FreeBSD Diaries — Adding bootstrap code to ZFS root disks

When you add a new disk device to the “zroot” pool (or whatever it is that you’ve named the ZFS pool where your root partition resides) you should also add bootstrap code to that specific disk, so that the system can actually boot from it should the other disk(s) in the pool suffer a hardware failure.

Assuming that you’re using disks partitioned using “gpart” and have an EFI partition, your disk might look something like this (using “gpart show da3”, for example):-

=> 34 7814037101 da3 GPT (3.6T)
34 6 - free - (3.0K)
40 1024000 1 efi (500M)
1024040 12582912 2 freebsd-swap (6.0G)
13606952 209715200 3 freebsd-zfs (100G)
223322152 7590714976 4 freebsd-zfs (3.5T)
7814037128 7 - free - (3.5K)

You also use “gpart” to write the boostrap code to your new disk. In this example, the command would be:-

gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 da3
partcode written to da3p1
bootcode written to da3

Note that “gpart” confirms that it has written to the disk.

PLEASE MAKE SURE that the you change the disk device specifier (“da3” above) to specify -your- correct target disk device. This command will quite happily destroy filesystems if you get it wrong.

FreeBSD Diaries — DHCPD

While trying to install the DHCP server daemon on FreeBSD 12.1, I got the error:-

Failed to start dhcpd.  Could not find dhcp-sync in services file.

This actually means what it says.  If you happen to have syncing of DHCP lease information enabled between multiple servers (master and back-ups in the same domain), then you need to add this line to the /etc/services file:-

dhcpd-sync   8067/udp      # dhcpd(8) synchronisation

As the dhcpd (server process) runs as user “_dhcp”, you should probably make sure that  “_dhcp” has write permission on the /var/db/dhcpd.leases file, too.


Hey WordPress, just a short note here (seeing as it’s next to impossible to write anything any longer) to let you know how much this user -detests- the new editor.  Hope you’re not betting the farm on it.



Recent Updates [July 2020]

E32-915T30S LoRa Module“Xreef” (Renzo Mischianti) has just updated his excellent LoRa E32 Series Library to fix a memory leak issue.  All of his examples have also been updated to include the fix, so if you’re thinking of playing with some of the EBYTE manufactured boards and an ESP8266 or ESP32, this is the go-to library (and Renzo has also produced a couple of adapter boards to make it easier to use the E32 boards with your favourite ESP).

SixPack GRBL CNC Controller“Bdring” (Bart Dring) has updated his port of GRBL for the ESP32 with many fixes and improvements (with a merge from the dev branch), so if you’re into CNC, you should check out his repository now.  Bart also shows the rather impressive “6-Pack” (six axes, XYZABC, for Pololu/StickStep drivers) ESP32-based controller board (left) on his GitHub repository page, but it doesn’t seem to be available from his Tindie outlet, yet.




Intel-based, 4-port firewall/router for less than $200

NOTE:-  This article was originally written mid 2019, but was never posted (it seems that I received a non-maskable interrupt in mid sentence and never got back to it).  Prices quoted are probably no longer valid, but I note that the systems themselves are still available from the supplier linked-to below.

As noted a couple of months back in the Odd Bargains post, I’ve been experimenting with some low-cost Celeron-based systems (in addition to the original Z8350, Atom-based unit, which started me along this particular track) as cheap, complete servers for our home network.  The main advantages for me are good OS support for most (but definitely not all) peripherals, RTC and battery as standard and they all come complete with a case and power-supply included in the up-front price.  They are a lot cheaper to run too, as these low-end processors were originally intended for laptops and tablets rather than full blown PCs.  Santa Claus only delivers for free at ChristmasWhile there’s no denying that the CPU performance is generally nothing to get too excited about, they (the quad-core units, especially) still work remarkably well as 24/7 infrastructure servers for services such as DNS, NTP, DHCP, low volume web servers and reverse proxies.  Most ,but not all,  come with a GbE port and are quite capable of handling significant amounts of traffic (…watch out  for the low-end “ACE PC” branded models though, as they only have a 100Mb port), but all GbE chipsets are not created equal and my tests with a cheap, external USB-3 to GbE dongle (as a super-budget firewall) were a resounding failure (the internal port on the Celeron box could handle the traffic, but the dongle would give up the ghost after 2 or 3 hours).

