Author: lpaulriddle

New Router Follow-up

lpaulriddle

Today, I finally got the house to myself for long enough to take the home network down and swap our Verizon FiOS router out with a new Ubiquiti Unifi Cloud Gateway Ultra. I had spent a good while researching how to do this, and a week or so ago, I wrote out a step-by-step plan. As with everything in life, it didn’t go quite according to script, but overall, it went smoothly. Over the next few days, we’ll see if anything needs adjusting, but for now, the network is back up, connected, and ostensibly working fine. Here’s how it actually went down.

  1. I gathered everything noted in step 1 of last week’s list: MAC addresses for static leases, local DNS names, UI device SSH credentials, Ethernet adapter and cable for laptop. I also downloaded the Unifi app for my phone, and made sure I had access to my ui.com login credentials. Of these, the only things that proved essential were the Ethernet adapter/cable and my ui.com credentials. In particular, I did not need the phone app (read on).
  2. I created a full backup of my old Docker-based Unifi controller. It was about 13M.
  3. My original list included a step to remove the FiOS router from the Unifi controller’s device list before creating a backup of the settings. This was not necessary, or even possible, as it turns out that the Unifi controller doesn’t treat third-party routers as managed network devices. Therefore, there was no device to remove in the first place.
  4. I created a settings-only backup of the old controller, which was only 25K. However, I ended up not using it.
  5. I powered the FiOS gateway down and unplugged it. I did not do anything special to release its DHCP lease. I ended up having to briefly reconnect it to identify the cable running to the ONT (I have a bunch of disconnected CAT-6 cables in my wiring closet). Lesson learned: mark the cable somehow before disconnecting it and walking away. 😀
  6. I powered UCG-Ultra up and connected the ONT cable to its WAN port. My original list had me connecting the Ethernet first, but the setup guide says to connect the power first. In reality, I suspect it doesn’t matter much.
  7. The display on the UCG lit up with the Unifi logo, then a progress meter appeared at the bottom, and after a few minutes, it displayed a message that it was ready to configure and reachable at IP 192.168.1.1.
  8. This is where I thought I needed to connect with the mobile app over bluetooth, but it turns out that’s not necessary. The initial setup can be done over Ethernet using a laptop connected to one of the UCG’s LAN ports. All I needed to do was connect and point the laptop to http://192.168.1.1. Initially, I didn’t think it was working, as all I saw was a black screen. It turned out that it either doesn’t like Firefox, or doesn’t like one of my Firefox extensions or settings. When I tried with Chrome, it brought up a splash screen and let me proceed to configuration. I chose the option to restore from a backup, which prompted me to log in with my ui.com credentials, and then dumped me into the UCG’s web interface.
  9. The setup updated the UCG’s firmware/controller to version 8.2.93, which is the latest version as of this writing, and also the same version that I was running on the old Docker controller. I had this listed as a separate step, but it all happened automatically. It’s worth noting that during the upgrade, it displayed a screen saying it would take “about 5 minutes”, but seemed to stay there indefinitely. After 10 or 15 minutes, I tried re-connecting, and found that it had completed.
  10. At some point during this whole process, external Internet connectivity started working on my laptop. I can’t remember quite when, but I’m pretty sure it was before I restored the backup from the old controller. I suspect it was right after I “adopted” the UCG to my Unifi account. Initially, my Firefox browser displayed a “captive portal” banner similar to what I’m used to seeing on public guest WiFi portals.
  11. I restored the full backup from the old controller, which took a couple of minutes, and required a restart of the UCG. Again, the web browser experience through the restart wasn’t the smoothest, but it came back up just fine after a couple of minutes.
  12. At this point, I didn’t have any of the downstream network equipment connected to the UCG. I had planned to manually add static DHCP leases for the devices that needed them, but this wasn’t possible — after the restore, the UCG already “knew” about the device I tried to add, and told me that the MAC address I was trying to add already existed. I couldn’t find a way to go in and mark the reserved lease with the device disconnected. So, I just moved on:
  13. I connected my downstream gear to the LAN ports on the UCG, and after a few minutes, everything was working and had external connectivity, including the WiFi, with the same IP addresses they had before I swapped the router out. I’m not sure what will happen with regards to the DHCP leases, but I’m assuming the router will just treat them as new leases. The UCG’s default DHCP lease lifetime is 86400 seconds (24 hours). At this point, I was also able to go in to the devices that needed static IPs and mark them as “Fixed IP Address” (accessible by selecting the device and then clicking the settings icon). I assume that will do what I need.
  14. Next up was to go to the old controller and override the set-inform URL for the Unifi gear, so it will all start talking to the new controller. However, to my bemusement, I found that everything had already moved over without my doing anything. I thought maybe this was a new “feature” or something, but it turns out that it happened completely by accident. I logged into one of my APs via SSH and took a look at the log file. The original inform address was configured with a local DNS name (vs an IP address), and the DNS name was in turn configured into the old FiOS router. When I took the old router offline, the devices could no longer resolve the DNS name. After several unsuccessful retries, they eventually fell back on 192.168.1.1, which is where I wanted them anyhow — a happy coincidence.

