In this article I described how to set up a FritzBox LAN 2 LAN VPN with StrongSwan. Meanwhile I replaced Ubuntu on the server with pfSense. Of course I have set up my FritzBOX VPN connections again. So here’s a tutorial on how to set up a FritzBox LAN 2 LAN VPN with pfSense.Read More
There are a lot of instructions available on how to connect your FritzBox to a server via VPN. But since it took me a long time to find a working tutorial myself, here again a post describing how to set up a FritzBox LAN 2 LAN VPN with StrongSwan (based on the site https://seffner-schlesier.de/news/ipsec-zwischen-avm-fritzbox-und-strongswan/).Read More
It’s happened to me several times now that an application I run on my DS 1817+ has problems with websockets. This is because I use the reverse proxy built into DSM, which does not support websockets by default. For this reason, here’s a little tutorial on how to enable Websockets for Synology DSM reverse proxy.
Enable Websockets in DSM Reverse Proxy
Actually, it is extremely easy to enable Websockets for Synology DSM reverse proxy:
- Open Control Panel > Application Portal
- Change to the Reverse Proxy tab
- Select the proxy rule for which you want to enable Websockets and click on Edit
- Change to the Custom Headers tab
- Add two entries in the list:
- Name: “Upgrade”, Value: “$http_upgrade”
- Name: “Connection”, Value: “$connection_upgrade”
Repeat these steps for every rule where you want to enable Websockets.
An essential part of PGP is the mutual validation of key pairs. This confirms that the information about the owner stored in the key corresponds to reality (e.g. ownership of this key). This post describes the process of signing PGP keys with GnuPG. Read More
If you want to use Docker on servers or virtual machines, technical limitations can sometimes lead to a situation in which – even without intentional limitation – it is not possible to access the outer world from a docker container. Read More
In order to gain experience with a Kubernetes cluster or to be able to experiment with it, a functioning cluster is required. Since most conceptual challenges do not require a high performance test cluster, it is also sufficient to build a smaller and therefore more cost-effective one. For this reason I decided to set up a Raspberry Pi Kubernetes Cluster for testing purposes.
- 4x Raspberry Pi 3 Model B+
- 4x microSD Card (I’m using SanDisk Ultra 64GB)
- Power supply unit for the Raspberry Pi devices. You can also use any other 5V power source which provides enough current.
- 4 Micro USB cables for connecting the power suppy unit
- 4 Layer Acrylic Cluster Case
If the Raspberry Pis are not to be connected via WLAN but cable, the corresponding network components are also required:
- 5 Port Switch
- 4 short ethernet cables
The website of Hypriot has a very good tutorial how to set up a Kubernetes cluster with Raspberry Pi boards: https://blog.hypriot.com/post/setup-kubernetes-raspberry-pi-cluster/. If you need some configuration examples (executable on a Raspberry Pi Kubernetes Cluster) please check out my GitHub repository with configuration examples: https://github.com/MatthiasLohr/kubernetes-rpi-examples.
In How to set up your YubiKey NEO I already mentioned that you can also use your YubiKey as SSH key. In GPG Agent Forwarding I show how to forward your GPG agent to remote machines for decryption/signing. What’s missing is a tutorial on how to make it all work together, how to use your GPG Agent for SSH in Gnome. Read More
Docking stations are quite a pleasant thing, because they save you having to plug in and out a lot of different cables (network, USB, monitors, power,…). Meanwhile, docking solutions via USB-C/Thunderbolt are also available. This means that a single USB cable is all it takes to connect the computer to the peripherals and the power supply. Practically USB-C or Thunderbolt are standards, so you can combine different devices like the HP Elite Thunderbolt Dock with a Lenovo X1 Carbon, right?