forked from nihilist/blog-contributions
390 lines
15 KiB
HTML
390 lines
15 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<meta name="description" content="">
|
|
<meta name="author" content="">
|
|
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
|
|
|
|
<title>Electrical Failover Setup</title>
|
|
|
|
<!-- Bootstrap core CSS -->
|
|
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
|
|
<link href="../../assets/css/xt256.css" rel="stylesheet">
|
|
|
|
|
|
|
|
<!-- Custom styles for this template -->
|
|
<link href="../../assets/css/main.css" rel="stylesheet">
|
|
|
|
|
|
|
|
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
|
|
<!--[if lt IE 9]>
|
|
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
|
|
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
|
|
<![endif]-->
|
|
</head>
|
|
|
|
<body>
|
|
|
|
<!-- Static navbar -->
|
|
<div class="navbar navbar-inverse-anon navbar-static-top">
|
|
<div class="container">
|
|
<div class="navbar-header">
|
|
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
|
|
<span class="icon-bar"></span>
|
|
<span class="icon-bar"></span>
|
|
<span class="icon-bar"></span>
|
|
</button>
|
|
<a class="navbar-brand-anon" href="\index.html">nihilist`s Blog</a>
|
|
</div>
|
|
<div class="navbar-collapse collapse">
|
|
<ul class="nav navbar-nav navbar-right">
|
|
|
|
<li><a href="/about.html">About</a></li>
|
|
<li><a href="/blog.html">Categories</a></li>
|
|
<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
|
|
<li><a href="/contact.html">Contact</a></li>
|
|
</ul>
|
|
</div><!--/.nav-collapse -->
|
|
|
|
</div>
|
|
</div>
|
|
|
|
<!-- +++++ Posts Lists +++++ -->
|
|
<!-- +++++ First Post +++++ -->
|
|
<div id="anon2">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-8 col-lg-offset-2">
|
|
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-04-06</ba></p>
|
|
<h1>Electrical Failover (basic UPS setup) </h1>
|
|
<b>Threat Model:</b>
|
|
<p>What if an adversary tells your electricity provider to temporarily power off your electricity to check if it manages to shut down a particular hidden service ? How do you ensure that your hidden service running at home remains accessible even without the main electrical input ?</p>
|
|
<img src="0.png" style="width:250px">
|
|
<p>In this tutorial we'll look at the most fundamental part of both Disaster Recovery Planning and Business Continuity for home servers. We'll look at how to deal with power outages. </p>
|
|
<img src="1.png" class="imgRz">
|
|
<p>For the Electrical Outages, we'll setup a UPS in between our homeserver and the main electrical input, so that in case of a power outage the home server can keep running for a while before finally shutting down. The UPS will then send a message to the Network UPS Tools suite to tell the server to shutdown when the batteries run low. </p>
|
|
|
|
</div>
|
|
</div><!-- /row -->
|
|
</div> <!-- /container -->
|
|
</div><!-- /grey -->
|
|
|
|
<!-- +++++ Second Post +++++ -->
|
|
<div id="anon3">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-8 col-lg-offset-2">
|
|
<h2><b>Electrical Outages - UPS setup </b></h2>
|
|
<p>Before buying a UPS, you need to know how much your home server can draw power (in watts), to make it simple just look at your power supply in your Homeserver. Mine is a RM 750x:</p>
|
|
<img src="2.png" style="width:250px">
|
|
<p>and as explained in the technical specs, it can draw up to 750 Watts of power:</p>
|
|
<img src="3.png" class="imgRz">
|
|
<p>So you need a UPS that can generate at least 750 Watts of power, such as the APC Back-UPS 1600VA:</p>
|
|
<img src="4.png" class="imgRz">
|
|
<p>For my usecase, i picked that one because it can power my homeserver with the 900Watts it can output. Perfect for my server that can draw 750Watts.</p>
|
|
<p>First make sure your homeserver's plugged onto the UPS which is plugged onto the main electrical source. Then power on the homeserver, and after it booted, connect the serial to usb cable from the UPS to the homeserver, and you'll see it appear like so:</p>
|
|
<pre><code class="nim">
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ lsusb
|
|
|
|
[...]
|
|
|
|
Bus 003 Device 003: ID 051d:0002 American Power Conversion Uninterruptible Power Supply
|
|
|
|
[...]
