.pQd – Page 2 – .pQd's log

Fastly returning “Requested host does not match any Subject Alternative Names (SANs) on TLS certificate”, HTTP/421

2024-03-062024-05-15 by .pQd

due to $reasons we have an nginx-proxy that is a reverse proxy forwarding to Fastly CDN which, in turn, forwards back to our infrastructure. starting from the 2024-02-27 this stopped working, for some HTTP queries. most notably those using OPTION verb. response that nginx was getting from Fastly had HTTP/421 status code and payload: colleague ... Read More

KVM – listing VMs with their memory allocation

2024-02-02 by .pQd

i needed to list all VMs on given KVM server and sort them by amount of RAM allocated to each. ugly but does the trick.

Ohook – activating MS office

2024-01-17 by .pQd

this might be useful, especially for environments where automated tests of MS-office-dependent applications are done: https://massgrave.dev/ohook.html + https://github.com/asdcorp/ohook

podcast about evolution of mysql at booking.com

2023-12-302023-12-30 by .pQd

very interesting, content-heavy, interview with Kristian Köhntopp about his work at booking.com: 1, 2 [ alternatively on youtube: 1, 2 ].

getting code signing certificate on own Yubikey and then using it to sign windows binaries in unattended way, on KVM VM

2023-12-022023-12-26 by .pQd

starting from June 2023 code signing certificates for MS Windows cannot be delivered as a file anymore. files are easy to steal. now certs must reside on security modules which don’t allow private key extraction, at least not for mere mortals. we’re using such a cert to sign exe and msi files on a build ... Read More

freecad – editing STL file

2023-11-13 by .pQd

for 0.21.2 based on this yt video: https://www.youtube.com/watch?v=dr1qtaURrvI

parallel rsync

2023-11-042025-03-02 by .pQd

rsync remains my main tool for transferring backups or just moving data between servers. but it has some pain points – e.g. rsync’s checksum calculation or ssh over which data is piped can easily saturate single CPU core before i run out of storage I/O or network bandwidth. how to parallelize it – based on ... Read More

resources for learning SQL

2023-10-232024-05-05 by .pQd

SQL basics: indexes: https://use-the-index-luke.com/ ‘modern’ SQL: fiddles – web-based sandboxes:

bug in postgresql’s GIN index

2023-09-04 by .pQd

it’s a story without happy end. i’m absolutely sure there’s an index-corruption bug in PostgreSQL 13; since i have not seen any mention of it being fixed – it’s likely in the following releases as well. i’ve tried to get attention to it on the pgsql-bugs mailing list but i failed. likely because i’ve never ... Read More

WSL installation fails with “A specified logon session does not exist. It may already have been terminated.”

2023-08-10 by .pQd

i’ve tried to install wsl on Win 11 PRO PC and got this: solution: try again based on this comment.

Apache2: url-based exception for ProxyPass

2023-07-252023-07-25 by .pQd

i have apache2 reverse proxy which passes traffic to some application server. everything going to /server/ is handled by http://localhost:8000. i had to do one exception – serve content for /server/something.txt from a static file. here’s what i did:

rsync to exfat mount

2023-07-132025-03-02 by .pQd

exfat does not carry information about user/group ownership of files/directories, has less precise timestamps. to make rsync stop complaining about it i’m using:

userauth_pubkey: signature algorithm ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]

2023-07-102023-07-10 by .pQd

colleague reported that he cannot anymore log-in using putty, via ssh to server that was recently upgraded to Debian Bookworm. /var/log/auth.log showed: putty log it turned out that it was pretty old putty – 0.74, just upgrading it to the more recent one [ 0.78 at the time of writing ] solved it. alternatively i ... Read More

running command as user who has shell /usr/sbin/nologin

2023-07-01 by .pQd

using vector to send JSON-formatted nginx logs to ClickHouse

2023-06-152023-06-15 by .pQd

for some particular case i need to log and later analyze POST bodies of HTTP requests sent via nginx reverse proxy. ClickHouse will store the logs and be useful in analysis.

using clickhouse-local to analyze archived log files

2023-06-052023-06-05 by .pQd

at work we’re hoarding log files. it’s a low-cost, low-tech solution: btrfs, some python script archiving /var/log/*.log, *.1 from hundreds of servers. we have a peace of mind that whatever it is – as long as it’s logging to that folder – we’ll have an archive of it. till now, whenever there was a need ... Read More

tar + zstd, without piping

2023-05-242023-05-24 by .pQd

debian installer not detecting built-in nvme drive

2023-05-09 by .pQd

i’m trying to set up debian 12 on a laptop [ dell latitude 7400 ]. pendrive ready but.. the installer detects only pendrive and no NVMe that holds Windows 11. why? it turns out bios had Raid mode configured for the intel storage controller – as described here. how to reconfigure it without ruining ability ... Read More

playing with min.io cluster

2023-04-122023-04-22 by .pQd

min.io is open source [ although AGPL-3 licensed ] object storage software providing s3-compatible interface and handling clustering for HA & data distribution. below – notes from setting it up on a tiny scale, without using Kubernetes. notes are based on RELEASE.2023-03-24T21-41-23Z i’ve fetched two binaries for the project: my cluster has 4 nodes, looks ... Read More

mental models and alike

2023-04-102023-04-10 by .pQd

https://fs.blog/tgmm https://perell.com/essay/50-ideas-that-changed-my-life https://en.wikipedia.org/wiki/List_of_cognitive_biases https://en.wikipedia.org/wiki/List_of_fallacies