Tonight I asked a question in the OpenVPN IRC channel on FreeNode. me: I’m getting ready to set up a new server, running an OpenVPN client. It will be running several virtual machines (FreeBSD Jails). Each VM will have both a public IP address and a non-routable IP address. I’m hoping to access all those VMs from within the VPN. Am I making sense with my objective here? reply: “clientlan” is (#1) for […]
Routing with jails Read More »
I have an exciting project ahead of me. I will soon be configuring a new server. It will be ZFSROOT running a pair of mirrored 500GB disks. I plan to use a configuration tool for management of this server. The final choice of tools is yet to be decided. The services provided by this server will be primarily based on jails. The use of a configuration tool will simplify future redeployments. I’m doing
Exciting project ahead Read More »
Sometimes you want to do things alone. Or rather, without intervention. Unattended. Bootstrapping the pkgng package management tool is one of those things. From the pkgng documentation, “FreeBSD 9.1 and later includes a bootstrap utility which can be used to download and install pkgng, along with its manual pages”. Let me show you how that goes: # pkg The package management tool is not yet installed on your system. Do you want to
Bootstrapping / installing pkg on FreeBSD unattended and without answering Yes Read More »
I am a big fan of OpenVPN. I’ve been using it since 2008. It’s been extremely reliable and stable. Out of the box, at least on FreeBSD, it runs as nobody:nobody (not really, but that’s how most people configure it). I can’t point to am immediate security issue with this situation. However, I’d prefer it to run as something else. How, about running it as openvpn:openvpn? NOTE: In the original version of this
running OpenVPN as something other than nobody:nobody Read More »
Like many people, I have a laptop which I backup using Bacula. In my case, the laptop may be present under one of two condition: directly connected to my network via wireless indirectly connected to my network via VPN My VPN of preference is OpenVPN, but that’s not relevant to the situation. The issue is: the IP address for my laptop changes depending upon which of the two connections it is using. Putting
Bacula – client changes host name Read More »
This article was written some months go, but only published today. I recently acquired a new tape auto-changer / library. I have already run some simple tests on the library, and all seems well. I already have an existing Bacula installation and my plan is to add this new auto-changer into that. The Devices The following is a list of the devices associated with my auto-changer. The output has been trimmed to exclude
Adding a tape library to Bacula Read More »
My laptop’s hostname is dent. I want my DNS records to point to that laptop whether I’m connected to my LAN directly (via WIFI or ethernet cable) or via OpenVPN (my VPN of choice). SIDE NOTE: You will see references to nsupdate -k below. Note that in recent versions of this program, the option you want has changed to nsupdate -y. You will find an example of the new format later in this
OpenVPN and dynamic DNS Read More »
For some time, I’ve seen these messages and been slightly bothered by them. Today, I found the solution. can’t re-use a leaf (geom_label)! can’t re-use a leaf (geom_part_gpt)! module_register: module g_label already exists! Module g_label failed to register: 17 module_register: module g_part_gpt already exists! Module g_part_gpt failed to register: 17 Those messages appeared on the console while booting and were logged in /var/log/dmesg.boot. I was told, but I forget where, that this was
can’t re-use a leaf or module_register: module g_label already exists Read More »
FreeBSD now has zl4 compression for ZFS. But you must upgrade your pools to get it. If you try before upgrading, you’ll get: # zfs create -o recordsize=8k -o primarycache=metadata -o compress=lz4 system/usr/home/dan/pgsqlsql cannot create ‘system/usr/home/dan/pgsql’: pool must be upgraded to set this property or value So, let’s upgrade: # zpool upgrade -a This system supports ZFS pool feature flags. Successfully upgraded ‘system’ from version 28 to feature flags. Enabled the following features
zpool upgrade to get lz4_compress Read More »
I found a problem with the check_pgsql Nagios plugin last week. It can’t handle names such as freshports.org. It’s a valid database name, as witnessed here: $ psql -l | grep freshports freshports.old | dan | SQL_ASCII | C | C | freshports.org | dan | SQL_ASCII | C | C | But it doesn’t work: $ /usr/local/libexec/nagios/check_pgsql -H slocum -l www -d freshports.org check_pgsql: Database name is not valid – freshports.org Usage:
nagios plugin check_pgsql can’t handle all valid database names Read More »