OpenStack create VM from ISO image 

# create image from iso
openstack image create --file /tmp/ubuntu-24.04.1-live-server-amd64.iso --disk-format iso --progress ubuntu-24.04.1-live-server-amd64.iso
 
# create volume for the final VM
openstack volume create test-vm1-vol1 --size 10 --bootable
 
# create temporary installation VM
openstack server create test-vm1-inst --image ubuntu-24.04.1-live-server-amd64.iso --flavor m1.small --key-name test-keypair --network test-network
 
# attach volume to temporary VM
openstack server add volume test-vm1-inst test-vm1-vol1
 
# show console url from temporary VM
openstack console url show -c url -f value test-vm1-inst
 
# install OS in console
 
# delete temporary VM
openstack server stop test-vm1-inst
openstack server delete test-vm1-inst
 
# create final VM
openstack server create test-vm1 --volume test-vm1-vol1 --flavor m1.small --key-name test-keypair --network test-network
openstack console url show -c url -f value test-vm1
 
# remove iso imagge
openstack image delete ubuntu-24.04.1-live-server-amd64.iso

Links
https://openmetal.io/docs/manuals/tutorials/understanding-iso-images

Incus Ansible deployment 

---
- name: Create container
  hosts: incus1.example.com
  # become: yes
  tasks:
    - name: Create incus container
      community.general.lxd_container:
        url: "unix:/var/lib/incus/unix.socket"
        name: u2404
        source:
          type: image
          mode: pull
          server: https://images.linuxcontainers.org/
          alias: ubuntu/24.04/cloud
          protocol: simplestreams
        wait_for_container: true
        wait_for_ipv4_addresses: true
        config:
          limits.cpu: "4"
          boot.autostart: "true"
          cloud-init.user-data: |
            #cloud-config
            package_upgrade: true
            locale: en_US.UTF-8
            timezone: Europe/Berlin
            apt_upgrade: true
            package_upgrade: true
            packages:
              - openssh-server
            # disable_root: false
            ssh_authorized_keys:
              - "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
          cloud-init.network-config: |
          network:
            version: 2
            ethernets:
              eno1:
                dhcp4: true
        profiles: ["disk-default", "nic-dev"]
      register: container
 
    - name: Configure temporary user for initial run
      set_fact:
        remote_user: ubuntu
      delegate_to: localhost
      delegate_facts: True
      when: container.changed- name: Create container
 
 
- name: Configure container
  hosts: u2404.example.com
  gather_facts: no
  remote_user:  "{{ hostvars['localhost']['remote_user'] | default(lookup('env', 'USER')) }}"
  become: yes
  tasks:
    - name: Create a user 'johnd' with a home directory
      ansible.builtin.user:
        name: johnd
        create_home: yes

Links
https://discuss.linuxcontainers.org/t/creating-container-with-ansible/20050/7
https://documentation.ubuntu.com/lxd/en/latest/cloud-init/
https://docs.ansible.com/ansible/latest/collections/community/general/lxd_container_module.html

Incus Terraform

Enable Incus remote API authentication
http://www.panticz.de/incus

Terraform main.tf

terraform {
  required_providers {
    incus = {
      source = "lxc/incus"
    }
  }
}
 
provider "incus" {
  # generate_client_certificates = true
  # accept_remote_certificate    = true
 
  remote {
    name    = "10.0.1.104"
    scheme  = "https"
    address = "10.0.1.104"
    token   = "xxxxxxxxxxxxxxxxxxxxxxxxxx"
    default = true
  }
}
 
data "template_file" "user_data" {
  template = <<EOF
#cloud-config
package_update: true
packages:
  - nginx
runcmd:
  - sudo systemctl stop unattended-upgrades
  - sudo apt purge -y unattended-upgrades
EOF
}
 
resource "incus_instance" "instance_1" {
  name             = "u2404"
  description      = "Terraform Incus test container"
  image            = "images:ubuntu/24.04/cloud"
  profiles         = ["default"]
  wait_for_network = true
 
  config = {
    "boot.autostart"       = true
    "limits.cpu"           = 4
    "cloud-init.user-data" = data.template_file.user_data.rendered
  }
 
  device {
    name = "http"
    type = "proxy"
    properties = {
      listen = "tcp:0.0.0.0:80"
      connect = "tcp:127.0.0.1:80"
    }
  }
}

Deploy

Mosquitto MQTT server

Install
https://www.howtoforge.de/anleitung/so-installierst-du-mosquitto-mqtt-server-unter-ubuntu-22-04/

sudo apt-get install -y curl gnupg2 wget git apt-transport-https ca-certificates software-properties-common
sudo add-apt-repository -y ppa:mosquitto-dev/mosquitto-ppa
sudo apt install mosquitto mosquitto-clients -y
 
sudo mosquitto_passwd -c -b /etc/mosquitto/passwd foo pass1234
# todo sudo
cat <<EOF> /etc/mosquitto/conf.d/default.conf
listener 1883
password_file /etc/mosquitto/passwd
EOF
chmod a+r /etc/mosquitto/passwd
 
sudo systemctl restart mosquitto

Debug MQTT
http://mqtt-explorer.com/
https://snapcraft.io/install/mqtt-explorer/ubuntu#install

sudo snap install mqtt-explorer

Tasmota Smart Meter Interface

ESP8266 / ESP32 Tasmota images and decumentation
https://ottelo.jimdofree.com/stromz%C3%A4hler-auslesen-tasmota/#Downloads
https://www.wispr-shop.de/produkt/wifi-ir-schreib-lesekopf-diy-set/

