My Blog Posts

You are more than welcome to express your opinion and join the conversation in the comments section of the posts.

Poor Man’s device discovery (DNS)

August 4, 2016 | no comments

I have a home network that contains a mixture of devices, some of which that receive a static IP address such as the printer, and some of which receive a dynamic IP address such as mobile phones and tablets.

The home router is setup to give every device with a static IP address a host name, such as “printer.home” or “nas.home”, making it easy to access the device’s UI (if it has one).  However, the router isn’t capable of assigning host names to devices with a dynamic IP address.

For the most part this isn’t an issue, but every once in a while I do need to access the mobile phone or tablet via the browser or similar.  This means having to lookup the IP address of the device in the router, which in turns means I have to login to it and navigate through various screens.

So I thought: “why not give every device a host name / DNS entry?”.  But with the router not capable of assigning them to dynamic IP addresses (based on MAC for example), or able to set the host name on some devices, how? Luckily I have a Raspberry Pi that’s sitting in a closet 24/7 doing very little, so I’ve put that to good use. continue reading →

Quick note: FUSE inside Proxmox LXC container

February 26, 2016 | no comments

Proxmox’ LXC containers do not have the /dev/fuse device created automatically.  A quick way of doing that is by adding the following two lines to the container’s configuration on the host node (in /etc/pve/lxc/<$container_id>.conf):

lxc.autodev: 1
lxc.hook.autodev: sh -c "mknod -m 0666 ${LXC_ROOTFS_MOUNT}/dev/fuse c 10 229"

I’m using “sh -c” directly rather than a separate script, so that this configuration is migrated to other nodes in the cluster.

As a note, it should already be in the lxc.cgroup.devices.allow by default, so doesn’t need to be added again.

Caveat as mentioned by Fabian (Proxmox staff):

If you absolutely have to, I would suggest establishing the FUSE mount on the Proxmox host and then using a bindmountpoint (e.g. “mp0: /path/on/host,mp=/path/in/container”) to make it available in the container. If you establish the FUSE mounts inside the container, you will run into problems (lxc-freeze is not compatible with FUSE which means no snapshots and no suspend backup, you need to change all sorts of containment settings which lessens security, ..).


Quick Note: Disable SSLv3 in OpenLDAP with GnuTLS

October 15, 2014 | 1 comment

Due to the SSL POODLE vulnerability, it is best to remove support for the outdated SSLv3 protocol.  As OpenLDAP with GnuTLS is a beast of its own, here’s the quick change to remove SSLv3 support:

cat > nossl.ldif <<EOF
dn: cn=config
changetype: modify
add: olcTLSCipherSuite
olcTLSCipherSuite: SECURE256:-VERS-SSL3.0


ldapmodify -Y EXTERNAL -H ldapi:/// -f nossl.ldif

And we’re done! Obviously, if you already have olcTLSCipgerSuite, then use “replace” instead of “add”.

A quick test:

~# gnutls-cli-debug -p 636
Resolving ''...
Connecting to ''...
Checking for SSL 3.0 support... no
Checking whether %COMPAT is required... no
Checking for TLS 1.0 support... yes
Checking for TLS 1.1 support... yes
Checking fallback from TLS 1.1 to... N/A
Checking for TLS 1.2 support... yes

Postfix’s killed trivial-rewrite by signal 11

September 21, 2014 | no comments

I was setting up a small VPS as a backup e-mail server for the two already in place.  What was supposed to be a 15 minute task, particularly as it was being installed using a proven recipe with Puppet, turned into a diagnostic nightmare for hours. Looking back, it really shouldn’t have taken that long to diagnose either, but alas, Google led me astray.

See, everything was installed according to the other servers. Postfix started up fine, but as soon as it would perform a lookup in an LDAP directory, the following error occurred:

Sep 21 00:34:02 server postfix/master[23426]: warning: process /usr/lib/postfix/trivial-rewrite pid 23460 killed by signal 11
Sep 21 00:34:03 server postfix/qmgr[23431]: warning: problem talking to service rewrite: Success
Sep 21 00:34:03 server postfix/master[23426]: warning: process /usr/lib/postfix/trivial-rewrite pid 23461 killed by signal 11
Sep 21 00:34:03 server postfix/master[23426]: warning: /usr/lib/postfix/trivial-rewrite: bad command startup -- throttling

continue reading →

High traffic WordPress hosting

June 29, 2014 | 3 comments
Although I have a rather large amount of servers at my disposal, for some time I’ve had my personal website hosted with 5quidhost on one of their Turbo pans.  They’re an UK-based company with headquarters in Scotland, and have recently celebrated their 10th anniversary.  They also rank quite high on TrustPilot, usually 1st or 2nd place.

In March I snapped up a domain that I had been waiting for a long time to become available: In fact, it is the reason why the current domain name has an “s” in it. I was aware of the content the previous owner had hosted on that domain name, but I had no idea how popular it was. So when that domain was transferred into my ownership, its traffic followed.

Generally, my website generates just a few thousand page views per day with the occasional spike, mainly for the Proxmox how-to guides (which I really should update one of these days!).  Though around the end of March, this jumped to 24,000 page+ page views per day. Between March 27 and April 5th, more than 157,000 page views were generated, and is currently handling between 250,000 and 450,000 page views per week.

So, how did the website cope with this? Perfectly fine! It isn’t the first time the website has been hit with a large amount of page views, so I had already prepared the website for this. And the magic ingredient for that is: cache.
continue reading →

Page 1 of 1012345»...Last »