Smart WiFi Switch Web interface (Duty Cycle Timer)

Each time I am around my O3 system in operation, I feel a feeling in the top of my head, kinda like a catalytic feeling if I were to describe it.. Which may have something to do with the readings of heavy metals I got back with my HTMA (Hair Test Mineral Analysis)…
The other day I had to turn down the machine from a 25% duty cycle I worked up to, right down to like a 1/60 duty cycle, as I was so tired as not to be able to function… my resources even mentally were really strained.. not dangerously or anything… I just had very little energy to function… So I see that to be very positive in as far as a healing process..

This is a D-Link smart Switch, connected to the cloud for finer grain timer settings. The D-Link app connects the switch to the IFTTT platform, which in turn connects to a web hook applet. Using a web server I can trigger requests to this applet. I have a web server running Ubuntu 16 with LAMP for a web interface. The web UI sets a json file with variables for the timer. The timer settings are then read by a python script which sends out commands to IFTTT at the correct intervals. The web UI also is secured with a password using a .htaccess file.

Source code is here

Setup Ubuntu to send mail via a remote SMTP server

We will configure a server running Ubuntu to send all mail out to a remote email address via an SMTP server. This is a redo of these instructions..

Again, I just copied an instructional as here. Cant be bothered copying it here, but I did all those steps, except I commented out this line:

#smtp_tls_CAfile = /etc/postfix/cacert.pem

Because eh.

I looked at this log and got some useful info: /var/log/mail.log

SMTPS wrappermode (TCP port 465) requires setting "smtp_tls_wrappermode = yes", and "smtp_tls_security_level = encrypt" (or stronger) 

So I added those lines to my config file.
Then in testing I noticed that yay it actually sent the mail, although it bounced due to the ‘from address’ not being configured properly, so we create this file:
sudo nano /etc/postfix/generic with these contents:

username@hostname name@domain 
@hostname name@domain  
#use 'postmap /etc/postfix/generic' to hash this file 
#then 'service postfix restart'  

Where hostname is the hostname for the machine, and name@domain is the sender address, which usually needs to be valid with the SMTP server – although Google actually allows improper addresses. You could create different instances for different users, i.e one for root perhaps
Then add this line to the config:
smtp_generic_maps = hash:/etc/postfix/generic

Note that the hostname field needs to correspond as with
hostname –fqdn
and can be edited here
sudo nano /etc/hosts

I set the following in the main.cf
mydestination = localhost
meaning that only mail for localhost will be held on the machine

Finally:
sudo postmap /etc/postfix/generic
sudo service postfix restart

Done

Spinning Up Ubuntu 16.04 on a VPS instance

  • My VPS provider (Vultr) allows inserting a public key at the time of a new instance creation, so I created a new key using an existing Linux command line:
    ssh-keygen -t rsa
  • Name server hostname (I used these instructions (archive) for hostname)
  • Set reverse DNS in VPS server console equal to FQDN
  • Change SSH port & disable password authentication with
    sudo nano "/etc/ssh/sshd_config"
    then restart ssh
    sudo systemctl restart ssh
  • create non root user, copy .ssh folder from root to their profile, making sure to chown newuser for the authorized_keys file, and add the user to group sudo – sudo addgroup groupname.
  • Add auto security updates.
    sudo apt-get install unattended-upgrades
    sudo dpkg-reconfigure unattended-upgrades
    sudo nano /etc/apt/apt.conf.d/50unattended-upgrades **requires root email for notifications*
  • Set time zone
    sudo dpkg-reconfigure tzdata

OpenVPN Server on Ubuntu 16.04

Following this guide.

NOTE 1: In the part where they edit /etc/openvpn/server.conf

I edited the server directive to read:
server 192.168.155.0 255.255.255.0

then my UFW rules are

# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to ens3 (change to the interface you discovered!)
-A POSTROUTING -s 192.168.155.0/24 -o ens3 -j MASQUERADE
COMMIT
# END OPENVPN RULES
Continue reading “OpenVPN Server on Ubuntu 16.04”