Author name: Dan Langille

I've been playing with computers since I read an Elementary Electronics magazine way back in the 1970s. I started contributing to open source projects in 1998. After that, I gradually moved from being a software developer to being a systems administrator.

Using nsupdate to change NS servers

3 Comments / DNS, named, nsupdate / By /

You have an old DNS server: tallboy.example.org You have a new DNS server: ns1.example.org You have a domain, example.com, for which you want to swap the old DNS server with the new DNS using nsupdate. NOTE: the domain is example.com The NS servers are in example.org (different domains). These are the commands you issue: update delete example.com. IN NS tallboy.example.org. update add example.com. 3600 IN NS ns1.example.org. send Of note, you mention the […]

Using nsupdate to change NS servers Read More »

No more certificate fingerprints – only sasl auth instead

Leave a Comment / Let's Encrypt, Postfix / By /

Today I gave up on my attempt to allow relay via SSL certificate fingerprints. Instead, I will use sasl auth. Yesterday I wrote about my SMTP deliver test which broke when an SSL certificate was updated. Later that day, I finished writing scripts which delivered that fingerprint file to all hosts which needed it. Today, I abandoned that approach in favor of sasl. From the time I decided to use sasl to my

No more certificate fingerprints – only sasl auth instead Read More »

Postfix suddenly starts rejecting email it had been accepting

Leave a Comment / Let's Encrypt, Mail, Postfix / By /

Let’s Encrypt is an easy way to get free SSL certificates in an automated manner. You may never have to manually do another cert renewal again. Last night, I received this email: From: Cron Daemon To: dan@langille.org Subject: Cron /usr/local/bin/cert-puller Date: Fri, 23 Feb 2018 23:57:00 +0000 (UTC) /etc/rc.conf: 3: not found /etc/rc.conf: yr: not found /etc/rc.conf: 3: not found /etc/rc.conf: yr: not found Little did I know when I tweeted about it,

Postfix suddenly starts rejecting email it had been accepting Read More »

Trying iocage to get an old version of FreeBSD

Leave a Comment / FreeBSD, iocage, Jails / By /

Sometimes you just need that old version. So I installed it. FreeBSD 9.3 Sorry, but this article is light. I stopped taking notes after a bit…. We created a VM via VMware, put FreeBSD 11.1 on it, over ZFS. Then install iocage. This is what it looked like: What did it just install? This: $ zfs list -r zroot/iocage NAME USED AVAIL REFER MOUNTPOINT zroot/iocage 825M 30.2G 25K /iocage zroot/iocage/download 180M 30.2G 23K

Trying iocage to get an old version of FreeBSD Read More »

Connecting to old devices via ssh

1 Comment / ssh / By /

I have several old devices. Upgrading them is either impossible, they are unsupported, or I can’t be bothered upgrading the. Access is only via a dedicated VLAN within my home network. When stuck, I posted to Twitter and that led me to OpenSSH Legacy Options. This page describes what to do when OpenSSH refuses to connect with an implementation that only supports legacy algorithms. Here’s what I just tried: $ ssh pdu1 Unable

Connecting to old devices via ssh Read More »

Assigning static IP addresses via dhcp

Leave a Comment / DHCP / By /

NOTE: if you’re using something other than OSX, say, FreeBSD, then a previous blog post might be the solution you are looking for. I suggest skipping to the final paragraph before you implement any of what is below. You fire up your laptop, connect via WIFI, you get an IP address. You plug in an ethernet cable, you get an IP address. This is how things should work. It’s expected. It’s automatic. Sometimes

Assigning static IP addresses via dhcp Read More »

What’s this database connection in my Google / Calendar / Desktop?

Leave a Comment / OSX / By /

This morning I saw this weird popup / flag when I hovered over the Spam link on webpage. The text read: What is that? I had no idea, but it was persistent. Every time I hovered the mouse over the link, that popup appeared. It would not appear in screenshots, so I resorted to the camera in my phone. After hiding the browser window, the popup also appeared on my Calendar: When I

What’s this database connection in my Google / Calendar / Desktop? Read More »

Disconnect UNIFI switch – US-16-XG

1 Comment / hardware, Unifi / By /

My Unifi US-16-XG switch was offline. It was still functioning correctly, but it was not in contact with the Controller. I wasn’t sure how to fix this, but this blog post shows what I now think should always work. It consists of two steps: Get the switch talking to the Controller Make the above change permanent The key point to remember: the Controller is always the voice of authority when it comes to

Disconnect UNIFI switch – US-16-XG Read More »

Adding IPv6 to an Nginx website on FreeBSD / FreshPorts

Leave a Comment / DNS, FreeBSD, iocage, nginx, nsupdate, pf, poudriere / By /

FreshPorts recently moved to an IPv6-capable server but until today, that capability has not been utilized. There were a number of things I had to configure, but this will not necessarily be an exhaustive list for you to follow. Some steps might be missing, and it might not apply to your situation. All of this took about 3 hours. We are using: FreeBSD 11.1 Bind 9.9.11 nginx 1.12.2 The server configuration This is

Adding IPv6 to an Nginx website on FreeBSD / FreshPorts Read More »

Scroll to Top