Let’s Encrypt for my internal domain

It is time to renew my wildcard SSL certificate for an internal domain I have, and here are the steps I went through to solve it. When I say internal domain I’m referring to a DNS domain that exists on the public Internet, but which wholly and only points to the IP address of my home broadband router. That router has pass-through enabled, so that essentially, my pfSense box is my presence on the Internet for everything inside my home.

I turned off HAProxy so that pfSense wouldn’t be sending the challenge traffic to the only internal server I put out there. The internal server, Nextcloud, doesn’t play nice with others; in order to keep things consistent, they want it to be an appliance where the only stuff running on the box is their code. Okay, I get that. This wouldn’t be so annoying if it wasn’t bug-riddled junk that is in a huge rush to implement new features. Can you say “AI”? But I digress.

I created a new Linode API key in case the problem was that the old API key didn’t have access. Well, the first new key had the wrong selector, and resulted in “Your OAuth token is not authorized to use this endpoint”.

The problem is that the pfSense script is trying to generate a challenge key and insert it into a web server that doesn’t exist. The pfSense web admin portal is that web server. When I turned off HAProxy, that should have opened it up. It did, but I couldn’t tell because the Linode API key was wrong.

Okay, maybe I need to log in to the pfSense box and manually use a generated challenge key? How to log in to the pfSense box? When was the last time I did that?

Here’s a convenient command:

 history | awk '{$1="";print substr($0,2)}' | grep "ssh " | grep -v history | sort | uniq

We run the output of the history command through awk to remove line numbers, then search for "ssh " (the trailing space omits ssh-copy-id and such), run that through sort, and run that through uniq. Et voilà, and I have a list of all twelve boxes I’ve logged in to since history.

Sigh: pfSense isn’t one of them.

But this was a good exercise: I did get logged into pfSense, and did find the “Your OAuth token is not authorized to use this endpoint” problem.

I deleted the previous Linode v4 API certificate specifications, and it worked.

Time to turn HAProxy back on.

Okay, the short form is:

  1. Generated a new Linode API access token with Domain read/write access
    • This probably won’t be required if the access token hasn’t expired.
  2. pfSense > Services > HAProxy > Settings > disable and apply
  3. pfSense > Services > Acme > Certificates > pick certificate and Edit > delete the Domain SAN list entry > Add a new Domain SAN list entry with the new Linode API access token > Save
  4. pfSense > Services > Acme > Certificates > pick certificate and hit Renew
  5. Do the other certificate in the list
  6. pfSense > Services > HAProxy > Settings > Enable and apply

I cancelled HBO Max

I need to give credit to HBO for making the cancellation process painless. Thank you. What happened is that I went through all the material that I wanted to watch. With nothing in there that I wanted to watch, it didn’t make sense to renew for another year.

If there does appear some show that I really want to watch, I’ll happily sign up again, because the HBO people (web site) is easy to work with.

New Factorio game

I’m going to try Craigthulu’s Malls by Craigthulu.

I’m also going to try Updated 100×100 City Blocks – Snapped to Grid by Hal.

Although I really like the snap-to-grid and the 100×100 layout, I wanted an in-between of the filled-with-concrete and the bare-wires-and-roboports design. So here is the City Block Refined, with refined concrete only, and no inner plain brick:

