Search Results for: anvil

cert-puller: using anvil to pull down & install new certificates, then restart services

Leave a Comment / anvil, Let's Encrypt / By /

Now that I have configured my webserver to pull down any new certificates, now it’s time to configure my clients to pull certificates from the webserver. In my quest for a centralized Let’s Encrypt solution, I’ve created the FreeBSD port for acme.sh (an ACME client for Let’s Encrypt) and anvil, a tool for distributing and installing those certificates. In previous blog posts, I’ve described various steps leading up to this: Creating a TXT […]

cert-puller: using anvil to pull down & install new certificates, then restart services Read More »

anvil – copying the certificates to the website

Leave a Comment / anvil, Let's Encrypt / By /

In my Let’s Encrypt implementation, I am using a centralized acme.sh solution which generates all the certificates I use and authenticates via dns-01 challenges. I use anvil to distribute those certificates. In this post, I will describe how the website pulls the certificates down from the rsync-jail. I will assume you have read my previous post where I describe the cert-shifter process. Configuring the jail host This solution assumes that the acme.sh jail

anvil – copying the certificates to the website Read More »

Introducing anvil – Tools for distributing ssl certificates

Leave a Comment / anvil, Let's Encrypt / By /

I’m in the end-stages of finishing off my centralized Let’s Encrypt solution and I’ve released my code as an open source project named anvil. I’ve also created a FreeBSD port. In this post, I outline the anvil tools and how I use them. In future posts, I will detail the individual components, some of which have already appeared in my blog. Why centralized After reading about the FreeBSD cluster’s use of Let’s Encrypt,

Introducing anvil – Tools for distributing ssl certificates Read More »

Transferring a VM from one provider to another

Leave a Comment / Azure, DigitalOcean, FreeBSD, ZFS / By /

Yesterday, I mentioned (in more than one place) that I planned to move a 2017 Digital Ocean droplet over to Azure. As I sit here, with coffee, on the balcony, overlooking lot of green trees, at 7:45 AM, I’m trying to put into words the plan I came up with about 30 minutes ago. In this post: Digital Ocean Microsoft Azure FreeBSD 14.1 Why move? There is no technical issue or dissatisfaction involved

Transferring a VM from one provider to another Read More »

FreeBSD 14 upgrade – files not removed by delete-old

Leave a Comment / FreeBSD, freebsd-update, mkjail / By /

I was upgrading a jail (dns1) on r730-01 and I noticed this output from mkjail: In this post: FreeBSD 13.2 (upgrading from) FreeBSD 14.0 (upgrading to) mkjail-0.0.4 (upgrading with) EDIT: 2023-12-05 : This happened again when I updated the tallboy host. Looking at the mkjail source, I realized it had just completed the pkg upgrade and delete-old steps. I manually ran the delete-old command: [14:01 r730-01 dvl ~/src/scripts] % sudo jexec dns1 make

FreeBSD 14 upgrade – files not removed by delete-old Read More »

Moving ZFS filesystems/datasets from one ZFS zpool to another

Leave a Comment / FreeBSD, Open Source, syncoid, ZFS / By /

Now that I’ve filled up data01, I bought some more SSDs and created another zpool. Today, on this snow-is-anticipated Saturday winter morning, I’m going to move some ZFS filesystems/datasets around. Side note: I like the term dataset better than filesystem. man zfs talks about datasets, which can be a file system, a volume, a snapshot, or a bookmark. However, usually when I talk about a filesystem, it might be dataset. It’s a fine

Moving ZFS filesystems/datasets from one ZFS zpool to another Read More »

Maybe I need another zpool

Leave a Comment / Disks, hardware, R730 / By /

I might need to create another zpool. Or perhaps move a drives/zpool from one host to another. In this post: FreeBSD 13.1 Background I am combining two hosts (slocum and r720-01) into one new host (r730-01). I have been moving jails from those hosts. I have an ansible playbook for creating new entries in /etc/jail.conf.d/. I thought I had the space calculations done right. Now I think I’m wrong.I’m already at 73% on

Maybe I need another zpool Read More »

Adding an SSL certificate to HomeAssistant

Leave a Comment / homeassistant, Open Source / By /

In my previous blog post, I got homeassistant up and running, but without a TLS connection. Let’s fix that. In this post: FreeBSD 13.1 but that’s not relevant to the work being done homeassistant-2022.8.7 creation of a certificate is not covered the sysadmin.com guide covers this – it creates a self-signed cert I’m using a Let’s Encrypt certificate I have the application running from the command line. I stopped it before doing these

Adding an SSL certificate to HomeAssistant Read More »

cron is running all jobs twice – solved

Leave a Comment / General / By /

This started earlier today and I solved it only just now. It took me a while to find out it was duplicate cron jobs, and even longer to find out why. It started with lockf notifications (if you’ve never heard of lockf before, please read this Twitter thread for examples). In short, one of those emails said: lockf: /var/run/periodic.hourly.lock: already locked I looked to see if there were any long-running jobs which might

cron is running all jobs twice – solved Read More »

Adjusting my ZFS filesystems to conform with standard FreeBSD boot environments

Leave a Comment / beadm, bectl, ZFS / By /

Get FreeBSD 12.2 mfsBSD (because that matches the OS on slocum), burn it to a thumb drive using OSX. NOTE: the following didn’t work. I wound up not having the right values in /lib and /var/db/ I don’t know what I did wrong, but I did manage to fix them up afterwards. I suspect that I still had zroot/usr mounted and did not notice. I will keep my notes here for future reference

Adjusting my ZFS filesystems to conform with standard FreeBSD boot environments Read More »

Scroll to Top