Started the day with a call from a client's intern, a bit full of himself: "Hey, you need to fix this... the network is pretty slow this morning, can you check?"

I take a look: lots of local IPs pulling heavy data from Apple servers. Me: "macOS 26.3 just dropped, are all your Macs updating at once?"
Him: "Well, obviously. It's an important update. We're doing our iPhones and iPads simultaneously too."

That’s 27 devices updating at the same time on a connection that caps out physically at 60 Mbps.
I explain the bottleneck.
His reply: "Can't you just ask Apple to use 'extra bandwidth' to push them through? They need to be done by 09:30 because that's when the real work starts and we want updated machines."

Me, confused: "No. However, I can prioritize work traffic and throttle the updates to use the leftover bandwidth. But they will definitely not be done by 09:30."

I broke his brain.
He kept insisting on "extra bandwidth" as if it were a premium feature to toggle on demand.
I explained that in their case, bandwidth is a physical limit (FTTC degraded to 60 Mbps), not a software cap, and certainly not controlled by Apple.

He finally understood, thanked me, and closed with a cryptic gem: "Sorry, I'm not an IT guy, but by now I've learned that tech products usually have limits imposed by price, not by physics, which are usually way ahead."

Basically, the technical limitations of the past have been overcome, only to be replaced by commercial ones.

And they call it evolution...

#SysAdmin #TechSupport #IT

Hrm. Can I have multiple #watchdog devices in #linux using softdog? So that multiple different processes can use a watchdog and ANY of them dying will reset the machine?

#sysadmin

Hey #sysadmin folks! Is "short stroking" a hard drive still a thing?

For the youngsters: this was when you used only the fastest part of a hard drive, leaving the slow parts of the disk empty. Short stroking improved spinning rust performance.

I haven't heard of this in years, and it seems that with LBA abstracting the drive innards would eliminate the benefits. (You'd still get extra spare blocks for when the drive starts failing, sure.)

#introduction

Sysadmin et self-hôte basé à Aspiran, un petit village de l'Hérault entre Montpellier et Lodève.

Je lance un club informatique : infrastructure partagée, projets collaboratifs, un espace pour ceux qui aiment faire tourner des systèmes et pas juste en parler. Inspiré par l'esprit du Homebrew Computer Club : collectif, local, ancré dans la vraie vie.

Pas de sponsors corporate, pas de vibes bootcamp. Seulement des nerds qui construisent ensemble.

Si vous êtes dans le coin ou intéressé par ce genre de projet, discutons.

#selfhosted #homelab #linux #sysadmin #FOSS #GPU #Montpellier #Hérault #Occitanie #computerclub

# zfs send -R vm@rebuild | zfs receive zroot/backup-vm

Connection to bucket closed by remote host.

How's *your* day going? #sysadmin #openzfsmastery

all in all, for a sysadmin, you're a good writer 😉

🛠️ Stop au "Link Rot" !

Je blinde la pérennité de mes partages avec ce combo :

WordPress : Le plugin Wayback Machine Link Fixer redirige automatiquement mes liens morts vers l'Internet Archive.
🔗 https://wordpress.org/plugins/internet-archive-wayback-machine-link-fixer/

Bookmark : LinkWarden pour archiver personnellement mes sources.
🔗 https://linkwarden.app

Communauté : Retrouvez mes outils sur ma plateforme de services publics.
🔗 https://blablalinux.be/mes-services-publics/

Le web bouge, mes liens restent 🛡️

#SysAdmin #WordPress #LinkWarden #SelfHosted

How do you see it? Are the relay servers for Fediverse message distribution run purely out of enthusiasm, or is there something more behind them? Help a newbie figure it out :)
#fediverse #mastodon #servers #opensource #decentralization #community #sysadmin

Warum LanguageTool On‑Premise für Datenschutz, Kontrolle und Integration unschlagbar ist – unser Deep‑Dive in die selbst gehostete Lösung.

https://www.credativ.de/blog/credativ-inside/languagetool-leistungsfaehige-sprachpruefung-im-eigenen-netzwerk/

#opensource #credativ #selfhosted #OnPremise #LanguageTool #PrivacyByDesign #Datenschutz #ITSecurity #CyberSecurity #DevOps #SysAdmin

On production machines I rarely touch root space with containers. I tend to keep as much in user as humanly possible in order to keep root mostly safe- even running a lot of systemd services as user.

