MacLemon @MacLemon@chaos.social
SysAdmin
Mac/BSD/TLS/SSH/Tor
privacy, anonymity, data protection, security, podcast addict
Projects: PrivacyWeek.at BetterCrypto.org CryptoParty.at
- Languages
- DE, EN, a bit FR, learning HU
- Member of
- @c3wien, @bsdstammtisch
- Github
- https://github.com/MacLemon
That was 14 hours of work from a mess I'll spare you, to an empty 19", 42U rack…
Then adding two UPSes with an estimated 150kg of backup batteries.
Then adding all the other server and storage components.
More power! #SysAdminLife
Zur Abwechslung eine gute Nachricht aus #AT: http://orf.at/m/stories/2445025/2445024/ #nonbinary
Google Gsuite #SysAdminLife Show more
Yikes, over night my matrix #synapse jail blew up consuming all RAM, so I had to reboot the #FreeBSD host to regain control.
It was constrained in its own jail but caused all other jails to pretty much stop responding.
^C didn't work anymore, processes would hang instead of properly ending.
Now, after a reboot, everything but the synapse jail seems fine again. The synapse jail doesn't even start anymore. Must find out what is preventing it from starting. Imposed a 4GB limit now.
After (successfully) fighting Apache SOLR today… on to new challenges…
Munin or Icinga2?
W00t, ich hab im @CCCSbg einen @PrivacyWeek -Sticker gefunden 
#pw18
@Gargron Is there an official CI resource for the official Mastodon Logo in vektor format that is suitable for print? (Print as in ink on dead trees.)
Asking because we want to put it on our @PrivacyWeek Flyers. :-)
Designs die einem wissenschaftlichen Peer-Review unterzogen werden. Wie sich das halt so gehört. #PrivacyWeek
⚪️ Female️
🔘 "; DROP TABLE GENDER --
Eine neue Folge ist online: Wie im kalten Krieg, bloß schlimmer - mit Werner Reiter von @epicenter_works zu staatlicher Überwachung und einer Überwachungsgesamtrechnung
https://www.datenschutz-podcast.net/podcast/ds018-wie-im-kalten-krieg-bloss-schlimmer/
Naked escalators in Vienna's underground.
Feels good to hear the printer working. (I had shamefully neglected it for over a month now.)
Here's a little teaser update regarding project Build-Twang.
OH: Du bist der Issue-Proxy
And then your IRC client pokes your bouncer with connections until your firewall separates them.
IRC and me cannot become friends anymore.
Ich möchte festhalten, daß @luto gerade gesagt hat, daß er stolz auf mich ist, daß ich es geschafft habe, diese Software ganz alleine zu installieren und ich es auch nur 3 Mal geschafft habe sie dabei zu crashen.
(Es waren 5 Mal.)
OH: Input validation! Do you speak it?
Lools like I mostly solved the problem of serving a Wordpress site across two different domains and protocols.
Still requires some nginx tweaking, but it's looking quite good. Once that is sorted I need to check some performance optimizations so that secondary domain doesn't slow down the site unnecessarily.
Certainly needs some more testing.
I wish Let's Encrypt could be used to get a .onion domain as an x.509 subject alternative name in a certificate to enable HTTPS (TLS) over Tor.
But Tor is already End-2-end encrypted you say.
Well, that's true, but that doesn't enable HTTP/2 in Tor browser and many other additional security properties and performance enhancements which are only available when your scheme actually IS HTTPS.
Many .onion services would benefit significantly from using HTTP/2 which mandates use of HTTPS.
Iterestingly enough, tonight's cross-continent remote support session would have been absolutely impossible without IPv6.
And most ISPs here still have no intention to roll out IPv6 to customers.
I've invested significant amounts of time, effort, and even changed ISPs to finally get mostly native IPv6 access. It has paid off after all.
