Getting acme.sh to renew certs via cronjob on FreeBSD

Leave a Comment / DNS, Let's Encrypt, Security / By /

In the past, I’ve written about using acme.sh to automatically generate SSL certificates and distribute them to the required locations. I do this in a single central location, and the websites and mail servers grab their new certs from a webserver. At the time of writing, I was using FreeBSD 11.1 and acme.sh 2.7.4, supplied by the FreeBSD port, in a jail. Nagios warned me that one of my Let’s Encrypt certificates was […]

Getting acme.sh to renew certs via cronjob on FreeBSD Read More »

FreeBSD – what processes in what jails are using swap?

Leave a Comment / FreeBSD, Open Source / By /

Sometimes stuff gets swapped out. When it does, it’s good to know what is swapped. I was getting this Nagios alert this morning. I started searching. I found this post about showing what is using swap via: [dan@knew:~] $ ps ax | awk ‘NR==1{print};$3 ~ /W/’ PID TT STAT TIME COMMAND 12 – WL 54:27.37 [intr] 10147 – IWsJ 0:00.00 /bin/sh /usr/local/bin/mysqld_safe –defaults-extra-file=/usr/local/etc/mysql/my.cnf –based 12791 – IWsJ 0:00.00 /bin/sh /usr/local/bin/mysqld_safe –defaults-extra-file=/var/db/mysql/my.cnf –user=mysql –

FreeBSD – what processes in what jails are using swap? Read More »

Booting off the new 5TB drives

Leave a Comment / Disks, File Systems, FreeBSD, hardware, Open Source, ZFS / By /

This is about FreeBSD 11.1 on my knew server. I recently replaced the 3TB drives with 5TB drives. Along the way, it didn’t boot, the swap was adjusted, I got concerned about power, and there was a brief CAM status: SCSI Status Error scare. Then today, the planned reboot, I started asking questions on Reddit and on Twitter. The booting issue BIOS cannot boot from drives which present only 4096-byte sectors. This is

Booting off the new 5TB drives Read More »

Replaced a drive? What about that gmirror swap?

Leave a Comment / gmirror / By /

I just swapped out a drive which was involved in a gmirror swap. This is the current status: $ gmirror status Name Status Components mirror/swap DEGRADED da0p2 (ACTIVE) da2p2 (ACTIVE) da3p2 (ACTIVE) da4p2 (ACTIVE) da5p2 (ACTIVE) da9p2 (ACTIVE) da10p2 (ACTIVE) Here is how I can fix that: sudo gmirror forget swap The above tells gmirror to forget about components which are not connected. As you can see here, it makes gmirror happy. $

Replaced a drive? What about that gmirror swap? Read More »

subversion via ssh passphrase-less key

Leave a Comment / Security, ssh, subversion / By /

In general, passphrase-less ssh keys are a security nightmare. It is similar to leaving the key to your front door in the lock. Anyone stumbling across it has access to your house. Similarly, if someone gets your ssh key, and there is no passphrase on it, they can use that key for anything which grants access to that key. Side note: How can you tell if a given ssh key has a passphrase?

subversion via ssh passphrase-less key Read More »

After replacing 3TB drive with 5TB drive, FreeBSD 10.3 system did not reboot

1 Comment / Disks, FreeBSD, hardware, HBA, Open Source, ZFS / By /

I started replacing 3TB drives with 5TB drives in a 10 drive raidz3 array on a FreeBSD 10.3 box. I was not sure which drive tray to pull, so I powered off the server, and, one by one, pulled the drive tray, photographed it, and reinserted the drive tray. No changes were made. The first reboot Upon powering up, I was greeted by this (I have typed out the text for search purposes):

After replacing 3TB drive with 5TB drive, FreeBSD 10.3 system did not reboot Read More »

Logging, backups, and newsyslog.conf on FreeBSD

Leave a Comment / FreeBSD, syslog / By /

This morning, I was reviewing the logs and noticed these notices in /var/log/messages: I guessed that this was directly related to the zfs replace command I had issued the day before, but I wanted to confirm that. I like to use sudo instead of becoming root. One of the many benefits to this approach is logging. Everything is logged to /var/log/auth.log for later review. However, by the time I went to look, /var/log/auth.log

Logging, backups, and newsyslog.conf on FreeBSD Read More »

Swapping 5TB in, 3TB out

1 Comment / Disks, File Systems, FreeBSD, hardware, ZFS / By /

In this power, the server is running FreeBSD 10.3. I am completely and unreasonably biased: ZFS is the best filesystem out there. Do not take my word for it. Ask around. Today, I started a process I’ve been waiting to do for a while. I am replacing the 3TB drives in a 10-drive raidz2 array with 5TB drives. These new drives are faster, I think perhaps cooler, and, more to the point, bigger.

Swapping 5TB in, 3TB out Read More »

PostgreSQL – logging to a file

Leave a Comment / PostgreSQL, syslog / By / /

These steps were carried out on FreeBSD 11.0 with PostgreSQL 9.6 (two of my favorite tools). I like logging. I like logging PostgreSQL. With logs, you can see what happened. Without, you can only guess. Setting up logging for PostgreSQL involves several parts, each of which must be completed or else I don’t get what I want. This is not a criticism of PostgreSQL. It’s a feature. I am documenting this because each

PostgreSQL – logging to a file Read More »

Scroll to Top