I've noticed a lot of projects assume root being used (i.e. /srv) and expect root ownership, leading to a total permissions hellscape if you're from an opposite perspective.

My question is what causes a project to decide on root vs user?

#linux #sysadmin #docker

Another work week starting

Short one (just 3 days) and the last before I’ll move to another city next week.

#freebsd #workfromhome #SysAdmin

Registration for BSDCan 2026 is open at https://www.bsdcan.org/2026/registration.html + tutorial schedule published.

#bsdcan #freebsd #openbsd #netbsd #development #networking #devops #sysadmin #conferences

For more on BSD and the BSD conferences, see https://nxdomain.no/~peter/what_is_bsd_come_to_a_conference_to_find_out.html (or tracked https://bsdly.blogspot.com/2025/11/what-is-bsd-come-to-conference-to-find.html +
https://medium.com/@peter.hansteen/what-is-bsd-come-to-a-conference-to-find-out-06acd7d77fd8 )

Haack's Networking - Switching My Production Server to BTRFS

https://tech.haacksnetworking.org/2026/02/08/switching-my-production-server-to-btrfs/

This tutorial covers the remote server setup, the technical manner in which I used LUKS+BTRFS, and my reasons for switching from zfs to btrfs.

#sysadmin #debian #btrfs #zfs #selfhost #self-hosting #selfhosting

I'm pleased to say I've been able to write a Tutorial series on how to get a quick-and-dirty implementation of Client Certificate Authentication using PFSense and HAProxy!

Feel free to have a read here:
https://seantodd.co.uk/series/client-certificate-authentication-in-pfsense-with-haproxy/

#sysadmin #haproxy #pfsense #homelab

If you put a test server in monitoring so it generates after-hours alerts, I'm probably gonna slap you. #sysadmin

Just managed to get my first Client SSL authentication working with PFSense and HAProxy!

Getting to understand the ACL ordering was my biggest hurdle, but I can now reject access to my internal apps from the wider internet unless theyre using a client certificate. There's even a bypass for internal IP addresses so I don't need to resort to split-brained DNS!

#sysadmin #haproxy #pfsense #homelab

This server has imported the first set of banned instances, using @moderation's work as a template. Thank you cathode.church for providing this resource.

https://wiki.neuromatch.social/Defederated_Instances

#fediverse #mastodon #moderation #admin #selfhost #sysadmin

Current status upgrading the OS/ software stack on the VM hosting my blog.

#sysadmin #bloger

Registration for BSDCan 2026 is now open https://www.bsdcan.org/2026/registration.html and tutorials schedule is published.

#bsdcan #openbsd #netbsd #freebsd #libresoftware #freesoftware #conference #development #networking #sysadmin #devops

@mttaggart It is actually something I (a Sysadmin) am aware of and I plan accordingly. Or at least I try, ownership, all the geniuses and weather permitting.

Sometimes I think I am the only sane person in that enterprise but I might be wrong ;-)

#SysAdmin

New blog post: PF Firewall on FreeBSD - A Practical Guide

After years of running PF across multiple FreeBSD servers, I've written up the patterns that work: macros, tables, brute-force protection, NAT for jails, and dual-stack filtering.

Covers everything from basic concepts to production configs, plus a sidebar on authpf for bastion hosts.

If you're running FreeBSD and want a firewall that's elegant, powerful, and actually understandable, PF is worth your time.

https://blog.hofstede.it/pf-firewall-on-freebsd-a-practical-guide/

#FreeBSD #PF #Firewall #Security #Jails #SysAdmin #IPv6

Hey #FreeBSD folks!

Ten years ago, disk ID labels (/dev/diskid) were often painfully encoded.

Today, my WD drives show up cleanly. Is that just a WD thing? Do other vendors show up as encoded crud?

If you could look in /dev/diskid and see what you have, I'd appreciate it.

(diskID is disabled in 15, you'd need to uncomment kern.geom.label.disk_ident.enable="0" in /boot/loader.conf)

TLDR: can I now recommend diskID labels as reasonable, or am I just lucky in my hard drives? #sysadmin

The blog post is written and published.

Sysadmin In The LLM Age

"You cannot vibe code your way into becoming a better sysadmin. Or better anything else for that matter."

https://nullrouted.space/2026/02/05/sysadmin-in-the-llm-age/

Boosts on this post are appreciated, thank you.