0eNqtnd2OZLexZl/F6OvSAcn4I3058wADzO3gYCDZdezGtFtCq30wngO9+1TJ3ZJRmSnltyJvbHQpydg/kYvczBWb//Xuuw9/f/7h0/uPn9/98b/e/fjx2x+++fz9N3/59P7Pr//+v+/+OMd4evePn///p6d333734/cf/v75+ZvXT/7w/uNf3v3x86e/Pz+9++H7H99/fv/9x28+PX/49vP7/3x+0803+XMv66WP93/6/uOP7/74v17Cvf/Lx28/vH7i8z9+eH73x3fvPz//7d3Tu4/f/u31X9+9/8s3zx+e//T50/s/ffPD9x+e3722/vjn59fD+unpd9t/+v6773/4/tPnf2m2fvr3p3fPHz+/HOvzP4/h53/8439//Pvfvnv+9NLvL61//Nu3Hz588+Hbv/3w7tfT+3o2/m/x8/l8k/8WP70eyptu1l3d/F4vdlcvJ36nG7+rmzl+73DivmuTX7vx693kb9zgy96+9BUv9/Albz6+fPj9z+nzX+/m6/98ev7zv97G13yrf4n5+u81Xm/6Xz49P3+856Mvh/zu4/P7v/z1u+///uk1R+ppjX+/ch6lnId+Gvnm2OZ4e7Dz5nnd1fbiRPNpjqc1r53rvuvW/96dP3f1YvY73bwcpXDlrZ9B0+7OoNePXsmgaU/Lr13YeR9w7Pcu7byPOPm719aUa5v6tb1IxZk3L+7Vz15c3Zd0mPm06urlvY99+buX9z72nd+9vBL8Dri89vaSvc1Qu43D+xpf3gB7mvVkVyE5JUrOAc74LezsNhevfvbyfPLJrlJw7jtH0t9Np6MNpTe6WQMMpY0haM03f/C8ewi62vbKELTmk+e1i7+mPt72Zg1v/uBvT6CUecUdnV2debyMG09+lW1rSYPyrRwybVC+1Y2DMVm4PRfps25f/aufvTZsvKTUqie/Cq4V2sB867qkNi7f6qbAsKxcXr9/lLj62WuDwktO2HjyqyhdWxuYb12Xo43LN7qxAYZl5fLW5UTmYiB6A4R9+waw3i5u0UtS/TzUPfm+dotskqFbuCo2fm+64efmRbiv8cU5v9zplymJn6snvMTh/VY2mbaIcOvp36VFhFu9/MqxT9/++dtPV9J5femhbvSQ2jLErQMpcRniVj/7coHnopf1zy7W9R7OHT3Ub/XgEi9eWffa1b74At4a2l366tW61X/d+Gr70jL0dfS/eh1MStGb3biWYTf7CTHFbnZE1qhMGRDe0it+A/fXPnsJ85eRtp7i+u0GS1XWmZzFuX9yFtcw/foU8HJC+RRXSe0bjNfWGZpy3D8S5bg+8Lx8q/085dXpph8y2Eqn9PbC5+3n5KufvTyl15nDU16d38UQCXNrzXlqhLnVzRIJc6sfUwlzqyMX5wg3SBWhTRJudaOO8bf6kQf5Wx1tQOAUvg7+ds5ccfPrcPWzF1+Hn2n1VHH163B0Aktn83byW7dXZq5+9vJsXgeTp8ynuroak+SJSTqj/eYo92/cn2ufvTyjV1Y9ZT3tq7co0eOOdErn7WH+xk269tnLU3odTp729TskzvHyBqlSm+Pd7Eac493sR53j3ewowRy+1ttb8PqVvzpHyQJz+Mv+X+/vutq/8BxU16+A8Bx0vYcSR/lzg/aljfI3uxFH+Zv9qKP8zY5cW+d/PbKr/QQYDY+AptiXY8Ib/tye0t/X+AJeL8NL5dO++uWp1MdL6XzP5Yj+5g9vP3FuPwHA3n66xpJ4wcnTuS4clLTgfzOZtrbif7OfA5b8lZt0mUbr9i8u1z57+fNS/pxy6+nYVcthaGv+t67Mntqi/81+Flj1l67wuX+SdfWzl1e4XvN3x9O5OinZpi3737wyrq373+wnwDRWucI5LvPyYmL3Bg23SQt7++nqpOJl3vh0rtJ3J5kKK5dlx+UCw1tl6TZv72x9cdovd/tllv/y366edImr/zdzamuD/s/TiKsdHTDqv9wN4fsf9w9yVz97+ZN13Bi8ztBHdO1crkw63hywCcPHtcaXZ/s6f7kxmJwpjdY3s+Asbbi+3ZGB8Vq6Bectns7tB9yrn728wK9zoRtjyXFttL59YUIbrm93lGC81q6w3T9YXP3sJRNfJ0M3xoFT2mh9+8Jsbbi+3dEB47V2hfNymnP/yHRn64u78JI5L4PTjZHpZwVfH4+10xbWps5da1Mvt+r6wtQcUxxpb6bDHOIi1899Xu9JW+b6jY7Eha7f6Eld6vrS1ct9+/z+w5f6hhs+ff3069rP83+8//j852/++u3/+/bTn795SZg/fXr+/PzNh+f/eC2duOwi+13YRRdq0w2a+kXUHz9///H5mx++/fzX32qw724wb16ar0f3W8222GyxaAtFY6fGzmygWAPFMjEpTMyJhVN94Uzvf8m93cPpH8R5wFEUvvxfm4Lrf1JMqq8N7s6q14kQ+Ip8bSZ+R85m0TYjzYCsGRPGGzDegPFU5vzSYt/fgnPnl7abtO1/7X+eQnVnGPVrIUmzi2x0Ef2jiP5RZP8osn8UdnEUatPkc75Q53ypzvmCzfmSTd6CNUs0ewvUKtHsLVCrRHO+EOd8Kc75As/5Es/5Gl/yPmm8fQzePoY+7PqsM2sfhFn/KPopYf2csH5SWD8rrJ8W1s+L7OdF9vMi+3mR/bzIfl7kA2jxAFz08+L08+L08+L08+L08+L08+L08+IUHsJP4TH8pDgxOSnOTL4uAARbN0i2ABCsWcLn/4DtEj7/B2yXcN0g5HWDlNcNorFukI11g+isG/Tp88vaQzygj9Zx5AOO4wFP7V9gZuDR+0tTv/tJevNYW40VPFaosZLHSjWWXcS6a33ALuKoKyzGm7q61mJsrcXZoomxZo5WTQy1crRqYqiVo7UWkB4mZge7XQtnPkeIShD+FVO/YRz3Ku05FFUmHhzpiJH4AKaOX3PiUHOqsQaPNdRYHBdT5cVcPNZSY3FYTJUWk+NiqryYHBhTJcbkyJgqMyaHxlSpMTk2psqNxbmxVG4szo2lcmNxbix5nsG5sVRuLM6NpXJjcW4slRuLc2Op3FicG0vlxuLcWCo3FufGUrlhnBumcsM4N0zlhjUeT1RuGOeGqdwwzg1TuWGcG6Zywzg3TOWGcW6Yyg3j3DCVG8a5YSo3nHPDVW4454ar3HDODVe54ZwbrnLDOTdcXtVoLGuo3HDODVe54ZwbrnLDOTdc5YZzbrjKjeDcCJUbwbkRKjeCcyNUbgTnRqjciMZiqMqN4NwIlRvBuREqN4JzI1RuBOdGqNwIzo1QuZGcG6lyIzk3UuVGcm6kyo3k3EiVG8m5kSo3knMjVW4k50bKv6Q0fkpRuZGcG6lyIzk3UuVGcW6Uyo3i3CiVG8W5USo3inOjVG4U50ap3CjOjZJ/f238AKtyozg3SuVGcW6Uyo3i3CiVG5tzY6vc2JwbW+XG5tzYKjc258ZWubE5N7bKjc25sVVubM6NrXJjc25slRubc2PL9kZD31C5cTg3jsqNw7lxVG4czo2jcuNwbhyVG4dz46jcOJwbR+XGKSTNncLW3OH0OLL5ddjZHWQ6ns2ibeaLDmiMjgnjDRhvwHgNFWzILthY8Oy4P/pLvYI12gpn2NDChuyFjYYYNmQzbDTUsCE79l8Ob4pe+JdmS2y2WbTNogWLFixasmjJohmLZiyas2jOok0WbbJoi0VbKBo7NXZmA8UaKBZLR5aN7Iax+8UQwgjCvmTsO8awz6jPwMi4eFCsg2KxwYyNZROCg5FjMnRMxo7J4DEZPSbDx4S8ZwCZjCCTIWQyhkwGkckoMhlGJuPIZCCZjCSToWQylizGksVYshhLFmPJYixZcCYCpyKMJYuxZDGWLMaSxViyGEsWY8liLFmMJYuxZDGWLMaSxVhijCXGWGKMJQafaeBDDWOJMZYYY4kxlhhjiTGWGGOJMZYYY4kxlhhjiTGWGGOJMZYYY4kzljhjiTOWOGOJM5Y4Y4kzljhjiTOWOFwlgcskjCXOWOKMJc5Y4owlzljijCXOWOKMJcFYEowlwVgSjCXBWBKMJcFYEnC9FS64MpYEY0kwlgRjSTCWBGNJMJYEY0kwlgRjSTCWJGNJMpYkY0kyliRjSTKWJGNJMpYkY0kyliRjSTKWJGNJwl9w4E84jCXJWJKMJclYkowlxVhSjCXFWFKMJcVYUowlxVhSjCXFWFKMJcVYUvC3YPhjMGNJMZYUY0kxlhRjSTGWFGPJZizZjCWbsWQzlmzGks1YshlLNmPJZizZjCWbsWQzlmzGks1YshlLNmPJZizZ0C6BegljyWEsOYwlh7HkMJYcxpLDWHIYSw5jyWEsOYwlh7HkMJYcxpLDWHIYSw701KCoxlhyGEsOdNUGlNUGtdWorgZ9tQGFtQGNtQGVtQGdtQGltQGttQG1tQG9tQHFtQHNtQHVtQFrA/55mKykY6DSDFbQMVBhBivnGKgsgxVzDFSUwUo5BirJYIUcAxVksDKOgcoxWBHHINUYqIRjkFoMVMAxSCUGKt8YpA4DFW8MUoWBSjcGqcFAhRuDVGCgso1B6i9Q0cYg1ReoZGOQ2gtUsDFQ4QUr1xio7IIVawxUdMFKNQYquWCFGgMVXLAyjYHKLViRxkDFFqxEY6BSC1agMVChBSvPGKjMghVnDFRkwUozBiqxYIUZAxVYsLKMgcorWFHGQMUVrCRjoNIKVpAxUGEFK8cYqKyCFWMMVFTBSjEGKqlghRgDFVSwMoyByilYEcZAxRSsBGOgUgpWgDFQIQUrvxiojIIVXwxURMFKLwYqoWCFFwMVULCyi4HKJ1jRxUDFE6zkYqDSCVZwMVDhBCu3GKhsghVbDFQ0wUotBiqZYIUWAxVMsDKLgcolWJHFQMUSrMRioFIJVmAxUKEEK68YqEyCFVcMVCTBSisGKpFghRUDFUiwsoqByiNYUcVAxRGspGKg0ghWUDFQYQQrpxioLIIVUwxUFMFKKQYqiWCFFAMVRLAyioHKIVgRxUDFEKyEYqBSCFZAMVAhBCufGKgMghVPDFQEwUonBiqBYIUTAxVAsLKJgcofWNHEQMUPrGRioNIHVjAxUOEDK5cYqOyBFUsMVPTASiUGKnlghRIDFTywMomByh1YkcRAxQ6sRGKgUgdWIDFQoQMrjxiozIEVRwxU5MBKIwYqcWCFEQMVOLCyiIHKG1hRxEDFDawkYqDSBlYQMVBhAyuHGKisgRVDDFTUwEohBippYIUQAxU0sDKIgcoZWBHEQMUMrARioFIGVgAxUCEDK38YqIyBFT8MVsMASx8Gq2CAhQ+D1S/AsofBqhdg0cNgtQuw5GGwygVY8DBY3QIsdxisagEWOwxUtWDifhdL31vjS83C/ZE2jhRipMCRUoyUOJK9jSS2ZDtW3H9mjs9svo0kVDmwvSoMtUI7VRhphPapMNII7VJxd1IYzYlFkx3dKREXmBbiVwp/o0SkY6KL8MPsO1qcQ+OIAxQen+bUAs2JIw0x0sCRRDRMzIa5xEgLRxLBMDEZpoiGidkwRThMTIcp4mFiPkwREBMTYoqImJgRS2TEwoxYIiMWZsQSGbH4/EFkxMKMWCIjFmbEEhmxMCOWyIiFGbFERizMiCUyYmFGLJERCzPCREYYZoSJjDDMCFMfMTAjTGSEYUaYyAjDjDCREYYZYSIjDDPCREYYZoSJjDDMCBMZYZgRLjLCMSNcZIRjRrjICMeMcJERjhnhIiOcr0KoyxCYES4ywjEjXGSEY0a4yAjHjHCREY4ZESIjAjMiREYEZkSIjAjMiBAZEZgRoS5UYkaEyIjAjAiREYEZESIjAjMiREYEZkSIjAjMiBQZkZgRKTIiMSNSZERiRqTIiMSMSJERiRmRIiMSMyJFRiT/RUP9SQMzIkVGJGZEioxIzIgSGVGYESUyojAjSmREYUaUyIjCjCiREYUZUSIjiv/mqf7oiRlRIiMKM6JERhRmRImMKMyILTJiY0ZskREbM2KLjNiYEVtkxMaM2CIjNmbEFhmxMSO2yIiNGbFFRmzMiC0yYnM7QtUjMCOOyIiDGXFERhzMiCMy4mBGHJERBzPiiIw4mBFHZMTBjDhF1bNTxD07IikOt6gO0QTPQWe1UayNPMvBTMsxWbTBog0WTdWqBveqBrYuvzaF+yQIZ8cNq6EqVoM7VkOVrAa3rIaqWQ3uoP/zKOPyLos9eKOHaB9DtI8h28eQ7WOwt8cgtnTQ0t/GvKsmwO/+/Lx1Xe+oBHDk9Adq5UTqD9LIidQfpJGTSoDQKgHuzoRFk3vR3G5jpU0V7x6Bd4+gjbU21cy6h2DWPoZ2Klg7F6ydDNbOBmung7XzIdv5kO18yHY+ZDsfsp0P2adDHw/tfDjtfDjtfDjtfDjtfDjtfDjtfDhFB+lTdJQ+qU07Tmrzji+rHYHWSBytdgRq5WyxI1gzZ4sdwZo5WyMJdY3E72+A56Nfmzpp2gbN1y6804X3j8L7R5H9o8gHrT1k+7k/28/9hZ/7Ez/3l/jcn+Jzf6Hn/kRP8IVaJXmEL9IoySN8kUZJnvtLe+5P7bm/6HN/0uf+7D51Z3s2mO25XLbncoXnconnciXO5VKcyxWayyWalRVqlWxSVqxZsklZsWbJ5nKlzuVSncsVn8sln8tlfxbVnzscPHfYeO5wxLnDFucOB80dNpoFHNRqk2nAIY02mQYc0miTucPR5g5bmzscOnfYeOw7uOXGo+YRR80tjpoHjZobjX8Htdps+Dus2WbD32HNNhs1jzpqbnXUPHzU3HjUmZM3HXjE+teodw1Z/xrrrjFrTjRozYHGHznaQtHYqbEzGyjWQLFMTAoTc2LhVF8407++G3nypgOPYPdfyq8NhjiGTfZy5Anfjsxejzzp+5HhC5InfUMyfEXypO9Inupgdn9+/PJm5MmHMzSyfDlQ/hLXufh4pr7K9V9j3TeesVe4TvYO18le4jrRW1wneo3rRO9xnehFrhO9yXWKr3K9PycWTvWFM/3roMTlfRQ1xUv5tcFSxzOm7k/m7k8m709o70+o70/o708o8E9o8E9Z4b8/P34Zkxrq/uTvJJ9cQp7cQp6qhjxVD3kyEXkyE3kyFXkiF3kiGXkiG3kiHXkiH3mKQvIUjeSJlWSS6V8HJa5YTe5YTVWymqplNZlmNZlnNZloNaFpNaFqNaFrNaFsNaFtNWXdasq+1WwIV2hk+XKgXK6Z3K6Zql4zVb9mMsFmMsNmMsVmIsdmIslmIstmIs1mIs9miqLNFE2biVUbkulfByWumUzumUxVNJmqaTKZajKZazKZbDKhbTKhbjKhbzKhcDKhcTJl5WTKzslsSCdoZPlyoFz4mNz4mKryMVXnYzLpYzLrYzLtYyLvYyLxYyLzYyL1YyL3Y4ryxxTtj4n1j8n9j8kFkMkNkKkqIFN1QCaTQCazQCbTQCb0QCYUQSY0QSZUQSZ0QaYsg0zZBpkNHWRyH2RxH2RxH2SpPshSfZDFfJDFfJDFfJCFfJCFfJCFfJCFfJCFfJAl+iBL9EEW9kEW90EW90EW90GW6oMs1QdZzAdZzAdZzAdZ0AdZ0AdZ0AdZ0AdZ0AdZsg+yZB9kNXyQxX2Q1djUl/sgS97aV/VBFtzSl/kgC27qi3yQxbb1RT7IYhv7Ih9kqVv7ij7I4lv6ch9kNV7myH2QJb/SUfVBFnyVI/NBFnyZI/RBFn2dI/RBFn2hI/RBlv5KR9kHWZ1XOXIfZHEfZHEfZKk+yFJ9kMV8kMV8kMV8kIV8kIV8kIV8kIV8kIV8kCX6IEv0QRb2QRb3QRb3QRb3QZbqgyzVB1nMB1nMB1nMB1nQB1nQB1nQB1nQB1nQB1myD7JkH2Q1fJDFfZDFfZDFfZCl+iBL9UEW80EW80EW80EW8kEW8kEW8kEW8kEW8kGW6IMs0QdZ2AdZ3AdZ3AdZ3AdZqg+yVB9kMR9kMR9kMR9kQR9kQR9kQR9kQR9kQR9kyT7Ikn2Q1fBBFvdBFvdBFvdBluqDLNUHWcwHWcwHWcwHWcgHWcgHWcgHWcgHWcgHWaIPskQfZGEfZHEfZHEfZHEfZKk+yFJ9kMV8kMV8kMV8kAV9kAV9kAV9kAV9kAV9kCX7IEv2QVbDB1ncBzHugxj3QUz1QUz1QYz5IMZ8EGM+iCEfxJAPYsgHMeSDGPJBTPRBTPRBDPsgxn0Q4z6IcR/EVB/EVB/EmA9izAcx5oMY9EEM+iAGfRCDPohBH8RkH8RkH8QaPggaWb5sh2btF0y3urCLLtSm3Eox1Uox1UoxZqUYs1KMWSmGrBRDVoohK8WQlWLISjHRSjHRSjFspZBM73/Jvd3D6R/EecBRFL78X5tyP8dUP8dUP8eYn2Nwr1Xm5xjdbRX6OUb3W4V+jtEdV2U/x2Q/xxp+ji3+FurOd/aXfVStvY+G9TfxtP4untbfxtP6+3gad6aMO1OmOlOmOlPGnCljzpQxZ8qQM2XImTLkTBlypgw5UyY6UyY6U4adKcP7elp7Y09r7+xp7a09rb9rnfW3rbP+vnXW37jO+jvXGffojHt0pnp0pnp0xjw6Yx6dMY/OoEdn0KMz6NEZ9OgMenQme3Qme3TW8OissZOdPWArO3vAXnb2gM3srL+PnPU3krP+bjDG7UbjdqOpdqOpdqMxu9GY3WjMbjRkNxqyGw3ZjYbsRkN2o4l2o4l2o2G70fDOctbeWs76e8tZf3M56+8uZ9zzNO55mup5mup5GvM8jXmexjxPg56nQc/ToOdp0PM06Hma7Hma7Hlaw/O0xm5z9oDt5h4xw+C+qXHf1FTf1FTf1Jhvasw3NeabGvJNDfmmhnxTQ76pId/URN/URN/UsG9q3Dc17psa901N9U1N9U2N+abGfFNjvqlB39Sgb2rQNzXomxr0TU32TU32Ta3hmxr3TZ37ps59U1d9U1d9U2e+qTPf1Jlv6sg3deSbOvJNHfmmjnxTF31TF31Tx76pc9/UuW/q3Dd11Td11Td15ps6802d+aYOfVOHvqlD39Shb+rQN3XZN3XZN/WGb+r8/WPOTU/npqerpqerpqcz09OZ6enM9HRkejoyPR2Zno5MT0emp4ump4ump2PT0/n7x5z7jc79Rlf9Rlf9Rmd+ozO/0Znf6NBvdOg3OvQbHfqNDv1Gl/1Gl/1Gb/iNzt8/5tylc+7SuerSuerSOXPpnLl0zlw6Ry6dI5fOkUvnyKVz5NK56NK56NI5dumcv3/MuTfl3Jty1Zty1Zty5k0586aceVMOvSmH3pRDb8qhN+XQm3LZm3LZm/KGN+X8/WPODR3nho6rho6rho4zQ8eZoePM0HFk6DgydBwZOo4MHUeGjouGjouGjmNDx/n7x5x7Kc69FFe9FFe9FGdeijMvxZmX4tBLceilOPRSHHopDr0Ul70Ul70Ub3gpzt8/5twHce6DuOqDuOqDOPNBnPkgznwQRz6IIx/EkQ/iyAdx5IO46IO46IM49kGc+yDOfRDnPoirPoirPogzH8SZD+LMB3Hogzj0QRz6IA59EIc+iMs+iMs+iDd8EOc+SHAfJLgPEqoPEqoPEswHCeaDBPNBAvkggXyQQD5IIB8kkA8Sog8Sog8S2AcJ7oME90GC+yCh+iCh+iDBfJBgPkgwHySgDxLQBwnogwT0QQL6ICH7ICH7INHwQYL7IMF9kOA+SKg+SKg+SDAfJJgPEswHCeSDBPJBAvkggXyQQD5IiD5IiD5IYB8kuA8S3AcJ7oOE6oOE6oME80GC+SDBfJCAPkhAHySgDxLQBwnog4Tsg4Tsg0TDBwnugwT3QYL7IKH6IKH6IMF8kGA+SDAfJJAPEsgHCeSDBPJBAvkgIfogIfoggX2Q4D5IcB8kuA8Sqg8Sqg8SzAcJ5oME80EC+iABfZCAPkhAHySgDxKyDxKyDxINHyS4DxLcBwnug4Tqg4TqgwTzQYL5IMF8kEA+SCAfJJAPEsgHCeSDhOiDhOiDBPZBgvsgwX2Q4D5IqD5IqD5IMB8kmA8SzAcJ6IME9EEC+iABfZCAPkjIPkjIPkg0fJDgPkhwHyS4DxKqDxKqDxLMBwnmgwTzQQL5IIF8kEA+SCAfJJAPEqIPEqIPEtgHCe6DBPdBgvsgofogofogwXyQYD5IMB8koA8S0AcJ6IME9EEC+iAh+yAh+yDR8EGC+yDJfZDkPkiqPkiqPkgyHySZD5LMB0nkgyTyQRL5IIl8kEQ+SIo+SIo+SGIfJLkPktwHSe6DpOqDpOqDJPNBkvkgyXyQhD5IQh8koQ+S0AdJ6IOk7IOk7INkwwdJvh9d9vejy/5+dMmtlORWSqpWSqpWSjIrJZmVksxKSWSlJLJSElkpiayURFZKilZKilZKYisl8X502d6PLvv70WV/P7rs70eX3M9J7uek6uek6uck83OS+TnJ/JyEfk5CPyehn5PQz0no56Ts56Ts52TDz8nGfnT5gP3osr8fXfb3o8v+fnTZ348u+/vRJXemkjtTqTpTqTpTyZypZM5UMmcqkTOVyJlK5EwlcqYSOVMpOlMpOlOJnanE+9Flez+6bO9Hl+396LK/H13296PL/n502d+PLvv70SX36JJ7dKl6dKl6dMk8umQeXTKPLqFHl9CjS+jRJfToEnp0KXt0KXt02fDosrEfXT5gP7p8wH50+YD96LK/H13296PL/m4xye3G5HZjqnZjqnZjMrsxmd2YzG5MZDcmshsT2Y2J7MZEdmOKdmOKdmNiuzHxfnTZ3o8u+/vRZX8/uuzvR5fc80zueabqeabqeSbzPJN5nsk8z4SeZ0LPM6HnmdDzTOh5pux5pux5ZsPzzMZ+dPmA/egeMcPgvmly3zRV3zRV3zSZb5rMN03mmybyTRP5pol800S+aSLfNEXfNEXfNLFvmtw3Te6bJvdNU/VNU/VNk/mmyXzTZL5pQt80oW+a0DdN6Jsm9E1T9k1T9k2z4Zsm902L+6bFfdNSfdNSfdNivmkx37SYb1rINy3kmxbyTQv5poV80xJ90xJ908K+aXHftLhvWtw3LdU3LdU3LeabFvNNi/mmBX3Tgr5pQd+0oG9a0Dct2Tct2Tethm9a/P1jxU3P4qZnqaZnqaZnMdOzmOlZzPQsZHoWMj0LmZ6FTM9CpmeJpmeJpmdh07P4+8eK+43F/cZS/cZS/cZifmMxv7GY31jQbyzoNxb0Gwv6