Werefox Software

A collection of self-hosted services and software

Effectively, it seems I took a hiatus from posting on the blog. I had to take some time to get thinks straight on my own end. Hopefully, I will be back to doing some awesome projects to write about on here soon.

Summary of the month(s)

A Love Letter from Werefox Software

https://letter.werefox.dev

New Mastodon Who Dis?

As you may have noticed, the Mastodon instance was “nuked” last week in order to fix some issues with the database that couldn't be pinpointed. All previous features should be up and running just fine, but registration is currently closed until I can fill out the about section and ToS once again.

Raspberry Pi LCD

I did another article about the process of setting up a programmable display that could be controlled remotely through a VNC connection in an SSH tunnel. You can read more about it here.

New Year

It has come to my attention that I haven't made a monthly update post since the previous decade. Happy New Year!

It would seem all of the servers were readily “2020 compatible”.

(Alexis laughs, believing herself to be funny by making an old 1990's reference no one her age should even get in the first place)

Future Updates

In the process of the effort of re-establishing Mastodon, the instance was converted to a Docker container instance of glitch-soc. I plan on migrating the rest of the services provided (or as much as possible) to containerized versions as well within the upcoming months, along with establishing a CI pipeline for the Gitea instance using either BuildBot or Kubernetes.

After quite a long pause in content, I have another article! This time I'll be documenting my process for setting up a programmable LCD display of sorts.

The original idea for this was that I wanted some kind of display small enough to be at my desk that could be used to show whatever kind of content I wanted to display for the time being. I received a new Raspberry Pi 4 for Christmas, so I quickly got to work planning how it would be used.

Parts Used

As with the previous article, this project doesn't necessarily have to be completed using a Raspberry Pi 4. The particular display I used works fine with the 2/3/3b(+) models as well.Raspberry Pi 4USB Type C CableUSB Power Brick AdapterMicro SD Card for the OS* – Longrunner Raspberry Pi Touch Screen with Case Holder – An extra computer with access to a microSD card adapter

* As with the last article, it doesn't matter how big the SD card is. Just find a good deal on a good brand and use those. I've recommended the same ones.

Software Used

  • Raspbian (OS image)
  • OpenSSH
  • RealVNC
  • Fail2Ban
  • Remmina (Optional, client for VNC)

OS Installation

If you're following along, I recommend installing the OS and getting the Raspberry Pi up and running before you start assembly of the case and LCD. You can use the cables provided to power the display and connect it via HDMI to the Raspberry Pi when testing.

Using dd on Linux, I flashed the OS image onto the microSD cards each individually. After flashing, I made sure to test the installation by inserting the microSDs into each of the Pis and powering them on. The command was something like: dd -if=/path/to/raspbian.img -of=/dev/sdx && sync

In order to be able to reliably access the device, I once again recommend you go to your router's settings if possible and ensure the device has been given a static IP address. If you are unsure how to do this, try looking up your router's instruction manual.

In order to test the OS, I plugged in the device to an alternate display to ensure that it was working properly. This is because the LCD may require some system settings tuning before it will display properly.

If I remember correctly, Raspbian should already have an SSH server running once it boots. I connected the device to a wired ethernet connection to ensure I could access both it and the internet.

Since this is the first boot of the image, it was set to the default username and password. I followed these directions to change the defaults to my liking.

Once the defaults were changed, I configured my other device that I wanted to use to manage the Pi so that it would be able to connect via SSH using an SSH key. I then configured the SSH server to only allow users to log in using SSH keys, and changed the listening port for good measure.

After my SSH server was configured, I got to work setting up a simple firewall and Fail2Ban. This was configured so that I would only allow connections through ports 80, 443, and my custom SSH port.

I also set Fail2Ban to be fairly strict with the number of attempts when connecting via SSH. This was mainly to prevent snooping from coworkers, staff, or others that may be connected to the same network as the device wherever I took it.

Finally, since this was meant to be a display, I set up a RealVNC server on the Pi to enable remote desktop control.

Screenshot of the active VNC connection to the display.

If you recall, I didn't configure my firewall to allow incoming connections on the default VNC port. This is because I planned on using the Remmina client to connect to the Pi, using an SSH tunnel. That way, I ensure the connection is encrypted and I don't have to open anymore unnecessary ports.

Conclusion

An image of the LCD sitting on my desk at work.

An image showing the back of the LCD with the Raspberry Pi mounted.

This turned out to be a pretty fun little project! I had some difficulty trying to find a way to remotely connect to the display, but eventually found what I think was a pretty elegant solution. I've included some pictures of the device in use, and I think overall it went really well.

Nothing is permanent, it seems. I've been a little busy this month trying to get myself out of the house, dealing with personal issues, and spending time with family for Thanksgiving. I don't really have much to report because of that.

