Joe Tortorello - Projects

Here are some things I've been working on recently.

Want to know more about something? You can contact me here.

Most of this stuff and some more is also on my GitHub.

A reminder that all of the things I've done here rely strongly on countless hours of hard work by the open-source community. Please click through to projects' repository pages to see the long lists of contributors on each.

per-if-tables

Repo

With a Linux Kernel supporting cgroups, iptables 1.6+, and iproute2, one can create routing tables associted with a specific cgroup. per-if-tables is a script I created to be run by NetworkManager's script dispatcher feature, which will create cgroups and tables for one or more specific network interfaces and ensure that routes obtained via DHCP by NetworkManager on those interfaces are always attached to the appropriate table.

In practice, this means a user can have one or more process communicate only on a specified interface, even when the software being run does not allow the user to define which interface should be used. This can be used, for example, to achieve load balancing, or in combination with VPN software that creates virtual interfaces to route only specific applications over the VPN.

Smart home/IoT stuff

I have a self-hosted smart home system that runs on my LAN and does not rely on external services, or present a risk of back-door access into my network.

The system is basically an amalgamation of several excellent open-source smart home projects:

• The system is based around a message bus architecture. The protocol is MQTT, which is provided by the open source mosquitto server.
• Node-RED routes messages between devices and transforms messages as needed
• I have installed the Tasmota firmware on a large number of Sonoff S31 smart plugs. These are WiFi devices that connect directy to the MQTT server for communication. Installing the firmware involves taking the device apart and connecting to test points on the device's board with a RS232 adapter.
• For a couple of weirder devices, OpenBK7231T is used. These are also WiFi devices that connect directly to MQTT.
• The remainder of my devices are Zigbee based. These include a bunch of battery-powered buttons, and a couple motion sensors. Devices that use the Zigbee standard do not need to be modified to work on my system.
• zigbee2mqtt does translation between the Zigbee network and the MQTT server.
• Everything runs on a physical server on-site, which can send MQTT messages across the LAN, and also has a simple Zigbee USB adapter to communicate with the Zigbee network. zigbee2mqtt is configured for the server to act as the coordinator in the Zigbee network.

I currently am using an Ecobee 4 smart thermostat for HVAC control. This is not modified and exists outside of my self-hosted system. I haven't found a good solution for a WiFi or Zigbee thermostat that can be used on an exclusively self-hosted network. Suggestions welcome.

FirefoxPackager, ThunderbirdPackager

Repo: FirefoxPackager

Repo: ThunderbirdPackager

I got tired of the Debian packages for Mozilla Firefox and Thunderbird always being out of date compared to the official releases. These scripts pull the generic Linux release of the products from Mozilla and build a Debian Debian package with a reasonable install dir, support for setting the default browser, and application shortcuts.

selinux-policy-httpd-read-dnsmasq

Repo

If you're like me and have the very specific need for httpd (or a process it launched like PHP) to be able to read the leases file created by dnsmasq, on a system that has SELinux enforcing, this policy is for you. After you have this, you could make a webpage that shows all the current DHCP leases, for example.

mime-decode

Repo

CLI utility for decoding MIME (RFC 2047) encoded text. This is used by my self-hosted email server to pass message content to external programs for spam filtering.

Kickstats

Repo

Kickstats was a project to explore data from the Kickstarter crowd funding platform, with the goal of determining which properties of a project influence its level of success.

There is a full description of the project at kickstats.org.

Self-hosted e-mail

Yes, I really still self-host my e-mail. The e-mail system uses a variety of open source applications that probably also still power many commercial e-mail services. If you write a message on the contact page, it will be routed through my own server.

The server should be compatible with any other standards-compliant e-mail server, and in practice I have been able to receive from and send to almost anyone. However, there are a few services that want will not accept email that is not from one of the major public providers. For this, my server has the capability to send email through my old Gmail account. Gmail is configured to forward inbound e-mails to my server without altering headers, so I can recieve responses and conduct a conversation without the other server knowing that Gmail is just a pass-through server in this case.

I have a diagram very generally showing the various pieces of software in the system and how they communicate here.

I originally ran the mail server on Ubuntu Server and have ported it to CentOS. The migration is difficult because different distribution packages tend to give different default configurations, and may store config files in different locations. To bring the server up to date, I'm currently working on migrating it into Docker so its not such a pain the next time I have to move servers.