jQX9xpL9xpL9xmr4jcXfP1bcpSvu0pXq0pXq0hVz6Yq5dMVcukIuXSGXrpBLV8ilK+TSlejSlejSFXbpir9/rLg3VdybKtWbKtWbKuZNFfOminlTBb2pgt5UQW+qoDdV0Jsq2Zsq2ZuqhjdV/P1jxQ2d4oZOqYZOqYZOMUOnmKFTzNApZOgUMnQKGTqFDJ1Chk6Jhk6Jhk5hQ6f4+8eKeynFvZRSvZRSvZRiXkoxL6WYl1LQSynopRT0Ugp6KQW9lJK9lJK9lGp4KcXfP1bcBynug5Tqg5TqgxTzQYr5IMV8kEI+SCEfpJAPUsgHKeSDlOiDlOiDFPZBivsgxX2Q4j5IqT5IqT5IMR+kmA9SzAcp6IMU9EEK+iAFfZCCPkjJPkjJPkg1fJDiPsjmPsjmPshWfZCt+iCb+SCb+SCb+SAb+SAb+SAb+SAb+SAb+SBb9EG26INs7INs7oNs7oNs7oNs1QfZqg+ymQ+ymQ+ymQ+yoQ+yoQ+yoQ+yoQ+yoQ+yZR9kyz7Ibvggm/sgm/sgm/sgW/VBtuqDbOaDbOaDbOaDbOSDbOSDbOSDbOSDbOSDbNEH2aIPsrEPsrkPsrkPsrkPslUfZKs+yGY+yGY+yGY+yIY+yIY+yIY+yIY+yIY+yJZ9kC37ILvhg2zug2zug2zug2zVB9mqD7KZD7KZD7KZD7KRD7KRD7KRD7KRD7KRD7JFH2SLPsjGPsjmPsjmPsjmPshWfZCt+iCb+SCb+SCb+SAb+iAb+iAb+iAb+iAb+iBb9kG27IPshg+yuQ+yuQ+yuQ+yVR9kqz7IZj7IZj7IZj7IRj7IRj7IRj7IRj7IRj7IFn2QLfogG/sgm/sgm/sgm/sgW/VBtuqDbOaDbOaDbOaDbOiDbOiDbOiDbOiDbOiDbNkH2bIPshs+yOY+yOY+yOY+yFZ9kK36IJv5IJv5IJv5IBv5IBv5IBv5IBv5IBv5IFv0Qbbog2zsg2zug2zug2zug2zVB9mqD7KZD7KZD7KZD7KhD7KhD7KhD7KhD7KhD7JlH2TLPshu+CCb+yCH+yCH+yBH9UGO6oMc5oMc5oMc5oMc5IMc5IMc5IMc5IMc5IMc0Qc5og9ysA9yuA9yuA9yuA9yVB/kqD7IYT7IYT7IYT7IgT7IgT7IgT7IgT7IgT7IkX2QI/sgp+GDHL4f3envR3f6+9EdbqUcbqUc1Uo5qpVymJVymJVymJVykJVykJVykJVykJVykJVyRCvliFbKwVbKwfvRnfZ+dKe/H93p70d3+vvRHe7nHO7nHNXPOaqfc5ifc5ifc5ifc6Cfc6Cfc6Cfc6Cfc6Cfc2Q/58h+zmn4OaexH915wH50rRnGly9v9Lvo7wpy+rvinf6ueKe/K97p74p3uLl1uLl1VHPrqObWYebWYebWYebWQebWQebWQebWQebWQebWEc2tI5pbB5tbB++Kd9q74p32rninvSte5xj6sOuzzqx9EGb9o+inhPVzwvpJYf2ssH5aWD8vsp8X2c+L7OdF9vMi+3mRD6DFA3DRz4vTz4vTz4vTz4vTz4vTz4vTz4tTeAg/hcfwk+LE5KQ4M/m6AMA86MM86MM86AM96AM96AM96AM96AM96CN70Ef2oE/Dgz6N/UTPA/YTPQ/YT/Q8YD/R3nHkA47jAU/tX2BG/PQvTe93xjePtdVYwWOFGit5rFRj2UWsu9YH7CKOusJSvKlaVXBYVcFhVQWHVRUcVFVwUFXBQVUFB1UVHFRVQNLDxOxgt2vhzOcIUQnCv2LqN4zjXqU9h6LKxIMjHTESH8DU8WtOHGpONdbgsYYai+NiqryYi8daaiwOi6nSYnJcTJUXkwNjqsSYHBlTZcbk0JgqNSbHxlS5sTg3lsqNxbmxVG4szo0lzzM4N5bKjcW5sVRuLM6NpXJjcW4slRuLc2Op3FicG0vlxuLcWCo3jHPDVG4Y54ap3LDG44nKDePcMJUbxrlhKjeMc8NUbhjnhqncMM4NU7lhnBumcsM4N0zlhnNuuMoN59xwlRvOueEqN5xzw1VuOOeGy6sajWUNlRvOueEqN5xzw1VuOOeGq9xwzg1XuRGcG6FyIzg3QuVGcG6Eyo3g3AiVG9FYDFW5EZwboXIjODdC5UZwboTKjeDcCJUbwbkRKjeScyNVbiTnRqrcSM6NVLmRnBupciM5N1LlRnJupMqN5NxI+ZeUxk8pKjeScyNVbiTnRqrcKM6NUrlRnBulcqM4N0rlRnFulMqN4twolRvFuVHy76+NH2BVbhTnRqncKM6NUrlRnBulcmNzbmyVG5tzY6vc2JwbW+XG5tzYKjc258ZWubE5N7bKjc25sVVubM6NrXJjc25s2d5o6BsqNw7nxlG5cTg3jsqNw7lxVG4czo2jcuNwbhyVG4dz46jcOIWkuVPYmjucHkc2vw47u4NMx7NZtM180QGN0TFhvAHjDRivoYIN2QUbC54d90d/qVeoRlvhDBta2JC9sNEQw4Zsho2GGjZkx/7L4alv5/3STH0X8GbRNosWLFqwaMmiJYtmLJqxaM6iOYs2WbTJoi0WbaFo7NTYmQ0Ua6BYLB1ZNrIbxu4XQwgjCPuSse8Ywz6jPgMj4+JBsQ6KxQYzNpZNCA5GjsnQMRk7JoPHZPSYDB8T8p4BZDKCTIaQyRgyGUQmo8hkGJmMI5OBZDKSTIaSyViyGEsWY8liLFmMJYuxZMGZCJyKMJYsxpLFWLIYSxZjyWIsWYwli7FkMZYsxpLFWLIYSxZjiTGWGGOJMZYYfKaBDzWMJcZYYowlxlhijCXGWGKMJcZYYowlxlhijCXGWGKMJcZYYowlzljijCXOWOKMJc5Y4owlzljijCXOWOJwlQQukzCWOGOJM5Y4Y4kzljhjiTOWOGOJM5YEY0kwlgRjSTCWBGNJMJYEY0nA9Va44MpYEowlwVgSjCXBWBKMJcFYEowlwVgSjCXBWJKMJclYkowlyViSjCXJWJKMJclYkowlyViSjCXJWJKMJQl/wYE/4TCWJGNJMpYkY0kylhRjSTGWFGNJMZYUY0kxlhRjSTGWFGNJMZYUY0nB34Lhj8GMJcVYUowlxVhSjCXFWFKMJZuxZDOWbMaSzViyGUs2Y8lmLNmMJZuxZDOWbMaSzViyGUs2Y8lmLNmMJZuxZEO7BOoljCWHseQwlhzGksNYchhLDmPJYSw5jCWHseQwlhzGksNYchhLDmPJYSw50FODohpjyWEsOdBVG1BWG9RWo7oa9NUGFNYGNNYGVNYGdNYGlNYGtNYG1NYG9NYGFNcGNNcGVNcGrA3452G+fJ1gu4HKM/R4G8YLGC9gvITxEsYzGM9gPIfxHMabMN6E8RaMt1g8eHrw7AaLNlg0mJowM+GNg/cNYgVSBX7p4HcODglwRIDAhLw8LNph0eBgB8e6SWECaTIhTibkyYRAmZAoEyJl0rEAQmVCqkyIlQm5MiFYJiTLhGiZkC0TwmVCukyIlwn5siBfFuTLgnxZkC8L8mXRGQudskC+LMiXBfmyIF8W5MuCfFmQLwvyZUG+LMiXBfmyIF8W5ItBvhjki0G+GH0eog9EkC8G+WKQLwb5YpAvBvlikC8G+WKQLwb5YpAvBvlikC8G+WKQLw754pAvDvnikC8O+eKQLw754pAvDvnidNWFLrtAvjjki0O+OOSLQ7445ItDvjjki0O+BORLQL4E5EtAvgTkS0C+BORL0DVduqgL+RKQLwH5EpAvAfkSkC8B+RKQLwH5EpAvAfmSkC8J+ZKQLwn5kpAvCfmSkC8J+ZKQLwn5kpAvCfmSkC9JfzmiPx1BviTkS0K+JORLQr4U5EtBvhTkS0G+FORLQb4U5EtBvhTkS0G+FORL0d+l6Q/TkC8F+VKQLwX5UpAvBflSkC8b8mVDvmzIlw35siFfNuTLhnzZkC8b8mVDvmzIlw35siFfNuTLhnzZkC8b8mVT+4XqL5AvB/LlQL4cyJcD+XIgXw7ky4F8OZAvB/LlQL4cyJcD+XIgXw7ky4F8OdSto3Id5MuBfDnUrxtUsBvYsMOKHXXsBpXsBrXsBtXsBvXsBhXtBjXtBlXtBnXtBpXtBrXtBtXtBq19+HqkJu5g8pI5+n4pv1Sg3B9tN6KFHC0a0VKOlo1odhlNbrtg/cn9Z+iNM5yX0aSqlQWrTwy2W6z8xFizxcpPjDVbrPzk7kQxnieLfxHgnZOx0qCK/JVrfOPkoaAxEsiwbLDyqLEOjyUPcI3xbU412JyNaEOONhrRZITMBkPmkqOtRjQZILNBkCkjZDYYMmWIzAZFpoyR2eDIlEEyGySZMkpmgyVLZslqsGTJLFkNliyZJaszH5FZshosWTJLVoMlS2bJarBkySxZDZYsmSWrwZIls2Q1WLJklqwGS0xmiTVYYjJLrMES0x9tGiwxmSXWYInJLLEGS0xmiTVYYjJLrMESk1liDZaYzBJrsMRklliDJS6zxBsscZkl3mCJyyzxBktcZok3WOIyS7yzSqIvkzRY4jJLvMESl1niDZa4zBJvsMRllniDJSGzJBosCZkl0WBJyCyJBktCZkk0WBL6gmuDJSGzJBosCZkl0WBJyCyJBktCZkk0WBIyS6LBkpRZkg2WpMySbLAkZZZkgyUpsyQbLEmZJdlgScosyQZLUmZJdn7B0X/CabAkZZZkgyUpsyQbLCmZJdVgScksqQZLSmZJNVhSMkuqwZKSWVINlpTMkur8Fqz/GNxgScksqQZLSmZJNVhSMkuqwZIts2Q3WLJlluwGS7bMkt1gyZZZshss2TJLdoMlW2bJbrBkyyzZDZZsmSW7wZIts2R37BJdL2mw5MgsOQ2WHJklp8GSI7PkNFhyZJacBkuOzJLTYMmRWXIaLDnFdb9TzPc7MlFOx1Y7TNU8B57dhvE29F4HNV/HpBEHjThoRF1fGx1/bTQs2F8bL1rKIZxlx2Qbuso2Oi7b0GW20bHZhq6zjU4Nwddjjcv7LvfhjT7iAccRDziOfMBx5AOOwy6PQ27roK1fxr2zvsPvbjFvX+O7qjocVmcEbOesPCNYM2flGcGaOavqCLWq4+7sWDzxF8/7B+DnAfTx/lF4/ygegMAHENCsfxhmDziOB6SGPSA37AHJYQ/IDntAetgD8iMfkB/5gPzIB+RHPiA/8gH5kY+gxyPw8YD8OA/Ij/OA/DgPyI/zgPw4D8iP84D8OMUH+FN8hD+pTl1OqnOXX9ZfAq7bOFx/CdjO6fJL0IZOl1+CNnS6bhP6uo3f36Qxz/21sZPGDwDSr514pxN/xJH4I44kH3Ek+cB1kHzA+kM+YP2hGusP2Vh/KHn9IeX1h4LrDwnXEQq2S7aQUKxZsoWEYs2SrT+Uuv6Q6vpD8fWH5OsP2X/yzwfMM/MBc8R8wByxGnPEbMwRS54jpjxHLDhHTDjXK9gu6VSvaMOkU72iDZPOEUufI6Y+R6zOHDE7c8R8xMzs7k7+/end+8/Pf3v53Hcf/v78w6f3Hz+/e3r34dvvnj+8/O2/v//8jz/8tw/f/+n//OF//rObP/yPjx/+8fKJ/3z+9OPPgdeeXmfV3jvPXD/99P8BohxlTQ==

