Move along, little web site

So, I decided that I did not like the performance of the site where I was hosting it, so I went over to Digital Ocean (referral link).

The process was pretty easy.  I used the native tools to back up the old site, then after using the ‘one-click install’ process over at DO, I used the import function to import the backup.  As an added bonus, the pictures and everything imported as well.   After a few checks, I updated DNS, and bam! Running on new host with better performance.  Easy-peasy.

Also, I have turned off any integration with Facebook as I feel that they have not been good stewards of the data they collect.

On Smartphones and Two-Factor Auth

So, my trusty Nexus 5X gave up the ghost suddenly on me.  Given that it is an Android device, I was not worried about losing things like my contacts and photos, or even my apps as Google does a pretty decent job backing those things up.

However, there was one application I use which does not get its data backed up. FreeOTP which is a One-Time-Password application for Two Factor Auth.  This allows me to have another layer of protection on web sites past my password.

Most sites which have this option will allow you to either have a list of one-time use codes to get in to reset in case something happens to your phone (like me), or will let you set it up on multiple devices, like your phone and your tablet.

Then, there are those that do niether.  And those are a pain to recover from. 🙂

Always get the list of codes (if avalible) and store then somewhere that you can access if your phone ever dies or gets lost.  And, try to set up a second device if you can.

Quick nmcli notes

This is a quick post so I can remember these details.

So, on the R810, I am currently running ArchLinux, which uses by default NetworkManager, which I have a love/hate relationship with. At my last job, I recommended removing it from our servers, as under RHEL6, it does very odd things to the network and is hard to manage. I have heard that it is better under RHEL7. But, it does let you do some really cool things. On the R810, there is a cellular modem, and on previous installes, I have had it configured and scripted using nmcli to easily bring up and down the cellular connections.

The problem I am facing now is that my current DHCP server for the house does not let me provide two MAC Address for a single IP, so when I dock the R810, it gets a different IP address than when it is on WiFi. Very annoying. Also, for some reason, it would prefer to use WiFi when the ethernet connection was present, thus giving me a slower connection.

The documentation I found was a bit light in examples and/or dated (I am running version 1.6.2 of NetworkManager, and the examples were from 1.2.x or 1.4.x, which did not work). So, with a bit of expermenting, I finally got it fixed to:

  • Chose the ethernet connection over the Wifi when both are present
  • ‘Clone’ the MAC address of the Wifi NIC to the ethernet NIC

Here are the commands. local is what I called the local ethernet connection, and home-wifi is what I call the house Wifi Network.

  • To set the MAC adress:

nmcli connection modify local ethernet.cloned-mac-address aa:bb:cc:dd:ee:ff

  • To set the connection priorities:

nmcli connection modify local connection.autoconnect-priority 999
nmcli connection modify home-wifi connection.autoconnect-priority 999

TLS everywhere

So, I decided it was time to go TLS (aka https) with all my websites. This is something I have wanted to do for a while, but I held off due to the way I had to get my laptop on the wireless at the previous job. Now that I have left, there was no need for that, so away I go!

On the job front, this was an odd week to start with almost everybody on my new team being out due to the holiday. I finally got my accounts all settled today, and spent the day doing that every populare on-boarding trainnig which while is a drag, is very much needed.

With the holiday tomorrow, and a vacation day Friday, I get to have a nice long weekend with the family. This will be nice.

In other news, I got the latest version of TrueOS on my Acer C720. So far, everything I have tried works accept for the touchpad, but I have not spent any time looking into it. Once I get that working, and play with it a bit more, I think I will convert my Lenovo ThinkPad X260.

Random Mid-Summer Updates

Wow…summer is almost over. Three more weeks until school starts again.

Need to spend more time putting pictures up from some of the trips we have done. I think there is time to squeeze another visit to the beach before school starts up, but we will see.

One of the projects I have worked on is taking over web hosting for an organization I volunteer with. The old hosting was with a former member at his hosting company, but he is retiring as of the end of July, so I stepped up to host it. Some of the code used has not been updated in a while, and one of my first projects on it will be to wrap it into a more modern frame-work so other people can help support the site.

In other random news (hence the title), FreeBSD has released on schedule FreeBSD 11.0B3. I heard in passing on BSDNow that this release might work on the ThinkPad x260. If you remember from my last post, that I was in the market for a replacement machine. Well, I found a really good deal on an new-in-the-box x260, and picked it up for around 1/4 the retail. The only thing it is now missing is a back-light on the keyboard, but I am okay with it for now. Battery life under Linux has been awesome without any tuning. I can easily get 10+ hours in my testing, and I have not run the batteries dead yet. The only two issues with FreeBSD on the x260 that I know about is the lack of suspend/resume (general issue with Skylake), and the fact the Intel 8260 wireless card is not yet supported, but it seems like someone is working on that!

At some point in the near future, I will have to reconsider the mail situation. Do I really need to roll my own, or can I use a third-party?

Time to call it a night. Catch you next month!

Do I Stay, Or Do I Go?

No, this is not about my job.

This is about my web sites, email, and my digital life.  For years, I have had my domain (duckland.org) and my email address there (duck), and I am not going to give those up.  I have collected a few others domains over the years, and the family has started asking for their own as well.  

Now, if you know me at all, you know that for most of my professional career, I have been in Unix operations, specifically Linux.  It is what I do.  But, I am wondering if it is time for me to ‘outsource’ one of the more difficult parts of keeping my own domain: email.  Recently, I have gone back to not hosting my email due to various reasons, and went back to GMail.  In the years since I left it, it has gotten much better UI for someone who likes keyboards over mice, and the Android clients are very nice.  Plus, the addition of Google Now in the Chrome browser has been very handy. 

Add to the fact I still cannot find a good calendar solution which I can host which will work seamlessly across my computers (home and work), tablets, and cell phones, as well as let the family share besides Google, and it makes GMail very attractive.

But, on the other side, Google makes their money on ads, and they make no secret that they analyze your email (GMail), your appointments (Google Calendar), and your web browsing (Google Chrome) to try to market to you better.  I am still undecided if I want to keep swimming up-stream or just give in and use the Google services, because they will be better than anything I can set up on my own.

*sigh*

However, I have finally made another change to the blogging solution, and I should be able to start writing more.  I do have some ideas in a back log to talk about. 

Quick Ansible Tip

This is a quick post to capture something seen. Ansible is a configuration management tool that I have been learning recently. More details in a future post. This is just to capture this idea:

From: Smith, Chris (Big Data)

To: ansible

Ansible Galaxy is a centralised Github repository of public Ansible content, see: https://galaxy.ansible.com/ It uses a local routine that is installed when you install Ansible, called ‘ansible-galaxy’, to create a blank template for your Ansible content. What is not well known is you can run ‘ansible-galaxy’ in offline mode to create a blank template using the command:

# ansible-galaxy init –offline my-role

Enjoy,

Chris

More on this as I get some more back-ends stuff taken care of, like setting up a git repo and maybe auto-deploy from git push?

FreeBSD Challenge II, End Report

And, again, I hit something which is causing massive disk performance issues. That, and suspend/resume does not work on either laptop.

I would try to debug the issues, but that means learning a whole new set of tools, and I will not have time for a while. Next week, I am in week long meetings which will run late every day, and then I have to finish writing and present a training class the last week of the month. The hour or two I can spare will be far better spent for me by backup, re-installing ArchLinux than by starting to learn the tools. Yes, a bit of a cop-out, but I need the machines to do what I need to do. I will keep the servers FreeBSD, however, as it works great there.

I will revisit the issue of FreeBSD on the laptops when I either get new kit, or support for my models gets better.