This website has been online for almost ten years with very irregular posting, but I do know it received some attention from people every now and then. That means my goal is met: some of the things I shared were useful for someone.

The past decade saw the emergence and spread of static website generators such as Jekyll and Hugo. This website took its sweet time, but the moment to hop in the train has arrived. WordPress is a fine tool but using it for a such a simple blog is the textbook definitin of overkill.

Although free DynDNS services such as dynu or dynv6 are fine, it is a missed opportunity to use them when you own your own TLD domain, which is obviously my case here.

My hosting service (ex2.com) provides a cPanel management dashboard. I could not get satisfying results trying to integrate the built-in DynDNS feature of cPanel with OPNsense. My main issue is that I could not get the same FQDN to get both an A and a AAAA record.

Background: Monitor all the things!

End of last year, I had solar panels and a hybrid inverter installed, in the perspective of adding a domestic battery in the future.

Due to overall supply chain issues in the world and the popularity of solar panels in Belgium, the only brand of inverter that could be supplied to me in a reasonable time was Huawei.

Although I’m wary of this brand, I decided to go for it. I have a very segmented network and I can also fully isolate it should I have any suspicions.

A Python wrapper for restic

I’ve been using the restic tool (https://restic.net/) to manage by backups at home for quite a while now, and have been pretty happy with it.

The feature are basic but efficient, the CLI interface is simple, and quite frankly it does not call for a Web UI.

However, for automation purposes, having some form of wrapper around it that could read a structured configuration file and return Nagios-compliant output for health checks was definitely something I needed.

Why?

Back when I set up the current iteration of my home network in 2018, I decided I wanted an internal CA, and that I wanted things to be simple. After a bit of looking around, I settled for XCA https://hohnstaedt.de/xca/index.php and got it running in a Debian Buster VM.

I ended up with a well working internal CA, fully manual, using RSA 4096 keys.

As of today, I still stand by this choice and still consider XCA to be a reasonably good choice for these needs. However, I was unsatisfied by this solution: