When you’re not at home the mice dance on the table…

Long planned holiday – you’re on your way, you don’t have a reliable internet connection at hand – and exactly then the worst things happen.

Got my server shut down due to a abuse message of my email service. Of course I did not recognise the problem, because I were not at home. I only got a email from my provider.

I’ve immediately checked the logs through my smartphone (!) and deactivated the compromised test account on my email service, but that did not prevent the server from being shutdown, because the queues of the postfix daemon were full of spam mails to be sent.

Well, learned something the hard way: Never forget to get rid of test accounts with too simple passwords.

After one and a half week I finally managed to be back home to get a statement letter out to the postoffice for the reactivation of my server.

First moves after reactivation: checking all logs, removing possible entrances, clearing mailboxes, installing fail2ban and other tools to prevent future brute force login attacks.

Last but not least: Searching for more monitoring possibilities when I’m somewhere out in the world, even with no internets…

Laptop crash during update

On Friday I finally learned how to f*** up my laptop. Just unplug it accidentally during running a system update with “pacman -Su”.

Result: kernel panic on reboot, no help until I found a USB stick containing a archlinux image.

After booting and fixing the kernel image I encountered multiple strange errors from libraries which weren’t been touched during that failed update run.

So after searching and deeper searching, with no evidence of the damaged packages I finally decided to just reinstall the whole system.

First I reinstalled all packages installed by dependencies and then all explicitly installed packages.

#deps:
pacman -S --asdeps $(pacman -Qnqd)
#explicit packages:
pacman -S $(pacman -Qnqe) --force

That ‘force’ was required due to some nasty errors about already existing files, which I did not care about.

Setting up gitlab on archlinux behind an apache

Setting up gitlab is quite straight forward on archlinux, following this article.

The wiki article even mentions the procedure to run gitlab behind an apache https proxy. The only thing I’ve missed was the hint for changing the base url of gitlab so that a repository link would work with the correct domain instead of ‘localhost’.

For this it is necessary to change following section in gitlab.yml :

## GitLab settings
 gitlab:
 ## Web server settings (note: host is the FQDN, do not include http://)
 host: localhost
 port: 80
 https: false

Here you have to change localhost to your domain name.

Looks simple, but somethings you search a long time for simple solutions.

 

StartSSL certified

Now my domain mmo.to and all subdomains are certified by StartSSL.

Hopefully never again you have to make a ssl certificate exception within your browser.ย  ๐Ÿ™‚

Nice service from StartSSL, the whole personal validation was done within 3 hours, and the next day I was able to generate my ssl certificates.

And of course I updated my server to get rid of the vulnerable openssl version.

KDE – akonadi – kmail

I had a high view of KDE and the tools of this desktop environment. But today I got quite a throwback with it.

Since my Thunderbird has got some some issues (2 windows popping up, problems receiving mail (chrome javascript, etc.)), which were rather hard to fix, I decided to give Kmail a chance.

Well, Kmail has his chances gamed away now. I set up everything according to menu guidance but no mail was getting into my folders. Kmail activity log said something about ‘Unable to append item flags’. After some research I found out that there’s quite a work to do to fix that bug and that this bug is already known since 2011!

After such a long time such a problem should be solved by the application itself in my opinion not by the user with quite a bulk of work cleaning some directories, cleaning configs, reconfiguring everything, etc.

Now back to Thunderbird. Already fixed the problems there after getting in touch with the bugs from Kmail. ๐Ÿ˜‰

Private blog

I rarely write private blog posts.

Most and for all I do not want to publish everything I do in my life and want to protect my privacy.

But sometimes there may be interesting things happening in my life which could also be informative for the rest of the world, or at least for some of my friends, colleagues and other acquaintances.

What I do is some photography, which I’ll post on my picture log or ‘plog’. ๐Ÿ™‚