All posts by K1WIZ

Those plug-in smart switches that are uniquitous in the market are only good to 10 amps. (most of them) I had one on my dehumidifier project to control when the dehumidifier would turn on and off (by turning it completely off, we save energy and money on the electric bill). After a couple years of use, the “plug in” smart switch died, likely because the dehumidifier draws close to or beyond the current limit of the small relay in those switches. I looked around on the ‘Net and was hard pressed to find something that would handle higher currents. The unit is on a 20A circuit so I needed to be sure that whatever I used was rated to switch that much current. Most of the relays that are out there for “arduino” projects seem to also be limited to 10 amps as well. Boo!

I found a relay on Amazon that was capable of switching up to 30 amps! I’m thinking “this ought to last”, but I need to build a circuit that can energize a 12V DC coil. The ESP8266 module runs on 5 volts, and doesn’t put out nearly enough voltage and current to drive the coil. I needed to add a 12 volt modular switching power source, a 5 volt regulator for the ESP8266, and a MOSFET transistor pack (triggered by the GPIO pin on the ESP8266) to switch the 12 volt supply and send DC to energize the relay coil. Here’s what I used to build this industrial strength appliance smart switch:

Of course, it goes without saying, I installed the open source Tasmota software on the ESP8266 module! I then set pin D1 to drive the relay:

12 VDC buck switching supply:

120-240VAC IN – 12VDC OUT

Here’s a picture of the ESP8266, 5VDC buck regulator, and MOSFET module all wired up on a PCB. This is what gives the switch its smarts and allows the automation system to control it over MQTT/WiFi:

Here you can see the large relay. It is DPDT (double pole, double throw), has a 12V coil, and the switch contacts are rated for 30A @250VAC:

This is the entire smartswitch build finished:

All enclosed in a sealed IP67 rated enclosure. This design can be used outdoors!

And of course, with power applied (it passed the smoke test!):


A neighbor (looking at you Chad) recommended cloudflare for my website and I figured I’d try it out.  Doing so entailed changing my NS records on my domain at the registrar.  This effectively moved all my DNS zone for the domain over to cloudflare.  Awesome!  Getting the benefits of cloudflare, only thing is, I realized that my old bash script which kept my home network IP tied to a DNS host name now no longer works.  I needed to update it.   So I set out to rewrite the script and figured I’d share it here, hopefully to help someone else wanting to have a DDNS hostname for a dynamic IP at home.  Without further delay, here’s the script, all that is needed is to plug in the values for the variable, set it in a crontab, and done:


myip=$(/usr/bin/curl -X GET "")
# Populate with your own cloudflare specs
myZoneID   = ""
myRecordID = ""
myKey      = ""
hostname   = ""
email      = ""

curl -X PUT "$myZoneID/dns_records/$myRecordID" \
        -H "X-Auth-Email: $email" \
        -H "X-Auth-Key: $myKey" \
        -H "Content-Type: application/json" \
        --data '{"type":"A","name":"'$hostname'","content":"'$myip'","ttl":1,"proxied":false}'

echo "$time IP Updated to: $myip for $hostname" >> /var/log/DNS-UPDATE-$(date +"%Y-%m-%d").log

In addition to updating your DNS record, this also keeps logs of the changes to preserve a history of IP address changes.

There are many websites out there that will gladly take the details of your wifi network and in exchange for receiving those details, will generate an QR code that you can use to allow others easy access to your guest network, or business wifi. I strongly recommend against use of such sites as you can’t be sure they aren’t mining the data to build a repository of such information, and for what other purposes.

Instead, I used a freely available tool in Linux known as qrencode. Fortunately, qrencode is a simple program that you run locally on your linux machine (hell you could even roll up a linux VM to do this if you don’t have a machine with linux on it).

Installing qrencode in debian or ubuntu is as easy as:
sudo apt install qrencode

Once you have it installed, the format for generating the QR code is pretty straightforward:
qrencode -l H -t PNG -o qrwifi.png "WIFI:S:{SSID name of your network};T:{security type - WPA or WEP};P:{the network password};;"

So say your wifi name is “FBI VAN” with a password of “b0nehead” and has WPA encryption, your command to generate the QR would look like this:
qrencode -l H -t PNG -o qrwifi.png "WIFI:S:FBI VAN;T:WPA;P:b0nehead;;"

You would then see this QR code generated: (go ahead, scan it here!)

