Upgrading Radiant Heating with Home Assistant

Like most houses in the UK, I have “wet radiant heating”. If you have radiators on your walls or an underfloor heating system that uses pipes, chances are you do too. There are several commercial systems for upgrading these to smart heating including the Google Nest (you’ll also need the Heat Link), Hive, and Tado. Out of the three, only Tado can control each radiator individually, though all are rather expensive at ~£200 ($256) each.

As a second wave of winter approaches the country, I set out to build my own automated heating system for a fraction of the cost. This is obviously customised to my particular setup, though you can easily add more or less to suit yours.

Caution. This project involves mains electricity which can kill you. If you have any doubts as to what you’re doing, stop and contact a qualified electrician. I can guarantee that they will be happy to help you avoid getting injured.

Caution. Many heating systems involve gas boilers. Faulty gas systems can, and will, kill you and others. If you are not formally qualified do deal with these systems (i.e. CORGI registered), do not attempt any alterations to the gas side of your system. Stop and contact a qualified plumber or gas technician who will be happy to help.

Continue reading Upgrading Radiant Heating with Home Assistant

Installing Home Assistant, Mosquitto & AppDaemon on Debian

Update 2021-03-24: Since writing this article, the dependencies for Home Assistant haven’t changed much, however new VM images are now being released that have all the work done for you. I’d now reccomend using one of these instead of the steps detailed below.

As part of some hardware upgrades, I’m moving Home Assistant and it’s associated programs off it’s shared box onto a dedicated VM. This means a fresh install of everything. Whilst docker would usually be an ideal candidate for this, I decided against it because I use a few custom components and troubleshooting these is a lot easier without Docker.

Continue reading Installing Home Assistant, Mosquitto & AppDaemon on Debian

Accessing Multiple Services over HTTPS via SNI Proxy

Like most people (OK, maybe not most…), I have a range of locally hosted services that I like to access remotely. Because of the joy that is IPv4 depletion (long live IPv6) I’m forced to use different ports for internet access, which is hard to remember and annoying to set up. And because the internet is a bad place, I prefer to use encryption where possible to keep everything safe on it’s journey across the internet. Sure, something like SSH tunnels would work, but that would still require remembering the different port numbers, and isn’t compatible with all devices (such as mobile clients).

Enter SNI Proxy

After some research, I decided to put an end to both these problems, with an install of SNI Proxy. SNI Proxy is a generic HTTP and TLS proxy that identifies the internal host from TLS’ server name indication (SNI). This allows it to seamlessly proxy multiple services on the same port, and heavily increase the WAF for services like https://coffeemachine.jacobmansfield.co.uk and https://photos.jacobmansfield.co.uk . It also makes a nice place to centrally manage SSL certificates and Let’s Encrypt renewals I was under the impression that SNI Proxy could also terminate an HTTPS/TLS connection, though this now appears to be incorrect. (Though I do this on each host, as SNI Proxy doesn’t handle my IPv6 traffic). So, let’s get installing.

Continue reading Accessing Multiple Services over HTTPS via SNI Proxy

Adding Android Widgets Without User Interaction

As part of an ongoing project, I’m building a simplified replacement for Trebuchet (Android’s default launcher). One aspect that I need to simplify is showing Widgets on the launcher without requiring the user to add them by hand. Normally, Android restricts this by requiring apps to use the AppWidgetManager.EXTRA_APPWIDGET_ID  intent to launch a system picker. The only way around this is for system apps to request android.permission.BIND_APPWIDGET in their manifest, so this method is only available on rooted devices where the app is installed at the system level (in /system/app  or /system/priv-app). Continue reading Adding Android Widgets Without User Interaction

Fancy Android Version Numbers from Git

I recently started working on several Android projects, including a custom automatic updater (the target devices won’t have internet access, let alone the Play Store). While the system is working wonderfully, it relies on detecting changes in the app’s version number. Which I keep forgetting to change. As with most of my projects I’m using Git for version control. So let’s do something fancy, and generate the android version number from git’s commit and tag information. Continue reading Fancy Android Version Numbers from Git

YRS Festival of Code

Young Rewired State Festival Of Code 2015 LogoThe pride and joy of Ruth Nicholls, the YRS Festival Of Code, starts up again next week. With coding opportunities for under 18s at 66 different locations across the country and beyond, there’s no reason anyone technically inclined can’t take part. Personally, I’m mentoring in a centre at Redgate Software, in Cambridge, helping 20 young coders, designers & developers find their calling, and home their skills.

