After combing through the docs and several how–tos on deploying the {{Squid proxy}} server – none of which really did everything I wanted, of course – I’ve finally gotten to the format below. Installing Squid is easy-peasy – it’s in the standard package repos for the major platforms ({{CentOS}}/{{Fedora}}/{{RHEL}}, {{Ubuntu}}/{{Debian}}, etc) – so just run …
Continue reading a fairly comprehensive squid configuration for proxying all the http things
hey, virtualbox – don’t be retarded
Ran across this error recently in an Ubuntu guest on my VirtualBox install: VBoxClient: (seamless): failed to start, Stage: Setting guest IRQ filter mask Error: VERR_INTERNAL_ERROR Gee, isn’t that a useful message. Fortunately, there was a forums.virtualbox thread on just this error. The upshot is that this error is actually caused because of a failure …
Continue reading hey, virtualbox – don’t be retarded
fallocate vs dd for swap file creation
I recently ran across this helpful Digital Ocean community answer about creating a swap file at droplet creation time. So I decided to test how long using my old method (using dd) takes to run vs using fallocate. Here’s how long it takes to run fallocate on a fresh 40GB droplet: root@ubuntu:/# rm swapfile && …
Continue reading fallocate vs dd for swap file creation
ssl configuration for apache 2.4 on centos 7 with let’s encrypt
In follow-up to previous posts I’ve had about SSL (specifically with Let’s Encrypt), here is the set of {{SSL}} configurations I use with all my sites. These, if used correctly, should score you an “A+” with no warnings from ssllabs.com. Note: I have an improved entropy package installed (twuewand). This is adapted from the Mozilla config …
Continue reading ssl configuration for apache 2.4 on centos 7 with let’s encrypt
results from running pi-hole for several weeks
I came across pi-hole recently – an ad blocker and {{DNS}} service that you can run on a {{Raspberry Pi}} in Raspian (or any {{Debian}} or {{Ubuntu}} (ie Debian-like)) system. Using pi-hole should obviate the need for running ad-blockers in your browser (so long as you’re on a network that is running DNS queries through pi-hole). …
Continue reading results from running pi-hole for several weeks
watch your mtu size in openstack
For a variety of reasons related to package versions and support contracts, I was unable to use the {{Red Hat}} built {{KVM}} image of {{RHEL}} 7.2 for a recent project. (The saga of that is worthy of its own post – and maybe I’ll write it at some point. But not today.) First thing I …
Continue reading watch your mtu size in openstack
helping a magpierss-powered site perform better
I rely on MagpieRSS to run one of my websites. (If you'd like to see the basic code for the site, see my {{GitHub}} profile.) One of the drawbacks to Magpie, and dynamic websites in general, is they can be bottlenecked by external sources – in the case of Magpie, those sources are the myriad …
Continue reading helping a magpierss-powered site perform better
how did i never know about .ssh/config?
I’m sure folks have tried to explain this to me before, but it wasn’t until today that it finally clicked – using .ssh/config will save you a world of hurt when managing various systems from a {{Linux}} host (I imagine it works on other platforms, too – but I’ve only started using it on {{CentOS}}). …
Continue reading how did i never know about .ssh/config?
improve your entropy pool in linux
A few years ago, I ran into a known issue with one of the products I use that manifests when the {{Red Hat Linux}} server it’s running on has a low entropy pool. And, as highlighted in that question, the steps I found 5 years ago didn’t work for me (turns out modifying the t …
Continue reading improve your entropy pool in linux
knoppix remastering virtual appliance
In preparation for an upcoming post on remastering {{Knoppix}}, I have made a {{VirtualBox}} {{virtual appliance}} based on the Knoppix v7.6.1 DVD all set for remastering. /dev/sda holds the raw files. /dev/sdb1 is a swap partition. To use the appliance, download the Knoppix 7.6.1 DVD. You’ll need a boot environment for remastering, and Knoppix has …
Continue reading knoppix remastering virtual appliance
may 11 bglug meeting 6:30p at beaumont branch: topic – freeipa
We will be meeting at the Beaumont Library Branch at 6:30p on 11 May. Our speaker is the LUG’s own Nathaniel McCallum, one of the FreeIPA maintainers – and all-around nice guy. Come out and support the LUG, learn something new, and meet cool people.
