knew
For future reference, this is the knew server. It runs a few jails, including Bacula regression testing services. File systems Paritions zpools /var/run/dmesg.boot
Open Source
Booting off the new 5TB drives
This is about FreeBSD 11.1 on my knew server. I recently replaced the 3TB drives with 5TB drives. Along the way, it didn’t boot, the swap was adjusted, I got concerned about power, and there was a brief CAM status: SCSI Status Error scare. Then today, the planned reboot, I started asking questions on Reddit
Booting off the new 5TB drives Read More »
subversion via ssh passphrase-less key
In general, passphrase-less ssh keys are a security nightmare. It is similar to leaving the key to your front door in the lock. Anyone stumbling across it has access to your house. Similarly, if someone gets your ssh key, and there is no passphrase on it, they can use that key for anything which grants
subversion via ssh passphrase-less key Read More »
After replacing 3TB drive with 5TB drive, FreeBSD 10.3 system did not reboot
I started replacing 3TB drives with 5TB drives in a 10 drive raidz3 array on a FreeBSD 10.3 box. I was not sure which drive tray to pull, so I powered off the server, and, one by one, pulled the drive tray, photographed it, and reinserted the drive tray. No changes were made. The first
After replacing 3TB drive with 5TB drive, FreeBSD 10.3 system did not reboot Read More »
Logging, backups, and newsyslog.conf on FreeBSD
This morning, I was reviewing the logs and noticed these notices in /var/log/messages: I guessed that this was directly related to the zfs replace command I had issued the day before, but I wanted to confirm that. I like to use sudo instead of becoming root. One of the many benefits to this approach is
Logging, backups, and newsyslog.conf on FreeBSD Read More »
Swapping 5TB in, 3TB out
In this power, the server is running FreeBSD 10.3. I am completely and unreasonably biased: ZFS is the best filesystem out there. Do not take my word for it. Ask around. Today, I started a process I’ve been waiting to do for a while. I am replacing the 3TB drives in a 10-drive raidz2 array
Swapping 5TB in, 3TB out Read More »
PostgreSQL – logging to a file
These steps were carried out on FreeBSD 11.0 with PostgreSQL 9.6 (two of my favorite tools). I like logging. I like logging PostgreSQL. With logs, you can see what happened. Without, you can only guess. Setting up logging for PostgreSQL involves several parts, each of which must be completed or else I don’t get what
PostgreSQL – logging to a file Read More »
Creating a gmirror swap
This is mostly a note to myself. #### Edit: 2018.09.08 : If you see messages like this: $ sudo gmirror insert swap /dev/da5p2 gmirror: Class not found $ gmirror list -a gmirror: Command ‘list’ not available. You probably need to do this: sudo kldload geom_mirror #### I had these drives: They are involved in this
Creating a gmirror swap Read More »
cert-puller: using anvil to pull down & install new certificates, then restart services
Now that I have configured my webserver to pull down any new certificates, now it’s time to configure my clients to pull certificates from the webserver. In my quest for a centralized Let’s Encrypt solution, I’ve created the FreeBSD port for acme.sh (an ACME client for Let’s Encrypt) and anvil, a tool for distributing and
cert-puller: using anvil to pull down & install new certificates, then restart services Read More »
anvil – copying the certificates to the website
In my Let’s Encrypt implementation, I am using a centralized acme.sh solution which generates all the certificates I use and authenticates via dns-01 challenges. I use anvil to distribute those certificates. In this post, I will describe how the website pulls the certificates down from the rsync-jail. I will assume you have read my previous
anvil – copying the certificates to the website Read More »