Local Tools, Offline Networking and Building Resilience

In this episode of Linux Prepper podcast,

we are gonna be focusing on resilience,

offline first, local tools, local power,

and community resilience.

So it isn't about the tools

that you're using so much as the tools that you understand.

In this episode, we'll focus on

when technology doesn't work as intended,

and you have to drop back to just the things that you know.

So we'll be focusing on tools,

workflows, and practical applications

that you can attempt at home right now,

or in your home lab.

So if you're preparing for things like outages,

building up your system,

or you're just tired of things not working as intended,

then this episode is about reclaiming some of that autonomy.

That'll also tie in the updates of the last couple months,

upcoming premium episode content,

and we'll get all into it.

Linux Prepper is proud to be sponsored by a Meradroid.

Meradroid.com is a Northern California-based distributor

of odroid devices,

and they now officially offer refurbished hardware

from Nabokasa and Home Assistant.

Instead of ordering directly from an overseas hardware maker,

you can skip all that nonsense,

use a Meradroid for a simple customer service,

you can call them on the phone,

they have all the shipping options you'd want,

both in and outside of the United States.

I'll leave a referral link for them in the show notes,

or you can use Linux Prepper at checkout,

and a huge thank you to a Meradroid for sponsoring

Linux Prepper podcast.

Let's do a quick overview of why offline

and local first matters.

So if you check out the forum,

which you might have noticed is now moved

to discuss.livingcartoon.org,

you'll notice that there are a number of posts

that have gone up since the last episode,

I think 40 or 50,

and there's a trend of moving towards simpler,

more resilient setups.

So not everything needs to be in the cloud,

and not everything even needs Docker,

like we were discussing in the last episode,

but things do need to work offline,

or perhaps on the old hardware you already own,

or even when you're borrowing someone else's computer

or at a public library.

So in this focus of tools that are working offline,

this also means that we're focusing on things

that don't need constant connectivity

or in anticipation of some kind of problem coming up,

and you're just trying to get your work done.

So my question to you is like,

do you have a new device or an old device

or something in a drawer that might actually be useful?

And it turns out there is a ton of services

that you can run on old devices and a ton of light tooling

that already exists on your computer,

but I think sometimes we lose track of,

or lose sight of what we already have

because we're always trying to chase after something new.

And this is related to the rising costs

of consumer technology.

So right now obviously,

every costs are through the roof for RAM, hard drives,

and I would foresee this impacting everything, the cost

of using a virtual server and the cloud will go up,

domains will go up, everything's gonna go up

just because once costs go up,

all services will go up,

which I think makes it even more important

to kind of try to make use of the tooling we already have.

Was also thinking of the recent cloud failure outages

that is a hugely popular service,

but it does give a more renewed interest

in local first alternatives, which we're gonna get into.

So this also relates to me digging into my old computers

out of the drawer to replace my laptop,

which broke down and my server that broke down

to just get work done and learn about offline tooling.

Obviously, it worked really well,

'cause I've been having such a great time working on projects.

I was like, oh man, I gotta get back on the podcast.

So this is the kind of thing we're gonna touch base on,

autonomy, resilience, and just simple solutions.

So let's talk about some of the tooling

that I've found makes offline workflows,

not just possibility, but actually super duper productive.

We're gonna begin with a desktop application.

The question is in how few steps

can I get a minimally viable system?

So I'm going to recommend a tool I've mentioned before

on the show, which I now realize I've been using for three years,

and I've really expanded my use of it substantially.

That's KDE Connect.

KDE Connect is a tool that you can install on Windows,

Mac, Linux, iPads, iOS, Android, all these things.

There's also a GS Connect complete implementation for GNOME

if you want that.

KDE Connect is a crazy useful tool.

In fact, it is probably the most useful tool

that I use on any machine.

Why? Well, it's once you dig into the settings.

So first, you install KDE Connect,

to connect over Bluetooth, Wi-Fi,

or even things like VPNs, it doesn't matter.

You install it on phones, laptops.

This also means you could install it on grandma's phone,

or your kid's phone as a way to connect to them,

locally and through VPNs, or while you're on a hike, anything.

