Entry #010: 2021-04-14
New project: gentoo on encrypted zfs with systemd and musl. Doing the install in a vm to test. ZFS is only supported up to a 5.9 kernel so I pulled the older sources and masked. Need to build the kernel before installing zfs, then I will boot into it and install zfs, rebuild the kernel with zfs support, create zpool and move over root. If that works, will repartition and encrypt it. systemd is stable on gentoo currently so I don't anticipate that being an issue, except it may not work with musl. I had issues with xorg on musl before (and cron with systemd), so hopefully that has been resolved. If I can get everything working with glibc, I'll snapshot and rebuild the system with musl.
Entry #010: 2021-01-09
Today I verified my domain with google postmaster to hopefully minimize the chances of being flagged as spam. Set up a sandbox jail for various things that I (and others) can run tests in. It is running shellinabox (perhaps foolishly). I have been using anyterm locally with gnu screen to keep track of things in a browser tab. Unfortunately it segfauls on freebsd with the current build and I was unable to build it correctly from source (ports apparently has this issue as well). Might take a look at trying to fix the port.
Entry #009: 2021-01-07
Ended up getting roundcube to connect to the database last night. Had to stop using a plain password and use a mysql password for the user for auth to work. Also allowed port between jails so I can reverse proxy for ssl. Today I configured to work with imap/smtp server (needed to add an entry in hosts so the sender domain was correct matching reverse dns). Set up dkim and am waiting for dns to propogate an entry without a typo I had last time.. In the mean time gmail has started marking my emails as spam again (from roundcube). The ones I sent earlier from alpine were not classified as spam. I have valid spf, dkim, and dmarc, and am maxing out scores on mail testers.
Issue was I had smtpd_use_tls=yes rather than smtp_use_tls=yes. Now emails are properly encrypted and gmail doesn't reject. Hotmail still rejects completely for whatever reason. Need to look into that.
Entry #008: 2021-01-06
Okay, I can send and receive emails now from r7st.guru. Had forgotten that the to permit relay 192.168.0.8 (IP of jail) rather than just 127.0.0.1. Then set up reverse dns, and spf so that it's not considered spam. Using alpine works great still, so no issues there. Hopefully I can get roundcube working for webmail. Also my sent emails are not being encrypted for some reason, going to have to double check conf, plus postfix is warning about some legacy option I have set. After that.. spamassassin!
Entry #007: 2021-01-04
I was able to get receiving mail working for the mailserver. Found a nice tls checker to tell me at what point the emails were failing. I am still unable to send mail (to my gmail) with relay access denied. Roundcube is still complaining about the database but I'll use alpine for now until sending AND receiving works.
Entry #006: 2021-01-03
Got local telnet working from within the mail jail through a new pf rule (thanks #freebsd irc!). Still having issues with the db for roundcube though, and in general with my postfix conf. Tried out veracrypt (on my opensuse laptop) as I plan to start using it for external drives. luks/geli will not be appropriate for externals when using freebsd and linux together. Had to add the security repo for tumbleweed to install veracrypt and it works fine. Haven't tested it from freebsd yet (currently only running that on a vps).
Entry #005: 2021-01-02
Worked on a mailserver conf today. gmail is not authenticating properly, so emails from it are being rejected. I can at least see that they are coming in though. Sending I'm not sure what's going on yet. Plan on using roundcube for webmail and forwarding my gmail to it. Still have some more reading to do about mailservers. I also watched a presentation on thick vs thin jails. All of mine so far are thick jails and do not share base with anything else. Have never used ezjail before, just manual setup and conf in /etc/jail.conf.
Entry #004: 2021-01-01
Set up a Linux jail (devuan) on this freebsd vps. Had to do a little fiddling to get apt to work properly. Otherwise had no issues. Compiled The Mana World on it, moved the data from the linux box at home, and set up a webserver in it to host updates for tmw athena. Everything seems to work fine. Surprised it's not overworked but even with 1cpu and 2G mem it seems to be holding up so far, even with all that is running. Didn't get around to doing the fileserver stuff yet. Probably tomorrow. The s3 bucket works fine though. Moving the mana world and having a Linux jail mostly frees up a machine I have at home that isn't really doing anything else. Leap?
