This space left intentionaly blank! — Scroll down for more
No posts of activity in July as busy moving house and the server was in boxes. I have now built my new Home Office and set the server up in the corner while I decide how best to kit out and layout the office.
Looks like FreeBSD have been busy and there are new updates to install and a new SSL cert to apply asap before the server is safe on the web, so that is what I am currently doing.
so that means another forced updated of everything built with PERL. Not sure why /usr/ports/UPDATING keeps pointing us back to 2023 when they could just post the postmaster commands to update from the last default version to new default version… heyho.
portmaster -o lang/perl5.40 lang/perl5.36
portmaster -f `pkg shlib -qR libperl.so.5.36`
Less than a month until I move home. So expect some disruption to the site and even more erratic postings. Probably a new broadband provider, probably a new physical server as I will need to rationalise the number of physical boxes that will get moved. Four laptops have finally been retired as can’t handle Windows 11. Kept a couple back as Linux/FreeBSD test-beds, but otherwise it’s a good time for clear out for things I won’t use again.
Often get asked which Cyber Security courses are worth doing. Well there is an absolute plethora of different courses available to suit relevant backgrounds. A colleague found this and it look pretty useful
Amazon are adding new powers existing Alexas over the coming weeks and months.
More details here
Question is how much privacy will be sacrificed for the enhanced functionality. Scant detail on the original product launch blog.
I don’t know if Apple, and Google upped the ante, or I had not noticed before, or the SSL tools on the server had not kept updated, but I started getting warnings that my site was not secure. Letsencrypt has done a pretty good job for the last 5 years so I was confused as to why suddenly now , the browsers no longer liked up. Even harder now that MS Edge do not let you easily view the full cert.
A quick test at SSLlabs confirmed that the SSL for farcorfe.org.uk was all ok, but the sub-domain of www.farcorfe.org,uk was the actual issue. The SSL cert had not been validated for the www redirect.
Some quick Googling found this page – https://stackoverflow.com/questions/41097696/letsencrypt-certificate-for-www-and-non-www-domain with the required Certbot commands to add the www to the cert and a restart of Apache got the issue fixed.
Inherited a second hand PC that was too good in terms of size and much quieter than current server, so currently in the process of installing another copy of FreeBSD ready to migrate content across.
Hardest task so far is getting to the original drive bay to remove the existing HDD so I can properly mount the new SSD in its place, rather than just floating in the case.
Expect to see Farcorfe up and down over the new few weeks as I continue its migration.
The time had finally come to retire my Win10 workhorse. A Dell 4 core Tower PC that had originally come installed with MS Vista, then upgraded thru Win 7 and then finally Win10. Sporting 2 Optical drives, when back in the day , cloning CD’s where the rage, and then upgraded with a DVD Writer for backups was still possible to a single disc before our iCloud and OneDrives exploded with photographs or huge downloadable only games.
The graphics card had been updated several times to keep pace with games, but became less regular as I had less time for gaming and the memory maxed out at 4Gb, the max allowable for the motherboard.
I had tried several times to P2V the OS so I could dispense with the Tower, the full metal construction meant it was deadweight to move around to connect up to the TV, Ethernet and mice/keyboard ever time I needed to access some older programs to achieve a task. In my desire to be modern, I had used Disk2VHD several times to create a VHDX file, only for HyperV on my new Win11 workhorse to cry foul and refused to run.
A quick rummage of some old PC Pro back issues on the P2V process and sticking with the older plain VHD format brought forth a bootable image and then I was finally able to strip the heavy iron beast of its SSDs, Memory, Graphic Card, Multimedia Card adapter and Optical drives for potential reuse (More likely to sit in a box for another 10 years before I accept I won’t ever use them again)
I now have a usable Win10 image of the older apps and utilities I still occasionally need and one less physical device sitting around.
Just to add to the melee of updates, while the P2V process was happening I decided to resurrect an old Netgear Managed switch to permanently cable up some of the PCs kicking around, so I did not have to keep moving my trailing ethernet cable around. Seemed a good idea at the time, but they had been previously used and fixed on a different subnet and needed a laptop on the same IP range as them to re-configure. My DHCP server hands outs 192.168.1.x ids, they had been configured for 192.168.0.x. so I needed to set a manual configuration so the laptop could see both the Switch and the Gateway so it could manage updating the switch.
The Win10 IP manual configuration process was a royal PITA as instead of a usual subnet mask it just wanted the subnet mask value. eg. 16 oppose to 255.255.254.0 but was not very clear, just kept throwing errors messages to check the IP addresses submitted. Once the current subnet value had been submitted it all worked hunky-dory and I was also able to update the device Ip, name and firmware so its is now recognised on the home lan properly.
I was very wary about the jump to 14 due to the change in Openssl from 1.1 to 3.0 and the pain that might entail. Also the deprecation of portsnap and getting used to Git was just something I did not have time for.
As I have created a new mirror site , see earlier post, I finally decided to bite the bullet over the festive break and did the freebsd-update upgrade option to 14.2, skipping out 14.0 and 14.1 in the process.
I was a little daunted and it failed to automatically upgrade everything to openssl 3.0 and although built the kernel and rebooted nicely, user land was still doggedly sticking to 1.1. I tried tinkering with make.conf in /etc with various default entries for openssl , but in the end removing the ssl version and just ssl=openssl and then making the usr/ports/openssl allowed 3.0 to install side by side with 1.1 thereby not breaking SSH or anything else until I was able to rebuild all of user land port by port. I was then able to complete freebsd-update install and now have another stable freebsd server for testing and training purposes.
Now I only need to fire this box up when I need Samba to move files around the network or download stuff off YouTube or run a Clamav as a 2nd pass for AV scanning and when I have time to dabble some more with FreeBSD.
After 7 years faithful service, its about time to retire the 2nd incarnation of my home based server. This one has gone thru about 7 different FreeBSD builds and despite various fun and games regarding loss of disk space, which turned out to be the large ZFS snapshots taken every time FreeBSD had a major upgrade its performed tirelessly.
I will keep the M58 on as backup, but no longer needed to keep my feet warm running under my desk 24/7 and reduce my household electric bill a little.
Its also time to start house-hunting again after 3 happy years in the flat, but its time to move on, so also not needing to find a cubby hole in a new house with Cat6 , power and ventilation is also one less worry. Its probably means I won’t have as much to post about as keeping the server regularly patched and upgrade has been how I have self taught myself most of my Unix/Linux experience, but does mean I don’t need to worry if an upgrade fails and work late into the night to rebuild it any more.
A mirror site is now up at https://www.hollybob.co.uk/