So you can do things like send a ping to find a device.

Even better, you can ring that device.

So it has that iCloud, like find my iPhone functionality in it.

You can also allow it to do media control,

which means it'll show on a lock screen of the phone,

media playback, not only for your phone,

but for other connected devices,

like your laptop or a movie you're watching.

And you can see from your lock screen or otherwise,

volume controls and you can even manipulate those.

You can manipulate playback, you can pause.

You can share your clipboard between all your devices.

You can also share files,

which means that Kati Connect works as a basic sync tool,

as a basic one-way sync, or you can even browse a file system

over SFTP.

Once you dig into plugging settings,

then you're gonna start to see more

of this remote control functionality,

multimedia playback, but when it really blows up,

is once you start experimenting with the telephony options.

The first thing you have that's super useful is text messages.

So for example, SMS text messages,

but also other chat services you're running on your devices,

like signal and whatever other chat you run.

So suddenly, not only your phone, but your computer,

we'll see these notifications,

and the actual text messages coming in,

both through something like signal,

as well as SMS simultaneously,

you can respond to them,

and you can respond without picking up your device.

So suddenly, you're able to respond to text messages,

and to phone calls, you can see, you know,

moms trying to call you while you're on your work machine,

but you get that important notification,

which is someone's trying to call you.

Once you're on the call,

your device is all work as controllers,

and they'll do things like,

when I receive a call in my device,

please, you know, pause the video I'm watching,

all of that will be handled through Kati Connect.

So you can manage multiple audio solutions simultaneously

through it as a send and receive option.

You can also get notifications like battery levels.

So if you have forgotten to charge your phone,

Kati Connect will tell you, which is amazing.

Once again, you have the ability to ring your phone.

So if you need to go out the door and you can't find it,

you click ring my phone,

or you can look at the connection status.

If you're connected, that's a way to know that locally,

the device is nearby, if it's connected to your laptop,

then of course it's in vicinity.

And overall, this just makes this such a great tool

because it will work even without Wi-Fi

or without internet, over Bluetooth.

And it's a great backup sync solution,

a great fallback tool,

or it's great as the very first tool you run,

because once you're running Kati Connect,

you can then send yourself your password,

send yourself your password files,

or send a photo to someone else,

even in a remote solution capacity like on a hike once off.

So all you have to do is have it installed,

and then whenever you want to,

you can fall back to it.

So I think it's a great starting tool for anyone,

plus it gives you that seamless experience

that's not normally associated with Linux,

it's more associated with something like the Apple Services.

So Kati Connect is an easy recommendation,

especially if you dig into plug-in settings,

and I'll leave my notes for this on the forum

at discuss.livingcartoon.org.

Now at this point, you might be thinking,

James, this is great and all,

but I'm worried about my local network.

Like my local network is not online,

or it's not available.

I'm glad you mentioned that,

because I just had extensive experience with this myself

of running local DNS.

So by local DNS, we're talking about the local domain name

services that you're connecting to.

And normally with a router,

when you connect to the internet,

that router connects up to your ISP, right?

And it's connecting to no-name, known services,

like Google and Cloudflare,

they're using things like 8888,

but there's also publicly provided DNS

from groups like Quad9 at 999.99,

which is just as fast, honestly,

as Google and Cloudflare, it works awesome.

And those are options.

So that's one option,

is to connect to something like Quad9,

'cause you wanna use a non-proprietary sort of way

to connect up to DNS, right?

But whether you trust Quad9 as a group out of the Switzerland

or Cloudflare or whatever, it doesn't really matter,

'cause there's no guarantee that they'll be up

as we know, 'cause Cloudflare went down.

So I think one thing we've talked in the past

about in the show is add blocking over DNS.

But the truth is, even that is kind of missing the point

of what we need in local network resilience.

What we need is we need local DNS.

So we're talking about Unbound, DNS mask,

and local resolvers.

Like there's one built into the pie hole,

but also Unbound itself can always be plugged in

to your add blocking software.

But it's Unbound or a similar recursive DNS tool

that is the key.

So why is local DNS specifically local DNS caching so useful?

