Łukasz Moskała's personal website

To keep this short: 21-year-old sysadmin in love with FreeBSD. I can write code in C++, C++ with Arduino framework, golang, shell scripts and ansible playbooks.

I enjoy thinkering with some obscure hardware, especially if it's on architectures diffrent than x86. I have sparc T3-1 server, two ibook g4's, LTO3 tape drive (with changer), and borrowed IBM workstation on powerpc.

I prefer using jails over virtualization, because of lower overhead. That's how most of my self-hosted things are set up.

I started using linux around 2013-2014, when I got my first raspberry pi. Since then I switched from windows to ubuntu, and later to arch. I later discovered FreeBSD, and started liking it more and more, eventually migrating most of mine servers to it. I used to have it installed on company laptop in my first job, since my colleague challenged me to do it.

I prefer using ipv6 when possible, most likely due to the fact that I have one public ipv4 address, while having 1208925819614629174706176 public ipv6 addresses. Unfortunately, my ISP is stuck in the 90's, so I have to use tunnelbroker.net.

I suck at web design, which you may have guessed looking at this page. It's written by hand, without any kind of website generators. However, I don't call it ugly, I call it accessible - you can even view it in text-based browser! Also, you don't need much bandwidth to open it(and server does not have much bandwidth, see below). So if you are connecting to the Internet using IPoAC/rfc1149, you still should be able to open it. It should also be able to display properly in browsers without CSS support, however users may subject themselves to looking at white background, as for me, primary usage of CSS is to create dark themes.

My favourite technical specifications

There is a few specifications that I like, unfortunately they aren't widely used.

I put this section more to benchmark GZIP capabilities of my web server, than for anything else, but I'll leave them here.

Contact me

My matrix username is @rezystor:im.mlody.eu. Or you can email me: lm at lukaszmoskala dot pl, here is GPG key if you want to encrypt message: 27EDFEC7B14D3842413708E9730035CF58EFFF54.

SPARC T3-1

Here should be some notes about using SPARC T3-1, but recent openbsd versions no longer boot and I didn't have the time to figure it out. At least solaris works.

Troubleshooting FTP

First step to fix any problem with FTP is to finally stop using FTP. Instead, you could use one of these alternatives:

Yes, I wrote this section only to say that FTP must die.

Hacking Dodge Challenger

I connected esp32 to CAN-C bus on my dodge challenger. After sniffing some traffic and trial and error, I figured that everything with message id 1C0 comes from keyfob receiver.

After more trial and error, my results are that:

Message IDbyte0byte1byte2byte3byte4byte5action
1C0230000881100unlock door
1C0210000881100lock door
1C0690000801100remote start (note byte 3)
1C06A0000801100cancel remote start (note byte 3)
1C02B0000881100open windows (only a little bit, needs to be sent multiple times. 300 times with 10ms delay between sending works for me)
1C02E0000881100panic
1C0250000881100open trunk

If your car does not have remote start, I'd be curious to see if sending remote start command will still work. If you have 2015+ dodge challenger (or charger, it shouldn't matter), and want to try it, contact me and I'll send you source code for esp32.

Why am I doing this? well, my garage is too far from my home for remote start to work. So, I need to find workaround, namely do it over WiFi or LTE.

I am considering connecting it to my homeassistant, but I need to work out a few things. First, am I happy with features listed here, or do I want more (reporting fuel level, reporting mileage, control of HVAC)

I will probably want HVAC control, since my goal is to use remote start to start car, then set HVAC to whatever temperature I like, and when I come to car it's nice and warm in winter.

If I will go with LTE, am I happy with using MQTT over TLS, or do I want to also use VPN? Do I want to require commands sent to car over MQTT to be signed with asymmetric cryptography? I mean, every smart home device in my home has access to this MQTT server. Do I want to use seperate MQTT server for it? As you can see, this project is in very early stages, and there is a lot of do before it'll work as I want it to work.

Yes, after remote start HVAC is set to what it was when turned off. But I want remote control of that.Check engine light came on when I tried to connect to CAN-IHS, and I had to go to my mechanic to clear it. I'm not trying it again soon.

Remote starting this way behaves exactly as when remote started with keyfob. Namely, if I'd start the car, someone broken in and tried to drive away, car will turn off once you try to put it in gear. You need to unlock doors with keyfob/keyless entry if you want to be able to drive.

Update 25.06.2022: I have finally decided how I want to do it

I used esp32, with SIM800 modem, connected only to CAN-C bus. So I can only send commands described in table above, but I'm happy with that.

In the future, I plan to add GPS to the mix, so that I can track my car.I added GPS. Thankfully, ESP32 has 3 hardware UARTs, so I can use one for debugging, one for modem and one for GPS.

When my garage wifi network is in range, modem is shut down to save power, and esp32 connects over wifi. WiFi connection is always preferred due to lower power consumption than modem. Power consumption measured from 12V input, before buck converters, ranges from 30mA to 220mA (at 12V), depending on what the modem is doing.

Esp32 connects to dedicated MQTT server, which requires mutual TLS authentication, and the only other device conencted to it is my node-red server. I defined helpers in homeassistant, then I'm waiting for events related to them in node-red, and on certain events commands are sent over mqtt to esp32.

