This is part of my brief series on Wireguard. I'm pretty enamoured with Wireguard and the way it works, and I've been using it pretty seamlessly for over a year now. I've learned a couple things that weren't immediately obvious though, so I'm documenting them here.

Easy Provisioning

Samuel Holland mentioned an interesting trinket, in his post at https://lists.zx2c4.com/pipermail/wireguard/2018-December/003703.html:

"[...] WireGuard will ignore a peer whose public key matches the interface's private key. So you can distribute a single list of peers everywhere …

I came home tonight to discover my wife had made probably the most amazing tomato soup I've ever tasted. She performed this feat with about ten minutes of effort (plus about an hour of simmering), so I decided I needed to note it down.

Ingredients

• 1 Tbsp oil
• 1 medium onion, sliced
• 1/2 head of garlic, peeled and chopped
• About 4 slices of bacon, diced
• 3 cans of chopped tomatoes
• 2 tsp of vegetable stock powder
• 2 tsp of sugar
• 1 cup of water
• Cream
• Parsley for garnish

Method …

I've knocked heads with AppArmor a few times now. To be quite honest with myself, I think it's primarily because I install it, enable all the plugins, and then forget it's there until there's a problem.

TL;DR:

On a fully-updated Zentyal 5.0 system running DHCP, the AppArmor profile in /etc/apparmor.d/usr.sbin.dhcpd will prevent isc-dhcp-server from restarting itself after an upgrade.

More search-type words: Zentyal dhcp server doesn't start again after upgrade. isc-dhcp-server graceful shutdown, but no restart.

This frustration-laden, Google-friendly equivalent of speaking slowly …

This is going to be one of those posts where I just dump stuff. Power failures are shite, and if your server isn't talking with your UPS, it won't shut down gracefully. This is the story of my trying to get APC's PowerChute Network Shutdown working on a ProxmoxVE 5.1 environment.

Note I opted out of using either nut or apcupsd, because I had a nice fancy Network Management Card (NMC2 / Schneider AP9631) available. Also, I wanted to shut down more than a single server, so a USB or …

Back when I was getting this blog set up, I had a short whinge about the default way that the Flex theme created links to pages.

Specficially, creating a link to "Tuna Patties" (for example), Flex would append the link with an identical stub, such as https://www.ericlight.com/tuna-patties.html#tuna-patties

I thought this was silly, so I found a way to fix it, but never bothered submitting a Pull Request to Alexandre because I figured it was intentional.

Well, it turns out I wasn't the only one …

My personal laptop is an old Dell Latitude E6410. One of the things I actually love about it, is the fact that the keyboard has a backlight.

However, because Linux, sometimes that backlight just stops working. When this happens, you'll see error messages in dmesg, such as:

dell_wmi: Unknown key with type 0x0011 and code 0x01e2 pressed

If this happens to you, just run this command:

$ sudo echo 7 > /sys/devices/platform/dell-laptop/leds/dell\:\:kbd_backlight/brightness

You can echo a higher number if you want your keyboard brighter, but …

We recently got a Fornetto Basso - it's an 18" bullet smoker/barbecue, advertised with three tiers of deliciousness: two bbq racks, and a rail under the lid for hanging meats for smoking. It also has a large metal water bowl, which goes at the bottom. The water helps to keep the meat moist, and helps regulate the temperature.

However... The water bowl also turns out to be my new favourite bean-cooking vessel! It's quite huge (probably about 8 litres) and of course it doesn't consume any of the precious roasting …

While trying to monitor the status of one of our wireless access points, I discovered that RouterOS returns an incorrect SNMP status code for the wlan interfaces when there are no clients connected to the interface. This is at least present in RouterOS v6.40.3, on a Mikrotik cAPlite (RBcAPL-2nD).

Specifically, when the wifi interface is up, but has zero connected clients, the OID returns an SNMP value of 2 ("down"). This status is incorrect - the interface isn't down, it's merely waiting for an external connection.

The specific OID …

I discovered a while ago that NFS requires DNS to function correctly: https://bugs.freenas.org/issues/4983

That's somewhat annoying, because when your DNS server goes down (and your backups are stored on your FreeNAS server and accessed over NFS), is precisely the time when you really want your backups to be accessible.

However, turns out it doesn't aaaaactuallyyyyy need DNS... it needs name resolution. Specifically, FreeNAS just needs to be able to resolve it's own hostname. Cue the handy-dandy hosts file.

Under Network -> Global Configuration -> Host name data …

I got a second-hand Samsung Galaxy S5 for my mum yesterday (a G900I model, from Telstra), and I spent some time getting it ready.

Firstly, I downloaded the most-recent Telstra firmware image. At time of writing, that's G900IDVU1CQJ2. Telstra appears to be the only carrier still releasing stock firmware for this phone, so I downloaded the Telstra version even though we're connecting to Spark New Zealand. This means the phone will at least be running the most up-to-date baseband and modem firmware.

Note - if you try this, and find that …