2018-04-09

How to Setup Outline VPN at Home and Save the Cloud Hosting Costs

A while ago I had OpenVPN setup, but it was quite a bit of work.  Then I upgraded something and it broke, and I never got around to fixing it.  So setting up VPN access to my home network has been on my to do list for a while.  Then I noticed the release of Jigsaw's (Alphabet/Google) Outline VPN, and figured I'd give it a try.

Setting up Outline VPN took a lot longer than it should have because I didn't find a really good resource for installing it at home.  Everything I found left out some of the key details I was interested in.  Specifically, I wanted to know a bit about what's going on, and wanted to minimize the number of ports I have open and/or forwarded on my home router.  

First, I have Ubuntu 16.04, so the steps will be best described for that OS.  However, it shouldn't be that difficult to translate them to a different OS.
  1. Verify you have an externally accessible IP address.  
    1. Log into the router or cable modem your ISP provided
    2. Check the setup or status page
    3. There will be a WAN IP address.  If it's not within one of the following sets, private IP addresses, then you're good to go (10.0.0.0 - 10.255.255.255, 172.16.0.0 - 172.31.255.255, 192.168.0.0 - 192.168.255.255)
  2. Install Docker - Follow the link for the complete steps, or try the following:
    1. curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
    2. sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
    3. sudo apt-get update
    4. sudo apt-get install -y docker-ce
  3. The following steps generally following Outline VPN standard installation steps
  4. Download the install script and save it locally
    1. sudo wget https://raw.githubusercontent.com/Jigsaw-Code/outline-server/master/src/server_manager/install_scripts/install_server.sh > install_server.sh
  5. Set the port used by Outline Manager, by editing install_server.sh.  Then either update get_random_port to return a number between 1024 and 65535, or update the script at around line 99 to use the specific port number instead of calling get_random_port (which returns a random port)
    1. ex. Replace 'echo $num;' with 'echo 65333;'
  6. Update your router and/or firewall to forward the specific port to the computer that you're installing Outline on.
  7. Install Outline VPN, execute (-x is optional, and is for debugging purposes).  Take note of the apiUrl and certSha256 output at the end of the command assuming it's successful.
    1. cat install_server.sh | sudo bash -x
  8. Assuming the manager port is not blocked, the install will complete.
  9. Download Outline Manager from the following site
    1. https://getoutline.org/en/home
  10. Run Outline Manager and select the bottom option
  11. Enter the apiUrl and certSha256 from step 7 in the Outline Manager and click OK
  12. So that you can track usage, in the connected Outline Manager, add a key and give it a useful name.
  13. Click SHARE and copy the generated URL using the device you want to connect to your VPN
  14. The URL will look something like the following.  Again go to your firewall and/or router and forward the <PORT NUMBER> to the computer that you're installing Outline on.
    1. https://s3.amazonaws.com/outline-vpn/index.html#/invite/ss%3A%2F%2abcdefg...%3D%40<IP ADDRESS>%3A<PORT NUMBER>%2F%3Foutline%3D1
  15. Go to the URL from step 13.  You will be directed to install the Outline application, and add the server.
  16. You're done.  To test, click CONNECT and try to access something from your home network.

I use mine for my nightly backups of pictures and videos I've taken on my phone to my NextCloud installation that I don't want publicly accessible.


If you run into problems during the install, stopping and removing all the related docker images will be useful:

  • sudo docker stop shadowbox;sudo docker rm shadowbox;sudo docker stop watchtower;sudo docker rm watchtower


Useful links:

2017-07-25

Your Brain, a Temple or Sacred Place


I was reading the article How to consume News a couple of mornings ago, and the last point must have really resonated with me because my mind wondered on the drive to work.  The last point is:

■ Most of all, be kind and respectful to your brain. Treat it like you would treat your home or a temple or a sacred place. Control what goes in there with extreme prejudice. You have finite mental horsepower. Use it on things that are worth it.

So I thought, treat your mind like a temple, that's kind of like treating your body as a temple, where someone takes care of their body and what they put into it.  Eating healthy, or watching what you eat can have significant benefits.  Over the past couple of decades there has been a huge push towards eating healthy.  The opposite, junk food, and eating it regularly negatively affects your body and overall performance, just watch Super Size Me.  So junk food is bad for you and your body, is there a parallel for your brain and if so what would it be?

