2025 Devlog

2025-10-23

Researching Rust web frameworks for a simple backend project. Figured I'd use this as an opportunity to learn some Rust. tokio-rs/axum and tamasfe/aide look promising.

Deployed ArchiveBox onto my homelab and then removed it after I saw how half-baked this software is. Great idea, but the implementation needs more work, and the project seems to be barely maintained at this point.

2025-10-22

TIL OPNsense can not only work in HA mode (fail-over) via CARP, but it also ensures there's only one PPP interface actively connected at any given time (the master). I happen to be authenticating into my ISP's uplink via PPPoE, which qualifies as a derivative of PPP.

The way I'm currently prepared for a fail-over, is by having a relatively recent clone of my main OPNsense VM on a second hypervisor, sitting offline. It's ready to power up within a couple minutes, in case the current one fails. Reworking this to a setup base on the native HA capabilities will definitely save me some work.

Shout out to stakater/Reloader, which triggers automatic K8s workload rollouts, whenever any of the referenced Secrets or ConfigMaps are updated.

Per the docs, you just need to add this annotation to your workload (not to be confused with the Pod template):

kind: Deployment
metadata:
  name: my-app
  annotations:
    reloader.stakater.com/auto: "true"

Supports more granular triggers if needed (kind, name).

2025-10-21

TIL about The Human Only Public License.

TIL about topolvm, a persistent local storage CSI plugin, backed by LVM.

Could be considered an alternative to rancher/local-path-provisioner (LPP).
It's capacity aware, while LPP is not.
(Un)fortunately I run ZFS, and don't intend to switch, while topolvm requires LVM2 on top of ext4, xfs, or btrfs.

Found this amazing collection of die shot photos over at happytrees.org. Here's an Intel Xeon MP Gallatin A0 (130nm) ✨:

2025-10-20

Deploying Renovate onto my homelab.

2025-10-19

Working on the Helm chart for Bitwarden CLI – majabojarska/bitwarden-cli-helm.

2025-10-18

TIL about glow, the CLI Markdown renderer.
Learned about this magnificent application of modern technology (meow).
Attended End of 10 at the Wrocław Hackerspace. Helped a stranger continue using their Win 10 laptop by migrating it to Linux. They opted for Fedora Gnome edition (nice choice!).

2025-10-17

The first release of bitwarden-cli-docker is out 🎉!
TIL about asciiflow, the ASCII diagramming software.

I've been setting up a couple new repos recently, and the UX around adding a GH workflow to required status checks makes me wanna bite the designer's ankles.

The "Add checks" search doesn't list any known (and already executed) GH workflows.
You need to search for the job's name for it to appear on the list.
Searching for the workflow's name does NOT work. Meaning, I need to match the exact job name starting characters in my search query, in order for the job to appear on the list to select from.

2025-10-16

Kicked off work on my Bitwarden CLI Docker image. A Helm chart will follow up.

2025-10-15

Upgraded to Immich major version 2.

2025-10-14

Upgraded my PVE 8.4 nodes to major version 9.
TIL about deb822.

2025-10-12

Recently I've upgraded to Gnome 49 and one my extensions stopped working. However, it looks like it's working just fine once the extension version validation is disabled. Here's how you can change the config:

# Read current
dconf write /org/gnome/shell/disable-extension-version-validation

# Disable extension version validation
dconf write /org/gnome/shell/disable-extension-version-validation true

2025-10-09

Went to KCD Warsaw 2025.

I can recommend the KubeEdge presentation (once the recording comes out). I still have some reservations in regard to the suitability of using first-class Kubernetes objects for implementing edge device management (think IoT sensors). However, I'll need to educate myself better on the problem domain, before I'm able to form an opinion. Regardless, it was a good presentation!

Another talk I found interesting was about driving a major shift in OpenTelemetry Logs by pellared. Also TIL about Slidev – a markdown-based slide renderer.

Here's my swag haul 😎

2025-10-07

Printed and assembled another one Asometech PD PSU rack mount for my friend.

2025-10-01

TIL git log supports limiting by date, e.g.:

git log --since 'Dec 31 2024' --until '2025-05-01'

See commit limiting docs for more details!

2025-09-30

Passed my ham radio exam 🎉! The privileges of my license will be the equivalent of the USA FCC General class.

Thinking about callsigns now.

2025-09-21

Finished my cable hanger. Finally got an easily-accessible place to store cables without tangling them together!

Kudos to b2vn for the OpenSCAD parametric model.

2025-09-20

Printing elements for my wall-mounted cable hanger.

2025-09-18

TIL you can calibrate your oven by using the melting point of sucrose as a temperature reference [1].

