FreeBSD

zfs hold / release

Leave a Comment / FreeBSD, Open Source, snapshots, ZFS / By /

Let’s talk about zfs hold. Based on man zfs-hold: “If a hold exists on a snapshot, attempts to destroy that snapshot by using the zfs destroy command return EBUSY.” Let’s apply that to some FreshPorts snapshots which I don’t want going away: This is your typical FreshPorts website: [15:03 dvl-nginx01 dvl ~] % zfs list NAME USED AVAIL REFER MOUNTPOINT data02 1.13T 565G 96K none data02/freshports 671G 565G 88K none data02/freshports/jailed 326G 565G […]

zfs hold / release Read More »

Self-hosting Bitwarden / VaultWarden on FreeBSD

6 Comments / FreeBSD, Jails, Open Source, Security, VaultWarden / By /

The time has come for me to consider another application for my TOTP data (think 6-digit codes produced by Google Authenticator or an RSA device. I’ve been using an app called 2STP – I have long liked it. Support for it ended about 7 years ago, yet it continued to slug along on my phone and on my watch. Recently, it stopped working on my watch. That was the tipping point. I decided

Self-hosting Bitwarden / VaultWarden on FreeBSD Read More »

fail2ban – adding to my website to deter abuse

Leave a Comment / fail2ban, FreeBSD, Open Source, pf / By /

The type of abuse recently seen on FreshPorts isn’t a big deal. I would ignore it if it was on my own server. However, I’m using a “paid” service and the credits go faster when pillocks do pillocky stuff. While I hope I’ve covered what I’ve done, I’ve been sick with a cold for a week, and helping to look after two < 4 year-olds for two weekends in a row. Perhaps I've

fail2ban – adding to my website to deter abuse Read More »

kernel: Limiting closed port RST response from x to y packets/sec

Leave a Comment / dma, FreeBSD, General, Mail, Open Source, Postfix / By /

For 3 days now, I’ve been seeing these messages. If you search online, it’s usually the result of port scanning. Aug 7 14:05:15 zuul kernel: Limiting closed port RST response from 212 to 195 packets/sec Aug 7 14:05:16 zuul kernel: Limiting closed port RST response from 219 to 215 packets/sec Aug 7 14:05:17 zuul kernel: Limiting closed port RST response from 220 to 193 packets/sec Aug 7 14:05:18 zuul kernel: Limiting closed port

kernel: Limiting closed port RST response from x to y packets/sec Read More »

What’s this gap in the graphs?

Leave a Comment / Backups, Bacula, FreeBSD / By /

I was checking email this (Friday Jul 19, 2024) morning, over coffee, while many IT folks dealt with Cloudstrike fallout, when I noticed this message from the logs: Jul 19 09:12:18 zuul kernel: [zone: pf states] PF states limit reached I’ve seen that message before. It’s not of high concern. That server contains many services including PGCon, the former BSDCan website, and my blogs. I didn’t give it much concern, although I should

What’s this gap in the graphs? Read More »

Where’s my backup?

Leave a Comment / Backups, FreeBSD, Open Source / By /

Nagios was telling me: FILE_AGE WARNING: /usr/home/rsyncer/backups/aws-1/postgresql/freshports.org.dump is 117636 seconds old and 3608113799 bytes That means the FreshPorts backup is more than a day old, and it should have been refreshed by now. OK, let’s go look. I log into the host known as aws-1 and check the files. They look fresh to me: [rsyncer@aws-1 ~/backups/database-backup/postgresql]$ ls -lt total 3525154 -rw-r–r– 1 rsyncer rsyncer 3963 Jul 16 02:14 globals.sql drwxr-xr-x 2 rsyncer rsyncer

Where’s my backup? Read More »

Transferring a VM from one provider to another

Leave a Comment / Azure, DigitalOcean, FreeBSD, ZFS / By /

Yesterday, I mentioned (in more than one place) that I planned to move a 2017 Digital Ocean droplet over to Azure. As I sit here, with coffee, on the balcony, overlooking lot of green trees, at 7:45 AM, I’m trying to put into words the plan I came up with about 30 minutes ago. In this post: Digital Ocean Microsoft Azure FreeBSD 14.1 Why move? There is no technical issue or dissatisfaction involved

Transferring a VM from one provider to another Read More »

Updating some jails from FreeBSD 14.0 to FreeBSD 14.1 via mkjail

Leave a Comment / FreeBSD, mkjail, Open Source / By /

I’ve updated all my hosts to FreeBSD 14.1 – but not all the jails. I’m going to do some of that today. In this post: FreeBSD 14.0 FreeBSD 14.1 mkjail-0.0.4 What’s on r730-03 to update? Full disclosure: mkjail was originally written by Mark Felder, and I joined him in maintaining it. I use it for: Creating jails Updating jails (patching, like freebsd-update fetch install) Upgrading jails (as in going from FreeBSD 14.0 to

Updating some jails from FreeBSD 14.0 to FreeBSD 14.1 via mkjail Read More »

Notes on running net-snmp as non-root

Leave a Comment / FreeBSD, LibreNMS, Open Source, snmpd / By /

When feasible, I prefer to run things as non-root. A recent commit to net-snmp has made this possible. By its nature, being a new change, it took me some time and help to figure out what needed to be changed. Before doing this yourself, I recommend waiting until the two code reviews mentioned below are committed. In this post: FreeBSD 14.0-RELEASE-p6 net-snmp-5.9.4_2,1 librenms-24.5.0,1 I include commands from different host; please do not be

Notes on running net-snmp as non-root Read More »

Copying an existing jail to try bind918

Leave a Comment / DNS, FreeBSD, Jails, named, Open Source / By /

bind916 will be EOL in a few months (April 2024). In this post, I’m going to copy an existing jail (running bind916) and configure it to run the new bind. If all goes well, the new jail will replace the old jail. This has an added benefit of effectively renaming the old jail (toiler) to dns2 (my other dns server at home is called dns1). Given the jail runs both dhcpd and named,

Copying an existing jail to try bind918 Read More »

Scroll to Top