6th Power Cut In 2 Months Causes Networking Crisis In My House!!

Yesterday morning I woke up and checked my email from my phone (as I normally do)… I’d received no emails overnight which was a bit odd and then noticed that I’d switched off 4G the night before and didn’t have a Wifi connection.

Since I have a Wifi access point in my room, that was a little strange. The phone was stuck in “Obtaining IP Address” mode… Maybe the phone’s having problems with that access point.

I wandered off downstairs to feed the cats and noticed the oven times were blinking 00:00 – great, power cut… 6th in less than 2 months!! The dashboard in the kitchen was showing nothing with all the Splunk panels saying failed to create search… Refreshed the dashboard – still nothing, infact Splunk is down, not even an nginx failure! Uh-Oh…

It turns out that the pfsense box had got stuck during boot and required someone to press f1 to continue booting – not very helpful! Unfortunately I didn’t know this until about 3pm and had hastily ordered a new SSD before popping out to go shopping as I thought perhaps the boxes SSD had failed 🙁

It’s certainly made me wonder if a UPS might be a good idea!

Let’s Encrypt with NGINX and pfSense

I’ve been using self-signed certificates for a few of the applications and services I run at home on the local network for a year now and with Firefox it’s not an issue as you accept the risk the very first time and never get asked again. However in the kitchen, the Splunk dashboard runs using the Chrome browser because it’s a little more stable running 24/7 on the tablet. Chrome treats self-signed certificates in a different manner to Firefox – every week it pops up the same boring warning screen and you have to press Advanced then proceed to carry on to the site…

Chrome self signed certificate warning

So to fix the issue with the annoying warning screen, I need to get hold of a non-self-signed certificate.

To get a non-self signed certificate, I need to use a domain that I own or can prove I have control over so that rules out the local network fake domain set in pfSense which is “.home”. I have a few other domains but don’t want to mix those up with internal addresses, so I purchased a new domain from HOST-IT.co.uk.

Next up, trying out Let’s Encrypt – I’d read about Let’s Encrypt about two years ago and wanted to use it in a project at work for test environments but since we have a paid for wildcard certificate, we used that for all the test environments instead. This little project at home gives me a the perfect opportunity to try out Let’s Encrypt and get a non-self-signed certificate for free 🙂

I started with the docker image certbot/certbot but since I’ve never used certbot before, I decided after a few attempts to install certbot on my server instead and at least that way it prompts you to complete the certificate registration. For those interested, the command I used can be found below.

certbot certonly --config-dir config/ --work-dir work/ --logs-dir logs/ --manual --preferred-challenges dns --email email@address.com --agree-tos -d test.example.co.uk

To request a wildcard certificiate instead of a specific host certificate, use: -d *.example.co.uk

Once you run the above, you’ll get prompted to agree to your IP address being logged – entering No will cancel your certificate request! After you’ve agreed to your IP being logged, it will display a DNS TXT record that you need to place on your domain.

certbot request certificate dns challenge

Take the challenge code and put a DNS TXT file on your domain, e.g.

acme challenge text example

I’d highly recommend testing whether the TXT file can be found at this point before pressing enter on the certbot window. I found that the TTL on my hosting account was set to a day by default and had to change it to 1 minute. To test the DNS TXT can be seen, run something similar to:

dig -t TXT _acme-challenge.example.co.uk
dig text check

Once you’ve got your certificate, there’s a whole bunch more commands that may come in useful like:

certbot --config-dir config/ --work-dir work/ --logs-dir logs/ certificates

For listing all the certificates you own.

certbot list certificates
certbot --config-dir config/ --work-dir work/ --logs-dir logs/ renew

For renewing all the certificates you own.

certbot renew certificates
certbot --config-dir config/ --work-dir work/ --logs-dir logs/ --help

For a list of all the other commands available.

Next up, I’m keeping my home network domain as “.home” because I have too many services to change over now, so I need to override any requests in pfSense that go to specific hosts on the new domain name. To do this, go to the DNS Forwarder -> Host Override section and add a new entry, e.g. if a request to splunk.example.co.uk is received, use IP address 10.0.0.22 locally.

pfSense host override

And finally, the NGINX config needs to be updated to use the new certificates. Temporarily while I’ve been testing out these new certificates, I’ve left in the server_name configuration that I previously used “splunk.home” but in addition added the new domain so either could work.

nginx config

And the result is that the Chrome browser on the tablet no longer objects to the certificate. Cool 🙂

Splunk dashboard with new certificate

p.s. for those trying to use this guide, some of the images show an example whereas others are based off my real splunk setup – sorry! So the first set of certbot images I’ve asked for test.example.co.uk and therefore if you wanted to put a corresponding record into pfSense, you’d need to put host=test, domain=example.co.uk and in the nginx config it would say server_name test.example.co.uk.

