Mar 312015
 

You know how internet surfing works. You read something, click on some links, and finally you don’t even know where you came from. Anyways. That made me try WildFly, the AS formerly known as JBoss AS.

And you know the drill. Download zipfile, unpack, goto bin folder and start. Browse to localhost/something.

Can’t find the console. Well shit.

Do you have an NVidia videocard in your system, and did you install all the drivers and stuff? You probably have NVidia Networks Service as one of you running processes. Kill it. Now restart WildFly and browse to the console.

You’re welcome.

Jan 032015
 

I never noticed that my index.php when browsing to the domain-root (so www.switchbl8.nl) did not work and gave an error 403.

It took some puzzling and because all other stuff worked I knew it must have been since the transition to fcgid (instead of mod_php). I recalled blogging about it, checked my configs for errors, and found one (no plus signs in the options section).

Now it works. It’s not a special page, but it annoyed me that it didn’t work.

Next puzzle.

Oct 242013
 

On Friday the 13th we had a power outage. Of course. It lasted an hour. After that my whole house came to life again, except….the TV-signal, my landphone and my internet. Correct, same provider. They had problems after the power got back on, and their problems lasted several hours.

I didn’t think I had any problems, everything in the house seemed to work. Except when I tried to get some files of my NAS disk for work. It died. Connected the disk to a Windows machine, my Linux server, tried repairing the disk with a controller of the same type of disk, but none of that worked. The disk was dead. It contained my photos, my music, my documents, all my downloads and some backups. Great. Because of money issues, the disk was not mirrored. And I found that my latest backup of my pictures was….from July 2011.

:-(

I bought 4 new disks.

DSC_0699

Two 3TB disks to be installed as RAID1 (mirrored disks) in my server, to be my main storage for pictures, documents and the like. And the NAS gets two brand new 1TB disks, also to be used in RAID1. To make things more expensive, I bought NAS-grade disks, which basically can stand being “on” 24/7.

The NAS disks are now installed and I am gradually restoring my pictures onto it.

The period the missing pictures span was certainly not the best period of my life. But there were some good moments I captured. Guess I have to make up for that in the years to come. Let’s charge the Canon, and start shooting.

Jul 242013
 

This blog is starting to get old :-) Next February this weblog will be 10! I think it started with pMachine, then b2Evolution, and after that several versions of WordPress. I know I used some ASP.NET software at first, when the server was still a Windows machine, but “.Text” was not stable enough (reboots made the weblog unavailable), so that’s when I started with PHP-based weblog software and finally ended up with the best one!

Recently I installed a broken-link checker plugin, and that resulted in quite a number of dead links. Some that were links to my own weblog. I “unlinked” most of the external links (so the link is removed), and I am trying to sort out my own links. I restored some pictures already, but disk crashes in the past resulted in some media referred to by the links to be gone. Should have made better backups. Mind the word “should”.

Feb 022013
 

Just changed the server’s Apache model from Prefork to Worker. Should be easier on the memory and the CPU, but after downloading/installing it (via aptitude) nothing worked anymore. PHP works different under the Worker model, so directories need an extra handler and options. No biggie, read this thread.

Jan 162013
 

Ubuntu 12.04 has the default firewall ufw enabled, but I rather use iptables. And everytime I reboot the system, I run a script to enable the firewall rules again. But I just found out I don’t need to, there’s a tool for that. Of course.


sudo apt-get install iptables-persistent

That asks you to save the current IPv4 and IPv6 rules and creates a service that is started at boot time so it reads the created files.

Voila.

Jul 212012
 

My mail is now running on the server again, not the Synology. The Synology does a good job, but the spamfilters are not what I like them to be. It marks mail as spam by adding “**SPAM**” to the subject line and listing how much spampoints the message got. Not what I want. I want an unaltered mailmessage in my spambox, or no message at all. I used to have that with Postfix/Postgrey/Amavis/Spamassassin.

 

I installed iRedMail, basically an installer layer over the standard Linux mailcomponents. Installing is done in about 2 minutes, switching of greylisting took me more time to figure out how…. Thanks people, for such a great product.

Jul 192012
 

To have some directories on my server protected by more than a simple username and password, I wanted to use SSL and client certificates. I could easily restrict the directories to my local network IP-addresses, but when I’m “outside” that would present a problem. Hence the solution with client certificates.

 

As I blogged earlier, I requested a real server certificate from the people at Xolphin. Nice people, low prices, fast service. But…..you cannot create/sign client certificates with such a certificate. You need the real certificate installed on the server, and you need to create a certificate that has been created/signed by you as a fake Certificate Authority. The Fake CA has to be known to Apache and to your browser. Next the client certificate (created/signed by the Fake CA) must be imported into your browser, and of course the directories you want to protect need to be in the SSL-configuration of Apache.

 

Now that I know how it works, it is simple, but most guides on the internet either follow the Fake CA principle (so you don’t need to buy a real certificate) or they only use a real certificate. Spending money to have your SSL-certificate-supplier do the job for you is another thing. But this works. And for € 10 (excluding VAT) per year I now have a real server certificate, and I can further protect my server with my own certificates.