Main Page

From Hackerspace ACKspace
Revision as of 00:35, 29 May 2022 by Stuiterveer (talk | contribs) (Main page is not an event)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
shiny ACKspace logo, without blocks

Welcome to ACKspace; a hackerspace located in Heerlen, The Netherlands.

A hackerspace is a place where people get together, socialize, share knowledge, tinker and build stuff.

In order to make this possible we have a collection of tools, (useful) stuff, work area and a lounge where we can relax and discuss our favorite games.

Become a participant

Welkom bij ACKspace; een hackerspace in Heerlen, Nederland.

Een hackerspace is een plek waar mensen samenkomen, socializen, kennis delen, knutselen en dingen bouwen.

Om dit mogelijk te maken hebben we een verzameling gereedschap, (bruikbaar) spul, een werkruimte en een lounge waar we kunnen ontspannen en onze favoriete spellen kunnen bespreken.

Deelnemer worden

Willkommen bei ACKspace; ein Hackerspace in Heerlen, Niederlande.

Ein Hackerspace ist ein Ort, an dem Menschen zusammenkommen, Sozialisieren, Wissen teilen, Dinge basteln und bauen.

Um dies zu ermöglichen, haben wir eine Sammlung von Tools, (nützliche) Sachen, einen Arbeitsbereich und eine Lounge, wo wir uns entspannen und unsere Lieblingsspiele diskutieren können.

Werden Sie ein Teilnehmer (Englisch)

Featured articles:

Buying stuff together

HKY USB-C PD, PD 3.0 power adapter for car/truck

Status: 📫 arrived (target ACKspace visit date: 24 September)

An automobile auxiliary power plug to USB-C for use in a car/camper/truck or just on a plain (sealed) lead acid battery for off-the-grid powering laptops, phones or other devices.

Input: 9V - 32V
Output: 5V3A 9V3A 12V3A 15V3A 19V5A 20V5A
Note: Doesn't seem to be compatible with Apple M1 macbooks, max operating temperature is 40°C

Amount 1 2 3 4 5 6 7 8 9 10
Price/unit €34,85 €30,86 €28,59 €27,46 €26,77 €26,32 €26,00 €25,75 €25,38 €24,72
Nick xopr Vicarious xopr wirexbox 📍 📍 📍 📍 📍 📍

(Replace a pushpin (📍) with your nickname (~~~)

You are looking at an event that took place in the past
Event: Main Page
Featured: Yes
State: Completed
Start date: 2022/07/22
Start time: Note: The 22nd of July is the day that MCH2021 actually starts but some volunteers go earlier to help set up.
End date: 2022/07/26
End time:
Contact: Xopr, Computer1up
Kind: Conference, Festival
Location: The Netherlands"The location is the Scoutinglandgoed in Zeewolde, 55km east of Amsterdam."
Fee: Standard ticket: €355,55 - Parking ticket: €42,-
Short description: May Contain Hackers 2022. Successor of SHA2017.

Like many other hackerspaces, some of us (ACKspace) are also going to attend this conference. It would be awesome to attend the conference as Village:ACKspace (extension 150).

discussion page here, Telegram group invite only.

tips for the next time

  • hackerspace stamp / flag / merchandise
  • only collective consumables/disposables
  • for stuff / infra, have a single owner / rental per item (tag)
  • for larger groups
    • shopping list
    • receipt-only (or a local ACKbar)
    • division of tasks / assignment
  • logistics is a thing to plan: we had 4 cars for 1 village + 4 people
  • local transport (optionally battery powered)
  • partytent is a never ending misery
  • chat group invite based (have a gatekeeper)
  • better infra
    • over top power and network
    • UPS is a blessing
    • shared (complex) password vault/separate keyfiles for local infra
    • use a firewall (optionally with DMZ)
    • VoIP connection to the existing infra

things to considerate

  • transport
  • tents/furniture/infra/tools

Current attendees

Current roles

  • PsychiC: core orga (geen ruimte voor extra taken i.v.m. onregelmatige planning)
  • Computer1up: transport, inkoop
  • Xopr: assistent logistiek en financiën
  • Xopr/Computer1up: keuken/corvee
  • Xopr/Computer1up: lokale infra


From july 22-26, I went to a hacker camp.
This is how it went.

The camp was a 5 day event and consisted of 3 track tents, 2 workshop tents and 3500 hackers. They had a 200Gbit/s uplink to Amsterdam that connected to more than a dozen IP-transit providers and Internet Exchanges with a total capacity of 450Gbit/s. Your direct tent-uplink could be 10Gbit/s and had a 20Gbit/s connection to the main switches with everything set up redundant.

Preparations started Wednesday and Thursday night: gather stuff (it was roughly 0.7m³ of gear scattered everywhere on my property). I wanted to set up the VoIP as well, but alas, no time.

Friday: drop offspring off at the day care, strip car and fill it with gear. Leave at 9:30, arrive at 11:40. I should have gone to the toilet, because my bladder starts to hurt.

I took the Cyber bike, tied a toy wagon behind it and filled it with the party tent parts and other essentials. Meanwhile I bumped into computer1up and together we traveled to the soon-to-be village, where PsychiC conquered ground for it for about a week. There we met our newest member: TheNetworkDoctor; our inhabitants were united!

After the first transport iteration, we had a Gator shuttle service at hand, so together with one last cycle, we picked up everything in one go.

Time to build a village! With a bit of hands, the village tent was up in no time, and soon decorated with network, power and lights.

It took until the evening before I got the network part sort-of right: the Guerrilla VoIP switch had a default passwords with arbitrary configuration and the 16 port "smart managed" switch only worked with a Windows tool. The other downside was that the management interface was accessible on every VLAN, had a default password and accepts a magic reset packet, but luckily, the PoE worked as intended (only VLAN 1). I kept a management interface VLAN open and set all the rest to a semi random untagged VLAN. Next thing were the LED sleeve / torches: they were going on a /19 network, and I wasn't going to scan 8k addresses, so I've set up a mirror port for those two connections to sniff out a DHCP ACK. The first worked instantly: WireShark filtered on `dhcp` immediately handed over all the details, so the second one should be a breeze as well.. Well, nope. The traffic that was hitting the switch was too much for the poor ENC28J60 to handle (I was aware of this type of flaw since it chokes on ART-net packets the same way).

Steps to success were: power 1 LED sleeve, read the lease, unplug the ethernet connector and power the second sleeve to read the other lease. Simple. Now that this was working and running a torch animation, I had some spare time to register my DECT handset.

Meanwhile, the sun had turned over and it was Saturday.

After brushing my teeth, it was time to fix the VoIP. Default passwords are bad, so I chose a simple alternative to keep script-kiddies out. The day was 10 hours old and half of the village was still sleeping. The initial setup was letting the desk phone register to my VPS and let the VPS register at the local "telco". This way, it was easy for ACKspace to call the "offsite" extension, but the calls from DECT never came through.

The other half, including me, went to the bar on Flower fields to grab a coffee and wait until the rest was awake to join the bacon & eggs session. Time flies and at noon and a bit I had the VoIP rerouted so that it actually registered locally, and the offsite extension was forwarded to this number. With some testing, it seemed great success, so two hours later I've managed to forward all extension in a similar fashion.

Meanwhile, our village became an open house and a lot of people jumped in to say hi and admire the 3D-printer or asked to have something printed.

Then came the idea for a nice and simple hack: add an extra extension to manipulate the torch by calling them. Since torch in Dutch is fakkel, I registered 3225 (fACK) for intended puns. I wasn't going to write a SIP parser, so I've looked around and finally found something that seemed to work. I proudly shared a video at 1am to demonstrate it, but the library was pretty wonky and failed after a couple of calls/minutes. Let's call it a day.

Sunday was a bit of a relaxed day: roaming the terrain and peek at some talks. Meanwhile I was fixing spacenet because PsychiC's laptop on regular wifi acted up. Of course this was going over a VPN since I didn't want to reference the RADIUS server in any way.

Monday had a late start; some tiredness kicked in and everything went slow. After watching some talks on the stream, and ductaping the party tent together because the wind had ripped off all loops, we had a visit from Speakup, the DID number-block provider (trunk) at 3pm.

