I read that Mozilla had been named an Internet villain by a number of British ISPs, for supporting encrypted DNS queries using DNS over HTTPS. I guess the problem is that an ISP by default knows which sites you browse even though the traffic itself is usually encrypted nowadays, since the traditional way of looking… Continue reading Simple DNS over HTTPS setup
PowerShell for Unix nerds
(This post was inspired by a question on ServerFault) Windows has had an increasingly useful scripting language since 2006 in PowerShell. Since Microsoft apparently fell in love with backend developers a while back, they’ve even ported the core of it to GNU/Linux and macOS. This is actually a big deal for us who prefer our… Continue reading PowerShell for Unix nerds
It’s so fluffy!
(Or: Backblaze B2 cloud backups from a Proxmox Virtual Environment) Backups are one of those things that have a tendency to become unexpectedly expensive – at least through the eyes of a non-techie: Not only do you need enough space to store several generations of data, but you want at least twice that, since you… Continue reading It’s so fluffy!
Replacing ZFS system drives in Proxmox
Running Proxmox in a root-on-zfs configuration in a RAID10 pool results in an interesting artifact: We need a boot volume from which to start our system and initialize the elements required to recognize a ZFS pool. In effect, the first mirror pair in our disk set will have (at least) two partitions: a regular filesystem… Continue reading Replacing ZFS system drives in Proxmox
Playing around with benchmarks
So I just rebuilt my little home server RAID from LVM+Ext4 to ZFS, changing the layout from RAID5 to RAID1+0, consisting of a pool of two mirrored disk sets. Since I’m a cheap bugger frugal, I still run a small HP MicroServer Gen7 (N54L) with only 2 GB of RAM, which I’ve filled up with 4 x… Continue reading Playing around with benchmarks
Monitoring Keepalived with SNMP on Ubuntu 14.04
Introduction Using keepalived in combination with a couple of HAProxy instances is a convenient yet powerful way of ensuring high availability of services. Up until now, I’ve considered it enough to monitor the VMs where the services run, and the general availability of a HAProxy listener on the common address. The drawback is that it’s hard to see if… Continue reading Monitoring Keepalived with SNMP on Ubuntu 14.04
Reverse Proxy with NTLM authentication in Linux
The other day I got a fun project at work: We need to have several users authenticate to a site using the same SSL certificate, but with logs showing which users were connected at any time. The basic premises are simple: A reverse proxy server takes calls to a specific address and sends them on… Continue reading Reverse Proxy with NTLM authentication in Linux