Zigbee / SmartHome

homebridge

cat <<EOF> docker-compose.yml 
version: '2'
services:
  homebridge:
    image: oznu/homebridge:latest
    restart: always
    network_mode: host
    volumes:
      - ./volumes/homebridge:/homebridge
    logging:
      driver: json-file
      options:
        max-size: "10mb"
        max-file: "1"
EOF
 
sudo docker-compose up -d

Setup
http://localhost:8581

Tuya
https://github.com/0x5e/homebridge-tuya-platform

npm install @0x5e/homebridge-tuya-platform

Yamaha
https://github.com/cgierke/homebridge-musiccast

Links
https://github.com/homebridge/homebridge/wiki/Install-Homebridge-on-Docker

Migrate OpenStack VM with encrypted volume

SERVER_ID=xxxx-xxxx-xxxx-xxxx-xxxx
 
# VOLUME_ID=$(openstack server show ${SERVER_ID} -c volumes_attached -f value | cut -d "'" -f4)
# VOLUME_TYPE=$(openstack volume show ${VOLUME_ID} -c type -f value)
# openstack volume type show ${VOLUME_TYPE}
 
# add admin to project
PROJECT_ID=$(openstack server show ${SERVER_ID} -c project_id -f value)
openstack role add --user admin --project ${PROJECT_ID} admin
unset OS_PROJECT_DOMAIN_NAME
unset OS_PROJECT_NAME
export OS_PROJECT_ID=${PROJECT_ID}
 
# Live migrate VM
openstack server migrate --os-compute-api-version 2.56 --live-migration --wait --host com10-prod ${SERVER_ID}
openstack server show ${SERVER_ID} -c name -c OS-EXT-SRV-ATTR:host
 
# remove admin from project
unset OS_PROJECT_ID
source /etc/kolla/admin-openrc.sh
openstack role remove --user admin --project ${PROJECT_ID} admin

MultiBootUSB

DEVICE=/dev/sdb
VOLUME=MultiBootUSB
 
# create filesystem on usb pen
sudo mkfs.vfat -n ${VOLUME} ${DEVICE}1
 
# mount usb
mount ${DEVICE}1 /mnt/
 
# install grub2 on usb pen
grub-install --no-floppy --root-directory=/mnt ${DEVICE}
 
# create grub config
cat <<EOF> /mnt/boot/grub/grub.cfg
menuentry "Ubuntu Live 11.04 64bit" {
        loopback loop /boot/iso/ubuntu-11.04-desktop-amd64.iso
        linux (loop)/casper/vmlinuz boot=casper iso-scan/filename=/boot/iso/ubuntu-11.04-desktop-amd64.iso noeject noprompt --
        initrd (loop)/casper/initrd.lz
}
 
menuentry "Ubuntu Live 9.10 32bit" {
 loopback loop /boot/iso/ubuntu-9.10-desktop-i386.iso

Create application credentials as Openstack admin for federated user(s)

Single user

# user OS_TOKEN
export OS_TOKEN=gAAAAABjtUl_4LZr3iNqI7dOoBYMw-...
 
# cat ~/.config/openstack/clouds.yaml
clouds:
  dev-admin-token:
    auth:
      auth_url: https://keystone.service.examle.com/v3
    region_name: "eu-south"
    interface: "public"
    identity_api_version: 3
    project_domain_name: "my-foo"
    project_name: "foo"
    auth_type: "v3token"
 
OS_AC=$(openstack application credential create ${OS_AC_NAME} --unrestricted --os-cloud dev-admin-token -f json)

Multiple user

OpenStack: Authentificaton (Token, Application credendials)

Token authentificaton

unset $(compgen -v | grep OS_)
 
export OS_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 
export OS_AUTH_TYPE=v3token
export OS_AUTH_URL=https://keystone.service.example.com/v3
export OS_IDENTITY_API_VERSION=3
export OS_INTERFACE=public
export OS_REGION_NAME=de-b1
export OS_PROJECT_DOMAIN_NAME=test-domain
export OS_PROJECT_NAME=test-project
#export OS_PROJECT_ID=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

OpenStack multi cloud / user configurattion
http://www.panticz.de/openstack-clouds-config

Remotely unlock encrypted root disk using SSH

sudo apt install dropbear-initramfs
 
sudo sed -i 's/#DROPBEAR_OPTIONS=/DROPBEAR_OPTIONS="-I 180 -j -k -p 4000 -s -c cryptroot-unlock"/g' /etc/dropbear/initramfs/dropbear.conf
 
# optional: configure IP if no DHCP avaiable
# echo 'IP=192.168.2.123::192.168.2.1:255.255.254.0:my-wks01' >> /etc/initramfs-tools/initramfs.conf
 
sudo ssh-import-id gh:<my_user_id> -o /etc/dropbear/initramfs/authorized_keys
 
sudo update-initramfs -u
 
ssh root@your_workstation_ip -p 4444
 
# unlock disk
unlock-cryptroot

Links
https://www.cyberciti.biz/security/how-to-unlock-luks-using-dropbear-ssh-keys-remotely-in-linux/
https://realtechtalk.com/Howto_Set_Static_IP_on_boot_in_initramfs_for_dropbear_or_other_purposes_NFS_Linux_Debian_Ubuntu_CentOS-2278-articles

Ansible: Collection

Manage collections

# Install collection
ansible-galaxy collection install ansible.posix
ansible-galaxy collection install git@git.example.com:foo/ansible-collections/bar
ansible-galaxy collection install git+file:///home/user/path/to/repo_name
 
# List collections
ansible-galaxy collection list
# default user Ansible collection directory
~/.ansible/collections/ansible_collections/
 
# env vars
ANSIBLE_COLLECTIONS_PATHS
 
# ~/.ansible.cfg 
[defaults]
collections_paths = /path/to/collection
 
# get current path
ansible-config dump | grep -i collection

Include collection in playbook

- hosts: all
  collections:
    - my_namespace.my_collection
 
 
- hosts: all
  tasks:
    - import_role:
        name: my_namespace.my_collection.my_role

Defile collection dependency in role

OpenStack: Neutron L3 router

Recreate / move qrouter namespace

ROUTER_ID=74490819-028e-424e-b8f9-c7e48cf672af
 
# list router NS
openstack network agent list --router ${ROUTER_ID} --long
 
# list available l3 agents
openstack network agent list --agent-type l3
 
# recreate L3 agent
SOURCE_NODE=ctl1-dev
TARGET_NODE=ctl2-dev
 
SOURCE_L3_ID=$(openstack network agent list --host ${SOURCE_NODE} --agent-type l3 -f value -c ID)
TARGET_L3_ID=$(openstack network agent list --host ${TARGET_NODE} --agent-type l3 -f value -c ID)
 
openstack network agent add router --l3 ${TARGET_L3_ID} ${ROUTER_ID}
openstack network agent remove router --l3 ${SOURCE_L3_ID} ${ROUTER_ID}

Recreate all network agents

openstack router list --agent $SOURCE_L3_ID -f value -c ID | while read ROUTER_ID; do
    openstack network agent add router --l3 ${TARGET_L3_ID} ${ROUTER_ID}
    openstack network agent remove router --l3 ${SOURCE_L3_ID} ${ROUTER_ID}
done
 
openstack network agent set $SOURCE_L3_ID --disable

List floating IP in qrouter namespace