Of course, I will set up belts and pipes within the block. One of the first things to manufacture and load into belts are iron gears. Here’s a starting point:

0eNqlmNGOmzAQRf/Fz7DCxjaGX6miimTdxBIYZKBtFOXfS8JuSbtAZiZPEUk4M74zHny5sH012DY437Piwtyh8R0rvl1Y546+rG7f9efWsoK53tYsYr6sb1dl19l6Xzl/jOvycHLexoJdI+b8u/3NCn6NniL6UPqubUIf723VP9wsrruIWd+73tkpmfvF+bsf6r0NI/0vYxjvCMfQjJ8TJWJt0403Nv4Wd4TFmXxTETuzQqo3NQZ5d8Eepj/o6DOzZujb4ZbDl1hiLd+tSPL/SGKBnCLI6eMaFlgSpYgAKOL8iiCKkjZIEI0gCxQ5Q5CTJ1IblNT8pebLEXlzlCI8oUgCQ6O2p85faUYuULHMS9XgiB07LwummUSgDQ6N2LA6e9L8XKP01i/VNqMkDtPEINAah863n5FbU9LcA4x4NykTGh8fbRniXydrq8Wn07yNf5RdHzvf2dCPv2w9nfRybQWHs9JH1j+ayCXyvEu7uqyq2Fbj34M7xG1T2c3xPvG9dcfTvhnC7TggTJSq3VKYFC198oL0Ei5XgpNLwcn8WVE1VpN5KxE0ycCZz1NsLXODbJp55C41jVjsmByeb4aqYZqQx4DiaN1TTu58SjRB7ilKtBQ/4lQKqpHED7w7eYmlqCPuI1dAt6YaP3FW883wMwaoqsHPACA5p06ENRVkgt//qyxOcIpKQc4UUpAMr5KUU66k+FLgOiTB4QHRFFv6VaCltpOaZK631F8988qM4PiAChmC4wOicwoaJL5KSHab1vqKEwweTCIlCAYPiE5JfpvUn0qS/DaxHBTnCtRMEwwgEE2xrcDNYEjuG1DpXTS9nC0eXgdH7KcN3bROw2WWi8wYo3Murtc/RPQ1AQ==

