I like Postfix. I’ve been a fan of it for over 20 years. I deployed it on every host for outgoing email. Lately, I’ve taken to using dma (DragonFly Mail Agent) as my preferred mail handler on jails and hosts which don’t need to deal with incoming mail, only outgoing mail. After first getting serious […]
Replacing postfix with dma Read More »
While I was moving jails from one host to another, I decided to start using /etc/jail.conf.d/. The idea is each jail gets its own configuration file in that directory, instead of using /etc/jail.conf. In this post: FreeBSD 13.1 But first, you should know Let’s get some things out in the open before you jump into
Ansible playbook for FreeBSD jail.conf.d Read More »
I was doing some work in a remote location with a laggy connection to home. I was running ansible and kept encountering these errors: fatal: [pg01]: FAILED! => {“failed”: true, “msg”: “Timeout (12s) waiting for privilege escalation prompt: “} Rerunning the script would encounter the same error in a different part of the script. After
ansible: Timeout waiting for privilege escalation prompt Read More »
In this post, I will use boot environments to upgrade an existing FreeBSD 9.3 to FreeBSD 10.1, and I will do this from within a chroot. Why? Because I can. You might want to read about my previous attempt and one or two, actually three, things I did to get ready for this. In the
Upgrading from FreeBSD 9.3 to FreeBSD 10.1 using beadm and freebsd-update Read More »
Last night, this worked fine. This morning, it fails: # ansible-playbook jail-mailjail.yml PLAY [mailjails] ************************************************************** GATHERING FACTS *************************************************************** failed: [mailjail.example.org] => {“failed”: true, “parsed”: false} invalid output was: Sorry, try again. Sorry, try again. Sorry, try again. sudo: 3 incorrect password attempts TASK: [pkg | install pkg] ***************************************************** FATAL: no hosts matched or all hosts
When ssh and ansible play poorly together Read More »
Background I was asked to comment on the following: Our software is built and maintained by about 20 engineers, and runs in production on dozens of servers in a remote data center. One problem we frequently face is identity and access management on these servers – our engineers occasionally need to directly access the servers
ssh key management Read More »
A few days I configured a new server to be an Ansible node. This will allow my Ansible configuration tool to configure and install software. Installing Ansible and getting it running is not covered by the post. All I show here is how I got a remote server ready to be configured by Ansible. The
Bootstrapping a new FreeBSD jail host as an Ansible node Read More »
Over the past few weeks, I worked with two different configuration tools: Salt and Ansible. I started working with Salt. I quickly created a setup for a Salt server and for a Salt minion. The modules I saw looked great. However, I had consistently had trouble converting from the documentation to a practical usage. The
Ansible versus Salt Read More »