2025-09-17

Noticed my Immich instance pulls the smart search ML model sometime after every restart of the ML service Pod. To be precise, the download totals to ~700MB, and is pulled upon receiving the first smart search query, which understandably, requires the ML model to perform the inferencing.

Turns out that the chart's default was to mount the ML cache in an emptyDir volume, which is fresh (and clean) for every new Pod. I've since replaced it with a proper SSD-backed PVC. Now smart search kicks in way faster after an Immich rollout.

While searching about the ML cache, I found Immich's recommendations for running as a non-root user. In my case, matplotlib was defaulting to caching its config to /tmp/..., since it couldn't write to /.config.

[09/18/25 21:58:46] WARNING  mkdir -p failed for path /.config/matplotlib:
                             [Errno 13[] Permission denied: '/.config'
[09/18/25 21:58:46] WARNING  Matplotlib created a temporary cache directory at
                             /tmp/matplotlib-urrteabo because there was an issue
                             with the default path (/.config/matplotlib); it is
                             highly recommended to set the MPLCONFIGDIR
                             environment variable to a writable directory, in
                             particular to speed up the import of Matplotlib and
                             to better support multiprocessing.

I've got no more startup warnings after applying the recommendations.

[09/18/25 20:57:53] INFO     Starting gunicorn 23.0.0
[09/18/25 20:57:53] INFO     Listening at: http://[::[]:10003 (8)
[09/18/25 20:57:53] INFO     Using worker: immich_ml.config.CustomUvicornWorker
[09/18/25 20:57:53] INFO     Booting worker with pid: 9
[09/18/25 20:57:58] INFO     Started server process [9[]
[09/18/25 20:57:58] INFO     Waiting for application startup.
[09/18/25 20:57:58] INFO     Created in-memory cache with unloading after 300s
                             of inactivity.
[09/18/25 20:57:58] INFO     Initialized request thread pool with 5 threads.
[09/18/25 20:57:58] INFO     Application startup complete.

2025-09-15

The Tailscale/NixOS issue from 2025-09-07 has been fixed upstream, applied the fix on my infra successfully.

2025-09-14

Fixing the stuck lidar drive in my robot vacuum. I'll make a short post out of this.

2025-09-11

Improving my Homepage dashboard.
Studying for the ham radio exam.
Should I try switching to Neovim 🤔?

2025-09-10

Quick homelab maintenance, updates.

2025-09-09

Studying for my ham radio exam. It's just a couple weeks away!
TIL the CIVIL mnemonic for phase differences between current and voltage, in capacitive and inductive resonant circuits. See this video (16:55) from EEVblog Dave. TL;DR:
- In capacitive (C) resonant circuits (I), current leads voltage (V).
- Voltage (V) leads current (I) in inductive (L) resonant circuits.

2025-09-08

Read this publication: Federated Systems – Jeremy Rubin (2015). Here are my key takeaways:
- Federated systems are fully recursive. Each federated system can contain (be composed of) other federated systems.
- Composability is king. Aiming to solve a single problem helps make the system composable. See DNS, HTTP, SMTP, XMPP.
- Solve large-scale problems centrally, and federate the small-scale ones.
- Customizability is desirable, but can break compatibility. If needed, seek to make it composable, and constrain the system to prevent strong divergence between clients.
- Interoperability is key, but it's possible to overdo it (Friendica vs diaspora*).
- Don't rely on the users' generosity to keep the system afloat, because it can abruptly run short. Have a business model for providers.
- McDonald's is actually a federated system (lol).

2025-09-07

Wee infra maintenance. Pulled in the in-flight patch for current Tailscale kernel regression issues in NixOS – #16966:

  nixpkgs.overlays = [(_: prev: {
    tailscale = prev.tailscale.overrideAttrs (old: {
      checkFlags =
        builtins.map (
          flag:
            if prev.lib.hasPrefix "-skip=" flag
            then flag + "|^TestGetList$|^TestIgnoreLocallyBoundPorts$|^TestPoller$"
            else flag
        )
        old.checkFlags;
    });
  })];

2025-09-06

Troubleshooting homepage service/widget state issues. Turns out there's a known limitation in regard to service/group name uniqueness – discussion #5756.
TIL you can link to any text on any page, and (most) modern browsers support it! This is a web feature called "Text fragments". You can even define a suffix/prefix to constrain the query with 🤯!
Optimize for thinking

2025-09-05

Performed stress testing of my ham radio PSU under thermal vision. Used a 50Ω dummy load to sink the transceiver's antenna output.

Thermal vision view of dummy antenna load.