I found along the way that there are quite a few, virtually identical systems in this price range which have completely different chipsets.  Most of the very low cost machines come with Realtek chips, which research on the ‘net shows to be less than ideal for a firewall (the symptoms reported are similar to my own experience with the USB-3 dongle).  This isn’t to say that the Realtek chips are to blame (there are lots of other variables in the mix), but it is fairly common to see posts recommending Intel chipsets for long term reliability under heavy load.  So, after playing around with a couple of systems that I actually have and taking into account reviews and research, I eventually came down to the choice of a J3160 based system with four, Intel-based GbE ports (the J3160 because it’s a quad-core chip with slightly better performance than the Z8350 and (importantly) with AES-NI hardware cryptography support and four ports because I need to provide for a couple of “guest” networks, firewalled off from the main, home network).

I found a reputable looking supplier on Alibaba who had a lot of good feedback and decent prices (they sell under the names of “Yanling”, “Minisys” and “iWill”).  The model I chose was their Nuc-C3L4.  In addition to the four (Intel) GbE ports, it also comes with dual-HDMI, 2x USB-3.0 and an RS232 console port.  The cost for the bare-bones unit is was $142.60, but that doesn’t include shipping (which was an additional $20 for my location).  This vendor does accept PayPal, but only from a limited range of countries (and mine wasn’t one of them).  Depending upon where and how you’re shopping, you can probably get 4GB of memory and a 64GB eMMC card for an additional $30, or so.  And yes, because I have used this supplier and had a good experience with them and their products, I do recommend them.  Communications with them (in English) were easy, fast and friendly.  NUC-C3L4 unboxedTheir shipping was also fast and their packing is excellent (the boxes are sturdy and the units are completely surrounded by a custom, expanded polystyrene foam cushion …which may not be very environmentally friendly, but certainly is effective).  The power supply, mains lead and included VESA mounting plate are separated from the system itself by a cardboard divider and all of the individual parts (including the system) are enclosed in their own plastic bags to keep moisture at bay.  Once out of the bag, the unit proved to be very black, very shiny and of all metal construction (unlike the Beelink AP35 which I wrote about a couple of weeks back).  Offset screw holes prevent misalignmentIt looks very nicely made and well put together and it’s obvious that someone put more than a couple of minutes of thought into this very compact design (for instance, the bottom of the unit has ventilation slots and it is secured to the body with four, asymmetrically offset screws, so that it’s actually impossible to attach it in a way which would block those slots).

I ordered memory and an mSATA SSD module from Amazon here in Japan and actually got a pretty good deal.  If you do buy one of these units, it’s important that you only use the low-voltage (1.35v) variants of the DDR3 SODIMM, though; this system won’t work with higher voltage rated memory.

Here’s where I hit a very small speed-bump in the road to getting it all working.  It turns out that the motherboard slots are not identical.  You have a 50/50 chance of getting it right when installing the mSATA  …and I got it 100% wrong.

Nope, not this way!
Nope, not this way!

The right way round (R/H slot)
This way!!

As you can see, the mSATA module needs to be plugged into  the right-hand socket to be correctly recognized by the system.

Take another look at that “This way!!” photograph again.  The first point of note is the RTC battery (the yellow blob in the bottom, left-hand corner).  This system comes with an RTC and battery, which means any Unix-based OS works right out of the box; just tell the OS what timezone you’re in and you’re done.  Notice also the row of RJ45 sockets at the L/H side.  If you click on the image to get the full-sized version (it will open in a new tab), you can easily read the MAC address assigned to each port.  It’s probably worthwhile making a note of those (they’re sequential) while you have the bottom off, to help with identification later.

You can also see there’s  a SATA port available on the motherboard, but with this particular model there’s no space available to fit an internal drive.

Here’s a partial dmesg output from the machine once FreeBSD was loaded, showing the CPU features for the J3160:-

Copyright (c) 1992-2018 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 12.0-RELEASE-p4 b0ff15badd(RELENG_2_5) GENERIC amd64
FreeBSD clang version 6.0.1 (tags/RELEASE_601/final) (based on LLVM 6.0.1)
VT(vga): resolution 640×480
CPU: Intel(R) Celeron(R) CPU J3160 @ 1.60GHz (1600.05-MHz K8-class CPU)
Origin=”GenuineIntel” Id=0x406c4 Family=0x6 Model=0x4c Stepping=4
AMD Features=0x28100800<SYSCALL,NX,RDTSCP,LM>
AMD Features2=0x101<LAHF,Prefetch>
Structured Extended Features=0x2282<TSCADJ,SMEP,ERMS,NFPUSG>
Structured Extended Features3=0xc000000<IBPB,STIBP>
TSC: P-state invariant, performance statistics
real memory = 4294967296 (4096 MB)
avail memory = 4002127872 (3816 MB)
Event timer “LAPIC” quality 600
WARNING: L1 data cache covers fewer APIC IDs than a core (0 < 1)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
FreeBSD/SMP: 1 package(s) x 4 core(s)

