In my original deployment of Proxmox on my VPS I only enabled IPv4, and I was using socat to forward traffic from the IPv6 address of the host to the internal IPv4 addresses of the containers. Not ideal, since this masks the external IP addresses, and also creates some latency and additional CPU load when processing IPv6.
I run Proxmox Virtual Environment as my virtualisation platform. On top of this I use virtual machines using KVM and Linux Containers using LXC - both of which are natively supported on ProxmoxVE.
Code, and where to store it
It’s all about the Tunnels, baby!
Ground control to Mastodon… Ground control to Mastodon…
Where I (re?)discovered Proxmox for LXC hosting on a VPS
It’s always a DNS problem, even when it isn’t.
Where I am increasingly skeptical about using US-based providers, find a European VPS provider, test out some initial hosting architecture but decide against it, and other ramblings…
I frequently listen to Off The Hook, a hacker radio show which airs on WBAI in the greater New York region. As I’m in a different continent, listening live is not practical ;)
So a while ago (four months) I migrated from Hetzner to Jotta - it’s been smooth sailing until last month, when I got a bunch of errors thrown at me.
A friend of mine gave me a Dell Perc H310 HBA nearly half a year ago which was flashed to IT-mode, which basically removes all the fancy RAID functionality from the card and turns it into a dumb HBA, just showing all the disks to the operating system. A good guide to flashing Dell Perc cards can be found on https://fohdeesha.com/docs/perc.html.
A year ago I migrated from Backblaze B2 to Hetzner Storageboxes. That worked fine, but passing over the 5TB border made my offsite storage rather expensive (again). So another round of investigations was called upon.
How I Learned to Stop Worrying and Love the Rootless Container
I’ve been using nginx-proxy as a reverse proxy for my docker containers for a few years, where I manually generate and inject the necessary SSL certificates to make stuff work. The certificates were generated on my Opnsense box. A bit tedious, but manageable.
Upgrade to 4.2.0
Some additional powertweaks - courtesey of syrjala on Phoronix - for my Lenovo Thinkpad T14s Gen3 (AMD):
Connecting to Unifi equipment (Switch 8/AP AC Pro) from Fedora37 fails out of the box with a very useful error Bad server host key: Invalid key length. This is because the dropbear used on these devices is woefully out of date, and still requires the use of ssh-rsa (with SHA1), which has been deprecated by OpenSSH in 2021,
10 years ago I bought a Dell XPS13 L322x ultrabook as a replacement for my white Macbook 2,1. This week I replaced the Dell with something newer: a Lenovo Thinkpad T14s Gen3 (AMD).
For my offsite backup strategy I’m relying on rclone and restic. Rclone is being used to encrypt/copy backups taken by Proxmox Backup Server (which takes backups of the VM’s/Linux Containers running on Proxmox VE, deduplicates and compresses the data) to remote storage, while restic is used to do deduplication/encryption and copying of data stored on my NAS to remote storage.
I have an Asus ZenScreen MB16AC which uses Displaylink as its display technology. On usb-c you can just plug this in and it’ll work, but on my ancient laptop I only have usb-a ports. The display does come with an USB-A to USB-C convertor - so let’s try ;)
Mastodon comes with a default post size of 500 characters. This is not set in stone, and can be increased fairly easily (last tested on Mastodon 4.2.0):
For legal reasons Fedora 37 decided to build Mesa without support for H.246, H.256 and VC1 VA-API codecs. (discussion thread)
To get flatpak’s to honor your systems dark mode and not show you horrible white menubars, you can use this little snipplet:
I’ve been meaning to test out Mastodon again for a while. It’s is best described as a federated version of the blue bird platform (Twitter), while not being Twitter. No ads, no algorithms.
I finally (shame on me) cycled all my SSH keys to use passphrases. One thing I massively dislike is having to enter my passphrase when using them. ssh-agent to the rescue!
I live in Belgium, but I prefer english as my default locale. Using the en_US or en_GB locale brings problems of it’s own - not having the right system (metric) or wrong start of week day..
One of the devices in the house has a micro-HDMI connecter which is used from time to time with our TV. Unfortunately Linux (pulseaudio) doesn’t switch automatically to the right audio, keeping the sound playing through the laptop speakers, instead of sending the audio across the HDMI link.
I’ve been moving some docker containers back from the VM I put them back to Linux Containers (LXC) because of I/O performance and cpu consumption reasons (caused by that I/O).
One of the docker containers I’ve been using is the wonderful BackupPC for agentless backups. This thing works quite well, allowing me to backup laptops around the house without too much hassle. It’s a bit work to set it up properly, but it works and is fast.
The Proxmox box at my home is also being used as a NAS, with Samba and NFS doing the sharing. It had 4 WD Red 6TB PMR drives, in a raidz1 configuration, giving me a net capacity of 18TB (give or take a few).
In the original design of my Proxmox box I opted for running the docker containers straight on the host. For a lot of reasons, this is actually a Bad IdeaTM, and it’s been one of my goals to migrate these to a VM at some point.