The PSU performed well under a continuous ~6A load. Funnily enough, the bright spot on the photo below is a 510Ω resistor, dropping the voltage for the standby status LED. It drops ~10V at 20mA, resulting in 0,2W of total power dissipated as heat. Since it's a 1/4W resistor, it's operating within spec, and the temperature eventually stabilizes around 54°C in room temperature conditions, which is totally safe.

Thermal vision view of my diy ham radio PSU.

2025-09-04

Rolled out FreshRSS and Miniflux to my homelab. I'll be trying both out and will choose the one I like better by next Sunday.
Creating graphics for my hackerspace's next SSTV radiosonde event. This one will be themed around the beloved cat that hangs around the workshop, named Komódka (after Commodore 64). Learned a lot of Inkscape today, it'sw pretty neat!
Trying to figure out why my Calibre-web instance sometimes just fails to ingest a book.

2025-09-03

Trying out the Nagoya UT-108UV antenna on 2m and 70cm bands.

2025-09-02

Working on the ham radio PSU post.

2025-08-31

Playing around with SSTV. Only at the audio level for now, yet to transmit the first Luna (the cat) on the amateur bands.

Luna pondering upon the network cable tester.

2025-08-30

Doing a bunch of homelab maintenance tasks – checks, backups, upgrades.
Upgrading OpenWRT on my TP-Link Archer C6 v2, from old stable 23.05 to 24.10. Reportedly, the 5GHz radio issues are fixed with 24.10.2.
Hit this tailscale issue (#16966) on my NixOS setup. Kudos to @tetov for providing a workaround.

2025-08-29

Spent the day operating the HF0CEBULA special event ham radio station, which was active for the duration of Cebula Camp 2025. I've made approx. 20 QSOs on the 2m band, which I'm quite proud of – the station made even more QSOs in total that day. Ironically, I think there was more interest in the station's operation (and ham radio in general) on-site from the attendees, than remotely, over the ham frequencies. Good times!

2025-08-27

Reading about the music analysis and clustering algorithms in AudioMuse-AI.
Connecting my cloud VPS to the homelab via Tailscale.
Deploying a fresh instance of Prometheus and Grafana in the cloud. Used to have these on my K3s cluster, but it's not the best design in case of K3s issues.

2025-08-26

Spent the afternoon on 20/40M bands at the SP6PWT radio club. Operated the Yaesu FT-710. Made a couple successful QSOs: IU1RVT, SO8DON, ED5FS8, IT9DOR.

Making shortwave contacts at the SP6PWT radio club.

2025-08-24

Today it's just logs, without the dev.

2025-08-23

TIL about exportify, an export/backup tool for Spotify playlists.
Troubleshooting invalid behavior of the Tailscale widget, when multiple instances are spawned in the same group.
Filed an issue with the Homepage project, regarding documentation site breakage – discussions/5707.

2025-08-21

Playing around with Homepage sources. Experimenting with feature enhancements for the Tailscale widget.

2025-08-20

Made a small docs contrib to the Truecharts Homepage Helm chart — #38666
Adding even more pretty lil' widgets to my Homepage instance.

In case you wondered, here's how you can escape environment variable interpolation in Homepage configs, within Helm manifests:

              - Immich:
                  icon: immich.svg
                  href: {{`"{{HOMEPAGE_VAR_IMMICH_URL}}"`}}
                  widget:
                    type: immich
                    url: {{`"{{HOMEPAGE_VAR_IMMICH_URL}}"`}}
                    key: {{`"{{HOMEPAGE_VAR_IMMICH_API_TOKEN}}"`}}
                    version: 2

2025-08-19

Reworking my NixOS iptable firewall rules to accomodate my Kubernetes metrics-server with Flannel, on top of K3s, without the built-in, kube-router based NetworkPolicy handling.

2025-08-18

Adding pretty lil' widgets to my Homepage instance.
Learned about this cool dot matrix printer font, the EPSON MX-80 — courtesy of Michael Walden.
Learned about ESO, the project which I've recently deployed to my homelab, is experiencing serious team capacity issues. I'm seriously considering signing up as a maintainer, but still need to weigh my priorities.

2025-08-17

Figured out why my K8s metrics server workload started failing recently — this will be a nice short post.
Deploying Homepage.
Deploying Grafana, Prometheus and Node Exporter to my VPS (on NixOS). Kudos to Xe Iaso for this guide!

