“Verify your Kindle document” for pdfs self-mailed to my kindle

whenever i travel i like to use kindle for reading some articles that i’ve earlier collected. for collecting i use a simple PHP script with rich text editor that allows me to copy & paste content and then mail it to my kindle address. recently i’ve started getting requests from Amazon to approve each document ... Read More

xiaomi robot vaccuum disassembly

i have 1st gen xiaomi mi robot vacuum cleaner. it’s been serving very well for the past 3 years. this video was very helpful with disassembly when i had to replace the main sucking motor fan: https://www.youtube.com/watch?v=wdDSBgJ1kRM i had to replace a fan and bought https://www.aliexpress.com/item/4000804127893.html instead of https://www.aliexpress.com/item/4000259186760.html ; not an exact fit but ... Read More

clickhouse

clickhouse is a column oriented OLAP database. i’ve started using it about half a year ago. i’m impressed. earlier i’ve read about it on percona’s blog but did not fully grasp how performant it was. i’ve tried it when i wrestling with MariaDB’s query planner on table with ~100M rows got me tired and each ... Read More

supermicro server getting stuck on “loading initial ramdisk”

i had a quite puzzling moment today when a server refused to boot up after routine maintenance. order of events: datacenter technician has taken server down and added Mellanox 25Gbit network card server booted up cleanly with Debian Buster and aged kernel 4.19.0-6 i’ve rebooted the server again and changed cpu performance settings in bios ... Read More

supermicro IPMI – mounting iso image via samba

reminder for my self in case i need to do it again, relevant for X11DDW-NT and likely – other their platforms: log-in to the IPMI web interface, go to virtual media > CD-ROM image, provide: share host – ip or hostname of samba server. for instance: 10.1.2.3 paht to image – backlash share name backslash ... Read More

letting dbeaver talk with manticoresearch

here’s what i did to get dbeaver 7.3.2 + oracle’s JDBC mysql-connector-java-8.0.17.jar work with manticoresearch 3.5.4: /etc/manticoresearch/manticore.conf, under searchd: in dbeaver – new connection using oracle’s JDBC driver as above, under data editor – set ResultFetchSize to 0 to prevent errors like this: when i initially tried to get it working with JDBC driver from ... Read More

black hole, somewhere in the internet, swallowing UDP packets

UDP packets sent from specific source port, with public source IP address do not reach specific destination port of the public destination IP address. changing any of the parameters [ usually source port ] – fixes the issue. i’ve observed this phenomenon multiple times for long-running OpenVPN and Wireguard VPNs encapsulating encrypted traffic in UDP ... Read More

using dedicated server from hetzner

4 months ago i’ve started renting a dedicated server at https://www.hetzner.com/ and – so far – i’m quite happy with the service. i’ve picked cheapest suitable hardware from their auctions, after a month of trouble-free usage i’ve switched to quarterly billing. then server has crashed few times with “shutting down cpus with nmi” kernel messages. ... Read More

resizing btrfs on luks on mdadm raid10

one of my KVM VMs keeps data on BTRFS on top of encrypted LUKS drive. that drive is a block device passed from virtualization server to VM… a block device which is mdadm software RAID10. below – steps taken to resize it.

detecting duplicate network packets from linux command line

while going down the rabbit hole of bed network performance at work we’ve narrowed the problem cause to duplicate packets showing up on a specific segment of leased metro Ethernet service. tshark filter helped us to see when duplicates occurred on monitored link we’ve got pair of computers – A and B connected at both ... Read More

backup via ssh-tunneled connection

in one context i need to pull backup from server C to server A. normally i’d use rsync with direct ssh connection as a transport method. in this particular case C is not directly reachable from A, so i need to use ssh tunneling to connect from A to C via jump-host B: public ssh ... Read More

apache2 – reverse proxy with sticky sessions and fail-over

i needed to set up apache2 as a reverse proxy that will forward requests to few backends. yes – i know that there are better tools to do it – like haproxy or nginx – but in this case apache2 was preferred for the simplicity of the setup. requirements: sticky sessions – in normal conditions ... Read More

guacamole under Debian

Apache Guacamole is a clientless remote desktop gateway – with it you can access RDP-enabled Windows PC using ordinary web browser and HTTP[S]. below – notes taken while setting it up under Debian 10.

useful network-related tools

internet-wide scanners: https://censys.io/ https://www.shodan.io/ ssl: https://www.ssllabs.com/ smtp: https://www.mail-tester.com/ dns: http://dns.squish.net/

upgrading firmware on Intel’s SATA SSD drives behind Dell’s h730p RAID

fetch Intel_SSD_Data_Center_Tool from here. the zip archive contained, among other, .deb for 64 bit OS – that worked for me under debian stretch. to see drives run: to upgrade the firmware where 0 corresponds to the Index of drive returned by the first command the same likely works for other LSI/Avago cards – no matter ... Read More

iostat -x 1 reporting 100% utilization of nearly-idle NVMe drives

after an upgrade to debian buster i’ve noticed that both iostat -x 1 and munin’s diskstats_utilization report that NVMe drives are busy most of the time. some empirical tests showed that disks are actually idle, performance did not drop. upgrade to 5.2 kernel resolved the miss-reporting issue.

openvpn – “OpenSSL: error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small” after upgrade to Debina Buster

another thing to adjust after upgrade to Buster. on openvpn endpoint that in it’s config – /etc/openvpn/whatever.conf – had: dh dh1024.pem the vpn service did not start. tail -f /var/log/syslog showed: apparently the new version of openssl no longer accepts 1024 Diffie Hellman group. solution: and change in /etc/openvpn/whatever.conf – from dh dh1024.pem to dh ... Read More

bind9 fails to start after an upgrade to Debian Buster

i’ve done a routine upgrade to Buster on some server and all went fine… except bind9 no longer started. every attempt to restart it ended up with long waiting and an error message: logs did not contain anything interesting – actually they showed that bind would start and then after ~ a minute was shut ... Read More

allowing custom file extensions to be uploaded to wordpress

WordPress restricts types of files you can upload. it not only checks the extension of what you’re adding to the media library but also its mime type. so you cannot fool it by uploading .exe renamed to .jpeg – if you try it, you’ll get an error saying: “Sorry, this file type is not permitted ... Read More