Category: coding and admin

variable substitution – redux

Back in October last year, I posted a note about the usage of variable substitution in lighttpd’s configuration files. In fact I got that post very slightly wrong (now corrected) in that I showed the test I applied in the file as: “$HTTP[“remoteip”] !~ “12.34.56.78″”. (Note the “!~” when I should have used “!=”). This …

Continue reading

Permanent link to this article: https://baldric.net/2017/01/30/variable-substitution-redux/

variable substitution in lighttpd

I’ve been a lighty user for many years now, having junked apache when it became obviously overweight for my target devices (the slugs in particular). Trivia is, of course, powered by lighty as are all my other websites. Lighty’s configuration file syntax is reasonably simple to understand, and is well documented on the Redmine wiki. …

Continue reading

Permanent link to this article: https://baldric.net/2016/10/19/variable-substitution-in-lighttpd/

raid performance

I have recently been building a new NAS box (of which, possibly, more later). In fact the build is really a rebuild because I initially built the server about three years ago in order to consolidate a bunch of services I was running on assorted separate servers into one place. That first build was a …

Continue reading

Permanent link to this article: https://baldric.net/2016/05/02/raid-performance/

backblaze back seagate

In October last year I noted that the Western Digital “Green” drives in my desktop and a new RAID server build looked to be in imminent danger of early failure. That conclusion was based on a worryingly high load-cycle count which a series of posts around the net all attributed to the aggressive head parking …

Continue reading

Permanent link to this article: https://baldric.net/2014/01/21/backblaze-back-seagate/

http compression in lighttpd

Today I had occasion to test trivia’s page load times. I used the (admittedly fairly dated) website optimization test tool and was surprised to find that it reported that parts of the pages I tested were not compressed before delivery. I have the default compression options set in my lighty configuration file as below: compress.cache-dir …

Continue reading

Permanent link to this article: https://baldric.net/2013/12/30/http-compression-in-lighttpd/

TLS ciphers in postfix and dovecot

A recent exchange amongst ALUG email list members about list etiquette resulted in a flurry of postings on a variety of related topics. I posted a flippant comment about top posting, but did so (deliberately) from my Galaxy tab using Samsung’s default email client which actually forces top posting. Steve responded suggesting that I look …

Continue reading

Permanent link to this article: https://baldric.net/2013/12/07/tls-ciphers-in-postfix-and-dovecot/

wd caviar green load cycle count

Back in January of this year I upgraded my desktop’s hard drive to a 2 TB WD Caviar Green. Not the world’s fastest drive, but quiet, power efficient, and, so I thought, good value for money. I subsequently used two of the same disks in a new build RAID 1 server (which I must get …

Continue reading

Permanent link to this article: https://baldric.net/2013/10/12/wd-caviar-green-load-cycle-count/

security failure at digital ocean

This morning I received an email from Digital Ocean titled “Avoid Duplicate SSH Host Keys”. The email said: “If you have created an Ubuntu Droplet or snapshot prior to July 2nd, DigitalOcean recommends regenerating the SSH host keys. Droplets based on standard images now create unique SSH host keys.” (This, of course, implies that they …

Continue reading

Permanent link to this article: https://baldric.net/2013/08/03/security-failure-at-digital-ocean/

lighttpd graceful shutdown

I run two tails mirrors. One in NYC, the other in SanFrancisco. They each serve around 2-3 TiB of data per month. In common with my other servers, occasionally I need to interrupt those VMs in order to effect a system upgrade. I had to do this very recently with my upgrade of all my …

Continue reading

Permanent link to this article: https://baldric.net/2013/05/27/lighttpd-graceful-shutdown/

using an ssh reverse tunnel to bypass NAT firewalls

There is usually more than one way to solve a problem. Back in October last year I wrote about using OpenVPN to bypass NAT firewalls when access to the firewall configuration was not available. I have also written about using ssh to tunnel out to a tor proxy. What I haven’t previously commented on is …

Continue reading

Permanent link to this article: https://baldric.net/2013/03/26/using-an-ssh-reverse-tunnel-to-bypass-nat-firewalls/

touching update

I have recently upgraded the internal disk on my main desktop from 1TB to 2TB. I find it vaguely astonishing that I should have needed to do that, but I do have a rather large store of MP4 videos, jpeg photos and audio files held locally. And disk prices are again coming down so the …

Continue reading

Permanent link to this article: https://baldric.net/2013/02/28/touching-update/

what a difference a gig makes

During the new year period when I was having a little local difficulty with thrustVPS, I started looking around for alternative providers. My first port of call was lowendbox. That site lists many VPS providers and is often used by suppliers to advertise “special deals” for short periods. Indeed, I think I intially found thrust …

Continue reading

Permanent link to this article: https://baldric.net/2013/01/13/what-a-difference-a-gig-makes/

dovecot failure

Today I ran a routine apt-get update/apt-get upgrade on my mailserver and dovecot failed afterwards. This is a “bad thing” (TM). No routine software upgrade should cause a failure of the kind I experienced. Two things happened which should not have done. Firstly the SSL certificates appeared to have changed (which meant that mail clients …

Continue reading

Permanent link to this article: https://baldric.net/2013/01/11/dovecot-failure/

no sites are broken

Or so the wordpress post at wordpress.org would have us believe. However, I think there is flaw in both their logic, and their decision making here. I spotted the problem following an upgrade to wordpress 3.5 on a site I use. One of the plugins on that site objected to the upgrade with the following …

Continue reading

Permanent link to this article: https://baldric.net/2012/12/19/no-sites-are-broken/

forcing innodb recovery in mysql

Today I had a nasty looking problem with my mysql installation. At first I thought I might have to drop one or more databases and re-install. Fortunately, I didn’t actually have to do that in the end. I first noticed a problem at around 15.45 today when I couldn’t collect my mail. My mail system …

Continue reading

Permanent link to this article: https://baldric.net/2012/11/16/forcing-innodb-recovery-in-mysql/

using openvpn to bypass NAT firewalls

OpenVPN is a free, open source, general purpose VPN tool which allows users to build secure tunnels through insecure networks such as the internet. It is the ideal solution to a wide range of secure tunnelling requirements, but it is not always immediately obvious how it should be deployed in some circumstances. Recently, a correspondent …

Continue reading

Permanent link to this article: https://baldric.net/2012/10/27/using-openvpn-to-bypass-nat-firewalls/