Close to the end of the “Features2” line, you’ll see “AESNI” included.  These are Intel’s “Advanced Encryption Standard – New Instructions” which enable faster, hardware-assisted  encryption and decryption.  Although this technology is now available on some other processors (including ARM), older Intel processors don’t have it (for instance, the predecessor to this mini-pc system had a Celeron J1900 processor, which doesn’t have AES-NI), so a J3160 is worth the extra few dollars if you’re planning on a VPN server, for instance.

Last words

I actually got two of these systems, one for my own use (to replace an ancient firewall box) and one for a remote site.  They’ve now been running for almost exactly a year (since I began this article in early August, 2019) and have been totally reliable during that time.  I did think that the heat-sink was running a little bit on the hot side when I first installed them, but the “touch test” is deceptive and even during the mid-summer heat, the processors barely register 50°C.

The systems handle the traffic we pull through them without any problem and can handle multiple firewalled VLANs, encrypted VPN traffic and multiple physical networks with ease (as well as handling the normal associated processes — NAT, DHCP, DNS, NTP, etc).  I’d like to emphasize what good value these little systems are.  Not only is the initial purchase price very low, but the lack of fans and the 6W (avg TDP) processor mean the power requirements (and hence the monthly electricity bill) are low, too.  I was also very impressed with the quality of the (all metal) case, the general design and workmanship, as well as the packing and delivery from the vendor.  They may not be as cheap as a Raspberry Pi, but the quality of the case, included PSU, cables and accessories, as well as the RTC (and battery) and four GbE ports more than make up for that.  You won’t be running a 20TB database with 200 concurrent users on one of these machines, but for moderately light 24/7 operations for a good sized household or small business, I don’t thing you can go far wrong.


ZFS snippet — “import”

Nowadays I can easily forget what I’ve already done.  When it comes to ZFS, that includes forgetting what pools I’d already created on a particular device.  That’s the point of this “memo to self” …zpool import is your friend.

When you want to import the pools after juggling disks between machines, but can’t remember what the heck you named the pools in the first place, just do:-

zpool import

…to display a list of all available pools which are not currently attached (or a message to the effect that there are none available).  The important point here is that it won’t actually try to actually import any pools with this simple command; it only lists them.

If you have a pool which is shown as available for import (ie:- it exists, but is not currently attached  —  which might be the case if you’ve just physically moved a disk from some other machine to this system), you can temporarily have it imported and attached to a temporary mount point using the “-R /tmp/NAME” option.  This can be really handy for recovering data from a “retired” drive.  For instance, an old disk has a “data_tank” pool, which had the mountpoint “/store” on the old machine.  You want to recover some data from that drive, but your current system already has “d_pool” mounted at “/store”, so you can’t simply do “zpool import data_tank”, because the mountpoint is already in use.  Your import command should instead be:-

zpool import -R /tmp/old_store data_tank

…and all of your old data will be mounted to /tmp/old_store where you can access it normally.  But wait, there’s more!

If you already have an existing pool named “data_tank” on your current system, you can have “import” rename the old pool to something different (to prevent embarrassing mistakes) by simply appending a new name to the previous command:-

zpool import -R /tmp/old_store data_tank old_data_tank

Now when you do a “zpool status” or “zpool list” the pool mounted from the old disk will show up as “old_data_tank”.

When things go awry

What about if you’ve already suffered some late-night brain fade and just destroyed the live pool on your current system  by mistake?  Well, as long as you realize your mistake fairly promptly and haven’t already scribbled all over the disk, import can help you with that, too.  The “-D” option will show you any pools which have been destroyed, but for which ZFS can still find valid metadata.  So:-

zpool import -D

…will display all pools, including previously destroyed ones, which still appear to be available for importing.

zpool import -D -f -R /tmp/old_store data_tank old_data_tank

…will import the original “data_tank” pool (note the -D -f options to force import of a previously destroyed pool) with the new pool name of “old_data_tank” and mount it at /tmp/old_store.