So if we could change the password for 8225 (vACK), because it was used last night to do several phone calls to Belarus. This made the number block go onto the blacklist. It took me an hour to install a firewall/router, reset the phone, rewire the cables and reconfigure everything, but we were up and running again.

After hanging around in the village, we got a visit from the mailperson from Chaos Post just around dinner time; I had received a greeting card. It stated:

TO:                                 FROM:
xopr                                Evil VoIP hacker
Torvalds Field
Please let me back into your Polycom :(

Note that the capitalization of every word is 100% correct. This person had done its homework. We applaud his effort, I was seriously impressed and we thanked Evil VoIP hacker on IRC and Twitter and offered a beverage. My commitment is that the beverage offer still stands.

When we left the village for some partying, I put the greeting card on top of the phone together with a bag of sweets, but the "prize" was never picked up..

The next and final day for me consisted of packing everything, and start tearing down the local infra in a controlled manner, followed by the party tent. I had no time to watch any talk and all packing, transporting and eating took 8 hours (one roundtrip to the car was 2km of which I had to do 5)

All and all, we had a lot of fun, talked to a lot of strangers (and incidentally, some familiar persons).

The phone hack was done beautifully, and it reaffirmed that everything is a target, even snail mail.

How I think the hack went:

  • Evil VoIP hacker downloads the phone book (number, description)
  • They send `SIP OPTIONS` to determine it’s IP address (it was a public address)
  • Next, do a port scan on all addresses
  • Have a list at hand with common usernames/passwords (and a password list modified to include names and keywords of this event)
  • Do a brute force login and extract the SIP credentials
  • Call Belarus using the credentials (or even the phone itself as plausible deniability) to trigger blacklisting of the DID provider
  • Find the “Village” wiki page that was name-referenced in the phone book entry
  • Visit the hackerspace’s web page and see which nickname relates to VoIP activity
  • Send a personal card to let you know they did research

Most interesting talk

There are so many different topics that it's hard to pick a favorite. One of the most interesting talks was pointing to a very simple problem: the e-signature of dynamic content documents and its legal validity. An honorable mention would be Reverse engineering Albert Heijn app: this was a fun talk and well presented.

Most interesting tech

Everywhere you look, there is tech, often combined with art. I've seen a dragon made out of emergency blankets, all kinds of light and mirror artwork and driving couches. The most interesting tech is actually anti-tech: how to use a rotary hammer to open electronic locks without damaging them (using a 3D printed knob-holder). The presenter did 7 locks in 90 seconds.

Most interesting stand

Note that there are not really stands that sell anything. If anything, they might ask for a donation and provide you something for free. My most interesting stand was the Arcade hall, where I did two games of flip the table on a Japanese arcade cabinet (equipped with a table).

What was reaffirmed

Everything is a target.

What needs more research

  • a better way to combine both VoIP systems
  • something something party-tent kite: they will never be a good alternative where there's wind

What have I leaned

  • although all people are nice, some environments they are in are really hostile.
  • always use complex passwords (you cannot escape a password manager or hardware token anymore)
  • apply a firewall
  • use a hardware firewall (router)
  • have IPv6? firewall
  • walking around with a laptop? firewall
  • drop down and over top cable management (power/network)
  • you cannot be too paranoid
  • you might need intrusion detection as well

What can I learn more

  • For events like these, it's good to have a list of items to bring, but also a list to do. This is something that needs work.
    • Local light art projects like Stoplichter
    • Better party tent walls
    • Hackerspace stamp / flag / merchandise
    • make a small battery powered transport vehicle that also has a hitch
  • IPv6 is beautiful, but in some ways way more complex than a regular NAT/PAT router

What could other people learn

  • Security costs time: use it or don’t participate at all
  • EVERYTHING is a target: your phone, your VPS/VPN entry-point, postal mail, your badge (bluetooth/wifi)
  • Power is a luxury: don’t expect uptime

What could $company learn

Visible hackers are really friendly and helpful, but also powerful in a way that nobody wants to see abused. Keep them happy or leave them at ease would be my approach.

List of Dutch hacker conferences
quadrennial eth0 summer/autumn eth0 winter
2022 MCH2022
2020 Eth0:2020 Autumn
2019 Eth0:2019 Autumn
2018 Eth0:2018 Winter
2017 SHA2017 Eth0:2017 Winter
2016 Eth0:2016 Winter
2015 Eth0:2015 Winter
2014 Eth0:2014 Summer Eth0:2014 Winter
2013 OHM2013 Eth0:2013 Winter
2012 Eth0:2012 Summer Eth0:2012 Winter

Also note: there is a yearly Hacker Hotel event

Project: Main Page
Featured: Yes
State Active
Members Vicarious, Stuiterveer, xopr
GitHub WiPhone build
No project picture! Fill in form Picture or Upload a jpeg here

Yay, WiPhone!

Be cautious charging the WiPhone on a Xiaomi Mi Power Bank 3 Pro
xopr's WiPhone broke down: his guestimates are that the device in USB-A port 1 that supported adaptive charging might bring the second USB-A port to 9V or 12V (out of spec), which in this scenario will fry the CP2104 USB-UART chip when you would plug it in second, no matter how short the time frame would be.

custom firmware

you can use the ACKspace modified firmware by setting into the ota.ini file (or via the telephone) Current applied patches:

  • LoRa 868MHz
  • fake NAPTR (hardcoded IP)
  • fix fiddly unlock (mentioned here)

Work in progress:

  • LoRa menu (currently crashes the phone, don't use)


#define RF95_FREQ 868.0 (See this (somewhat sparse) issue)
  • enable UDP by adding u=UDP_SIP to an account in data/sip_accounts.ini (not yet tested)

Get started

  • download source code
  • run V="0.8.30"; unzip WiPhone-$V && rm -fr WiPhone && mv WiPhone-$V WiPhone
  • open WiPhone/WiPhone.ino using Arduino
  • once: set up IDE (see documentation for details):
    • Open preferences (CTRL+,) and add (comma separated) into Additional Boards Manager URLs
    • go to Tools » Boards » Board Manager and install WiPhone
    • Arduino option Tools » ESP Sketch Data Upload: download into the ~Arduino/tools directory with mkdir -p ~/Arduino/tools && unzip -d ~/Arduino/tools
    • TODO: serial: sudo pip install pyserial (check your default python version)
  • Select Tools » Boards » Wiphone » Wiphone arduino
  • compile with (CTRL+r)

custom mods

command line build

The provided repo contains several patches and a semi-automated build/upload process to create your own custom binary (without opening the Arduino IDE) This includes:

  • caret cursor color fix
  • lockscreen fix (mentioned here as well)
  • LoRa 868MHz, menu is WIP
  • fake NAPTR (hardcoded IP)
  • loudspeaker fix (mentioned here)

FSBrowser app

Work in progress by stuiterveer

NFC reader

Work in progress by Vicarious

5V injector

To charge the Wiphone (with 5V, including charging indicator), without using USB (since xopr's UART is broken), he soldered 2 cables with female dupont ends to the 5V rail (not VBUS). With troubleshooting, he also noted some useful pads/components, more or less reversed engineered: File:Wiphone testpads components.svg

Here is the result


ACKspace aankoopbudget
Project: Main Page
Featured: Yes
State Active
Members Prodigity
GitHub No GitHub project defined. Add your project here.

ACKspace heeft een budget beschikbaar gesteld voor het kopen van spullen.

Het budget wordt ieder kwartaal met €50,- verhoogd.

Op deze pagina kan men aangeven welke spullen ze graag in de space willen zien.

Welke spullen er gekocht zullen worden, wordt bepaald door een telling van stemmen tijdens de deelnemersvergaderingen.

