After the former FreshPorts server was retired, its OpenVPN credential were revoked. I maintain those certificates via ssl-admin. I uploaded the new CRL into the System | Certificate Manager | Certificate Revocation page in pfSense. Today, I was seeing strange errors in Nagios, and figured someone wasn’t connected to the VPN. Checking OpenVPN client logs, …
The FreshPorts dev, test, and stage websites are hosted on a server in my basement. Each instance consists of two jails: an ingress node – for pulling in new commits (and other data) into the database. a webserver node – for displaying the web pages. The new drives: Sometimes the zpool gets too close to …
This is just rough notes for myself. List the gpart output for each drive in my system. for drive in $(sysctl -n kern.disks) do gpart show $drive done gpart: No such geom: da11. => 40 9767541088 da10 GPT (4.5T) 40 8392664 – free – (4.0G) 8392704 9758048256 3 freebsd-zfs (4.5T) 9766440960 1100168 – free – …
This post is based on a tweet and was created after a followup incident occurred today. The post was created to consolidate the information into a blog post so I could easily find it later. Details about this host (disks, zpool, gpart, etc) are in this post. On March 15 2022, I noticed these messages …
da12 in my FreeBSD zfs array disappeared at :02 and came back at :04 Read More »
In my previous blog post, I got homeassistant up and running, but without a TLS connection. Let’s fix that. In this post: FreeBSD 13.1 but that’s not relevant to the work being done homeassistant-2022.8.7 creation of a certificate is not covered the sysadmin.com guide covers this – it creates a self-signed cert I’m using a …
Home Assistant is not friendly for plain installs. It seems designed for containers or running everything out of pip install. That, in itself, is a disturbing trend I’ve seen on several projects (what? you’re not running a git cloned image?). I’ve seen reports of people running containers etc. However, I want to run this on …
Getting Home Assistant running in a FreeBSD 13.1 jail Read More »
For years I’ve run the dev, test, and stage nodes for FreshPorts off servers in my basement. This meant that those hostnames have always pointed at my home IP address. I’d like to change that. I first started this using interactive commands (e.g. wg set) but found that approach unsatisfactory. I think directly editing the …
Creating a wireguard connection between my home and colo Read More »
NOTE: I wrote this, got stuck, then went a slightly different direction: I stopped using wg set Instead, I updated the configuration files directly I was not satisfied with the wg approach Although it is great for modifying things on the file, I don’t think it helps novices learn Wireguard I’m leaving it here anyway. …
Creating a wireguard connection between my home and colo – failed attempt Read More »
Here I am, sitting on a beach, writing a blog post, and sipping a cool adult beverage. Reading email. I see this: I quickly ssh into the host to check zpool status: Lines 15-17 are relevant. There was a resilver event, which completed at 08:49:48 The vdev state changed event occurred at 08:49:34 That all …
When updating to FreeBSD 13.1, I started getting these messages from sysutils/logcheck: egrep: trailing backslash (\) This post will document how I tracked down the problem. It is occurring on several hosts. In this post: FreeBSD 13.1 logcheck-1.3.24 Other similar issues I suspect the issue arises because of the change from egrep 2.5.1 under FreeBSD …