This is a variation on Stackable Iron Gear Wheel by bonesoul. Since I want this to hang off the main bus and feed gears back in to the bus, I reversed the input feed. It will still tile if I need it to, but this way I don’t have a huge return belt running alongside.

I’m is going to use Basic Science Lab Zone by Diekion.

I tried that, and it wasn’t bad, but then I switched to this:

0eNq1XNtu2zgQ/Rc9x4V4J4P9k0UROI6SCGvLXlnuNij870vZaew2Gns4x31JkIvmcMjhnMPhWD+qx+Wu2fRtN1T3P6p2se621f3fP6pt+9LNl+PvhrdNU91X7dCsqruqm6/Gn5rvm77ZbmdDP++2m3U/zB6b5VDt76q2e2q+V/dqf3fVyHL+ePaE3n+9q5puaIe2OY7h8MPbQ7dbPTZ9NnkN/a7arLf58XU3QmaTMxe/uLvqLT+rvrgM9dT2zeL4D3oc4G8IWoAQihCMAMEXIVgBgi1CcAIEV4TgBQi6CCEIEEwRQhQg1EUISYCgihBUXQ5hy7acEuxqm8ogBNva0tvaTkEYJDflwNpPGbWIUU0YPe3e7TBf/DNru23TD/lPl3Kb+X0S/JRp/0tmv5QFKI/DNQv1NQuR756NpHuTYZSQMDKcMNI1AqFZEBCLuulZ1xoxagmjhh1OnrBg2eFEWXDIgjjWgngEwrIgArI81NRExGggjCZJdvKc7GRqSWbwLFGnkCX0nCU0EIcFFgTEYWl6QQ3EYZEwKuKwxIoSPodRHvM5jLIg4rDEilSIwyInjCzEYYkFgXCYVtOzbhEO0zVhlM1hmtBr9rSBtrvHHA+Hp6dOJ+/eTRpx3Jgkh4Gw1GF2rq9qQCBYMt0inKUJyWkTYpSYb1cLUpzWnBTnlCC9fDY9WRlAWEqz9KszCARLhTuEszShZp1DjBK623lJlDhWlAR25qIGF9lJh7KQJJHqWBUmhKU0S3V7RBVq1tnBQ5xFCHuP6EBNCHtv2eFEiD7P5zDKAsRhLA3tIQ5jnQQ8xGHU1EAcRujYIOKwyMlOQcRhkVUZhjiMJZEDxGEsiRwQDjOERA4IhxlCIofPu3K7WbYDESc/N7nRv0XJeI+02Q0Pm75d9xlgzBPN83gl9Rny8y7ddU9N/9Kv8/erVWfzSWtm8PcLrvVuyIOYBI0lfo5KdRIqr+tzuxwfuq/6+X+z53b7mp8/4p4737cvr9MDQc6AhiXlYy2aYM+Y4MMiT7kVJXTraMQpiFNqeJ5vh4tJx5KWJy+Lzs6J65d2O7SL2eK1yRh98+8uf58GMVc2bISyAHHeia5ow74HMnHOiR64EDWsa4kYgFtdchIicAnKHHcCbnJ5EKkGLlqZEAqBYB0Jky4KyI9NYxmjN8Adq2Edx5OV8Z+V819ywJ0r0yuPUayRUGwKwHU10y8Ri5tLLL7p10+7w+9n20XbdItmtsmStozUE0TqrG2mapDVjYDVVQ3ROu/eupbwOu/OuAaJ/YiyWHfdEWY7/osav7z0TdOdt0m1TyOe3X/NfFW9W384RtmxnepnZ9bHiOjIW+QVHcbCbZ3NTbll+TNG84U+eDb06+XDY/M6/5bDfHxq0faLXTs85L89fZh6bvvszpWGMsqh4xTmk+Lo1FhaXaxXm3k/H0bA6q9qXzbHZpzjyWmRJNa6MFglVQxViIFcGBuimqdqpHJhLGU1IQLDsuZD0gd1kgFMDCXTAV6uA9REZ1QRSzsJSytJs5SNhbNpEYnDxHASLeAuaYFVm5+f92+AElAKKXMaVmlbqYBJASeRAioiUsDx1vSUTVbNU7tbzZplfqDPtL1ZL5uLCMep65q8Mo/r3YF0VYqT/HnW6MVXHI7X7KgwxeEKFYfWBYqDiu9rekNrgd5wf1xvTLtzW7WhFaU2tEHUBm8/aIuoDSYGVFYmbrGU9pIyVaCsBURlsC52lKij7gMj8OY6yWolkWHbQCqJ1cSnjFAlRUAliXrvYqFfBlNiQaTEDKSSmJ6JVFK4pJIyna3axXyJqCQDqSTehjagSgoSlWQglcTLImdthHz5Eljy5ax9UCRfQqF8sapAvlCBd02+nDUs8uVL+OPyZdqd28oXW1PyRdJweZIvvEC1BpEvTAzoki1Sn/2BRFGirHrkLowca0Au8SJvliNyG8bESMilHg/DQVduTAyFCDEmhhYJsZwO5EJM1PuZCv2yiNhjYjhM7CWR2HNeIsTSJSG2G8YDMFStckjHnGG1WykXMR2WJDrMJUSHJd4HLiVlJNYHRZQHy0ipUIf5kjISEXfXZJiXVJHSH5dhk97cVoV5sojkIYXEDFOLKD0mBqKXLNGbqCQtwyerirKKFJMsqwNPeaSYZBVvzmXFJKsZtgNSTPo8R9MYsmKSBVpPVUCKSVy/sGKSFfW3qoAUk7ieSYpJ9mIT7Qe7ASImIMUk5oYOWDHJSnpqVUCKScwsEgTFJMt78Uesywl/wvStCX865G7L+JFk/Igpu/f5KRhJXaDsqN14TdpFDcgYZqBG5INRlnofi6hHO5xbZYzcAQUaLoYHiidcjFBE2B/ZwnBsQ4KJOf4EvHbK8nq3EiSceH4koXACepZVwnqVrKijWCWk5MSdTaTkxMUQCaeLfcvz3bBezcG+ZZUg6cRrXE6gdBI1Lp91ipd2Er279WsnkUqTxJeQMhMvpehaUGayrP5oXYNipLA/WqsSMUJH+BU5omtIjhBSQddIrcYayqpFSIl6eZekFfpEp5YXlx6hOiYG8pkSLkZESIaJgXxAxPJeM6YK8oShTd/6uEVt45seuHImIw5cWvSKy1/CdHwz7sGn+7PX9d5V33LmOqbWqGxIOsQYfVJ6v/8fWBP9bA==

I still want to improve on it. If I didn’t use the requester chests, I could do a two belt circuit, with the last belt enabled or not and the first belt reading the contents of the belt.

I still like NRC’s Mining [Ver 1.1.30] by NRC.

Here’s an ammo maker I like:

0eNqlmd1y2jAQhd9F13bG+pe463N0mI4xCmjGlj22aZtmePeK0CGEyrBa7gJB30qrc1Zr+Z1s2oMbRh9msnonvunDRFbf38nkd6FuT9/Nb4MjK+Jn15GChLo7faqnyXWb1odd2dXN3gdXMnIsiA9b95us6LF4iJjHOkxDP87lxrXz1WB2XBfEhdnP3p0n8/Hh7Uc4dBs3Rvr9aRRk6Kc4uA+n2BFYGvoiC/IW/6L6RcZIo2v8x5Re/ejqsYujd/WfOJycJn4TjuWG0+aZcDw7nHwmnFjakEQa2SWQ+Ai0jfzm/AuWQMsLuu3jGvZ13N9t6cPkxjn+PxGgugSIazomkOqCfK2n+S6LfmF9maxIkHVGHqq8PJgMNM1DW3A+rkQJygetLuipq9u2dG38+eibcuhblwpgbwIE53f7TX8YTyamphCmkHSdCkXhCbpaBihBlGWwbSab5wpc60cCpyKbqR4yZUYOVGYOVAZbZ7I1XN0yU90mV93irrqrpK5tRm5kXm5YharbHMSmqFoIYzMUm0E2lXFUoWWgeQsUm4PmLbOP/E8n0a9H/uDd2JyGj/0hbKf7jY1C1V3YPmtU3YWxDaqewdgWVc9AbJ7h2at6A9I+pyg2bN6fnp2G1s8PSzAHMD+9+qvvty6Uzd5Nydnym0xs6vHfE8YtE9fLUlAOJKpuVaC9Uyg2BbE1qm7RdCfBDfxEtssTVSm0zW585HKaUxFEhWknQOoQOPeB1CEYig1Sh+DwlPBMdIYZr9hVWngCZT8DmijKfRaE1gi7GJCWDfrpzKba10LrQttUEyssvjkx+N5EYsxqQLcSNDd1Epk6iXIuSLSSY9Ag0UqUcW3at1JiYGYBhnKqAi0adf2jQWiDN5B8wkBPnKcaUoIUqpsF7YZCHaeg3VAMI0i9cBvJMTC1ABMYCQrQolGnJ+giRSnEESdB+tJ4AcMCGMQRA7qcURajX9BWapTrYDfgFKPmhTtHjfKZWIBxjH5Bz80a5TrQtY5+4lqH4Qu/xjiSQQyjNbrp5P93TouvA7TBGx+2DovuAHPWYVBWBanWoA5IkGoNyrg8bVyDOiDZAkxgnt9BL+gk6hEblE6Fegw+ZWBdnN+Yr67e0RekrePo+N23rjuE8/CC/HTjdF6doUJbpo0xylJ2PP4FayhNpg==