Het budget voor de pizza-meet van 4 april 2020 is €325,05

Het budget voor de pizza-meet van 3 oktober 2020 is €425,05

Het budget voor 3 oktober 2021 is €625,05

Het budget voor 2 juli 2022 is €675,05


  • Alleen producten die in de tabel staan worden overwogen voor aankoop!
  • Alle velden in de tabel moeten correct ingevuld zijn!
  • Producten worden alleen van webshops gekocht!
  • Prijs moet inclusief btw & verzendkosten zijn!
  • Je stem is alleen geldig als je aanwezig bent op een deelnemersvergadering!
  • Per deelnemersvergadering kan er maar max 1 product gekocht worden!
  • Meeste stemmen gelden.
  • Je kunt stemmen voor sparen als je meer geld in het potje wilt zien of voor stemonthouding als je onverschillig bent.
  • Bestuur niet lastig vallen om producten in de tabel toe te voegen; doe het zelf.
  • Bestuur bepaalt uiteindelijk hoe groot het budget is.

Productnaam Productprijs Waarom hebben we dit nodig? Productpagina Nickname Status
Osciloscoop Probes 4 stuks € 22 Voor de twee osciloscoops, (3 stuks ch1, ch2 trig en 1 voor de 2e scoop) of (4 stuks omdat we nu eenmaal 2 scoops hebben) link CoolePascal
Netwerk upgrades: Ubiquiti EdgeRouter X SFP €75,- (soms zo laag als €65,-)1 Ons netwerk kan wel weer een beetje liefde gebruiken; deze router heeft out of the box belachelijk veel configuratiemogelijkheden en is geschikt voor klein- en thuiskantoor. de 5 Gbit poorten kunnen passive-power-over-ethernet schakelen en de SFP poort is ideaal om glas te verbinden. Met 1.4M packets/s (64 byte pakketten; 80kpps voor 1518 byte pakketten) is dit de ideale bang-for-buck router met migratiemogelijkheden naar 3.4Mpps/490kpps en 3.4Mpps/650kpps voor respectievelijk ~€210,- en ~€300,-. Al deze routers zijn geschikt om de LITE/MESH Unifi accesspoints te voeden. Zie ook de vergelijkingstabel link xopr
Netwerk upgrades: 2x Ubiquiti UniFi AP-AC LITE (of combinatie met Ubiquiti UniFi AC Mesh 2x€75,- (soms zo laag als 2x€65,-), Mesh: ~€90,- (soms zo laag als €79,-)1 Bij een upgrade van de router hoort natuurlijk ook een upgrade van het draadloze netwerk; perfecte plaatsing van het wifi netwerk (niet zoals thuisrouters in de meterkast waar nooit iemand verblijft).

Deze schoteltjes bevatten 2x2 MIMO voor zowel 2.4 als 5GHz en met een actief draaiende controller ondersteunen ze ook mesh, load balancing en band steering. Ze ondersteunen 4 SSID's per band, en er is out-of-the-box-support voor WPA2-enterprise en VLAN om het netwerk te kunnen segregeren van testnetwerk en actief netwerk.

xopr stelt voor om er 1 in de slACKspace en 1 in de stACKspace te plaatsen voor goeie dekking tot in de tussenruimte en load-balanced in de hACKspace. Als suggestie kan er 1 MESH variant gekozen worden welke geschikt is voor buiten (in geval van kleine events) en welke komt met verwisselbare antennes.

1) om niet onder te doen voor ons huidige netwerk is minimaal een router en 1 accesspoint nodig (gezamelijk ongeveer €150,-)

link mesh variant xopr
Desoldeerstation - ZD-8915 €106 Maakt los wat vast zit. Headers verwijderen? Fluitje van een cent. link Adnub

Aankopen die reeds zijn gedaan:

Productnaam Productprijs Waarom hebben we dit nodig? Productpagina Nickname Status
Soldeerdampafzuiging € 61,99 Soldeerdampen horen niet in je longen thuis link Prodigity Roelke heeft er een voor de space geregeld!
Oven € 74,95 Grotere oven zodat er standaard diepvriespizza's in kunnen. Ook makkelijker schoon te maken. Kleine oven eventueel hergebruiken als reflow soldeeroven? link Adnub Besteld met de pizzameet van 2020-01-04!
PoE gigabit switch ~€50,- (~€65,- voor managed) Voor experimenteren/testen van Telefoons, IP cams en PoE in het algemeen, maar ook voeden van accesspoints, Raspberry Pi's en mediaconverters. unmanaged 4(+1) poorts PoE+ & managed 4(+4) poort xopr Besteld met pizzameet van 2022-07-02
Vriezer voor pizza. €258 De pizzaspace van Nederland heeft 24/7 access nodig tot pizza! Eventueel kan Ackspace pizza te koop aanbieden aan de deelnemers? Geselecteerde vriezer heeft een inhoud van 65 liter en is no-frost (maar moet volgens handleiding alsnog 2 keer per jaar ontdooid worden). link Adnub Besteld met pizzameet van 2022-07-02

Items die niet meer relevant zijn of niet worden aangekocht:

Productnaam Productprijs Waarom hebben we dit nodig? Productpagina Nickname Status
Paar nieuwe bureaustoelen. €59,99 * 2, 3, of 4 De bureaustoelen beginnen steeds baggerder te worden. Als we nu gewoon eens investeren in een paar nieuwe, dan kunnen we de echte schrott weggooien. Voor tussen de €40,00 en €60,00 heeft Ikea een aantal geschikte exemplaren, onderstaande lijkt mij de beste hiervan. link Computer1up
LED Matrix 8x32 € 14,58 RGB!!! link Thunder1410 Is een consumable endus niet voor deze lijst bedoeld (waar dan wel? hmmm wordt besproken)

Event: Main Page
Featured: Yes
State: Active
Start date: 22-10-2022
Start time: 00:00
End date: 22-10-2022
End time: 23:59
Contact: Adnub
Kind: Meeting
Location: Location::ACKspace
Fee: Free
Short description: Werken aan een project? You go girl!


Vanaf heden (9-7-2022) is er elke:

  • vóórlaatste zaterdag tussen 00:00 en 23:59 (de hele dag dus) een hacksessie evenement.

Het is dan de bedoeling om deze paar uurtjes exclusief te gebruiken om aan je project of willekeurige hack te werken, al dan niet als groepje. Gezien de huidige situatie is een virtuele space ingericht on als nog samen te werken zonder fysieke aanwezigheid te hoeven hebben. Je hoeft niet per se mee te doen, maar dit is natuurlijk hét moment om verder te komen met projecten.

  • Heb je een idee, maar weet je niet hoe je het kunt uitwerken? Vraag het dan op de mailinglijst, IRC of Telegram groep.
  • Kom je een onderdeel te kort? Mail het bestuur.
  • Ben je op zoek naar inspiratie? Kijk eens op patches welcome of bij de geparkeerde projecten en voeg jezelf gewoon toe aan je nieuwe favoriete project
  • Is iets, maar dan ook iets niet duidelijk? Gewoon vragen!


De volgende dagen zijn gekozen voor 2022:

  • Zaterdag 21 mei
  • Zaterdag 18 juni
  • Zaterdag 23 juli
  • Zaterdag 20 augustus
  • Zaterdag 17 september
  • Zaterdag 22 oktober
  • Zaterdag 19 november
  • Zaterdag 24 december (weekend van kerst)

De volgende dagen zijn gekozen voor 2021:

  • Zaterdag 23 januari (met aansluitend een online movie night geplanned)
  • Zaterdag 20 februari
  • Zaterdag 20 maart
  • Zaterdag 17 april
  • Zaterdag 22 mei (pinksterweekend (Hackers on a Bike, anyone?))
  • Zaterdag 19 juni (weekend van pinkpop)
  • Zaterdag 24 juli (midden in de bouwvakvakantie)
  • Zaterdag 21 augustus
  • Zaterdag 18 september
  • Zaterdag 23 oktober (een week voor halloween)
  • Zaterdag 20 november
  • Zaterdag 18 december (begin van de kerstvakantie, week voor CCC)
Spacestate sensors
Project: Main Page
Featured: Yes
State Active
Members Xopr
GitHub SpaceAPI-sensors
Description You can't manage what you don't measure
No project picture! Fill in form Picture or Upload a jpeg here

This project ties strongly with the MQTT setup (to connect to the SpaceAPI) as it uses Tasmota[1] on ESP devices for feature bang and ease of use.