I’ve noticed that quite a few of my VM workloads and NFS workloads are rather slow on my Proxmox box, due to the facts that it’s sitting on spinning rust (also known as hard disk drives) a lot of those are synchronous writes
I’m prepping a lot of stuff with cloud-init lately, and one step I always forget when installing my base OS is keeping the vg name clear of any hostname stuff.
About a month and a bit in me learning the piano, I’ve had to rethink my remote piano learning setup. The latency was at points really annnoying (sometimes nearly a second) - it’s confusing when you hit a key and only hear it when you’re hitting the next key. So, time to look for a lower-latency setup.
I’ve always wanted to learn the piano. Finally, in 2021, I’m following up on it :)
This post is more a reminder for myself than anything else ;)
Following up on my Exit Synology post, I’ve decided it’s time to move from a consumer grade NAS to something a bit more sturdy. I’ve also been running out of memory on the Synology NAS with all the things that I wanted to run on it… so time for something else.
I have/had a Synology DS916+ NAS. This is an Intel based NAS with 4 disk bays, running on Synology’s Disk Station Manager - a nice piece of software that offers an easy way to manage the device, and run additional software on top of it.
I used to use Synology VPN on my NAS (in OpenVPN mode) as an entrypoint into my local network when I’m away from home. This worked fine, up to a few weeks ago - at that point I kept getting AUTH FAILED errors, even though nothing had changed.
A simple trick to get Linux to switch between tuned profiles to optimize your battery life. The tuned profile is created using a tool called powertop2tuned, which (on Fedora) is part of the tuned-utils package.
I recently started using Plex, and since I’m also using Home Assistant, and Home Assistant can do stuff with Plex, I wanted to combine the two.
I recently reinstalled Fedora on my desktop machine, which has (amongst others) a ViewSonic Vx2025wm screen connected to it. It’s an oldie, but still works (quite well). Unfortunately, Linux just complained that it didn’t get a proper EDID out of it, and refused to activate it - might also explain why Windows doesn’t recognise it as a PnP monitor - I guess the chip fried somewhere along the ...
I recently found out that Windows has this nice feature where, after suspending your laptop, it’ll go to hibernate after a while to preserve battery. Seems like a really cool feature, saves your battery too, so I wanted it on my linux installation. I’m using Fedora 27 right now. To get it working, you’ll first need to verify that your suspend to ram and suspend to disk actually work. There are...
I’ve always liked the Ambilight technology Philips builds into some of their TV’s. I just don’t like the price that they ask for it… so I looked around if there was no way to build that yourself. There is, using a Raspberry Pi, some leds, and some bits and pieces ;)
I’ve been a user of Dropbox for ages, I’ve tried Owncloud, I’ve tried Box, and probably numerous others that I’ve forgotten about, but in the past year I’ve migrated over to Syncthing, and I haven’t looked back. Opensource software, well designed protocol, complete ownership of your data, I could go on… but this post by gbolo explains it perfectly!
I got a Yubikey 4 half a year ago (during Red Hat Summit 2016), but until now I didn’t do much with it. Time to change that ;)
I’ve been a longtime user of Crashplan, an easy-to-use cloud backup solution. It works well, and it used to work also on nearly any platform that had a java run-time and some add-on opensource libraries. I’ve used it for some time on my raspberry pi to automatically backup my data to the cloud. (Crashplan on ARM (the architecture of the raspberry pi) is an unsupported configuration though).
In my grand scheme of “abuse all the low-power computing things!”, I’ve moved my crashplan backups over to the Raspberry Pi 2 (rpi2 for short). Installation is relatively painless: download the installer from the crashplan site, and unpack and execute. I installed mine under /opt/crashplan.
The ASUS UX305UA is an ultrabook with the Skylake microarchitecture - the (as of writing) latest iteration in Intel processors. Unfortunately, Skylake support on Linux wasn’t really a granted thing the time the device got released. Fortunately it’s gotten a lot better of late.
I still had an old Mac Mini (model 2,1) - which I bought during a period of experimentation with different operating systems - connected to the TV, running Mac OS X Lion. Not Apple’s finest installment of OS X, truth be told.
I’ve recently acquired some TP-Link ‘Easy Smart’ managed switches - cheap, decently built (metal casing), and a lot of features above the usual unmanaged stuff:
Debian Wheezy has been released today.
If you’re living outside the US, and you’re using OpenWRT (a fantastic 3rdparty opensource firmware for many routers), you might have noticed that not all the WiFi channels which are legally allowed in your region are actually available for you to choose from.
As an addendum to my previous post on how to install Debian Sid on the XPS13, I’ve been having issues with suspend - the laptop would sporadicaly not go to sleep properly on lid close, or it wouldn’t come out of suspend afterwards.
I purchased a Dell XPS 13 Ultrabook, to replace my ageing Apple Macbook 2,1. After six years of daily use, it’s (over)due to retire.
Last year I installed Debían on my mother in law’s network (an Acer Ferrari One 200). The thing ran fine, but gave some “firmware bug?” warnings. Since no new BIOS’ were available at that time, I left it at that.
I recently got a Box account with 50 gB of online storage (see this thread on XDA on how to get one).