The centres include an online ‘virtual’ centre, and ones in Times Square, New York, Bern, Switzerland, and Prishtina, Kosovo (that last one is in the south of Serbia, I had to look it up). There’s also loads of other centres across the country, so there’s always that’s convenient to attend.

The week is spent building apps, websites, games, and even hardware-based hacks, inventions, and other crazy contraptions, all involving open data. At the end of the week, all 1,200 contestants meet up in Birmingham, where they present their projects to expert judges, mentors, the press, and other participants. The best entries from each group will go through to the finals, where prizes are awarded for the a range of different categories. This year’s prizes haven’t been announced yet, but rumours say they include Amazon and Pimoroni gift vouchers, an awesome-looking 3D printer, a quadcopter drone, and even a McLaren F1 experience! This year’s categories include:

  • Best Example of Code
  • Best Example of Design
  • The ‘Should Exist’ Award
  • Code a Better Country
  • Best in Show
  • The People’s Choice

Unfortunately sign-ups for centres closed back in July, but if you’re a participant, a mentor, or a volunteer, you’ve still got time!

Installing Skype on Debian Jessie

Skype LogoGoing to keep this one quick, here’s a quick guide for installing Skype on Debian Jessie. This is based on version, but should just need a URL switch for newer versions.

wget http://download.skype.com/linux/skype-
tar xvf skype-
cd skype-
sudo aptitude install libxv1:i386
sudo aptitude install libxss1:i386
sudo aptitude install libqtdbus4:i386
sudo aptitude install libqtwebkit4:i386

From there, you should be able to log in and chat away. Details on autostart (on login) to follow.

Shrinking Raw Disk Images

I recently had a Raspberry Pi image that I wanted to deploy to several Pis (is that the right plural?) for production use. During development of this, I worked on a 32GB SD card for some breathing room, but to save costs, we decided to deploy onto 4GB cards.

This left me with a small issue. Although the file system on the SD card was only using 2.5GB of space, any image files from it were still 32GB, far too large to go onto the SD cards. I need to remove the white space from the end of the image to make it fit. So, here’s a quick tutorial on shrinking raw disk images.

Continue reading Shrinking Raw Disk Images

Testing for SSL Vulnerabilities

2015-04-28 16_15_44-SSL Server Test_ jacobmansfield.co.uk (Powered by Qualys SSL Labs)
Qualys Labs Server SSL Test for jacobmansfield.co.uk

So around now is the annual SSL certificate renewal for most of our internal servers, and I thought it would be a good idea to check them all for SSL/TLS vulnerabilities. A quick Google later, and I’m looking at Qualys Labs SSL Server Test. The scan is nice and shiny, and give an instant (2-3 minute) overview of a server’s security. It also takes care of DNS round-robin to make sure all your servers are handled (though sites with HLBs or similar may need more attention).

Continue reading Testing for SSL Vulnerabilities

Non-matching records in T-SQL One-to-Many Relations

I was recently tasked with finding all the people in our CRM software that lack email addresses, and with around 3000 contacts, there was no way I was going to do it by hand. SQL to the rescue!
There was just one issue, email addresses are stored in a different table to allow each person to have multiple addresses on file. After a bit of digging around, I came up with this:

    FROM CRM.dbo.People
    LEFT JOIN CRM.dbo.Emails
    ON CRM.dbo.Emails.PersonId = CRM.dbo.People.PersonId
    LEFT JOIN CRM.dbo.Companies
    ON CRM.dbo.Companies.CompanyId = CRM.dbo.People.CompanyId
) AS T
WHERE T.EmailAddress IS NULL

Let’s go through this line-by-line so we can see exactly what it does.

Continue reading Non-matching records in T-SQL One-to-Many Relations