Once done, you have a nice QR code you can print and display for your guests. This makes it easy to get them connected, and they don’t have to worry about bothering anyone for the wifi password anymore. It’s a win on both sides.


So we recently moved to Northbridge (July 2020) and we were excited that (at the time) the NPS school district was not a GoGuardian customer.  Our family fought with our last school district in North Attleboro to stop deploying GoGuardian to our equipment at home for the reasons I documented back then.  The concept is simple:

  • MY house
  • MY home network
  • MY privately paid for internet
  • MY computers
  • MY electricity that was/is being paid for to run such an invasive application extension software

As a student/family privacy advocate, I do believe the school should monitor it’s own equipment and only on school grounds.  When it comes to family owned equipment used at home or anywhere off school campus, it should be HANDS OFF!  Students (and families) deserve a reasonable expectation of privacy in their own homes and on their own computers.

You should know that today (at the time of this writing) I telephoned the product team at GoGuardian, and asked them about their data collection and retention policies.  They refused to give me any information citing that I wasn’t their customer and that they have a policy against disclosing this information to parents.   Tax dollars funded the acquisition and installation of this software in our schools, I think full disclosure is totally appropriate.


So at home, it’s YOUR computer, and your child is logged in to process homework, or email a teacher.  How do you know your school is watching and recording all their browsing history?  Here’s how:

Ensure they are logged into their school account on chrome.  Once logged in, type this in the address bar:


You will see something like this showing GoGuardian is installed: (click for larger view)

Here you can see GoGuardian is installed and running on the browser.  Did you ever give your school system permission to install a monitoring agent on YOUR equipment?  No?  then you need to complain to the highest levels of administration up to and including your school committee.  They are hoping this goes unnoticed, but I bet if they held a public forum on it and went out asking for consent, that most people would decline when they fully understand what GoGuardian really does.  I’ll also note that it isn’t possible to remove this extension – the ability to remove it is managed by the school district’s Google Apps domain policy.

You can see here the permissions given to the GoGuardian browser extension – it’s disturbing:  (note: it is  also  not  possible  to  turn  off  the  extension.   It  is  forced  on.)

Here’s a snapshot of the DNS queries I saw in our logs just after doing a test search for illicit materials on our machine: (click for larger image)

That right there friends, is GoGuardian “phoning home” on what I just did.  (in this case web browsing history and searching) was sent to GoGuardian, and whatever I did is now visible to school officials.  There are real ramifications to this kind of wholesale tracking (which I will not go into here) but simply put, you should contact your school system and demand removal of this invasive browser extension from running in your home.  Here’s a brief use case/reasons why:

  • when the equipment and network the application/extension is running on does not belong to NPS
  • students need to have a perceived sense of privacy within their own home and on family owned equipment.
  • on shared family owned equipment, the data collection could violate the privacy of any person who uses that equipment and unknowingly is operating within a chrome browser logged into that account.  People seldom check to see who chrome is logged in as – they just open a window and go online.
  • This also has the potential to implicate the “tracked” student in other people’s internet activity unfairly, on privately owned (but possibly shared) equipment.

Also the EFF (Electronic Frontier Foundation) has released an extensive study into the privacy matters and even legality of off-campus school surveillance.


You can sign the petition here (I did):


Simple.  All the technology department needs to do is work with GoGuardian to prevent it’s extension from being deployed on non-school owned assets:

  • Work with GoGuardian to come up with a way to better control extension deployment by confining it to the following:
  • Define a Google Apps OU just for school-owned assets
  • Put all school-owned assets in that OU
  • Push GoGuardian deployment policies to ONLY that OU containing school owned assets.


I spoke with Director Tiago Vital and Superintendent McKinstry today about the privacy concerns with the GoGuardian extension running on privately owned equipment.  Here are the key points:

  • Superintendent McKinstry agrees that this extension running on “private property” is a bit concerning, wants to find a solution to exclude private computing equipment where possible.
  • Director Vital has actually looked into fixating GoGuardian to specific OUs within the NPS GApps domain, but mentioned it doesn’t appear that GoGuardian currently honors this in it’s current version.
  • Both Director Vital and Superintendent McKinstry agreed that a joint conference to discuss directly with GoGuardian, ways of excluding private equipment from the product deployment scope is desired and have invited me to join the call to present the concern from a parent’s point of view.
  • Time and date of such call is yet to be determined.

I will provide additional updates as they become available.