#sysadmin

J'ai écrit un petit billet pour utiliser FoxyProxy pour se connecter facilement à des serveurs/services privés : https://jeremy.lecour.fr/blog/2026/02/06/foxyproxy/
Merci @guerby pour la découverte pendant le #FOSDEM
#sysadmin #securite

Maintenance du cluster Proxmox : check ✅
Connexions en série via Termius, quelques commandes bien placées, et tout rentre dans l’ordre.

Rien de spectaculaire… juste de l’infra qui tourne proprement 😄

#Proxmox #Homelab #Sysadmin #Linux #AutoHebergement #Termius

Someone take my sysadmin license away from me please.

#homelab #linux #sysadmin

Alt...

> Be me, @patlikestechnology. > Noticed that one of the webservers is not getting requests from the load balancer. I need this working to complete my project. > Hmm, maybe MTU issues. Found that MTU was set wrong (1500 instead of 1450). Learned how to set MTU, doesn't work. > Oh! The webserver can't reach the internet. Okay, seems like the IP forwarding is misplaced. Fixed it, doesn't work. > Okay... maybe tcpdump capture could help. Captured outgoing traffic from load balancer, doesn't work. > Spends a week trying random fixes and firewall rules, doesn't work. > One day casually browsing IP settings of the LB. Turns out the IP of the LB is the same as the webserver. The LB is sending traffic to itself this entire time. Changed it. Works. > Cry.

Does anyone know of a three timezone clock? I need different clocks for local time, UTC, and colleagues.

Extra-nice would be if it had the date for each in YYYY-MM-DD format.

#sysadmin things

2.5 Admins 285: example.com.oops

Outlook’s autodiscover feature is leaking data again, our thoughts on the cycle of cloud and on-prem (centralised and local computing), and why you probably shouldn’t use NMVe to SATA adapters.

https://2.5admins.com/2-5-admins-285/

#podcast #sysadmin

Alt...

2.5 Admins artwork

I can confirm that I have, in fact, correctly set up my matrix server. I shall now proceed to delve into the world of Matrix bots and bridges!

#matrix #sysadmin #homelab

👉 Plus d'infos sur le site officiel : nginxproxymanager.com

#NginxProxyManager #SelfHosted #Linux #BlablaLinux #SysAdmin #OpenSource #Debian #Docker

I think I might have successfully set up a whitespashe matrix server!

If there's anyone on matrix that's willing to help me test, please do reach out!

#homelab #sysadmin #matrix

Help!
What hosting provider or service generates this 403 error and why am I seeing it so much this week?

#sysadmin #403error #403 #error

Alt...

A graphic of a computer monitor with a padlock and 403 forbidden error on a sky blue background with white clouds at the bottom(out of frame)

Does anyone here know #linux mount namespaces well?

I need to #ssh to an old phone supporting only #RSA but I don't want a huge #container .

When I override /etc/ssh_config in a namespace to add rsa, that file is not owned by root and ssh exits...

#containers #sysadmin

It appears Linux root-on-ZFS is a mess. No standard way to do it. Kernel updates require recompiling ZFS. Boot environments are a cornucopia of constantly evolving hacks.

If you're actually using #ZFS on root, on #Debian, what's your preferred hack to make that happen? #sysadmin

I suspect #openzfsmastery might need to assume root on extFS and data on ZFS, leaving root-on-ZFS for the advanced user or a terminal chapter.

GUIs are very nice yes, but nothing makes you feel quite as powerful as a successfully chained command line pipeline.

For example, taking a massive log file and filtering it through cat | grep | awk | sort | uniq -c to find the exact problem in seconds is a form of wizardry that modern UI simply cannot replicate.

Sometimes I believe the pipe | might be the single greatest invention in computing history lol 😋

#bash #shell #linux #terminal #cli #grep #tui #sysadmin #curl #debian #arch #nixos #ubuntu #linuxmint #fedora

It appears Linux root-on-ZFS is a mess. No standard way to do it. Kernel updates require recompiling ZFS. Boot environments are a cornucopia of constantly evolving hacks.

If you're actually using #ZFS on root, on #Debian, what's your preferred hack to make that happen? #sysadmin

I suspect #openzfsmastery might need to assume root on extFS and data on ZFS, leaving root-on-ZFS for the advanced user or a terminal chapter.

Not only are workloads increasing, by hollowing out their junior ranks, businesses are putting themselves squarely in the path of a slow-burning demographic time bomb as seniors begin to retire in record numbers.

