using clickhouse-local to analyze archived log files

at work we’re hoarding log files. it’s a low-cost, low-tech solution: btrfs, some python script archiving /var/log/*.log, *.1 from hundreds of servers. we have a peace of mind that whatever it is – as long as it’s logging to that folder – we’ll have an archive of it. till now, whenever there was a need ... Read More

debian installer not detecting built-in nvme drive

i’m trying to set up debian 12 on a laptop [ dell latitude 7400 ]. pendrive ready but.. the installer detects only pendrive and no NVMe that holds Windows 11. why? it turns out bios had Raid mode configured for the intel storage controller – as described here. how to reconfigure it without ruining ability ... Read More

playing with cluster is open source [ although AGPL-3 licensed ] object storage software providing s3-compatible interface and handling clustering for HA & data distribution. below – notes from setting it up on a tiny scale, without using Kubernetes. notes are based on RELEASE.2023-03-24T21-41-23Z i’ve fetched two binaries for the project: my cluster has 4 nodes, looks ... Read More

mental models and alike

temporarily speeding up IO performance for KVM VM

i have few VMs running on top of spinning rust. recently i’ve upgraded one of them to not-yet-stable debian bookworm. upgrade would be pretty slow but.. i’ve edited the VM definition and asked KVM to allow host server to cache any IO operations. speedup was great, bullseye->bookworm upgrade finished in less than 5 minutes. for ... Read More

using hardware tokens to secure SSH, MS365 logins

i’ve done a bit of research, below – my understanding of the current state of affairs [ 2023-03 ]. i’m writing this while testing YubiKey 5 NFC, but consider different alternatives. SSH why: i’m considering an attack vector where malicious actor has remote control of my PC – can lift up arbitrary files [ including ... Read More

re-parenting a shell command

let’s say you’ve logged in via ssh to some server and started some long running command. minutes or hours later you’ve realized that you did not run it under screen or tmux – so that command will die once your ssh connection is closed. today i’ve learned about reptyr which can help with that – ... Read More

squid-based forward proxy that accepts incoming tls-encrypted connections

we needed to do some interoperability testing, and for that we had to allow http client application to talk with http proxy via secure channel. on debian 11 i had to install package squid-openssl and add this line in /etc/squid/squid.conf: the ssl cert was generated by certbot certonly. that’s how i tested it:

MySQL / MariaDB login audit

once in a while i need to review which database accounts are used, from what IPs connections arrive. MySQL / MariaDB does not have built-in mechanism [ unless you want to allow full query log ], but there’s quite easy way to get the data.

rsync with more efficient compression, hash algorithm

rsync 3.2.0 and newer supports more compression and hash algorithms. zstd compression is well suited for slower network connections [ tens mbit/s ], lz4 – for faster. xxh3 hash is worth using regardless of the network speed. syntax:

nrpe’s check_http – POSTing a file

i needed to monitor some service available via HTTP, this service is expecting to get a file posted – as if it was submitted via HTML form. so the file’s content is in the POST body, wrapped in Content-Type: multipart/form-data and stored between boundaries. Is it possible to simulate via check_http? yes!

Best Practical’s RT – recovering specific tickets from backups

I needed to recover a particular, old and already shredded, RT ticket from a backup to web interface. I’ve restored the database to a separate server and run those commands to get INSERT statements for two tickets i was interested in – 69187, 100112: To be on the safe side – always recover to a ... Read More

mysqldump headaches

over the years i’ve set up multiple backup workflows. one of them is described here. part of the cycles involves taking database backups. for MySQL i’m mostly using mysqldump. it comes with some headaches: it’s single-threaded by nature – both for backup, and restore [ unless you chop the dump file into pieces and try ... Read More

WordPress’ Gutenberg editor failing to save anything

i’ve run into an odd situation – wordpress was working just fine yet the new / Gutenberg editor did not save anything. No errors, but also no content saved – the only thing that was left was ‘Auto Draft’ with an empty content. i’ve tracked it down to fact that .htaccess was not actually used ... Read More

public domain image searchers