I got an email back from Director Vital which makes it clear GoGuardian does not wish to hear from/or involve in discussion, parents.  Here’s what the email said (and my response) click for larger view:

It should be noted that the claim of the extensions on non-chromebook devices are inaccurate.  Our family computer is a Linux (Ubuntu 20.04) machine running Chrome browser.  You can see from the screenshots above from that computer, that the extension was present and alive.  A test search for porn, bomb making, etc caused several DNS queries for goguardian servers to immediately show, indicating that the computer was talking to and sending data to GoGuardian.  This computer is private property, and we don’t consent to the residency of this executable extension (and code) belonging to GoGuardian, running on our private property (computer) in our home.

Since I learned that GoGuardian will not talk to parents – I went to my local police department (Northbridge Police) and filed a police report. (I’ll copy any developments herein as they happen)  I intend to fully pursue the legality of a school system and/or company placing executable monitoring agents in people’s homes on privately owned equipment.  I need parents to join this effort to preserve the expectation of privacy in our homes.  I also believe there are serious 4th & 5th amendment (unlawful search & right to not self-incriminate) civil rights violations at work here.


I’ve kept an eye on our machine over the last couple days and there has no longer been any GoGuardian traffic.  The extensions also appear to be missing from Chrome now.  I suspect that the school has removed this extension somehow from being deployed to our equipment when the kids log on – THANK YOU!   I do ask that parents use this guide to check and verify if the GoGuardian extensions have disappeared from their chrome browsers also.  Please follow the steps above and please feel free to comment below.   NOTE: I believe this removal is only for PRIVATE at home equipment.  If your child is using school issued equipment at home or on campus, I believe you will still see this extension in use.   Please remember that the focus of this cause, is ONLY for removal of the goguardian extension from PRIVATE equipment used OFF CAMPUS.

UPDATE 10/27

During another security audit of my network, I have discovered that again, GoGuardian has been reinstated on our family computer. I also see constant traffic in our DNS logs (times shown are in UTC):

I went to Northbridge Police Department to enter a second complaint against NPS for this unauthorized software running and monitoring activity on our family PC. I have also formally demanded the following information from Superintendent McKinstry:

Superintendent McKinstry,
I have returned from the Northbridge Police Department after bringing evidence of this repeat complaint and have spoken with Officer O’Malley this evening.I am formally demanding a copy of all data that GoGuardian has collected on both Jianna and Sophia Rogers.   I also want a copy of any policies on data retention:

  • where this data resides (both within NPS and within GoGuardian)
  • who has access to it
  • what data was collected and where
  • lifetime of data retention – when and where is it destroyed and how
  • a written scope of all GoGuardian functionality the district is subscribed to from GoGuardian
  • a list of any 3rd parties this data is shared with

Please provide these materials pursuant to my demand no later than 30 days.  If you require a court order to provide this, please immediately say so, and I will immediately have my attorney seek one.

UPDATE 10/28

Now that GoGuardian was quietly put back on our family computer when the kids are signed in, I decided to do some additional forensics on the machine to determine:

  • Is the executable extension permanently resident on the computer’s hard drive regardless of whether my kids are logged in?
  • Can I delete the extension or does it come back the next time they login?

Here’s what I found:

  • Whether or not the kid is logged in, GoGuardian’s chrome extension IS resident on my computer’s hard drive. In other words, if they aren’t logged in, it may not be running, but it IS resident on the drive and occupying about 12MB worth of space. I did not consent to this and the machine is my property, and it is NOT welcome on my machine or in my home!
  • I was able to delete the directory containing the extension (the directory is named after the extension ID – you can get this ID by going to chrome://extensions then click on the GoGuardian extension and the ID is visible in the address bar of the browser. I deleted the directory and it was removed. The next time my kid signed into school, the extension was re-deployed to my computer!

See the screenshot showing the contents of the directory (click for larger image):

There is NO WAY to permanently remove this software unless the school administration removes it – such removal is governed by their GSuite deployment policy, which they control. This is what causes the GoGuardian software to deploy to private computers in private residences. Such deployment to, and active wholesale monitoring of private property should be illegal and stopped.

I believe this is why GoGuardian wishes not to speak about data collection, retention, and destruction with parents because they are likely aware they are riding the very sharp edge of the law here with regard to their software ending up on private computing assets. THIS IS WHAT I’M FIGHTING FOR – privacy and private property rights! I’m OK if the software runs on school owned equipment within the school campus, but in my private residence, that’s NOT ACCEPTABLE!