"There won’t be an endless supply of experienced hires to fall back on, so everyone will be fighting for the limited, increasingly expensive talent with domain expertise"

What exactly is the tech-industry's endgame here?

https://www.fastcompany.com/91483431/companies-replaced-entry-level-workers-with-ai

#noai #techbros #ai #llm #technology #programming #sysadmin #linux #indieweb #capitalism #reading #art #adhd

I need to pick a standard word for the whole ext/ext2/ext3/ext4 filesystem family. Thinking "EXTFS" unless someone knows an existing one? #sysadmin

installing openZFS on a debian VM, and amusing myself by watching the difference between the host's resource usage and the VM's. #sysadmin

Going to ZFS snapshot the installed working VM and use clones for destructive testing. #freebsd #bhyve #openzfsmastery

Looks like #AWS is having a Tuesday again:
https://downdetector.com/status/aws-amazon-web-services/

#Sysadmin #Devops

You know #Nginx, #PostgreSQL, #Iptables, and #Systemd. You don't need another #AWS #tutorial. You need a translation guide. 🤔

I made one: AWS concepts mapped to their traditional #Linux equivalents. Stop learning, start translating #SysAdmin #DevOps #Developers https://nskm.xyz/posts/aws-1/

Alt...

screen capture showing AWS terms and their Linux equivalent

Spend twenty minutes trying to debug #freebsd vm-bhyve(8) command-line arguments only to finally realize that the command I typed was "mv" instead of "vm". #sysadmin #headdesk

I also upgraded dovecot from version 2.3 to 2.4 as part of an OS upgrade.

Immediate breakage all of the place. Apparently the config files between versions are incompatible in both syntax and variable names, so ive just spent a few hours rebuilding my config from scratch.

Thanks Ubuntu!

Yet another nudge for me to move my dovecot capability to an enterprise Linux host and star managing its config via ansible.

#sysadmin #homelab #dovecot #ubuntu

Just took a look at my PFSense box, and saw that my secondary OpenVPN connection was down.
Looked at the provider's site, and it turns out that they deprecated OpenVPN a while back!

So, tonight has consisted of me learning about and setting up: Wireguard

I'm back in action now, and looking forward to seeing whether this new VPN protocol will have any speed benefits for me!

#homelab #sysadmin #openvpn #wireguard #pfsense

Postfix minimal sur un serveur dédié Debian 13
https://www.microlinux.fr/blog/debian-13-postfix-minimal/
#sysadmin #debian #email

All services are back online on the new JBOD. The new JBOD uses Luks + BTRFS R10 on top. It's purring! #btrfs #jbod #sysadmin #gnulinux #freesoftware #opensource #floss #debian

RE: https://fosstodon.org/@brianb/115984283483440526

HAND WRITING IS A LEARNING TECHNOLOGY
we are already seeing the cognitive differences among Millennials & Zoomers who never learned to write properly by hand & those who did.

a notebook is the most basic of knowledge management systems. it can be:

- an archive
- a backup
- a reference
- an idea lab
- a gaming platform
- a collaborative project
- a canvas

but from a #devops #sysadmin POV, a notebook is an important form of REDUNDANCY. you can't brick a 3-ring binder or phish notes in a safe.

RE: https://mastodon.bsd.cafe/@stefano/115984116493117731

Luckily, many of my clients are intelligent and well-prepared people. Needless to say, that email, before making me laugh, had already made the client laugh. He immediately thought he was dealing with people who were great at marketing but had little technical skill.
I presented my theory on software engineering, but he immediately tore it apart, declaring himself extremely skeptical. In his opinion, it is more likely to be a technique to lower our defenses and then try to sell us "security products" after a "pentest full of flaws". Or simply sheer incompetence.

Anyway, their connection hasn't any open ports. So they can pentest anything they want to, as long as they want to.

#IT #SysAdmin #HorrorStories #PenTest

Ludovic :Firefox: :FreeBSD: boosted

Stefano Marinelli » 🌐 2026-01-30
@stefano@mastodon.bsd.cafe

This one beats them all and it’s going to make me laugh until tonight:

“I’ve been assigned to carry out a penetration test on a server you manage. The test will be performed from the outside, since the perimeter security needs to be assessed. In order to perform the test, I therefore ask you to disable any firewall, protection, blacklist. If any of these are in place, the server might not be reachable and could prevent the assessment.”