Still to do:

  • Factory-reset the old FiOS router in preparation to return it to Verizon. I’m hoping this can be done via a physical button on the router. If not, I’ll need to somehow hook it up to an isolated network so I can connect to the web interface.
  • Figure out a local DNS strategy. I want to eventually route all of our DNS traffic through a Pi-hole, but I’m not sure if I want to manage local DNS names there, or on the UCG, and I’m not sure if I want the UCG in front of the Pi-hole, or vice versa. The FiOS router didn’t allow me to change the DNS server(s) it handed out via DHCP, so some of these configurations wouldn’t have been possible previously. I’ll have to think about this a bit.
  • Finally cancel our landline phone. I think I can get a 1G/1G FiOS connection for less than I’m paying for 512/512 FiOS + an essentially useless landline.

Zeke’s Beans of Summer

lpaulriddle
  • Beans: “Beans of Summer” from Zeke’s Coffee (Baltimore, MD)
    • Roast level: Light (3/8)
    • Origin: Indonesia, South America, Central America
    • Roast date: 7/8/24
    • Purchase date: 7/8 or 7/9/24 at Green Valley Marketplace in Elkridge, MD
  • V60:
    • 21g to 22g coffee / 300g water
    • JX: 20-25 (60-75 clicks)
    • Water at 99°C
    • Recipe: Single Cup V60 Pourover with size 1 dripper
  • AeroPress:
    • 18g coffee / 250g water
    • JX: 20
    • Water at 99°C
    • Prismo + metal and 1 paper filter
    • Pour to 50g / stir to wet / bloom until 0:45 / top up to 250g / stir 5-7x front to back / steep until between 2:30 and 3:00 / stir 5-7x again / press slowly

I bought these close to the day they were roasted, and let the bag sit for 10 days or so before opening it. First cup in size 2 dripper at grind setting 20 was pretty good. Second cup at setting 19 was good as well. Started getting a little bit of bitterness at 18. Backed off to 20, and it was still bitter. Tried setting 20 in plastic size 1 dripper and later in the ceramic size 1 dripper, and both cups were good. I’ll keep it there for the time being and see how it goes.

Like most Zeke’s beans, these appear to be washed, leave very little fine residue in the grinder, and drain down quickly in the size 2 dripper and even faster in the size 1. I’m wondering if these beans are similar to Zeke’s Snow Day Blend, which required a really coarse grind in the larger dripper. Maybe the key to avoiding bitterness with these is to make sure they finish draining down by 2:20 to 2:30, which would make the coarser grind appropriate for the larger dripper.

7/26: These are starting to want a coarser grind now no matter which dripper I use. I tried setting 25 with size 2 V60 this morning, and it wasn’t bitter, but not what I would call a perfect cup either. It seemed maybe a little bit under-extracted. I wonder if it would be better if I went back to a finer grind and dropped the water temperature 10 degrees or so. I might try that this afternoon.

7/28: Ignore most of the above. It has proven challenging to get a good cup with these beans with the V60. Grind setting 20 with 90C water was bitter. Setting 30 at 100C was sour and under-extracted. I think the coarser grind is the appropriate setting for pour-over, but with the V60 (both sizes) It seems like the water is draining too quickly for proper extraction. It might turn out better if I brewed a larger quantity at a time (say 500-600g). Maybe a thicker filter would help, if such a thing exists. Or, perhaps a different style of dripper (Kalita Wave?) would give better results. For today, I switched to the AeroPress (recipe above) and it produced a much better cup than anything I’ve gotten with the V60 recently. I’ll probably stick with that until the beans are used up.