Note that you're more than welcome to add any sensor (or actuator) that you might see fit for our hackerspace. Think: 3D printer nozzle temperature or filament weight, outside radiation, air quality, motion sensing, window opener and the likes; this project is proof anyone that can handle a screwdriver and PC can do this.


Create a modular repository of sensors and outputs to keep an eye on temperatures (and/or other stuff), especially for monitoring the server room, and optionally, the [sl|h|st]ackspace(s), including the space state switch.


After some iterations of the Space state switch and some versions of the Spacestate indicator, some different types of temperature sensors, it was time to make it easy on ourselves: switch to MQTT and use Tasmota[1].

In most cases, an off-the-shelf ESP device will suffice, but since not all devices are not galvanically isolated from mains, it's more practical to use an ESP-12 PCB for things where contacts are bare (like the Space state switch).

Here are the steps to setup such a device

configuring a spacestate sensor from scratch

Most of this (apart from the MQTT configuration) only applies to the Spacestate sensor board (see image); it will setup a pinout template that matches the board.

  • Under Configuration, click Configure Other
  • Paste this template: {"NAME":"ACKsensor","GPIO":[0,0,0,0,0,0,0,0,1,0,0,0,1,1],"FLAG":0,"BASE":18} and check Activate
  • Fill in Device Name (ACKtemp or ACKstate) and Friendly Name 1 (Space state switch or leave as is)
  • Save (will reboot)
  • Click Configure Module
  • Make sure Module type is ACKsensor (0)
  • Set functions for GPIO17 (ADC), GPIO16 (Typically Switch 1 or Button 1) and GPIO12 (DS18x20 which is connected to 3.3v using ~4k7 pull up) [2]
  • Save (will reboot again)
  • Click Configure MQTT
  • Set Host (, User (temperature or spacestate), Password (currently, only xopr knows these passwords), Topic (temperature, switch or spacestate) and Full Topic (ackspace/hackspace/%topic%/%prefix%/)
  • Save (will reboot yet again)

notes and troubleshooting


Note that this pin is special (it lives on a separate register internally, but more important, its internal pull resistor is to ground (pull-down) [3][4][5]


Note that the analog in is 0-1V maximum; use a voltage divider to limit its input.[6] and [7]

space state

To read a switch without having a corresponding relay one has to remember the default switch action is TOGGLE, which can be used in traveler-system (hotelschakeling) style: one can turn the light on with switch 1, turn it off with switch 2 (software) and turn it on with switch 1 again while the switch physically is in a different state. To change the behavior of the switch, use switchmode[8]:

switchmode 1
restart 1

Note that if you need the reverse (switch connects to poweroff), you need switchmode 1. Also note that restart 1 is needed to store the configuration.

multiple switches on the spacestate sensor

By default, one can use a single switch/button without a relay set. If you want to provide MQTT state for multiple switches without having corresponding relay outputs, you need some rule magic;[9]

Rule1 ON switch1#state DO publish ackspace/hackspace/%topic%/stat/RESULT {"POWER1":"%value%"} ENDON
Rule2 ON switch2#state DO publish ackspace/hackspace/%topic%/stat/RESULT {"POWER2":"%value%"} ENDON
Backlog Rule1 1; Rule2 1

other devices (switches)

Note that the space has a modified sonoff POW (old revision) that allows switching with a regular toggle switch while able to monitor the power usage. It uses the following template: {"NAME":"Dangerous POW","GPIO":[32,160,0,0,0,2592,0,0,224,2656,2688,288,0,0],"FLAG":0,"BASE":6} Note that while the GPIO is 5V relative to GND, it most likely is 225V above earth potential: insulate well and never connect it to your PC.

calibrating POW module

To calibrate a POW module (like in the hackcorner), you need the following[10]:

  • Multimeter (for measuring mains voltage)
  • Resistive load (higher=better, like the 500W SMD rework station)


  • monitor mains voltage
  • go to the sonoff console tab of the device
  • turn on the hot air station and crank up the dial
  • input the following (adjust the voltage and current accordingly)
for current, you use the formula: P/U*1000 = 500/227*1000 = in this case
VoltageSet 227
PowerSet 500
CurrentSet 2202.64
restart 1


When a device doesn't respond or won't connect to wifi, you might need to trigger recovery mode[11] by:

  • power it off for 30 seconds
  • power on 7 times with less than 10 second interval

Note that this only works if SetOption65 is 0 (which one would have disabled if brown-outs occur often.


Project: Main Page
Featured: Yes
State Active
Members Xopr
GitHub No GitHub project defined. Add your project here.
Description IXON IXrouter3 4G "cloud" modem
No project picture! Fill in form Picture or Upload a jpeg here


Has a

  • Mediatek MT7621AT
  • 8GB SD card
  • Winbond 25Q128JVSM 128Mbit serial flash
  • USB2512B USB2.0 hub
  • U-blox LILY-W131 wifi 2.4GHz, based on Marvell Avastor 88w8801
  • Quectel EC25-E (Main, DIV, GNSS)

Power (over Ethernet) compatibility:
barrel plug: none 24V

straight crosslink
802.3af yes unknown
legacy unknown unknown
compatible unknown unknown
Unifi unknown unknown

Note: has a 4p pluggable terminal block 12-24V

connecting UART

  • use 3.3V logic to be safe

Run terminal client in 56k 8N1: minicom -D/dev/ttyUSB0 -b57600 -os And make sure Hardware Flow Control is off: choose Serial port setup, f (to open the configuration menu, press Ctrl+a, o)

Uboot env

After pressing space to interrupt (within 1 second) you get:

Please choose the operation: 
   0: Load system code then write to Flash via Serial.
   1: Load system code to SDRAM via TFTP.
   2: Load system code then write to Flash via TFTP.
   3: Boot system code via Flash (default).
   4: Enter boot command line interface.
   7: Load U-Boot code then write to Flash via Serial.
   8: System Load UBoot to SDRAM via TFTP. (hidden in menu)
   9: Load U-Boot code then write to Flash via TFTP.

in the command line interface (4), you can continue booting with bootm bc050000

MT7621 # printenv

root password

The short answer is: it's on a "factory" partition in the flash, most likely located at 40000HEX.

How to get root without copying the flash (only using serial):

  • within the boot sequence at 3/4 of the log: search for "factory", most likely it reads something like:

[ 2.290000] 0x000000040000-0x000000050000 : "factory"

  • remember 40000HEX (and add 20DEC so it becomes 40014HEX
  • reboot (either press and hold the reset button >4s or pulse X2 pin 2 and 7
  • press space in the serial monitor (you have 1 second if it says Press space to enter the bootloader... ).
  • press 4
  • and type spi read 40014 10
    • it will return something like this:
    read len: 16
    38 4d 6d 42 52 32 35 6d 73 6d 0 0 0 0 0 0
  • use an online converter or run this in a javascript console:
    "38 4d 6d 42 52 32 35 6d 73 6d 0 0 0 0 0 0".split(" ").filter(n=>n!=="0").map(n=>String.fromCharCode(parseInt(n,16))).join("")

You can also retrieve it from the bin file: dd bs=1 skip=$((0x40000+20)) count=10 if=ixrouter.bin 2>/dev/null | tr -d '\000'

Oh by the way, it's 8MmBR25msm

pins and connectors


Labeled. located near reset button, 3.3v logic.

  1. GND
  2. RX
  3. TX


For programming/reading the SPI flash chip. Note that soldering a straight header will conflict with a SOIC clamp.

