On July 3rd, 2024, I ended up dealing with one of the messier Kubernetes situations I’ve encountered: upgrading an EKS cluster that had effectively been left behind for years. The push to upgrade wasn’t optional as the cluster version was approaching the end of extended support from AWS, and staying on it meant continuing to pay the higher extended support costs.
Door alarms have gotten more sophisticated over the years, but many newer systems are proprietary or comparatively expensive, especially when using Zigbee or similar ecosystems. The older 433 MHz sensors are cheap, simple, and widely available. Most of them use fixed-code amplitude encoding (1527, typically based on the EV1527 chip). The downside is range. In practice, the signal quality from these devices and the common receivers sold online can be poor. If the distance is more than a short span, something has to relay the signal.
A personal Vault instance or paying for AWS secrets manager is overkill for personal projects, especially ones with local or mixed environment setups. A local encrypted file, like a .enc Ansible can use, is annoying to edit. KeepassXC offers a GUI, familiar interface, and pathing system which makes it a viable alternative.
I purchased three mini computers on Black Friday to use for K3S learning and self hosting. Naturally, I want to access the cluster from the internet but there are some issues. The house only has copper run to it so the only internet options are cellular and Starlink. In both cases, port forwarding is next to impossible due to firmware restrictions and CGNAT. I will be explaining how I accessed the HTTP services via Cloudflare Tunnel.
If you want to deploy with Terraform, look here.
I purchased three mini computers on Black Friday to use for K3S learning and self hosting. Naturaly, I want to access the cluster from the internet but there are some issues. The house only has copper run to it so the only internet options are cellular and Starlink. In both cases, port forwarding is next to impossible due to firmware restrictions and CGNAT. I will be explaining how I accessed the HTTP services via Cloudflare Tunnel.