Previously I've been frustrated that the CSS in the Pelican Flex theme doesn't centre images. However, I'm only one user with one use-case, so I haven't raised a pull request.

Instead, I've finally gotten around to creating a quick-and-dirty sed string to fix the minified CSS file:

sed -i 's/}img{max-width:100%}/}img{max-width:100%;margin-left:auto;margin-right:auto;display:block}/' style.min.css

I also like my caption text to be italicised and centered, so I extended this a little:

sed -i 's/}img{max-width:100%}/}img{max-width …

Performing a major version upgrade is never pleasant. I've been using ProxmoxVE for about ten years now though, and it's consistently done a fantastic job. Since it's based on Debian, all the upgrades are done with a simple apt update && apt upgrade, with a variety of steps in the middle to point to new repositories, etc. Nothing out of the ordinary, nothing scary.

So I've got two servers - one is an old one, with only a couple testing VM's residing on it. I go ahead and work through the 5 …

Here's another quick one! I had a Roundcube instance, chugging along fine. Then one day it just stopped loading emails! Everything else was all fine - no problems with login etc, but trying to preview an email just game me a sadfaec. Chrome couldn't load the contents, and told me that the server had refused to connect.

Quick post tonight.

You can't rename a computer object in Active Directory Users and Computers. Even if you change the hostname, the domain object will still have the original distinguishedName from the old device.

However... you can do it in ADSIEdit! Just open ADSIEdit, navigate to the AD container that holds your misnamed object, right click on it, and Rename.

I've just done it with a couple test computers on a domain and both worked completely smoothly. I don't know if this would be safe if the renamed computer were …

A few days ago I spun up a Windows Dev VM to have a play with WireGuard for Windows.

I didn't really have a clear goal in mind when I started playing with this - part of it was in trying to create and launch a tunnel without using the GUI. Mostly I was just trying to learn more about a new implementation of a tool that I really like.

If you read my previous article, you'll recall that I started off trying to do this with just wireguard.exe. Here …

So, I mentioned in my post yesterday that I'm trying to get a bit of a quiet installer for WireGuard on Windows. Not that the current one is noisy, but I have a really simple use-case that I want to meet.

I spent some time seeing if I could just extract WireGuard.exe and run that. Nope, of course - it requires WinTun to be installed to facilitate the Layer 3 tunneling.

Next I played with the idea of just deploying WinTun directly, without installing the WireGuard package itself. I can …

Righto, I've been using WireGuard for quite a long time now, but I just had my first foray into WireGuard on Windows. I'm trying to roll it into a low-touch VPN deployment sort of thing.

There will be a post about that soon, but this particular post is about setting up the environment for me to play with this stuff... I need a system where I can take snapshots and roll back the drive to a known state. (So I can be sure I'm not missing anything that the installer …

Okay so a few days ago I posted about adopting Caddy.

Of course, anyone who hosts anything knows that accessible services on the internet will start getting hit by scanners within literal moments of being accessible. On the very first night of having my site live on the new VPS, Logwatch informed me of a bunch of attempts to access wp-admin.php. Sigh.

Well, this entire site is built with my favourite static site generator Pelican. That means I don't have any PHP on my site whatsoever. Why not just …

For the last couple of years I've been running this site, as well as my friend's site (Under The Umbrella) on Nginx. Recently my VPS host decided to do away with their cheapest tier, so instead of doubling my annual cost, I hopped onto https://www.lowendbox.com and found myself a replacement Cheaps McGee VPS to host this.

Well, a major change like that is a great time to learn about something new, so I took the opportunity to get started with Caddy. If you don't already know about …

After hosting a mail server for a few years, I've gotten tired of seeing alllll the 404 attempts in my daily logwatch. Fail2Ban can help here really well, and it turns out to be really easy.

Start with nano /etc/fail2ban/filter.d/nginx-4xx.conf (I'm counting on your running Debian and having things in default locations here), and enter the following:

[Definition]
failregex = ^<HOST>.*"(GET|POST).*" (404|444|403|400) .*$
ignoreregex =

Note: Make sure you use a capital 'D' in Definition there.

Now, edit your /etc/fail2ban/jail.conf …