Oct 242013
 

On Friday the 13th we had a power outage. Of course. It lasted an hour. After that my whole house came to life again, except….the TV-signal, my landphone and my internet. Correct, same provider. They had problems after the power got back on, and their problems lasted several hours.

I didn’t think I had any problems, everything in the house seemed to work. Except when I tried to get some files of my NAS disk for work. It died. Connected the disk to a Windows machine, my Linux server, tried repairing the disk with a controller of the same type of disk, but none of that worked. The disk was dead. It contained my photos, my music, my documents, all my downloads and some backups. Great. Because of money issues, the disk was not mirrored. And I found that my latest backup of my pictures was….from July 2011.

:-(

I bought 4 new disks.

DSC_0699

Two 3TB disks to be installed as RAID1 (mirrored disks) in my server, to be my main storage for pictures, documents and the like. And the NAS gets two brand new 1TB disks, also to be used in RAID1. To make things more expensive, I bought NAS-grade disks, which basically can stand being “on” 24/7.

The NAS disks are now installed and I am gradually restoring my pictures onto it.

The period the missing pictures span was certainly not the best period of my life. But there were some good moments I captured. Guess I have to make up for that in the years to come. Let’s charge the Canon, and start shooting.

Jul 242013
 

This blog is starting to get old :-) Next February this weblog will be 10! I think it started with pMachine, then b2Evolution, and after that several versions of WordPress. I know I used some ASP.NET software at first, when the server was still a Windows machine, but “.Text” was not stable enough (reboots made the weblog unavailable), so that’s when I started with PHP-based weblog software and finally ended up with the best one!

Recently I installed a broken-link checker plugin, and that resulted in quite a number of dead links. Some that were links to my own weblog. I “unlinked” most of the external links (so the link is removed), and I am trying to sort out my own links. I restored some pictures already, but disk crashes in the past resulted in some media referred to by the links to be gone. Should have made better backups. Mind the word “should”.

Feb 022013
 

Just changed the server’s Apache model from Prefork to Worker. Should be easier on the memory and the CPU, but after downloading/installing it (via aptitude) nothing worked anymore. PHP works different under the Worker model, so directories need an extra handler and options. No biggie, read this thread.

Jan 162013
 

Ubuntu 12.04 has the default firewall ufw enabled, but I rather use iptables. And everytime I reboot the system, I run a script to enable the firewall rules again. But I just found out I don’t need to, there’s a tool for that. Of course.


sudo apt-get install iptables-persistent

That asks you to save the current IPv4 and IPv6 rules and creates a service that is started at boot time so it reads the created files.

Voila.

Jul 212012
 

My mail is now running on the server again, not the Synology. The Synology does a good job, but the spamfilters are not what I like them to be. It marks mail as spam by adding “**SPAM**” to the subject line and listing how much spampoints the message got. Not what I want. I want an unaltered mailmessage in my spambox, or no message at all. I used to have that with Postfix/Postgrey/Amavis/Spamassassin.

 

I installed iRedMail, basically an installer layer over the standard Linux mailcomponents. Installing is done in about 2 minutes, switching of greylisting took me more time to figure out how…. Thanks people, for such a great product.

Jul 192012
 

To have some directories on my server protected by more than a simple username and password, I wanted to use SSL and client certificates. I could easily restrict the directories to my local network IP-addresses, but when I’m “outside” that would present a problem. Hence the solution with client certificates.

 

As I blogged earlier, I requested a real server certificate from the people at Xolphin. Nice people, low prices, fast service. But…..you cannot create/sign client certificates with such a certificate. You need the real certificate installed on the server, and you need to create a certificate that has been created/signed by you as a fake Certificate Authority. The Fake CA has to be known to Apache and to your browser. Next the client certificate (created/signed by the Fake CA) must be imported into your browser, and of course the directories you want to protect need to be in the SSL-configuration of Apache.

 

Now that I know how it works, it is simple, but most guides on the internet either follow the Fake CA principle (so you don’t need to buy a real certificate) or they only use a real certificate. Spending money to have your SSL-certificate-supplier do the job for you is another thing. But this works. And for € 10 (excluding VAT) per year I now have a real server certificate, and I can further protect my server with my own certificates.

Jul 092012
 

The Synology works great. Mailserver, WordPress and Gallery work as they should. But compared to the (outdated) server, this thing is SLOW. Uploading three pictures to the gallery takes about 15 minutes. Adding posts, or administering this weblog makes me wait for the pages to change. So, yeah, the Synology can run “normal” PHP applications, but its CPU and its very low memory make it inadequate to call it a server replacement. Which, of course, it isn’t in the first place.

 

I will be constructing a new server in time, one that can match the old one in speed (2x3GHz CPU/4GByte memory), but will be easier on the electricity bill. For now the choice is between an AMD A-series (FM1-socket) and the lower end Intel CPUs (i3 something). Any advice will be appreciated. The Intels seem to consume a considerable amount less power when idling, but they are twice the price of the AMD and have lousy graphics.