CUSTOM DEBIAN ISO
If you’re installing Debian on a regular basis, or want to automate the installation a bit more, building a custom Debian installation ISO can be quite handy. You can automate some of the more tedious parts of the installation, install extra packages and run additional setup, or even completely automate the installation! Why? In my case, I’m working with some automated provisioning using Puppet and Packer. Most of the time, you can start with a pre-installed operating system and work from there.
Read moreFIREWALLD IN DEBIAN 10
In the past, I showed how to add a firewall rule in Debian 9. For Debian 10, these instructions still work but installing the firewalld package is a bit more involved. Why There is a bug in iptables (which is how firewalld applies rules) that causes it to crash on start up. Thanks to this GitHub Issue, I was able to track this down to the specific version of iptables that ships with Debian 10 (1.
Read morePUPPET WITHOUT A PUPPET SERVER
One tool that is pretty neat for anyone who manages more than one machine is Puppet. In it’s simplest form, Puppet is designed to codify actions you may take on your server and run them automatically. The typical deployment for Puppet relies on a central Puppet server (the “Puppetmaster”), and clients distributed around your network. What if, say, we wanted to run Puppet without this central server? Why Puppet is great, and a centralized Puppet server is equally great.
Read moreTRYHACKME: VULNVERSITY
Meta Information: This is a room I recently completed on TryHackMe. I figured I’d do a write up of what I found, how I got in, and things that a potential sysadmin would want to do to fix their server. I’m writing this from the point-of-view of a independent security consultant. Description of Server The machine in question appears to be an Ubuntu Linux machine, with a number of open ports and protocols:
Read moreFIX VIRTUALMIN PROXY WITH LET'S ENCRYPT
This is a minor inconvenience that I’ve dealt with for far too long. When using Virtualmin as a reverse proxy, it doesn’t handle Let’s Encrypt verification records correctly and forwards them to the upstream service. In my case, this would cause certificates to issue correctly initially, but then fail to renew after three months is up. Since every request that hits the server was getting sent to the upstream server (including any requests to .
Read moreBACKUP GOOGLE PHOTOS (PART 2)
In Part One we looked at how to download our photos from Google Photos to a local drive. But now we’ll look at how to archive them into human readable folders that can be included in daily snapshot backups. Our Problem Now we have all our photos downloaded, but I really wanted things to live on my NAS with the rest of my important files. This would also let me potentially delete photos from Google Photos but keep things locally.
Read moreBACKUP GOOGLE PHOTOS (PART 1)
One service that I’ve come to rely on is Google Photos. For the last number of years, I’ve had photos on my phone (which is now my primary camera for trips) automatically backed up and categorized. It’s a slick service, but I feel most comfortable having local copies of photos and keep them in a snapshot backup system. Why I Did This Google Photos is great, and I don’t really have any issues with the service or its availability.
Read moreMY PERSONAL BURNOUT
I suffered a pretty hard burn out a couple of years ago. I ended up changing jobs, and only then did I realize just how exhausted I was. I wanted to share my experience, what happened, how I think it could have been prevented, and remind everybody that their mental well being important. Quick Disclaimer: I’m not writing this to place any blame on what happened. This was mostly the result of circumstances beyond anyone’s control, so no one really is at fault.
Read moreA NEW SITE
I’m not a huge fan of meta posts, but this seemed like a fairly major change so I’m making one. I’ve updated my site to use Hugo rather than Wordpress. Wordpress is nice and all, but it’s fairly complex for this site and with horror stories of rouge plugins, I didn’t feel it was the best choice. Also, the new static site is a lot faster and a lot easier to work with, so those are also added bonuses.
Read moreCONDENSED PHPMYADMIN CONFIGURATION
This is something that bothered me when adding more than one server to PHPMyAdmin. The default configuration is very verbose, and largely isn’t needed for simple use cases. In my case, I boiled down the config options I use most frequently, and changed the format to be more inline. The format doesn’t look too good on the site, but it is pretty clean once in a wider editor. $cfg['Servers'] = [ 1 => [ 'host' => 'xxx', // MySQL hostname or IP address 'port' => '', // MySQL port - leave blank for default port 'socket' => '', // Path to the socket - leave blank for default socket 'ssl' => true, // Use SSL for connecting to MySQL server?
Read more