Archive for 2013

Joining disparate hosts into a VPN with gvpe

The GNU Virtual Private Ethernet software allows you to join multiple distinct hosts into a small private network, via a static set of public/private keys. It is ideally suited to joining a small number of hosts in a secure fashion.

Debian issues a new point-release 7.2

Today the Debian project is pleased to release a new update to the current Stable release of Debian, version 7.2. This is a point-release to Wheezy.

Have you any experience with MariaDB?

Recently there have been many alternatives presented to MySQL, with MariaDB looking like a great alternative due to its drop-in nature, and increased performance.

Look before you leap into Disk Encryption

Thinking Disk Encryption give you more peace of mind? Then think again. It's well known that "fail to plan" means "plan to fail". But when comes to Disk Encryption I did not see any reasonable planning on disk failure, even though I've googled extensively.

Debian 7.0, "Wheezy" released

After many months of constant development, the Debian project is proud to present its new stable version 7.0 (code named "Wheezy").

A brief introduction to the beanstalkd queue

There are many times when having access to a queue is useful when you're developing projects and code. These days there are several available queueing daemons available, and here we're going to look at one of them, beanstalkd.

Writing a simple indexer and searcher with Lucy::Simple

This site was previously hosted upon a single machine, and was recently moved to a cluster instead. This broke the search interface which had to be reworked and this article describes how the new site-search was implemented.

The next release of Debian GNU/Linux is due soon ..

According to the most recent update from the project we should be seeing the next stable release of Debian GNU/Linux in early May.

So, your cronjob did not run?

Recently I was hit be a problem which was ultimately caused by a failure to run a cron-job. Here I'm going to document the three most common means for failure that I know about, in the hopes of avoiding them in the future.

Install PHP5 Taint in Debian Squeeze

This article describes the setting up of PECL Taint module for PHP5 in Debian Squeeze.

Restricting SSH logins to particular IP addresses

Many people use SSH keys for password-less logins, and the increase in security that keys provide over (traditionally weaker) passwords. But few people seem to realize that you can also restrict logins to known-good IP addresses, via that same mechanism.

Sending email on submission of some syslog-ng events

Several years ago, I implemented a centralized syslog-ng server for our Linux servers, switches, routers and firewalls. It worked very well, but I ran into situations where I would not be in front of my laptop but I wanted to be notified of something coming through.

Redeploying Debian-Administration.org ...

For the past nine years this site has been hosted upon a single dedicated server, graciously donated by my employer Bytemark. Over time it has been upgraded, but despite that it has become apparent that a single-server wasn't sufficient, unless it was a huge server - so with that in mind I've recently redeployed this site in a mini-cluster.

Building a simple dashboard with redis and the node.js server.

Recently we introduced redis, and the built-in data-types it has. Taking that introduction a step-further we're going to present a simple "dashboard" written using a combination of Redis and node.js.

A brief introduction to the redis data-store

Redis is one of the new breed of NO-SQL storage systems, which was directly inspired by memcached. Redis allows you to store and retrieve data at blazing speed and unlike memcached it has built-in support for many primitives such as sets, lists, and hashes. Read on to learn more.

Wrapping HTTP servers with SSL

There are many times when you wish to add SSL around an existing HTTP-server, if you were running Apache you'd do that directly. But if you're running a node.js application, a Varnish cache, or other software you might be out of luck. Happily wrapping SSL around a HTTP-server is simple with pound.

running a desktop with vnc over openvpn

I'm going to describe how you can display and control your primary desktop remotely from a secondary so that it everything works really well. To do that, we are going to bolt together several commonly used linux components. Along the way I'll pass on some personal drivel about my own experience in doing this. The idea behind this being that you get a feel of how things hang together.

Past Years