Yesterday I did some scavenging of some servers which I’m going to dispose of. I managed to put together 4 x 1TB storage devices: 2 x NVMe sticks and 2 x SSDs. I also pulled a riser card from an R730 and relocated it to another host. The NVMe sticks are mounted on these PCIe cards, which I do not regret buying. They came with full height and low-profile brackets. More to the […]
Moving 4x storage devices into a new home Read More »
FYI: This server has since gone to a new home. After powering off the server about 8 months ago, I took the first steps to selling it. I opened it up and took out 2x NVMe sticks (1TB each, ZFS mirrored, giving a 930G zpool) INTEL fiber NIC (Intel X540-AT2) I’ll be keeping those items. I also took an inventory of the drives still in the system: 10 x 5TB drives – all
Preparing a server for sale – Supermicro 846 – 10 x 5TB HDD Read More »
Skip to the end of this post for the lesson part of this blog post. This email arrived in my inbox yesterday at about 10:00 PM: This is the backup script for my database dumps on my server at home. I immediately recognized it as the follow-on from a table I had just added. It was late, I was headed to bed. I forgot about it. Until this morning. This morning This morning,
I’ve been working on this for a while. [23:18 r730-01 dvl ~] % pkg audit curl-8.4.0 is vulnerable: curl — SOCKS5 heap buffer overflow CVE: CVE-2023-38545 WWW: https://vuxml.FreeBSD.org/freebsd/d6c19e8c-6806-11ee-9464-b42e991fc52e.html 1 problem(s) in 1 installed package(s) found. [23:18 r730-01 dvl ~] % The original vuxml entry got it wrong. This problem was fixed in 8.4.0 A subsequent commit fixed that. So why am I still having this problem 48 hours later? mtime. This Mastodon thread
Got a pkg vuln you can’t get rid of? Read More »
Today, while mucking about with a new cronjob and log file for acme.sh, I stumbled across these error messages: Why was I stumbling around? This email arrived after the daily cert renewal: Three skips. Three error messages. Let’s look at that file: [18:37 certs dan ~] % sudo ls -l /var/db/acme/certs.int.unixathome.org.key -rw-r—– 1 root acme 116 Oct 6 20:21 /var/db/acme/certs.int.unixathome.org.key That should be readable. I checked some ZFS snapshots from earlier this week.
acm.esh key ’/var/db/acme/certs.int.unixathome.org.key’ is unreadable Read More »
On Wednesday Oct 6th, I was greeted by these log messages: This is the output from the cronjob run by the acme user in my jail called certs. This is the daily run to renew any certificates which are soon to expire. This is the job in question: [19:36 certs dan ~] % sudo crontab -l -u acme 44 16 * * * /usr/local/sbin/acme.sh –cron –home /var/db/acme/.acme.sh > /dev/null [19:44 certs dan ~]
Use of K* file pairs for HMAC is deprecated – acme.sh Read More »