Installing GRUB 2 manually with rescue-like techniques

Introduction It’s rarely necessary to make an issue of installing and maintaining the GRUB bootloader. However, for reasons explained in a separate post, I wanted to install GRUB 2.12 on an old distribution (Debian 8). So it required some acrobatics. That said, it doesn’t limit the possibility to install new kernels in the future etc. [...]

Migrating an OpenVZ container to KVM

Introduction My Debian 8-based web server had been running for several years as an OpenVZ container, when the web host told me that containers are phased out, and it’s time to move on to a KVM. This is an opportunity to upgrade to a newer distribution, most of you would say, but if a machine [...]

Blocking bots by their IP addresses, the DIY version

Introduction I had some really annoying bots on one of my websites. Of the sort that make a million requests (like really, a million) per month, identifying themselves as a browser. So IP blocking it is. I went for a minimalistic DIY approach. There are plenty of tools out there, but my experience with things [...]

Fetchmail and Google’s OAuth 2.0 enforcement

This post is about fetching mail. For sending emails through OAuth2-enabled SMTP servers, see this post. Introduction After a long time that Google’s smtp server occasionally refused to play ball with fetchmail, tons of Critical Alerts on “someone knowing my password” and requests to move away from “Less Secure Apps” (LSA) and other passive-aggressive behaviors, [...]

Run Firefox over X11 over SSH / VNC on a cheap virtual machine

To run over SSH: Not This is how to run a Firefox browser on a cheap VPS machine (e.g. a Google Cloud VM Instance) with an X-server connection. It’s actually not a good idea, because it’s extremely slow. The correct way is to set up a VNC server, because the X server connection exchanges information [...]

Using firejail to throttle network bandwidth for wget and such

Introduction Occasionally, I download / upload huge files, and it kills my internet connection for plain browsing. I don’t want to halt the download or suspend it, but merely calm it down a bit, temporarily, for doing other stuff. And then let it hog as much as it want again. There are many ways to [...]

When dovecot silently stops to deliver mails

After a few days being happy with not getting spam, I started to suspect that something is completely wrong with receiving mail. As I’m using fetchmail to get mail from my own server running dovecot v2.2.13, I’m used to getting notifications when fetchmail is unhappy. But there was no such. Checking up the server’s logs, [...]

A sledge hammer introduction to X.509 certificates

Introduction First and foremost: Crypto is not my expertise. This is a note to future self for the next time I’ll need to deal with similar topics. This post summarizes my understanding as I prepared worked on a timestamp server, and it shows the certificates used by it. For how to check a connection with [...]

Apache 2.4: RewriteRule with [NE] causing 500 Internal Server Error

This is the weirdest thing. With an Apache 2.4.10 on Linux Debian 8 (yes, old), and a relatively simple mod_rewrite rule in .htaccess going RewriteCond %{HTTP_HOST} !^www\. [NC] RewriteRule (.*)$1 [R=301,L,NE] This is really nothing special. Just pushing users to the www host name, if they were lazy typing it. This works almost perfectly, [...]

Systemd services as cronjobs: No process runs away

But why? Cronjobs typically consists of a single utility which we’re pretty confident about. Even if it takes quite some time to complete (updatedb, for example), there’s always a simple story, a single task to complete with a known beginning and end. If the task involves a shell script that calls a few utilities, that [...]