router | .random

This project started a long time before the fiber project but after I did some stuff with wireguard. While I had things setup on my various devices, I couldn’t quite get things to work for my wife and had issues/annoyances with shifting networks. Everyone’s been talking a storm about Tailscale but I’ve put it off because there was no self-hosted option…until recently…or at least recently in me finding it.

Headscale has been really easy to get up and running. They don’t like you to it in docker, but it works alright for my needs. I also ended up running another couple of DERP servers “closer to home” to reduce ping/lag.

Headscale compose.yml

services:
  headscale:
    image: headscale/headscale
    restart: unless-stopped
    ports:
      - "127.0.0.1:9090:9090"
      - "0.0.0.0:3478:3478/udp"
      - "[::]:3478:3478/udp"
    volumes:
      - "${PWD}/headscale-conf:/etc/headscale"
    command: serve

Derp compose.yml. For certificates, I make use of certbot with the dns verification plugin.

derp:
    image: ghcr.io/slchris/derp-server:v1
    restart: unless-stopped
    ports:
      - "3443:3443"
      - "3479:3479/udp"
      - "3478:3478/udp"
    environment:
      - DERP_CERT_MODE=manual
      - DERP_DOMAIN=derp.example.com
      - DERP_ADDR=[::]:3443
      - DERP_STUNPORT=3478
    volumes:
      - /etc/letsencrypt/live/derp.example.com/fullchain.pem:/app/certs/derp.example.com.crt:ro
      - /etc/letsencrypt/live/derp.example.com/privkey.pem:/app/certs/derp.example.com.key:ro

Headaches

The only headache I’ve had so far was that recently I started losing connection to things randomly and then it’d come back just as randomly. I eventually figured out that the cause was that one of the DERP server’s letsencrypt certificate was old. Restarting the docker image fixed that and I haven’t had any problems since.

I’ve seen Sipeed’s NanoKVM and JetKVM go viral

and it got me itching for something like them for serial consoles. And by something similar, I mean cheap for what it is and hits 80% of the needs for connecting to a serial console over a network. Surprisingly this is a very expensive thing. While I might be searching for the wrong tech, the results I am finding are comically expensive. We’re talking at least $100 for a single port model. I’ve seen some older models go for $25 on Ebay, but they are so old the manufacturer either doesn’t exist or they’ve been sold off so many times, the current company hasn’t any idea it was made by them.

My requirements are that it should be PoE, can be assigned an address via DHCP, and simple telnet that just passes thru the console it’s connected to. Simple yes? No.

This could be kit bashed together with a Raspberry Pi with a USB to serial adaptor. The problem with those options is that by the time you have everything, it’s almost as much as those other single port terminal servers. While you’ll have more functionality in them, in the terms of price, you might as well go with the other stuff because otherwise you’ll go mad keeping things running.

I started this project thinking I’d need to get my hands on an ESP32 board, write up a sketch to do simple a console/telnet proxy in order to get my vision realized. Though I did do that…terribly it turns out that it’s about as cost effective to kit bash together a cheap travel router, cheap usb to console and optionally a PoE splitter or usb hub. Even with adding a PoE splitter, you’re looking at ~$50 outlay. Heck, it’s even more secure since you could ssh into the router instead of being limited to telnet. Plus the usb hub is a killer feature multiplier and makes this an even more attractive route when dealing with multiple serial consoles.

Though the experiment was a failure, I did get to learn some about ESP32 and how to use them. So I guess it was a win after all.

.random

Tag: router

(head|tail)scale

Headaches

cereal port