Home | panticz.de

Proton VPN on Ubuntu

Install Proton VPN with Ansible

- name: Install ProtonVPN
  become: true
  block:
    - name: Add protonvpn APT repository
      vars:
        protonvpn_release: 1.0.8
      ansible.builtin.apt:
        deb: https://repo.protonvpn.com/debian/dists/stable/main/binary-all/protonvpn-stable-release_{{ protonvpn_release }}_all.deb
 
    - name: Install ProtonVPN client
      apt:
        update_cache: true
        name:
          - proton-vpn-gnome-desktop

Links
https://protonvpn.com/support/de/official-linux-vpn-ubuntu

Read more about Proton VPN on Ubuntu

SSH forward traffic and DNS with socks5h

Socks SSH forward internet and DNS
https://datawookie.dev/blog/2023/12/ssh-tunnel-dynamic-port-forwarding/

Read more about SSH forward traffic and DNS with socks5h

OpenStack create VM from ISO image

# create image from iso
openstack image create --file /tmp/ubuntu-24.04.1-live-server-amd64.iso --disk-format iso --progress ubuntu-24.04.1-live-server-amd64.iso
 
# create volume for the final VM
openstack volume create test-vm1-vol1 --size 10 --bootable
 
# create temporary installation VM
openstack server create test-vm1-inst --image ubuntu-24.04.1-live-server-amd64.iso --flavor m1.small --key-name test-keypair --network test-network
 
# attach volume to temporary VM
openstack server add volume test-vm1-inst test-vm1-vol1
 
# show console url from temporary VM
openstack console url show -c url -f value test-vm1-inst
 
# install OS in console
 
# delete temporary VM
openstack server stop test-vm1-inst
openstack server delete test-vm1-inst
 
# create final VM
openstack server create test-vm1 --volume test-vm1-vol1 --flavor m1.small --key-name test-keypair --network test-network
openstack console url show -c url -f value test-vm1
 
# remove iso imagge
openstack image delete ubuntu-24.04.1-live-server-amd64.iso

Links
https://openmetal.io/docs/manuals/tutorials/understanding-iso-images

Read more about OpenStack create VM from ISO image

Incus Ansible deployment

---
- name: Create container
  hosts: incus1.example.com
  # become: yes
  tasks:
    - name: Create incus container
      community.general.lxd_container:
        url: "unix:/var/lib/incus/unix.socket"
        name: u2404
        source:
          type: image
          mode: pull
          server: https://images.linuxcontainers.org/
          alias: ubuntu/24.04/cloud
          protocol: simplestreams
        wait_for_container: true
        wait_for_ipv4_addresses: true
        config:
          limits.cpu: "4"
          boot.autostart: "true"
          cloud-init.user-data: |
            #cloud-config
            package_upgrade: true
            locale: en_US.UTF-8
            timezone: Europe/Berlin
            apt_upgrade: true
            package_upgrade: true
            packages:
              - openssh-server
            # disable_root: false
            ssh_authorized_keys:
              - "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
          cloud-init.network-config: |
          network:
            version: 2
            ethernets:
              eno1:
                dhcp4: true
        profiles: ["disk-default", "nic-dev"]
      register: container
 
    - name: Configure temporary user for initial run
      set_fact:
        remote_user: ubuntu
      delegate_to: localhost
      delegate_facts: True
      when: container.changed- name: Create container
 
 
- name: Configure container
  hosts: u2404.example.com
  gather_facts: no
  remote_user:  "{{ hostvars['localhost']['remote_user'] | default(lookup('env', 'USER')) }}"
  become: yes
  tasks:
    - name: Create a user 'johnd' with a home directory
      ansible.builtin.user:
        name: johnd
        create_home: yes

Links
https://discuss.linuxcontainers.org/t/creating-container-with-ansible/20050/7
https://documentation.ubuntu.com/lxd/en/latest/cloud-init/
https://docs.ansible.com/ansible/latest/collections/community/general/lxd_container_module.html

