Archive for category Linux
Terraform import with AWS profiles other than default
Posted by Kyle Lexmond in Linux, Sysadmin on August 4, 2016
I’ll come back and clean this up, but for now: Undocumented: It will use the default AWS profile – it will pull in your shared credientials, and use the default values if specified. As per code, use AWS_PROFILE=<name> terraform import aws_db_instance.default <id> to import using a AWS profile that isn’t default. ELB holds onto subnets […]
Using Amazon S3 + CloudFront + Certificate Manager to get seamless static HTTPS support
Posted by Kyle Lexmond in Linux on April 3, 2016
TL;DR: This post documents the process I took to get S3 to return redirect requests over HTTP + HTTPS to a given domain. I’m trying to trim down the number of domains and subdomains that I host on my server, since I’m trying a new policy of moving servers every few months in an attempt […]
Upgrading to Fedora 23 on OpenVZ
Posted by Kyle Lexmond in Linux, Sysadmin on December 11, 2015
TL;DR: Run dnf –releasever 23 distro-sync instead of dnf system-upgrade on OpenVZ systems I run Fedora on my servers almost exclusively. This means I usually fall behind in upgrading to the latest release, leading me to wonder why I don’t just go with the latest version of CentOS. Then I have lovely cases where CentOS gets horribly […]
Let’s not Encrypt on CentOS5
Posted by Kyle Lexmond in Linux, Sysadmin on December 11, 2015
TL;DR – Let’s Encrypt requires a newer version of OpenSSL than CentOS 5 has installed. Unless you want to pass around with compiling OpenSSL yourself, don’t try it.
Let’s Encrypt ALL THE THINGS
Posted by Kyle Lexmond in Linux, Sysadmin on December 7, 2015
Got my first domain using a cert from Let’s Encrypt in under ~10 minutes, including setting up Let’s Encrypt itself. Yes, this is rather game changing. Now to write ansible playbooks around it, and figure out how to get it working for proxied domains automatically.
Building Nginx SRPMS
Posted by Kyle Lexmond in Linux, Sysadmin on February 16, 2015
Companion to my earlier post, this actually has commands
Path to building Nginx Mainline RPMs for Fedora & CentOS
Posted by Kyle Lexmond in Linux, Programming, Sysadmin on February 13, 2015
Or: How I spent an afternoon doing a deep dive into the RPM spec and solving a problem for myself tl;dr – Nginx Mainline packages are being built for Fedora & CentOS at copr.fedoraproject.org/coprs/kyl191/nginx-mainline/ My webserver’s running nginx 1.4.7, a version that hasn’t gotten non-bugfix attention since March 2013, according to the changelog. Oddly enough […]
Ansible gotchas
Posted by Kyle Lexmond in Linux, Sysadmin on January 18, 2015
Tasks do not like having the remote_user changed mid-playbook if you specify a SSH password Specifically, having an ‘ansible’ user created as the first task, then using that for everything in the rest of the playbook doesn’t work because ansible will always attempt to use the declared password for the newly created user, which promptly […]
Booting from SD Card on a X230
Posted by Kyle Lexmond in Linux, Sysadmin on October 4, 2014
The SD Card slot is unfortunately on the PCI bus, so it doesn’t show up as a bootable device. Solution: Have a /boot partition on an internal drive, point that at the SD card. Reclaimed ~900MB from Lenovo’s system restore partition to make a /boot partition. GRUB was added to the internal drive. As suggested […]
Recovering a broken F18 installation
Posted by Kyle Lexmond in Linux, Sysadmin on September 6, 2013
For some reason (possibly a broken F17 upgrade which moved /lib around?) there were a bunch of empty files in /lib. So F18 refused to boot, with error messages like “/lib/libsystemd.so:0 :File too short” I discovered yum doesn’t like chroots: Kept on getting a message regarding build_time_vars missing. (Spoiler: This was actually Python!) I also […]