Fastly returning “Requested host does not match any Subject Alternative Names (SANs) on TLS certificate”, HTTP/421

due to $reasons we have an nginx-proxy that is a reverse proxy forwarding to Fastly CDN which, in turn, forwards back to our infrastructure. starting from the 2024-02-27 this stopped working, for some HTTP queries. most notably those using OPTION verb. response that nginx was getting from Fastly had HTTP/421 status code and payload: colleague ... Read More

Ohook – activating MS office

this might be useful, especially for environments where automated tests of MS-office-dependent applications are done: https://massgrave.dev/ohook.html + https://github.com/asdcorp/ohook

parallel rsync

rsync remains my main tool for transferring backups or just moving data between servers. but it has some pain points – e.g. rsync’s checksum calculation or ssh over which data is piped can easily saturate single CPU core before i run out of storage I/O or network bandwidth. how to parallelize it – based on ... Read More

resources for learning SQL

https://sqlbolt.com/ https://cs50.harvard.edu/sql/2023/ https://selectstarsql.com/ https://mystery.knightlab.com/

bug in postgresql’s GIN index

it’s a story without happy end. i’m absolutely sure there’s an index-corruption bug in PostgreSQL 13; since i have not seen any mention of it being fixed – it’s likely in the following releases as well. i’ve tried to get attention to it on the pgsql-bugs mailing list but i failed. likely because i’ve never ... Read More

Apache2: url-based exception for ProxyPass

i have apache2 reverse proxy which passes traffic to some application server. everything going to /server/ is handled by http://localhost:8000. i had to do one exception – serve content for /server/something.txt from a static file. here’s what i did:

rsync to exfat mount

exfat does not carry information about user/group ownership of files/directories, has less precise timestamps. to make rsync stop complaining about it i’m using:

using clickhouse-local to analyze archived log files

at work we’re hoarding log files. it’s a low-cost, low-tech solution: btrfs, some python script archiving /var/log/*.log, *.1 from hundreds of servers. we have a peace of mind that whatever it is – as long as it’s logging to that folder – we’ll have an archive of it. till now, whenever there was a need ... Read More

debian installer not detecting built-in nvme drive

i’m trying to set up debian 12 on a laptop [ dell latitude 7400 ]. pendrive ready but.. the installer detects only pendrive and no NVMe that holds Windows 11. why? it turns out bios had Raid mode configured for the intel storage controller – as described here. how to reconfigure it without ruining ability ... Read More

playing with min.io cluster

min.io is open source [ although AGPL-3 licensed ] object storage software providing s3-compatible interface and handling clustering for HA & data distribution. below – notes from setting it up on a tiny scale, without using Kubernetes. notes are based on RELEASE.2023-03-24T21-41-23Z i’ve fetched two binaries for the project: my cluster has 4 nodes, looks ... Read More

mental models and alike

https://fs.blog/tgmm https://perell.com/essay/50-ideas-that-changed-my-life https://en.wikipedia.org/wiki/List_of_cognitive_biases https://en.wikipedia.org/wiki/List_of_fallacies