This post will go over how to include JWT (Json Web Token) authentication into an existing Lumen API. JWT is a standard for API authentication that is URL safe, and can pass manage small amounts of state too. You may have to edit more files depending on what state your API is already in but if you have an existing API you should be able to manage this. It is assumed that the existing api is just the result of creating a basic Lumen project with the composer tool.
Lumen is a micro-framework written in PHP by the designers of Laravel. I needed to learn how to use an API that is written PHP. The reason for this is that unlike Python or Java frameworks, PHP can be dropped on almost any web hosting site there is, whereas other languages require more specialised hosting. API Setup Setting up Lumen is a fairly well documented process but I will go over some of the parts that tripped me up initially.
My first NAS was a Synology DS218. It was amazing for me at the start, however, I quickly outgrew its functionality and went down the route of an unRaid server. Before doing this, I researched potential applications that could replace the services I used on the Synology. For example, JellyFin instead of VideoStation. One service I couldn’t find a good replacement for was Moments. This is a photo management app similar to Google Photos.
What is this template? This template creates a basic API that uses a username and password for initial login and then a JSON Web Token for subsequent access of the API. THe API includes routes for user management such as creating, deleting and modifying users. Download it here What is connexion? Connexion is a framework that automagically handles HTTP requests based on OpenAPI Specification (formerly known as Swagger Spec) of your API described in YAML format.
Having a search function is very useful when there are more thatn just a couple of posts on a website. I had my heart set on writing my site with Hugo but I really wanted to have a search function. As it turns out this isn’t the easiest thing to do. This post assumes you have the same directory structure and files as the ‘Hugo Build Pipeline’ post Search Page First off, a search page is required to actually perform a search function is required.
Hugo is a great static site generator and when you pair it with Git and a CI/CD pipeline you can create an automated deployment pipeline to update your live site whenever you add new content. The pipeline here uses Drone as the automated build platform and Gitea as the Git server. These can be changed for whichever platform is required although the syntax may change the general steps should be the same.
This is a long post with several long configuration file so TLDR; download the docker-compose file, the OpenLDAP base.ldif and the Athelia config.yml ! Please change all the usernames and passwords in the above files ! Authelia Protect your applications with Single Sign-On and 2 Factor. Authelia is an open-source full-featured authentication server available on Github . Traefik Traefik is an open-source Edge Router that makes publishing your services a fun and easy experience.
Wiring This wiring is NOT best practice, however, for th epurposes of testing it’ll work just fine. If you want a proper setup I suggest reading Adafruit’s NeoPixel UberGuide. The main issue here is that the LEDs are being powered directly from the board, on a 3v3 line, rather than an external power supply. Furthermore, there is 0 protection against power surges whihc could potentially fry the LEDs. WLED Setup WLED is a piece of software that will run on an ESP8266 enabled device with both a web GUI and an Android application to control it.
pfSense Basic Configuration I recently restructured my Proxmox server so that all traffic incoming and outgoing, goes through a pfSense router. The main goal of this is to provided consistent IP addresses to all the virtual machines and containers running on the host. The general setup of pfSense went smoothly, for the most part. If at any point you lose access to the dashboard becuase of the firewall rules, you can disable them temporarily by running pfctl -d
WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. www.wireguard.com Installing Wireguard Installing Wireguard is fairly simple.