  1. VCC
  2. RST
  3. CLK
  4. DI
  5. DO
  6. CS
  7. GND

To reset, connect pin 2 and 7 with a small resistor (used 180Ω)

open ports

22/tcp   open  ssh
53/tcp   open  domain
9230/tcp open  unknown

firmware image


Used minipro on a TL866II+ with 8 pin SOIC clamp while keeping the board in reset (connecting X2 pin 2 and 7)

$ minipro -p W25Q128JV@SOIC8 -r ixrouter.bin --vcc=3.3 -y
Found TL866II+ 04.2.86 (0x256)
Warning: Firmware is out of date.
  Expected  04.2.128 (0x280)
  Found     04.2.86 (0x256)
WARNING: Chip ID mismatch: expected 0xEF4018, got 0xEF7018 (unknown)
Reading Code...  27.08Sec  OK

file information

To extract the image parts, you need sasquatch and jefferson additional to binwalk, see: binwalk dependencies

$ binwalk --signature --term ixrouter.bin

78080         0x13100         U-Boot version string, "U-Boot 1.1.3 (Dec 21 2017 - 10:47:42)"
327680        0x50000         uImage header, header size: 64 bytes, header CRC: 0x4DD3DDDF, created:
                              2018-08-07 13:36:39, image size: 1213865 bytes, Data Address:
                              0x80001000, Entry Point: 0x80001000, data CRC: 0x82EB32CA, OS: Linux,
                              CPU: MIPS, image type: OS Kernel Image, compression type: lzma, image
                              name: "MIPS OpenWrt Linux-3.18.75"
327744        0x50040         LZMA compressed data, properties: 0x6D, dictionary size: 8388608 bytes,
                              uncompressed size: 3663424 bytes
1541609       0x1785E9        Squashfs filesystem, little endian, version 4.0, compression:xz, size:
                              6334418 bytes, 1478 inodes, blocksize: 262144 bytes, created: 2018-08-07
7929856       0x790000        JFFS2 filesystem, little endian

Note that xopr used mtd-utils but jffs2reader gives an Unsupported compression method! error.

generated config file

The config file, to be generated online and put on a stick looks roughly like this:

# Router configuration
# Generated by Xosperois Dimitri for ACKspace on Mon Jan 1 1900










convert to regular (4G) router

you need:

  • IXrouter3
  • mini (the regular) SIM card without an active pin code


  • make it a fresh install, login and type:
    either firstboot -y && reboot now (soft factory reset)
    or umount /overlay && jffs2reset && reboot now (hard factory reset)
  • login via ssh ( root@ on LAN port (2-5) or 3.3v serial terminal header near the sim card slot
  • disable ixagent completely:
    /etc/init.d/ixagent stop
    /etc/init.d/ixagent disable
  • edit /etc/opkg/distfeeds.conf
    disable or remove src/gz chaos_calmer_ixpackages http://...
    add: src/gz chaos_calmer_luci
  • insert wan cable (check IP lease) and run the following:
    opkg update
    opkg install luci-ssl Note that uqmi doesn't want to install command line, use luci system software to install
    unsure/future: opkg install luci-app-openvpn
  • via luci (, remove all network firewall zones and add:
    WAN (wan, wan6, wwan) masquerading & MSS clamping (maybe include sta_wan and sta_wan6)
    LAN (lan) allow forward to DESTINATION zones WAN
  • save & apply

enable the 4G router

Note that when a sim card is present, it will connect automatically and be the primary route to internet.

  • go to network interfaces and edit WWAN
    Protocol: DHCP client, switch protocol and set a nice hostname. Save & Apply
  • click Connect
  • if this doesn't seem to work (no RX data), either reboot, go to System Software and install (filter for) uqmi
    login with SSH and type the following:
    /sbin/uqmi -d /dev/cdc-wdm0 --set-device-operating-mode offline
    /sbin/uqmi -d /dev/cdc-wdm0 --set-device-operating-mode reset
    wait 20 seconds
    /sbin/uqmi -d /dev/cdc-wdm0 --set-device-operating-mode online
    /sbin/uqmi -d /dev/cdc-wdm0 --set-autoconnect enabled

enable wifi AP

By default (and using the cloud config generator), the U-blox wifi device is set to station (client) when booting. The script is at /lib/wifi/ and it read properties generated via ixrouterconf2uci (not sure whether it's possible to trigger the correct data via the ixconfig). The driver is Marvell WiFi-Ex Driver (cfg80211)

To prepare for accesspoint mode, run the following:

uci set'11'
uci set wireless.ap_lan_iface.ssid='ACKspaceWifi'
uci set wireless.ap_lan_iface.key='Nope. Nope nope nope nope nope.'

To switch, do this:

uci set wireless.ap_lan_dev.disabled='0'
uci set wireless.sta_wan_dev.disabled='1'

To apply the new wifi settings, run /etc/init.d/network reload and to permanently store them, use uci commit


Not possible with the current (closed) driver+firmware

Short version: remove wpad-mini and install wpad. Rest might be command line settings only since the web interface for wifi doesn't play nice with the current setup.

setup openVPN (automatically connects)

Note that this will have OpenVPN connect automatically and DNS might give problems. If so, select both WAN and VPN in the second-to-last step.

To connect to the ACKspace VPN (tun), change the interface:

  • go to Network Interfaces and Edit VPN
  • under Physical Settings choose Custom interface: tun+
  • Save & Apply
  • go to Network Firewall and add a Zone:
    VPN (vpn) masquerading (possibly also MSS clamping)
  • Save & Apply
  • locate your ackspace.ovpn file and make sure it contains the following line:
    auth-user-pass /etc/openvpn/login.conf
  • copy the file:
    scp ackspace.ovpn root@
  • SSH into the router and create the following file containing username and password on a separate line: /etc/openvpn/login.conf
  • /etc/init.d/openvpn restart
  • finally, in Luci, go to Network Firewall -> Zone LAN and click Edit
  • switch Allow forward to destination from WAN to VPN
  • Save & Apply

custom scripts

These modified scripts restore some of the functionality that seems to be absent when not using the ixagent daemon.

custom wifi monitor. When 4G/LTE is enabled, the signal quality will display the cell strength (Reference signal received quality).

  • blinking red: pending sim card not active
  • red: bad signal
  • purple: medium signal
  • blue: good signal

Also, the blue act led will light when the VPN is active (and blink when (dis)connecting) /etc/init.d/wifi-monitor

Click here to view the source code
#!/bin/sh /etc/rc.common

        run_monitor     Run the signal strength monitor

MONITOR_APP="/bin/sh /etc/rc.common /etc/init.d/wifi-monitor run_monitor"




	echo "wifi-monitor: $1" > /dev/kmsg

	local value=`iwinfo mlan0 info | grep 'Quality'`

	if [[ "$value" == "${value/Link Quality//}" ]]; then
		# No value found
		echo "?"

	echo "$value" | sed "s/.*Link Quality: //"

	local led_name=$1
	local trigger=$2
	local arg=$3

	echo $trigger > ${LED_PATH/%name/$led_name}/trigger

	case $trigger in
		echo $arg > ${LED_PATH/%name/$led_name}/brightness
		echo $arg > ${LED_PATH/%name/$led_name}/message
		echo $LED_MORSE_DELAY > ${LED_PATH/%name/$led_name}/delay
		echo $arg > ${LED_PATH/%name/$led_name}/delay_on
		echo $arg > ${LED_PATH/%name/$led_name}/delay_off

	local signal=$(get_signal_value)
	VPN=$(route|grep tun|awk '{ print $2 }'|grep -v "*"|head -1)
	if [[ -n "$VPN" ]]; then
		ping -W 1 -c 1 $VPN > /dev/null
	if [[ -n "$VPN" ]]; then
		echo "none" > /sys/class/leds/ix2:blue:vpn/trigger
		echo 1 > /sys/class/leds/ix2:blue:vpn/brightness
	elif [[ -n "$(ps w|grep openvpn|grep -v grep)" ]]; then
		echo "timer" > /sys/class/leds/ix2:blue:vpn/trigger
		echo 500 > /sys/class/leds/ix2:blue:vpn/delay_on
		echo 500 > /sys/class/leds/ix2:blue:vpn/delay_off
		echo "none" > /sys/class/leds/ix2:blue:vpn/trigger
		echo 0 > /sys/class/leds/ix2:blue:vpn/brightness

