Colourful Norwich skyline illustration

Michael Sage

IT, Digital & Culture

Author: michael

Posted on

OVH weird Grub / EFI Setup Issues – Proxmox

OVH weird Grub / EFI custom setup issues - Proxmox

After a recent PVE 8 to 9 upgrade I experienced some boot issues with OVH/SYS/KI servers. It turns out that OVH do some weird stuff with boot disks in the initial setup. The issue and fix is discussed in more detail in the following proxmox post, but I wanted to copy the scripts here in case the forum ever disappears. This script written by a very kind engineer at OVH fixes the sync issue for a one off fix when grub is updated. 
#!/bin/bash

set -euo pipefail

overall_newest_mtime=0
while read -r partition; do
    mountpoint=$(mktemp -d)
    mount "${partition}" "${mountpoint}"
    newest_mtime=$(find "${mountpoint}" -type f -printf "%T@\n" | cut -d. -f1 | sort -n | tail -n1)
    if [[ $newest_mtime -gt $overall_newest_mtime ]]; then
        overall_newest_mtime=${newest_mtime}
        newest_esp=${partition}
        echo "${partition} is currently the newest ESP with a file modified at $(date -d @"${newest_mtime}" -Is)"
    fi
    umount "${mountpoint}"
    rmdir "${mountpoint}"
done < <(blkid -o device -t LABEL=EFI_SYSPART)

newest_esp_mountpoint=$(mktemp -d)
mount "${newest_esp}" "${newest_esp_mountpoint}"
while read -r partition; do
    if [[ "${partition}" == "${newest_esp}" ]]; then
        continue
    fi
    echo "Copying data from ${newest_esp} to ${partition}"
    mountpoint=$(mktemp -d)
    mount "${partition}" "${mountpoint}"
    rsync -ax "${newest_esp_mountpoint}/" "${mountpoint}/"
    umount "${mountpoint}"
    rmdir "${mountpoint}"
done < <(blkid -o device -t LABEL=EFI_SYSPART)
umount "${newest_esp_mountpoint}"
rmdir "${newest_esp_mountpoint}"
echo "Done synchronizing ESPs"
While this fixes the immediate issue, it does nothing to put a permanent fix in place. OVH are rolling out a new config for new builds that doesn’t experience the issue, so the easiest fix is to rebuild your dedicated server, however, if this isn’t for you the same engineer wrote the following to put the server into a more standard configuration. 
#!/bin/bash
# DISCLAIMER:
# This script is provided "as is" with no guarantees. Use at your own risk.
# The author takes no responsibility for any data loss, system breakage,
# or other damage that may occur from running it.

set -euo pipefail

ESP_BACKUP_PATH="/root/efi_system_partition_data"

### Ensure required commands are installed
for command in mkfs.vfat rsync; do
    if ! command -v "${command}" >&/dev/null; then
        echo "Could not find ${command}, make sure it is installed" >&2
        exit 1
    fi
done

### Ensure LABEL=EFI_SYSPART returns something
if [[ ! $(blkid -o device -t LABEL=EFI_SYSPART) ]]; then
    echo "LABEL=EFI_SYSPART returned nothing, aborting" >&2
    exit 1
fi

# Exit if the ESP is already over RAID1
if [[ $(blkid -o device -t LABEL=EFI_SYSPART | xargs lsblk -ndo TYPE) == raid1 ]]; then
    echo "The ESP is already over RAID1, nothing to do"
    exit 0
fi

### Ensure LABEL=EFI_SYSPART only points to partitions and not a broken mix of part/raid1
if [[ $(blkid -o device -t LABEL=EFI_SYSPART | xargs lsblk -ndo TYPE | sort -u) != part ]]; then
    echo "LABEL=EFI_SYSPART returns multiple device types, aborting" >&2
    exit 1
fi

