Right, so a checklist is needed for a website theese days..

• DNS

• DNSSEC, which is close to being simple with a bind server

• HTTP

• HTTPS

• TLS Certificate from Let's Encrypt

A sucessfull validation gives me 5 files:

README
cert.pem
chain.pem
fullchain.pem
privkey.pem

The privkey.pem being …

So I've been struggling with getting TLS working right on my gitlab-pages, all the errors I got were some ~weird~ handshake errors.

140658708418368:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:769:

And querying with curl really didn't offer many clues as to what might be wrong …

So many components in a wordpress site that it's just scary, and I've had most of them kind of blow up from time to time.

First of all there's the mysql backend that doesn't really run on state of the art hardware, to say the least, sometimes it's just not …

So, I have the old post about fixing up my openindiana install.

I recently did an install of a hipster (bleeding edge..) openindiana and the post-install dance is a bit different there.

Quite simply, I do the following as root after install.

Add some publishers

pkg set-publisher -g https://pkg …

This might be the only trick I'll write down, perhaps it'll actually be a series of tiny things I find useable when working with git.

All of theese will probably assume some basic knowledge of how git actually works and possible also assume some level of experience. It will mostly …

So, found this hint after a quick search, http://serverfault.com/questions/488092/binary-zone-file-on-bind9 the binary zonefiles can for instance appear when doing slave transfer between master and a slave node.

If you then need to upgrade the slave node to master, converting the zonefile from raw to text is …

As thing are on the internet, having fast reliable access to a trustworthy dns resolver, both for looking up internal hosts and external hosts becomes increasingly more a thing that needs focus. Gone are the days where you could just trust anyone to tell you where things are, in other …

So, I have this openindiana, and I'd like it to have a network configuration. But something slightly more advanced than what's default. So during the installation, instead of selecting "Automatic" network, I'll say "none" and have a network-wise blank box start up.

So, for instance.

# ipadm show-if
IFNAME STATE CURRENT …

More often than not, I've got some kind of data in a postgresql database that is somehow described by timestamps.

Simple test table like this:

create table testdata (
   id serial,
   d numeric,
   ts timestamp without time zone default now()
);

Using bash I'll populate it a bit with not too unrealistic …

Sometimes you play with DNS, sometimes you want to see how much DNSSEC breaks your game..

I've seen both sides of that one, where I wasn't entirely sure that I'd actually got it up and running, because everything just worked, and the other one, where I was dead certain I …