I had to read it three times just to make sure I’d understood it properly.

#IT #SysAdmin #HorrorStories

On décontracte ses doigts, on ouvre un terminal, et on cherche. C’est là que la magie commence 🐧💻
#Linux #OpenSource #SysAdmin #Apprentissage #BlablaLinux

This one beats them all and it’s going to make me laugh until tonight:

“I’ve been assigned to carry out a penetration test on a server you manage. The test will be performed from the outside, since the perimeter security needs to be assessed. In order to perform the test, I therefore ask you to disable any firewall, protection, blacklist. If any of these are in place, the server might not be reachable and could prevent the assessment.”

I had to read it three times just to make sure I’d understood it properly.

#IT #SysAdmin #HorrorStories

I've personally grown to hate the security theatre of rotating my bank passwords every six months, especially because of requirements like "must contain one uppercase, one symbol, one lowercase, one special case and the blood of a unicorn."

When mathematically, a simple, grammatically incorrect sentence of 25 characters is much harder for a machine to crack than a gibberish 8-character password with symbols.

Entropy loves length.

I love the idea that the most secure key to your digital life could just be a weird little poem or an inside joke that only you know. Security doesn't have to be painful.

#infosec #passwords #cybersecurity #UX #security #sysadmin #programming #foss #linux #privacy #enshittification #reading #finance

Ich mag die Backup Lösung von Veeam sehr. Vor allem unter Linux kann man damit leicht Image-Basierte Backups machen selbst mit ext4. Leider ist das Scheduling gerade unter Linux nicht gut. Deshalb habe ich eine Lösung mit SystemD gebaut. Ich habe einen Blogeintrag geschrieben der beschreibt wie das ging. Am ende vom Betrag findet ihr auch direkt einen Link zum Code.

https://cperrin.xyz/2026/01/28/veeam-backups-unter-linux-mit-systemd-triggern/

#linux #backup #veeam #sysadmin #homelab

Tonight the waves of bot traffic hitting many of the servers I manage have intensified, including Brew on BSD Cafe, but not only that. Honestly, the feeling I have now is no longer the same as it was some time ago (AI scrapers), but that there are real disruption operations going on. I can see it’s much more concentrated around certain providers and certain datacenters. If I block some countries like China, the numbers drop dramatically.

I still haven’t figured out whether there’s something specific and targeted happening (a broad DDoS) or if they’re still scrapers, but they honestly seem really dumb.

Maybe we should just create an alternative network and leave the Internet to these entities.
At this point they’re just talking to themselves anyway.

#IT #SysAdmin #Networking #DDoS

Despite some persistent rumors, installing OpenBSD is both quick and easy on most not too exotic hardware. But once the thing is installed, what is daily life with the most secure free operating system like?

See https://nxdomain.no/~peter/openbsd_installed_now_for_the_daily_tasks.html #openbsd #freesoftware #libresoftware #dailydriver #sysadmin

A ZFS migration https://anarc.at/blog/2022-11-17-zfs-migration #zfs #debian-planet #sysadmin #debian #backup

"The proper amount of swap space for any Unix system is a matter of fierce debate and best settled with a #sysadmin knife fight." #openzfsmastery #nonobadwriter

You can support me doing better at https://sponsor.mwl.io

Currently looking for extra work or something potentially long term as my current job is fading out. I've been working as a Linux Admin for the last five years. I have no certifications but lots of demonstrable experience and knowledge. Not really sure where to go from here as I don't have a lot of experience actually being on the market for a job.

#linux #linuxjobs #sysadmin #linuxadmin

Running the latest and greatest Mastodon again.

#SysAdmin #SysOp #SelfHosted

🚀 Nouveau look pour mon explorateur Apache !
Fini le listing austère des années 90 sur fichiers.blablalinux.be ! 😎

🔹 Dark Mode & Design moderne 🔹 100% Responsive (mobile-friendly) 🔹 Centrage vertical Flexbox 🔹 Hack CSS pour les icônes

Tuto complet dispo ici 👇
🔗 https://wiki.blablalinux.be/fr/personnalisation-autoindex-apache-blablalinux

#SysAdmin #WebDesign

I’ve documented a clean, native way to integrate FreeBSD 15 into a FreeIPA realm. No heavy dependencies, no Python shims, just pure Kerberos (GSSAPI) and nslcd.