Here’s a snippet of Smelter Book from by Noel Puldon

0eJydnd1u2zgQRl9loWu5IIeSKOU19mqxKBZpo+0acO3AcRZbFHn3lZImVmKK/I6v+oPksziaM0NyhvTP6svucbw/bven6uZntf162D9UN3/+rB623/a3u/n/Tj/ux+qm2p7G71Vd7W+/z/96OB324+bvx+P+9utYPdXVdn83/lfd+Ke6/Lvfb3e7zbgbv56O26+b+8NuqWBPn+tq3J+2p+348ijP//jx1/7x+5fxOH3Em9DpeLt/uD8cT5sv4+40fcD94WH6tcN+/uhJamPhU1tXP6a/tZ/a6SPutsfpQ59/wOYH/aBs1yg3k3JCKwAtQ0/ZAGWPlNs35e3+YTyepv+71PRDYeSdomKuoBL1UZ6fSBplD+znkPKQdfHEg/dLI0y/PG6//fPl8Hic/d4PbW3uc+JjvJPeUyxY2AOQzmKSITwg6WwETRqA5VsmDcjyHZPW0GpKr0xiy5dikydwsRDqAV3n4WrSgzR4Xxi8OUqpZSg1F+qhDklOjQDGIrURwFh6MQAYC7xG+GKR1yS++pJrSHiV4qoBulhYNQAXi6omsdWW5jwUrS5H1pTmJlabJFoBoMWSQABksRwQAFgs6AYAFou5QeLKSn6hpa2SCslabJRkSsiUFa5KU+GGYuWyWMUpXdVtEqtGx4rF5wZQBZV1quAyS4eKeVujMFWawjUKUqXpZKMTxcJGowPFIl2j8NQVht1CntocTtOkZuKzS+LU6jixVNLqOLHs1+o0sQlGq9PE5kStQlNpy6JVaPKlON3qOMHpbavzxKbkrcKTL+X3DgL1fo32kahpbjcRGpNEdTpRcNnT6UjBtVqnMwVXxB1IUSzOdgpVvrQe6CSsSuG6A1ixMNrpWMGtpE7iqrQejZSrmOWqn9JU3Se5ioArFvgj4IpF/ghmfizcRsAVi7dR4cpKK6GocGWlqB11rmCFIupcwQpFVLiy0ry3h1y9L/Z85Gqaz6eTVa9DZeuBv0kp61DBElhP6lZv0mHFzqRU9SZmK2JndB73d+Px2/Ew/bkqZ0u59watX8uSh8fT/eOpSn3YmbD3lc5Uje2XDZIPHWWdeXt7XafXdWJOZ9B12ozO4HSdkNPxuk7OzoPJOjkzD0GWyVl5aGSZrJFbWSZrY92XsyaWXTmrIjtydkiyG+fs653sxbm37Z3sxDnf80724SwK3slOnEXTO9mLs6HCO9mNs6HLO9mPs6HUO9mRs6HdO9mVLW9n2Zkta+dFWwDItn6tOeCqNhu3pmbXJW+3nry3+5Xc7UmLwHn+eflRSe0FFPe77WmlIGJn4wqasO9m9ZXBzptVnat6by7sl6zhk/6A85OK2lqDQCyN3wBIZzXtGVFPQA+1SVNAC7VJ200HtRvpvTXF96ZxVAx9izYA0B4jjpWw1UDtXhq/L45/AM+4Hj/T3VuErfU0kNYGbMGwRboCPAxbi74ApXdl7a0FiaJi8FtU/PXuFXGggCsY+ha9AUr/yurgQXaCATQAqGD8bABTMFyBhoANjFaLlgCltWTtlTUSPcWYB6r9GxjyGkAUjHhSF0BxvgfaAGBoA30AGyqt8wSN2uo4QU9Y9AMInR9rr6tVwClOlkClH4INSv0wGkm1/q44cj0NwUAMGgBg9gANADBztjpHMN13yjGF4qK2U5jxxRhHyvswEoH6Ppx1dsqUzhdTZKcnIDrl7nSW6EqBlP1hhCJ1fxiitMJ/cSIaFXZ8MdSRsj6MdaSuD4NdVKZ0vrggIlV8GDQjIApGzagTRffHQMGfbutFZevBirNwrbxfDHi9PoPLbDWnjzeBmj4MeL0yr7PixA5U8A3GTVDPNxg3F9X9v7e7aeib3KLwNaBcaE/wvPz6y8nh10PJZ8MeD/vN4ThWT8mDlT3YoXgb4VrNY1n7z5QKXt+BV6xEds9fn08rQvRgf+LNsy/tn5JeNgvkaiZpQ6Ql9b6BX0U8S76jQduEcGvjTZpy0LYkBiaq9xT8Kn+ujHhRjWWHlF2i96mdTz+aC0maBu3YT2R2AB01MWcH0FHT5nS0olMggzSnnfBumCjotQnrIzYnMeNXY0T64QJ1S8u5ZT8fHXw+Qe/TR3P15obXxqMVY+g9OhkqzaGTp6JJpT3xnmnq1GTgM4eOm2qP5q89fJpyoM7mQ3KzV5qP6bPdOk2Z8GFeb1zLMenRLrhoUKmgZExTxyVHndTpgJK2LZoe2CHLpPt086Gw5xPM1qTdRwYpawe5dSjnPKZkG5ZrjOx0i5IyKTneTAGlYw/WMM9pM44T55O5c8ypLfik45hMUC4Am9xLl8tapmQYzziUmhjQ1NlMpiSb6oO0J8fi4aJlgZ2cSzpPMx/wmf3RQp90nqC3mOYCRtA7THMsSh0LnsEoXVjg2cwi6I2nOeakHgXP5mOLhgV2QizpP309xZ/ZJ61p0/6jk5SLG43cd51bvFujJBljQEpdCev7H2lNGRfLUdcouBjL04veBHYSKuU/vdW9W409jUyR5YIGaFY4b4EFzRjX7K5dHi9KSp/BIf3Pl89dbn+2Rf8C+ayrzkmZ1NJw3uvSXoTU4XDelRNF8Q5D/07/8nK+Nu3ordbOGtnTa72tDRNl18mJotK2w9tERhSFee68PZR4ec/L+skdplV++gVKuxM9GoDUDLFhPiG1RrztooiaBg3dZew8r3/nrbiuS9q5kzYt1mNhUlODj2kq7LFgtOibYLsNSTPH2ZVrS59Ctk4BkjHeKYs0FoukxokOSdLrE9qMjedF1fTSpjVW0sZRQZElwagkQc/cTuusYMRFuP3xIfJf3P0yv7ZpKZI2M1rdic+PLikRNdFST9S8dqmXtHM/u3I9TdnTdpb6MFgU7ZUMmJn5JjWlFSALRD3MgB8WGRd3Q6z58lU3LTRKM4WhexeMSeudT+c2AVGaHLsamDRZNDomTS48jkyanMPqkfRAjmG1TJqccOyYNDmFxZAZyPnGhkmToyUMmQHQ6BnoA6CRwTiQI5AMxgHAyFgcAIsIxeAAiojE4ACJCMTgAIiIw+AAhwjD4K444SUqk5zIlHUIESjBAQahMrj7iwnrBLLXB+7NYB4HrtBgkICv12Bcg5szWCgCX63BoqfX2UMBP3hwsoURAq7XQIk1gLs12GQgeMAegw/ctcGmXQHctMHmigHcs8EmuAHcssFm5QF89wZbSgTTCWTrnwDu4WCLtgBu4WArzQC+ooOtvAO4lYMtvAO4k8OWDCa1wPmYDHWf65fvjLtZfD1dXf07Hh9efqD3TRwsNtO8PMwLzt3t9BnTT/s/fvv9dLu/uz3eVU9P/wPuar/F

For science, I started using Tileable Science Production 0.17-1.0 – Early to Mid Game by Christoffer Ramqvist. Unfortunately, the green science using gears has an error, and there is a conflict with both the yellow belt factory and the yellow inserter trying to go on the same side of the belt. So here’s the updated blueprint string:

0eNq1W12P6jYQ/SurPLVSuLWd+CP8gb70rY/V6iqwuWDdkKAk3Ha14r/XwF6gi83OHNSn1SJyZnxmznjsDG/Zot0128F3UzZ/y/yy78Zs/tdbNvpVV7eHz6bXbZPNMz81myzPunpz+K/tV36c/HI2Ln3TLZvZtl5+z/Z55ruX5p9sLvf5pxh+6LvZqqmH2d/rpmmvnlb75zxruslPvjm5c/zn9Wu32yyaIcCfQaah7sZtP0yzRdNOAXzbj+GxvjuYDVAzZ77oPHvN5tp+0cHEix+a5ekL6uDkB2TFQC5ZyAUDWbOQSwayYiFrBnLBQjYMZMFCtmfkcdv6aQqfRTDlT0z3OaKj+2ody9eKgVyxkKVgQFse9EV9u6DXYTX04W8S/I7+8nNh6La7KYvZUixbJcFWv5tSxi4SPdTBqe6m2bLfLHxXT30si6y+Zy9gTEPffl006/qHDwDhqW++DQn5WIldBgqmYw08F9vnfWw5l7pQj2OzWbS+W8029XLtu2am7tad6riesBq/vefLrU2N1KKDtRiYQcAcKYevqsSmbttZ04avD2GF275t7pa3EzVd41frRb87xlKJvFTPMTOX0uG7sRkSxahI+m5ioNVVjoSIruuQBi+zewYEixwluOSIO+QEqksTI0dJbn5eqiuan0rBmjAKtVmw4/UzIYwgxQtpAIyMi04hCj76GQMzrPw/+vRp/ivL8FB+5qFDwFLcVaTlimR0Y8stBA+UxGGBaw/WQaFwHRSkDrtAUreIx7KARKUSYBou2cSlGySNU95CAkvx6PCKq9FMq/BMK0knLoEkh44zVEoErEyAKbSxeWf7du/OjYtt32WB5zSN5BJJwxQvGgFLRcygDVKM5BCy0HHZaANZWrxOo+opH1CsQ21WiAZsPDwaUqdJgEleC2Mo269WPFBLAi2QFE8tGxJfKiCa18LQODQ8UBqHD+gNzX3t8N2qIt3iQeJKHMoNJC6XAJP4HkJaulFIGqe8hQSW4hG/nbESzDSj4UyzpJOoQW5sbOI0ZSwCljjnGYf2Re9sf9yyrcorGduyDX49QyPZCiANU7xYiYAlImYV2hfFSA4hC41WVcZItgVcp2H12AcUW6I2NatRsIqyyVnerYwtSKCQWhOHRusQsMRx1vJuZWgcOoGrnHSid5AwExQ4ZBtMBcc9oD1UB64kvdVTJyuJY5tjikmT4sRrQ29Bo9mF3MDYxNHX4ec5a/8brw/OxIwhvaZNHEKqi8i+1eNEa1RIh4dKwu2Aje5U8W2qgnSXYqOgsyGSbERfQ5fwvh1hI3Abv8yoNF44PiTiee0xM4bzzvg8H2JvDhSG8M64svSg6KSlMobs6MglDxnSaEV6NymQ46F1FLelYA0eXBR7J7DpwQOhALXR3t8K5BxJxUbubWzqBbzQLMbFQ1KSwpApP0/D0DJeCrpMLzWHCO2gcRiUo4plzT6kgashIs70DWhMotM3t/Yen7457YB9F/bApR+WOz+xRm+kAiYUHel9sJQFgi1p2CVL8DrtOSWZWdNCmrkSA0xyUrEtgi1I5USyysl5C70XgTuaq4ABT2KaKoFgJ26WpEJekhLDqVhDhuddE0x6hez+1JWUwFgtFVsj2LSkV6yW/bxDY0nPmR869xnUpHcIdjLpK2DymBjOAhkQJrJQSASb6LeC2i1QrFcjRSxrErNWQv0WJoNCY8YkZMygzd3t4h5v7iK/PCF3dlfDUdyVyP9pJdu2npr0Ip7z00Pzq9/65Flbh0iHz/54v4J9+vN0BfsUvPxtfPrl9wM9x4D+Gr79I/hzctnJ0lbKOudMJdV+/y9Z/vUd

But of course, that necessitates green circuits. Enter Modular Green Circuits by Nilaus.

I also like Elder Axe’ train network plans. Here’s the copy of the two rail network:

Of course, a rail network is no good withoug train stations, so here they are:

(I have since deleted these copies, because Factorio: Space Age has made them obsolete, and man they took up a lot of screen space)

WordPress copy to test environment

I’m a fan of Tenets of IT

Number 15 of which is “Everyone has a test environment, not everyone is lucky enough to have a separate production environment.”

Heh.

This post will be how I copied a production web site to a test environment.

Prerequisites are:

  • A virtual machine server
  • A domain name
  • A wildcard certificate for that domain name

In my case, for the virtual machine server, I bought a used Lenovo Tiny PC from Amazon, loaded it up with RAM and installed Proxmox on it.

I had bought a domain name, really for my Nextcloud instance, but I can also use it for my home lab.

I have a firewall, which can get SSL certificates from the EFF project Let’s Encrypt, via the certbot / acme protocol. I went through the trouble to get a wildcard certificate, so that any box in my domain name can be SSL protected.

The basic steps

  1. Prepare the new machine
  2. Install WordPress
  3. Export WordPress “production” and import to “test”
  4. .
  5. .
  6. .
  7. Profit!

Prepare new machine

  1. Install Debian
  2. Add vim and other configurations
  3. Change host name and domain
  4. Add ssh key login
  5. Install Apache and MariaDB
  6. Install WordPress
  7. Update Apache enabled sites to include SSL
  8. Update Apache default Debian setting
  9. Install one WordPress plugin to import the export
  10. A note about ASE (Admin Site Enhancements)

Install Debian

This was a Proxmox step, and I think I did it from a .ISO file

Add vim and other configurations

apt-get install vim
update-alternatives --config editor
vim ~/.bash_profile
export EDITOR=vim
[ -r $HOME/.bashrc ] && source $HOME/.bashrc
export PS1='\[\e[32;40m\]\u\[\e[37m\]@\[\e[32m\]\H:\w\[\e[30m\] \[\e[32m\]\$\[\e[30m\] \[\e[0m\]'
vim ~/.bashrc

Find the aliases I want and add them, uncomment them, etc. I always add:

alias ..='cd ..'
vim /etc/inputrc

Find # "\e[5~": history-search-backward and uncomment it

Change host name and domain

I should mention that in my home firewall, it is also my local DNS resolver. So inside there, I have server1.example.com mapped to the IP address Proxmox gave to my new virtual machine (Proxmox got it from my DHCP server).

hostnamectl set-hostname server1.example.com
vim /etc/hosts

In here, I added an entry for 127.0.1.1 which maps the fully qualified host and domain name to the host. So for example, 127.0.1.1 server1.example.com server1

The address 127.0.1.1 is specified because Apache will try to identify the site by name (later). Everything in the 127.x.x.x maps to the local machine, so they all go to the same place. But having it as 127.0.1.1 stops a duplication conflict with 127.0.0.1 for localhost

Add ssh key login

ssh-copy-id root@server1.example.com

Never, in production, would I be commonly logging in as root. But this is a test / play environment, and I find the process cumbersome to set up an alternative user, and then have to be constantly doing a su - (switch user) to root. Since this is in my home lab and not visible on the public Internet, this is not so much a risk. And … before I really try anything screwy, I can take a Proxmox snapshot.

Another thing I run into, is that because I can rip and replace virtual machines easily, I tend to have to delete old entries from the ./ssh/known_hosts file.

ssh-keygen -R "server1"

Install Apache and MariaDB

Essentially, I am following the instructions here at Rose Hosting

One change I make is that immediately after installing MySQL, I run the process to secure the MySQL installation:

mysql_secure_installation

Yes, I set the switch to unix_socket authentication. I have zero need for MySQL to authenticate across a network. This is overkill for a home lab, but since this is how production is going to be set, the machine in test should match it.

Install WordPress

I still follow the instructions at Rose Hosting

Update Apache enabled sites to include SSL

The Rose Hosting instructions don’t disable the 000-default.conf web site

a2dissite 000-default.conf

Now, how to make https:// work? Well, there is already a default-ssl.conf file, so all it really needs is a certificate and key, and for Apache to use SSL. The SSL certificate files mentioned there are /etc/ssl/certs/ssl-cert-snakeoil.pem and /etc/ssl/private/ssl-cert-snakeoil.key

I have exported my wild card certificate and key to my local machine, so now I upload them to those directories, and change the names in the default-ssl.conf file.

Update the ServerName setting in default-ssl.conf to server1.example.com

Update the DocumentRoot setting in default-ssl.conf to /var/www/html/wordpress

Add rewrite rules to the non-SSL site to redirect to the SSL site. In wordpress.conf add:

RewriteEngine On
RewriteCond %{REQUEST_URI} !.well-known/acme-challenge
RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [R=301,L]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
apachectl -t

If this checks out well, that’s nice, but there is still one more thing to add:

a2enmod ssl

Update Apache default Debian setting

This one threw me for a loop – all my redirects were going to 404 error pages.

It turns out that the default setting on Debian has an Apache configuration file with rewrites not allowed.

vim /etc/apache2/apache2.conf

Find my way to the <Directory /var/www/> section. Change the AllowOveride setting from None to All.

The /var/www directory is of course higher up in the directory structure of what Apache is going to serve up. Because it is higher, the AllowOveride None directive overrides the lower level allow all. Whoops – for WordPress this is no bueno.

Finally, restart (not reload) Apache:

systemctl restart apache2

Install one WordPress plugin to import the export

For this, I am following the instructions by Ferdy Korpershoek on this YouTube video

(The YouTube front page has become politicized trash, but for technical videos, it still has good stuff one can find).

Essentially, I install the All-in-One WP Migration plugin on the production web site, do an export, and then install a fixed version of the All-in-One WP Migration plugin on the test web site.

Ferdy does clean up the new / fresh web site first, by deleting and emptying the default pages and posts. I also deleted the default plugins.

After the import is done, I need to log in again, because the database was replaced, which is where my login credentials are stored. After getting logged in, I need to save Permalinks twice.

A note about ASE (Admin and Site Enhancements)

I was almost at hooray! But, I have a small security enhancement via Admin and Site Enhancements (ASE) which threw a tiny wrench in the monkeyworks. Yes, in production, I’ve hidden the login URL to somewhere other than normal. So after the import, All-in-One WP Migration (100 GB version) provides a link to update the Permalinks, but because of ASE, that URL was not found. No biggie, I simply had to use the URL that was appropriate for the production web site.

Profit!

And now I get to bask in the glory of messing the heck out of the test (not production!) WordPress web site. Fun times. 🙂

I think I’ll take a Proxmox snapshot first.