Keeping Things Stable

The most I've been doing is just trying to ensure things on my end are stable as far as the services go. Everything is still up, but upgrading to Mastodon 3.0.0 has proven to be a real challenge for some reason. I'm sure when I bring myself to sit down for a few days and try again I'll figure it out, but otherwise, it's staying on 2.9.3+glitch until further notice.

What I've Been Up To

Mainly, I've just been focusing on my own life. Trying to figure out where to go with my job, where I'm going to go in 2020. It's a little rough right now to be honest, but it's exciting. I'm anxious to see where life takes me in the upcoming year.

Future Updates

I'm still attempting to make some time to do personal projects in my spare time, but I'll admit the latest Pokemon release has taken up a lot of my time! I'll make another update at the end of the year, or whenever something develops. Until then, that's all for this update.

This is a first to me on this blog, I'll be writing an article documenting my process for setting up a security camera system using two Raspberry Pis and a separate storage system.

Parts Used

A note before continuing further: This project can be accomplished using a Raspberry Pi 3 and a Raspberry Pi Zero W. You could also use a Raspberry Pi 4, but seeing as the extra computing power isn't strictly necessary, I'd advise against it unless you're certain you want to invest the extra money.Raspberry Pi 3 (B/B+) (x2) – CanaKit 5V 2.5A Raspberry Pi 3 B+ Power Supply / Adapter (x2) – Micro SD Card for the OS* (x2) – Flirc Raspberry Pi 3B CaseMakerFocus Raspberry Pi Camera Night Vision Camera for Raspberry Pi 3B/3B+ and Pi 2B B+ModMyPi – PIR Night Vision Camera Box Bundle – B+/2/3/3B+ – An extra computer with access to a microSD card adapater

* It doesn't really matter how big the SD cards are, I don't really remember which exact ones I'm using. Just find a good deal on a good brand and use those. I've gone ahead and linked some I recommend

Software Used

Device Setup and OS Installation

I'm going to split the following into two parts, as they can be completed independent of each other. This is the process I did it in while waiting for some parts and logistics to be worked out.

Device Setup

Each of the two devices has a unique job. One will be position inside the house as a storage/hub server, and the other will have the camera module attached and be positioned outside.

Raspberry Pi Hub

For the hub device, I installed the Flirc Raspberry Pi 3B Case. The installation process is fairly straightforward, so I won't go into detail.

Raspberry Pi Camera

For the camera, I had to install the camera and case individually, as the camera came much earlier than the case (the exact model I needed had to be shipped from out of the country). The camera installation is simply an attachment of a ribbon cable and a few screw to hold the IR sensors in place. The case case with its own set of instructions for setup, and was mainly a few pieces of plastic that fit together to form a sealed-enough case. I'd recommend assembling the case with some glue or epoxy to give more of a waterproof seal for anyone attempting this same project.

Note: The only reason I'm using two Raspberry Pi 3s is because I already had them lying around, so it would have just been extra expense for me to buy another one specifically for the camera, and I didn't have anything else for these to do.

OS Installation

I took each of my microSD cards and my downloaded latest release of MotionEyeOS. For the purposes of this project, I used just the “raspberry-pi-3” version.

Using dd on Linux, I flashed the OS image onto the microSD cards each individually. After flashing, I made sure to test the installation by inserting the microSDs into each of the Pis and powering them on. The command was something like: dd -if=/path/to/motioneyeos-raspberrypi3.img -of=/dev/sdx && sync

In order to be able to reliably access each device, I went to my local router's settings and ensured that they had been set to static IP addresses. If you are unsure how to do this part, try looking up your router's instruction manual.

Once it was powered on and I navigated to the IP of each device, I was greeted with a login screen. Login page for MotionEyeOS After logging in, I recommend immediately changing the admin passwords for each device, as well as setting up a surveillance user account for each.

After changing some camera settings on the raspberry pi with the camera, I configured it to be set up to stream the video on the local network.

Video Streaming settings on the Camera Video Streaming settings on the Hub On the hub side, I went to the settings and configured it to view the video stream as pictured above, then set up the stream to be stored on a local SFTP share I had previously configured.

File Storage settings on the Hub I also went and set up some optional motion detection settings and set a time period for how long to keep archived recordings.

Physical Installation

Since the Hub merely needs to be plugged in to be installed (I recommend using a hardwire ethernet connection if possible), I won't be going through how I set it up.

For the camera, I only wanted a front door camera to mainly track package theft. I went through a few different methods of mounting the camera. For my situation, I'm currently renting this house, so I didn't want to screw any bolts or nails that I'd have to pay cover up later. Additionally, the front door area where I wanted to install the camera is mostly brick. This made it difficult to find a way to attach the camera (especially before I ordered the optional case mount).