New Router

lpaulriddle

As part of an ongoing project to get rid of our landline phone (which nobody calls any more except spammers), I am looking to replace our Verizon FiOS Quantum Gateway router with my own router. There’s nothing wrong with the FiOS router, but when I contact Verizon to switch our plan to internet-only, I want to get rid of the monthly router rental fee. All of our other networking equipment is Ubiquiti Unifi, so I’ve decided to stay in that ecosystem and go with a Unifi Cloud Gateway Ultra. The FiOS router is currently connected to the ONT via ethernet (we switched off coax a few years ago), so “in theory”, it should be a drop-in replacement. Our network is fairly simple, with a couple of switches and a couple of WiFi access points, and the Unifi controller software currently runs on a local LAN host in a Docker container. The main things that need to happen seem to be:

  • Replacing the FiOS router with the UCG-Ultra and verifying that internet works
  • Recreating DHCP and DNS server settings. This includes:
    • IPv4 DHCP address range
    • Static DHCP leases
    • Local DNS hostnames
  • Migrating all of the Unifi devices from the self-hosted controller to the UCG’s built-in controller

Based on my research, this is the tentative plan:

  1. Write down/have handy the following:
    • List of MAC and IP addresses for static leases in FiOS gateway
    • List of names and IP addresses for local DNS entries in FiOS gateway
    • SSH login credentials (username/password) for Unifi gear — stored in controller under Settings > System > Advanced > Device Authentication (or go into settings and search for “passwords”)
    • Laptop with ethernet adapter and cable
    • Unifi app on phone for initial setup (which apparently uses bluetooth)
  2. Create a full backup of self-hosted controller and download to laptop
  3. Remove FiOS gateway from device list in self-hosted controller (maybe not necessary, as it’s not a Unifi router)
  4. Create a settings-only backup of self-hosted controller and download to laptop
  5. Release WAN DHCP lease on FiOS router and immediately unplug it from the network
  6. Connect UCG-Ultra to ONT, leaving downstream equipment unplugged for now
  7. Power up UCG-Ultra, wait for display to indicate WAN connectivity(?)
  8. Adopt UCG-Ultra to UI account using app
  9. Update UCG firmware and network controller (self-hosted controller running 8.2.93 as of this writing)
  10. Plug laptop into a UCG LAN port and make sure it gets a connection
  11. Restore controller backup (TBD: use full backup or just settings backup?)
  12. Configure DHCP and DNS server settings, including IPv4 range, static leases, and local DNS names
    • To add clients: Click “Client Devices” (left sidebar), then on the next page, then click the Add icon at the top right of the page. Dialog has entries for MAC address and device alias/name, and checkboxes for “Fixed IP Address” and “Local DNS Entry”.
  13. Connect downstream network devices and make sure everything works
  14. Go to old self-hosted controller and override set-inform address for Unifi gear
    • System (left sidebar) > Advanced (tab) > “Inform Host” setting > check “override” > enter UCG-Ultra’s IP address
    • Can manually change inform address on APs and PoE switch by connecting in to each via SSH and using set-inform command. However, this is not possible on the Flex Mini switch. It needs the old controller online so it can contact it to pick up the new inform IP. If that’s not possible, it will need to be factory reset and re-adopted.
  15. Wait for all of the Unifi gear to hopefully connect to the new controller
  16. Shut down the old controller
  17. Factory reset the FiOS router before returning to VZ

If this all goes according to plan, it hopefully won’t take too long. I’ll find out soon enough!