Entry #003: 2021-01-01
Set up a vnc jail a while ago. Using an ssh tunnel and tigervnc, but I heard that tigervnc can handle encryption on it's own? Haven't looked into it yet. Can start the vnc server as a regular user by just using @reboot in the user crontab for when the jail starts up. Not sure if that's the cleanest way, but it's how I'm starting tomenet-server and freeciv-server in the games jail. Problem with that is they are just killed on shutdown. tomenet actually segfaults on that but it doesn't seem to cause problems. I also set up a "build" jail for compiling and running tests. Maybe not the best use of jails, but I don't see much of a disadvantage and it keeps the host system cleaner.
Entry #002: 2021-01-01
Plan on setting up a new fileserver today. I have one running filestash at home but don't use it enough to be worthwhile. Seems like a great time to test out opensuse leap, though I'm not confident yet with btrfs - haven't decided on using it or just lvm+ext4 again. I will connect to drop files over sshfs onto an nfs share mounted on my vps. A dir from the share will be synced from vps to an s3 bucket for off-site storage of important things. Going with Linux over FreeBSD as most of my drives are already encrypted with luks, and I don't feel like switching to geli. Veracrypt would be a better choice for the external storage drive as it is cross-platform. I have a local server running Fedora (the one hosting the mana world) that I will probably move over to leap too if it works out for me. After that, the only two Red Hat boxes are the watchcdda website host (fedora) & watchcdda itself (centos). watchcdda will definitely need to be moved off centos within the next year.. probably leap? still need to come up with a good plan for that. I plan on moving apartments in a few months and might move watchcdda to a vps temporarily during the process. That would be a good time to make changes to the current wcdda box. I also added rogue and a newer version of omega to play over telnet on r7st.guru. Full list is rogue, hack, moria, larn, omega, nethack, unnethack, slashem, angband, zangband, sil, crawl, dcss, adom. Plan on adding brogue and doomrl eventually.
Entry #001: 2020-12-30
Found a vps host for $2.5/mo that allows custom iso. Set up netbsd 9.1. ipv6 only so (unless I pay an extra dollar) so I'm learning that. The IP I got from autoconf doesn't match the one listed in the console for my vps so.. not sure what that means. I can log in though. 512M mem, 1x2.4GHz cpu, 10G ssd (only using ~1G) is plenty. Not sure what to do with it, so far it is an exercise in learning ipv6. Haven't touched the firewall yet. Maybe I should try an openindiana vps (or similar) to learn about solaris systems. Hopefully this netbsd box can handle compiles from pkgsrc, it appears not every package is available as a pre-built binary, but 22370 of them are at least. Played some hack & moria along with larn. omega is fun too. There is something about the 80's classic roguelikes that is comforting. Their simplicity and completeness maybe.
Entry #000: 2020-12-27
Starting a blog for misc ramblings. Working on watchcdda site from scratch and hosting here to move away from wordpress. Also built larn (from bsdgames on freebsd 12.2) separately and plan on a fork - increased default sight radius, no auto-prompt when walking over items, doors, buildings, etc, a charisma stat that actually does something, and maybe wisdom reworking. Possibly something thematic also. Prefer bsd larn to ularn because of the lack of lemmings. Looking at a linux jail (devuan) in freebsd, might host the mana world athena server there instead of local. Would need to upgrade vps, if not just for disk alone. Probably should do that anyway as I want to test out poudriere. Plans for fileserver on vps. sshfs from home machines to local fileserver. nfs from there to vps, and a cronjob to sync (some of) that to an s3 bucket. Destroyed the centos vps for r7st.guru that this one is replacing. Moving from centos to freebsd and probably opensuse leap. Trying out opensuse tumbleweed on a laptop, but opted for lvm+ext4 rather than btrfs for the time being. Snapshot and upgrade weekly. Due to the centos fiasco my working plan is to move servers from centos/fedora -> freebsd/leap, and workstations fedora -> tumbleweed. So far freebsd has greatly exceeded my expectations as a server, and tumbleweed seems like a very nice workstation.