### Don't do anything if there is only one ESP
if [[ $(blkid -o device -t LABEL=EFI_SYSPART | wc -l) == 1 ]]; then
    echo "Only one ESP, nothing to do"
    exit 0
fi

### Unmount /boot/efi
if mountpoint -q /boot/efi; then
    umount "/boot/efi"
    echo "Unmounted /boot/efi"
    # If the script is running on the installed OS (not on a rescue system), we
    # need to unmount /boot/efi and remount it at the end of the script
    esp_mountpoint=/boot/efi
else
    # If the script is running on a system where /boot/efi is not mounted, it's
    # likely a rescue system so we'll use a temporary mountpoint
    esp_mountpoint=$(mktemp -d)
fi

### Find the newest ESP
overall_newest_mtime=-1
while read -r partition; do
    mountpoint=$(mktemp -d)
    mount -o ro "${partition}" "${mountpoint}"
    newest_mtime=$(find "${mountpoint}" -type f -printf "%T@\n" | cut -d. -f1 | sort -n | tail -n1)
    if [[ ${newest_mtime} -gt ${overall_newest_mtime} ]]; then
        overall_newest_mtime=${newest_mtime}
        newest_esp=${partition}
    fi
    umount "${mountpoint}"
    rmdir "${mountpoint}"
    if findmnt --source "${partition}" >/dev/null; then
        echo "${partition} is still mounted somewhere, aborting" >&2
        exit 1
    fi
done < <(blkid -o device -t LABEL=EFI_SYSPART)
echo "${newest_esp} is the newest ESP with a file modified at $(date -d @"${overall_newest_mtime}" -Is)"

### Copy ESP contents
newest_esp_mountpoint=$(mktemp -d)
mount -o ro "${newest_esp}" "${newest_esp_mountpoint}"
mkdir -p "${ESP_BACKUP_PATH}"
rsync -aUx "${newest_esp_mountpoint}/" "${ESP_BACKUP_PATH}/files/"
echo "Copied newest ESP contents to ${ESP_BACKUP_PATH}/files/"
umount "${newest_esp_mountpoint}"
rmdir "${newest_esp_mountpoint}"

### Back up and wipe ESPs
partitions=()
while read -r partition; do
    backup_file="${ESP_BACKUP_PATH}/$(basename "${partition}")"
    # Create a full backup of the ESP, this uses roughly 511 MiB per ESP
    dd if="${partition}" of="${backup_file}" status=none
    echo "Backed up ${partition} as ${backup_file}"
    echo "Wiping signatures from ${partition}"
    wipefs -aq "${partition}"
    echo "Wiped signatures from ${partition}"
    partitions+=("${partition}")
done < <(blkid -o device -t LABEL=EFI_SYSPART)

### Create ESP over RAID1
# Prefer md0 if possible
if [[ ! -e /dev/md0 ]]; then
    md_number=0
else
    highest_md_number=$(find /dev/ -mindepth 1 -maxdepth 1 -regex '^/dev/md[0-9]+$' -printf "%f\n" | sed "s/^md//" | sort -n | tail -n 1)
    md_number=$((highest_md_number + 1))
fi
raid_device="/dev/md${md_number}"
echo "Creating RAID1 device ${raid_device}"
# With metadata version 0.90, the superblock is located at the end of the partition, so the firmware sees it as a normal FAT filesystem
# https://archive.kernel.org/oldwiki/raid.wiki.kernel.org/index.php/RAID_superblock_formats.html
mdadm --create --verbose "${raid_device}" --level=1 --metadata=0.90 --bitmap=internal --raid-devices="${#partitions[@]}" "${partitions[@]}"
echo "Creating FAT filesystem on ${raid_device}"
mkfs.vfat -n EFI_SYSPART "${raid_device}" >/dev/null
mount "${raid_device}" "${esp_mountpoint}"
echo "Copying ESP contents to ${raid_device} mounted on ${esp_mountpoint}"
rsync -aUx "${ESP_BACKUP_PATH}/files/" "${esp_mountpoint}/"
echo "The ESP is now over RAID1:"
lsblk -s "${raid_device}"
if [[ ${esp_mountpoint} != /boot/efi ]]; then
    echo "Unmounting ${esp_mountpoint}"
    umount "${esp_mountpoint}"
    rmdir "${esp_mountpoint}"
fi
echo "Script completed successfully, please check the /boot/efi entry in /etc/fstab, update mdadm.conf and rebuild the initramfs"
Source: Convert EFI System Partitions to RAID1 on OVHcloud bare-metal servers · GitHub
Posted on

