Tor statistics in syslog

Tor started emitting some daily statistics via syslog some time ago. This is a nice thing because other than looking at the network traffic statistics I really had no clue to how much work it was doing.

Jul 16 00:14:36 tor-exit-node02 Tor[16355]: Heartbeat: Tor's uptime is 1 day 17:59 hours, with 94 circuits open. I've sent 163.60 GB and received 161.32 GB.
Jul 16 00:14:36 tor-exit-node02 Tor[16355]: Circuit handshake stats since last time: 377/377 TAP, 3076/3076 NTor.
Jul 16 00:14:36 tor-exit-node02 Tor[16355]: Since startup, we have initiated 0 v1 connections, 0 v2 connections, 0 v3 connections, and 153 v4 connections; and received 50 v1 connections, 306 v2 connections, 2978 v3 connections, and 100066 v4 connections.

Oh and number of abuse reports on this node this far : one. en uitgezet

Na een tijd van beproeven en proberen heb ik zowel mijn Friendica instance als mijn Mastodon instance uitgezet.

Friendica heeft echt te weinig gebruikers om er verder iets mee te kunnen. De techniek is verder wel OK.

Mastondon heeft hetzelfde probleem als rap muziek. Teveel berichten op mastodon gaan over mastodon. Ook wel even gezien voor nu.

Wie weet komt er in de toekomst een tweede ronde. Het was interessant om het hele gedecentraliseerde te zien werken. Ook hier : de techniek is er wel, het aantal gebruikers en de gebruikersvriendelijkheid kunnen nog een stuk beter.

Een wat persoonlijker constatering is dat ik echt echt echt geen tijd vrij kan maken voor ‘hobby’ projecten als deze, in ieder geval niet meer dan een uur per keer. En dat is echt weinig als je wilt ontwikkelen of zelfs maar wilt grasduinen in code.

Deployed a mastodon instance today

As of today I run a mastodon instance, targeting Dutch speakers, although everyone could sign up if they want to.

The instance can be found at (olifantje is small elephant in Dutch).

Feel free to sign up or to sign up at another mastodon instance and follow me at

The Friendica instance at will remain too, love the RSS integration in that one.

Voor de Nederlandse en Vlaamse lezers : voel je vooral welkom om aan te melden voor een account op Het zou leuk zijn om een voornamelijke Nederlandstalige node te krijgen in het netwerk 🙂

Running encrypted backups with duplicity

This is just a short note on my experiences running backups with Duplicity.

Duplicity is an open source package that allows you to do incremental backups, complete with proper indexing, to remote storage. This can be a modern ‘cloud’ storage like S3, but I prefer to run it over a simple SSH link.

Next to properly working incremental backups, it also provides data security by using GPG to encrypt the data. And it has a lot of stuff you would expect : configurable full dump cycles, purging of old  backups. There is a windows / C# implementation too (haven’t tried it though)

The only thing lacking may be deduplication, which is kinda hard given that all data is encrypted.

It took me some time to get all the parameters right, but after some initial fiddling, I wrapped it all in some puppet code that gets deployed to all new machines / nodes.

So every new machine is backup up automagicly using duplicity by only applying my basic puppet profile to the host.

I also did an extensive restore test during the implementation phase with went fine.

Highly recommended little know tool in some dark corner of the Internet : . Don’t let the HTML 1.0 web design turn you off, this tool is maintained and stable.

Choosing a distributed social platform is not simple

Fiddling around with open source / free alternatives for social networking has reconfirmed the one major problem with open source : there are so many forks to choose from.

To help someone choose a linux distro to run will end op in a short questionnaire about the needs of the person asking for the advice. And then it still remains a shot in the dark. Just get the live CD and see if you like it.

The same seems to hold true for open social networking. There are plenty of tools around, all with their own focus, maturity and limitations. And choosing which one is right for you requires actual test-driving of the tool. Which for a social networking platform is not as easy as a Linux distro.

Does federation work as I want it? Can I consume other content? Will it integrate with platform X or Y? You can only find out by actually running it. And than you can either risk your real account / network to integrate with or spend more time setting up a sandboxing environment. Both are not really attractive options when you just try to spin the wheel to get a feel.

During the last couple of weeks it became clear to me that there are options that I could use if I tried. But the solutions I’ve seen are nowhere near something that my wife or kids would like to use. Or any other people in my network so it seems 😉

After a small experiment yesterday night with Hubzilla, I just switched my Pod back to Friendica, as the stuff broken/missing in Hubzilla is more annoying to me than the stuff broken/missing in Friendica.

There is work to be done.

Released puppet module for ispprotect to the forge

This week I wrapped up version 0.3.0 of the ispprotect puppet module I created for the Erasmus University Rotterdam. The module manages the installation and scheduling of ISPProtect, a php malware scanner that also scans for outdated versions of popular PHP applications. The module can be found at More information in ISPProtect can be found at #puppet #php #security

Friendica forums and community pages · friendica/friendica Wiki · GitHub

Pagina’s / forums maken over een onderwerp op

Op veler verzoek (1) heb ik even uitgezocht hoe je een pagina/forum kunt maken. Volgens de documentatie op de wiki van friendica is het zoveel als een extra account maken en vervolgens je eigen account rechten delegeren, zodat je namens de pagina kan optreden. Zie ook de gekopieerde instructies :

To make forum management easier if you are creating a forum on the site you normally use (i.e. for your personal account), do this:

Log off.

Register a new account for the forum using the same email address. Wait for the confirmation email, then log on using the new identity.

Now issue a contact request to your other identity – your personal one. Then log off again.

Go to your personal identity and accept the contact request. Log off yet again – and log on once more with your forum identity. Visit (replacing with your own domain name). You should now be able to appoint yourself (as a person) to help moderate your forum.

Sounds complicated – but it’s really quite straightforward, and there’s a significant advantage to the approach: In future, you will only have to log on with the forum identity to change settings. You can perform all moderation tasks from your personal account (where you will discover a new Manage tab for the purpose).

Of course, from now on you must use nicknames rather than your email address to log on to your accounts – either the forum nick or your personal nick, depending on ‘who’ you need to be. If you try to log on using your email address, the system can’t know which account you want to use.Friendica forums and community pages · friendica/friendica Wiki · GitHub

friendica – Friendica Communications Platform

Puppet – Server Error: hiera configuration version 3 cannot be used in an environment

Screenshot of failing puppet-agent runToday I found my homelab puppet setup failing. I mostly run the latest released puppet code on my setup and this time it bit me in the ass :

Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: hiera configuration version 3 cannot be used in an environment on node
 Warning: Not using cache on failed catalog
 Error: Could not retrieve catalog; skipping run

When looking it at the issue, I found that my setup had automatically been upgraded to puppet code version 4.9. This version supports a newer hiera config file version without maintaining backward compatibility apparently.

Looking for documentation on the new format, it seems to be missingat this time. Searching the history on the puppet community slack seems to confirm this.

For now I downgraded the puppet-agent package on the puppetserver machine and pinned it to the previous release. After restarting the puppetserver service everything was fine for now.

More info on this issue and other new features of puppet 4.9 :