Martin Seener - Sysorchestra

This iPi is the new Linux iMac

If you search for the "Buy now" button, I have to disappoint you. But please keep on reading. Let me present you my last finished home project - the iPi.

phoenix-ci

Introducing Phoenix-CI as a low-cost Gitlab CI alternative to K8s

We use Gitlab as our favorite tool for all Git-related operations for years now and seeing it growing in terms of features and simplified workflows.‌‌ When we started to use

apple

Reduce Thermal Throttling on your Apple M1 Macbook Air to increase persistent load performance

Last year when Apple presented their new Apple Silicon SoC - namely the M1 - I couldn't believe how much performance the M1 would have in real world scenarios. After

Hetzner

Hetzner SX62 dedicated server with Software-RAID-5 and encrypted LVM on Debian 10

A little over 2 years ago, we introduced a new Backup server for our PostgreSQL data. Check out my post on that here. Now 2 years later, the disks got

linux

Linux Mint 20 Upgrade on Lenovo Thinkpad X1 Carbon 7th Sound and Fingerprints

Linux Mint 20 has been released some days ago and now there is also the upgrade guide available for you who also have Mint 19.3 running. I don't want

2fa

Automate TOTP-secured SSH logins with 2sh and Bitwarden

As an additional way to protect SSH servers from potential attackers, I started to implement TOTP-based 2FA logins in the past. See this post about how I achieved this. I

linux

Setup SublimeLinter with RVM and ZSH under Linux Mint 19.3 Cinnamon

In my previous posts I took you onto a journey from my old macOS environment to my new home - Linux Mint 19.3 Cinnamon. As with every journey, you

linux

Setup Soundcard and Microphone on Lenovo Thinkpad X1 Carbon 7th Gen with Linux Mint 19.3

Recently I switched my work device from my very old MacBook Pro Mid-2012 Non-Retina to a brand new Lenovo Thinkpad X1 Carbon 7th Gen - or X1C7 for short -

linux

Enabling U2F Hardware token in Linux

I recently switched from MacOS to Linux for my work computer and found out that using a hardware U2F USB token is not so easy as on MacOS. I'm using

dell

Online capacity expansion of a Dell Hardware RAID 1 with larger disks and a LVM

This post is about a simple topic, but finding information about it was not so easy due to the specific circumstances it includes. Here i will show you how you

proxmox

Proxmox / Linux - Live-Update Network Configuration with Zero-Downtime

In this smaller post i want to show you how easy it is to do a live config update of your network without network restarts or machine reboots. I did

Remove Proxmox 5.1-7.x “No Valid Subscription” message

Update #1 (2021-12-22): As pointed out on this page a method that works from 5.1 up to latest 7.x. I've tested this with 7.1-8 successfully: sed -Ezi.bak "s/(Ext.Msg.show\(\{\s+title: gettext\('No valid sub)/void\(\{ \/\/\1/g"

debian

Site-to-Site IPSec VPN between Sophos UTM and Debian using StrongSwan with RSA-Pubkeys

Introduction This guide will show you, how you can establish a Site-to-Site IPSec VPN between a Sophos UTM Firewall and a Debian 9 "Stretch" based Server using StrongSwan

debian

Hetzner Root-Server with dual Hardware RAID-1 and encrypted LVM on Debian 9

Introduction This guide will explain the steps it takes to install a secure headless Hetzner Root-Server with some special pitfalls like LUKS on Hardware-RAIDs and SSH-based remote decryption at boot

sophos utm

Automating Pingdom Probes IP-Whitelisting with Probecollector

Introduction It was hard to find a good title for this blog post, so let me explain it a bit further. You may have API's or applications that are secured

debian

Add Two-Factor-Authentication to SSH on Debian Wheezy to Stretch

Introduction This guide shows you, how you can add 2FA to your OpenSSH on Debian Wheezy, Jessie and Stretch using Google Authenticator. We assume that your SSH already uses Pubkey-Authentication while PasswordAuthentication is disabled. Also this guide should also work on Debian's derivates and

Hetzner

Proxmox 5 on Hetzner Root-Server with Dual-Stack IPv4/IPv6 for Host and Guests

Introduction In an earlier blog post i wrote about a standard Debian installation with KVM, IPv4 and IPv6 for both the host and it's guests. This time we will setup Proxmox 5.x on a Hetzner Root-Server also using Debian and IPv4 and IPv6

proxmox

Migrating Proxmox LVM-Thin Volumes to another Proxmox Host

Introduction In an earlier post, i've discribed how to migrate VMWare ESXi Virtual Machines (or mostly their disks) to a new Proxmox KVM machine. This time i had to move a Proxmox VM to another Proxmox host. Both hosts using LVM-Thin Logical Volumes to

proxmox

Proxmox 4Gbit/s HA Networking with two Dual-Port NICs and VLAN-enabled Bonding to distinct Switches

Lately we've setup a new Proxmox 4.4 Server. For this we upgraded our former ESXi 5.5 Host with more RAM, a RAID-10 Array (from RAID-1 w. Hot-Spare) and two Dual-Port 1Gbit/s NICs (therefore 4x 1Gbit/s in 2 PCIe Cards with

vmware

Migrate VMWare ESXi Virtual Machines to Proxmox KVM with LVM-Thin Logical Volumes

Recently we decided to move away from VMWare ESXi because we want to scale out but don't want to buy expensive licenses just for virtualization. We evaluated different solutions and got stuck with Proxmox and it's KVM virtualization. We have always used Debian-based VMs

security

Securing and Customizing Filecloud Server and Clients

Update 2017-06-15: The configuration parameters below still work with the latest Sync Clients in v15.x (tested on macOS and Windows). Sadly, the default is still TLSv1 and not configurable in the UI or even better chosen automatically upon the first connection attempt to

sophos utm

Monitoring RAID on Sophos UTM Hot-Standby Clusters with Dell PERC/LSI MegaRAID Controllers

This is a somewhat special post this time for a somewhat narrow audience but my intention was splitted into creating a reminder for myself and to show how you can even monitor things that are normally closed for manual configurations like the Sophos UTM

debian

Run a NTP server for the pool.ntp.org project with Debian

Update 2: I've changed the 5 source servers to 3 other's that are on the same continent as our NTP Server so the offset and jitter are much better. This helped this server to be more "stable". The server now uses clock.

travis-ci

Introduction on how to use shellcheck and bashate with Travis-CI

Introduction Some time ago i've written about test-driven development, or TDD, for shell scripts using shunit2 and Travis-CI. This time i want to show you how you can further enhance your shell script testing capabilities with two useful tools for static analysis and style

proxmox

Remove Proxmox “No Valid Subscription” message

Update #3 (2021-12-22): As pointed out on this page a method that works from 5.1 up to latest 7.x. I've tested this with 7.1-8 successfully: sed -Ezi.bak "s/(Ext.Msg.show\(\{\s+title: gettext\('No valid sub)/void\(\{ \/\/\1/