More pool recovery tricks

There are additional options to “import” which can further aid recovery of incomplete pools (see the zpool manual page entries for import and check the “-F”, “-m” and “-n” options for more information on how import can provide extra help for getting out of sticky situations).

Doing things nicely

While the import command will do it’s very best to save you from yourself, you can help things along considerably by doing the right thing and using the “export” command on any pool which you intend to re-import elsewhere at a later date.  Note that this command will make the target pool unavailable on the system where you run it (that’s the whole point …to effectively shut down the pool cleanly and prevent any further modifications by marking it as still being reserved space), but the subsequent import shouldn’t have any difficulty at all when re-importing a previously exported pool.

The J3355 is DUAL-core

Regular readers will probably know by now that I’m enamoured of the tiny, all-in-one, Intel-based systems generally referred to as “Mini-PCs”.  They are more expensive than a Raspberry Pi, but they come with a case, a PSU, an on-board RTC, generally a decent amount of memory and sometimes built-in eMMC storage, too.  Prices have increased over the past few months (the C-19 effect, again), but the bottom-end models (generally the quad-core Atom Z8350 equipped systems) are still available for around the $100 range (GearBest, FastTech, CDiscount, etc).

I already have a few of these mini systems and one which underwhelmed me on first impressions was the AP35 Beelink J3355-based box, mainly because it was advertised as “fanless”, but does have a CPU blower and because the eMMC just would not work reliably.  I gave up on the eMMC and put in a small, internal SSD and since then it has been giving sterling service as a mini NAS (ZFS filesystems with TimeMachine as a backup server for various Macs) as well as running a couple of Bhyve virtual machines (doing very light duty).  Once I stopped trying to use the eMMC and put it in the basement “computer room”, my opinion of it increased considerably.  It’s a little work horse and, although not a speed monster, performs well enough for my requirements and has been absolutely reliable over the past year (again, since I gave up on the eMMC).

I mention that system specifically simply because I’ve been keeping an eye on prices, with the idea of adding another machine to the collection, if the price is right and the target machine has more than two USB-3 ports.  I’ve noticed that there are a few other J3355-based models appearing, with a form-factor pretty much the same as the Z8350 systems and priced in the same general area (ie:- the bottom end of the price range).  One thing which I’ve noticed recently though, is that almost all of the advertisments for these systems specify the J3355 as a “quad-core” CPU chip.  It isn’t.  Here’s an excerpt from the dmesg output of the AP35:-

FreeBSD 12.1-RELEASE-p6 GENERIC amd64
FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1)
VT(efifb): resolution 800×600
Skipping TSC calibration since no legacy devices reported by FADT and CPUID works
CPU: Intel(R) Celeron(R) CPU J3355 @ 2.00GHz (1996.80-MHz K8-class CPU)
Origin=”GenuineIntel” Id=0x506c9 Family=0x6 Model=0x5c Stepping=9
AMD Features=0x2c100800
AMD Features2=0x101
Structured Extended Features=0x2294e283
Structured Extended Features3=0x2c000000
TSC: P-state invariant, performance statistics
real memory = 4294967296 (4096 MB)
avail memory = 3894444032 (3714 MB)
Event timer “LAPIC” quality 600
WARNING: L1 data cache covers fewer APIC IDs than a core (0 < 1)
FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs
FreeBSD/SMP: 1 package(s) x 2 core(s)

…and, just in case you think FreeBSD might be mis-reporting, you can go to the Intel information page for the CPU and check.

Having said all of that, here’s a link to a system on FastTech’s site to an MII-V with 4GB/64GB, GbE and four USB-3 ports which, at $112.45 (with free shipping), seems to be the best, generally available deal on this class of machine at the moment …just remember, it is DUAL-core (no matter what they say).

[ …and, Beelink please take note, so is the N3350. ]

Support for ESP32 and Ethernet in TASMOTA

Development on TASMOTA continues apace (with the ongoing C-19 movement restrictions, possibly even more rapidly than usual) and lots of new and interesting stuff has been popping up in the code recently (for instance, if you want to connect an anemometer, to add wind-speed to your weather-station, Matteo Albinola has you covered). However, one of the most exciting recent additions has been the arrival of baked-in support for the ESP32, based on Jörg Schüler-Maroldt’s work. This first appeared in version, back at the beginning of May, after Jörg created the libesp32 compatibility library and an initial pull request back in April. Since that time there have been a lot of “#ifdef ESP32” lines added to the code.

