Hi, I’m Andrew!

One of the most important parts of keeping data safe is offsite backups. One excellent tool for this is Rclone, a tool that copies data to local and remote locations with ease. I don’t use Rclone for all my backups, which I’ll get into, but I use it for some cases and it’s a great tool. Why I Use Rclone I operate a dedicated server where the hardware is managed by a third-party....

If you’re installing Debian on a regular basis, or want to automate the installation a bit more, building a custom Debian installation ISO can be quite handy. You can automate some of the more tedious parts of the installation, install extra packages and run additional setup, or even completely automate the installation! Why? In my case, I’m working with some automated provisioning using Puppet and Packer. Most of the time, you can start with a pre-installed operating system and work from there....

In the past, I showed how to add a firewall rule in Debian 9. For Debian 10, these instructions still work but installing the firewalld package is a bit more involved. Why There is a bug in iptables (which is how firewalld applies rules) that causes it to crash on start up. Thanks to this GitHub Issue, I was able to track this down to the specific version of iptables that ships with Debian 10 (1....

One tool that is pretty neat for anyone who manages more than one machine is Puppet. In it’s simplest form, Puppet is designed to codify actions you may take on your server and run them automatically. The typical deployment for Puppet relies on a central Puppet server (the “Puppetmaster”), and clients distributed around your network. What if, say, we wanted to run Puppet without this central server? Why Puppet is great, and a centralized Puppet server is equally great....

Meta Information: This is a room I recently completed on TryHackMe. I figured I’d do a write up of what I found, how I got in, and things that a potential sysadmin would want to do to fix their server. I’m writing this from the point-of-view of a independent security consultant. Description of Server The machine in question appears to be an Ubuntu Linux machine, with a number of open ports and protocols:...

This is a minor inconvenience that I’ve dealt with for far too long. When using Virtualmin as a reverse proxy, it doesn’t handle Let’s Encrypt verification records correctly and forwards them to the upstream service. In my case, this would cause certificates to issue correctly initially, but then fail to renew after three months is up. Since every request that hits the server was getting sent to the upstream server (including any requests to ....

In Part One we looked at how to download our photos from Google Photos to a local drive. But now we’ll look at how to archive them into human readable folders that can be included in daily snapshot backups. Our Problem Now we have all our photos downloaded, but I really wanted things to live on my NAS with the rest of my important files. This would also let me potentially delete photos from Google Photos but keep things locally....

One service that I’ve come to rely on is Google Photos. For the last number of years, I’ve had photos on my phone (which is now my primary camera for trips) automatically backed up and categorized. It’s a slick service, but I feel most comfortable having local copies of photos and keep them in a snapshot backup system. Why I Did This Google Photos is great, and I don’t really have any issues with the service or its availability....