After my first draft, I discovered a few things: The motherboard was socket type LGA 1156 The CPU was socket type LGA 1155 NewEgg doesn’t list any LGA 1156 CPUs The board has SATA 3 The drives were SATA 6 Using an Active PFC PSU with my plain 6+ year old UPS will cause the PSU to shutdown when the UPS switches to battery Here is the new list: case – Fractal Design […]
Creating a new gateway box, part II Read More »
In an effort to ruthlessly eradicate legacy, I’ve decided to upgrade my gateway at the same time as I’m upgrading my development server. NOTE: the list of components, which appears below, has been updated in this post. The gateway box, which I think is about 10 years old, which contains these snippets from /var/run/dmesg.boot: CPU: Intel(R) Celeron(R) CPU 2.00GHz (1999.95-MHz 686-class CPU) real memory = 536870912 (512 MB) This box runs: OpenVPN as
Creating a new gateway box Read More »
This is the third in a series of posts about building a new server. What’s happened since? My main development server is acting up again. One of the two HDD in the gmirror has gone off line. Also, I recently read an article about an interesting scam which introduced me to the phrase ruthlessly eradicate legacy. That phrase and strategy lodged firmly in my brain. Those two triggers, along with the urge to
Designing a new server, part III Read More »
People often talk about security. There are many different types of security. Personal security. Security theater. Physical security. In this post, we’ll talk about securing communications channels so that others cannot listen in, and so that others cannot connect. In this article, I’ll talk about using a toolkit, ssl-admin, to create a certificate authority, create self-signed certificates, and use them for both backups (via Bacula) and for a VPN (using OpenVPN). We will
I wrote this some time ago, but never published it. Here we go… Bacula is a fantastic backup solution. It’s open source. It uses a database to keep track of backups. I’ve been writing recently about using ssl-admin as a certificate authority tool. Today, I started using ssl-admin for generating certificates for my backup clients. In this post, I’m using Bacula 5.2.12 and using this reference page as a guide. I started playing
Bacula: TLS Allowed CN Read More »
I found this special idea about banning spammers: echo “select comment_author_IP from wp_comments where comment_approved = ‘spam'” | \ mysql –skip-column-names -u root wordpress_danlangilleorg | \ xargs -n 1 -J % sudo pfctl -t idiots -T add % Anyone care to explain how this works?
Greylisting is an interesting approach to spam. I first started using it in the form of OpenBSD’s pf and spamd tools back in 2007. That said, I now let Google handle my incoming email. Today I was trying to get spamd-setup to run: spamd-setup: Can’t connect to spamd on port 8026: Connection refused I couldn’t figure that one out. But eventually I stumbled upon it… The problem was spamlogd. It wasn’t running. So
spamlogd not running; spamd-setup won’t run Read More »
Yesterday I was setting up a new server for a client / friend. During the setup, we had a brief period wherein mail was delivered to mbox instead of to Maildir. That is, we had mail sitting in /var/mail/USER instead of ~USER/Maildir, for a number of values of USER. At first, I tried using formail and procmail to send it to the local user. I did this using a method I found using
Forwarding mail in mbox to elsewhere Read More »
The PGCon 2013 Call for papers is out. It’s been out for over two weeks. Had you heard about it already? If you have not already submitted, please do so. The deadline for submissions (19 Jan) is just over a month away. That time will fly past. Please don’t leave it to the last minute. If you are doing something interesting with PostgreSQL, please submit a proposal. You might be one of the
PGCon 2013 call for papers Read More »
I use Bacula for my backups. Most of my backups are done to disk, then copied to tape. I have long liked the idea of having multiple backups on different media. On a regular basis, I move the FULL backup tapes to an offsite location. This is standard practice and highly recommended if you can do it. I don’t use the latest and greatest tape drives. I’m using DLT drives. I like them
Adding Nagios checks for tape drives / libraries Read More »