Now (version, as of June 17th 2020) we not only have the ESP32 compatibility and compile additions but also the addition of ESP32 hardware Ethernet support with the recently added xdrv_82_ethernet.ino driver file. The new, tasty goodness doesn’t end there, though. Olimex ESP32-POE  If you take a quick look at the headers of that driver file, you’ll find the pinout defines and TASMOTA template for the Olimex ESP32-POE, so not only do we get the ESP32 and ethernet, we also get PoE thrown in (the Olimex board currently sells from their site for €17.95, but is also available from the likes of Mouser and even Amazon in some areas).

If you bought one of the exceedingly cheap ESP32-CAM boards (AIThinker/Geekcreit), you now have the option of TASMOTA enabling  it, too.  Look for a second new driver file, xdrv_81_webcam.ino, to see the pinout details and TASMOTA template for that device.

Okay, so new, sexy additions to the code, but how do we compile TASMOTA for the ESP32. Well, if you’re using PlatformIO (and you should be!), it couldn’t be much simpler. Copy the Sonoff-Tasmota code into a clean directory (or git clone the repository) and then:-

  • In that directory, copy the platformio_override_sample.ini file to platform_override.ini.
  • Edit your new platform_override.ini file and uncomment line number 29 so that “; tasmota32” becomes just “ tasmota32“.
  • Type “pio run“.

Sit back and watch for a couple of minutes while the compile runs. It will compile two different versions. The vanilla “tasmota” (ESP8266 version) will be created in .pioenvs/tasmota/firmware.bin. The tasmota32 (ESP32 version) will be created in .pioenvs/tasmota32/firmware.bin.

[ For anyone who hasn’t compiled TASMOTA before, the customizations for your local network settings and for the target device itself are made in the ./tasmota directory. The simplest method for a first time compile is to use the user_config_override.h file to update only the bare essentials. Once you’ve made sure that you can compile successfully, you can modify the (very much more complex) ./tasmota/my_user_config.h file for full customization. ]

(Blowfish) Virus Protection

Hopefully this will lift your spirits a little bit (if you’re a techie, anyway).  Here’s a quick snap of the tabletop, taken this morning while my better half was taking a break.

A section of the OpenBSD "Blowfish" T-shirt being cut up for use as a facemask

Just in case you don’t know what you’re looking at, it’s her workspace, which is currently dedicated to producing DIY face-masks and the donor material is an iconic, OpenBSD “Blowfish” T-shirt.  This shirt had a picture of Puffy on the front, along with the text:- “So long and thanks for all the passwords”.  The back was what contributed to it becoming mildly infamous at the time, as it was printed with the Blowfish algorithm and was (allegedly) illegal to export from the U.S. (although I don’t remember ever hearing of anyone being arrested for walking through customs wearing one).

So, what used to protect your ssh tunnel‡ is now helping to protect (in a small way, I know) against the SARS-CoV-2 virus and, just in case it’s still on the banned list (and we ever get to travel again), the offending algorithm will be folded into the inside of the mask, keeping our secret safe.



‡  —  If you’re still using Blowfish, you should know that Bruce Schneier, the designer, now recommends upgrading to “Twofish”.

Amazon Smart Bulb

Csndice RGBWW Smart Bulb (box, front view)

We have a little log house (which we built ourselves and used to live in) which we let out as a holiday cottage.  It’s something that is (generally) fun to do and also pays a few of the bills, but one of the big mistakes we made when we put it together our large, wooden Lego kit was to put too many light switches in a single location (if you live in a house long enough, you’ll eventually remember what most of them do, but for short-term visitors it’s just plain confusing, even with little stick-on labels).  So one of the things we find happens quite often is that one (or two …or five) of the outside lights are left on all night (and might be left on all day too, if our guests head out in a hurry in the morning).  Long ago we changed out all of the bulbs for the little CFL corkscrew types to reduce the overall power usage and we thought we might get around to replacing them all with LEDs, if the prices ever come down.

To compound the mistake with the switches, we also bought almost all of the external lights with E17 size fittings (about half the size of a normal household bulb), not because we really wanted them, but because that was the only size the maker supplied the fittings in.  This latter issue came back to bite us when I decided I could fix the lights-left-on problem by replacing the CFLs not just with LED bulbs, but with “Smart” LED bulbs (Wow-weee!).