We get full SSH SSO, automated home directories, and centralized sudo rules using standard BSD tools. Pure, stateless, and sane.

https://blog.hofstede.it/integrating-freebsd-15-with-freeipa-native-kerberos-and-ldap-authentication/

#FreeBSD #FreeIPA #SysAdmin #Unix #Kerberos #LDAP

Computers are like onions. Everything is layers built on layers, and every layer makes you cry. #sysadmin

Le saviez-vous ? 🤔 Pas besoin d'hébergeur externe pour pimper votre serveur Mumble ! 🐧

J'ai documenté comment intégrer votre logo directement en Base64 dans le message de bienvenue (comme sur mon serveur). C'est propre, c'est léger et ça ne casse jamais ! 🚀

Le tuto complet (version Linux, évidemment) est ici :
👉 https://wiki.blablalinux.be/fr/integrer-image-base64-message-bienvenue-mumble

#Linux #Mumble #SysAdmin #OpenSource #BlablaLinux #Debian

Guacamole vs Termix : le choc des architectures ! 🥊

J'ai testé ces deux solutions sur un parc de 142 hôtes. Entre le "tank" historique et la "formule 1" moderne, qui gagne le crash-test CPU/RAM ? 📉💻

Voici mon retour d'expérience complet ✔️

#HomeLab #SysAdmin #Apache #Guacamole #Termix

https://blablalinux.be/b/4J_?utm_source=mastodon&utm_medium=jetpack_social

Collabora ports #Debian to #OpenWrt One

The OpenWrt project's first own router, OpenWrt One, now also runs with Debian. This makes it an all-purpose #Linux system.

OpenWrt One is the first own router of the OpenWrt project. It was developed in cooperation with Banana Pi and Mediatek.

#Networking #OpenSource #Freesoftware #OPNsense #sysadmin

Alt...

WLAN Router OpenWrt One from the front

La journée commence bien…
#microsoft #https #sysadmin

Alt...

erreur de validation TLS de Firefox sur https://download.microsoft.com

🌟 Introducing BSD.cafe 🌟

Excited to present the first building block of the BSD Cafe project! When I registered this domain months ago, I envisioned a themed bar where we can casually chat about *BSD systems, Linux, and Open-Source technology among friends, acquaintances, and patrons. But like any bar, discussions can cover a wide range of topics while respecting everyone.

BSD.cafe will be a hub for various tools and services, powered by *BSD.

The first brick is a new Mastodon instance, a gateway to the Fediverse. Registration is open, and the server will be moderated under clear guidelines promoting good behavior and zero tolerance for hate towards anyone. Inclusivity, respect, and constructive dialogue are the key values of this new instance.

The main server is currently hosted in Finland on a small VM, based on #FreeBSD. Services are divided into VNET jails, connected in a LAN via a local bridge. A VPN system is also present and have been able to move individual jails to different, more powerful, machines.

Multimedia data and cache are hosted on another physical server (FreeBSD, within a jail), with Cloudflare in front. The aim is to cache and geodistribute data, reducing network traffic on the main VPS.

Reverse proxy (frontend), mail server, media server, and the instance itself are reachable via #ipv6.

The instance started empty. No unnecessary content was pre-loaded; I want it to grow organically based on users' interests and following. There won't be any preemptive blocks at this stage. Users are encouraged to promptly report anything they find worth flagging.

Join us at https://mastodon.bsd.cafe to build a constructive and inclusive community—a safe and relaxing space for everyone.

Our wiki, located at https://wiki.bsd.cafe, features essential links and articles related to the BSD world. It provides an overview of the tools, services, rules, uptime, and more information about the BSD Cafe Services.

A Matrix server, a Miniflux RSS Reader, the Wiki itself, and the BlendIT Lemmy instance are all part of the BSD Cafe services, with more to come.

#BSD #OpenSource #Fediverse #Community #Tech #Networking #Mastodon #Inclusivity #FreeBSD #NetBSD #OpenBSD #DragonflyBSD #Linux #OSS #SysAdmin #Miniflux #RSS #Matrix

"Dang it, all I need is to find someone who stocks this obscure Supermicro SATADOM and I can replace a giant noisy tower with this iX MiniXL!"

