Cricalix.Net

Tag: linux

  • MiniPlex and Linux – the socat edition

    MiniPlex and Linux – the socat edition

    Getting the Windows executable for the MiniPlex configuration program working was pretty neat. What would be neater is being able to perhaps write a Linux-native (or platform-agnostic) program that can at least display the configuration and stream the activity. Perhaps even update the configuration, though new versions of the firmware would result in new features…

  • Doubling up on 2FA

    Doubling up on 2FA

    I haven’t used passwords to log in to my server for years; I’ve been using key-based authentication. This works pretty well, and I can even use 1Password’s integration as an SSH agent to hold the keys so that wherever I go, the keys are available to me. As a “learn how to do it”, I’ve…

  • LXD, dnsmasq, IPv6 reverse lookups

    LXD, dnsmasq, IPv6 reverse lookups

    My residential ISP doesn’t offer reverse lookups for their IPv6 blocks that they delegate out with the PD flag to consumer routers. This causes some annoying slow-downs when talking to the various services I’m running in LXD containers, since a lot of them do reverse DNS lookups. Under the hood, LXD relies on dnsmasq to…

  • Running emoncms in a Linux container

    Running emoncms in a Linux container

    When I was renovating the house I currently live in, I picked up an EmonTx v3 and some clip-on current sensors from OpenEnergyMonitor.org so that I could monitor the house power consumption more accurately than just getting a bill every 2 months from my energy supplier (even with a smart meter installed, they only provide…

  • Rebuilding Cricalix.Net – Part 4

    Rebuilding Cricalix.Net – Part 4

    While on holiday, I read a forum post that mentioned a “new” web server called Caddy. I took a look at it, and was intrigued by the integrated TLS certificate renewal using Let’s Encrypt. With NGINX or Apache, I have to run Certbot or similar to maintain the certificates, and I have to deal with…

  • Rebuilding Cricalix.Net โ€“ Part 3

    Rebuilding Cricalix.Net – Part 3

    Stumbling blocks and annoyances NGINX and certbot’s default permissions EFF’s certbot writes certificates to /etc/letsencrypt/live/<certificate hostname>/<files>.pem, and sets the permissions to only allow root to read the files. This makes sense from the perspective of a system where processes that need certificates will probably spawn as root, read the certificates to memory, and then spawn…