Proxmox LE – Azure DNS

Proxmox Azure DNS Challenge for LE

Microsoft seem to keep changing the way you can create Azure API tokens for DNS management. I use it for lets encrypt certs and those expire, so this is the current way I use.

Using the Azure Cloud Shell.

The process is slightly different if you have more than one subscription ID, you will need to run “az account list” and then “az account set –subscription “Subscription B”” to select the correct one.

First you will need to list your DNS Zones.

az network dns zone list

this will return something like this:

[
  {
    "etag": "00000002-0000-0000-f641-73c64955d301",
    "id": "/subscriptions/12345678-9abc-def0-1234-567890abcdef/resourceGroups/exampledns_rg/providers/Microsoft.Network/dnszones/example.com",
    "location": "global",
    "maxNumberOfRecordSets": 5000,
    "name": "example.com",
    "nameServers": [
      "ns1-02.azure-dns.com.",
      "ns2-02.azure-dns.net.",
      "ns3-02.azure-dns.org.",
      "ns4-02.azure-dns.info."
    ],
    "numberOfRecordSets": 11,
    "resourceGroup": "exampledns_rg",
    "tags": {},
    "type": "Microsoft.Network/dnszones"
  }
]

Now create a service principal

az ad sp create-for-rbac --name  "AcmeDnsValidator" --role "DNS Zone Contributor" --scopes \
    /subscriptions/12345678-9abc-def0-1234-567890abcdef/resourceGroups/exampledns_rg/providers/Microsoft.Network/dnszones/example.com

This will then display all the information you need to propergate the LE Azure DNS challenge in proxmox.

Posted on

NanoKVM Remote Firmware Upgrade

michael

A wordy one this time. I bought a handful of the NanoKVM lites (and a couple with screens) late last year. They are pretty good for what they cost! I run a couple of them in remote locations, the only supported way to update the firmware (not the application confusingly) is to rewrite the sd card.

This is somewhat less than ideal!

I have had a couple of cracks at doing it remotely, the first was quite complex and wiped out all customisations, not great if you were connected via tailscale!

This process is a lot slicker, but proceed at your own risk!

Backup /boot/eth.nodhcp  # This is your network config if you use a static IP
Backup /etc/kvm/server.yaml # This is a config file for if you have SSL certs, etc
Copy img file to /data/ # Copying the new firmware to the device
losetup -f -P /<imagename> # Mount the image
losetup -a # To check mount point
mkdir -p /tmp/boot && mkdir -p /tmp/root # Make the mount points for the new firmware
mount /dev/loop0p1 /tmp/boot && mount /dev/loop0p2 /tmp/root # Mount the new firmware
cd /tmp/boot && cp -av * /boot/ # Copy the boot firmware
cd /tmp/root && cp -av * / # Copy the new root firmeware
cd / && umount /tmp/boot && umount /tmp/root # Unmount the new image partitions
losetup -d /dev/loop0 # Unmount the image
rm /data/ # Remove the copied firmware
copy /boot/eth.nodhcp # Copy the network config back
rm /etc/kvm/ssh_stop # Enable SSH
Reboot # Do the needful
Update web application # Make sure the latest application is installed (this will have been overwritten with the new image)
root passwd # Reset the root password to one you like

Optional
Rerun cert script on – If you have a script that copies the new SSL certs re-run it to check you still can!
 