I wanted to get Adobe AIR to work on my 64-bit Debian Sid installation, to try out some other twitter clients, more specifically Saezuri. (On a side note: the offering of twitter clients on linux is … mediocre. Bad, even. The (imho) best one is Pino, but it has problems of it’s own).
This page documents my attempts (and successes!) to get Linux fully working on an Intel-based Apple MacBook, 2007 model.
Since I have a rather well-scaled desktop PC (nothing really fancy by today’s specs, but it’s underused as it is), and my gf sometimes wants to use it, and sometimes we both want to use it at the same time, I decided to turn it into a multiseat configuration.
I wanted to test some crap in VMWare, didn’t feel like messing with the entire server thing so went for the player. Unfortunately, this thing doesn’t work against the 2.6.32 kernel.
I recently purchased an Alcatel Onetouch X200 3G USB modem, to be able to use internet on various locations where there is no wired or wifi available. Works fine under Windows/Mac OS X, bit more of a hassle under Linux.
Since I’m a lazy git, I want my laptop to automatically switch back & forth between my wired and wireless interfaces. Seems that stuff like Network Manager can do that for you, but it’s not really my thing. I don’t like stuff where you need a GUI to configure it, a duplicaton of network configuration, and it also tends to hang my machine. No idea why, though. After an afternoon of fiddling...
I was bored recently, and decided to install Linux on my Macbook. I opted for the distribution I like best - Debian (unstable/Sid).
I just finished updating my machine to the latest Linux kernel, 2.6.28. All worked, except for VMWare Server (which was still at 1.0.8). Since 2.0 has been released, time for an upgrade!
At work we regularly have to send over files to $vendor. $Vendor has two ways of accepting files: FTP, and Webdav (over https). Since our company’s policy is to not send things out unencrypted, we have to go the webdav way. It’s also the policy to send things over our internetproxy if possible.
Sade linked me to this nice ebook by Neil Gaiman, Neverwhere. Unfortunately, you need Adobe Digital Editions for it, which only exists for Windows and Mac. Since she’s a Linux user, that one didn’t really fly with her.
Here’s a short how-to to get the iodine dns tunnel working on your Mac.
I was trying to get xrdp running on my Linux box, so I could takeover the screen from the outside world. The rdp protocol is a (huge) bit more performant than VNC, which is why I wanted to use it.
If you want to copy a bunch of files from one spot to another, but preserve links/permissions/ownership/…, it’s usually a big hassle.
Thanks to a post on Frank Goosens’ blog I discovered FunPidgin! A fork of Pidgin, a multi-messenger client formerly known as Gaim.
I’m currently trying to get Linux (Debian Sid) working on my MacBook… it’s installed, but still needs lots of tweaking.
If you’re using VMWare on a variable-speed processor (like all most modern cpu’s these days) you might have noticed that sometimes the guest OS runs a lot faster (causing the guest clock to run faster and all kinds of weird effects).
I just installed VMWare server on my gf’s linux-laptop, but the server console didn’t want to start for some reason… Just came back to the command line, nothing happening.
Ubuntu has these versions of it’s distribution they label LTS: Long Term Support. Now seems that if you use an LTS, and want to go to the next LTS… you’ll have the pleasure of either breaking your system, or reinstalling from scratch.
This script is a downloader for the entire archives of the 2600 radio shows Off The Hook and Off The Wall.
Here’s a simple howto on how to install an ARM crosscompiling environment on your Debian Unstable:
If you’re rolling your own kernels, and upgraded to 2.6.22, you might have bumped into a compilation issue:
I was trying to get GalleryRemote installed today on my Linux installation (because for obscure reasons, using the java applet in gallery directly crashes my browsers), which wouldn’t run. Attempting to run the installer gave obscure errors like: awk: error while loading shared libraries: libm.so.6: cannot open shared object file: No such file or directory dirname: error while loading shared li...
If you’re like me, and have Fink installed on your Mac and compiling away all those wonderful unix applications, and you have a desktop nearby running linux (with more processor power being unused), you’ll want to setup distcc so you can harnass all that power.
I guess you all know about Spam Assassin. It’s a wonderful tool that allows you to filter out tons of spam easily.
Now we have a very simple way for the Windows-people to turn to linux: A windows installer to install Debian ;)
I recently started using the wonderful textbased IRC client called Irssi. It’s console based, scriptable in Perl, fast, low memory footprint.. really nice for the average geek ;p
This page documents my attempts (and successes!) to get Linux fully working on a Dell D610 laptop.
This page documents my attempts (and successes!) to get Linux fully working on an Acer Travelmate 800 series laptop.
ATV Sync is a simple script that allows you to easily synchronise the premade ATV PalmOS databases to your PalmOS-powered handheld.
This is a collection of scripts that allow you to download complete archives of web-published comics.
teleMon is a script that you can use to monitor transfer rates. Originally it was written to keep track of the usage on the Telenet ISP Network, but now phptelemeter can be used for that.
This script allows you to download POP3 mailboxes over an HTTP interface. I wrote it to allow me to get my mail through the company’s http proxy server.