2025-08-16

Migrated my Kubernetes secrets to ExternalSecrets (tokens, passwords, logins, etc.).
Added the Flannel CNI to my Kubernetes cluster.
Figuring out a better approach to homelab monitoring.
- I'll probably migrate Prometheus and Grafana off of the homelab, onto the cloud VPS. That's where I plan to host my alerting system, so it makes sense to keep things close.
- metrics-server is acting up on my cluster, looking into it.
Added some nicer CSS transitions to the blog.

2025-08-15

Finished deploying ESO with Bitwarden integrations. That Bitwarden guide is severely outdated, so I'm already planning to improve it.

After some initial NetworkPolicy shenanigans, I got my first ExternalSecret provisioned successfully, from the now Kube-connected Bitwarden Vault. I'm gradually migrating homelab secrets over there.

I'll probably also roll my own Docker image sources (and builds) for the Bitwarden CLI. Currently I've manually built a custom image, based off of charlesthomas/bitwarden-cli. I've submitted some improvements to it in the past, but the maintainer generally isn't very responsive. Once I create my own sources from scratch, the image will be exactly how I need it. Can't promise I'll respond quicker, but I'll definitely make time to intake repo activities once or twice per week. Fingers crossed, hehe 🤞.

And finally, since Bitwarden has access to sensitive data, it'd be nice to have the images signed. That's a good opportunity for hands-on experience with sigstore/cosign.

2025-08-12

Deploying External Secrets Operator.

2025-08-11

Deploying the Arr stack.

2025-08-10

Visited SP6PWT, the Student Radio Club of the Wroclaw University of Science and Technology.

SP6PWT radioamateur club — part of the antenna system

2025-08-07

Learning about PostGIS and Leaflet.

2025-08-05

Figuring out Intel iGPU passthrough for QEMU VM on PVE, to facilitate hardware video acceleration for my workloads dealing with video processing.

2025-08-04

For years I've used Spotify, but I'm unhappy about where it's headed as a service. I've decided to explore alternative, networked music player alternatives. This obviously poses a big challenge in terms of the library and content curation. Regardless, I'm going to start purchasing physical CDs from artists that I value, and then rip and ingest into my homelab. As a test run, today I've deployed Jellyfin.

2025-08-03

Finished building my ham radio power supply, everything is working as intended ♥️.

I'd still like to do some load testing, to ensure the connectors and wiring are solid, when conducting higher, sustained currents.

2025-08-02

Went to the local hackerspace to get some change of scenery at the end of the week. Intended to blog a bit while there, but got nerd-sniped by someone else's issues with a Wordpress plugin post-migration. While I was troubleshooting, they made a laser-cut depiction of my cat, Luna.

Shout out to wowkdigital!

2025-08-01

Printed the enclosure for my ham radio power supply, wiring is in progress.

Work in progress on wiring my custom ham radio power supply

2025-07-31

Xiegu G90 comes with a single-fuse power supply cable (positive rail). That's nice of the manufacturer to do, but it's not enough to protect from certain failure modes. To alleviate this risk, I've added another (littel)fuse, to the ground wire. Don't be fooled by the red insulation – the fuse socket came pre-wired and sealed, so I had to cut a piece of the original black cable out 😉.

Added a second fuse to my Xiegu G90 power supply cable

K0NR shared a nice write-up on when and why you might wanna have two fuses (one on each lead), instead of one.

2025-07-30

Writing a post on my homelab rack display (continued).

2025-07-29

Finished rewiring and mapped out the hardware on my modded Petlibro PLAF101. Luna (the kitty) provided valuable feedback throughout the process.

2025-07-28

Figuring out how to properly drive the motor and detect axis rotation increments. Will need to add more modwires, since the motor was definitely connected to the underside pins of the WBR3, which the ESP-12E does not have.

ESPHome logs screenshot depicting button binary sensor events

2025-07-27

Flashed ESPHome onto the modded Petlibro PLAF101 board. Configured the basics, mapped out buttons and LEDs.

2025-07-26

Built a custom ISP harness for the Petlibro PLAF101 motherboard. Soldered an ESP-12E module in place of the original WBR3.

Custom ISP harness for Petlibro PLAF101 with ESP-12E

2025-07-24

Writing a post on how I built my homelab rack display.

2025-07-22

Finally repaired my ZFS storage pool. Turns out the USB3/SATA adapter was acting up, leading to random IO issues, and the disk eventually going offline.

Replacing the adapter solved the issue. This result is in line with the lack of SMART errors and no bad blocks detected during full-surface read testing without the adapter. If it was the disk at fault, the failures would have occurred in both environments (regardless of the adapter).

The original adapter board has a JMicron JMS578. Initial analysis shows that adapters using this chip tend to be flaky in terms of power management, disk enumeration, and SMART support. This can be improved by flashing alternative firmware [1]. It's certainly an interesting avenue, but it's not a priority to me at the moment.