|
|
|
|
</code></pre>
|
|
|
|
<p>Then, let's install network ups tools (nut) and make it scan for any ups connected via UPS like ours:</p>
|
|
<pre><code class="nim">
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ apt update -y ; apt install nut nut-client nut-server -y
|
|
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ sudo nut-scanner -U
|
|
Scanning USB bus.
|
|
[nutdev1]
|
|
driver = "usbhid-ups"
|
|
port = "auto"
|
|
vendorid = "051D"
|
|
productid = "0002"
|
|
product = "Back-UPS BX1600MI FW:378600G -302202G"
|
|
serial = "DWAADWAWDWA"
|
|
vendor = "American Power Conversion"
|
|
bus = "003"
|
|
|
|
</code></pre>
|
|
|
|
<p></p>
|
|
<pre><code class="nim">
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ cat /etc/nut/upsmon.conf
|
|
RUN_AS_USER root
|
|
MONITOR apc-ups@localhost 1 admin secret master
|
|
|
|
MINSUPPLIES 1
|
|
SHUTDOWNCMD "/sbin/shutdown -h +0"
|
|
POLLFREQ 5
|
|
POLLFREQALERT 5
|
|
HOSTSYNC 15
|
|
DEADTIME 15
|
|
POWERDOWNFLAG /etc/killpower
|
|
RBWARNTIME 43200
|
|
NOCOMMWARNTIME 300
|
|
FINALDELAY 5
|
|
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ cat /etc/nut/upsd.conf
|
|
LISTEN 0.0.0.0 3493
|
|
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ cat /etc/nut/nut.conf
|
|
|
|
MODE=netserver
|
|
|
|
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ cat /etc/nut/upsd.users
|
|
[monuser]
|
|
password = secret
|
|
admin master
|
|
|
|
</code></pre>
|
|
|
|
<p></p>
|
|
<pre><code class="nim">
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ systemctl status nut-server nut-client nut-monitor
|
|
● nut-server.service - Network UPS Tools - power devices information server
|
|
Loaded: loaded (/lib/systemd/system/nut-server.service; enabled; preset: enabled)
|
|
Active: active (running) since Sat 2024-04-06 17:23:47 CEST; 5s ago
|
|
Main PID: 707274 (upsd)
|
|
Tasks: 1 (limit: 76930)
|
|
Memory: 620.0K
|
|
CPU: 2ms
|
|
CGroup: /system.slice/nut-server.service
|
|
└─707274 /lib/nut/upsd -F
|
|
|
|
Apr 06 17:23:47 wonderland systemd[1]: Started nut-server.service - Network UPS Tools - power devices information server.
|
|
Apr 06 17:23:47 wonderland nut-server[707274]: fopen /run/nut/upsd.pid: No such file or directory
|
|
Apr 06 17:23:47 wonderland nut-server[707274]: Could not find PID file '/run/nut/upsd.pid' to see if previous upsd instance is already running!
|
|
Apr 06 17:23:47 wonderland nut-server[707274]: listening on 0.0.0.0 port 3493
|
|
Apr 06 17:23:47 wonderland upsd[707274]: listening on 0.0.0.0 port 3493
|
|
Apr 06 17:23:47 wonderland upsd[707274]: Connected to UPS [apc-ups]: usbhid-ups-apc-ups
|
|
Apr 06 17:23:47 wonderland nut-server[707274]: Connected to UPS [apc-ups]: usbhid-ups-apc-ups
|
|
Apr 06 17:23:47 wonderland nut-server[707274]: Running as foreground process, not saving a PID file
|
|
Apr 06 17:23:47 wonderland upsd[707274]: Running as foreground process, not saving a PID file
|
|
|
|
● nut-monitor.service - Network UPS Tools - power device monitor and shutdown controller
|
|
Loaded: loaded (/lib/systemd/system/nut-monitor.service; enabled; preset: enabled)
|
|
Active: active (running) since Sat 2024-04-06 17:23:47 CEST; 5s ago
|
|
Main PID: 707276 (upsmon)
|
|
Tasks: 2 (limit: 76930)
|
|
Memory: 836.0K
|
|
CPU: 2ms
|
|
CGroup: /system.slice/nut-monitor.service
|
|
├─707276 /lib/nut/upsmon -F
|
|
└─707277 /lib/nut/upsmon -F
|
|
|
|
Apr 06 17:23:47 wonderland systemd[1]: Started nut-monitor.service - Network UPS Tools - power device monitor and shutdown controller.