Well, we've got first we've got the traditional DNS forerunner

built into the home router,

which is every time you need something,

you look to the ISP.

But as we know sometimes, the ISP might not be online,

which is why we look for a tool like Unbound,

which has been around for decades,

as a fully recursive DNS resolver with local caching.

Why does that matter?

Because local DNS means you don't even have to reach

to the sky, you don't have to reach to Cloudflare

or anything 'cause first you're looking locally.

At what you've already cached, this means more speed,

more privacy, more control, and more reliability.

Local DNS will work even when DNS itself

is offline at a higher level, okay?

Local caching means instantaneous responses,

there isn't a wait time because you're not asking the Cloud,

you're locally checking.

This also means that no Cloud type service

can ever know all of your DNS queries

because those that are result locally

are not submitted to the Cloud.

So it's only using the forward or as needed.

This is great, the caches themselves super tiny,

flushed often and they work really well on weak hardware.

It means fewer middlemen to get your DNS results.

This also means you're gonna be able to resolve domains

even though services are down outside of your home network.

Great, so faster, more private, more productive.

Unbound has the ability to query multiple authoritative servers.

This means that you can be using local services

in addition to outside forward or services,

and you can put all of these into a service

like Unbound or DNS masks.

So I'm using Unbound obviously,

but if you're using Unbound, there's no reason

you can't connect it to your ad blocking services.

Let's get really straightforward and non-sexy

about what ad blocking is actually doing at the DNS level.

All ad blocking is doing is it is sending that DNS request

to zero dot zero dot zero dot zero.

So it's sending it into a null space.

That's all it's doing, which means there's nothing wrong

with setting up a local DNS cache,

which also supports things like ad blocking to zero, zero, zero.

It's all wraps together quite nicely.

And then even divide IP ranges to say,

I want everybody at dot o dot one,

up through say 100 to connect over Unbound.

And then I want anyone aesthetically assigned

above that range to go through my ad blocking.

That's one option.

And works great.

So let's see, what are we talking about?

By using local DNS, we're adding no ISP DNS logging, right?

For any local inquiries,

you can add DNS-sec validation to protect against spoofing

and other kinds of man in the middle attacks.

It also allows you to add additional levels

of hardening to your networking at the DNS level.

This is all stuff that routers probably do not support

and it's not hard to set up, which is great.

So now you've given yourself a level of resilience

in local DNS caching, where even if your ISP is down

or your DNS is down,

you're still gonna be able to locally resolve DNS entries

using Unbound.

So super useful and you're gonna query everything faster.

So it's both private and faster, which is awesome.

And you can always customize it to taste.

So Unbound is a great service.

And I definitely noticed the difference in using it

when I turned it off.

There's notably longer response times to use foreworders out.

It doesn't matter whether it's to quad nine or quad flare

or whatever versus handling everything locally.

So definitely recommend local caching from DNS mask

or Unbound or using a resolver in something like Pyhole.

Bottom line, if you set up local recursive DNS,

you will get a benefit in speed, in privacy.

And in a way that's totally transparent,

you can still forward all your results out

to the same service you were using before.

Shout out to that service.

It's an unsung hero of performance and privacy.

And I think it's not necessarily cool

because everybody wants it to be related to a service.

But the truth is is you can run Unbound by itself

and add a service at your leisure

and you're gonna be happy no matter what.

In case you're curious about how you personally

would respond to something like local connectivity issues,

I've set up some challenges on the forum

at discuss.livingcartoon.org that I'll link to.

And I started with five that you can try at home right now

to see how your system reacts

when you lose connectivity, lose a file, folder,

and how that goes for you.

So you can try this up for yourself

and kind of come up with your own solutions.

I'm also building out a doku wiki to be used for the show.

It's at wiki.livingcartoon.org.

And that's designed so that not only can people

take challenges, but they can write their own.

Doku wiki itself is entirely based out of files and folders,

which is great.

And it also aligns with the forum,

which is built on parent and child tags.

So my intention is to start relaying all of the data

from the show into the wiki as an experiment,

but also a way to be focused on simple files and folders

for organizing and building up show content

and user content as well.

So feel free to join the forum.

If you do, you'll also gain access

to a lot of internal documentation.

