Hello, tech enthusiasts! Knud here with a must-know update for all pfSense+ users, especially those with Netgate 1100. The latest release, 23.09, is here, and it’s packed with significant changes and upgrades.

Upgrading to pfSense+ 23.09: Step-by-Step

1. Initiate the Update: Access the pfSense+ dashboard, and click the ‘Update’ button under the ‘Version’ section.
2. Backup Is Key: Before updating, navigate to ‘Diagnostics’ then ‘Backup & Restore’ for a necessary backup.
3. Patience Pays Off: Expect the update to take around 15 minutes. So, relax, and let it complete.

What’s New in 23.09?

1. PHP Upgrade: PHP has been upgraded to version 8.2.11, ensuring better performance and security【11†source】.
2. Operating System Upgrade: The base system now uses a more recent point on FreeBSD 14-CURRENT【11†source】.
3. Improved SCTP Support: Enhancements in PF for firewall rules, NAT, and logging, particularly for SCTP packets【11†source】.
4. OpenSSL Upgrade: A significant jump from 1.1.1t to 3.0.12, bringing major API and ABI changes, and deprecating weak algorithms【15†source】.
5. Kea DHCP Server: A new, opt-in feature preview for IPv4 and IPv6 DHCP services【11†source】.
6. NVMe Storage Device Driver Change: The default driver switched from nvd(4) to nda(4), impacting swap configurations【15†source】.
7. Security Enhancements: OpenSSL 3.0.x no longer supports SHA1 certificates, impacting OpenVPN and other services【15†source】.

Post-Update Steps:

Once updated, perform another backup to ensure your settings are current.

Final Thoughts:

Upgrading your pfSense+ system to version 23.09 is straightforward but requires careful steps. Remember, patience is crucial during the upgrade process for a smooth transition. Enjoy the new features and improved performance!

Cheers to efficient networking,
Knud ;O)

Introduction

Accurate timekeeping is essential for various applications, from logging to scheduling tasks. While there are numerous public NTP servers, setting up your own NTP server offers more control and can be quite satisfying. In this blog post, we’ll explore how to configure a Raspberry Pi, affectionately named “Bookworm,” to sync time using an NTP server.

Why Raspberry Pi?

The Raspberry Pi is a versatile and affordable piece of hardware that can handle a variety of tasks, including acting as an NTP client. Its low power consumption and ease of use make it an ideal choice for this purpose.

Prerequisites

• A Raspberry Pi running a compatible Linux distribution (e.g., Raspbian)
• Basic knowledge of Linux commands and vi text editor
• Access to an NTP server (In this example, we use 192.168.0.1)

Step-by-Step Guide

1. Check Current Time Sync Status

   timedatectl show-timesync --all

This command will display detailed information about the current time synchronization status on your Raspberry Pi.

2. Edit the Configuration File

   sudo vi /etc/systemd/timesyncd.conf

Open the timesyncd.conf file using the vi text editor with superuser permissions.

3. Set the NTP Server

   NTP=192.168.0.1

Add this line to the timesyncd.conf file to specify the NTP server you want to use. Save and exit the file.

4. Restart the Time Sync Service

   sudo systemctl restart systemd-timesyncd

Restart the systemd-timesyncd service to apply the changes.

5. Verify the Changes

   timedatectl show-timesync --all

Run this command again to confirm that the NTP server is now set to 192.168.0.1.

6. Check the System Time

   date

Finally, use the date command to display the current system time, ensuring that it is accurate.

Conclusion

Configuring your Raspberry Pi “Bookworm” to use a specific NTP server is a straightforward process that ensures accurate timekeeping. This setup is particularly useful for networks where precise time is crucial. With these simple steps, you can achieve better control and reliability in time synchronization.

I hope you find this guide useful for setting up NTP on your Raspberry Pi “Bookworm.” Feel free to adapt these steps according to your specific needs.

Upgrading your Raspberry Pi’s operating system doesn’t always require a complete reinstallation. If you’re running Debian Bullseye and want to move to the newer Bookworm version, you can do so with a few simple steps. Before proceeding, make sure to back up all important data.

