALSO BAD). I ended up finding the solution in using a specific entrypoint script that would determine the group to add to the jenkins user, then launch jenkins using the jenkins user from root.
Most of my additions are from sudo-bmitch’s jenkins-docker repository on GitHub. These include the dockerfile changes and the entrypoint.sh script (as well as the healthcheck mentioned later on).
Continue reading “Jenkins Docker Revisit”
Due to unforeseen events, I ended up having to shutdown all of my servers. Due to this, my docker VM cluster ended up getting its first chance to reboot the entire stack of all nodes. This ended up showing some problems in my configuration sadly, as well as a docker issue I had previously encountered in my raspberry pi cluster.
Continue reading “Docker Cluster Reboot”
I was originally running a home assistant VM using a script that loaded HASS into proxmox, however the HASS.io image didn’t have the tooling that I like having on a machine for general management of the system. I started researching and took a few turns around to find the right installation script, but I did and included the commands below. The following shell commands and script install Home Assistant Supervised on a general X86 machine. This worked fine on Ubuntu 18.04 LTS.
apt-get install -y software-properties-common apparmor-utils apt-transport-https avahi-daemon ca-certificates curl dbus jq network-manager socat
systemctl disable ModemManager
systemctl stop ModemManager
curl -fsSL get.docker.com | sh
curl -sL "https://raw.githubusercontent.com/Kanga-Who/home-assistant/master/supervised-installer.sh" | bash -s -- -m qemux86-64
The default port for HASS is 8123, so go to the server IP:8123 to finish configuration. This will give you all the benefits of the HASSio images for raspberry pi and intel nucs but with your own preferred operating system rather than using the build thats included with the home assistant built images (which are very limited).
Why not? In reality, I always wanted to play with clustering, originally with proxmox and ceph, but I never had enough hardware to do so. I do however have a proxmox node with enough ram that I can host multiple lightweight nodes.
Docker swarm is lightweight enough that I can virtualize the entire cluster on my single proxmox host. While this isn’t fault tolerant like a cluster across multiple nodes, it does mean I can reboot cluster nodes for kernel updates and maintain my uptime. I also am able to add additional docker swarm nodes on separate hardware if I get additional hardware, and there is the benefit of having the cluster load balance itself for which software is running on which node.
Each node in the cluster is identical, each can be replaced by following the exact same process and while I don’t have automated deployment of new nodes, they are still closer to cattle than many of my other virtual machines. Due to the goal of replicated storage between the nodes, I should also be able to take a single node and rebuild the entire cluster if needed, since it would have the entire clusters configuration.
Continue reading “Virtualized Docker Swarm”
I wrote a number of IRC bots a number of years ago, hosting them on my infrastructure. Since building a 3 node docker swarm, I decided that these would be good candidates to use in learning Jenkins for both auto building the software, and building containers. I hadn’t made my own dockerfiles before, nor had I setup proper builds outside of my IDE for these bots before.
Continue reading “IRC Botnet and Jenkins”