Push Motion Image Capture to Telegram

I use the fantastic motion project to monitor my apartment activity when I'm not home (not happening until God knows when these days…). I wanted it to warn me when there's movement more interactively than with a basic email. Telegram and its very well documented bot API is really perfect for this task, so I came up with the following motion configuration: on_picture_save /bin/sh /home/imil/bin/on_picture_save.sh %f and more importantly, the following script:

Change default svg color

Again at ${DAYWORK} I was working on a network diagram, and found this incredibly useful website that regroups thousands of svg icons for all the major brands. I use draw.io to create my diagrams, and whereas they have a tutorial on how to modify an svg color (fill property) within draw.io, it would not work as shown. I figured out there was a very simple method to specify an svg file default color: edit the file, and add fill="white" (or any color code like #fafafa).

HTTP flood drop with nginx

The other day at ${DAYWORK} we got hit by a simple yet efficient DDoS attack, basically, there were lots of regular HTTP queries with a specific query parameter but using either GET, POST or HEAD methods: www.customer.com:443:80 174.76.48.233 - - [19/Mar/2020:17:26:11 +0000] "POST /?=Best_HTTP_Flooder_For_FREE_by_PassDDoS&9716 HTTP/1.0" 200 62861 "http://validator.w3.org/feed/check.cgi?url=https://www.customer.com" Fortunately, the parameter was always the same, and as we use an nginx reverse proxy farm in front of our customer's websites, we could deploy this simple trick in order to get rid of the attack:

Migrating from Hexo to Hugo

Brand new iMil.net! I've wanted to switch from hexo to hugo for quite a long time for various reasons, one of them being I love golang and, well, let's just say I don't like javascript / node much. Also, hugo documentation is pretty well done, its author is a well known figure in the golang community, and last but not least, I find the overall workflow more simple and consistent.

Let's Encrypt certificates using LEGO

This post is more like a self-reminder on how I setup automatic SSL/TLS certificate renewal on my servers. I chose LEGO to handle my certificates renewal with Let's Encrypt because it's simple to use, has no dependency, great documentation and is worked on at a constant pace. I found this and this articles very useful, but they are outdated in their use of the tls and http parameters. So here are my notes.

Revive an old Neufbox 6 with OpenWrt

While this article might only have interest for french people, you might want to get yourself an inexpensive Neufbox 6 on eBay or the like to play with it, thus the english language. When I lived in France, my last Internet provider was SFR, it was (and still is) a fiber provider, and you got connected thanks to a box called the “Neufbox”. There were a couple of versions of this box that was pretty hackable and the provider was cool with it, you could even flash it with “opened” versions of their firmware, a modified OpenWrt.

Monitor network health with somebar

I knew about a MacOS task bar plugin called Anybar, which basically draws an icon on the task bar to which you can send behaviors with a simple nc command. Naturally, someone cloned it for our beloved Free Unices environments, and it's called somebar. I am sometimes in places with weak network, and I like to see at a glance how is my connection doing, somebar seemed the perfect tool for the task.

Is LevelDB 2 times faster than BadgerDB?

I'm working on a plugin for Goxplorer that will create a database of all Bitcoin addresses present in its blockchain. That's an exercise I already did using LevelDB, which is Bitcoin's choice for some of its own data, and as the task took quite a while, I decided to give a shot to BadgerDB, which I cite is a fast key-value (KV) database written in pure Go. Well, I must do something very wrong, because I get the following results:

FreeBSD networking issues: TCP offloading and checksum

In the past month, it's the second time I'm being bitten by FreeBSD in the networking field. First time with my own gateway, I had this weird behaviour where machines on a different VLAN than the main one would use the Internet at full speed but would struggle to make any transfer from the main VLAN. Turns out this was a tcp segmentation offload issue, which seems to cause so much problems it is disabled by default in some appliances.

Gitlab CI caching for Go projects

The reference documentation when it comes to couple golang and continuous integration in Gitlab is this one, it's well put, easy to read and pretty accurate. Except for the caching part, or at least nowadays with go modules. This is what happens when a commit is pushed with the .gitlab-ci.yml given as an example in that document: 131 Creating cache default... 132 WARNING: /apt-cache: no matching files 133 WARNING: /go/src/github.com: no matching files 134 WARNING: /go/src/gitlab.