Archive for category Linux

Terraform import with AWS profiles other than default

I’ll come back and clean this up, but for now: Undocumented: It will use the default AWS profile – it will pull in your shared credientials, and use the default values if specified. As per code, use AWS_PROFILE=<name> terraform import aws_db_instance.default <id> to import using a AWS profile that isn’t default. ELB holds onto subnets […]

No Comments

Using Amazon S3 + CloudFront + Certificate Manager to get seamless static HTTPS support

TL;DR: This post documents the process I took to get S3 to return redirect requests over HTTP + HTTPS to a given domain. I’m trying to trim down the number of domains and subdomains that I host on my server, since I’m trying a new policy of moving servers every few months in an attempt […]

No Comments

Upgrading to Fedora 23 on OpenVZ

TL;DR: Run dnf –releasever 23 distro-sync instead of dnf system-upgrade on OpenVZ systems I run Fedora on my servers almost exclusively. This means I usually fall behind in upgrading to the latest release, leading me to wonder why I don’t just go with the latest version of CentOS. Then I have lovely cases where CentOS gets horribly […]

, ,

No Comments

Let’s not Encrypt on CentOS5

TL;DR – Let’s Encrypt requires a newer version of OpenSSL than CentOS 5 has installed. Unless you want to pass around with compiling OpenSSL yourself, don’t try it.

,

9 Comments

Let’s Encrypt ALL THE THINGS

Got my first domain using a cert from Let’s Encrypt in under ~10 minutes, including setting up Let’s Encrypt itself. Yes, this is rather game changing. Now to write ansible playbooks around it, and figure out how to get it working for proxied domains automatically.

,

No Comments

Building Nginx SRPMS

Companion to my earlier post, this actually has commands

,

No Comments

Path to building Nginx Mainline RPMs for Fedora & CentOS

Or: How I spent an afternoon doing a deep dive into the RPM spec and solving a problem for myself tl;dr – Nginx Mainline packages are being built for Fedora & CentOS at copr.fedoraproject.org/coprs/kyl191/nginx-mainline/ My webserver’s running nginx 1.4.7, a version that hasn’t gotten non-bugfix attention since March 2013, according to the changelog. Oddly enough […]

, ,

1 Comment

Ansible gotchas

Tasks do not like having the remote_user changed mid-playbook if you specify a SSH password Specifically, having an ‘ansible’ user created as the first task, then using that for everything in the rest of the playbook doesn’t work because ansible will always attempt to use the declared password for the newly created user, which promptly […]

No Comments

Booting from SD Card on a X230

The SD Card slot is unfortunately on the PCI bus, so it doesn’t show up as a bootable device. Solution: Have a /boot partition on an internal drive, point that at the SD card. Reclaimed ~900MB from Lenovo’s system restore partition to make a /boot partition. GRUB was added to the internal drive. As suggested […]

No Comments

Recovering a broken F18 installation

For some reason (possibly a broken F17 upgrade which moved /lib around?) there were a bunch of empty files in /lib. So F18 refused to boot, with error messages like “/lib/libsystemd.so:0 :File too short” I discovered yum doesn’t like chroots: Kept on getting a message regarding build_time_vars missing. (Spoiler: This was actually Python!) I also […]

, ,

No Comments