Narrator: MWL did not realize that the MiniXL had space and power for an SSD, and that the part he needed was in his supply closet the whole time." #sysadmin

Linux tip: Use `systemctl --failed` to quickly identify which services failed to start after boot. Much faster than scrolling through journal logs when troubleshooting system issues. #Linux #SystemAdministration #SysAdmin

They say AI isn’t profitable. That’s not true.
Twice just this past week, I’ve been contacted and paid to fix problems caused by developers who relied on AI to configure servers.

#AI #IT #SysAdmin

Linux tip: Set `HISTCONTROL=ignoredups:erasedups` in your init script to prevent duplicate commands cluttering your history. Clean history makes command recall much more efficient. #Linux #SystemAdministration #SysAdmin

Shell tip: `${var%suffix}` removes the shortest matching suffix. `${var%%suffix}` removes the longest. `${var#prefix}` and `${var##prefix}` work the same for prefixes. Mnemonic: # comes before % on the keyboard. #Linux #SystemAdministration #SysAdmin

How about doing support over IRC?

- Discord works but is owned by windows,
- I am having issues with Element (matrix) message dispatch,
- Ssh-chat lacks some features.

Would you do it or no? 😄

#linux #saas #sysadmin

I self-host my own e-mail servers for ~25 years now. Just finished he migration to a new system today.

- OS: FreeBSD 15.0-RELEASE
- MTA: Postfix 3.10
- IMAP: Dovecot 2.3
- Filter: Rspamd 3.14

I used Imapsync to migrate the content of my Mailboxes from the old to the new system. Worked absolutely fine.

Having the E-Mail Jail and the mailbox data on an encrypted ZFS dataset (AES256) that's manually unlocked with my passphrase after rebooting the system. Backups are done via ZFS send/recv to by backup server (-w for raw send to ensure, data is encrypted at rest)

- SPF: ✅
- DKIM Signing: ✅
- DMARC Reporting: ✅
- E-Mail delivery to major providers: ✅
- IPv6 working and actually being used: ✅

All working perfectly well. In about a week, I'll decomission the old Debian based system, that I used since 2017!

#linux #freebsd #sysadmin #selfhosting #email #postfix

Alt...

Console output, showing FreeBSD Jails, running E-Mail related services.

🚀 Turbo-boost pour vos rendus vidéo !

Marre de faire chauffer votre processeur sur FFmpeg ? J'ai mis à jour le Wiki pour débrider la puissance de vos puces Intel VA-API ! 🔥

Même sur du matériel reconditionné, passez en mode "vitesse éclair" avec les alias GPU ⚡️
On oublie le CPU qui ventile, on laisse l'iGPU faire le job !

👉 Toutes les commandes ici : https://wiki.blablalinux.be/fr/mp4-convert

#Linux #FFmpeg #OpenSource #BlablaLinux #QuickSync #SysAdmin

Linux tip: `fuser -v /path/to/file` shows which processes have a file open. Use `-k` to kill those processes. Essential when "device busy" errors prevent unmounting filesystems. #Linux #SystemAdministration #SysAdmin

My new RSS reader is miniflux.

It just worked without trouble or weird or badly-documented errors. #sysadmin

Dang near every jail on my #freebsd server needs either pgsql or mariadb.

I could stop running databases everywhere by building a database jail, eliminating many small points of small failures by implementing a single point of complete failure.

Which is better? All I know is whatever choice wins, I will lose. #sysadmin

What do cool people uses nowadays for basic deployment of simple static websites?
I previously used #python #fabric but I'm not sure it's a good idea to stay with.
I know #ansible but I like to keep my #configmanagement code for #servers and my websites deployment code separated, and stay basic for #website #deployment (which is a pretty simple task)

Do you have any recommandation?

#sysadmin #webdev #dev

Is there a tool that will rotate files out for you? I'm thinking like log rotation, but not just for logs.

Like... maybe I have a daily cron job creating some file but I'd like to see what yesterday's file looked like before it got overwritten by today's file. Ideally there would be a tool that will rename the file to file.1 (after renaming file.1 to file.2, and so on). logrotated does this, some backup software does this, but I just want a basic primitive function that stands alone, and that I don't have to hack together in a shell script.

Does this exist?

Could I just abuse logrotate?

#sysadmin #Linux

Version-control every configuration change. Use git even for single files. When something breaks, you can see exactly what changed and when. Your future self will be grateful. #Linux #SystemAdministration #SysAdmin #Coding

I've had a long week ... mostly with work, but also my mental state with world events, and Christmas wore me out a lot more than usual this year.
So to relax and take my mind off a crazy work day dealing with banking software APIs and firewalls and network security, I'm firing up #DwarfFortress

#IYKYK #sysadmin #relaxing

🔐 Besoin d'un setup 2FAuth propre et efficace ?