keep your wordpress installs up-to-date
I run several websites on my server – nothing heavy, just some various vhosts for {{Apache}}. Many (but not all) of them run {{WordPress}}. At some unknown point (and I haven’t kept the crap that was being used around), over 100,000 files were uploaded to the root directory of one of the websites (the only …
Continue reading keep your wordpress installs up-to-date
merging centos iso images
Thanks to @Anon on Unix.SE for the pointer on how to do this. And to @Andy‘s comment on @mmckinst‘s answer for the warning about additional packages you may need. As my three readers know, I run a {{CentOS}} mirror. One of the idiosyncrasies of CentOS, like its upstream {{RHEL}}, is that DVD ISOs aren’t always just one image – …
Continue reading merging centos iso images
bglug presentation – 04 aug 2014 – basics of initial centos/rhel 6.x server configuration
Attached is the presentation for my talk on initial CentOS/RHEL 6.x server configuring. bglug-2014-08-04-myers
setting-up etherpad in centos 6
To add to my tutorial collection, here’s how to setup EtherPad on CentOS 6 (x64). As in the IRC tutorial, I used a Digital Ocean VM for this 🙂 What is EtherPad? It’s an open-source collaborative text editor that works like Google Docs – ie, all editors/viewers can see changes from everyone else in realtime. …
Continue reading setting-up etherpad in centos 6
automatically extract email attachments with common linux tools
I had need to automatically process emails to a specific address to pull attachments out, and this is how I did it: $ yum install mpack $ cat extract-attach.sh #!/bin/bash rm -rf ~/attachtmp mkdir ~/attachtmp mv ~/Maildir/new/* ~/attachtmp cd ~ munpack ~/attachtmp/* rm -rf ~/attachtmp $ crontab -l */5 * * * * ~/extract-attach.sh Why, …
Continue reading automatically extract email attachments with common linux tools
network install of centos 6
I wanted to try something different when playing with CentOS 6 recently, so I did a network install. Other than one very small detail, the install is identical to installing off a normal ISO. Here’s the difference: use the netinstall.iso (eg http://centos.datente.com/media/6/isos/x86_64/CentOS-6.4-x86_64-netinstall.iso) when it asks for the URL to grab your image from, use something like http://centos.datente.com/media/6/os/x86_64 (make …
Continue reading network install of centos 6
olf 2013 in the bag
This past weekend I went to OLF with my friend Peter and a fella who’s now more than an acquaintance, Nathaniel – one of the lead devs for FreeIPA at Red Hat. Got to go to a variety of great talks and sessions, met some awesome folks, and just generally enjoyed the geek weekend 🙂 I’ll be …
Continue reading olf 2013 in the bag
this is not the year of the linux desktop
2013 will not be the YoLD. Nor will 2014. Or 2015. This will be a shock to the fanatical FLOSS heads out there. But not to me. I’ve never thought that “this will be the year of the Linux desktop” – regardless of how many magazine, journal, blog, and other articles have been published about …
Continue reading this is not the year of the linux desktop
next bglug meeting – 25 oct at 1900 (7p) – @collexion hackerspace
Topic is yet TBD – but the time and place are set: 25 Oct 1900 Collexion hackerspace Come join us!
next bglug meeting: topic ‘raspberry pi’; speaker jordan keyes; 1900 (7p) 20 september @collexion hackerspace
After several months, the Bluegrass Linux User Group (see also G+ page) is resuming regular meetings in conjunction With Collexion – a hackerspace in Lexington KY. Our first (next) topic is “The Raspberry Pi“, presented by Jordan Keyes (creator of twil.tv (also on youtube: http://youtube.com/twildottv)), at 1845 (6:45p) at Collexion. We’ll plan to “start” at …
Continue reading next bglug meeting: topic ‘raspberry pi’; speaker jordan keyes; 1900 (7p) 20 september @collexion hackerspace
automatically returning a host to the unprovisioned server pool in hpsa
In conjunction with the customized PXE process I wrote about previously, it could be highly desirable to be able to return a server to the unprovisioned server pool in HP’s Server Automation. This is a specifically-Linux procedure: though I’m sure something similar can be done with Windows*. run an ad-hoc script against a target server that …
Continue reading automatically returning a host to the unprovisioned server pool in hpsa
not enough cpus
I found an interesting reference that indicates that for x86, the maximum number of CPUs the Linux kernel can handle is 255. I’d presume that it’s the same for Windows. I’m curious – right now this is a rather large limit: but it won’t be for long! 16 core CPUs are available from AMD today. I …
Continue reading not enough cpus
symlinks and nfs
I recently discovered an interesting “feature” of symbolic links in conjunction with NFS mounts: they don’t work! For example, let’s say you have the following NFS export: /media/files Inside of that export, you have the following path: /media/files/isos/osmedia/linux/ubuntu In *this* directory, you have a symlink called ‘current‘, which points to a different location: current -> …
Continue reading symlinks and nfs
storage strategies – part 4
Last time I talked about storage robustifiers. In the context of a couple applications with which I am familiar, I want to discuss ways to approach balancing storage types and allocations. Storage Overview Core requirements of any modern server, from a storage standpoint, are the following: RAM swap Base OS storage OS/application log storage Application …
Continue reading storage strategies – part 4