Step 1: Backup Your Data

First and foremost, backup all your important files. This ensures that you can recover your data in case something goes wrong during the upgrade.

Step 2: Update Current System

Open a terminal and run the following commands to update your existing Bullseye system:

sudo apt update
sudo apt upgrade
sudo apt dist-upgrade

Step 3: Change Repositories

Edit the /etc/apt/sources.list file and any files in /etc/apt/sources.list.d/ to replace ‘bullseye’ with ‘bookworm’. You can use the nano text editor for this:

sudo nano /etc/apt/sources.list

Step 4: Update Package List

After updating the repositories, run the following command to fetch the new package list:

sudo apt update

Step 5: Upgrade Packages

Execute the following commands to perform the upgrade:

sudo apt upgrade
sudo apt dist-upgrade

Step 6: Clean Up

Remove any obsolete packages to free up space:

sudo apt autoremove
sudo apt clean

Step 7: Reboot

Finally, reboot your Raspberry Pi to complete the upgrade:

sudo reboot

And there you have it! You’ve successfully upgraded from Debian Bullseye to Bookworm on your Raspberry Pi without a complete reinstallation. Always remember to read the specific release notes and upgrade instructions for your situation.

Feel free to use or modify this blog post as you see fit!

Prerequisites

• Docker data located at /var/lib/docker/volumes.
• SSH access to the target backup system.

Passwordless SSH Login

First, set up passwordless SSH login:

ssh-keygen -t rsa
ssh-copy-id root@192.168.0.225
ssh root@192.168.0.225

Docker Volume Backup Script

Create a backup script named docker_backup.sh:

#!/bin/bash
set -e

# Define variables
source_dir="/var/lib/docker/volumes"
backup_dir="/opt/docker_backups"
keep_backups=10
current_datetime=$(date +"%Y-%m-%d_%H-%M-%S")
backup_filename="$current_datetime-backup.tar"
remote_user="root"
remote_server="192.168.0.225"
remote_dir="/opt/remote_docker_backups"

# Check if source and backup directories exist
if [ ! -d "$source_dir" ]; then
  echo "Source directory does not exist."
  exit 1
fi
if [ ! -d "$backup_dir" ]; then
  echo "Backup directory does not exist."
  exit 1
fi

# Stop running Docker containers
if [ "$(docker ps -q)" ]; then
  docker stop $(docker ps -q)
fi

# Create the backup
tar -cpf "$backup_dir/$backup_filename" "$source_dir"

# Start stopped Docker containers
if [ "$(docker ps -a -q)" ]; then
  docker start $(docker ps -a -q)
fi

# Compress and transfer the backup
gzip "$backup_dir/$backup_filename"
backup_filename="$current_datetime-backup.tar.gz"
scp "$backup_dir/$backup_filename" "$remote_user@$remote_server:$remote_dir"

# Remove old backups
find "$backup_dir" -type f -name "*-backup.tar.gz" -mtime +$keep_backups -exec rm {} \;
ssh "$remote_user@$remote_server" "find $remote_dir -type f -name '*-backup.tar.gz' -mtime +$keep_backups -exec rm {} \;"

echo "Backup was created: $backup_dir/$backup_filename and copied to $remote_server:$remote_dir."

Run the script:

sudo su
chmod +x docker_backup.sh
./docker_backup.sh

Ansible Alternative

Create an Ansible playbook named docker_backup.yml:

---
- name: Docker Backup Playbook
  hosts: rpidocker
  become: yes
  vars:
    source_dir: "/var/lib/docker/volumes"
    backup_dir: "/opt/docker_backups"
    keep_backups: 10
    current_datetime: "{{ lookup('pipe', 'date +%Y-%m-%d_%H-%M-%S') }}"
    backup_filename: "{{ current_datetime }}-backup.tar"
    remote_user: "root"
    remote_server: "192.168.0.225"
    remote_dir: "/opt/remote_docker_backups"

  tasks:
    - name: Check if source directory exists
      stat:
        path: "{{ source_dir }}"
      register: source_dir_stat