Questions:

If it was the JMS578 firmware at fault, why didn't this fail earlier?
I've seen the same behavior with a different unit of the same exact adapter model, how likely is it that both are defective and exhibiting the same behavior?
I've had this hardware setup for almost a year now. Perhaps a recent hypervisor's kernel update caused an interoperability regression?

2025-07-21

Studying for my ham radio exam.
Ordered replacement parts for my main virt server:
- new SSD for the ZFS storage pool,
- new external 2.5" USB3 disk enclosure.
Tweaked blog Zola macros to sort recent posts by update date, instead of creation date.

2025-07-20

Learning shortwave propagation theory.
Investigating IO instability issues with one ZFS storage pool disk on my main hypervisor.

2025-07-19

Modding the server PSU

Designing a front enclosure for my HSTNS PL-28 server PSU.

2025-07-17

Attending an antenna theory workshop at my local radio club (SP6HACK).

2025-07-16

Finished the lil' dashboard display

Next up:

dedicated Grafana dashboard and possibly a playlist;
Fully Kiosk browser screen dimming and motion detection configuration.

I'll do a full writeup once I complete this project.

Nokia G22 modded to a dashboard display, installed on a small 10″ server rack

2025-07-15

Designing a surface mounted holder for the modded phone

I've decided to surface mount this phone to the glass door of my homelab's rack. Working on a design to enclose the whole device (with the mods).

2025-07-13

Modding Nokia G22 to operate without a battery

I wanted a compact homelab dashboard, but didn't want to implement a custom embedded solution from scratch. I'm modding an old, defective smartphone to operate solely on external power.

2025-07-12

Planning the jailbreak strategy for my Petlibro PLAF101 pet feeder

At first glance, the on-board WBR3 module seems electrically compatible with an ESP8266. I'll pursue this avenue, since it would enable the usage of ESPHome. Looks like people have done it before with other devices!

VLC playback issues on Arch Linux

Encountered x264 playback issues in VLC after upgrading on Arch Linux. It appears the vlc package moved plugins into optional packages, which were not explicitly required on my system. Namely the ffmpeg backend plugin, which facilitates x264 decoding.

Minimum viable remediation: pacman -S vlc-plugin-ffmpeg.
All-in-one fix for other plugins: pacman -S vlc-plugins-all.

Xiegu G90 stand

Printed this stand for my Xiegu G90:

2025-07-11

Xiegu G90 Speaker Deflector

Printed a speaker deflector for my Xiegu G90.

HF rig planning

Planning the at-home power supply for my HF station.

During initial tests, the observed current draw at full TX power didn't exceed 4,5A at 13,8V.
The unit's manual recommends a supply of at least 8A.
I hoped to use my bench PSU, but I misremembered it having a current capacity of 10A, while it's actually 5A. This technically might be enough, given the measurements, but a 4,5A load is awfully close to the limit, and I'd rather not run the PSU that hot on a regular basis.
As a long term solution, I've ordered a used 460W server PSU. These are built like tanks and are very cheap – I got mine for just $10. I'm planning to modify it into a 13,8V supply, since HF radios typically operate optimally at that voltage. I'll do a separate write-up on this project once it's finished.

2025-07-10

Got my first HF transceiver! I'm learning to operate it at my local radioamateur club, since I don't have an antenna rig at home (yet).

2025-07-08

Reworking my off-site backup strategy for Kubernetes PVCs.

2025-07-07

~~Slamming my head against a wall~~ Setting up Nvidia drivers on Arch Linux (btw) for Nvidia RTX4070.

Turns out my only HDMI output just refuses to work with the proprietary drivers (575.64.03-2), whereas the DisplayPort outputs work just fine.
Followed the official Arch Linux guide for Nvidia, and installed nvidia, nvidia-settings, nvidia-utils.
Running kernel linux-lts, which at the time of writing is 6.15.5-arch1-1.
I doubt the HDMI issue is rooted in hardware, since it works just fine in BIOS and when booted with nouveau.

2025-07-06

Observed an issue with my Tailscale setup on OPNsense, where it kept losing its Tailnet connection shortly after startup. No clear indication of failure in the logs. I've been previously using the FreeBSD ports implementation and later switched to the recently added, official OPNsense Tailscale plugin. It's possible that any combination of the following would've sufficed, but here's what I did to remediate:

ensured the old install is removed from the system and does not attempt to start alongside (possibly conflicting with) the new plugin (like a system service);
deleted /var/db/tailscale;
reconfigured the Tailscale plugin with a fresh auth key.