Fix broken automount mounts on macOS Catalina

I’ve moved my iTunes music library content to my NAS. I’m using automount to keep iTunes happy without losing the connection to the files. After upgrading to macOS Catalina, automount did not work as it used to.

Reason is the changed structure in the APFS container. If you have a look at the disk utility, it will show you a system container and a user container. The system contains macOS and is write protected, while the user container contains all your apps, data and so on.

You’ll just have to prepend your existing automount paths with /System/Volumes/Data. Now you’ll just have to run

sudo automount -vc

and the automounts are working again.

I had to change the iTunes settings back to my automount folder, as the upgrade to Catalina reset it to its default location in your users folder.

Setup WireGuard VPN on Raspbian

I’m already using OpenVPN but heard only good things about WireGuard VPN. For my current project, I need a VPN connection to my home network. I do not want to mess with my currently working OpenVPN setup, so I tried to setup WireGuard VPN on Raspbian.

Start with updating your installed packages. Its especially important to install the raspberrypi-kernel-headers before the WireGuard installation.:

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install raspberrypi-kernel-headers

I’ll use pivpn as setup script. You can install it with curl piping the script to bash like this:

curl -L https://install.pivpn.io | bash

However, if you don’t trust that source and doesn’t want to execute it unseen, you can also check the script content first or download the script separately to your machine first.

I’ve followed now the installation steps which are already pretty good explained by others:

What’s nice about this script is, that it will also detect installations of pi-hole running on the same machine.

I’ve used the script to setup WireGuard (as it also supports OpenVPN). I’ve selected the default port 51820 and created a port forwarding rule in my FritzBox router. After the installation completed, you’re asked to do a reboot.

Now we’ll create a new WireGuard profile using

sudo pivpn add

The script just asks for a profile name and will place the generated profiles in the users home under the config folder.

Setup on the client machine is similar. But instead of using the script for installation, we’ll use the version provided by the Debian repo. I’ve followed these instructions:

sudo apt-get install dirmngr
echo "deb http://deb.debian.org/debian/ unstable main" | sudo tee --append /etc/apt/sources.list
sudo apt-key adv --keyserver   keyserver.ubuntu.com --recv-keys 04EE7237B7D453EC
sudo apt-key adv --keyserver   keyserver.ubuntu.com --recv-keys 648ACFD622F3D138
sudo sh -c 'printf "Package: *\nPin: release a=unstable\nPin-Priority: 90\n" > /etc/apt/preferences.d/limit-unstable'
sudo apt-get update
sudo apt install wireguard

I’ve transferred the created config from the WireGuard host to the WireGuard client and ran

sudo wg-quick up <ProfileName>

And it established really fast a connection. However, my problem was now that the SSH connection broke because all of the traffic to and from the client was going through the WireGuard VPN (like you would have used it for your phone when you’re in an unsecured WiFi and want to redirect all traffic through the VPN).

Luckily I was able to stop the connection by SSHing from the WireGuard VPN to the assigned IP of the WireGuard client and by using

sudo wg-quick down <ProfileName>

The question is now, how can I configure WireGuard Client to just know the route through the VPN to resources in the host network or vice versa how I can configure the WireGuard Host to provide other machines in the network a route to the connected client…

Use all-inkl.com DDNS with Synology DiskStation

I’ve recently upgraded my all-inkl.com webspace to the PrivatPlus tariff. As part of this tariff I’m now able to use DDNS running under the Domains I’m able to manage.

Setting up DDNS in KAS is explained quite well. However, I did not see instructions on how to use these credentials on a Synology DiskStation OS. Luckily, somebody else did this already.

The important part was, that when you’ll need to customize a DDNS provider first before it can be setup in DiskStation settings.

  • Go to Control Panel, External Access and click on Customize
  • Add a new name for the DDNS provider, e.g. All-Inkl.com
  • Use this Query URL (for IPv4): dyndns.kasserver.com/?myip=__MYIP__
  • Now you can add a new DDNS entry
  • Select All-Inkl.com as provider
  • Enter the credentials as required
  • Enter the hostname you want to setup for DDNS
  • Click on “Test Connection”
  • The state should be “Normal”
  • Click on “OK”

Auto mount NFS shares on Raspbian

I’m using influxdb on my Raspberry Pi in combination with a NFS mount. The NFS mount is on my Synology NAS and should store the database data of influxdb. Reason for this setup is that I fear that the SD card won’t survive the many write/read cycles caused by a database writing to it.

The shared folder on my Synology is configured to be accessible by various IPs in my network:

The problem with Raspbian is that I’ve tried to auto mount the NFS share on startup, so that the influxdb service can directly write to the NFS mount. 

I’ve used these settings in my /etc/fstab to mount the volume automatically:

<DS IP>:/volume1/databases /mnt/databases nfs auto,user,rw,nolock,nosuid 0 0

This doesn’t work properly since my influxdb is often dead after a restart, but if I check the mounted volumes I see the NFS volume mounted properly.

However, there’s a tool called autofs which already helped me with a similar problem on my Mac when I moved my iTunes library to the Synology share.

Install autofs using

sudo apt-get install autofs

Open the file /etc/auto.master and add something like this

/mnt    /etc/auto.databases     -nosuid,noowners

Now create a file called /etc/auto.databases with this content

databases       -fstype=nfs,user,nolock,nosuid,rw <DS IP>:/volume1/databases

Unmount the existing NFS share. Remove/comment out the line for the nfs mount in your /etc/fstab so that it doesn’t conflict with autofs. Restart autofs with

sudo service autofs restart

Now check the content of your mount point with e.g.

ls /mnt/databases

Autofs should now automatically mount the NFS share. This might take a while, which is a good sign that the mount is loaded. You can also verify with

mount

that your NFS share is mounted to e.g. /mnt/databases. If you’ll restart now, influxdb should be happy on restart. When it tries to start, autofs will see the access to the mounted folder and will mount the NFS share before influxdb can start up properly.

Configure influxDB to store its data in a different folder

The default location of the influxDB data is /var/lib/influxdb. If you want to change the location, you’ll need to configure three folders to be in a different place. The changes should be done in the file /etc/influxdb/influxdb.conf

...
[meta]
  # Where the metadata/raft database is stored
  #dir = "/var/lib/influxdb/meta"
  dir = "/mnt/databases/influxdb/meta"
...
[data]
  # The directory where the TSM storage engine stores TSM files.
  #dir = "/var/lib/influxdb/data"
  dir = "/mnt/databases/influxdb/data"

  # The directory where the TSM storage engine stores WAL files.
  #wal-dir = "/var/lib/influxdb/wal"
  wal-dir = "/mnt/databases/influxdb/wal"

I’m using this to store the data on a NFS share which is mounted automatically. If you want to keep your existing data, move the existing content of /var/lib/influxdb to the new location.

Make sure, that the new location is owned by influxdb user and group.