Setup Tailscale

SSH into NanoKVM.
Execute tailscale version to check if Tailscale is already installed. If not, manually install it:
Download Tailscale and extract it;
Move the tailscale file to the /usr/bin/ directory;
Move the tailscaled file to the /usr/sbin/ directory.
Execute /etc/init.d/S98tailscaled restart to start the Tailscale service.
Execute tailscale login and wait for the login link to be generated, then visit the generated link in your browser.
Click Connect in the browser to add NanoKVM to your Tailscale account.

Posted on

Proxmox SyS / OVH & Grub Issue

See this post for a script to run before reboot to fix this issue. 

Sometimes the grub config falls out of sync on OVH, because of their super weird paritioning I think.

You need to boot into rescue mode, mount the two vFAT EFI partions.

I mount mine to /media/RESCUE/efi1 and /media/RESCUE/efi2.

Compare the two (normally proxmox, although I have seen BOOT too).

Copy the newest over the oldest, very, very carefully!

If in doubt copy both to .orig files, I recommend writing down which is the latest as the copy will timestamp with todays date and time!

My scribblings normally look something like this:

EFI1 mounted from /dev/nvme0n1p1 mounted to /media/RESCUE/efi1 grubx64.efi Nov 24
EFI2 mounted from /dev/nvme1n1p1 mounted to /media/RESCUE/efi2 grubx64.efi 25 Mar 25

Then I would probably do cp grubx64.efi grubx64.efi.orig on both

Then finally

cp -b --update /media/RESCUE/efi2/grubx64.efi /media/RESCUE/efi1/

I’d probably check this a hundred times! cp should prompt if the file you are trying to overwrite is newer.

Posted on

Ubuntu 24 LTS – Unifi Mongo Update to 7.0

Ubuntu 24 LTS - Unifi Mongo Upgrades

For the longest time unifi has only supported mongodb 3.6 or older (or mongodb 4.4 for some newer versions (7.5-8.0)), with the release of 8.1.x this has now been updated to version 7.0, still old, but supported, good times.

However, the install on 7 is less that easy, and if you’re on an older server (or just upgraded to 24.04 LTS), then there are a number of steps… Hold on tight here we go…

First step, backup unifi, snapshot the server, make a brew, pray to the IT gods…

Next, we need to go from 3.6 to 4.4, luckily the ever great GlennR has a script for this. Go ahead and run his unifi upgrade script selecting the mongodb upgrade option. For some reason I couldn’t  get the script to go any further than 4.4…

The script can be found here:

https://get.glennr.nl/unifi/update/unifi-update.sh

Next things get a bit wild, so I’ve adapted someone elses script (https://techblog.nexxwave.eu/update-mongodb-4-4-to-7-0-on-unifi-servers/). I’d save the below into a file and make it executable and run it.

** Proxmox Users: You may need to update or change your CPU type the default KVM64 doesn’t expose the AVX flag, so you can either update your cpu.conf file (below) or change the CPU type to host, your CPU must support AVX

/etc/pve/virtual-guest/cpu-models.conf.

cpu-model: avx
    flags +avx;+avx2;+xsave
    phys-bits host
    hidden 0
    hv-vendor-id proxmox
    reported-model kvm64

Upgrade Script:

#!/bin/bash

# Upgrade MongoDB from 4.4 to 6.0
# Author: Nexxwave https://www.nexxwave.be
# MongoDB releases archive: https://www.mongodb.com/download-center/community/releases/archive
# MongoDB versions: https://www.mongodb.com/docs/manual/release-notes/
# Adapted for Ubuntu 22/24 by Michael Sage 28/8/2024

###
# Stop UniFi
###

echo "## Stopping UniFi"
systemctl stop unifi

###
# Download MongoDB Shell
# 'mongo' is deprecated since Mongo 6.0, so we need a separate pacakge.
###

echo "## Download MongoDB Shell"
wget https://downloads.mongodb.com/compass/mongosh-2.2.5-linux-x64.tgz -P /tmp/
tar xvzf /tmp/mongosh-2.2.5-linux-x64.tgz -C /tmp/

