hack4glarus-2019-winter: Issueshttp://localhost:3000/http://localhost:3000/favicon.ico?16699092332019-12-01T15:55:52Zungleich redmine
Redmine Task #7399 (Closed): presentations hack4glarus 2019 winterhttp://localhost:3000/issues/73992019-12-01T15:55:52ZGuifi Pedro
<p>upload here hack4glarus 2019 winter presentations</p> Task #7398 (Closed): Add more Search Engines to ⚉ CopyScanhttp://localhost:3000/issues/73982019-12-01T11:46:02ZMartin Vögeli
⚉ CopyScan is a Firefox Add-on for plagiarism detection. The add-on talks directy to search engines:
<ul>
<li>Startpage (Google Proxy)</li>
<li>New: Google Books</li>
<li>New: Google Scholar<br />Now available on Add-ons for Firefox: <a class="external" href="https://addons.mozilla.org/firefox/addon/copyscan/">https://addons.mozilla.org/firefox/addon/copyscan/</a></li>
</ul> Task #7397 (Closed): Create a script to create a net-bootable alpine imagehttp://localhost:3000/issues/73972019-11-30T21:21:54ZNico Schotteliusnico.schottelius@ungleich.chTask #7390 (Closed): Boot alpine via IPv6 netboot from the arm64 servershttp://localhost:3000/issues/73902019-11-30T19:36:46ZNico Schotteliusnico.schottelius@ungleich.chTask #7389 (Closed): Setup a webserver on the APU, create an ipxe script and add bootable fileshttp://localhost:3000/issues/73892019-11-30T19:30:09ZNico Schotteliusnico.schottelius@ungleich.ch
<ul>
<li>install nginx</li>
<li>download ipxescript</li>
<li>download kernel</li>
<li>download initramfs</li>
<li>verify with wget or curl that the files are accessible on the APU from outside
<ul>
<li>try wget/curl from your notebook</li>
</ul>
</li>
<li>place all files in the nginx directory</li>
<li>modify dhcp6 config to use YOUR webserver (= APU) instead of routerX
<ul>
<li>currently: <a class="external" href="http://[2a0a:e5c0:2:1::6]/ipxescript">http://[2a0a:e5c0:2:1::6]/ipxescript</a></li>
</ul></li>
</ul> Task #7387 (Closed): Create an iPXE binary WITHOUT ipv4 support (only IPv6)http://localhost:3000/issues/73872019-11-30T17:56:24ZNico Schotteliusnico.schottelius@ungleich.chTask #7385 (Closed): Create a new service named "ipv6" that offers in ipv6 networkserviceshttp://localhost:3000/issues/73852019-11-30T13:45:20ZNico Schotteliusnico.schottelius@ungleich.ch
<ul>
<li>Reachable under <a class="external" href="http://ipv6/">http://ipv6/</a></li>
<li>Be able to delegate a /64 network (why not dhcp-pd: too complex)</li>
</ul> Task #7382 (Closed): Monitoring at a different level (BPF/Suricata/Cilium)http://localhost:3000/issues/73822019-11-29T23:02:24ZPhilipp Buehler
<p>Traditional pull based monitoring (nagios et al) is DEAD><br />Push based (partly Prometheus, Riemann) is cooler.</p>
<p>But it's still somewhat superficial requests.. how about<br />monitoring directly "from the wire".</p>
<p>Reasearch on gathering data on an app-level without<br />app-internal instrumentation (eg. haproxy/suricata).</p> Task #7381 (Closed): Monitor lorawan temperature sensors with prometheus + grafanahttp://localhost:3000/issues/73812019-11-29T22:49:51ZNico Schotteliusnico.schottelius@ungleich.ch
<ul>
<li>For conrod</li>
</ul> Task #7380 (Closed): Checking out BorgBackuphttp://localhost:3000/issues/73802019-11-29T22:37:59ZMartin Vögeli
<p>Learn to work with the deduplicating archiver with compression and encryption called <strong>BorgBackup (short: Borg)</strong>: <a class="external" href="https://www.borgbackup.org">https://www.borgbackup.org</a></p> Task #7379 (Closed): Explore an "any name DNS service"http://localhost:3000/issues/73792019-11-29T18:09:37ZNico Schotteliusnico.schottelius@ungleich.ch
<p>... and probably have it as an self hosted offer, too</p>
<ul>
<li>similar to "what three words"?</li>
</ul> Task #7378 (Closed): Document / explore on how to sensibly run docker with a /64http://localhost:3000/issues/73782019-11-29T18:08:00ZNico Schotteliusnico.schottelius@ungleich.ch
<a name="draft-1-https-only"></a>
<h2 >draft 1: "https only"<a href="#draft-1-https-only" class="wiki-anchor">¶</a></h2>
<ul>
<li>Block everything incoming besides https</li>
<li>Reasoning:
<ul>
<li>containers by default insecure</li>
<li>if https open -> it is likely intended</li>
</ul>
</li>
<li>container types (brainstorming)
<ul>
<li>databases</li>
<li>message broker</li>
<li>workers (probably not even reachable)</li>
<li>a lot of http only stuff</li>
</ul></li>
</ul>
<a name="draft-2-tlsssl-in-a-container"></a>
<h2 >draft 2: tls/ssl in a container<a href="#draft-2-tlsssl-in-a-container" class="wiki-anchor">¶</a></h2>
<ul>
<li>get a name</li>
<li>get a cert</li>
<li>TBD</li>
</ul>
<a name="draft-3-NAT66-firewall"></a>
<h2 >draft 3: "NAT66 + firewall"<a href="#draft-3-NAT66-firewall" class="wiki-anchor">¶</a></h2>
<ul>
<li>Use the same approach as in IPv4 world</li>
<li>We use a site local IPv6 addresses</li>
<li>Do a NAT66 to the one IPv6 address of the host</li>
<li>People can behave/have similar mechanisms as before</li>
</ul> Task #7376 (Closed): Packer+Vagrant for OpenBSD (cont'd)http://localhost:3000/issues/73762019-11-29T17:53:26ZPhilipp Buehler
<p>Continuing <a class="external" href="https://redmine.ungleich.ch/issues/6736">https://redmine.ungleich.ch/issues/6736</a></p> Task #7375 (Closed): make a mozilla WebThings notifier (telegram bot) http://localhost:3000/issues/73752019-11-29T16:39:55ZDavid Hasselhoff
<p><a class="external" href="https://hacks.mozilla.org/2019/08/using-webthings-gateway-notifications-as-a-warning-system-for-your-home/">https://hacks.mozilla.org/2019/08/using-webthings-gateway-notifications-as-a-warning-system-for-your-home/</a></p> Task #7374 (Closed): make a mozilla WebThings UI extensionhttp://localhost:3000/issues/73742019-11-29T16:37:58ZDavid Hasselhoff
<p><a class="external" href="https://hacks.mozilla.org/2019/11/ui-extensions-webthings-gateway/">https://hacks.mozilla.org/2019/11/ui-extensions-webthings-gateway/</a></p>