|
|
Apr 06 17:23:47 wonderland nut-monitor[707276]: fopen /run/nut/upsmon.pid: No such file or directory
|
|
Apr 06 17:23:47 wonderland nut-monitor[707276]: Could not find PID file to see if previous upsmon instance is already running!
|
|
Apr 06 17:23:47 wonderland nut-monitor[707276]: UPS: apc-ups@localhost (primary) (power value 1)
|
|
Apr 06 17:23:47 wonderland nut-monitor[707276]: Using power down flag file /etc/killpower
|
|
Apr 06 17:23:47 wonderland nut-monitor[707277]: Init SSL without certificate database
|
|
Apr 06 17:23:47 wonderland nut-monitor[707277]: Login on UPS [apc-ups@localhost] failed - got [ERR ACCESS-DENIED]
|
|
|
|
● nut-monitor.service - Network UPS Tools - power device monitor and shutdown controller
|
|
Loaded: loaded (/lib/systemd/system/nut-monitor.service; enabled; preset: enabled)
|
|
Active: active (running) since Sat 2024-04-06 17:23:47 CEST; 5s ago
|
|
Main PID: 707276 (upsmon)
|
|
Tasks: 2 (limit: 76930)
|
|
Memory: 836.0K
|
|
CPU: 2ms
|
|
CGroup: /system.slice/nut-monitor.service
|
|
├─707276 /lib/nut/upsmon -F
|
|
└─707277 /lib/nut/upsmon -F
|
|
|
|
Apr 06 17:23:47 wonderland systemd[1]: Started nut-monitor.service - Network UPS Tools - power device monitor and shutdown controller.
|
|
Apr 06 17:23:47 wonderland nut-monitor[707276]: fopen /run/nut/upsmon.pid: No such file or directory
|
|
Apr 06 17:23:47 wonderland nut-monitor[707276]: Could not find PID file to see if previous upsmon instance is already running!
|
|
Apr 06 17:23:47 wonderland nut-monitor[707276]: UPS: apc-ups@localhost (primary) (power value 1)
|
|
Apr 06 17:23:47 wonderland nut-monitor[707276]: Using power down flag file /etc/killpower
|
|
Apr 06 17:23:47 wonderland nut-monitor[707277]: Init SSL without certificate database
|
|
Apr 06 17:23:47 wonderland nut-monitor[707277]: Login on UPS [apc-ups@localhost] failed - got [ERR ACCESS-DENIED]
|
|
|
|
</code></pre>
|
|
<p>We can check if the server can get all the </p>
|
|
<pre><code class="nim">
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ upsc apc-ups@localhost
|
|
Init SSL without certificate database
|
|
battery.charge: 100
|
|
battery.charge.low: 10
|
|
battery.mfr.date: 2001/01/01
|
|
battery.runtime: 3167
|
|
battery.runtime.low: 120
|
|
battery.type: PbAc
|
|
battery.voltage: 27.2
|
|
battery.voltage.nominal: 24.0
|
|
device.mfr: American Power Conversion
|
|
device.model: Back-UPS BX1600MI
|
|
device.serial: DDWAWADWADADW
|
|
device.type: ups
|
|
driver.name: usbhid-ups
|
|
driver.parameter.pollfreq: 30
|
|
driver.parameter.pollinterval: 1
|
|
driver.parameter.port: auto
|
|
driver.parameter.productid: 0002
|
|
driver.parameter.serial: DWDADWAWDDWAADWDAW
|
|
driver.parameter.synchronous: auto
|
|
driver.parameter.vendorid: 051D
|
|
driver.version: 2.8.0
|
|
driver.version.data: APC HID 0.98
|
|
driver.version.internal: 0.47
|
|
driver.version.usb: libusb-1.0.26 (API: 0x1000109)
|
|
input.sensitivity: medium
|
|
input.transfer.high: 295
|
|
input.transfer.low: 145
|
|
input.voltage: 234.0
|
|
input.voltage.nominal: 230
|
|
ups.beeper.status: enabled
|
|
ups.delay.shutdown: 20
|
|
ups.firmware: 378600G -302202G
|
|
ups.load: 10
|
|
ups.mfr: American Power Conversion
|
|
ups.mfr.date: 2022/02/08
|
|
ups.model: Back-UPS BX1600MI
|
|
ups.productid: 0002
|
|
ups.realpower.nominal: 900
|
|
ups.serial: DAWDWDAWADWADWDAWAD
|
|
ups.status: OL
|
|
ups.test.result: Done and passed
|
|
ups.timer.reboot: 0
|
|
ups.timer.shutdown: -1
|
|
ups.vendorid: 051d
|
|
|
|
</code></pre>
|
|
<p>Now that the UPS is detected, we can install an interface for the nut service:</p>
|
|
<pre><code class="nim">
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ apt install nut-cgi -y
|
|
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ vim /etc/nut/hosts.conf
|
|
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ cat /etc/nut/hosts.conf
|
|
|
|
MONITOR apc-ups@localhost "APC UPS - 1600VA"
|
|
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ cat /etc/nut/upsset.conf
|
|
I_HAVE_SECURED_MY_CGI_DIRECTORY
|
|
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ apt install apache2 -y
|
|
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ a2enmod cgi
|
|
Your MPM seems to be threaded. Selecting cgid instead of cgi.