###
# Upgrade to MongoDB 5.0.26
###

echo "## Downloading and extracting MongoDB 5.0.26"
wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu2004-5.0.26.tgz -P /tmp/
tar xvzf /tmp/mongodb-linux-x86_64-ubuntu2004-5.0.26.tgz -C /tmp/

echo "## Starting MongoDB 5.0.26 in background"
sudo -u unifi /tmp/mongodb-linux-x86_64-ubuntu2004-5.0.26/bin/./mongod --port 27117 --dbpath /var/lib/unifi/db &
sleep 60

echo "## Executing feature compatibility version 5.0"
/tmp/mongosh-2.2.5-linux-x64/bin/./mongosh --port 27117 --eval 'db.adminCommand( { setFeatureCompatibilityVersion: "5.0" } ) '

echo "## Shutting down MongoDB 5.0.26"
/tmp/mongosh-2.2.5-linux-x64/bin/./mongosh --port 27117 --eval 'db.getSiblingDB("admin").shutdownServer({ "timeoutSecs": 60 })'
sleep 10

###
# Upgrade to MongoDB 6.0.15
###

echo "## Downloading and extracting MongoDB 6.0.15"
wget https://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu2004-6.0.15.tgz -P /tmp/
tar xvzf /tmp/mongodb-linux-x86_64-ubuntu2004-6.0.15.tgz -C /tmp/

echo "## Starting MongoDB 6.0.15 in background"
sudo -u unifi /tmp/mongodb-linux-x86_64-ubuntu2004-6.0.15/bin/./mongod --port 27117 --dbpath /var/lib/unifi/db &
sleep 60

echo "## Executing feature compatibility version 6.0"
/tmp/mongosh-2.2.5-linux-x64/bin/./mongosh --port 27117 --eval 'db.adminCommand( { setFeatureCompatibilityVersion: "6.0" } )'

echo "## Shutting down MongoDB 6.0.15"
/tmp/mongosh-2.2.5-linux-x64/bin/./mongosh --port 27117 --eval 'db.getSiblingDB("admin").shutdownServer({ "timeoutSecs": 60 })'
sleep 10

echo "## All done"

Then we move on to upgrading to version 7, nearly there!

curl -fsSL https://pgp.mongodb.com/server-7.0.asc | sudo gpg -o /usr/share/keyrings/mongodb-server-7.0.gpg --dearmor
echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 multiverse" | sudo tee -a /etc/apt/sources.list.d/mongodb-org-7.0.list
apt update
sudo apt install mongodb-org mongodb-org-mongos mongodb-org-server mongodb-org-shell mongodb-org-tools mongodb-org-database-tools-extra

Now you can start unifi again

sudo systemctl start unifi

Finally finish the update with:

mongosh --port 27117 --eval 'db.adminCommand( { setFeatureCompatibilityVersion: "7.0", confirm: true } )'

Check if everything went ok

mongosh --port 27117 --eval 'db.adminCommand( { getParameter: 1, featureCompatibilityVersion: 1 } )'

The output should look something like this:

{ featureCompatibilityVersion: { version: '7.0' }, ok: 1 }
Posted on

Go Bag…

GL.inet Slate Plus, USB hard drive and firestick in case
Cables in case

Recently we were staying in a hotel for a couple of nights away, the weather turned rubbish so we went to bed early and read (rock and roll) which was great, but it got me thinking, would there be a way to take our movie library with us if we went away for a long time or if one of us was travelling for work and just wanted to crash. I want this solution to work with or without internet access, for two main reasons firstly internet can be very expensive in hotels or on a cruise and secondly there might not be any internet at all!