References:

Rise Up Pura Vida

lpaulriddle
  • Beans: “Pura Vida” from Rise Up Coffee Roasters (Easton, MD)
    • Roast level: Light
    • Origin: Costa Rica (Finca Las Gravilias)
    • Tasting notes from web site: Complex and very well balanced; bright with hints of honey and orange citrus. Light roast, sweet cup
    • Roast date: 6/18/2024
    • Purchase date: 7/8 or 7/9/24 at Green Valley Marketplace in Elkridge, MD
  • V60:
    • 21g to 22g coffee / 300g water
    • JX: 18 (54 clicks)
    • Water at 99°C
    • Recipe: Single Cup V60 Pourover with size 1 dripper; slow pour

I’ve been starting most of my new bags out at grind setting 20, but may switch to 18 going forward, as I seem to end up there regardless of what I’m brewing. The exception has been a couple bags of Zeke’s beans that seemed to work better with a coarser grind.

I have managed to get myself a workable pour-over setup at my office. I bought a plastic size 1 V60 cone for the office and a new coffee scale for home, and brought our old OXO food scale to the office. A couple of coworkers have electric goose-neck kettles they’ve said I could use, and we also have a cheap communal electric kettle that boils water, so there was no need for me to buy another kettle. In lieu of a grinder, I’ve been grinding the beans at home and bringing the grounds to the office. A true coffee snob might not approve, but the extra few hours between grinding and brewing doesn’t seem to make much difference with the finished product.

That all brings me to my experience with these beans: I started out at grind setting 20 and used my size 2 plastic V60, and the result was good, but not awesome. Same thing with grind setting 19. Then, I brewed a cup at work with the smaller cone (also at setting 19) and the cheap kettle. It has a regular, non-goose-neck spout, which makes it more challenging to regulate the pour rate. In spite of that, the cup tasted much better than the cup I made at home with the larger cone. So, I decided to try using my size 1 cone at home. The big difference is that it’s ceramic vs plastic, so I preheated it to avoid cooling the coffee too much during brewing. I also adjusted the grind to 18. The result was another really good cup. In general, I’ve noted that with all else equal, the size 1 V60 drains a lot faster than the size 2. These beans are no exception: with the larger cone, they finish at 2:40 to 2:50; with the smaller cone, they’re done by 2:30. With other beans, this has been a recipe for thinner-bodied cups, but these beans seem to work better with the faster drain-down. This is good to know, as it will give me something else to try with beans that I have a hard time dialing in.

Summer MTB Commute

lpaulriddle

Historically, I have not done much mountain biking in the summertime. The main reason is that the slower speeds and shorter bursts of exertion tend to get me extra hot and sweaty. Conversely, with road biking, there’s a consistent cooling breeze from air resistance, and the amount of exertion is more uniform, allowing for better regulation of body heat. The other issue I have with mountain biking in the summertime, particularly commuting to work, is poison ivy. My usual route takes me through a few exposed areas where the trail is narrow, with dense growth on either side that includes poison ivy.

It has always bugged me that there are so few days each year that I consider viable for commuting to work by MTB. In the winter, trails are frozen in the morning, but a muddy mess in the afternoon thanks to the freeze-thaw cycle. In spring, winter melt-off and rains make everything too muddy. Summer has the aforementioned issues of overheating and poison ivy. That leaves autumn as the only season where conditions are “ideal”, and now, it’s hard to ride in PVSP in the fall without getting coated in seeds from the wavyleaf basketgrass that is slowly taking over the entire watershed.

I would really like to do more mountain biking, but if I’m not getting my MTB time in while commuting, it’s tough to fit it in along with other activities like paddling (which I’m looking to extend into the colder months eventually), climbing, road biking/geocaching, etc. It seems like the answer is to stop waiting for ideal mountain biking conditions, and learn to adapt, kind of like what I’ve done with my road bike commuting over the years. To that end, today is not a day I ordinarily would have chosen to commute by MTB. It started off in the mid-70s and humid, and there is a heat advisory for the afternoon (a near-daily occurrence lately). I suited up with my usual summer biking garb, including a double-thickness Sweathawg helmet liner (one of those things that I wonder how I got along without for so many years). I rode Belmont Trail, Garrett’s Pass, Grist Mill Trail, and Soapstone/Starstruck. The shortcut trail that connects Rolling Rd to UMBC Blvd always gets too overgrown in the summertime, so I avoided it, opting instead to ride Rolling Rd to Wilkens Ave and then into UMBC via Hilltop Rd. The route had a few miles of pavement to help cool me off, and avoided areas with large amounts of PI (with the exception of a short stretch of Belmont/Morning Choice). The trails were dry (but not too dry) and fast.

