Home Assistant Behind Reverse Proxy
To set-up a reverse proxy I took the following steps: configure DNS get Letsencrypt certificates Configure NGINX Configure Home Assistant to trust the proxy ...
Post tagged: configuration
Home Assistant HTTP Based Authentication Backend
This recipe is to authenticate users using a web server providing Basic HTTP authentication for it users. This is useful if you want to consolidate users/passwords in a single system. So instead of managing users on Home Assistant you can have all users managed from a central location. ...
Moving to Home Assistant
I am busy moving away from my VeraEdge installation to a Home Assistant running on a Raspberry Pi 4. This is because it looks like the maker of the VeraEdge was bought and it is slowly being phased out. For this I am using the following parts: ...
voidlinux virtualization
This recipe is for setting virtualization on a voidlinux desktop. Use this setup script to set things up on void linux. Connecting to libvirtd Note that virsh and virt-manager commands connect to different libvirtd sessions by defauult. virsh defaults to qemu:///session while virt-manager to qemu:///system. ...
My tale of IPv6 blues
My ISP provider is KPN. They recently enabled IPv6 in my street. I was using before a IPv6 Tunnel Broker, starting with SixXS and after they went out, with Hurricane Electric. So naturally, I decided to switch to KPN's native IPv6 service. They provide a /64 prefix, which is reasonable. Would be better ...
Linux HDMI hotplug
Now in 2024 this is usually no longer needed. A more current solution is: https://github.com/phillipberndt/autorandr The point of this article is to document I workaround that I came ...
PulseAudio hints and tricks
PulseAudio is nowadays the default sound system in many Linux distributions. It lets you do a number of useful things. PulseAudio comes with a handy command line utility pacmd to do a number of things. pacmd commands ...
nginx's auth_request_module howto
This article tries to supplement the nginx documentations regarding the auth_request module and how to configure it. In my opinion, that documentation is a bit incomplete. What is the nginx's auth_request module The documentation for this module says, it implements client ...
using cachefiles on an Linux NFS share
If you often mount and access a remote NFS share on your system, you will probably want to know how to improve NFS file access performance. One possibility is using file caching. In Linux, there is a caching filesystem called FS-Cache which enables file caching for network file systems such as NFS. FS-Cache is built into the Linux kernel 2.6.30 and higher. ...
CyberWorld 2017.1
Development travis cordova build ...
Writing Safe Shell scripts
Writing shell scripts leaves a lot of room to make mistakes, in ways that will cause your scripts to break on certain input, or (if some input is untrusted) open up security vulnerabilities. Here are some tips on how to make your shell scripts safer. Don't The simplest step is to avoid using shell at all. Many higher-level languages are both easier to write the code in in the first place, and avoid some of the issues that shell ...
Windows administration from the command line
Windows system administration is very mouse driven and to reach all tools you need to browse through Windows explorer. If you are like me and prefer to log on a limited privilege account and use Runas to perform admin tasks, you can open these consoles with the .msc file names. Here is a list of admin tools with their .msc file names. domain.msc: AD Domains and Trusts ...
Deploying Kerberos based SSO
This article goes over how to implement Single-Sign-On on Linux. It goes over the integration around the Kerberos service and the applications, like for example FireFox. Pre-requisites ...
Let's Encrypt
This is a service that let's you get SSL certificates for HTTPS. These certificates are trusted by major browsers. See Let's Encrypt This is a barebones howto to get SSL certificates: git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt This contains the client software for let's encrypt. ./letsencrypt-auto certonly --manual This will start by updating and getting any needed dependencies and then jump to a wizard like configuration to get this done. Follow the prompts and pay special attention on the prompt used to validate your domain. (You need to create a couple of folders and a file with the right content). Afterwards your certificates will be in: ...
Kerberos Client
This simple mini how-to goes over the configuration of a linux system so it can use a Kerberos Realm server for authentication. Make sure you have the pam_krb5 rpm files installed. You can check this by running the rpm -qa | grep pam command and seeing whether the pam_krb5 rpm files are listed. If they aren't, you can typically download them in an update of the Linux or Unix operating system that you are running. ...
HP Envy 4504 Set-up
I bought a HP Envy 4504. Overall I am happy with it. This is how I configure it so I can use with Linux. This mini howto applies to ArchLinux, void linux and Centos/RedHat distributions. Installation Archlinux: cups, hplip, python2, sane ...
Enable local file caching for NFS share on Linux
In Linux, there is a caching filesystem called FS-Cache which enables file caching for network file systems such as NFS. FS-Cache is built into the Linux kernel 2.6.30 and higher. In order for FS-Cache to operate, it needs cache back-end which provides actual storage for caching. One such cache back-end is cachefiles. Therefore, once you set up cachefiles, it will automatically enable file caching for NFS shares. ...
Driving Continuous Integration from Git
Testing, code coverage, style enforcement are all check-in and merge requirements that can be automated and driven from Git. If you're among the rising number of Git users out there, you're in luck: You can automate pieces of your development workflow with Git hooks. Hooks are a native Git mechanism for firing off custom scripts before or after certain operations such as commit, merge, applypatch, ...
Askozia Desktop Appliance
So last weekend finally had some time to work with a Askozia Desktop Appliance. It actually arrived much earlier but without a Power Supply. Initially I though, "this is strange; I didn't know this supported PoE". (Power Over Ethernet). It turns out it didn't and there was a shipping mistake. After contacting the vendor, they sent me the required Power Supply. Overall I think the product is quite nice. It has a very nice User Interface that is quite easy to use. Simple configurations are indeed very easy to set-up. My feeling is that, as with any GUI, it usually trades user-friendly with expressiveness. So while I could configure most of the things I wanted from the UI, it did not support my home network topology fully. Initially, I had a DMZ vs Home-LAN configuration, with the Askozia box in the DMZ. Because the separation between the DMZ and the Home-LAN was through the router, it considered all the IP phones (in the Home-LAN) on the other side of the NAT, so things did not work properly. ...
Diskless Archlinux
I am still to test this recipe Server Configuration First of all, we must install the following components: A DHCP server to assign IP addresses to our diskless nodes. A TFTP server to transfer the boot image (a requirement of all PXE option roms). ...