Open Source

How to limit a jail

1 Comment / FreeBSD, FreshPorts, rctl / By /

After encountering a rare instance where processing a FreeBSD commit caused FreshPorts to run low on resources, I want to investigate how limiting a jail might help this situation. I searched for ‘jail limit’ – found sentencing guidelines. I searched for ‘jail limit freebsd’ and found a FreeBSD Forums referring me to rctl(8), which I recognize from my $DAYJOB. I’ve just rebooted my host to add this to /boot/loader.conf: Then I started referring […]

How to limit a jail Read More »

using syncoid to backup ZFS snapshots – home assistant

Leave a Comment / sanoid, snapshots, syncoid, ZFS / By /

Copies of data are good. Especially if on a different host. zfs snapshots combined with zfs send | zfs recv make replication of zfs file systems especially easy. I am already using sanoid to manage zfs snapshots. Now I’m going to use syncoid to transfer those snapshots to another host. Both sanoid and syncoid are provided by the sanoid package on FreeBSD. I’m sure any other packaging system does similar. In this post:

using syncoid to backup ZFS snapshots – home assistant Read More »

openvpn: error=CRL has expired

2 Comments / Open Source, OpenSSL, ssl-admin / By /

After the former FreshPorts server was retired, its OpenVPN credential were revoked. I maintain those certificates via ssl-admin. I uploaded the new CRL into the System | Certificate Manager | Certificate Revocation page in pfSense. Today, I was seeing strange errors in Nagios, and figured someone wasn’t connected to the VPN. Checking OpenVPN client logs, I found nothing. On the OpenVPN server, I found this message: Oct 23 22:14:23 openvpn 11134 203.0.113.144:20690 VERIFY

openvpn: error=CRL has expired Read More »

Upgrading an NVMe zpool from 222G to 1TB drives

Leave a Comment / FreeBSD, Open Source, smartctl, ZFS / By /

The FreshPorts dev, test, and stage websites are hosted on a server in my basement. Each instance consists of two jails: an ingress node – for pulling in new commits (and other data) into the database. a webserver node – for displaying the web pages. The new drives: Sometimes the zpool gets too close to full. I tweeted about one incident on March 2021. I held hope that some spare SSDs might be

Upgrading an NVMe zpool from 222G to 1TB drives Read More »

Where’s my drives?

Leave a Comment / FreeBSD, General, ZFS / By /

This is just rough notes for myself. List the gpart output for each drive in my system. for drive in $(sysctl -n kern.disks) do gpart show $drive done gpart: No such geom: da11. => 40 9767541088 da10 GPT (4.5T) 40 8392664 – free – (4.0G) 8392704 9758048256 3 freebsd-zfs (4.5T) 9766440960 1100168 – free – (537M) => 40 976773088 da9 GPT (466G) 40 2008 – free – (1.0M) 2048 838860800 1 freebsd-zfs (400G)

Where’s my drives? Read More »

da12 in my FreeBSD zfs array disappeared at :02 and came back at :04

Leave a Comment / ZFS / By /

This post is based on a tweet and was created after a followup incident occurred today. The post was created to consolidate the information into a blog post so I could easily find it later. Details about this host (disks, zpool, gpart, etc) are in this post. On March 15 2022, I noticed these messages in /var/log/messages: The zpool array was degraded. I don’t have a record of that message. The tweet also

da12 in my FreeBSD zfs array disappeared at :02 and came back at :04 Read More »

Adding an SSL certificate to HomeAssistant

Leave a Comment / homeassistant, Open Source / By /

In my previous blog post, I got homeassistant up and running, but without a TLS connection. Let’s fix that. In this post: FreeBSD 13.1 but that’s not relevant to the work being done homeassistant-2022.8.7 creation of a certificate is not covered the sysadmin.com guide covers this – it creates a self-signed cert I’m using a Let’s Encrypt certificate I have the application running from the command line. I stopped it before doing these

Adding an SSL certificate to HomeAssistant Read More »

Getting Home Assistant running in a FreeBSD 13.1 jail

15 Comments / FreeBSD, General, homeassistant, Jails, Open Source / By /

Home Assistant is not friendly for plain installs. It seems designed for containers or running everything out of pip install. That, in itself, is a disturbing trend I’ve seen on several projects (what? you’re not running a git cloned image?). I’ve seen reports of people running containers etc. However, I want to run this on FreeBSD. I don’t want to muck about with installing containers etc. If containers are the only way for

Getting Home Assistant running in a FreeBSD 13.1 jail Read More »

Creating a wireguard connection between my home and colo

Leave a Comment / FreeBSD, Networks, wireguard / By /

For years I’ve run the dev, test, and stage nodes for FreshPorts off servers in my basement. This meant that those hostnames have always pointed at my home IP address. I’d like to change that. I first started this using interactive commands (e.g. wg set) but found that approach unsatisfactory. I think directly editing the configuration file to be more intuitive and easily followed. I left my first approach up because it had

Creating a wireguard connection between my home and colo Read More »

Creating a wireguard connection between my home and colo – failed attempt

Leave a Comment / FreeBSD, wireguard / By /

NOTE: I wrote this, got stuck, then went a slightly different direction: I stopped using wg set Instead, I updated the configuration files directly I was not satisfied with the wg approach Although it is great for modifying things on the file, I don’t think it helps novices learn Wireguard I’m leaving it here anyway. Please use Creating a wireguard connection between my home and colo instead. None of these keys/IP addresses are

Creating a wireguard connection between my home and colo – failed attempt Read More »

Scroll to Top