In our home, we have 2 garage doors with RF remotes in our cars.  For most people, this is generally considered “good enough”.  I wanted to come up with a way to connect our garage door openers to our home automation system.  Doing so would have the added benefit of remote control from anywhere, especially if we are away.  This could be useful so that deliveries could be placed in the garage, or for any other reason where we would want to allow someone access to the garage but not the rest of the house.  Some folks have a code entry panel that serves this purpose but then you have to share that code and by doing so, can compromise security should the code be shared without your knowledge.  With the ability to remotely open the garage, allows access without needing to share a credential.

This article makes the following assumptions:

  • You already know how to flash Tasmota onto ESP8266 hardware
  • You are familiar with Domoticz home automation console and adding devices
  • You use some method of message transport ie. MQTT between Domoticz and your Tasmota powered hardware

View the following video to see a demo of how this works:



Since I already have an in-place home automation system, all I needed to do was configure two buttons on the console that would accept a pushbutton command and send a signal to a relay to open the door.  For hardware, I used a dual relay board that has an esp8266 chip.  The 8266 chip was flashed with the latest Tasmota release, and configured to operate the relays.  The switch output of the relays is wired to the existing wall switches of the garage door so that when tripped, will cause the door to operate just as the physical wall buttons already do. 

The Tasmota configuration uses the “Generic” template and configures GPIO0 to be Relay1, and GPIO2 to be Relay2.  After setting the GPIOs, I had to enter some settings and a ruleset into the Tasmota Console on the ESP-01.  To enable the ESP-01 to talk to the relay serial chip on the board, I had to go to the console and enter the following command and ruleset:  (NOTE: some older versions of this dual relay board may use 9600 baud instead of the 115200 baud shown here.)  Also, the dual relay board needs to operate in Mode 1 (default mode and indicated by a red LED on the board).

seriallog 0
on System#Boot do Backlog Baudrate 115200; SerialSend5 0 endon
on Power1#State=1 do SerialSend5 A00101A2 endon
on Power1#State=0 do SerialSend5 A00100A1 endon
on Power2#State=1 do SerialSend5 A00201A3 endon
on Power2#State=0 do SerialSend5 A00200A2 endon

Then to enable the above rule:

rule1 1

turns on rule1.  Once enabled, I want to ensure that power disturbances do not trigger the relays or cause the ESP-01 to lose it’s config.  To ensure that the relays stay OFF when there are power interruptions or power cycles, I needed to enter this command on the Tasmota Console:

PowerOnState 0

I also wanted to make sure the config would remain intact even if there were several power cycles/disturbances (sometimes Tasmota can reset to defaults if there are more than 6 fast consecutive power cycles), so I also entered this command into the Tasmota Console:

SetOption65 1

Finally, we want the relays to only trigger momentarily when activated so that a pulse is registered to the garage door openers.  To do that, we must enter two more commands on the Tasmota Console of the relay board:

PulseTime1 1
PulseTime2 1

Once these changes are set, all that is needed is to set the Domoticz IDX address to match the two pushbuttons that were added to the Domoticz console.   At this point it should be possible to remotely trigger the relays from Domoticz and they will trigger ON for 1 second and then switch off when called via Domoticz.  All that is left to do is wire the relay N.O. contacts to the physical garage door wall switches in the garage.  It will now be possible to open or close the garage doors from the Domoticz console via any mobile device that has access to the Domoticz home automation console.


I moved to an area where my AM news station (WBZ) comes in rather scratchy.  Sure I could stream them over the internet on a mobile device, but what about the radios I currently have?  Have they now become paperweights?  Fortunately, WBZ streams online and I found a cool FM transmitter module that I thought “I could use this with a Raspberry Pi to put WBZ on the FM dial near my home”.  The FM module is about $12 and available on Amazon and I already had a raspberry pi computer I could dedicate for the project.  Why not try it?



This article is for informational/educational purposes only.  If you make use of any information in this article, I will not be liable for your use of this information and any action you take based on the technical discussion herein is solely at your own peril/risk!  Please check local laws for this application in your country of residence!  This article also deals with a solution powered by AC mains voltage.  If you do not understand what you are doing, PLEASE be safe and get qualified help!