Let's think about junk food for a moment.  It generally has high amounts of sugar and/or fat, and our body craves it because it's high in energy.  Let's focus on sugar, where we get a burst of energy, a temporary high, followed by a low.  That can start a vicious cycle of highs and lows, including mood swings.

Can we make parallels between junk food and information and/or news?  Do we get the same highs and lows from fast breaking news?  The latest terror threat, scandal, etc.  Even the urge to look at an accident while you drive by somewhat seems to fit.  In some cases the high, adrenaline, is longer than a sugar high, but it is temporary.  We gossip about the latest thing, but then in a day or two that news is old, forgotten and didn't really benefit us in the long term.  And where do reality TV shows fit, immersed in someone else's trumped up and exaggerated reality instead of your own, or to escape your own (reminds me of an episode of Black Mirror).  We wasted a bunch of time and energy absorbing this unimportant information, and then we move onto the next thing.

What about our psyche or brains?  Negative news dominates in this day and age, is this similar to how junk food once dominated our diets.  Will we learn that this is unhealthy, and that we should be controlling/monitoring what our eyes and ears see and hear, how long will this take for us to learn.

Assuming there such a thing as junk information or junk news, we should be trying to avoid it.  Our brains can only handle a certain amount of information, so what if we're bombarding them with garbage.  Should we be trying to consume healthy information?  Will there be a push in society to control what gets to our eyes and ears just like we do our mouths?

2017-05-01

Adding Feature Switches to your Django Project in 10 Minutes

The first time I heard about feature switches was at a Winnipeg Agile Group meeting a year or two ago.  They peaked my interest immediately and seemed like a must when trying to practice DevOps.

I wanted to try them out on my own, so I did some investigating.  I have a Django hobby project and figured it would be a perfect target for trying out feature switches.  I started by writing down some of the features I though would be useful:

  • Stored in a database
  • Support changes on-the-fly
  • Global enable/disable
  • Must support multiple conditions
    • client IP address
    • user
    • group
    • date/time
  • Use them in several scenarios:
    • code (models.py, views.py in Django)
    • templates (Django)
    • entire projects (urls.py in Django)
Since Django has a lot of open source projects, I decided to do a Google search to see what's available.  I found a comparison with a bunch of old projects (+1 years since updated) that I avoided because they're likely not being maintained anymore, and decided to try out gargoyle since it had most (if not all) of the features I thought would be useful.  The original project is deprecated, however Yplan forked it and is actively maintaining the project.  So I downloaded the latest release and manually added it to my project.  I followed their suggestion and also added nexus, then later found I needed to add the dependencies modeldict and jsonfield (link to the project that worked).

However, when I logged in using my admin user and tried to add my first feature switch in the nexus UI, I repeatedly got the error "Enter valid JSON".  I tried a couple of different syntaxes thinking maybe it's expecting quotes, or doesn't support certain characters.  No luck.

Then I found a compatibility post, and figured maybe my jsonfield project is incompatible.  So I searched for a different version.  Fortunately the next version I tried fixed the problem, and I was off to the races.  I had my first feature switch saved in the database.

Next up, add some code that uses it.  Based on the really good gargoyle documentation, I made a slight modification to one of my views and the corresponding template.  Loading the page I found my feature switch looked like it was working.  To verify I toggled the feature switch back and forth in the nexus UI and refreshed the page each time.

Done.  That was too easy.

Please contact me if you have any questions, or are interested in the post and what I do.  


Below are most of the technical details:

def index(request):
    if (gargoyle.is_active('feature_key', request)):
        switched_variable = 'enabled'
    else:
        switched_variable = 'disabled'
    return render(request, 'project/index.html', {'switched_variable': switched_variable })
  • template additions:
   {% load gargoyle_tags %}
    {% ifswitch feature_key %}
        <DIV>SWITCH: ENABLED</DIV>
    {% else %}
        <DIV>SWITCH: DISABLED</DIV>
    {% endifswitch %}
    <DIV>Switch:{{ switched_variable }}</DIV>