Ikea Wi-Fi – Some Thoughts

Everybody loves going to Ikea on a Saturday. Right? Well, I guess the answer depends on whom you ask. Strangely enough, I can’t deny a certain affection for their stores, and when I was recently in one of them in Germany on a Saturday afternoon, I took the opportunity to have a look at their Wi-Fi. I normally, wouldn’t, but their buildings are mostly made of concrete, heat-insulated windows and a nice blue metal cap on top, so outside network coverage doesn’t go very far. So once you are inside and not close to a window, the store’s Wi-Fi is the only thing that connects you to the outside world to tell your friends about the joy of being there. Ok, so let’s be done with the slight sarcasm and have a look at how things work.

Continue reading Ikea Wi-Fi – Some Thoughts

OnlyOffice, Nextcloud and Mobile Devices

Exactly one year ago, I gave OnlyOffice in combination with Nextcloud a try. The pressure to have an Online Office Suite for the household kept rising and Collabora Online Office just didn’t cut it for me. I immediately liked OnlyOffice, as it was just as quick in the browser as a locally installed Libreoffice and compatibility with that other office suite used by the majority is great. However, while the software is open source, it has one limitation: Document access on mobile devices such as tablets and smartphones is read-only. For full read/write capabilities on mobile devices, a subscription is required. At $149 for a year for 10 users, it is not the cheapest kid on the block, but it’s still open source and my files remain private on my own Nextcloud instance. I would have gone to the paid version sooner, as I like to support open source software development, but I wasn’t quite sure what it would take to change the server side. The OnlyOffice documentation is a bit opaque about this. So when I had a bit of time on my hands, I decided to find out. Turned out, it’s much easier than what I’d expected.

Continue reading OnlyOffice, Nextcloud and Mobile Devices

Reverse Proxy Password Protection

A few months ago, I had a blog post about how bad actors are using Certificate registration requests to immediately go to your new web site and try to hack it before it is fully up and properly protected. One of the fixes I suggested at the time was to protect the new site with Basic Web Authentication, i.e. a username and a password, before bringing it up for the first time. Recently, I revisited the topic because I wanted to password protect an Etherpad-lite instance to limit its use to authorized users. Etherpad-lite makes it really hard to have usernames and passwords, and I have to say, I gave up on finding out how it works. So let’s kill two birds with one stone and figure out how to use Basic Web Authentication directly on the Nginx reverse proxy I use on my cloud installation. It turned out it’s super simple to do:

Continue reading Reverse Proxy Password Protection

What Happens in Vegas, Stays in Vegas – Fun with an Overlay Filesystem

Every now and then I would like to use the data on a backup drive with a program that modifies the data. Obviously I would not want the backup to be modified. The standard approach would be to copy the data from the backup drive to a temporary location, use the data, and, once done, delete it again. This works well for small amounts of data, but copying the files will take ages for a double digit gigabyte dataset. The solution: An Overlay File System!

Continue reading What Happens in Vegas, Stays in Vegas – Fun with an Overlay Filesystem

Restoring a Clonezilla Backup in Virtualbox – Mind the EFI

In a previous post, I’ve described how to boot from a real, i.e. physical NVMe drive in a Virtualbox VM rather than using a virtual disk image. Once I figured out how to do this, I started to wonder what other useful crossings between physical and virtual machines would be possible. So here’s another one:

Every few months, I use Clonezilla to take a backup of the EFI- and system partitions of important PCs in my household, so I could restore a system quickly should something happen. So I wondered: Is it possible to restore a Clonezilla backup of a physical Linux installation inside a Virtualbox Guest VM on a virtual disk? The application: Test Ubuntu LTS system upgrades (e.g. from Ubuntu 20.04 to 22.04 to 24.04) on a system that is fully customized and in use, but in a virtual machine instead of on a real notebook?

Continue reading Restoring a Clonezilla Backup in Virtualbox – Mind the EFI

SSH Client Fun – Local and Global IP with a Single Hostname

I have an SSH gateway at home that I would like to access directly while I’m at home, and over NAT and a public IP otherwise. The easiest and most convenient way to do this is to have a home network connection that has a public IP and a NAT router that notices that a server with a public domain name is local and redirects traffic to that host locally. If you are unfortunate and have to use a home router that can’t do this (i.e. cheap plastic trash), another option is to set-up your own DNS server and answer DNS requests for servers you have at home from there. A bit complicated to set up, so this solution is not everybody’s darling. If this local/public conundrum only concerns SSH, there is a nifty third way: Let the ssh client check whether to use a local IP address when you are at home, or query a DNS server for the public IP address when you are outside.

Continue reading SSH Client Fun – Local and Global IP with a Single Hostname

Notebook in a (Virtualbox) Bottle

I’m in the process of changing my backup and restore setup for critical notebooks of the household. Instead of keeping a backup notebook synchronized and use it for other backup tasks in addition, I have moved to a dedicated backup server. To cover the case of a critical notebook or flash drive failing, I now have duplicates of those Linux desktops with all user data ready to go on NVMe drives, which I can insert in a backup notebook when required. The slight catch: Extra work is required to keep those NVMe drives up to date: So far, my approach was to insert the physical drives in a notebook, update them with the latest system patches and user data, and then remove the drive again. This works well but is a bit time consuming. But there is a more easy way to do this!

Continue reading Notebook in a (Virtualbox) Bottle

An Asus PN-64 Barebone for My Private Cloud

If you are a regular reader of this blog, you are probably aware that I run my own private cloud at home. One server is around 4 years old by now, while the other one, mainly used as a central hub for backups celebrated it’s 11th birthday this year. In other words, it was time for a bit of a refresh. For my private cloud I like to use small NUC servers, as they offer a good size / performance / heat / noise balance for home use. As Intel is no longer producing NUCs, I was looking for an alternative. After a bit of searching, I decided to go for an Asus PN-64 barebone with an Intel i3-1220P processor. While being a pretty recent processor, I didn’t expect to see a massive computing performance increase compared to the 4 year old NUC. When I saw the first performance results, however, I could hardly believe my eyes.

Continue reading An Asus PN-64 Barebone for My Private Cloud

On-Board Internet over the US with Delta

In the previous post I had a look at Delta Airlines’ on-board Internet connectivity over the Atlantic. On this flight, the company used Intelsat for connectivity and I assumed that the 30 day pass I bought would also give me connectivity during my continental flights with Delta. That was not the case however, and I soon found out the reason for this: Over the US, Delta uses a different system, provided by Viasat. So how did the Viasat system perform in the busy US airspace? The screenshot on the left gives a first indication.

Continue reading On-Board Internet over the US with Delta