Pi-Hole, FritzBox, and IPv6

Posted on by

it is the year 2019 and IPv6 still “almost works” – Today’s exhibit: The Pi-Hole

Long story short: Pi-Hole needs a couple checkboxes and command line options to properly do IPv6. Also most home routers still suck when it comes to IPv6.

I am also stubborn enough to identify and engineer ways around the issues that arise. Especially with an ISP like XS4ALL this just has to work.

The pi-hole is a nice project based on a raspberry Pi that adds a DNS resolver/cache combined with an ad-blocker in your network. That way you don’t need to use dubious browser plugins plus it also works for all mobile devices and appliances in your network.

Personally I even find it speeds up browsing as many requests are served from cache a lot better than from your typical home router. Also you can chose different DNS resolvers like OpenDNS and friends, which are not subjected to patriot act and/or corporate censorship. But more about that later.

The pi-hole does assign a IPv6 address and reacts to DNS requests on that address but now the fun begins. Every SoHo router has a way to assign static IP addresses or create static DHCP entries by mac address. IPv4 addresses… But try doing that in IPv6 and you will learn quickly that there is a difference between “works with IPv6” and “does IPv6 just like IPv4”

Also things like “global address” meaning the address should just be routed, not NAT-ted (typcial IPv4 home router has one IPv4 address that is used with PAT/overloading) – IPv6 should make that redundant. but its difficult to “draw the line” between net and host there. (also people seem to not understand that opening a port on a firewall is just as secure as hiding that host behind NAT/PAT. In fact, it should even be easier but hey..

so long story short: (needs more screenshots)

it used Google’s DNS as a forward target.

difference from default setup:
– IPv6 forwarding is enabled (settings > DNS)
– /etc/pihole/setupVars.conf needed editing > IPv6 address was changed after reboot
– I also edited /etc/pihole/pihole-FTL.conf, and added AAAA_QUERY_ANALYSIS=yes
– I restarted pihole-FTL with: systemctl restart pihole-FTL

check in the Fritz Box under advanced > network > IPv6 addresses and set up the new IPv6 address as advertised DNSv6 server (confirm with phone)

do the same for ipv4 (instead of itself, the box should advertise the pi-hole as DNS server/cache/resolver)

somehow I think I should use one of my remote machines to monitor availability for IPv4 and IPv6 – I don’t trust this setup just yet but I also need to read a lot on how IPv6 is “supposed” to be done (static seems weird. SLAAC seems a workaround. Three has to be a better way)

 

 


Zwift – or how I learned to enjoy working out

Posted on by

So I eat too much. Or my metabolism is too efficient. Either way, if I don’t work out I get fat. Slowly but steady. Also, I eat when I am stressed so it’s a spiral that I need to avoid. (not even thinking of the benefits of exercise on my mental health. yea.. Depression, I am talking about you!)

I have been to the Gym, I have had a personal trainer, had the evening walks scheduled and I found out I have gotten really good at finding excuses not to go to sports – even to the point of creating escalations at work so I can not make it home in time for the sports class.

Also I love biking so a friend pointed me to zwift. It is basically a MMO sports “game” – I will come to the point of game later but I must say, this eliminates all but one of the possible reasons for me not to exercise. Rain, cars, darkness, time, etc.. all do not apply anymore. And it is either recreational or follows a strict schedule. I can decide on the workout.

the “view” in 1st person. Obviously I need that. I am not a console gamer, FPV FTW!

I chose for the “budget” setup, re-purposing a cheap racebike – there are also solutions out there that work directly with zwift (and other setups) and are a lot more powerful, like the Tacx Neo 2 Smart but that’s something for when the bike and/or the trainer dies.

Right now I used the following components, most of them I had in house already, I only had to buy the actual trainer and the ANT+ sensor (I learned later that you can even save on that by routing the heart and cadence/rpm/wattage signal via your phone and bluetooth using the companion app)

  • Tacx Flow Smart trainer (Decathlon exclusive) – 250,- euro
    • Upgrade 2022: Tacx Neo 2T (> 1000 euros but worth it!) I reached the limit of the flow! also.. it’s super quiet!
  • A mat to absorb vibration / protect against sweat (you will sweat!) and noise – 20 euro
  • ANT+ sensor for USB – 15 – 40 euro (amazon vs. branded)
  • pulse meter – bluetooth and/or ANT – 35 euros
  • two fans for cooling/airflow – honeywell – 25 euro each
  • A Zwift subscription (15/month. that one hurts. There is free software out there, like bkool and rouvy but I like the ‘data porn’ approach of Zwift and I dig the massive multiplayer aspect.

the rest of the things I already owned / they accumulate and some things were donated by friends.