	# Check if cellular device is enabled multiwan, then dont override
	if [[ "1" == $(uci get mwan3.wwan.enabled) ]]; then
	# Check if wireless device is enabled
	elif [[ "1" == $(uci get wireless.sta_wan_dev.disabled) ]]; then
		if [[ -x "/sbin/uqmi" ]]; then
			# get rsrq (bad -40 to -3 good) status
			RSRQ=$(/sbin/uqmi -d /dev/cdc-wdm0 --get-signal-info|grep rsrq|grep -Eo "\-[0-9]+")
			if [[ "$RSRQ" -ge -10 ]]; then
				# Excellent
			elif [[ "$RSRQ" -ge -15 ]]; then
				# Ok
			elif [[ "$RSRQ" -ge -20 ]]; then
				# Terrible
			elif [[ "$RSRQ" -ge -40 ]]; then
				# None
	elif ! ifstatus sta_wan 2> /dev/null | grep -q "pending.*false"; then
		logger -t wifi "Interface 'mlan0' is pending"

	# Only update signal value when needed
	if [[ "$signal" == "$last_signal" ]]; then

	case $signal in
		set_led_status $LED_NAME_RED  none 0
		set_led_status $LED_NAME_BLUE timer 1500
		set_led_status $LED_NAME_RED  timer 1500
		set_led_status $LED_NAME_BLUE none 0
		set_led_status $LED_NAME_RED  none 1
		set_led_status $LED_NAME_BLUE none 0
		set_led_status $LED_NAME_RED  none 1
		set_led_status $LED_NAME_BLUE none 1
		set_led_status $LED_NAME_RED  none 1
		set_led_status $LED_NAME_BLUE none 1
		set_led_status $LED_NAME_RED  none 0
		set_led_status $LED_NAME_BLUE none 1
		set_led_status $LED_NAME_RED  none 0
		set_led_status $LED_NAME_BLUE none 1
		set_led_status $LED_NAME_RED  none 0
		set_led_status $LED_NAME_BLUE none 0


	service_start $MONITOR_APP

	log "Killing wifi signal strength monitor"


	set_led_status $LED_NAME_RED none 0
	set_led_status $LED_NAME_BLUE none 0

	log "Running wifi signal strength monitor"

	while /bin/true; do


custom reset that toggles VPN service if pressed <3s In the future, the opticoupler input will be used for this and the short reset will (re-)enable the access point.


Click here to view the source code
#!/bin/sh /etc/rc.common



	echo "rc.button.reset $1" > /dev/kmsg

	# Start sleeping
	sleep 3 &

	local SLEEP_PID=$!

	# Put PID of sleep process to file

	# Wait for sleep to finish
	wait $SLEEP_PID

	# If sleep was killed, do nothing
	if [ "$?" != "0" ]; then
		# Remove PID file so next push can work properly
		log "User let go before timeout - not resetting"
		rm "$PID_FILE"

	# User waited 3 seconds after pressing the button. Factory reset time

	# Update file so next button press knows it can't be stopped
	log "Waited long enough - factory resetting now"

	# Stop IXagent to get control of LEDs
	log "Stopping IXagent"
	/etc/init.d/ixagent stop

	# Inform user we've started to factory reset
	log "Setting LEDs"
	echo "timer" > $LED_PATH_R/trigger
	echo 50 > $LED_PATH_R/delay_on
	echo 50 > $LED_PATH_R/delay_off

	echo "timer" > $LED_PATH_B/trigger
	echo 60 > $LED_PATH_B/delay_on
	echo 60 > $LED_PATH_B/delay_off

	# Do a reset on the 3G module
	# Should improve stability and ease-of-use
	echo 0 > /sys/class/gpio/3g-perst/value

	# Do the actual factory reset
	jffs2reset -y
	if [ "$?" != "0" ]; then
		log "jffs2reset failed!"


if [ "${ACTION}" = "pressed" ]; then
	if [[ -z "$(ps w|grep openvpn|grep -v grep)" ]]; then
		/etc/init.d/openvpn start
		/etc/init.d/openvpn stop
	if [ -f "$PID_FILE" ]; then
		log "Ignoring pressed - already running"

	log "Starting reset"
	process_reset_button &

if [ "${ACTION}" = "released" ]; then
	if [ ! -f "$PID_FILE" ]; then
		log "Ignoring released - not running"


	if [ "TOOLATE" = "$SLEEP_PID" ]; then
		log "Button released after reset started"

	log "Stopping reset"
	kill $(cat $PID_FILE)
	if [ "$?" != "0" ]; then
		log "Kill failed"

	log "Reset stopped"

return 0


echo 0 > /sys/class/gpio/wifi-pd/value # disable wifi
echo 1 > /sys/class/gpio/wifi-pd/value && wifi reload # enable wifi
echo 0 > /sys/class/gpio/3g-perst/value # disable 3g (fast)
echo 0 > /sys/class/gpio/3g-power-enable/value # disable 3g (slow)

alternative power

It is possible to power the router with a USB-C powerbank for off-the-grid usage, ideal for a hackers on a bike tour. All you need is:

Tested on a fully charged Xiaomi Mi Powerbank 3 (20Ah) and had an uptime of 26:45h.


Alternative power combined with a Unifi PoE hack, this could be used for a mobile spacenet. xopr's "event" accesspoint has spacenet on VLAN 6; it's easier to add a VLAN than to reprovision the accesspoint every time:

  • in Network > Switch
    • Add, 6 off, tagged, tagged, tagged, tagged, off, tagged
    • Save, apply
  • in Network > Interfaces
    • Add new interface...
    • Name: ACK
    • Protocol: Static
    • Covering: VLAN interface eth0.6
    • Next >
    • Setup DHCP server (first!)
    • IPv4
    • Netmask:
    • Advanced: Bring up on boot
    • Create firewall zone: LAN
    • Save & apply

Disable regular wifi with uci set wireless.sta_wan_dev.disabled='0' and apply with /etc/init.d/network reload. (TODO: verify that it's back up after reboot)>


  • new firmware: determine DSA wan/lan layout location (U-boot?)
  • new firmware: determine gpio pinout mapping
  • new firmware: get/compile working U-blox LILY-W131 (Marvell Avastor 88w8801) driver+firmware
  • new firmware: get/compile working Quectel EC25-E driver
  • determine DNS requests when vpn is active (currently doesn't work)
  • toggle/enable AP upon short reset
  • determine external gpio

also see

Freeplay Lanaken
You are looking at an event that took place in the past
Event: Main Page
Featured: Yes
State: Planned
Start date: 2022/06/10
Start time: 19:45
End date: 2022/06/10
End time: 00:00
Contact: Computer1up
Kind: Party
Location: Location::ACKspace
Fee: €15,- p.p.
Short description: Bezoekje aan de arcadehal van Fabrizio!


We gaan een bezoekje brengen aan de Freeplay arcadehal in Lanaken, van niemand anders dan de enige echte Fabrizio!

Entree is € 15,00 p.p. Aanvang is om 19:45 op de parkeerplek bij de arcadehal. Adres: Industrieweg 1D 3620 Lanaken (B)

Voeg jezelf hieronder toe als je mee wilt:

  1. computer1up
  2. adnub
  3. Thunder1410
  4. Prodigity
  5. Wolkje

Neem contact op met computer1up als je nog vragen hebt!

Project: Main Page
Featured: Yes
State Active
Members Coolepascal
GitHub No GitHub project defined. Add your project here.
Description Arduino Space State indicator for home
No project picture! Fill in form Picture or Upload a jpeg here

My verry fancy space state indicator broke down, so i tried to recreate it using stuff i had laying around, which was a Wemos D1 R1 arduino clown to which i added a shield with a RGB led. There is also an output to drive a beeper that sounds if the space state changens to 'Open'

Pin Numbering on this board is a bit confusing but this how i did set it up.

Led-Red pin 7
Led-Green pin 6
Led-Blue pin 5

(In this version i did not hookup the beeper anymore, although the software still supports it) The RGB Led is hooked up to the pins using 100 Ohm resistors which offers adequate current to give a clear indication.

In the code provided below the login credentials for your personal wifi router have to be setup. The flashy light sequence "Das blinken das lichtes| shows during startup if everything goes well. The following startup stages are implemented for diagnostics

During startup All colors will flash once
During WiFi login Blue Color flashing Red until login was sucsesfull
Running Red, Green or Yellow depending on the SpaceState or Dark on server error.

Eventualy the Space indicator should show eighter Green for OPEN or Red for closed. If there is a problem in requesting the actual space state, the indicator shows Yellow. And it will remain dark if the server could not be connected.

