My Personal Backup Strategy

I’m pretty protective of my data. I like to make sure all my important file are backed up, and I employ a 3-2-1 backup strategy for basically everything. What are 3-2-1 Backups This is a term that is floated around frequently when talking about backups. It basically boils down to these rules: You have 3 independent copies of your data. Of those 3 copies, 2 of them are on different systems (Different servers, different SANs, etc)....

October 7, 2021

Promxox/Rclone Offsite Backup

One of the most important parts of keeping data safe is offsite backups. One excellent tool for this is Rclone, a tool that copies data to local and remote locations with ease. I don’t use Rclone for all my backups, which I’ll get into, but I use it for some cases and it’s a great tool. Why I Use Rclone I operate a dedicated server where the hardware is managed by a third-party....

September 27, 2021

Custom Debian ISO

If you’re installing Debian on a regular basis, or want to automate the installation a bit more, building a custom Debian installation ISO can be quite handy. You can automate some of the more tedious parts of the installation, install extra packages and run additional setup, or even completely automate the installation! Why? In my case, I’m working with some automated provisioning using Puppet and Packer. Most of the time, you can start with a pre-installed operating system and work from there....

September 7, 2021

Firewalld in Debian 10

In the past, I showed how to add a firewall rule in Debian 9. For Debian 10, these instructions still work but installing the firewalld package is a bit more involved. Why There is a bug in iptables (which is how firewalld applies rules) that causes it to crash on start up. Thanks to this GitHub Issue, I was able to track this down to the specific version of iptables that ships with Debian 10 (1....

August 24, 2021

Puppet Without a Puppet Server

One tool that is pretty neat for anyone who manages more than one machine is Puppet. In it’s simplest form, Puppet is designed to codify actions you may take on your server and run them automatically. The typical deployment for Puppet relies on a central Puppet server (the “Puppetmaster”), and clients distributed around your network. What if, say, we wanted to run Puppet without this central server? Why Puppet is great, and a centralized Puppet server is equally great....

August 4, 2021

Fix Virtualmin Proxy with Let's Encrypt

This is a minor inconvenience that I’ve dealt with for far too long. When using Virtualmin as a reverse proxy, it doesn’t handle Let’s Encrypt verification records correctly and forwards them to the upstream service. In my case, this would cause certificates to issue correctly initially, but then fail to renew after three months is up. Since every request that hits the server was getting sent to the upstream server (including any requests to ....

June 14, 2021

Smart Failover With Redis Sentinel and Keepalived

Through some Google-fu and some other great tutorials, I’ve successfully setup a groups of Redis machines with automatic failover detection via keepalived and sentinel. This sounds mundane, but lets you setup another layer of protection for your Redis cluster without lots of extra configuration. Background – Redis Sentinel and Keepalived Redis Sentinel makes it pretty easy to setup a group of replicated Redis machines and elect new master nodes when others are offline....

December 18, 2017

Adding a Firewall Rule to Debian 9

Not too long ago in the Linux world, firewall rules were complex. iptables did its job very well, but managing rules was daunting for a newcomer. Debian 9 introduces some changes that make it pretty simple to add a firewall rule. Usually firewall rules are taken care of automatically, when you install a program it takes care of opening up the required ports for itself. In some cases, software can conflict and that is what happened in my case....

October 17, 2017