Performing a major version upgrade is never pleasant. I've been using ProxmoxVE for about ten years now though, and it's consistently done a fantastic job. Since it's based on Debian, all the upgrades are done with a simple apt update && apt upgrade, with a variety of steps in the middle to point to new repositories, etc. Nothing out of the ordinary, nothing scary.

So I've got two servers - one is an old one, with only a couple testing VM's residing on it. I go ahead and work through the 5 …

Continue reading

Right.

Today I needed to find a diagram of the traffic flow for a split-tunnel VPN. Nothing fancy, just a real simple user-facing diagram to form part of an article.

And friends, there was nothing. Nothing at all. I found proper technical ones from Cisco Meraki; fancy Office365 ones, depicting an ExpressRoute to O365 and tunnelling everything else through the VPN; and another Office365 tunnel with ExpressRoute and a split-tunnel for the rest of the traffic.

Pretty much the closest I came to my needs was this atrocity, via http …

Continue reading

Here's another quick one! I had a Roundcube instance, chugging along fine. Then one day it just stopped loading emails! Everything else was all fine - no problems with login etc, but trying to preview an email just game me a sadfaec. Chrome couldn't load the contents, and told me that the server had refused to connect.

Continue reading

Quick post tonight.

You can't rename a computer object in Active Directory Users and Computers. Even if you change the hostname, the domain object will still have the original distinguishedName from the old device.

However... you can do it in ADSIEdit! Just open ADSIEdit, navigate to the AD container that holds your misnamed object, right click on it, and Rename.

I've just done it with a couple test computers on a domain and both worked completely smoothly. I don't know if this would be safe if the renamed computer were …

Continue reading

A few days ago I spun up a Windows Dev VM to have a play with WireGuard for Windows.

I didn't really have a clear goal in mind when I started playing with this - part of it was in trying to create and launch a tunnel without using the GUI. Mostly I was just trying to learn more about a new implementation of a tool that I really like.

If you read my previous article, you'll recall that I started off trying to do this with just wireguard.exe. Here …

Continue reading

So, I mentioned in my post yesterday that I'm trying to get a bit of a quiet installer for WireGuard on Windows. Not that the current one is noisy, but I have a really simple use-case that I want to meet.

I spent some time seeing if I could just extract WireGuard.exe and run that. Nope, of course - it requires WinTun to be installed to facilitate the Layer 3 tunneling.

Next I played with the idea of just deploying WinTun directly, without installing the WireGuard package itself. I can …

Continue reading

I picked up a set of whole pork loins at Pak 'n Save the other day for like twelve bucks, and being on dinner duty tonight I thought it was time to fire up the smoker. But just last night we'd had a Chicken Tikka Masala which cleaned out our garlic stocks ... what to do?

After a bit of dithering, I made a simple low-garlic rub and it turned out good enough that I'm documenting it here!

Outta Garlic Pork Rub

• 1 tbsp salt
• 2 tbsp brown sugar
• 1 tbsp …

Continue reading

Righto, I've been using WireGuard for quite a long time now, but I just had my first foray into WireGuard on Windows. I'm trying to roll it into a low-touch VPN deployment sort of thing.

There will be a post about that soon, but this particular post is about setting up the environment for me to play with this stuff... I need a system where I can take snapshots and roll back the drive to a known state. (So I can be sure I'm not missing anything that the installer …

Continue reading

Okay so a few days ago I posted about adopting Caddy.

Of course, anyone who hosts anything knows that accessible services on the internet will start getting hit by scanners within literal moments of being accessible. On the very first night of having my site live on the new VPS, Logwatch informed me of a bunch of attempts to access wp-admin.php. Sigh.

Well, this entire site is built with my favourite static site generator Pelican. That means I don't have any PHP on my site whatsoever. Why not just …

Continue reading

For the last couple of years I've been running this site, as well as my friend's site (Under The Umbrella) on Nginx. Recently my VPS host decided to do away with their cheapest tier, so instead of doubling my annual cost, I hopped onto https://www.lowendbox.com and found myself a replacement Cheaps McGee VPS to host this.

Well, a major change like that is a great time to learn about something new, so I took the opportunity to get started with Caddy. If you don't already know about …

Continue reading