When we want to access something in the internet, we type a domain name, for example www.google.com, but what actually happen after that, first thing happens is a dns lookup to find out the ip address for the domain name, then access the data from the server with the ip address.
DNS Resolver There are some different DNS resolvers we could use
Provided by ISP Provided by third parties, such as Google, Cloudflare, OpenDNS etc.
Have installed pi-hole for AD blocking purpose, for which Pi-hole acts as a caching and forwarding DNS server, it applies the blocking list, and forwards the request to to upstream DNS servers. But we could take a step further to set up our own DNS server with installing Unbound
Install Unbound sudo apt install unbound -y Add/Update config sudo nano /etc/unbound/unbound.conf.d/pi-hole.conf Pi-hole.conf server: # If no logfile is specified, syslog is used # logfile: "/var/log/unbound/unbound.
In this excerise, we will try to resize a volume for EC2
Size(any type) and IOPS(Some types) can be increased for the EBS volumes Repartition required after resizing The volume is still usable after increasing the size Can’t decrease the EBS volume size Check volume before the resize [root@ip-111-111-111-111 ec2-user]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS xvda 202:0 0 8G 0 disk ├─xvda1 202:1 0 8G 0 part / ├─xvda127 259:0 0 1M 0 part └─xvda128 259:1 0 10M 0 part [root@ip-111-111-111-111 ec2-user]# df -h Filesystem Size Used Avail Use% Mounted on devtmpfs 4.
ESP32 has a RTC which is an independent clock keeps tracks of the date and time.
RTC setup and read the details from machine import RTC import time rtc = RTC() rtc.init((2022,12,27,2,10,23,0,0)) while True: date=rtc.datetime() print(date) time.sleep(1) The RTC info will be reset after power-off or reset, so we may need to try one of below to have the correct datetime
Make sure it always has power Connect with another RTC, for example DS3231 Sync time with NTP Sync time with NTP In this exercise, we will try to sync the time with NTP on each boot.
ESP32 has WIFI connectivity support, in this exercise we will test how to send http request.
Connect to WIFI There is a file named with boot.py, it is executed on every boot, so we can put WIFI connection related code here
def do_connect(): import network wlan = network.WLAN(network.STA_IF) wlan.active(True) if not wlan.isconnected(): print('connecting to network...') wlan.connect('<wifi sid>', '<wifi password>') while not wlan.isconnected(): pass print('network config:', wlan.ifconfig()) do_connect() Send http request Once the WIFI is connected successfully, we can try to send request to RANDOM USER GENERATOR with code below, it will print a random user name every 5 seconds
I have got a LuatOS ESP32C3-CORE board earlier, and thought to try MicroPython on it.
Installation Download Thonny, and install it Found out and note down the installation folder, for example: C:\Users\Tony\AppData\Local\Programs\Thonny Download the Firmware, the latest version is V1.19.1 currently Connect the board to computer, and USB-SERIAL driver, note down the Port once connection is successful Flash the firmware <Thonny installation folder>\python.exe -u -m esptool --chip esp32c3 --port COM9 erase_flash <Thonny installation folder>\python.
Installation pip3 install --upgrade wheel setuptools Cython # install pip3 install bzt # upgrade pip3 install --upgrade bzt # help and version info bzt -h First test mkdir example cd example Reference Taurus Installation
Install nginx apt install nginx systemctl reload nginx.service sudo systemctl enable nginx sudo systemctl start nginx sudo systemctl status nginx sudo nginx -s reload SSL Certificate In previous exercise, we can generate a self signed or Let’s encrypt certificate; or we could convert it from a PFX cert. After this step, a certificate (server.crt) and certificate key (server.key) should be generated
# Extract encryped private key openssl pkcs12 -in [yourfile.pfx] -nocerts -out [keyfile-encrypted.
A SSL cetificate enables an encrypted connection between client and server. In this exercise, will try to generate self signed certificate and a Let’s encrypt certificate with acme.sh.
Self signed cert using OpenSSL mkdir -p /etc/nginx/certificates cd /etc/nginx/certificates # Generate a private key for the CA openssl genrsa 2048 > ca-key.pem # Generate the X509 certificate for the CA openssl req -new -x509 -nodes -days 365000 \ -key ca-key.pem -out ca-cert.
Install docker Docker on EC2 $ sudo yum update -y $ sudo amazon-linux-extras install docker $ sudo service docker start $ sudo usermod -a -G docker ec2-user $ docker info EC2 User Data #! /bin/sh yum update -y amazon-linux-extras install docker service docker start usermod -a -G docker ec2-user chkconfig docker on Create image sample docker file FROM alpine LABEL description="Running Docker from EC2" WORKDIR /src RUN echo "Hello world" > hello.