Because a lot of the posts I'm doing there

are now things like that are works in progress

and also projects that I don't necessarily want to announce

on the show, but I'm working on for the future.

But you'll gain access to those by joining the forum

or the wiki as it develops.

So you can check all that stuff out.

And I am planning in relation to talking about these kinds

of services a gear exchange for Linux Fest Northwest,

which is coming up April 26th and 24th and 26 weekend.

And if you're going to be there and you want to join the forum,

I've put up a basic, there's a few o-droides

that I have from back in the day that you can have.

There's no cost associated with it.

They're not going to be for sale.

I just want to know if somebody would be interested

in having one.

And I also have a list of a 100 services

that you could run on even 32-bit, super low-end devices

that would work great.

I, of course, don't mean that you're going to run

all 100 services, but you might be able to run one,

two, or even three services on them.

Especially if you're just doing it locally for fun.

I've been doing it for years, and I don't see any reason

why you can't as well.

So there's a ton of options out there.

They all work awesome.

And if you're interested in getting a single-board device

'cause things are crazy right now,

I am willing to give some away.

And I'm assuming some of you out there might also have devices

that, you know, you've always thought that would be cool,

but then you just don't use them and they're in a drawer.

Well, maybe if you're going to be at Linux Fest Northwest,

you should consider giving them to someone else.

No strings attached.

But it's one of those things where if you want it,

just let me know.

And I'll include a next cloud form that you can fill out,

just to tell me that you're interested in,

because it's also important to know

because I don't actually want to bring the devices

if people aren't going to take them.

I don't want to bother to take them to the conference

unless I know that somebody's actually interested.

So I'm just letting you know.

And you're welcome to take part

and add your own devices as well by joining the form.

But it's super low-key.

If there's a garage at Linux Fest Northwest

where there's cell items or whatever,

we're not doing any of that.

This is like super low-key, literally.

Get me up if you want, you know, if you're interested.

This idea of running services locally at home for testing

naturally brings up the idea of home labs

and what they're for, what they aren't for.

And in the case of these small, simple devices

for testing services locally, right,

and testing failure and stuff and giving yourself a playpen,

that's one idea of what a home lab is.

And I think this is a great valid use case for home labs,

just to give you an idea of a way that I've been using

my devices as sort of home lab.

So obviously, we mentioned, you know, unbound,

but related to that, you can run something

like a web reverse proxy, say caddy or engine X,

because it'll run on basically anything.

But more importantly, you can use it to set up

local HTTPS resolution.

If you listen back through the old episodes,

I highly recommended using MDNS of Vahi

as it's called to set up on device dot local naming,

which is totally allowed on a local network.

So you can have something like my device dot local,

and then you can access services that way.

It might get a HTTPS error, but it works.

And I'll link to that episode in the show notes,

but that information is all still totally good.

And it absolutely works.

It works great with something like the recursive DNS unbound,

DNS mass stuff we talked about already.

But also, if you want to take it to the next level,

I would recommend running a reverse proxy.

So something like caddy and gen X.

And what you can do is say you own a domain.

Now you can set up a DNS based challenge,

not the similarity of all these things.

You can create a DNS based challenge,

which connects to your domain name provider via API.

And then you can make it so something like local.mydomain.com

will give you a further wildcard

for just local service testing.

So no matter what it is you install,

it doesn't matter what it is,

you can get valid HTTPS within your home network.

And I don't know about you,

but most people hate seeing HTTPS warnings.

So this is a good thing to consider.

And two ways to do that are with caddy and with nginx.

Because they don't really care about how they're being run.

It's more just about being able to use DNS based challenge

to generate a certificate.

And as long as your basic provider, say port, bun,

or gondi gives you that DNS certificate,

you'll be able to handle through let's encrypt

the local certificates.

So I would recommend checking something like that out.

And it's a good getting started level of home lab

in addition to running something like local ad blogging

with pile or ad guard.

So this is the kind of level that we're talking about.

Super duper simple tooling,

but works in really profound and powerful ways

and helps you learn.

If you want to hear about more about home labs,

I have an episode with Robin Monks,

as a bonus for this, that'll be released in the coming days.