Eventually, I settled on using some construction adhesive to attach the camera mount to the brick wall I wanted it to be set up on.

Here are some pictures of the completed setup:

An image of just the camera with a bit of the cable. Here's another image a bit more zoomed out... I'm planning on cleaning up that cable management in the future.

Conclusion

I'm really pleased overall with this set up after finishing it. It took quite a while with a few points where I thought it was going to be ready, but encountered minor setbacks. Regardless, this is a fairly inexpensive and useful project. I'll be giving a progress update after a month or so to follow up.

Updates

It's going to be another short update for this month. Most of my focus shifted away from the servers and more to things involving my personal life. I installed a new audio rack, which I repurposed as a mini server rack to host the machines running the Werefox Software set of services. Otherwise, it's been a pretty uneventful month.

Summary of the month

GitLab Removal

As noted in the previous update, GitLab has been removed. I became incredibly frustrated attempting to set up a CI pipeline with it, and decided it would be best to only have Gitea be up and running for now.

Halcyon

After the previous update, I managed to get Halcyon up and running again with a simple update of the config.ini file.

Streaming

I've taken up streaming over the past week or so. My happy schedule seems to revolve around Tuesdays and Thursdays at 7:30 PM CST. If you're interested in stopping by, here's the link again: https://twitch.tv/Shadow8t4_Games

Pi-Hole

Delving slightly into my personal life, I went ahead and set up Pi-Hole on my local network at home. It's awesome, highly recommend it.

Future Updates

I'm actually hesitant to say that I have any future updates on my mind at the moment. Mainly concerned with doing some maintenance here and there, and continuing to keep up my blog, streams, and personal life habits. It's been difficult to balance the free time I have and find some more time to flesh out my portfolio work (and my portfolio site), so hopefully that can be my next shift of focus once I settle into more of a rhythm with this month's changes. That's all for this update.

I think I'm starting to get back into the flow of things. Hopefully will get back to more substantial updates in the near future. Here's what's been going on.

GitLab

I took down the GitLab instance because it kept breaking. Initially, I realized that SSH clone links were not being set properly since I didn't update the config ruby file to be listening to the right SSH port (or at least be aware of it). This meant that while you could still clone using SSH, the link would be wrong unless you knew the port that I was forwarding it to. This was a simple fix.

The real reason the instance is down is because I was a failure at creating runners. I really wanted to have a proper CI pipeline setup for GitLab, but unfortunately between having to change my server's hostname and dealing with numerous undocumented k3s bugs, that just couldn't happen.

Eventually, I decided to scrap the whole instance. The intention was to move completely from Gitea to GitLab eventually anyway, but since this has been an entirely upsetting experience, I decided I'll just stick to the service I already know that has treated me well thus far. (besides, I have heard inklings that a CI pipeline setup is manageable in Gitea anyway)

Halcyon

At the time of writing this, I cannot figure out why Halcyon isn't working. I'm making an attempt to contact the developer to get some insight. I'm sure it's something silly I forgot to do when upgrading at one point.

Streaming

I'm making a (fairly poor) effort at streaming on Twitch more often. Currently trying to get through the new “The Legend of Zelda: Link's Awakening” remake on Switch and a little bit of “River City Girls” also on Switch. It seems like it might be more of a weekend thing, so follow my posts on @shadow8t4 if you're interested.

Future Updates

My focus has been pretty scattered recently, but I hope to get settled back into a rhythm soon. Currently, I'm really just looking into how I can better maintain the services I'm already hosting. That's all for this update.

Updates

It's been a pretty slow week leading up to this monthly update. I'm still trying to get a few things done in my personal life, still dealing with some personal setbacks.

Summary of the month

Telegram Bridge Bot

I was finally able to get the Telegram-Matrix bridge bot back up and running. The general chat on Matrix and Telegram should now have their messages synced.

Daily Backups

Gitea, GitLab, Mastodon, and Matrix all have daily backups set up for their respective databases/configs.

System Updates Account

Go follow @System for posts on Werefox Software updates to services.

Gitea Update Script

I created a repository for the script I'm using to auto-update my Gitea instance.

Werefox Software has a new logo! It should be visible on all services.

Glitch-soc

https://masto.werefox.dev is now running the glitch-soc patch.

Riot

Werefox Software is now hosting an instance of the Riot web client.

Closing Notes

Fairly productive month overall, even if it ended a bit poorly. I'm still looking at a few more things I want to get done for myself in the near future, so I'm unsure how much these updates will continue to be about service updates. Hopefully, I'll find some way to squeeze some more interesting things in here.

First of all, it was my birthday just a couple days before writing this on September 6th! It was pretty great, and I’m definitely using that as an excuse for why I didn’t get a lot done since the last update.