|
|
Enabling module cgid.
|
|
To activate the new configuration, you need to run:
|
|
systemctl restart apache2
|
|
|
|
[ Wonderland ] [ /dev/pts/3 ] [~]
|
|
→ systemctl restart apache2
|
|
|
|
</code></pre>
|
|
<p>And now we can browse it from the web on port 80: the url is: <b>http://192.168.0.100/cgi-bin/nut/upsstats.cgi?host=apc-ups@localhost&treemode</b> </p>
|
|
<img src="6.png" class="imgRz">
|
|
<p>we can see the following graph to know the Battery Charge, Voltage, Input and Load:</p>
|
|
<img src="7.png" class="imgRz">
|
|
<p>And for more details you can see the data tree:</p>
|
|
<img src="8.png" class="imgRz">
|
|
<p>Now let's test if it works by unplugging the main electrical source:</p>
|
|
<img src="11.png" class="imgRz">
|
|
<p>First thing you'll notice is the UPS starting to do a loud beep every 3 seconds, but you can see it in action from the web interface:</p>
|
|
<img src="9.png" class="imgRz">
|
|
<p>Here as you can see the UPS is working on battery, and slowly the charge is being drained from 100% (now at 97% after 5 minutes) Of course it's being drained slowly due to being on a low load (18% currently), meaning it could last another 20 minutes of electrical outage easily.</p>
|
|
</div>
|
|
</div><!-- /row -->
|
|
</div> <!-- /container -->
|
|
</div><!-- /white -->
|
|
|
|
<!-- <div id="anon2">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-8 col-lg-offset-2">
|
|
<h2><b>Internet Outages - Mobile Hotspot setup</b></h2> </br> </br>
|
|
<p>https://www.linuxized.com/2022/01/automatic-internet-failover-to-lte-or-another-interface/</p>
|
|
<p>https://wiki.debian.org/Bonding#Installation</p>
|
|
<p>https://wiki.archlinux.org/title/Netctl 4.4.2 wired to wireless failover</p>
|
|
<p>https://iv.nowhere.moe/watch?v=acDvlzmsnaE pfsense multiple WAN </p>
|
|
<p>Now to preserve anonymity, just make sure you don't reveal the serial number of your UPS to anyone online otherwise it could get tied to your amazon purchase or similar. </p>
|
|
<pre><code class="nim">
|
|
|
|
</code></pre>
|
|
|
|
<p></p>
|
|
<img src="" class="imgRz">
|
|
<pre><code class="nim">
|
|
|
|
</code></pre>
|
|
|
|
<p></p>
|
|
<img src="" class="imgRz">
|
|
<pre><code class="nim">
|
|
|
|
</code></pre>
|
|
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
-->
|
|
<!-- +++++ Footer Section +++++ -->
|
|
|
|
<div id="anonb">
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col-lg-4">
|
|
<h4>Nihilism</h4>
|
|
<p>
|
|
Until there is Nothing left.
|
|
|
|
</p>
|
|
</div><!-- /col-lg-4 -->
|
|
|
|
<div class="col-lg-4">
|
|
<h4>My Links</h4>
|
|
<p>
|
|
|
|
<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
|
|
|
|
</p>
|
|
</div><!-- /col-lg-4 -->
|
|
|
|
<div class="col-lg-4">
|
|
<h4>About nihilist</h4>
|
|
<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
|
|
</div><!-- /col-lg-4 -->
|
|
|
|
</div>
|
|
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<!-- Bootstrap core JavaScript
|
|
================================================== -->
|
|
<!-- Placed at the end of the document so the pages load faster -->
|
|
|
|
</body>
|
|
</html>
|