Thicket data repository for the EEG
anil.recoil.org
1{
2 "id": "https://ryan.freumh.org/2024-01-29.html",
3 "title": "29 Jan 2024",
4 "link": "https://ryan.freumh.org/2024-01-29.html",
5 "updated": "2024-01-29T00:00:00",
6 "published": "2024-01-29T00:00:00",
7 "summary": "<div>\n <span> Previous: <a href=\"2024-01-22.html\">22 Jan 2024</a> </span>\n <span> Next: <a href=\"2024-02-05.html\"> 5 Feb 2024</a> </span>\n </div>\n \n \n\n <h3>Interspatial Networking</h3>\n<p><span>Got a Zigbee2MQTT bridge\ndeployed via NixOS on a Raspberry Pi 5. This required installing an EDK2\nraspberry Pi 5 EFI implementation as a bootloader pending U-boot support\n<a href=\"https://github.com/NixOS/nixpkgs/issues/260754#issuecomment-1908664693\">https://github.com/NixOS/nixpkgs/issues/260754#issuecomment-1908664693</a>.\nHad lots of false starts trying to cross-compile aarch64 (and arvm6 for\nthe raspberry pi 1) on x86_64. I got pretty far with aarch64 but I think\n<code>nixos-install</code> doesn’t support a cross-compiled grub\ninstallation. I’m playing around with different ways of exposing this\nover HTTP, DNS, RPCs, and maybe Matrix.</span></p>\n<h3>EON</h3>\n<p><span>To support RPCs over DNS as a bootstapping\nmechanism for Jess and I’s idea of an identity service I resurrected the\nDNS tunnelling in EON. There’s a few kinks to work out with payload\nlengths fitting into domain names, and an odd failure mode where an\nempty buffer is sent. This plus some key management would make DoDO\nfeasible.</span></p>\n<p><span>The certificate provisioning is working over\n<code>lenscap</code>. I intend to use it for some real services like <a href=\"https://freumh.org\">freumh.org</a>, and extend it with support for\nrewnewal.</span></p>\n<h3>A name-based VPN</h3>\n<p><span>I’ve been thinking about how\nTailscale uses DNS, and the difficulties in sharing machines on a\nTailnet. We’ve thrown around the idea of a name-first based approach\nthat would support sharing machine access first-class, and I think some\nof this capability DNS stuff could be used to communicate and provision\nsuch connections. Need to write more about this.</span></p>\n<p><span>Recently published <a href=\"https://www.rfc-editor.org/rfc/rfc9526\">RFC9526</a> proposes DNS\nnames for devices in home networks but proposes IPv6 to address\nend-to-end connectivity without addressing NATs and Firewalls that are\nstill employed in many networks over which the user has no\ncontrol.</span></p>",
8 "content": "<div>\n <span> Previous: <a href=\"2024-01-22.html\">22 Jan 2024</a> </span>\n <span> Next: <a href=\"2024-02-05.html\"> 5 Feb 2024</a> </span>\n </div>\n \n \n\n <h3>Interspatial Networking</h3>\n<p><span>Got a Zigbee2MQTT bridge\ndeployed via NixOS on a Raspberry Pi 5. This required installing an EDK2\nraspberry Pi 5 EFI implementation as a bootloader pending U-boot support\n<a href=\"https://github.com/NixOS/nixpkgs/issues/260754#issuecomment-1908664693\">https://github.com/NixOS/nixpkgs/issues/260754#issuecomment-1908664693</a>.\nHad lots of false starts trying to cross-compile aarch64 (and arvm6 for\nthe raspberry pi 1) on x86_64. I got pretty far with aarch64 but I think\n<code>nixos-install</code> doesn’t support a cross-compiled grub\ninstallation. I’m playing around with different ways of exposing this\nover HTTP, DNS, RPCs, and maybe Matrix.</span></p>\n<h3>EON</h3>\n<p><span>To support RPCs over DNS as a bootstapping\nmechanism for Jess and I’s idea of an identity service I resurrected the\nDNS tunnelling in EON. There’s a few kinks to work out with payload\nlengths fitting into domain names, and an odd failure mode where an\nempty buffer is sent. This plus some key management would make DoDO\nfeasible.</span></p>\n<p><span>The certificate provisioning is working over\n<code>lenscap</code>. I intend to use it for some real services like <a href=\"https://freumh.org\">freumh.org</a>, and extend it with support for\nrewnewal.</span></p>\n<h3>A name-based VPN</h3>\n<p><span>I’ve been thinking about how\nTailscale uses DNS, and the difficulties in sharing machines on a\nTailnet. We’ve thrown around the idea of a name-first based approach\nthat would support sharing machine access first-class, and I think some\nof this capability DNS stuff could be used to communicate and provision\nsuch connections. Need to write more about this.</span></p>\n<p><span>Recently published <a href=\"https://www.rfc-editor.org/rfc/rfc9526\">RFC9526</a> proposes DNS\nnames for devices in home networks but proposes IPv6 to address\nend-to-end connectivity without addressing NATs and Firewalls that are\nstill employed in many networks over which the user has no\ncontrol.</span></p>",
9 "content_type": "html",
10 "categories": [],
11 "source": "https://ryan.freumh.org/atom.xml"
12}