    - name: Fail if source directory does not exist
      fail:
        msg: "Source directory does not exist."
      when: not source_dir_stat.stat.exists

    - name: Check if backup directory exists
      stat:
        path: "{{ backup_dir }}"
      register: backup_dir_stat

    - name: Fail if backup directory does not exist
      fail:
        msg: "Backup directory does not exist."
      when: not backup_dir_stat.stat.exists

    - name: Stop running Docker containers
      command: docker stop $(docker ps -q)
      ignore_errors: yes

    - name: Create backup archive
      command: tar -cpf "{{ backup_dir }}/{{ backup_filename }}" "{{ source_dir }}"

    - name: Start all Docker containers
      command: docker start $(docker ps -a -q)
      ignore_errors: yes

    - name: Compress the backup archive
      command: gzip "{{ backup_dir }}/{{ backup_filename }}"
      args:
        chdir: "{{ backup_dir }}"

    - name: Copy backup to remote server
      synchronize:
        src: "{{ backup_dir }}/{{ backup_filename }}.gz"
        dest: "{{ remote_user }}@{{ remote_server }}:{{ remote_dir }}"
        mode: push

    - name: Delete older backups locally
      shell: find "{{ backup_dir }}" -type f -name "*-backup.tar.gz" -mtime +{{ keep_backups }} -exec rm {} \;

    - name: Delete older backups on remote server
      shell: ssh "{{ remote_user }}@{{ remote_server }}" "find {{ remote_dir }} -type f -name '*-backup.tar.gz' -mtime +{{ keep_backups }} -exec rm {} \;"

Run the playbook:

ansible-playbook -i inventory.ini docker_backup.yml

Your inventory.ini should look like:

[rpidocker]
192.168.0.224 ansible_user=root ansible_ssh_private_key_file=/path/to/your/private/key

Conclusion

You now have two methods to back up your Docker data securely to another location within your LAN. Choose the one that best fits your needs.

Introduction

Managing TP-Link EAP devices becomes a breeze when you have a centralized controller. In this guide, we’ll walk through the steps to set up an Omada Controller on a Raspberry Pi 4 using Docker. This is an excellent solution for both home and small business networks.

Prerequisites

• Raspberry Pi 4 with 4GB RAM
• Docker installed on the Raspberry Pi
• SSH access to the Raspberry Pi

Step-by-Step Guide

Step 1: SSH into Your Raspberry Pi

First, connect to your Raspberry Pi using SSH. This will allow you to execute commands remotely.

Step 2: Pull the Omada Controller Docker Image

Run the following command to pull the latest Omada Controller Docker image:

docker pull mbentley/omada-controller:latest

Step 3: Create Data Directories

Create directories to store Omada Controller’s data and work files:

mkdir -p /opt/tplink/OmadaController/data
mkdir -p /opt/tplink/OmadaController/work

Step 4: Run the Omada Controller Container

Execute the following command to run the Omada Controller container:

docker run -d \
  --name omada-controller \
  --restart unless-stopped \
  -e TZ='Europe/Copenhagen' \
  -e SMALL_FILES=false \
  -p 8088:8088 \
  -p 8043:8043 \
  -p 27001:27001/udp \
  -p 27002:27002 \
  -p 29810:29810/udp \
  -p 29811:29811 \
  -p 29812:29812 \
  -p 29813:29813 \
  -v /opt/tplink/OmadaController/data:/opt/tplink/EAPController/data \
  -v /opt/tplink/OmadaController/work:/opt/tplink/EAPController/work \
  mbentley/omada-controller:latest

Step 5: Access the Omada Controller

Finally, open a web browser and navigate to https://<Raspberry_Pi_IP>:8043. Follow the setup wizard to complete the installation.

Note: Replace <Raspberry_Pi_IP> with the actual IP address of your Raspberry Pi.

Conclusion

You’ve successfully set up an Omada Controller on your Raspberry Pi 4 using Docker. This will help you manage your TP-Link EAP devices efficiently. If you have any questions or run into issues, feel free to reach out.

Feel free to add this to your homepage, and let me know if you’d like any adjustments.