I started with the router, I have a GL Inet Slate Plus that I use for the mobile lab project, so seemed like a good place to start. I added the DLNA & CIFS plugins to the router and attached a 2Tb USB hard drive (the local media part).

Next came the client device, I am a long-term fan of the Roku media players, however, no matter how much I tried I couldn’t get this to work reliably with DLNA. I had a firestick lite kicking about, so I have decided to use this. I set it up to connect to the wifi on the Slate Plus so far so good!

The Slate Plus has several WAN options, cabled, wifi repeater, USB tethering so multiple ways to get the new mini network online. While testing at home I used USB tethering to an android phone which gave good performance.

The firestick works great while it has an internet connection, I recently went away with work and thought it would be the ideal time to test it all works in the wild! I connected everything together powered it on and it worked… Kinda… The firestick can’t load a home screen without an internet connection so you have to launch the app directly, this worked fine and the firestick connected to the hotel TV without issue.

 

Next I connected the Slate Plus to the hotel wifi, again this worked well and any device connected to the slate then had internet, so it works for connection sharing too, a really useful feature if the internet is expensive.

Closed case
Posted on

The great van upgrade.

Having run the van from 2x Pi 4 (2Gb) for two years, I decided it was time for a refresh. I wanted to bring the whole setup to something a bit more stable and modern (not that I’d had any major issues) I also wanted to refresh for future internet upgrades, be it 5G or Satellite (come on Amazon). I have recently started playing with beelink mini PCs and following the lab in a bag (It’s a lab in a box – Michael Sage) experiment I decided to take the plunge. The main thing that had stopped me doing this was the lack of dual NIC affordable mini PCs… Enter the Beelink EQ12 (16Gb RAM / 500Gb) and an additional 2Tb SSD (for media).

This setup allowed me to move the VPN from the router (the Cirrus AP1300-LTE) to an OPNSense VM. This means the only thing I am using the Cirrus for now is the internet connection (we’ve come a long way since the initial install where the Cirrus was used for internet, wifi, VPN, etc).

I also decided to add the flic hub mini to the van, as home assistant running the flics has never been great and it’s a nightmare to add any more flics!

Flic hub mini and flic 2 buttons

I set it all up at home using the GL.iNet Shadow with a tethered phone, which I have for testing and hotel use.

Home testing (flic hub mini, beelink mini PC, Gl shadow and mobile phone)

I decided I would re-IP the van to 192.168.9.x while I was doing the move to ensure that I could fully test (this will become important later). Once I’d setup proxmox on the mini PC I created 4 virtual machines (firewall, plex server, workstation and home assistant). I then setup the site to site OpenVPN, I know there are better VPN’s available now, but it’s something I’m familiar with and it’s stable.

Harley Q Proxmox Server

With all the VMs configured and the data copied, the link to the van decided to stop working, so it seemed like a good time to do the upgrade. I took a spare switch and 4G router just in case something had actually died!

I then worked through my checklist, configuring NUT, re-IPing the switch, router, camera, roku, smart home, added the flics to the hub, recreating node red flows.

I hit an issue, every 5 minutes the wireless would go down, it looked like the AP was rebooting, ugh, the only spare I didn’t bring was an AP. I had a look around and couldn’t find anything, so ordered one of amazon to replace it. For 4 or 5 hours I struggled to complete my checklist with the wifi going down for about 30 seconds, every 5 minutes… every 5 minutes… there was something in the back of my mind, what would reboot the AP so regularly, but not impact anything else. Then I remembered the POE switch I use has a port watchdog, if it can’t ping the IP of the device attached it reboots the port. IP updated on the switch, wifi issues goes away and just in time to cancel the amazon order.

The upgrade was complete and I now have some bonus things I didn’t before, including, a stable connection, the ability to back the van up properly and a movie / TV sync to keep plex up to date. For the same price as the 2x Pi 4s I have a much more scalable and stable infrastructure ready for when a better internet connection comes along!