On the way home, I usually enter the park via the Soapstone Trail, but the top of it is a veritable forest of poison ivy this time of year. Today, I think I’m going to try taking Foxhall Farm Rd to Vineyard Spring Trail. Another option would be to skip the Baltimore County side altogether, ride down Gun Rd, and enter the park at the railroad crossing. The former seems like it would be a better ride (other than the start along Wilkens Ave). It will be a lot hotter than this morning, so this will be a good litmus test of whether this will be a viable option in the summer. Another barrier to commuting in the summer is afternoon thunderstorms, but that hasn’t been an issue with the current heat wave, as it’s been exceptionally dry recently.

LCRC Delaware Blend

lpaulriddle
  • Beans: “Delaware Blend” from Local Coffee Roasting Co. (Roxana, DE)
    • Roast level: Medium
    • Origin: Guatemala/Colombia
    • Tasting notes from web site: smooth/chocolatey
    • Roast date: 5/27/2024
    • Purchase date: 6/17 or 6/18/24 at Three Blonde Bakers in Bethany Beach, DE
  • V60:

I bought an 8oz bag of these along with an 8oz bag of Beach Blend. I started them off at grind setting 20, but ended up at 18 mostly by accident — I forgot to change the setting after brewing the aforementioned Beach Blend, it was still pretty good, and when I’m working on two bags at once, I always prefer when I can use the same grind setting for both. Initially, it was kind of a toss-up which of these I liked better, but as the beans have aged a little bit, I think I slightly prefer these. My recent cups have had pretty good flavor and body, while the lighter-roasted Beach Blend seems to be getting a little flat. I should probably play around with the settings a bit, but the beans are almost gone. I suspect I’ll use up both of these by the end of next week. Looking forward to next year’s Delaware trip so I can get some more.

LCRC Beach Blend

lpaulriddle
  • Beans: “Beach Blend” from Local Coffee Roasting Co. (Roxana, DE)
    • Roast level: Light
    • Origin: Ethiopia/Colombia
    • Tasting notes from web site: milk chocolate/strawberry
    • Roast date: 5/27/2024
    • Purchase date: 6/17 or 6/18/24 at Three Blonde Bakers in Bethany Beach, DE
  • V60:

I bought an 8oz bag of these and an 8oz bag of “Delaware Blend” in Bethany last week, but waited until I was home to open them so I could use my pour-over setup. Nice, strong cup this morning with low acidity for a light roast. There’s definitely a slight hint of fruit. When I brew my next cup (likely tomorrow) I’ll pay more attention and see if it reminds me of strawberries as advertised. 😀

Delaware Paddling Report

lpaulriddle

I managed to get out paddling 3 times during my recent trip to Bethany Beach, DE, all in under 48 hours!! Here are some quick notes.

Delaware Breakwater East End Lighthouse: Launch is in Cape Henlopen State Park right next to the fishing pier. Need to go early-ish in the morning to avoid bad traffic through Rehoboth. $10/vehicle entry fee for out-of-state tags, paid at an automated kiosk (credit card only). We put in around 8:00am, near high tide. Total paddle was only around 2.5 miles, but lots to see along the way: dolphins, horseshoe crabs, an osprey with chicks, Lewes-Cape May Ferry route a short distance away, and (of course) the lighthouse. Water was nice and calm behind the breakwater, with occasional minor chop from boat wakes and breeze. There were a fair number of people out on the water: a few fishing boats, a whole bunch of kayaks (a few people fishing, and what appeared to be a sightseeing tour). We were able to disembark on the breakwater, walk up to the lighthouse, and find a geocache that was hidden there. It’s not for the faint-hearted, though: there is nowhere to easily tether the boats, so we roped them together and took turns. All in all, a very memorable outing. It would be a great place for sea kayaking.