Nissan leaf 2.zero – 1 year and 16,000 miles update

I’ve now had my Nissan Leaf 2.zero for exactly one year and in that time I’ve driven 16000 miles, so it’s about time I did another update on how I’m finding the car and any issues with it.

First service
The car went in for it’s first service in February to my local dealership as I didn’t fancy a day out in Cambridge. The cost of the first year service was £149. I tried ringing around to see if there was a cheaper 1st year service but there seems to be no competition between the dealerships – all of them quoted £149.

When I picked up the car after the service, the dealership had included a page on signing up for the next three services at a fixed rate of £427 which at first glance didn’t seem too good but then I realised later that night it actually worked out significantly cheaper than paying for the next three services individually. The next three services are major, minor, major with the cost of a major being £199 and a minor £149, so £120 saving using a service plan. The only trouble about signing up to the service plan is that it’s effectively locked me in to keeping the car for another 3 years! Not sure whether that’s a wise decision or not…

Winter vs. Summer range
The range in winter is around 33% less than the summer! Whereas in the summer the GOM (guess-o-meter) was displaying 150 miles when fully charged, in the winter when the temperature is less than 5C, it’s consistently 100 miles on the GOM and I certainly wouldn’t drive it beyond 90 miles!! Having said that, my cabin temperature is set to 24C and it’s set to pre-heat in the mornings, so I don’t think 100 mile range in the winter is all that bad 😀

Pre-heating
Pre-heating the car in the mornings has meant I haven’t had to scrape the car once this winter! It’s lovely being able to walk out of the house in -4C weather without a coat or jacket and get straight into a 24C car – AHHHH 😀

Eco button
In the last week I have started to use the eco button every time I drive the car. The eco button has the effect of sucking the life out of the car but it should mean I keep my license clean! The car without the eco button enabled is a beast and makes it very tempting to prove a point to every Audi driver at roundabouts.

Even with the eco button enabled, if you really need the extra power you can press the accelerator beyond the first stopping point and it’ll give you the same power as if the eco button were disabled while the accelerator is within the “second zone” (as I term it).

Issues with the seat
In the 8000 mile update, I mentioned that I was having problems with the drivers seat and pains in the leg – this is still an issue. If I hadn’t had a holiday in October, I think I would have sold the car then and there as the pain was immense but luckily having the holiday helped to give me a little bit of a break. However I still get pain and there was a day last week where I just couldn’t find a comfortable position in the seat for the entire journey home 🙁

Drivers sun visor
I asked in two Nissan garages if there was a way to extend/pull out the sun visor and was told no, it’s by design! HAHAHAHA, it’s terrible and I’ve had to build mark 2* of my makeshift sun visor extender since I last posted a picture.

* To see mk1, see my 600 mile update

Lowest state of charge
Monday this week I got to work with only 5% remaining!! I was a wee bit nervous when the 10% warning came on to the screen and the GOM read 14 miles with 6 miles still to go to work! Luckily switching the lights on to side lights and the heating off helped but I’d rather not have a repeat of that again any time soon.

eek!

Money spent on one year of driving
Over the last year I’ve spent a grand total of £53.17 on electricity at home, £10 while charging out and about (two rapid charges in Bury St. Edmunds) and the £149 on the first year service (excluding the cost of the service plan I’ve paid up front for the next three years). £212.17 for an entire year of driving – not bad! In comparison I would have spent in the region of £3000 to drive my old car for another year.

Final notes
The paint on the leaf is TERRIBLE!! I’ve got some serious paint scratches in a year compared to only minor scrapes on my ceed in 10 years despite driving it harshly through some shrubs.

I have to keep my car cleaner than the ceed because of all the sensors! Hahaha, no longer can I wait a year until the next service to get the car cleaned!

There is more competition in the electric car market since I purchased my vehicle and I’d love to be able to afford to trade up but I’ve committed to another three years with this one – hopefully it’ll grow on me more over the coming years.