Messages from esp32 are routed via node-red to my main MQTT server, and those topics are defined in homeassistant as sensors (these are: last command, network connection (WiFi or 2G), uptime, WiFi BSSID and WiFi RSSI, 2G signal quality, location, altitude, speed (from GPS), satellite count and HDOP)

I have defined helpers (mostly input_button) in homeassistant, and clicks on those are processed by node-red, which then checks if it was me who clicked it (and not my dad for example), and then sends MQTT command to car.

I have also defined input_time helper, to define automatic start at specific hour. If car is in garage, garage will be automatically opened before starting car. Since I work from home, it's not too usefull right now, but it could be if I'd be commuting regularly to the office in winter (I don't plan to do that)

I belive remote start is not allowed in most of Europe, but I don't live in city, so there is basically no one to enforce that.

This website is hosted on Arduino

Update: 08.03.2022: it's no longer hosted on arduino as it was painfull to maintain. It's now hosted on OpenBSD

Yes, really. But why, you may ask? Well, because I can, and because I wanted to learn some new things. I'll give you some details about this configuration.

First of all, TLS is terminated at haproxy, not on arduino, because it's too heavy for arduino's 84MHz processor

So, I'm using Arduino Due, for multiple reasons:

For networking I'm using enc28j60. There is one main reason for it: it works on boards with 3.3V logic level. Website files are stored on w25q128 flash module (128Mb, or 16 MiB).

On-disk format is propriertary, and I call it yar (I really tried to come up with something that can have yarr as an acronym, but my creativity failed me, yar stands for yeet archive).

Yar format is rather quite simple, you have FLT (file lookup table, yes, I came up with this name on my own too) on the beginning of flash, then you have the files itself one after another, without any seperator between them. FLT stores only basic information, such as:

Entire FLT is loaded to RAM on startup. Arduino due has 96k of RAM, so it's not really an issue. I have tools for manipulating yars and uploading them to arduino (over UDP). It's also protected with password, consisting of 16 random bytes that I found in /dev/urandom on my PC.

Performace

Tested with image of my cat, I got around 120kB/s. Maybe with some tuning I could get more, maybe not, but for sure I don't care about that.

Someone here says that he gets 144KBytes/second, so I guess that my result makes sense, considering that I have to also read data from flash.

Compression

Every file that has MIME type starting with "text/" is saved in flash in two copies: raw and gzipped. Then, if client sends accept-encoding gzip, arduino serves the gzipped version. I couldn't do compression on arduino side. And even if I could, it'd kill performance.

Used libraries

I used EthernetENC and SPIMemory libraries. I specifically didn't want to use library that would give me FAT32 filesystem on flash, as I wanted to create my own, just for the learning expirience.

Picture

Click on image to enlarge.

I'm considering creating custom shield for arduino, which will have flash memory built in (soldered) and pins for connecting ethernet module. I will add photo when I will finish it.

Aside from that, I'm thinking about adding some LEDs displaying status, so for example it will light up when serving request or during writing image.

Images have bad quality, because I had to make them small, so that they don't take forever to load. Maybe I will consider implementing mod_pagespeed somehow ;)

Error messages

Error messages are pictures, that I hound at this great website called http.cat. I use them for every error code that I can generate with my web server, with exception of 503 since 503 is displayed when flash is being updated, which means that I cannot reliably read it then.

Automated garage door opener

I'm using homeassistant. When I got new garage, I wanted to make it so that it opens automatically when I'm driving home, and closes when I leave home. So I needed to control the garage from homeassistant.

I ended up using esp8266 with relay to simulate button press, and two sensors, first one closes circuit when garage is closed, second closes circuit when garage is open. When both are open then the garage is in undefined state, and will not accept any controls. Esp8266 listens on it's topic on mqtt, and there either comes OPEN or CLOSE command from homeassistant.

But how does homeassistant know when to open and close the garage? Actually, it's simple: I have one hc-12 module in the garage, connected to thin client running FreeBSD, and second connected to arduino nano in my car. When car is in close proximity, communication between those two can happen, when car is off (so no power for arduino) or car is away, no communication happens.

Communication scheme is very simple: garage sends request, to which car either responds or not.

As far as security goes, I didn't really care - this is standalone garage, so entering garage does not give you access to house. Worst case you can steal thin client worth about $6. This doesn't mean I didn't implement any security features. I decided to encrypt communication with AES-256. This however, gave me no protection against session replay attack. So I decided to add RTC to arduino, and change encryption key every 5 minutes. Initially it was 1 minute, but RTC drift caused problems. Additionally, two last bytes in requests are what I call session replay protection code. On response, they have to arrive in reversed order than in request. So if request contains 0xdead, the response should be 0xadde. It's probably still possible to somehow break the encryption key, because beginning of the message is always the same, but, if someone does that just to break into my garage, he may as well break the lock in side doors. Also, in the next 5 minutes, the key will be diffrent again.

Garaged, my software that I use for detecting presence of cars, sends AVAILABLE to homeassistant on first successfull response from car, and GONE after about 2 minutes after last response (so that I can get out of garage before it gets closed)