Docker has revolutionized the way we develop, package, and deploy applications. But like any system, it’s crucial to have backups. In this post, we’ll walk through the process of backing up Docker containers and volumes to an external hard drive and restoring them on another Docker server.

Backing Up Docker Containers:

1. Commit the Container:
   Before you can backup a container, you need to commit any changes made inside it to an image.

   docker commit <container_id> <backup_image_name>

2. Save the Image:
   Once committed, save the image to a tarball.

   docker save -o <path_to_backup_image.tar> <backup_image_name>

Backing Up Docker Volumes:

1. Locate the Volume:
   Identify where Docker stores its volume data.

   docker volume inspect <volume_name>

Look for the “Mountpoint” in the output.

2. Copy the Data:
   Copy the volume data to your external hard drive.

   sudo cp -r <mountpoint_path> /path/to/external/hdrive/

Restoring on Another Docker Server:

1. Load the Image:
   Transfer the tarball to the new Docker server and load the image.

   docker load -i <path_to_backup_image.tar>

2. Run the Container:
   Create and run a new container from the backed-up image.

   docker run -d <backup_image_name>

3. Restore Volume Data:
   Copy the volume data from your external hard drive to the appropriate location on the new Docker server.

Conclusion:

While Docker provides a seamless environment for application development and deployment, ensuring data safety is paramount. Regularly backing up containers and volumes ensures that you can quickly recover from unforeseen issues. Whether you’re migrating to a new server or recovering from a disaster, these steps will help you restore your Docker environment with ease.

I hope this blog post provides a clear guide on backing up and restoring Docker containers and volumes. Always remember to test your backups to ensure they can be restored correctly. Happy Dockering!

The Homer dashboard is a simple, customizable, and self-hosted dashboard that allows users to centralize their most frequently used links, services, and tools in one place. It’s especially useful for those who manage a homelab or multiple services. Here’s a quick guide on how to set it up using Docker:

1. Deploying the Homer Dashboard with Docker:

To deploy the Homer dashboard using Docker, use the following command:

docker run -d --restart always --name homer -p 8090:8080 -v homer_data:/www/assets --restart=always b4bz/homer:latest

2. Customizing the Homepage with config.yml:

Homer allows for easy customization of its homepage through the config.yml file. Here’s how you can make it your own:

• Using Icons: For a personalized touch, you can use icons as logos for your dashboard. Homer defaults to using icons from Font Awesome, making it easy to find and implement your preferred icons.
• Adding Links to the Navigation Bar: Centralize your most-used internet links in the navigation bar. Here’s a sample configuration:

links:
  - name: "Google"
    icon: "fab fa-google"
    url: "https://google.com"
    target: "_blank"
  ...

• Organizing Services and Devices: Under the services section, you can categorize and list down links to your devices and services. Here’s how you can structure it:

services:
  - name: "Network"
    icon: "fas fa-network-wired"
    items:
      - name: "pfSense"
        icon: "fas fa-fire"
        subtitle: "pfSense firewall"
        tag: "network"
        url: "https://192.168.0.1/"
        target: "_blank"
  ...

3. Editing the config.yml File:

To customize your dashboard, you’ll need to edit the config.yml file. Here’s how:

• Using Linux: Navigate to the directory containing the config.yml file and make a backup before editing:

sudo su
cd /var/lib/docker/volumes/homer_data/_data
cp config.yml config.old
vi config.yml

• Using Docker: Access the container and navigate to the directory containing the config.yml file. Again, make sure to backup the file before making changes:

docker exec -it homer /bin/sh
cd assets
cp config.yml config.old
vi config.yml

4. Why Use the Homer Dashboard?

The Homer dashboard is not just about aesthetics. It provides a centralized location to access the homepages of your homelab devices. Plus, with features like dark mode, tags, and search functionality, it enhances the user experience, making navigation smoother and more intuitive.

In conclusion, the Homer dashboard is a must-have for anyone looking to organize their digital workspace. With its easy setup and customization options, it’s a tool that can adapt to any user’s needs.

