UPS Battery Replacement for My Cloud

The electricity system in Germany is quite reliable but I always like a plan B. Thus, I run my cloud infrastructure behind a battery backup. As my two small NUC servers, a Fritzbox VDSL / Wi-Fi hub, a Raspberry Pi, an external hard drive and a cellular modem for backup connectivity have a relatively low power consumption of around 40 Watts, I can live with a relatively small uninterruptible power supply. 10 years ago I bought an ‘APC Back UPS ES 700‘ and could get around an hour’s worth of autonomy out of it for my setup. But batteries do not last forever, and 5 years have passed again since I last replaced the battery. When recently running a battery test, it reached 11.5 volts after only about 20 minutes. 11.5 volts is the voltage after which the battery starts to suffer when further discharged. That leaves 20% of the capacity unused, but I think it’s a good point to stop. As 20 minutes is a bit short, and the battery was definitely not getting any better, it was time to exchange it.

Continue reading UPS Battery Replacement for My Cloud

Analyzing Packet Loss in Starlink

As I’ve already noticed last year, there is quite a bit of packet loss over Starlink connections that has a significant impact on TCP performance. Also, I was wondering if and how much packet loss occurs in cellular networks during a handover. Recently, I picked up this topic again and was looking for a way to detect, measure and analyze packet loss. One idea I came up with was to run a continuous iperf3 UDP stream at a relatively slow 1 Mbps and see what would happen. While iperf is running, it shows when and how many packets were lost, but I wanted to dig a bit deeper. So I used Wireshark / tcpdump to record the data transfers and then wrote a Python script to analyze the iperf packet counters to get more details. Here’s a link to the source code.

Continue reading Analyzing Packet Loss in Starlink

Fritzbox Brain Transplant

I like redundancy, so I have ‘cold standby’ devices for critical hardware. My Fritzbox 7590 DSL router is one such piece of equipment (yes, still no Fiber in Cologne…) and I recently put it to good use: Incredible, but true, I’ve been using my current Fritzbox 7590 since 2018, i.e. for 6 years! Despite its age, it’s still an incredibly cool device and gets frequent software updates. However, the box seems to be aging, as it recently started to emit a low volume but high pitched coil whine. So while it was still working, the sound was getting a bit on my nerves. So I decided to swap the active 7590 with my spare device and was hoping that the promised ‘easy’ configuration backup / restore would save me a lot of manual work.

Continue reading Fritzbox Brain Transplant

Ikea Wi-Fi – Some Thoughts

Everybody loves going to Ikea on a Saturday. Right? Well, I guess the answer depends on whom you ask. Strangely enough, I can’t deny a certain affection for their stores, and when I was recently in one of them in Germany on a Saturday afternoon, I took the opportunity to have a look at their Wi-Fi. I normally, wouldn’t, but their buildings are mostly made of concrete, heat-insulated windows and a nice blue metal cap on top, so outside network coverage doesn’t go very far. So once you are inside and not close to a window, the store’s Wi-Fi is the only thing that connects you to the outside world to tell your friends about the joy of being there. Ok, so let’s be done with the slight sarcasm and have a look at how things work.

Continue reading Ikea Wi-Fi – Some Thoughts

OnlyOffice, Nextcloud and Mobile Devices

Exactly one year ago, I gave OnlyOffice in combination with Nextcloud a try. The pressure to have an Online Office Suite for the household kept rising and Collabora Online Office just didn’t cut it for me. I immediately liked OnlyOffice, as it was just as quick in the browser as a locally installed Libreoffice and compatibility with that other office suite used by the majority is great. However, while the software is open source, it has one limitation: Document access on mobile devices such as tablets and smartphones is read-only. For full read/write capabilities on mobile devices, a subscription is required. At $149 for a year for 10 users, it is not the cheapest kid on the block, but it’s still open source and my files remain private on my own Nextcloud instance. I would have gone to the paid version sooner, as I like to support open source software development, but I wasn’t quite sure what it would take to change the server side. The OnlyOffice documentation is a bit opaque about this. So when I had a bit of time on my hands, I decided to find out. Turned out, it’s much easier than what I’d expected.

Continue reading OnlyOffice, Nextcloud and Mobile Devices

Reverse Proxy Password Protection

A few months ago, I had a blog post about how bad actors are using Certificate registration requests to immediately go to your new web site and try to hack it before it is fully up and properly protected. One of the fixes I suggested at the time was to protect the new site with Basic Web Authentication, i.e. a username and a password, before bringing it up for the first time. Recently, I revisited the topic because I wanted to password protect an Etherpad-lite instance to limit its use to authorized users. Etherpad-lite makes it really hard to have usernames and passwords, and I have to say, I gave up on finding out how it works. So let’s kill two birds with one stone and figure out how to use Basic Web Authentication directly on the Nginx reverse proxy I use on my cloud installation. It turned out it’s super simple to do:

Continue reading Reverse Proxy Password Protection

What Happens in Vegas, Stays in Vegas – Fun with an Overlay Filesystem

Every now and then I would like to use the data on a backup drive with a program that modifies the data. Obviously I would not want the backup to be modified. The standard approach would be to copy the data from the backup drive to a temporary location, use the data, and, once done, delete it again. This works well for small amounts of data, but copying the files will take ages for a double digit gigabyte dataset. The solution: An Overlay File System!

Continue reading What Happens in Vegas, Stays in Vegas – Fun with an Overlay Filesystem

Restoring a Clonezilla Backup in Virtualbox – Mind the EFI

In a previous post, I’ve described how to boot from a real, i.e. physical NVMe drive in a Virtualbox VM rather than using a virtual disk image. Once I figured out how to do this, I started to wonder what other useful crossings between physical and virtual machines would be possible. So here’s another one:

Every few months, I use Clonezilla to take a backup of the EFI- and system partitions of important PCs in my household, so I could restore a system quickly should something happen. So I wondered: Is it possible to restore a Clonezilla backup of a physical Linux installation inside a Virtualbox Guest VM on a virtual disk? The application: Test Ubuntu LTS system upgrades (e.g. from Ubuntu 20.04 to 22.04 to 24.04) on a system that is fully customized and in use, but in a virtual machine instead of on a real notebook?

Continue reading Restoring a Clonezilla Backup in Virtualbox – Mind the EFI

SSH Client Fun – Local and Global IP with a Single Hostname

I have an SSH gateway at home that I would like to access directly while I’m at home, and over NAT and a public IP otherwise. The easiest and most convenient way to do this is to have a home network connection that has a public IP and a NAT router that notices that a server with a public domain name is local and redirects traffic to that host locally. If you are unfortunate and have to use a home router that can’t do this (i.e. cheap plastic trash), another option is to set-up your own DNS server and answer DNS requests for servers you have at home from there. A bit complicated to set up, so this solution is not everybody’s darling. If this local/public conundrum only concerns SSH, there is a nifty third way: Let the ssh client check whether to use a local IP address when you are at home, or query a DNS server for the public IP address when you are outside.

Continue reading SSH Client Fun – Local and Global IP with a Single Hostname