Using a Raspberry Pi as a surveillance camera in Home Assistant

Background

For the last few months I’ve been slowly building out my home automation system, based on Home Assistant. I have a couple of basic requirements for anything I add to it: It shouldn’t break the bank, and I don’t want any cloud features. For one thing, I don’t want my devices to suddenly stop working because of service disruptions, bankruptcy or outright planned obsolescence, but more importantly: I want to control my personal data.

I have a couple of other guiding principles as well: devices and systems based on open source is preferred, and whenever that is impractical, the stuff I buy should at least be based on industry standards. No walled gardens, please!

For instance I ended up with IKEA Trådfri for my lights, partly because of this short review by Matthew Garrett. I’ve successfully mixed and matched light bulbs from IKEA and Philips. I’ve also invested in a USB stick for Z-Wave integration.

So when I started looking for ways to add some cameras to the system, I quickly realized that «reasonably priced» and «no cloud» don’t mix. There are some awesome networked cameras out there, especially the Xiaomi Xiaofang/Wyzecam devices have impressive specs and are surprisingly affordable. Too bad that they also come with those pesky clouds (though there are ways to turn that stuff off). I could have gone with more traditional surveillance cameras from companies like Axis or Planet, but they are much pricier, and would generally require a wired connection. 

So I gave up looking for my dream camera, partly because I finally had an excuse to start messing around with Raspberry Pi and its Camera Module V2!

Fortsett å lese Using a Raspberry Pi as a surveillance camera in Home Assistant

Kom i gang med moddet Minecraft

En kollega på NTNU lurte på om jeg kunne gi noen råd og vink om hvordan man tryggest mulig kunne laste ned og bruke såkalte «mods» i Minecraft, og jeg har i lengre tid glemt og/eller utsatt å gi ham tilbakemelding på dette. I stedet for å bare sende det til ham på e-post tenkte jeg at det kunne være nyttig for andre der ute, så her kommer tipsene i form av en blogg-post!

Målgruppen for denne bloggposten er sikkerhetsbevisste foreldre og foresatte som skal hjelpe yngstemann – som sannsynligvis allerede har satt i gang litt på egenhånd – og kanskje står litt fast.

Innledningsvis er det verdt å påpeke at denne artikkelen vil fokusere på Minecraft Java Edition, som kun kan spilles på PC. Dette må da selvfølgelig kjøpes først, og det eneste legitime stedet å kjøpe Minecraft er fra https://minecraft.net/. En Minecraft-lisens er knyttet til en brukerkonto, og denne brukerkontoen skal man bruke for å logge inn i en egnet launcher (slapp av, på neste side begynner jeg å forklare begrepene).

Forbehold og ansvarsfraskrivelse: disse rådene og vinkene følges på eget ansvar, og jeg ønsker ikke å være noen form for brukerstøtte.

Fortsett å lese Kom i gang med moddet Minecraft

Automatically tune PowerTop on bootup with SystemD

I use PowerTOP to get the most out of my battery on my laptop. Since PowerTOP doesn’t remember the settings from the previous bootup, I’ve made this quick and dirty SystemD unit file to fix my powertop settings on each boot:

Save it in /etc/systemd/system/powertop.service, run systemctl daemon-reload; systemctl enable powertop.service, and Bob’s your uncle.

Disable Windows 10 upgrade nag

Windows 10 is great-ish. But sometimes you want to keep using the OS you’re on, be it Windows 7 (fine) or one of the Windows 8 variants (what’s wrong with you?!). To hide the tray icon that keeps wanting you to upgrade, run these two PowerShell commands (assuming you’ve never tweaked this setting before. Error messages are probably fine):

Note to self: SSL/TLS debug tool

I’m typing this up in English in case it turns up in someone’s Google search results. 

I wanted to check up on my TLS certificate on one of my Apache vhosts today, using the good old command:

but ended up receiving the self signed certificate that ran on the server’s default domain. That wasn’t very useful, but I was reminded that I had seen someone mention a different tool in a blog post ranting about certificate caching lately. In an effort to avoid having to go through all the convoluted brain racking and Google searching the next time I want to find said tool, I’m leaving this note for myself here.

The tool in question is called gnutls-cli, and is part of the gnutls-utils package on Fedora or in gnutls-bin on Debian/Ubuntu. The syntax is very nice:

and it handles vhosts and stuff like that. It connects to port 443 by default, so the port part can usually be omitted.

#kopweb-survey 2014

For seks år siden kjørte jeg en liten uvitenskapelig undersøkelse på IRC-kanalen #kopweb på EFNet (der jeg henger fortsatt), hvor jeg sjekket hvilke IRC-klienter som var i bruk. I 2011 gjentok jeg forsøket, og nå i kveld gjennomførte jeg undersøkelsen for tredje gang.

kopweb irc clients 2014

Jeg merker meg at mangfoldet av klienter har minket en del siden sist, og at WeeChat har gått fra å ha én enslig bruker i 2011 til å være den nest mest populære klienten i 2014.

Ellers fikk jeg også denne gangen inn et innslag av «mirken 0.1.4-svn – running on C64». Jeg mistenker at det er samme person som i 2008.

Klient Antall
mIRC 6
irssi 30
weechat 12
eggdrop 2
X-Chat 1
Colloquy 1
ZNC 1
libpurple 1
Ukjent 2

How to tweak Google Chrome under Linux to manage Exchange Server 2013

Most, if not all, day to day management tasks for Microsoft Exchange Server 2013 can be achieved via your web browser by accessing the so called «Exchange Administration Center» with your browser. This is very nice for those of us who don’t run Windows on their desktop, and should allow for a little less RDP in our lives. However, some of the modal dialogues (as in «Edit» or «New» dialogues for e-mail addresses, certificates, server aliases etc.) refuse to pop up in Google Chrome (as of Chrome 37).

I could of course have started to use Firefox to manage Exchange, but that would only be a small step away from running RDP anyway, so here’s how you can (TEMPORARILY) re-enable the showModalDialog API in Google Chrome under Linux:

If you’re reading this after May 1st 2015, then I’m sorry, you’ll have to use something else to manage Exchange.

First, create the directories needed to hold Chrome Policies:

Next, create a policy file to hold our new policy setting:

And add this as its content:

Then completely restart Chrome (confirm that no chrome process is running before starting it again, Chrome likes to leave a systray running etc.).

Once Chrome has been restarted, you can check if your new policy has been picked up by checking chrome://policy, something like this should be showing up:

chrome-policy

Allow multicast and IGMP with UFW for IPTV to work

If you have access to multicast television in your network (such as UNINETT’s IPTV offer), and you’re running Ubuntu’s «Uncomplicated Firewall» aka. ufw, you’ll find that you’re unable to actually watch any of the channels. Here’s how you can adjust your firewall to receive the UDP multicast traffic:

This will take care of the coming and going UDP packets, but you also need to allow IGMP packets through. I haven’t found any command to make this change, so instead, you need to open up the file
/etc/ufw/before.rules
and add the following lines somewhere before the COMMIT line:

Now you can reload the firewall and you should be able to watch that glorious multicast IPTV.

Teknologi

“I’ve come up with a set of rules that describe our reactions to technologies:
1. Anything that is in the world when you’re born is normal and ordinary and is just a natural part of the way the world works.
2. Anything that’s invented between when you’re fifteen and thirty-five is new and exciting and revolutionary and you can probably get a career in it.
3. Anything invented after you’re thirty-five is against the natural order of things.”

– Douglas Adams, The Salmon of Doubt