Chatbots have become an integral part of many applications and services, offering real-time interaction with users. If you’re looking to integrate OpenAI’s ChatGPT into your Python project, you’re in the right place. In this short guide, we’ll walk you through the process of setting up and using ChatGPT in Python.

Prerequisites

Before you get started, make sure you have the following prerequisites in place:

1. OpenAI API Key: You need an OpenAI API key to access their services. You can sign up for one on the OpenAI platform.
2. Python Installed: Ensure you have Python installed on your machine. You can download it from the official Python website (https://www.python.org/downloads/).
3. OpenAI Python SDK: Install the OpenAI Python SDK using pip by running the following command:

   pip install openai

Setting Up Your OpenAI API Key

Replace "yourapikeyforopenai" in your Python code with your actual OpenAI API key. You can find your API key in your OpenAI dashboard.

openai.api_key = "yourapikeyforopenai"

Creating the Chatbot Function

In your Python script, you can define a function to interact with ChatGPT. Here’s your chatbot_response function:

import openai

def chatbot_response(prompt):
    completions = openai.Completion.create(
        engine="text-davinci-002",
        prompt=prompt,
        max_tokens=2048,
        n=1,
        stop=None,
        temperature=0.5,
    )

    message = completions.choices[0].text
    return message.strip()

This function sends a prompt to the ChatGPT model and retrieves its response. You can customize the parameters such as engine, max_tokens, and temperature to control the behavior of the model based on your specific requirements.

Interacting with the Chatbot

Now that you have set up the chatbot_response function, you can interact with your ChatGPT-based chatbot in a loop. Here’s how you can do it:

while True:
    user_input = input("You: ")
    response = chatbot_response(user_input)
    print("Chatbot:", response)

This code continuously prompts you for user input, sends it to the ChatGPT model, and displays the model’s response. You can run this script to have a conversation with your chatbot powered by ChatGPT.

Conclusion

Integrating ChatGPT into your Python application is a straightforward process. By following these steps, you can create a chatbot that can provide responses based on user input. Remember to adhere to ethical guidelines when using AI models like ChatGPT, and keep experimenting to fine-tune your chatbot’s performance for your specific use case.

LDAP (Lightweight Directory Access Protocol) is a protocol used for accessing and managing directory services data, such as user information. Python provides several libraries for interacting with LDAP servers, and one popular choice is the ldap3 library. In this blog post, we’ll explore how to use Python to read LDAP data and save it to an Excel file using the ldap3 library.

Prerequisites

Before we begin, make sure you have the following prerequisites in place:

• Python installed on your system.
• The ldap3 library installed. You can install it using pip:

pip install ldap3

• The openpyxl library installed for working with Excel files:

pip install openpyxl

Reading LDAP Data with Python

We’ll demonstrate how to read LDAP data and save it to an Excel file using Python. Below is a Python script that accomplishes this task:

from ldap3 import Server, Connection
from openpyxl import Workbook

def Ldap(OuUser, LdapUser, Filename):
    # Create a connection to the LDAP server
    server = Server('mydomain.com')
    conn = Connection(server, authentication="SIMPLE", user="user@mail.com", password="Password")
    conn.bind()

    # Search for LDAP entries based on the provided filter
    result = conn.search(search_base=OuUser, search_filter='(objectClass=user)', attributes=LdapUser)

    # Create a new Excel workbook and worksheet
    wb = Workbook()
    ws = wb.active
    ws.append(LdapUser)

    # Iterate through LDAP entries and retrieve desired attributes
    for entry in conn.entries:
        attributes_values = []
        for attribute in LdapUser:
            if attribute in entry:
                attributes_values.append(entry[attribute].value)
            else:
                attributes_values.append(None)
        ws.append(attributes_values)

    # Save the Excel workbook
    wb.save(Filename)

    # Unbind the LDAP connection
    conn.unbind()

# Define the LDAP user attributes and search base
LdapUser = ['sAMAccountName', 'title', 'givenName', 'sn', 'company', 'department', 'streetAddress', 'postalCode', 'l', 'co', 'telephoneNumber', 'mobile', 'mail', 'extensionAttribute11', 'manager']
OuUser = 'ou=users,ou=accounts,ou=test,dc=mydomain,dc=com'