Savage Ditch: This is north of Bethany about a mile past the Indian River Inlet Bridge. We came here in the evening. This is also $10/vehicle for out-of-state, paid at an honor box. I missed the launch at first and tried to follow the trail past the picnic pavilion, which was a mistake. It does go to the water, but it’s several hundred feet, and the bugs were fierce. I was swatting them the entire way, and picked up two ticks. My son found the actual launch, which is a much shorter carry and somewhat less buggy, but the put-in is on the muddy side. Once on the water, though, it was quite nice. We saw tons of gulls, lots of water turtles, and a few egrets, terns, and ducks. We didn’t paddle too far since it was close to dusk. The sunset was very nice, as was the near-full moon. Next time, I won’t forget the DEET.

Trap Pond State Park: After years of hearing people rave about this place, we finally decided to check it out. It is about a 40 minute drive from Bethany with light traffic, or 45-50 minutes with heavy beach traffic. Unfortunately, the trip was kind of a bust, as the water level was extremely low to accommodate emergency repairs to the dam. As a result, most of the really cool places to paddle were inaccessible due to shallow water. Had I done my homework ahead of time, we probably would have taken a pass this year. All the same, we did get a couple miles of paddling in, and we saw some really cool bald cypress trees. We will come back here at some point when things are back to normal.

Amity Costa Rica (Terrazu)

lpaulriddle
  • Beans: “Costa Rica (Terrazu)” from Amity Coffee Roasters (Greenwood, DE)
    • Roast level: Medium (wet process)
    • Origin: Costa Rica
    • Tasting notes from bag: clean sweetness / floral
    • Roast date: 6/11/2024
    • Purchase date: 6/16/2024 at T S Smith & Sons in Bridgeville, DE
  • AeroPress:
    • 20-21g coffee / 250g water
    • JX: 18 (54 clicks)
    • Hot water from Cuisinart machine (pretty hot but not boiling)
    • Prismo with metal and paper filters
    • Pour to 250g and stir 6-7x; steep until 2:45; stir 6-7x; press slowly, finishing up somewhere around 4:15

I have brewed this recipe 5 or 6 times now at our beach house, and the cups have been pretty consistently good. I’ll almost certainly be bringing some home, so I’ll try it in the V60 next week and see how that compares.

6/28: At home, I’ve been using the same recipe with my gooseneck kettle and 95°C water. The past few cups have been very slightly bitter. I tried dropping the temperature to 90°, but it still was not quite as good as last week’s cups. I only had about 30g of beans left, so today, I brewed all of them with the V60 (size 2) and 450g of water at 95°, and I also backed the grind off 6 clicks to setting 20. The result was a very good, smooth cup. Seems that making the grind slightly coarser is the ticket with these beans as they start to age. They were only 17 days past roast date when I used them up.

lpaulriddle.com re-architecting

lpaulriddle

I needed to get lpaulriddle.com moved off an old EC2 instance running Ubuntu 16.04, which has been EOL since 2021. About a year ago, I started the process by moving all of the services to Docker containers. Then I moved all of the persistent data (web pages, images, etc) to a EFS filesystem, and I moved my MariaDB database to RDS. After that, I kind of forgot about it until just recently. I saw that AWS was doing a promotion for its new t4g.small instances for 750 free compute hours per month through 2024, so I spun one up and worked on moving the services over. It went more smoothly than I had expected. This is what I did:

  1. Installed Docker and docker-compose on the new instance
  2. Tweaked AWS security groups to allow the new instance to mount the EFS filesystem and connect to the RDS database
  3. Copied my Github ssh credentials over to the new instance
  4. Cloned my Git repo to the new instance
  5. Copied secrets (.env) into the git tree
  6. Built all of my images (docker-compose build)
  7. Started containers (docker-compose up -d) – I actually did these one at a time, but this would have worked as well
  8. Tested everything out by modifying my /etc/hosts file
  9. Disassociated my elastic IP address from the old EC2 instance and assigned it to the new instance

This all went off without a hitch, and everything seems to be working. Functionally, the new instance is ARM vs x64, and the OS is Amazon Linux 2023, which is yum based, vs Ubuntu, which is based on apt/dpkg. This post will serve as a test that I can create blog posts using the new infrastructure.

Next, I think I’m going to move my database off RDS and back onto a MariaDB container with the database in EFS. RDS has turned out to be a little bit pricier than I had expected, and I think it’s overkill for my rather modest needs (basically a single WordPress blog and a MediaWiki instance).