Photo showing gl inet router, switch and beelink mini PC in a cupboard
Posted on

Anisble

I have setup an ansible run book to update all my linux boxes, this post is mostly just my notes! Add User to host to be managed 
Create ansible user
visudo and add the following
# Allow ansible to execute
ansible ALL=(ALL) NOPASSWD:ALL

Copy key from anisble "server" to new host
ssh-copy-id -i /$HOME/.ssh/id_rsa.pub ansible@host

Check you can login without a password
ssh ansible@host
I have a simple runbook, that connects to the servers in a hosts file, updates and reboots servers if needed. 
update.yml

- hosts: servers
  become: true
  become_user: root
  tasks:
    - name: Update apt repo and cache on all Debian/Ubuntu boxes
      apt: update_cache=yes force_apt_get=yes cache_valid_time=3600

    - name: Upgrade all packages on servers
      apt: upgrade=dist force_apt_get=yes

    - name: Check if a reboot is needed on all servers
      register: reboot_required_file
      stat: path=/var/run/reboot-required get_md5=no

    - name: Reboot the box if kernel updated
      reboot:
        msg: "Reboot initiated by Ansible for kernel updates"
        connect_timeout: 5
        reboot_timeout: 300
        pre_reboot_delay: 0
        post_reboot_delay: 30
        test_command: uptime
      when: reboot_required_file.stat.exists
That’s it, simply create a hosts file along side the runbook and away you go. I have a little script that sits with those to two files to run the playbook. 
update.sh

su ansible -c "ansible-playbook -i /scripts/update-project/hosts /scripts/update-project/update.yml"
That’s all there is too it, it saves me hours of manual linux patching (also means I don’t forget my unloved servers)!
Posted on

It’s a lab in a box

Something I’ve wanted for a while is a mobile lab. Something in a flight case. Mainly because it would be cool, but also it would be nice to have a fully mobile setup to demo or use for small migrations.

I don’t have a budget for a lab in a box that will just sit there so the components needed to be reusable. I recently came across Beelink mini PC’s (I bought one for Sophie for her new Cricut machine) and I’ve been thinking about upgrading the caravan infrastructure. So I thought I would combine the two and design and build a lab in a box.

The main components:

    • Beelink Mini PC U59 Pro (N5105, 16Gb RAM, 256Gb M2 and 2Tb SATA drive, Dual Gb Network)
    • GL-Inet Slate Plus (same chipset as the “cirrus” I use)
    • TP Link Gb PoE Switch
    • TP Access Point
Beelink Mini PC
Beelink Logo
GL-iNet Logo
Slate Plus mini router
TP-Link Logo

The plan is to present a number of ports to the edge of the case. Extending beyond the walls of the case should allow more connectivity to the internal and external interfaces.

This month I will be building the “IT” bits of the build and hopefully next month buying the case and the ports. 

How is it reusable?

    • Slate Plus – Router – Can be used as a travel router with no changes.
    • Beelink U59 Pro – Server – Can be used as a Proxmox lab with no changes.
    • TP Link – PoE Switch / Access Point – Probably best left configured for lab.
    • Roku – Media Player – Can be used with any Wi-Fi (or combined with Slate Plus for travel).

How could it be extended?

With the external ports there are lots of options. You could add a NAS for migrations, plug in Broadband for a demo, tether it to your phone for a rural / mobile deployment (via WAN USB), join it to a conference / hotel wireless network for demos / watching films, download your plex library to the server for media on the go or even deploy it as an office in the box for DR / BCP, smarthome demo lab with Home Assistant, I’m sure there are more ideas to come!

Once it’s all setup I’ll publish a new post with pics. 

Flight Case

Update... It's a lab in a bag

I have finished the build and I am pleased with how it came out. Unfortunately for my budget lab I couldn’t spring for a case at the moment (v2 and I have the panel mounts!). Here it is completed! Just some cable management to sort out (possibly false bottom in the case).