Nope!  No smart bulbs in E17 form-factor (at the time).  So I did what any other self-respecting ESP hacker would do and, when one of the CFLs died a noisy, sparky death one day; I chopped off its head, ripped out the charred remains of the inverter and replaced it with and ESP01S, a TRIAC and one of the brightest (and cheapest) E17 LED bulbs I could find.  I stuck my little FrankenShine monster (I admit, it wasn’t particularly pretty) into the fitting right outside our kitchen door, so that we could play with it and monitor it without inconveniencing any of our guests during the initial testing and burn-in period.

(FrankenESP) Photo of DIY E17 ESP01S light assembly

The FrankenShine in all of its glory …The ESP01S and other DC components are at the extreme R/H end of the board, with the opto-isolator to the left of the programming header.  The TRIAC is closest to the camera (slightly left of centre) with the PSU sitting over at the back.  You can just see the PROG/RUN mode jumper partially hidden by the big, black electrolytic.

I set up a TASMOTA rule to switch it on at dusk and off again a few hours later and coached my better half in how to communicate her wishes to the nice lady stuck inside that tiny, pinky-orangey UFO thingy that landed on the kitchen counter a couple of years ago (…and always say “Thank you”, because we want our grandchildren to grow up to be polite).  So, (her) “Hey Gewjull!  Turn on the kitchen door”.  (GH, pertly) “I’m sorry, I don’t know how to turn on the kitchen door”.  “Hey Gewjull, turn on the effin’ kitchen door!!”.  (GH, sullen) “Okay, turning on the effin’ kitchen door”.  “Thank you!”.  (GH, stilted and mechanically) “That makes me so ‘effin happy”.  Ah, another successful foray into the world of home subjugation.

For a while, everything went along swimmingly.  In fact we got so used to coming home at night and being able to see the keyhole that the transfer of FrankenShine to the cottage was delayed, several times.  Then one evening we came back to a dim, flickering welcome …uh-oh!  A power-cycle cured it, but only for about five minutes and then it was back to flickering again.  A PSU problem?  More likely a TRIAC issue.  Gottverdeckel!  I pulled Franky out and put the LED bulb back in the fitting (yup, works okay).  Unfortunately, as usual with these intermittent problems, Franky worked fine on the test bench, with not a flicker to be seen.  I went back outside and gave the light fitting a couple of dunts with the flat of my hand to test for loose connection, but no flickering or dimming was evident.  And so everything remained as it was for (quite) a while  …until I decided to replace the CFL in the worst offending cottage light fitting with an LED bulb, anyway (Franky or no Franky).  The light itself was identical to the test fitting next to our kitchen door, but was some four years older.  I opened it up and, lo and behold, it was an E26 holder assembly.  “Oh crikey!” said I (or maybe something similar), all of this mucking around and I could have just gone out and bought an E26 “smart” bulb and flashed it with TASMOTA.  At about the same time, the E17 bulb in the kitchen door fitting couldn’t contain its hilarity any longer and started flickering and dimming intermittently again (no Franky involved). “Oh double crikey!” (or words to that effect).

Anyway, suitable chastened with my unsuccessful techie adventure and unreliable memory, I went off to Amazon (Japan) and searched for an E26 bulb with a high output (lumens) and cool-white hue, suitable for an outside fitting.  Box (side-panel, specifications)What I finally decided on was a “Csndice” branded,  RGBWW bulb that had a 900lm stated output and an adjustable colour temperature between 2700 and 6500K.  In addition, it was tagged as being compatible with Google Home and Alexa, with “no hub required” (which is usually a pretty good indication that there’s an ESP variant in there and that it can be flashed with TASMOTA).  It wasn’t particularly cheap, but I can confirm that it is easily converted to TASMOTA (with the excellent Tuya-Convert) and seems to work reliably (my better-half has started to complain about the “Geriatric disco mode” of the colour sequencer test).

This particular bulb works with the Qualitel ALS08 setting from the TASMOTA templates repository.

Photo of CSNDICE smart bulbThe light (in WW mode) is very bright and easily equals that of the CFL.  It has the added bonus of being easily adjustable (from sliders on the TASMOTA main-menu page) if you prefer a particular hue of white output (from “cool” blue through to “warm” yellow).  If the fancy takes you, you can also fiddle with the RGB settings to have a particular colour and shade, instead of that boring old white.

