Force kids device to Google SafeSearch and Safe Youtube

Leveraging Pi-Hole, you can force kids to redirect google search traffic to google safesearch, safe youtube and etc.

Here’s the script I use in Pi-Hole dnsmasq configuration.

Continue reading “Force kids device to Google SafeSearch and Safe Youtube”

Use Siri to control FAAC C720 slide gate

Background:

I have a FAAC C720 slide gate which is controlled by 433Mhz remote. Due to the fact I only have two sets of the remotes, it is not that convenient to have every home members to control the gate easily. I have to keep one remote at home and the other one on the car. So, this comes to my needs.

Scope:

  1. Control the slide gate through WiFi network
  2. Integrate into Smart Home automation platform

Solutions:

Attempt 1: Clone the remote 433Mhz signal by sending through Raspberry Pi and controlled via WiFi network.

My plan was to leverage Raspberry Pi RF 433Mhz receiver and transmitter to capture the remote signal then replicate and send it out by Pi. In this case, once the correct RF signal can be generated by Pi, I can play with it into any Smart Home automation platform. After couple attempts, I successfully sniffer and captured the signals, but it was still failed. Because I didn’t realise the FAAC 433Mhz remote signal is encrypted by rolling code. It is almost impossible for me to decode the code. I have to give up this path.

Attempt 2: I searched a lot on Internet looking for successful case of FAAC gate / door automation, but not really helpful. However, there’s one product comes into my sight. It is called Gogogate2. It meets all my requirement and more. The key thing is that it is compatible with FAAC C720 gate. On their website there’s also a connection diagram guide you how to connect Gogogate2 to FAAC C720 control board. Very nice, but a little expensive for me.

Continue reading “Use Siri to control FAAC C720 slide gate”

Use SNMP to monitor your home network by LibreNMS

Recently I spent some time tried different solution to monitor home network and systems. Initially, I tried Cacti on Raspberry Pi but not working really well together with Pi-Hole. So I moved Cacti into a docker container on Synology NAS. But Cacti eats up lot of NAS resources and itself is not that user-friendly. So many issues with poller, and the performance is not good.

Then finally, I found LibreNMS which surprised me with easy deployment and very nice look and feel. So go straight to the deployment guide of LibreNMS to monitor home network via SNMP.

Continue reading “Use SNMP to monitor your home network by LibreNMS”

Mikrotik RouterOS Dynamic Update Script for OpenDNS

There is a need to provide some level of parent control and kids safe Internet access at home. Using OpenDNS is a easy and cost free solution.

To customize the web security filtering policies for your own case, you need to update home Internet public IP to OpenDNS so that the customized your policy will be applied. In a dynamic IP situation, it is essential to keep telling OpenDNS the latest correct Internet IP. Instead of install OpenDNS updater client on MAC/WIN/LINUX, we can use Mikrotik RouterOS scripts to update the IP directly.

Continue reading “Mikrotik RouterOS Dynamic Update Script for OpenDNS”

Mikrotik RouterOS work with Cisco Aironet AP

Background:

I have a spare Cisco Aironet 3702i but I do not have Cisco Wireless Controller to manage it. But I do like its wireless capability and I want it to replace ASUS RT-AC68U as home main wireless access point.

I also have a Mikrotik hex POE 960PGS router to provide both connectivity and power to surveillance camera.

I want to fully utilize the gears I have and just use a cost effective solution to achieve secure home wireless network.

Target:

  • Multiple SSIDs with different VLANs, different encryption and authentication methods
  • Each SSID network needs to be segregated with others
  • One SSID needs to be in the same subnet of local wired network

Continue reading “Mikrotik RouterOS work with Cisco Aironet AP”

Synology Letsencrypt DNS-01 cert issue and install

Install the acme.sh Client

  • SSH to Synology DiskStation.
  • sudo -i to root login.
  • Install acme.sh manually.
    $ wget https://github.com/Neilpang/acme.sh/archive/master.tar.gz
    $ tar xvf master.tar.gz
    $ cd acme.sh-master/
    $ ./acme.sh --install --nocron --home /usr/local/sbin/acme.sh
    

Logout and login back again. so install is done :)

  • next step is to do the configuration:
    $ cd /usr/local/sbin/acme.sh
export CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"
export CF_Email="[email protected]"
  • Issue and install the certs. The code below to reflect your own path and domain name.
./acme.sh  --issue -d YOURDOMAIN.TLD --dns dns_cf --certpath /usr/syno/etc/certificate/_archive/PATH/cert.pem --keypath /usr/syno/etc/certificate/_archive/PATH/privkey.pem --fullchainpath /usr/syno/etc/certificate/_archive/PATH/fullchain.pem --capath /usr/syno/etc/certificate/_archive/PATH/chain.pem --reloadcmd "/usr/syno/etc/rc.sysv/nginx.sh reload"
  • Configure Crontab for root
$ vi /etc/crontab 
Add the following line to the crontab. Remember to use tab for spacing.
0    10    2    *    *    root    root /usr/local/sbin/acme.sh/acme.sh --cron --home /usr/local/sbin/acme.sh/

Continue reading “Synology Letsencrypt DNS-01 cert issue and install”

Synology Cloudflare DDNS Script

Run commands in Synology

  1. Download cloudflareddns.sh from this repository to /usr/local/sbin/cloudflaredns.sh
wget https://raw.githubusercontent.com/joshuaavalon/SynologyCloudflareDDNS/master/cloudflareddns.sh -O /usr/local/sbin/cloudflaredns.sh

If you put the script in other name or path, make sure you use the right path.

  1. Give others execute permission
chmod +x /usr/local/sbin/cloudflaredns.sh
  1. Add cloudflareddns.sh to Synology
cat >> /etc.defaults/ddns_provider.conf << 'EOF'
[Cloudflare]
        modulepath=/usr/local/sbin/cloudflaredns.sh
        queryurl=https://www.cloudflare.com/
EOF

queryurl does not matter because we are going to use our script but it is needed.

Get Cloudflare parameters

  1. Go to your domain overview page and get the Zone ID.
  2. Go to your account setting page and get API Key.
  3. Get record id using Cloudflare API.
curl -s GET "https://api.cloudflare.com/client/v4/zones/[Zone ID]/dns_records" \
	-H "X-Auth-Email: [Email]" \
	-H "X-Auth-Key: [API Key" \
	-H "Content-Type: application/json" \
	| jq '.result[] | {name, id, zone_id, zone_name, content, type}'

You need to replace with [] with your parameter. Then, you get the id in result which is you Record ID.

Setup DDNS

  1. Enter the parameters to the cloudflareddns.sh.
  2. Login to your DSM
  3. Go to Control Panel > External Access > DDNS > Add
  4. Select Cloudflare as service provider. Enter your domain as hostname, your Cloudflare account as Username/Email, and API key as Password/Key

Customize Namecheap DDNS script for Synology

sudo -i
wget https://www.xfelix.com/wp-content/uploads/2017/06/namecheap.zip
unzip namecheap.zip
Extract and move namecheap.php to /usr/syno/bin/ddns/

Grant privilege
sudo chmod 755 /usr/syno/bin/ddns/namecheap.php

Edit DDNS Provider list
sudo vi /etc.defaults/ddns_provider.conf
Insert
[Namecheap]
modulepath=/usr/syno/bin/ddns/namecheap.php
queryurl=https://dynamicdns.park-your-domain.com/

In the DSM web interface, open the DDNS menu
Hostname: example.com
Username/Email: www
Password: nameCheap DDNS passkey