Second excuse it a lot more personal. I recently had a bit of a development in my life happen, and that considerably affected my motivation towards maintaining these services and posting updates. It’s something I don’t feel comfortable sharing here, but I should be returning to my usual cadence soon.

Glitch-Soc

Mastodon is officially running with the glitch-soc updates. This actually was accomplished shortly after the previous weekly update, but since I had already written it, I decided to include it in this one instead. There seemed to be no real issues getting set up, and I couldn’t be happier with that process. Definitely recommend for any sys admins looking to #upgrade their Mastodon experience.

Riot Web Client

As a new “service” being offered by Werefox Software, you can now access the Riot web client from the werefox.dev domain. I’ll be adding a link to it (https://riot.werefox.dev) on the services tab shortly. Unfortunately, I was informed I cannot link directly to the general chat through the hosted web client. However, I did realize that you should be able to link to the chat through a riot.im link.

Custom Alexis Emoji

Finally, as a small update, I commissioned some pixel art from @pearshapes and made the resulting image into a custom emoji. Users on the instance can type :alexis: to use the emoji. Feel free to ask your system administrator to copy it to yours as well!

Future Updates

I don’t really have anything to say here this week. Right now I’m mainly focusing on (finally) getting some things done around the house and working on some personal projects.

That’s all for now. Next update should be a monthly one. I’ll go over anything else that happened between now and then and summarize the previous updates.

Quick note before we get started – these “weekly updates” are just going to be titled as blog posts/news headlines. Monthly updates will be titled with their respective month. This is to keep me from feeling like I’m committing to posting these every week, and to keep from doing some kind of unnecessary numbering scheme.

System Updates Account

I’m happy to announce that there’s a system updates account that can be followed on the fediverse which will be posting whenever Werefox Software updates their services or has to go down for maintenance, or any other system admin related updates that may be important. @system@masto.werefox.dev will now be a default followed account for all new users, since it’s a filtered way for any new users to get important updates.

Gitea Update Script

I’ve also taken the time to write out a nifty script to update Gitea when new versions are released. This should both save time and help maintain security as when new updates are released, the script will be run daily to check and replace the current binary. Additionally, I’ve written a follow-up script to run once it has successfully grabbed an updated Gitea binary to post using the previously mentioned @system@masto.werefox.dev account.

Repo link: https://gitea.werefox.dev/shadow8t4/gitea-update

Future Work

In order for the update script to post to Mastodon, I wrote a simple Python script using Mastodon.py. I’m hoping to incorporate this script into future automation regarding system updates and announcements. Once I’ve made enough progress developing this, I’ll gladly make a new repository to host it. On a related note, I do currently have a working project I’ve been meaning to make more development progress on... But I’m not quite ready to formally announce it just yet.

Logo Change

I officially have a new logo for Werefox Software, which I’m pretty excited to reveal!

Credit: @owenthecat@meow.social

It’s quite a bit simplified than the previous logo, and retains the color scheme from before. Most, if not all, services should have the logo changed at this point.

Other Updates

I’m still looking for a solid email-blacklist to implement on the Mastodon instance. In the meantime, I have implemented a suspend list and will be working on a way to dynamically update a public-facing list of which instances we’re suspending/muting/etc. in the near future. I don’t want anyone to join the instance without being aware of what instances I’m blocking.

Future Updates

glitch-soc and client-side matrix are still in the works. Didn’t get around to it this week, sorry.

That’s really all for this week. Really glad I’m doing these “smaller updates” because the monthly one would just be absurd if I tried to put this much in it.

I’ve finally gotten around to getting the mautrix-telegram bridge bot back up and running, so you can now join the general chat at this link on Telegram once again.

Other updates

I’ve set up daily backups for Gitea, GitLab, Mastodon, and Matrix now. Keep in mind that I in no way wish to “archive” any data, it’s simply in order to ensure I can get things back up and running in the case of a failure (yes, I meant to make that jab in light of recent events).

After thinking it over some more, I’m a little hesitant on running PeerTube and Pleroma instances. I have been really strapped for time lately, and since it’s really only me managing all these services, with my own funds as well, I don’t really want to expand too fast or at a rate that causes me to feel burned out.

Future Updates

I’m now shifting my attention to focusing on improving the services I currently host. I’m looking into “upgrading” the Mastodon instance to use “glitch-soc” and I’m looking into hosting a client for Matrix, that way potential community members can have a way to try out Matrix and communicate as a guest if needed on our own domain rather than being forced to register at Matrix.org or having to mess with client settings in order to register on Werefox Software.

That’s all for now. I’m hoping to provide more more quick updates in the future in order to make the monthly ones less packed.

Enter your email to subscribe to updates.