The SpaceState is requested each 15 seconds, indicated by a show blue flash on the indicator

You can copy the code into a Arduino sketch Select for the board LOLIN(WeMos) D1 R1

If you can't find this board in your Arduino IDE most likely your setup has no support for ESP32 yet. In this case click on File->Preferences And add the following line to 'Additional Boards Manager'

Then tools->Board->Board manager And perform a update. Afther this, you'd select the WeMos board and compile the sketch

// Title:       SpaceStateIndicator.ini
// Function:    Arduino Space State indicator for home
// Author:      CoolePascal (C) 2022 Common Licence dinges

// Board:       WeMos D1 R1
// Port:        ..
// CPU:         ESP-8266 (Warning, Select WeMos Board !)
// Programmer:  Arduino Gemma or WeMos D1

const char *ssid       = "YourWifiRouter";
const char *passwd     = "YourWifiPassword";

const char *host       = "";
const int   port       = 443;
const char* streamId   = "....................";
const char* privateKey = "....................";


#define LEDR      D13
#define LEDG      D12
#define LEDB      D7
#define BELL      D8

#define OFF        0
#define LED_RED    1
#define LED_GREEN  2
#define LED_BLUE   4
#define LED_YELLOW 3
#define LED_BELL   8


#include <ESP8266WiFi.h>

// Set multi color led
void set_RGB(int rgb)
    digitalWrite(LEDR, (rgb&LED_RED)==LED_RED);
    digitalWrite(LEDG, (rgb&LED_GREEN)==LED_GREEN);
    digitalWrite(LEDB, (rgb&LED_BLUE)==LED_BLUE);
    digitalWrite(BELL, (rgb&LED_BELL)==LED_BELL);

// Dim the LED, flash once BLUE, then flash RED n times
void Signal(int n)
    int t=250;
    for(int i=0;i<n;i++)

// Hardware test
void hw_test()
     int t=750;

// Initialize ports and Wifi connection
void setup()
    int l=1;
    pinMode(LEDR, OUTPUT);
    pinMode(LEDG, OUTPUT);
    pinMode(LEDB, OUTPUT);
    pinMode(BELL, OUTPUT);


    WiFi.begin(ssid, passwd);
    while(WiFi.status() != WL_CONNECTED)

// Main loop
void loop()
    static int spacestate;
    static int spaceopen=0;
    int chime=0;
    WiFiClientSecure client;
    int clientresult=0;

    // Startup, try to connect
    if(client.connect(host, port))
        unsigned long timeout = millis();

        String url = "/spaceAPI/";

        // Connected to server
        set_RGB(SPACE_ACQUIRE | spacestate);

        client.print(String("GET ") 
                     + url + " "
                     + "HTTP/1.1\r\n" 
                     + "Host: " + host + "\r\n"
                     + "Connection: close\r\n\r\n");

            if(client.available() == 0)
                if(millis() - timeout > 5000)
                    // Server connect timeout

        // If connected to server
            // Read lines from page until done
                String line = client.readStringUntil('\n');
                int l = line.indexOf("\"state\":");
                        spacestate = SPACE_OPEN;
                        spaceopen = 1;
                    else if(line.indexOf("\"open\":false")>l)
                        spacestate = SPACE_CLOSED;
                        spaceopen = 0;
Project: Main Page
Featured: Yes
State Active
Members xopr
GitHub mqtt spaceAPI
Description Space empty? Power off!
No project picture! Fill in form Picture or Upload a jpeg here


Read sensors and do some space automation using the Message Queuing Telemetry Transport protocol.

Currently, you can see the solder table powerstrip connected in the power graph.

current status

The MQTT server can be found at, via the regular port (1883) as well as the TLS port (8883) and secure websockets at port 443 (subject to change). To connect securely, use the certificate authority chain

There is a sonoff Pow wifi switch in the space, (not yet) connected to a powerstrip near the soldering table (in a brown plastic case with a toggle switch on top of it).

The idea is to gradually add them to every power strip so we can:

  1. measure (over)current
  2. switch them off centrally if the space is closed (or notify the user that they are still on, for example, 3D printers).

It currently runs a modified version of the famous Tasmota firmware (the modification allows dangerous GPIO whist using the energy measurement).

NOTE: the switch is built in a box with an external toggle switch. This switch has potentially 240v on its contacts so don't open it and touch the contacts when it is plugged in! Also don't connect both serial and mains; things will break.

You can toggle it via wifi on h1r-2067.lan (subject to change), or by issuing a mosquitto_pub -L 'mqtt://username:password@' -m 'TOGGLE'

Read it's status by subscribing to the sensor topics: mosquitto_sub -L mqtt://ackspace:ackspace@ Install mosquitto-clients to start experimenting. If you run into problems or find something interesting/broken, let xopr know.


The proposed topic hierarchy is as followed: [base]/[room]/[device]/[prefix]/[type] Where both [prefix] and [type] come from Tasmota's topic definition (tele stat cmnd and SENSOR STATE RESULT POWER LWT respectively). Try to use all-lowercase names (with an exception of the last bit, often in CAPS),

At least ackspace, common, outside and services are supported as base. Services are a bit special; choose a category for room (i.e. voip) and an identifiable name for device (i.e. freeswitch); see the extra examples list of topics further below.

In the future, we can extend this to support something like offsite and the names of participants.

Since ACKspace doesn't have rooms at different levels, the second hierarchy level consist of the room, like slackspace, hackspace and stackspace. device is the name of the device (similar as Tasmota's %topic%) like spacestate, temperature, hackswitch or fluorescent1.

At least the following topics will be implemented first:

  • ackspace/hackspace/spacestate/stat/RESULT (json power state)
    • ackspace/hackspace/spacestate/stat/POWER1 (string power state)
    • ackspace/hackspace/spacestate/tele/STATE (json state at interval)
  • ackspace/hackspace/temperature/tele/SENSOR (json telemetry data)
  • outside/courtyard/barbecue/tele/SENSOR (json telemetry data)

Extra examples:

  • services/voip/freeswitch/tele/STATE (FreeSWITCH specific data, like caller id)
  • services/network/bandwidth/tele/SENSOR (Current network bandwidth usage)
  • offsite/xopr/whatever/topic/he/pleases (details might be negotiated for ease of use)

server setup

allow_anonymous false
password_file /etc/mosquitto/passwd
acl_file /etc/mosquitto/acls

listener 1883
protocol mqtt

listener 8883
protocol mqtt
cafile /etc/mosquitto/ca_certificates/ca.crt
certfile /etc/mosquitto/certs/server.crt
keyfile /etc/mosquitto/certs/server.key

listener 443
protocol websockets
cafile /etc/mosquitto/ca_certificates/ca.crt
certfile /etc/mosquitto/certs/server.crt
keyfile /etc/mosquitto/certs/server.key

/etc/mosquitto/acls (modified)
user spacestate
topic write ackspace/+/spacestate/#

user temperature
topic write ackspace/+/temperature/#
topic write +/+/barbecue/#

user hackspace
topic write ackspace/hackspace/#
topic deny ackspace/+/spacestate/#

user slackspace
topic write ackspace/slackspace/#
topic deny ackspace/+/spacestate/#

user stackspace
topic write ackspace/stackspace/#
topic deny ackspace/+/spacestate/#

user myservice
topic write services/category/myservice/#

user ackspace
topic read #

Passwords are generated with: sudo mosquitto_passwd /etc/mosquitto/passwd [user]


This script uses mod_cidlookup combined with a custom php page. It tests the number against a SQLite database, several reversed number lookup websites, the national telecommunications authority database and a coarse array of areas of the world, which are called in order of granularity. The script can be called both on outgoing and incoming calls

Telephone System

Create and/or implement a telephone communication system for fun and automation. It can provide conference and congress rooms, quickly notify if the space is closed and provide a quick and cheap way of communication.

