Search Results for: anvil

cert-puller: using anvil to pull down & install new certificates, then restart services

Now that I have configured my webserver to pull down any new certificates, now it’s time to configure my clients to pull certificates from the webserver. In my quest for a centralized Let’s Encrypt solution, I’ve created the FreeBSD port for acme.sh (an ACME client for Let’s Encrypt) and anvil, a tool for distributing and …

cert-puller: using anvil to pull down & install new certificates, then restart services Read More »

anvil – copying the certificates to the website

In my Let’s Encrypt implementation, I am using a centralized acme.sh solution which generates all the certificates I use and authenticates via dns-01 challenges. I use anvil to distribute those certificates. In this post, I will describe how the website pulls the certificates down from the rsync-jail. I will assume you have read my previous …

anvil – copying the certificates to the website Read More »

Introducing anvil – Tools for distributing ssl certificates

I’m in the end-stages of finishing off my centralized Let’s Encrypt solution and I’ve released my code as an open source project named anvil. I’ve also created a FreeBSD port. In this post, I outline the anvil tools and how I use them. In future posts, I will detail the individual components, some of which …

Introducing anvil – Tools for distributing ssl certificates Read More »

Adding an SSL certificate to HomeAssistant

In my previous blog post, I got homeassistant up and running, but without a TLS connection. Let’s fix that. In this post: FreeBSD 13.1 but that’s not relevant to the work being done homeassistant-2022.8.7 creation of a certificate is not covered the sysadmin.com guide covers this – it creates a self-signed cert I’m using a …

Adding an SSL certificate to HomeAssistant Read More »

Adjusting my ZFS filesystems to conform with standard FreeBSD boot environments

Get FreeBSD 12.2 mfsBSD (because that matches the OS on slocum), burn it to a thumb drive using OSX. NOTE: the following didn’t work. I wound up not having the right values in /lib and /var/db/ I don’t know what I did wrong, but I did manage to fix them up afterwards. I suspect that …

Adjusting my ZFS filesystems to conform with standard FreeBSD boot environments Read More »

mosquitto: upgrade from 1.x to 2.x requires configuration changes to keep working

I updated net/mosquitto from 1.6.7_1 to 2.0.8 on March 14, 2021. It did not get restarted at that time. It wasn’t until sysutils/anvil brought in a new certificate and attempted to restart mosquitto did the monitoring start detecting the problem: mosquitto wasn’t running. It’s the pid file Looking into it, nothing was logged when starting …

mosquitto: upgrade from 1.x to 2.x requires configuration changes to keep working Read More »

Listen queue overflow

The R720 is showing a message like this from time to time: Jan 1 07:42:20 r720-01 kernel: sonewconn: pcb 0xfffff835e785d5b8: Listen queue overflow: 8 already in queue awaiting acceptance (1 occurrences) Jan 1 08:02:21 r720-01 syslogd: last message repeated 1 times Jan 1 08:27:22 r720-01 kernel: sonewconn: pcb 0xfffff835e785d5b8: Listen queue overflow: 8 already in …

Listen queue overflow Read More »

Moving poudriere from the host into a jail

This post is all about moving poudriere from the host into a jail, but you could probably use it for creating a new jail and running poudriere in it. This also assumes use of iocage, but use whatever jail tools you want. If you encounter problems with this, please post it in the comments and …

Moving poudriere from the host into a jail Read More »