Smart Meter Interface configruation scripts
https://tasmota.github.io/docs/Smart-Meter-Interface/#emh-ehz-generation-k-sml

>D
>B
 
=>sensor53 r
>M 1
+1,3,s,0,9600,
1,77070100010800ff@1000,Total consumption,kWh,total_in,2
1,77070100020800ff@1000,Total feed-in,kWh,total_out,2
1,77070100100700ff@1,Power,W,power_curr,0
#

Tasmota Diagramme
https://github.com/ottelo9/tasmota-sml-script/

Tasmota Script Language Support
https://marketplace.visualstudio.com/items?itemName=StefanoBertini.tasmota-script-support#Automatic-script-upload

Firmware
https://github.com/ottelo9/tasmota-sml-images/releases

Incus

Prerequisits (ZFS filesystem)

# ZFS (optional)
sudo apt install -y zfsutils-linux
sudo lvcreate --name storage --size 100G ubuntu-vg
sudo zpool create incus /dev/ubuntu-vg/storage
sudo zpool set autotrim=on incus
sudo zfs create incus/storage
 
# uninstall LXD
snap remove lxd

Incus installation
https://github.com/zabbly/incus
https://linuxcontainers.org/incus/docs/main/installing/

mkdir -p /etc/apt/keyrings/
curl -fsSL https://pkgs.zabbly.com/key.asc -o /etc/apt/keyrings/zabbly.asc
 
sh -c 'cat <<EOF > /etc/apt/sources.list.d/zabbly-incus-stable.sources
Enabled: yes
Types: deb
URIs: https://pkgs.zabbly.com/incus/stable
Suites: $(. /etc/os-release && echo ${VERSION_CODENAME})
Components: main
Architectures: $(dpkg --print-architecture)
Signed-By: /etc/apt/keyrings/zabbly.asc
EOF'
 
sudo apt update
sudo apt install -y incus bash-completion #incus-tools
 
sudo usermod -aG incus-admin ubuntu
 
# fixme
# incus completion fish

Incus configuration
https://linuxcontainers.org/incus/docs/main/howto/initialize/#configuration-format

Designate as authenticator for Lets Encrypt

Prerequisites
Install OpenStack CLI client (OSC)
http://www.panticz.de/osc

OpenStack Application credentials
~/.config/openstack/clouds.yaml

Generate Lets Encrypt certificate

sudo apt install -y certbot
 
pyenv activate osc
pip install python-designateclient certbot-dns-openstack zope
 
# list available zones
openstack zone list
 
# Create letsencrypt directory
mkdir ~/letsencrypt
 
# Request wildcard certificate
DOMAIN=example.com
certbot -a dns-openstack certonly \
    --agree-tos \
    --register-unsafely-without-email \
    --work-dir ~/letsencrypt/work \
    --config-dir ~/letsencrypt/etc \
    --logs-dir ~/letsencrypt/log \
    --dns-openstack-propagation-seconds 60 \
    -d *.${DOMAIN}
#    -d *.example.com,example.com
 
# List certificates
ls -l ~/letsencrypt/etc/archive/*/*

DEBUG (second terminal)

watch -n1 openstack recordset list example.com

Links
https://docs.binero.com/guides/designate-as-authenticator-for-lets-encrypt.html
https://letsencrypt.org/docs/challenge-types/

Create OpenStack DualStack or IPv6 only VM 

# Create router
openstack router create test-router1 \
  --centralized \
  --ha \
  --external-gateway public
 
# Show available tenant IPv6 subnet
openstack subnet pool list --share | grep tenant-subnet-pool-v6
 
# Create network
openstack network create test-network1
 
# DUAL-STACK: Create IPv4 subnet (skip for IPv6 only)
openstack subnet create test-subnet1-ipv4 \
  --network test-network1 \
  --subnet-range 10.11.12.0/24
 
# DUAL-STACK: Attach IPv4 subnet to router (skip for IPv6 only)
openstack router add subnet test-router1 test-subnet1-ipv4
 
# Create IPv6 subnet
openstack subnet create test-subnet1-ipv6 \
  --network test-network1 \
  --ip-version 6 \
  --subnet-pool tenant-subnet-pool-v6 \
  --prefix-length 64 \
  --ipv6-ra-mode dhcpv6-stateless \
  --ipv6-address-mode dhcpv6-stateless
 
# Attach IPv6 subnet to router
openstack router add subnet test-router1 test-subnet1-ipv6
 
# OPTINAL: allow access from outside
SECURITY_GROUP=test-secgroup
openstack security group create ${SECURITY_GROUP}
 
# DUAL-STACK: allow access to Floating FIP from outside (skip for IPv6 only)
openstack security group rule create ${SECURITY_GROUP} --ethertype IPv4 --protocol icmp --ingress --remote-ip 0.0.0.0/0
openstack security group rule create ${SECURITY_GROUP} --ethertype IPv4 --protocol icmp --egress --remote-ip 0.0.0.0/0
openstack security group rule create ${SECURITY_GROUP} --ethertype IPv4 --protocol tcp --dst-port 22 --remote-ip 0.0.0.0/0
Subscribe to