# Call the Ldap function to retrieve user data and save it to an Excel file
Ldap(OuUser, LdapUser, "c:\\python\\ldap\\ldap_user.xlsx")

# Define the LDAP computer attributes and search base
LdapComputer = ['sAMAccountName', 'title', 'cn', 'description', 'managedBy', 'operatingSystem', 'operatingSystemVersion']
OuComputer = 'ou=mobile,ou=computers,ou=test,dc=mydomain,dc=com'

# Call the Ldap function to retrieve computer data and save it to an Excel file
Ldap(OuComputer, LdapComputer, "c:\\python\\ldap\\ldap_mobile.xlsx")

Understanding the Code

1. Import necessary libraries: We import the Server, Connection class from ldap3 and the Workbook class from openpyxl.
2. Create an LDAP connection: We create a connection to the LDAP server with the provided credentials.
3. Search for LDAP entries: We use the search method to query LDAP entries based on the provided search filter and attributes.
4. Create an Excel workbook and worksheet: We initialize an Excel workbook and add a worksheet to it.
5. Iterate through LDAP entries: We loop through the LDAP entries and retrieve the desired attributes. If an attribute is missing in an entry, we append None to the Excel sheet.
6. Save the Excel workbook: We save the workbook to the specified file location.
7. Unbind the LDAP connection: We disconnect from the LDAP server when we are done.

Conclusion

In this blog post, we’ve demonstrated how to read LDAP data with Python using the ldap3 library and save it to an Excel file. This can be a useful technique for managing and analyzing directory services data efficiently.

Compiling your Python programs into standalone executables can be incredibly useful, especially when you want to distribute your software to others who may not have Python installed. In this blog post, we’ll walk you through the process of compiling Python programs on a Windows system using PyInstaller.

What is PyInstaller?

PyInstaller is a popular open-source tool that converts Python scripts into standalone executables. It bundles your Python interpreter and all required libraries into a single executable file, making it easy to distribute your Python applications without worrying about dependencies.

Prerequisites

Before you start, make sure you have Python and PyInstaller installed on your Windows machine. You can download and install Python from the official website (https://www.python.org/downloads/), and then install PyInstaller using pip:

pip install pyinstaller

Compiling Your Python Program

Now that you have PyInstaller installed, follow these steps to compile your Python program:

1. Open Command Prompt

Press Win + R, type cmd, and press Enter to open the Command Prompt.

2. Navigate to Your Project Directory

Use the cd command to navigate to the directory where your Python script is located. For example:

cd C:\Python\Find_file

3. Compile Your Python Script

Run the PyInstaller command to compile your Python script. In your case, the command might look like this:

pyinstaller --windowed --icon=findfile.ico --add-data "findfile.ico;." find_file.py -n find-file --onefile --noconsole --noconfirm

• --windowed: This flag indicates that your program should run in a graphical window (GUI).
• --icon=findfile.ico: Specifies the icon file for your executable.
• --add-data "findfile.ico;.": Tells PyInstaller to include the findfile.ico file in the executable.
• find_file.py: The name of your Python script.
• -n find-file: Specifies the name of the output executable.
• --onefile: This option bundles everything into a single executable file.
• --noconsole: Hides the console window when running the executable.
• --noconfirm: Prevents PyInstaller from asking for confirmation during the build process.

4. Cleanup

After compiling, you can clean up the unnecessary files generated by PyInstaller:

del find-file.spec
rmdir /S /Q build
copy dist\*.exe .
rmdir /S /Q dist

• del find-file.spec: Deletes the PyInstaller spec file.
• rmdir /S /Q build: Removes the build directory.
• copy dist\*.exe .: Copies the generated executable(s) to your current directory.
• rmdir /S /Q dist: Deletes the dist directory.

Conclusion

Compiling Python programs on Windows with PyInstaller is a straightforward process. Once you’ve followed these steps, you’ll have a standalone executable that can be easily shared with others, making your Python applications more accessible and portable.