  • an old bike (second hand, 100 euro)
  • an old TV / large monitor used as a monitor (free as I had it over)
  • a computer that can run 3d software (anything above Intel 4000 GMA will do)
  • an old soundbar and subwoofer. Motivation starts at 140-160 bpm
  • a table / stand to get the TV higher
  • Drum and Bass music! ~170 bpm works best for cardio!
first setup

Been doing this for a year now.. so far it works and I am neither bored, nor annoyed, nor do I get embarrassed or otherwise distracted. Also no excuses. That thing stands in front of me and I can not ignore it. No matter the time or mood or weather.

It’s only me, music and Rule 5 ;)

My next home will have a dedicated training room. That much I know.

update: I have my next home – and a new trainer setup – Zwift now has “disable UI” option! <3 – thank you

the new painstation
interface enabled

interface disabled
for extra pain: chin-ups!

UPDATE 2022: Tacx Neo 2T – because I am rich :P nah.. it’s just.. incredibly quiet and I am a good neighbour. (they kept complaining about the washing machine that I run) also about the loud dnb music. Not going to stop with that, though :P

data porn at the end of a session

a life hack for men…?

Posted on by

Someone on the internet pointed out that there are two things that men should understand in order to evolve beyond neandertal/patriarcy mindset.

  • being nice does not entitle you to sex, it is the bare minimum (on which you can (and should) build up from) – you can always improve!
  • sexism is not ok. never.

But I also found out (by talking to people and observing people) that many men are not even aware they are being sexist. This may have multiple reasons (I blame the parents but it could also be something hard-wired.. or hormones.. or a combination of the three…)

Anyway: it’s called “The Rock Test” 
Source: Medium

it basically comes down to:

before you open your mouth and make that comment, replace the visual image of the woman with The Rock. Would you still make that comment?

or. as the author said herself:

It’s as clear cut as this: Treat all women like you would treat Dwayne “The Rock” Johnson.

Fedora 27 install log

Posted on by

installing Fedora 27 on my laptop, some notes on qemu/libvirt and rpmfusion

rpmfusion is still needed for vlc and other goodies although it gets less important

qemu/virt-manager can now nicely run windows 10, just keep a few things in mind:
from: https://pve.proxmox.com/wiki/Windows_10_guest_best_practices

Prepare

To obtain a good level of performance, we will install the Windows VirtIO Drivers during the Windows installation.

Create a new VM, select “Microsoft Windows 8/2012” continue and mount your Windows 10 ISO in the CDROM drive
For your virtual hard disk select “VirtIO” as bus and “Write back” as cache option for best performance (the No cache default is safer, but slower)
Configure your memory settings as needed, continue and set “VirtIO (paravirtualized)” as network device, finish your VM creation.
For the VirtIO drivers, upload the driver ISO (use the stable VirtIO ISO, get it from here) to your storage, create a new CDROM drive (use “Add -> CD/DVD drive” in the hardware tab), and load the Virtio Drivers ISO in the new virtual CDROM drive
Now your ready to start the VM, just follow the Windows installer.

Launch Windows install using DVD .iso

After starting your VM launch the console
Follow the installer steps until you reach the installation type selection where you need to select “Custom (advanced)”
Now click “Load driver” to install the VirtIO drivers for hard disk and the network. (successfully tested with “virtio-win-0.1.118.iso”)
https://fedoraproject.org/wiki/Windows_Virtio_Drivers#Direct_download
hard disk: Browse to the CD drive where you mounted the VirtIO driver and select folder “viostor\w10\amd64” and confirm. Select the “Red Hat VirtIO SCSI controller” and click next to install it. Now you should see your drive.
Network: Repeat the steps from above (click again “Load driver”, etc.) and select the folder “NetKVM\w10\amd64”, confirm it and select “Redhat VirtIO Ethernet Adapter” and click next.
Memory Ballooning: Again, repeat the steps but this time select the “Balloon\w10\amd64” folder, then the “VirtIO Balloon Driver” and install it by clicking next. With these three drivers you should be good covered to run a fast virtualized Windows 10 system.
Choose the drive and continue the Windows installer steps.

