OpenStack Debug VPN connection

Find the VPN server and the relevant router UUID

# get VPN connection ID
openstack vpn ipsec site connection list | grep foo
openstack vpn ipsec site connection list --long | grep <project_id>
openstack vpn ipsec site connection show ${VPN_CONNECTION_ID}
VPN_SERVICE_ID=$(openstack vpn ipsec site connection show ${VPN_CONNECTION_ID} -c 'VPN Service' -f value)
openstack vpn service show ${VPN_SERVICE_ID}
# get router ID
ROUTER_ID=$(openstack vpn service show ${VPN_SERVICE_ID} -c Router -f value)

Find the ctl Node where the active router is running

ROUTER_PORT_ID=$(openstack port list --device-owner network:router_gateway -f value -c id --router ${ROUTER_ID})
CONTROL_NODE=$(openstack port show ${ROUTER_PORT_ID} -c binding_host_id -f value)
echo "ssh ${CONTROL_NODE} sudo ip netns exec qrouter-${ROUTER_ID} ip a s"

Connect to that ctl node and "jump" in its neutron-l3-agent docker container

Xiaomi Mi A2 Lite (daisy)

Enable USB-Debugging and unlock phone

# Connect phone to Wifi
Settings > About Phone > Build number > tap 7x times to become developer
Settings > System > Advanced > Developer Options > OEM unclocking
Settings > System > Advanced > Developer Options > USB Debugging > OK

Unlock phone

# Connect phone to computer
adb devices
# Accept "Allow access with your computer RSA key" on phone
adb reboot bootloader
fastboot oem unlock

Boot bootloader

Power Off phone
Hold volume_down + power
OPTIONAL: Recovery phone with original Xiaomi image to update firmware

Flash custom image
# ArrowOS download:
#OpenGA apps:

Terraform: Create LoadBalancer in OpenStack

provider "openstack" {
  cloud = "lab-admin"
  use_octavia = true
# data "template_file" "user_data" {
#   template = file("user-data.txt")
# }
data "template_file" "user_data" {
  template = <<EOF
package_update: true
 - nginx
 - hostname -f | sudo tee /var/www/html/index.nginx-debian.html
 - id > /tmp/debug
variable "http_instance_names" {
  type = set(string)
  default = ["www1", "www2"]
resource "openstack_compute_instance_v2" "http" {
  for_each    = var.http_instance_names
  name        = each.key
 #name = "www${count.index + 1}"
 #count = 2
 image_name = "Ubuntu 20.04 minimal"
 flavor_name = "m1.small"
 key_pair = "lab-key"
 security_groups = ["default"]
 user_data = data.template_file.user_data.rendered
 network {
   name = "demo-net"
data "openstack_networking_network_v2" "network_1" {
  name = "demo-net"
data "openstack_networking_subnet_v2" "subnet_1" {
  name = "demo-subnet"
  network_id =
# Create loadbalancer
resource "openstack_lb_loadbalancer_v2" "http" {
  name          = "demo-lb1"
  vip_subnet_id =


# install nextcloud with snap
snap install nextcloud
sudo snap enable nextcloud
sudo snap disable nextcloud
# set domain
nextcloud.occ config:system:set trusted_domains 0 --value=""


# create user
export OC_PASS=pass1234
nextcloud.occ user:add --display-name "Foo Bar" --group=bar --password-from-env foo


# create email
nextcloud.occ mail:account:create fobr "Foo Bar" 143 off pass1234 25 off pass1234


# path
# rescan files
nextcloud.occ files:scan --path=admin
nextcloud.occ files:scan --all
# external files
nextcloud.occ files_external:list
sudo snap connect nextcloud:removable-media