To help you (well, okay, to help me) test out the functionality and reliability, I’ve put up a simple, command-line exerciser on GitHub.  You’ll need to change the variables (at the top of the file) to use your TASMOTA MQTT topic name (variable: BULB_ID) and your MQTT broker (server) IP-address or name (variable: MQTT_SERV).  After that, you can just run the program from the command line with no options or arguments (to turn the bulb on in white, neutral hue mode), or use one of the following options:-

  • -c — “C”ool white. Switches on the WW LEDs in the bulb with a blue hue.
  • -w — “W”arm white. Switches on the WW LEDs with a yellow hue.
  • -n — “N”eutral white. Switches on the WW LEDs with the hue set mid-way between cool and warm.
  • -o or -0 — Switches all LEDs (RGB and WW) off (that’s a zero, by the way).
  • -s — “S”equence. Turns on various colour mixes of RGB for 2 seconds before fading to the next colour (Control-C to quit).
  • -d — “D”ebug. Fairly quiet debug output.
  • -D — “D”EBUG. Very verbose debug output.
  • -h — “H”elp. Basically this command listing.

Now you too can have fun at the geriatric disco.

Mini-PC Bargain of the Day – €28.26

An Intel-based mini-pc (not even an Atom, but a fairly decent quad-core Celeron) with a case and power supply for less than the price of a Raspberry Pi.  Can it be real?

[Update 11th March]  —  Looks as though these (assuming there ever was more than one) have sold out.  😦    Scroll down for some other, not quite as cheap, but still available mini-pc bargains.                                 —      …and the answer is, probably not!   Check the delivery cost very carefully before clicking the order button.  As far as I can tell, this seller is hoping to charge you €999.00 for express delivery of the first item and €80.00 for each additional item.  It’s not clear to me whether that is the default, or whether you can have it shipped “normal delivery” for €4.99; perhaps someone more familiar with on-line shopping in French can comment on that? Reader “raspi” has confirmed that delivery in France is €4.99 (see the comments section, below), so it does look as though this is a bargain after all (but you should still check delivery costs and final price before confirming your order).

It looks like the Europeans get the best deal of the day (again), with currently advertising a J3455 (quad core Celeron) with 4GB of main memory and 64GB of eMMC for a measly €28.26 (it might be a misprint, but they do say quite plainly “€190 Savings”).

Unfortunately, as I’ve mentioned before, Cdiscount only sell/deliver to a small number of western European countries, so the rest of us are out of luck, but if you’re in France, Spain, Germany or Belgium …get them while you can (and let us know in the comments if you manage to snag one of these at the advertised price).  [IMPORTANT – If you didn’t read the update at the top of the page, go back and read it now — verify the shipping cost before you buy!!]


At a somewhat more realistic price, is currently advertising a J3455-based, Coofun branded, mini-pc with a very respectable 6GB of memory and a 128GB M.2 SSD for $170.  What appear to be identical units but with a different name are currently selling for $189.99.  Amazon U.S. will also ship these units to selected countries outside of the U.S. for a very reasonable price (but you might end up having to pay a stiffer bill for postage back to the U.S. if you need to return it for any reason).

Silence is golden — Although the adverts are usually vaguely worded, you can safely assume that most of these thin, Celeron-based systems have a laptop-style fan hidden away somewhere inside (generally the earlier generation, Atom-based mini-pcs didn’t).  The Coofun advertisment above very straightforwardly displays a photo of the heatsink and fan unit, so there’s no guesswork involved.


Currently (11th March 2020), most Amazon regions (including the U.S.) are advertising an N3150 or J3160 (virtually identical) based fanless model with 4 x USB3, 2 x USB2, 2 x HDMI and 2 x GbE.  Note that this is the barebones price (no memory, no SSD/HDD).  The price seems to be pretty much the same for Amazon US, Japan and UK at roughly $135 with free shipping:-

It seems that you’ll be shipped whichever CPU is at hand when your order is received (in other words, you can’t choose).  It’s still very attractive, though; this is a Celeron machine at the current Atom-Z8350 price.  From personal experience with similar machines, you can expect this beastie to run fairly hot; not hot enough to burn you, but hot enough to be uncomfortable to the touch.


As usual, these are not “monetized” links and I have no relationship at all with (because they won’t sell or deliver to me).  I am an occasional customer of, but I haven’t ever bought a “Coofun” branded computer (from them, or anyone else), so please do treat this as a simple pointer and not a recommendation. [ END OF THE SMALL PRINT ]