Now, Cortana will chat, mute her or talk to her, this installs windows 10.

Once the install is done, make sure to check device manager for missing drivers, use the ISO to install them.

4 GB RAM and 2 CPUs work reasonably fine for me. 3D acceleration is.. I didn’t get SPICE to work properly with my intel integrated graphics.

The normal display driver however works quite well when installing the qxldod driver
from the CD: viostor\w10\amd64\ right-click the .inf file and install

also, install the 64 bit version of the guest-agent.

change is good

Posted on by

I forgot how good it feels to change, to be active.

Life is changing and I am part of it. I am not afraid anymore.

I must not fear.
Fear is the mind-killer.
Fear is the little-death that brings total obliteration.
I will face my fear.
I will permit it to pass over me and through me.
And when it has gone past I will turn the inner eye to see its path.
Where the fear has gone there will be nothing.
Only I will remain.

Fedora 23 TRIM SSDs

Posted on by

running fedora 23 with full-disk encryption on an SSD – no TRIM support?

fstrim: /home: the discard operation is not supported

now.. it is not in fstab because we run crypto so let’s do this the right way: (I think)
sources: neutrino.es
and christophersmart.com

1) in /etc/crypttab add “discard” to your crypto partition


luks UUID=4aa302cb-4b9a-413b-a862-9856ed5ddbba none discard

2) in /etc/lvm/lvm.conf, at the end of the ‘devices’ section, set “issue_discards = 1

3) rebuild initramfs and reboot
grubby --update-kernel=ALL --args=rd.luks.options=discard
dracut -f
reboot

now it should work, check with fstrim –verbose –all

# fstrim –verbose –all
/home: 53,9 GiB (57874288640 bytes) trimmed
/boot: 324,6 MiB (340356096 bytes) trimmed
/: 21,9 GiB (23504187392 bytes) trimmed

4) use systemctl to run a weekly job for that
systemctl ebable fstrim.timer
systemctl start fstrim.timer
systemctl status fstrim.timer

result:

# systemctl status fstrim.timer
● fstrim.timer – Discard unused blocks once a week
Loaded: loaded (/usr/lib/systemd/system/fstrim.timer; enabled; vendor preset: disabled)
Active: active (waiting) since Do 2016-06-16 07:27:27 CEST; 15min ago
Docs: man:fstrim

Jun 16 07:27:27 anakin systemd[1]: Started Discard unused blocks once a week.
Jun 16 07:27:27 anakin systemd[1]: Starting Discard unused blocks once a week.

UPDATE: Seems Fedora 24 understands the kernel boot argument so:
edit /etc/default/grub and add rd.luks.options=discard to the end

GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR=”$(sed ‘s, release .*$,,g’ /etc/system-release)”
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT=”console”
GRUB_CMDLINE_LINUX=”rd.lvm.lv=fedora/root rd.luks.uuid=luks-4aa302cb-4b9a-413b-a862-9856ed5ddbba rd.lvm.lv=fedora/swap r
hgb quiet rd.luks.options=discard
GRUB_DISABLE_RECOVERY=”true”

now just rebuild grub and the initramfs step should not be neccessary, anymore… (you do need the lvm part and the systemd timer)
grub2-mkconfig -o /boot/grub2/grub.cfg

owncloud ubuntu 16.04 and logwatch

Posted on by

log of installing owncloud on ubuntu server 16.04 with logwatch

following the default install manual
https://doc.owncloud.org/

decide for root webserver or subdomain
(cloud.[domain].[tld]) or just my homeserver

moving data dir elsewhere and setting permissions

set up letsencrypt

open firewall for https

adding logwatch scripts
https://forum.ubuntuusers.de/topic/logwatch-owncloud/
https://htpcfreak.com/server/owncloud-log-in-logwatch-deel-1/
https://htpcfreak.com/server/owncloud-log-in-logwatch-deel-2/