I installed Ubuntu Linux 20.04.2 server on the raspberry pi computer, and then installed a software called liquidsoap.  Liquidsoap is an audio/streaming swiss army knife and is of course, open source.  Normally, people use liquidsoap to capture a live audio source and then create a stream on the internet.  I wanted to do the reverse, and pull in an internet stream and play it over the USB DSP that is built into the FM module.  A bonus is that the FM module is also powered via the USB connection – one cable does it all.  Shown here is the finished transmitter:

The FM module is quite versatile.  It has an analog line-in, condenser mic, and USB audio interface all built in!  Depending on what input you use, the module is smart enough to pick that input and use only that.  When I hooked the module to my raspberry pi and ran:

aplay -l

I was able to see the USB audio interface on the FM module:

ubuntu@audio1:~$ aplay -l
**** List of PLAYBACK Hardware Devices ****
card 0: Headphones [bcm2835 Headphones], device 0: bcm2835 Headphones [bcm2835 Headphones]
Subdevices: 8/8
Subdevice #0: subdevice #0
Subdevice #1: subdevice #1
Subdevice #2: subdevice #2
Subdevice #3: subdevice #3
Subdevice #4: subdevice #4
Subdevice #5: subdevice #5
Subdevice #6: subdevice #6
Subdevice #7: subdevice #7
card 1: CD002 [CD002], device 0: USB Audio [USB Audio]
Subdevices: 0/1
Subdevice #0: subdevice #0

The “card 1” device is the USB connection to the FM module.

All I needed to do now was install and setup liquidsoap.  For that I used this guide and installed with OPAM.  Once I had liquidsoap installed, I created a .liq script which had the following configuration to stream WBZ and play it on the FM module’s USB interface:

str = ""
prog = mksafe(input.http(str))
prog = amplify(0.7,override="replay_gain",prog)

With this .liq file saved as play.liq, I could then start it up by running:

liquidsoap ./play.liq

If you want to add this as a systemd service, just follow the conventions to create the service file and install it as a service so it comes up whenever the raspberry pi is started.

FM Module Tips

The FM module as it comes, does not have an antenna on it.   For best results, solder a 1 meter length of wire on the “ANT” solder pad and place the entire RPi/FM setup in a high location within your home.  You should find a clear spot on your FM dial using a portable radio and set the FM module to that frequency.  When properly set, you should be able to pickup the signal from your RPi/FM package at least 4 houses away before you start to hear static.  This amount of range from such a small module is pretty decent and sufficient to enjoy your streamed audio source on any ordinary radio near your home.  The sound quality is very good for a $12 module and sounds nice on my Tivoli and other radios.


Connecting the home brew transmitter to a small RF amp brings the power output up to about 10 watts. This power is then fed through an RF bandpass filter before the antenna. This helps eliminate RF harmonics that WILL get you busted in short order! DO NOT operate a device like this at any considerable power level without proper filtering, it is a guaranteed way to get busted for radiating harmonics and interfering with other signals!

The transmitter connected to the amp module (live audio is fed from an icecast stream over CAT6 cable). Note the small white WiFi smart outlet. This lets me remotely turn off the transmitter if I get wind that the FCC is taking an interest. I have the ability to remotely kill it from my smartphone from anywhere, at a moment’s notice:

The RF bandpass filter (SUPER IMPORTANT!)

Finally, the TUNED circular polarized antenna – circular polarization helps reduce multipath signal distortion for mobile listeners. This antenna is precisely tuned to the desired broadcast frequency of 95.1 using a cheap portable VNA (Vector Network Analyzer)


My neighbor recently did a landscape lighting project of his own.  It looked great and was a simple grid-tied system.  I wanted to kill 2 birds with one stone and do a landscape lighting system of my own, but I wanted ours to be connected (wirelessly) to our Domoticz home automation system and I didn’t want to pay for the electricity to run it.  I was able to achieve both goals in this project through the use of ESP8266 and some MOSFETs triggered by PWM which had the added benefit of making the system dimmable if desired.


For this project, I gathered the following materials:

The way my house is situated, all the sun shine is in the back yard – plenty of sun there year round.  In the front where our landscaping is, has a lot of shade so not a good place for a solar panel.  I also wanted to hide all the power generation and control stuff in the back yard anyway.   I was able to cut a thin slice into the side yard following the foundation from the back yard to the front yard and bury the cable in the dirt easily.  You can’t even see the cable:

In the back, is where the power generation and control stuff was located.   I made the wireless PWM controller inside an  IP67 rated enclosure and put banana posts on for easy connection:

This allows me to control the lights ON/OFF/Dim using my existing Domoticz home automation system.  commands and telemetry is carried over wifi and MQTT to the Domoticz docker container.  The object in Domoticz can then apply time schedules, change brightness, or even turn on the lights during a motion trigger event from a PIR sensor that can be added to sense presence.

