I am finally doing something with the Logs from my Anycast Reverse Proxy based on HAProxy. This epic started a few days ago and has led to other disoveries but in this we will cover just the HAProxy and Fluent…bits.

What started out as an excercise in getting my HAProxy logs to be sent to Fluent-bit, turned into a rabbit hole (as usual) in which I discovered that Port Forwarding to hosts that were routed via BGP (Anycast HAProxy environment and Proxmox SDN environment), were using the source address of the upstream gateway. So basically my HAProxy logs were a bit useless as they didn’t actually show the source of the connectoion.

I live in a very sun-rich place. And we have solar panels on our roof that generate around 34 KWh’s during the summer daylight hours, less in winter. This largely covers our use during the day, notwithstanding a scenario where we have the Dishwasher, Washing Machine and Dryer all on at once (and the Homelab of course!) which happends from time to time. Ever since having the panels installed, I have been more energy conscious, partly because we now have visibility of our usage and partially because the more efficient we are with our use, the quicker the solar array pays itself off.

A friend of mine and I were recently looking into setting up the Unifi SDWAN between our Homelabs, his in Sydney, mine in Perth. We discovered that the Unifi Security Gateway line of Unifi Routers was not supported and a Unifi Cloud Gateway or Dream Machine was required. Being a little trigger happy, he immediately ordered 2 UXG Ultra’s! I had a mild panic as my Homelab is very tightly integrated into the Unifi Security Gateway and the config.gateway.json way of managing the non-supported config (BGP routing, Custom DNSMasq entries being the main ones). After a little digging around, I found that the UXG Ultra, if using the Unifi Early access firmware branch, could do everything that I needed and would probably make support easier and my network faster.

For a while now I have been relying solely on the Unifi built in DNSMasq resolver for my internal DNS. It’s great and I like that it runs independantly of my Proxmox lab cluster setup to ensure that maintenance on that cluster doesn’t interrupt Prod YouTube for the household. Recently, however, I have come across a couple of use cases that I can’t accomodate with DNSMasq on Unifi; Proxmox SDN integrated DNS and ACME.sh Challenge handling which both require an HTTP API.