Project: Main Page
Featured: Yes
State Active
Members Da Syntax, Xopr, Prodigity
GitHub No GitHub project defined. Add your project here.
Description Minew BLE/Wifi Gateway
No project picture! Fill in form Picture or Upload a jpeg here

A.K.A. Minew, MS93MFZ_V1.0, MS93MF6_V1.2, MT7628, Thingoo, 2ABU6-G1 Thanks to Monadnock for a lot of the pin labels


play with the LEDs

kill the pubmsg service

kill -9 `ps w|grep watchdog_loop|grep -v grep|awk '{ print $1 }'`
kill -9 `ps w|grep autopubmsg|grep -v grep|awk '{ print $1 }'`
killall -9 pubmsg

Random color animation:

while true; do head -c96 /dev/urandom > /dev/ws2812 ; usleep 50000; done

Draw a (bad) VU meter:

echo -en '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\xff\x00\x00\xff\x00\x00\xff\x00\x00\xff\x00\x00\xff\x00\x00\xff\x00\xff\xff\x00\xff\xff\x00\xff\xff\x00\xff\xff\x00\xff\xff\x00\xff\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' > /dev/ws2812

or use a custom built File:Fartnet.gz to listen as a fake artnet endpoint (source here) to get this:

connecting UART

New firmware has a script that install openssh-server, so UART is no longer required to get things up and running!

/!\ don't connect PoE and UART, you will fry the main board; there is a 43v difference in ground planes.

use 3.3V logic to be safe

For best results (prevent console glitches and boot loops), disconnect UART VIN and connect regular (micro) USB power

Run terminal client in 56k 8N1: minicom -D/dev/ttyUSB0 -b57600 -o And make sure Hardware Flow Control is off: Ctrl+a, o, choose Serial port setup, f

install secure shell daemon

Connect to Minew AP (wifi).

Login with default credentials, if it doesn't work; hold reset pin atleast 30 seconds while booting device.

Update firmware (see below).

Configure Minew to use your network with wifi or ethernet in the Network tab.

Take note of IP address in Status tab.

Disconnect from Minew AP.

Visit http://thingoo/cgi-bin/installssh (you might need to fill in its IP address).

After it is installed you should be able to SSH to the device!

gain root access by #updating firmware and run the following:

opkg update
opkg install openssh-server
vi /etc/ssh/sshd_config

make sure PermitRootLogin yes is set for (ch)easy login

/etc/init.d/sshd restart

updating firmware

The current version at the time of writing is v3.2.2

  • login to the router (http)
  • go to tab Other (the last tab)
  • scroll to FIRMWARE UPGRADE
    • either choose USB and put the firmware as thingoo-upgrade.bin on the root of a USB stick (case sensitive)
    • or choose put the firmware on a (local) webserver and fill in its URL (root:kakhoofd). Case sensitive: chances are, you have to rename the file thingoo-upgrade.bin!

root password

The password as of yet is unknown (you can flash other firmware with a known/empty password so no real problem).

The shadow hash is $1$Sevciuy0$CRuXyRAOWeathkwz1T00I1 (md5crypt) and is not in the 13GB Rocktastic12a password list, nor is it found by hashcat -O -a 3 -m 500 hash.txt -1 ?l?u?d ?1?1?1?1?1?1?1 --increment, which means, it either consists of punctuation marks/spaces (?s), or is 8 bytes long or longer, which the latter would take roughly a week on 8 × RTX3090s to verify.



Some Linux distro's hijack the serial port for modem usage; when you're experiencing problems, try and disable the ModemManager service:

systemctl disable ModemManager.service
systemctl stop ModemManager.service

Hardware flow control

If your serial is working intermittently, make sure Hardware flow control is off; for minicom it's: Ctrl+a, o, choose Serial port setup, f

If your terminal glitches or if you have boot loops, make sure you have a proper power supply and don't mix several supplies (i.e. PoE, USB, UART)

pins and connectors


SoM row near the UART (J8) header

  1. USB D-
  2. USB D+
  3. GND
  4. SD_D2 (MDI_TN_P4)
  5. SD_D3 (MDI_TP_P4)
  6. SD_CMD (MDI_RN_P4)
  7. SD_CLK (MDI_RP_P4)
  8. SD_CD (MDI_TN_P3)
  9. SD_WP (MDI_TP_P3)
  10. SD_D0 (MDI_RN_P3)
  11. SD_D1 (MDI_RP_P3)
  12. ETH TXON0 (MDI_TN_P0)
  13. ETH TXOP0 (MDI_TP_P0)
  14. ETH RXIN0 (MDI_RN_P0)
  15. ETH RXIP0 (MDI_RP_P0)
  16. GND
  17. UART_RXD0 (GPIO#13)
  18. UART_TXD0 (GPIO#12)
  19. PWM_CH0 (GPIO#11, testpoint T11)


SoM row near the SD card slot

  1. I2C_SD (GPIO#5)
  2. I2C_SCLK (GPIO#4)
  3. I2S_CLK (GPIO#3)
  4. I2S_WS (GPIO#2)
  5. I2S_DO (GPIO#1)
  6. I2S_DI (GPIO#0)
  7. GND
  8. UART_RXD1 (GPIO#46)
  9. UART_TXD1 (GPIO#45)
  10. WLED_N (GPIO#44)
  11. LINK0 LED1 (GPIO43, active high)
  12. LINK3
  13. LINK4
  15. REF_CLKO (GPIO#38)
  16. GND
  17. GND
  18. VDD (3.5v, testpoint T2)
  19. VDD (3.5v, testpoint T2)


UART, presumably 3.3v

  1. Vin (tied to U10-8, EML3276 near SW2, also to testpoint DC4.5V=T20 via switch J13 in on-position)
  2. RxD
  3. TxD
  4. GND


related to nRF52

  1. GND
  2. V (3.3v, same potential as T23)
  3. D ?
  4. C ?
  5. Reset?


IPEX/UFL for Bluetooth, connected to the middle antenna


Ribbon connector to WS2812 LEDs, flip up to release


Power (over Ethernet) compatibility:
barrel plug: none 5V

straight crosslink
802.3af yes unknown
legacy unknown unknown
compatible unknown unknown
Unifi no unknown

Note: has a micro USB connector

also see

Portable electronics workbench
Project: Main Page
Featured: Yes
State Completed
Members Xopr
GitHub No GitHub project defined. Add your project here.
Description Workbench on-the-go
Bench open.jpg

This project page is more of a reference to xopr's notes: About 4-4.5 years ago I needed to take measures to turn my guest bedroom/workshop/storage into a babyroom. To still be able to do some tinkering, I've decided to create a portable electronics workbench with small and fairly cheap tools:

  • 170W laptop power brick
  • DSO138 oscilloscope
  • DPS3005 30V 5A lab power supply
  • TS100 soldering iron
  • multimeter
  • some banana plug cables
  • box with electronic hardware and dev boards
  • various pliers and screwdrivers
  • locks and handlebar from an old hardware case from back when it was popular to walk around with a desktop-pc-in-suitcase

I've designed the bench using Sketchup with 9mm MDF walls in mind.

The model I've created to derive the measurements from is here (zip)


  • the design is derived from measurements of the plastic compartment box on the back, the laptop PSU, multimeter and tools I had at hand or found useful
  • everything that needed to be bolted down has been done with countersunk bolts to prevent obstruction or scratching the underlaying surface
  • the "rubber" band that holds the tools and storage box came from a fabric or textile shop and is stapled onto the wood
  • the left door has to close before the right, and will be held in place by the work area which in place is held closed by the lid of the sliding mechanism.
  • when the sliding part is pulled out, it can rest on top of the base by placing it a bit forward (on the thicker walls that provide the sliding mechanism in the first place)
  • paint MDF; use a lot of paint to reinforce the material since (hardware store quality) MDF is really soft. Note that you might have to accommodate for the thickness of the paint layer
  • it actually might be way better/stronger to use 9mm triplex/multiplex
  • keep the saw blade thickness in mind when slicing up the wood
  • note that there is no storage room underneath the sliding part (a couple of sheets of instructions at most)
  • the bench is designed with compactness in mind; it takes some time and effort to set it up and tear it down so it's not a "quick bench"

Visiting address:
Kloosterweg 1
6412 CN Heerlen
Mail: see the communication page

(refresh table)