Search Results for: anvil

cert-puller: using anvil to pull down & install new certificates, then restart services

Leave a Comment / anvil, Let's Encrypt / By /

Now that I have configured my webserver to pull down any new certificates, now it’s time to configure my clients to pull certificates from the webserver. In my quest for a centralized Let’s Encrypt solution, I’ve created the FreeBSD port for acme.sh (an ACME client for Let’s Encrypt) and anvil, a tool for distributing and installing those certificates. In previous blog posts, I’ve described various steps leading up to this: Creating a TXT […]

cert-puller: using anvil to pull down & install new certificates, then restart services Read More »

anvil – copying the certificates to the website

Leave a Comment / anvil, Let's Encrypt / By /

In my Let’s Encrypt implementation, I am using a centralized acme.sh solution which generates all the certificates I use and authenticates via dns-01 challenges. I use anvil to distribute those certificates. In this post, I will describe how the website pulls the certificates down from the rsync-jail. I will assume you have read my previous post where I describe the cert-shifter process. Configuring the jail host This solution assumes that the acme.sh jail

anvil – copying the certificates to the website Read More »

Introducing anvil – Tools for distributing ssl certificates

Leave a Comment / anvil, Let's Encrypt / By /

I’m in the end-stages of finishing off my centralized Let’s Encrypt solution and I’ve released my code as an open source project named anvil. I’ve also created a FreeBSD port. In this post, I outline the anvil tools and how I use them. In future posts, I will detail the individual components, some of which have already appeared in my blog. Why centralized After reading about the FreeBSD cluster’s use of Let’s Encrypt,

Introducing anvil – Tools for distributing ssl certificates Read More »

FreeBSD 15.0 – after upgrade, installing my own packages

Leave a Comment / FreeBSD, Open Source, pkg / By /

I build my own FreeBSD packages using poudriere. The chicken-and-egg situation: I can’t build FreeBSD 15.0 packages until I’m on FreeBSD 15.0 – and upgrading to FreeBSD 15 involves a step of upgrading all your packages before the final steps of the upgrade. What do I do? I disable my repos and enable the FreeBSD repos. If you’re using your own repos, you should already know how to do this. In this post:

FreeBSD 15.0 – after upgrade, installing my own packages Read More »

Updating my poudriere jail after updating the host to FreeBSD 15.0

Leave a Comment / FreeBSD, mkjail, Open Source / By /

This post is related to Upgrading a FreeBSD 14.3 host to FreeBSD 15.0 which I wrote and ran earlier this evening. I’m now back from my Indian dinner and watching the Superbowl (0:15 left in the 2nd half). I was updating r730-01 and got to the point of where I need to updated the packages on the host. I couldn’t do that. I hope my own FreeBSD pkg repo. What I did before

Updating my poudriere jail after updating the host to FreeBSD 15.0 Read More »

Transferring a VM from one provider to another

Leave a Comment / Azure, DigitalOcean, FreeBSD, ZFS / By /

Yesterday, I mentioned (in more than one place) that I planned to move a 2017 Digital Ocean droplet over to Azure. As I sit here, with coffee, on the balcony, overlooking lot of green trees, at 7:45 AM, I’m trying to put into words the plan I came up with about 30 minutes ago. In this post: Digital Ocean Microsoft Azure FreeBSD 14.1 Why move? There is no technical issue or dissatisfaction involved

Transferring a VM from one provider to another Read More »

FreeBSD 14 upgrade – files not removed by delete-old

Leave a Comment / FreeBSD, freebsd-update, mkjail / By /

I was upgrading a jail (dns1) on r730-01 and I noticed this output from mkjail: In this post: FreeBSD 13.2 (upgrading from) FreeBSD 14.0 (upgrading to) mkjail-0.0.4 (upgrading with) EDIT: 2023-12-05 : This happened again when I updated the tallboy host. Looking at the mkjail source, I realized it had just completed the pkg upgrade and delete-old steps. I manually ran the delete-old command: [14:01 r730-01 dvl ~/src/scripts] % sudo jexec dns1 make

FreeBSD 14 upgrade – files not removed by delete-old Read More »

Moving ZFS filesystems/datasets from one ZFS zpool to another

Leave a Comment / FreeBSD, Open Source, syncoid, ZFS / By /

Now that I’ve filled up data01, I bought some more SSDs and created another zpool. Today, on this snow-is-anticipated Saturday winter morning, I’m going to move some ZFS filesystems/datasets around. Side note: I like the term dataset better than filesystem. man zfs talks about datasets, which can be a file system, a volume, a snapshot, or a bookmark. However, usually when I talk about a filesystem, it might be dataset. It’s a fine

Moving ZFS filesystems/datasets from one ZFS zpool to another Read More »

Maybe I need another zpool

Leave a Comment / Disks, hardware, R730 / By /

I might need to create another zpool. Or perhaps move a drives/zpool from one host to another. In this post: FreeBSD 13.1 Background I am combining two hosts (slocum and r720-01) into one new host (r730-01). I have been moving jails from those hosts. I have an ansible playbook for creating new entries in /etc/jail.conf.d/. I thought I had the space calculations done right. Now I think I’m wrong.I’m already at 73% on

Maybe I need another zpool Read More »

Adding an SSL certificate to HomeAssistant

Leave a Comment / homeassistant, Open Source / By /

In my previous blog post, I got homeassistant up and running, but without a TLS connection. Let’s fix that. In this post: FreeBSD 13.1 but that’s not relevant to the work being done homeassistant-2022.8.7 creation of a certificate is not covered the sysadmin.com guide covers this – it creates a self-signed cert I’m using a Let’s Encrypt certificate I have the application running from the command line. I stopped it before doing these

Adding an SSL certificate to HomeAssistant Read More »

Scroll to Top