In the back yard, I set the case containing the battery and charge controller, solar panel, and PWM controller under the solar panel, in a spot where there is ample sunlight all day.

In the front, I ran the cable near the areas I wanted the lights and used the included connectors that came with the lamps.

I had the object in Domoticz setup to turn these on at 50% brightness 30 minutes past sun down.  Here’s the final result on how it looks:


We moved into town in July 2020 and as new residents always looking for ways to get a pulse on happenings in the town.  One great way to do that is to monitor the radio systems of the municipal services that operate within the town.  To monitor, one can either go out and purchase a $400 scanning receiver, install an antenna, and stay within ear shot of the scanner to stay informed, or the (better) option is to setup a dedicated receiver for each service and connect the audio output to a computer (running appropriate software) to create and send a stream to or other streaming relay service.  What’s nice about streaming to broadcastify, is that they archive all the audio you send them, so when something interesting happens, and you miss it, you can download the audio from the stream archives and listen to it from anywhere as your schedule permits – or you can just listen live from any mobile device using the broadcastify app from anywhere.





I chose to do the second option, because I have plenty of spare radios and computers.   To create my streams I use the following in my arsenal:

  • a low power Intel Atom ultra small form factor computer with plenty of USB ports and running Linux OS.
  • the liquidsoap audio toolkit to define and create the streams.
  • USB audio interfaces with inputs (connected to the radios)
  • UHF or VHF radios to dedicate to the monitoring setup – connected to a common (shared) or individual antennas.
  • An account on Broadcastify or other stream server  – from where you will serve your streams.
  • Broadcastify stream details for each stream (you will use this to setup liquidsoap).
  • a wired network connection (preferred) for your computer generating the streams.

I started with a small energy efficient computer (an ASUS Intel Atom “net top” computer) on which I installed Ubuntu Linux and Liquidsoap.  This computer needs a reliable internet connection and power source, as it will be running 24/7.  I chose a low power computer because I wanted to keep my energy costs low for the project.  Once Linux is installed, and an IP setup on the box, a keyboard and monitor are no longer needed.  You can do the rest of the setup over the local network over SSH.  To setup the computer for streaming, I installed Liquidsoap and created a config file to define the streams: (/etc/liquidsoap/radio.liq)

apt install liquidsoap
apt install liquidsoap-plugin-alsa

Once installed, you need to create a config file to tell liquidsoap how to create and process your streams:

# Define physical audio pickups:
radio4 = mksafe(input.alsa(device="plughw:CARD=USB,DEV=0"))
radio5 = mksafe(input.alsa(device="plughw:CARD=CODEC,DEV=0"))

# Define stream destinations:
%mp3(stereo=false, bitrate=16, samplerate=22050),
port=80, password="p@55w0rd", genre="Scanner",
description="Northbridge Police Dispatch", mount="/kejrncsk888",
name="Northbridge Police Dispatch - 453.1875 MHz", user="source",
url="", radio4)

%mp3(stereo=false, bitrate=16, samplerate=22050),
port=80, password="p@ssw0rd", genre="Scanner",
description="Northbridge Fire Dispatch", mount="/s7sfsd87dsf",
name="Northbridge Fire Dispatch - 154.3625 MHz", user="source",
url="", radio5)

You get the parameters for the above output definitions from the feed details in your broadcastify account when you apply to setup a feed.  Once setup in the config file, you can issue the following command to restart the liquidsoap service and bring your feeds online:

sudo systemctl restart liquidsoap

Once restarted, liquidsoap should now be sending your audio to broadcastify.  You should see your feeds online:


Now that your stream is up, it’s time to hook up the radios and start sending audio over your stream (radio configuration/programming is out of the scope of this article).  Connect the “speaker out” jack on the back of the radio to the correct “line in” port on your USB audio pickup device and set the volume halfway to start.  (You don’t want too much audio or your stream could be noisy/distorted).  As the radio is receiving audio, adjust the volume knob on the radio for good balance of loudness and clarity.  Do the same on any other radios you wish to setup.  Be sure to lock the tuning so that the frequency can’t be accidentally changed.