And we talk all about what home labs mean to us,

what services we like to run,

and get a nice little overview of kind of our different

thoughts on that.

So that'll be fun in the next coming days.

Otherwise, you can subscribe to Linux Piper premium at Kofi.

And then you gain access to additional episodes,

such as my conversation with Robin Monks,

it's closer to 70 plus minutes long,

instead of the shortened edited version

that you'll get coming up.

So yeah, do you have a home lab?

What do you think about home labs?

Feel free to write in, share your thoughts.

We also have a matrix and discord chat.

Those are bridged together.

All have links to both of those in the show notes,

or you can join the discussion forum.

And you can look forward to that episode

or join Linux Piper premium to support the show

and listen to additional episodes

that I'm still working on.

Premium members were also gain access to my works

and progress posts on the forum,

which are otherwise not visible to regular users.

So it's another perk of the Linux Piper premium podcast

subscription.

You can see what I'm working on before I even

announce it otherwise.

So as a starter to this conversation,

how resilient is your local network?

How resilient is your setup to failures?

And there's a lot of places that this can go from here,

but I just want to start it with this idea of local DNS issues

when your ISP is unavailable and local ways

to connect your devices based on the devices themselves.

There's a lot more to talk about,

but I just want to know more about what you

as the audience are interested in hearing about.

And that'll help me shape these episodes moving forward.

Send in your feedback on the real time chats

or the forum or through contact or podcast

at livingcartoon.org.

Send me your thoughts.

Let me know what you think.

If you have suggestions, questions.

Obviously, I have tons more content related

to offline local tooling to talk about,

but I feel like this is a good start.

Just really want to remain focused on steps

that you can actually try at home challenges you can give

yourself.

But let me know what you think of this

and look forward to hearing from you.

Really appreciate all of you listening.

And if you like this show, please do share the show

with others.

That's the number one thing you can do

is tell somebody else about it.

Leave a review for the show.

That would be awesome.

I so much to cover.

But for the moment, I just want to touch base

on some upcoming events.

So obviously, Linux Fest Northwest is coming up

at the end of April.

I'll leave a link to their website.

It does seem that the schedule is not public yet

at this moment, but that should happen any day now.

But I will be tabling there for the Linux Prepper podcast.

I'll be doing my low key gearhand off

that I mentioned earlier.

If you want to get involved in that,

I'll also be performing an original theater piece

all about AI psychosis called AI scanned my brain run.

And I'll be performing that specifically for Linux Fest Northwest.

It'll be the first new show that I've done in a few years.

My previous shows have all done super well at festivals

for theater.

Obviously, this isn't a theater festival,

but I thought I would adapt it to the conference format,

which means it'll get performed twice

as two 20 minute segments with a 10 minute talk back.

This allows people to come and go,

but each performance will be totally unique.

So whatever you see in the second performance

will not be the same as what you saw in the first.

And I think that'll make it a lot of fun.

So you can look forward to AI scan my brain rot

performed by Living Cartoon Company at Linux Fest Northwest.

It'll be in person only, no live stream of it.

Sorry, not sorry, that's what's gonna happen.

But I'm just happy that you can walk in and see it

and see something unique and different.

I think it'll be really cool.

I'm really excited to do it.

Otherwise, I'll be tailing for the podcast,

giving trivia challenges.

And I will be releasing a additional episode all about conferences

talking about seagull versus Linux Fest Northwest,

talking to Adam Monson about projects

that he's been working on.

And you can enjoy that and get a better idea

of what happens at these conferences.

And maybe you'll feel inspired to want to attend one yourself,

whether you live in the Northwest

or somewhere else in the world.

Maybe there's conferences that you can attend as well

and check out.

All right, that said, I'm going to wrap this up

for the moment.

I know that I need to announce participants

of different projects and things coming up.

I will do that shortly.

I just wanted to get this episode out there

as the core episode.

Let me know what you thought.

You have any suggestions.

There's things you like, things you didn't like.

Email me podcast@livingcartoon.org

or connect with me however you wish

and have a wonderful day from me here

at Linux prepper podcast as James signing off.

Bye.