It's the first weekend of New Zealand's COVID-19 lockdown, and having already been working from home for a week I decided I'd get energetic in the kitchen.

Last night, with some guidance from my mate Nevyn, I put a couple chickens into a brine. I've brined before, but this one was super experimental for me, as usually my brines are just that one top result on AllRecipes.com, which is about as inspired as plain mayonnaise on pizza.

Well, holy shit I just finished dinner and it was good enough …

Quite a long time ago, I posted my recipe for smokey BBQ-baked beans. It's still one of the only recipes I've seen which starts with dry beans, and includes slow-cooking in a smoker. Most of the recipes I've found are either for oven baking, or start with a literal can of baked beans (wtf).

Well I'm making baked beans again for the first time in ages, and I've taken the time to write down my tweaks. This is primarily around my BBQ sauce, hence the title of this post!

Just …

(Reposting from Facebook - originally written 2020-02-19)

Tonight I've got something a bit special for my #shavingPost... A few weeks ago, I offered to help beta test a new product - a shave soap in a cup - for Grere Coutie of The Artsy Moose.

The Artsy Moose is actually a really groovy little artisan handcraft shop, physically located here in Hamilton, but Grere sells most of her work online as well. Primarily focussed on soaps, there are all sorts on offer - from activated charcoal soap, to gardeners soap, to BEER soap... even …

I’m a bit over halfway through a brilliant set of particle physics lectures by Don Lincoln, called The Theory of Everything: The Quest to Explain All Reality. Don has spent many years as an experimental particle physicist, and has worked with particle accelerators at both at Fermilab and at CERN. You may remember him from his co-discovery of the top quark in 1995, or from his membership on the CERN team when they discovered the Higgs boson in 2012. Or heck you might have seen one of his TED …

After hosting a mail server for a few years, I've gotten tired of seeing alllll the 404 attempts in my daily logwatch. Fail2Ban can help here really well, and it turns out to be really easy.

Start with nano /etc/fail2ban/filter.d/nginx-4xx.conf (I'm counting on your running Debian and having things in default locations here), and enter the following:

[Definition]
failregex = ^<HOST>.*"(GET|POST).*" (404|444|403|400) .*$
ignoreregex =

Note: Make sure you use a capital 'D' in Definition there.

Now, edit your /etc/fail2ban/jail.conf …

I just spent an hour troubleshooting the most ridiculous thing. I guess to help people search, I'd describe this as "dpkg failing at sa-compile in Debian 10" but that's really not a good picture of what's happening here...

Setting up sa-compile (3.4.2-1~deb9u3) ...
Running sa-compile (may take a long time)
/bin/sh: 1: x86_64-linux-gnu-gcc: Permission denied
make: *** [body_0.o] Error 126
command 'make PREFIX=/tmp/.spamassassin22062Ifq5yDtmp/ignored INSTALLSITEARCH=/var/lib/spamassassin/compiled/5.024/3.004002 >>/tmp/.spamassassin22062Ifq5yDtmp/log' failed: exit 2
dpkg: error processing package sa-compile (--configure …

Woo! FreeNAS finally supports ECC crypto for it's SSL certificates in 11.3!

I reported this as a bug almost exactly two years ago, and kept having to do nasty workarounds to make it work every time I installed an update. Very happy that it's finally sorted and I can use my proper shiny elliptic curve SSL setup! :)

If you're setting up a new SSL VPN with certificate authentication, and if you already have an internal PKI, you're probably considering using your internal certification authority to create the SSL keys and certificates for your VPN clients. Awesome! This is a great and easy way to do this job.

But there's a dearth of information on the Interwebs regarding what Extended Key Usages you need to have enabled in your Certificate Template for these. There are a heap available, including Email Signing, Timestamping, Code Signing, IPSec SSL things (about …

Have you ever experienced that thing where you're in your car, stopped at a traffic light - you suddenly get the sensation that you're rolling backward, so you slam on your brake... but you already had your brake on, and you weren't moving! It was the car beside you rolling forward, but your brain misinterpreted it as your own - backwards - motion.

So, another mental image: imagine that you find yourself suddenly transported to a quiet, peaceful mountaintop. There's a monastery here, and Monks are quietly meditating. There is no sound, no …

When I was considering writing my post on time dilation, I expected precisely zero feedback... just on the basis that nobody would read it. I'm really pleased with the feedback I actually got, and you've all spurred me to write another post on the topic. So today, I'm going to give you a brief glimpse into what caused all this ruckus: Einstein's general theory of relativity.

If you remember, Einstein first came up with the special theory of relativity in 1905, and it took another ten years to get to …