ZFS zpool vanishing after upgrading ProxmoxVE 5.4 to 6.2

Posted on Sat 23 May 2020 in Tech • Tagged with Tech, Linux

Performing a major version upgrade is never pleasant. I've been using ProxmoxVE for about ten years now though, and it's consistently done a fantastic job. Since it's based on Debian, all the upgrades are done with a simple apt update && apt upgrade, with a variety of steps in the middle to point to new repositories, etc. Nothing out of the ordinary, nothing scary.

So I've got two servers - one is an old one, with only a couple testing VM's residing on it. I go ahead and work through the 5 …


Continue reading

Roundcube not loading email contents

Posted on Mon 11 May 2020 in Tech • Tagged with Tech

Here's another quick one! I had a Roundcube instance, chugging along fine. Then one day it just stopped loading emails! Everything else was all fine - no problems with login etc, but trying to preview an email just game me a sadfaec. Chrome couldn't load the contents, and told me that the server had refused to connect.


Continue reading

Renaming a computer object in Active Directory

Posted on Sat 09 May 2020 in Tech • Tagged with Tech

Quick post tonight.

You can't rename a computer object in Active Directory Users and Computers. Even if you change the hostname, the domain object will still have the original distinguishedName from the old device.

However... you can do it in ADSIEdit! Just open ADSIEdit, navigate to the AD container that holds your misnamed object, right click on it, and Rename.

I've just done it with a couple test computers on a domain and both worked completely smoothly. I don't know if this would be safe if the renamed computer were …


Continue reading

WireGuard on Windows - Part 2

Posted on Fri 08 May 2020 in Tech • Tagged with Tech, WireGuard

A few days ago I spun up a Windows Dev VM to have a play with WireGuard for Windows.

I didn't really have a clear goal in mind when I started playing with this - part of it was in trying to create and launch a tunnel without using the GUI. Mostly I was just trying to learn more about a new implementation of a tool that I really like.

If you read my previous article, you'll recall that I started off trying to do this with just wireguard.exe. Here …


Continue reading

Getting WireGuard on Windows - quietly

Posted on Mon 27 April 2020 in Tech • Tagged with Tech, WireGuard

So, I mentioned in my post yesterday that I'm trying to get a bit of a quiet installer for WireGuard on Windows. Not that the current one is noisy, but I have a really simple use-case that I want to meet.

I spent some time seeing if I could just extract WireGuard.exe and run that. Nope, of course - it requires WinTun to be installed to facilitate the Layer 3 tunneling.

Next I played with the idea of just deploying WinTun directly, without installing the WireGuard package itself. I can …


Continue reading

Setting up a Windows Dev VM under ProxmoxVE

Posted on Sun 26 April 2020 in Tech • Tagged with Tech

Righto, I've been using WireGuard for quite a long time now, but I just had my first foray into WireGuard on Windows. I'm trying to roll it into a low-touch VPN deployment sort of thing.

There will be a post about that soon, but this particular post is about setting up the environment for me to play with this stuff... I need a system where I can take snapshots and roll back the drive to a known state. (So I can be sure I'm not missing anything that the installer …


Continue reading

Using Fail2Ban to insta-block malicious hits

Posted on Tue 07 April 2020 in Tech • Tagged with Tech, Security, Linux

Okay so a few days ago I posted about adopting Caddy.

Of course, anyone who hosts anything knows that accessible services on the internet will start getting hit by scanners within literal moments of being accessible. On the very first night of having my site live on the new VPS, Logwatch informed me of a bunch of attempts to access wp-admin.php. Sigh.

Well, this entire site is built with my favourite static site generator Pelican. That means I don't have any PHP on my site whatsoever. Why not just …


Continue reading

Moving to the Caddy web server

Posted on Sun 05 April 2020 in Tech • Tagged with Tech, Security, Linux

For the last couple of years I've been running this site, as well as my friend's site (Under The Umbrella) on Nginx. Recently my VPS host decided to do away with their cheapest tier, so instead of doubling my annual cost, I hopped onto https://www.lowendbox.com and found myself a replacement Cheaps McGee VPS to host this.

Well, a major change like that is a great time to learn about something new, so I took the opportunity to get started with Caddy. If you don't already know about …


Continue reading

Fail2Ban+Nginx (blocking repeated 404's, etc)

Posted on Mon 16 March 2020 in Tech • Tagged with Tech, Security, Linux

After hosting a mail server for a few years, I've gotten tired of seeing alllll the 404 attempts in my daily logwatch. Fail2Ban can help here really well, and it turns out to be really easy.

Start with nano /etc/fail2ban/filter.d/nginx-4xx.conf (I'm counting on your running Debian and having things in default locations here), and enter the following:

[Definition]
failregex = ^<HOST>.*"(GET|POST).*" (404|444|403|400) .*$
ignoreregex =

Note: Make sure you use a capital 'D' in Definition there.

Now, edit your /etc/fail2ban/jail.conf …


Continue reading

sa-compile failing during upgrade

Posted on Sun 15 March 2020 in Tech • Tagged with Tech, Linux

I just spent an hour troubleshooting the most ridiculous thing. I guess to help people search, I'd describe this as "dpkg failing at sa-compile in Debian 10" but that's really not a good picture of what's happening here...

Setting up sa-compile (3.4.2-1~deb9u3) ...
Running sa-compile (may take a long time)
/bin/sh: 1: x86_64-linux-gnu-gcc: Permission denied
make: *** [body_0.o] Error 126
command 'make PREFIX=/tmp/.spamassassin22062Ifq5yDtmp/ignored INSTALLSITEARCH=/var/lib/spamassassin/compiled/5.024/3.004002 >>/tmp/.spamassassin22062Ifq5yDtmp/log' failed: exit 2
dpkg: error processing package sa-compile (--configure …

Continue reading