Read more about Incus Ansible deployment

Incus Terraform

Enable Incus remote API authentication
http://www.panticz.de/incus

Terraform main.tf

terraform {
  required_providers {
    incus = {
      source = "lxc/incus"
    }
  }
}
 
provider "incus" {
  # generate_client_certificates = true
  # accept_remote_certificate    = true
 
  remote {
    name    = "10.0.1.104"
    scheme  = "https"
    address = "10.0.1.104"
    token   = "xxxxxxxxxxxxxxxxxxxxxxxxxx"
    default = true
  }
}
 
data "template_file" "user_data" {
  template = <<EOF
#cloud-config
package_update: true
packages:
  - nginx
runcmd:
  - sudo systemctl stop unattended-upgrades
  - sudo apt purge -y unattended-upgrades
EOF
}
 
resource "incus_instance" "instance_1" {
  name             = "u2404"
  description      = "Terraform Incus test container"
  image            = "images:ubuntu/24.04/cloud"
  profiles         = ["default"]
  wait_for_network = true
 
  config = {
    "boot.autostart"       = true
    "limits.cpu"           = 4
    "cloud-init.user-data" = data.template_file.user_data.rendered
  }
 
  device {
    name = "http"
    type = "proxy"
    properties = {
      listen = "tcp:0.0.0.0:80"
      connect = "tcp:127.0.0.1:80"
    }
  }
}

Deploy

Read more about Incus Terraform

Tasmota Smart Meter Interface

ESP8266 / ESP32 Tasmota images and decumentation
https://ottelo.jimdofree.com/stromz%C3%A4hler-auslesen-tasmota/#Downloads
https://www.wispr-shop.de/produkt/wifi-ir-schreib-lesekopf-diy-set/

Smart Meter Interface configruation scripts
https://tasmota.github.io/docs/Smart-Meter-Interface/#emh-ehz-generation-k-sml

>D
>B
 
=>sensor53 r
>M 1
+1,3,s,0,9600,
1,77070100010800ff@1000,Total consumption,kWh,total_in,2
1,77070100020800ff@1000,Total feed-in,kWh,total_out,2
1,77070100100700ff@1,Power,W,power_curr,0
#

Tasmota Diagramme
https://github.com/ottelo9/tasmota-sml-script/

Tasmota Script Language Support
https://marketplace.visualstudio.com/items?itemName=StefanoBertini.tasmota-script-support#Automatic-script-upload

Firmware
https://github.com/ottelo9/tasmota-sml-images/releases

Read more about Tasmota Smart Meter Interface

Prerequisites
- Terraform instalation
- Ansible instalation
- OpenStack application credentials (~/.config/openstack/clouds.yaml)
- OpenStack security group with allow ingress traffic to TCP 22 (SSH) from terraform node

main.tf

Read more about Run Ansible from Terraform

Incus

Prerequisits (ZFS filesystem)

# ZFS (optional)
sudo apt install -y zfsutils-linux
sudo lvcreate --name storage --size 100G ubuntu-vg
sudo zpool create incus /dev/ubuntu-vg/storage
sudo zpool set autotrim=on incus
sudo zfs create incus/storage
 
# uninstall LXD
snap remove lxd

Incus installation
https://github.com/zabbly/incus
https://linuxcontainers.org/incus/docs/main/installing/

mkdir -p /etc/apt/keyrings/
curl -fsSL https://pkgs.zabbly.com/key.asc -o /etc/apt/keyrings/zabbly.asc
 
sh -c 'cat <<EOF > /etc/apt/sources.list.d/zabbly-incus-stable.sources
Enabled: yes
Types: deb
URIs: https://pkgs.zabbly.com/incus/stable
Suites: $(. /etc/os-release && echo ${VERSION_CODENAME})
Components: main
Architectures: $(dpkg --print-architecture)
Signed-By: /etc/apt/keyrings/zabbly.asc
EOF'
 
sudo apt update
sudo apt install -y incus bash-completion #incus-tools
 
sudo usermod -aG incus-admin ubuntu
 
# fixme
# incus completion fish

Install Incus with Ansible

Read more about Incus

Subscribe to

k9s