Because we’re pulling signals off the air and streaming them online, you’ll need to either buy or make an antenna for such a dedicated setup.  I chose to make a simple one using an SO-239 connector:


Now, you can download the Broadcastify app on any mobile device and listen to the feeds from anywhere.  The data rate is extremely small so listening for long periods should not consume a lot of data on a data plan.  Now you can stay informed by listening or listen whenever you see local police/fire activity in your town.

Rebuilding My Home Network


I have had my ESXi box for YEARS and recently decided to take a dive into the world of KVM (QEMU) on Ubuntu Linux.  It’s a popular and completely open hypervisor that has become a staple in many datacenter environments.  I had been loathing the change because it meant I had to rebuild a few of the VMs I still had.  Though I made the plunge recently into docker containers and finding apps I could containerize, I still have a handfull of VMs that perform various functions on my home network and “home lab”.  I’ll preface this by saying that the ESXi box did us well over the years and I hardly ever had to touch it.  The one thing I did not have with ESXi was other hosts to use for moving VMs.  The fact that the license isn’t free and ESXi is very persnickety about hardware requirements just was a put-off in trying to implement V-Motion (VMWare’s method of migrating/moving VMs around in a cluster).  With KVM, my options are more open and I have a handful of hosts that are compatible with KVM so if I ever had to move VMs around, I can in a pinch if ever I have a problem with hardware.


To create a small cluster of physical hosts to run my new VMs built on KVM, I simply carried out these steps (I’ll go into greater detail on each one):

  • Install Ubuntu Server 20.04 OS on each physical machine
  • Configure a netplan for each physical KVM (pkvm) host that achieves:
    • bonded (teamed) interfaces
    • LACP (802.3ad) attributes to bring up the channel-group session
    • vlan tagged traffic over the bond
    • bridge interfaces to allow kvm guest VMs to attach to the desired vlan
  • Install necessary KVM packages
  • Configured a port channel interface on the main switch & define physical switch ports that will participate in the LACP channel-group
  • Configure a common NFS mount on the NAS to hold the KVM guest images on the network
  • Moving new kvm VMs into my newly rebuilt KVM host
  • Consume donuts that my wife and kids made while the “internet was out”

Setting a Netplan

Ubuntu 20.04 uses netplan to configure the operation of network interfaces.  This method uses a simple YAML formatted file that is easy to write and backup.  If you screw up, you can always revert back to a previous file.  (always make a backup!)  My netplan file looks like this:

      - enp1s0f2
      - enp1s0f3
        mode: 802.3ad
        lacp-rate: fast
        mii-monitor-interval: 100
#    enp1s0f0: {}
#    enp1s0f1: {}
    enp1s0f2: {}
    enp1s0f3: {}
      dhcp4: no
      dhcp4: no
      id: 2
      link: bond0
      dhcp4: no
      id: 5
      link: bond0
      dhcp4: no
      id: 11
      link: bond0
      dhcp4: no
      id: 10
      link: bond0
      dhcp4: no
      id: 50
      link: bond0
      dhcp4: no
      id: 73
      link: bond0
      dhcp4: no
      id: 300
      link: bond0
      dhcp4: no
      - vlan.73
      - vlan.2
      - vlan.5
      - vlan.10
      - vlan.11
      addresses: []
        addresses: []
      - vlan.50
  version: 2

Installing KVM packages

apt install -y qemu qemu-kvm libvirt-daemon bridge-utils virt-manager virtinst

Configuring a port channel interface

With the netplan configuration saved and in place, I just executed sudo netplan apply and then proceeded to setup the switch-side of the bonded connection.  The first thing I needed to do was configure a new port channel interface on the switch that would be suitable for carrying tagged traffic:

interface Port-channel2
 description KVMBOX
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree portfast

After setting up the port channel interface, I now had to add the physical interfaces that are cabled from the switch to the big KVM box:

interface GigabitEthernet1/0/44
 description TRUNK_TO_VBOX1
 switchport trunk encapsulation dot1q
 switchport mode trunk
 lacp port-priority 500
 channel-protocol lacp
 channel-group 2 mode active
interface GigabitEthernet1/0/45
 description TRUNK_TO_VBOX1
 switchport trunk encapsulation dot1q
 switchport mode trunk
 lacp port-priority 500
 channel-protocol lacp
 channel-group 2 mode active

wr mem

Once both ports were setup, I could then test the channel-group status:

CORE-SW#sh etherchannel 2 summary
Flags:  D - down        P - bundled in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator

        M - not in use, minimum links not met
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port

Number of channel-groups in use: 2
Number of aggregators:           2

Group  Port-channel  Protocol    Ports
2      Po2(SU)         LACP      Gi1/0/44(P) Gi1/0/45(P)

It’s time to now setup an NFS share for holding KVM images

This part is easy:

  • apt install nfs-client

Add a line to /etc/fstab: /vol1   nfs     _netdev,nfsvers=3,nolock,noatime,bg    0       0

Then mount: sudo mount /vol1.   I then created a symbolic link from the /var/lib/libvirt/images directory to point to /vol1/kvms (where the other KVM servers put their images)

Now time to move my newly built KVM VMs into my new KVM host (built on a temporary KVM host)


At work, I serve on a team that has an on call rotation.  As a heavy sleeper, SMS dispatches to my cellphone are not enough to get me out of bed.  I needed a better solution, but what was that going to look like?  I have an iPhone X and it’s just not loud enough to wake me, and having the notifications be persistent until acknowledged was a real necessity.  I needed something that would almost slap me in the face to get me out of bed for a 3am dispatch.  No joke!  There just aren’t a lot of solutions out there to literally kick someone out of bed at 3am (heavy sleepers) and I certainly wanted to keep my manager happy by answering pages in a timely manner.  Time to build a solution!

Luckily, I have skills in the wireless dark arts as a Ham Radio operator and I knew there was a way to use the free Pi-Star software to make a pocsag pager transmitter.  I bought a programmable pager online that would work on the frequency of 439.9875MHz and proceeded to build the transmitter and attach it to my network.



  • latest pi-star image on microsd card and configured on the network
  • Any USB wifi G or N dongle (the onboard wifi chip on the RPi Zero W sucks)
  • OTG to USB adaptor pigtail for wifi dongle
  • 15″ SMA whip antenna – the little stubby antennas really suck!
  • MMDVM Hotpost board kit (this has the radio and RPi Zero)
  • Programmable POCSAG pager that will work on 439.9875MHz (Digital Paging Company in North Hollywood CA Be sure to ask for SKU: R924-430-6V33
  • Gmail account to pull the messages of interest from to create page messages and triggers
  • Linux box (or VM) with fetchmail configured to pull and parse mail from the gmail account
  • I had to write some code to make it all work
  • OPTIONAL: an MQTT broker to send actions to home automation such as Domoticz, Hass, etc (in my case, I have a bright light on my night stand that shines in my face that gets turned on to help wake me up)

Setting Up Pi-star

Download pi-star and write the image to the microsd card.  Configure pi-star by disabling the built-in wifi chip (in favor of the USB dongle) and set up pi-star to connect to your network.  (see pi-star site for more info).  Once connected to your network, you should give it a static IP address so your script will always be able to reach it and dispatch messages to it.  To do so, you can use the DHCP IP reservation function on your router or edit /etc/dhcpcd.conf to add the static IP by adding something like the following to the end of the file: (change to what’s appropriate for your environment)

interface wlan0
static ip_address=
static routers=
static domain_name_servers=

NOTE: you need to make sure the / partition is writeable before you edit this file (by default it is not) by running “rpi-rw” and when you’re done, run “rpi-ro” to make the / partion read-only again.  Keeping the / partition read only will help protect your sd card from wear.

Next, you must setup pi-star and turn on POCSAG mode and be sure the frequency is set to 439.9875MHz (this process is documented on the pi-star website/wifi – so I won’t go into that here).  Once you have pi-star setup in pocsag mode and on the correct frequency, it’s time to program your pager (see pager documentation) and program in the frequency and a CAP code so your pager will respond to page transmissions.  With your pager programmed correctly, and pi-star properly configured, you are now ready to install the scripts and set the script up in a crontab.  (this assumes you have already configured fetchmail to pull down mail messages from the gmail account you will use to receive on call dispatches).  Refer to fetchmail documentation on how to setup IMAP or POP access to gmail.

I call fetchmail and in crontab every minute:

* * * * * /usr/bin/fetchmail &> /dev/null
* * * * * /home/john/ &>/dev/null

NOTE: please see the comments within the scripts for info on what needs to be setup (variables) for the script to process your mail.