Cricalix.Net

Ramblings

  • LXD, dnsmasq, IPv6 reverse lookups

    LXD, dnsmasq, IPv6 reverse lookups

    My residential ISP doesn’t offer reverse lookups for their IPv6 blocks that they delegate out with the PD flag to consumer routers. This causes some annoying slow-downs when talking to the various services I’m running in LXD containers, since a lot of them do reverse DNS lookups. Under the hood, LXD relies on dnsmasq to…

  • Breaking my energy monitoring setup

    Breaking my energy monitoring setup

    The ESP8266 module for the emonTx runs what I’d describe as a pretty basic sketch. It’s functional, but it’s not very good at telling me what’s gone wrong. On Monday, I re-imaged the router to upgrade it. A side effect was a setting I’d changed for the DHCP options (what the local DNS is) wasn’t…

  • Running emoncms in a Linux container

    Running emoncms in a Linux container

    When I was renovating the house I currently live in, I picked up an EmonTx v3 and some clip-on current sensors from OpenEnergyMonitor.org so that I could monitor the house power consumption more accurately than just getting a bill every 2 months from my energy supplier (even with a smart meter installed, they only provide…

  • Rebuilding Cricalix.Net – Part 4

    Rebuilding Cricalix.Net – Part 4

    While on holiday, I read a forum post that mentioned a “new” web server called Caddy. I took a look at it, and was intrigued by the integrated TLS certificate renewal using Let’s Encrypt. With NGINX or Apache, I have to run Certbot or similar to maintain the certificates, and I have to deal with…

  • A summer of tomatoes

    A summer of tomatoes

    This year I decided against growing potatoes, given the blight and other issues I had last year. Instead, I opted for tomatoes (a staple that I grow anyway), runner beans, peppers, courgettes, and butternut squash. The tomatoes grew beyond my expectations, and I even gained a few random plants in the bigger VegTrug that grew…

  • Rebuilding Cricalix.Net – Part 3

    Rebuilding Cricalix.Net – Part 3

    Stumbling blocks and annoyances NGINX and certbot’s default permissions EFF’s certbot writes certificates to /etc/letsencrypt/live/<certificate hostname>/<files>.pem, and sets the permissions to only allow root to read the files. This makes sense from the perspective of a system where processes that need certificates will probably spawn as root, read the certificates to memory, and then spawn…