This is the place where I share my thoughts and notes about things that Iām
excited about and working on and hope to connect with people having a similar
mindset. I’d love to hear from you!
This beginner-friendly, step-by-step guide walks you through the initial configuration of your OPNsense firewall. The title of this guide is an homage to the pfSense baseline guide with VPN, Guest, and VLAN support that some of you guys might know, and this is an OPNsense migration of it. I found that guide two years ago and immediately fell in love with the network setup. After researching for weeks, I decided to use OPNsense instead of pfSense.
My homelab grew quite a bit over the past years. And with that, my networking needs also changed: stricter firewall rules, segregating untrusted IoT devices into separate networks, traffic prioritization, and more. I wanted to document my switch and VLAN configuration. And maybe this is useful for someone else, too.
To manage Ubiquiti UniFi devices, a UniFi controller is required. Over a year ago, I initially installed the controller software inside a Ubuntu VirtualBox VM. Now that version 6 of the UniFi controller software is released, it’s time to upgrade. I decided to reinstall the controller inside a TrueNAS jail instead of a VirtualBox VM. When searching the interwebs, I only found lots of outdated instructions. It turns out that it’s very straightforward, so here are my quick notes on how to do it.
I’ve been using Mullvad VPN for a while now but only ever used it with the official client on my workstation. I use DNS extensively in my home network, so as soon as I activate Mullvad, I can’t resolve DNS names locally. Of course, this is by design and expected. I own an OPNsense appliance, so the natural solution is to move the tunnel there.
TL;DR# Use the following shell command to request an IP with no DNS hijacking:
In the past, I used an old laptop running Qubes OS for any cryptocurrency-related stuff, and it worked great. It’s where I first learned about Whonix, a desktop operating system designed to protect your privacy online. Unfortunately, Qubes OS is a bit picky about the hardware it runs on. My old laptop only has four gigs of RAM, and I could barely run two instances of MyEtherWallet in two separate qubes without the system running out of memory.
For the last couple of months, I have been working on a custom Hugo theme in my
free time. Most recently, I implemented a CSS-only burger fold-out menu to
increase its responsiveness. I based the implementation on
Erik Terwan’s nifty
pure CSS Hamburger fold-out menu
which is pretty popular on CodePen. I modernized it by utilizing SVG and newer
CSS selectors to make the code more declarative and scalable. It comes with the
price of not supporting as many browsers, but honestly, who cares about Internet
Explorer users?
Did you ever think about running a Matrix homeserver? In this post, we will set one up on the Azure Kubernetes Service (AKS). We will use the reference homeserver implementation, which is Synapse from the folks at matrix.org. This post focuses on the Kubernetes stuff, keeping Synapse configuration to a minimum. Things like federation, delegation and PostgreSQL are out of scope, because plenty of excellent guides and the official documentation exist covering that. The icing on the cake will be the Synapse Admin UI deployment with secure access to the administration endpoints to make management of our homeserver easier.