J'ai mis à jour mes fichiers de déploiement Docker ! Que tu cherches la simplicité absolue ou la performance avec un cache Redis, j'ai ce qu'il te faut.

C'est anonymisé, commenté et prêt à l'emploi ici :
🔗 https://bytestash.blablalinux.be/s/7fa144a5676b2f65fc063860d5fb59ca

Retrouve aussi tous mes snippets sur mes dépôts :
🐙 GitHub : https://github.com/anyblabla/bytestash
☕ Gitea : https://gitea.blablalinux.be/blablalinux/bytestash

#Docker #SysAdmin #Privacy #Linux #ByteStash #SelfHosted

Stop opening huge files in screen editors.

Screen editors (nvi, vim, etc.) assume you want to scroll,
see context, and move a cursor interactively.
Huge files break those assumptions.

For large files (1GB+):

• Inspect: head, tail, grep
• Understand structure: awk, sed -n (stream, don’t load)
• Surgical changes: ed or sed

Benchmark (1GB text file):

• nvi -> 20.1s (eager line indexing ~25M lines)
• vim -> 7.7s (lazy loading, deferred UI cost)
• ed -> 4.0s (I/O-bound buffering, no TUI overhead)

For huge files, the right solution is not tuning screen editors,
but using the right tools:

• shell tools for inspection
• ed for known, surgical changes
• screen editors when interactive rewriting is actually needed

#vim #nvi #ed #unix #linux #cli #sysadmin

Stop opening huge files in screen editors.

Screen editors (nvi, vim, etc.) assume you want to scroll,
see context, and move a cursor interactively.
Huge files break those assumptions.

For large files (1GB+):

• Inspect: head, tail, grep
• Understand structure: awk, sed -n (stream, don’t load)
• Surgical changes: ed or sed

Benchmark (1GB text file):
nvi -> 20.1s (eager line indexing ~25M lines)
vim -> 7.7s (lazy loading, deferred UI cost)
ed -> 4.0s (I/O-bound buffering, no TUI overhead)

Large files don’t need better editors.
They need better workflows.

For huge files, the right solution is not tuning nvi,
but using the right tools:
shell for inspection, ed for known changes,
and nvi when interactive rewriting is actually needed.

PS:
nvi chooses predictability over perceived speed.
The slowdown is not a flaw — it’s the cost of correctness
within a screen-editor model.

#vim #vi #ed #unix #linux #sysadmin

3 days left to get your talk added to North America's biggest *BSD conference @bsdcan ! Join your friends in Canada to discuss the state of the *BSDs. Previous talks have included utilities you can't live without, new ways using familiar tools, and *BSD-powered refrigerators!

https://www.bsdcan.org/2026/papers.html#main

#runbsd #netbsd #freebsd #openbsd #dragonflybsd #sysadmin

Do you want to come to #ottawa and tell a bunch of #BSD geeks about what you enjoy doing?

Submit to BSDCan 2026!

Our submissions deadline is January 17, 2026, see https://www.bsdcan.org/2026/papers.html

Tutorials: June 17-18, 2026
Conference: June 19-20, 2026

More about the BSD conferences: https://nxdomain.no/~peter/what_is_bsd_come_to_a_conference_to_find_out.html

#freebsd #netbsd #openbsd #conference #development #sysadmin

Linux tip: `ionice -c 3 command` runs a command with idle I/O priority. It only gets disk access when no other processes need it. Perfect for backups or maintenance tasks. #Linux #SystemAdministration #SysAdmin #Performance

Linux tip: `sysctl vm.drop_caches=3` clears page cache, dentries, and inodes from memory. Useful for testing cold cache performance, but never use in production scripts. Only for debugging! #Linux @#SystemAdministration #SysAdmin

New blog post: GeoIP-Aware Firewalling with PF on FreeBSD

Running a mail server means constant brute-force attempts. My solution: geographic filtering. SMTP stays open for global mail delivery, but client ports (IMAP, Submission, webmail) are restricted to Central European IP ranges only.

Result: ~90% reduction in attack logs, cleaner signal-to-noise ratio, smaller attack surface.

Using MaxMind GeoLite2 + PF tables with ~273k CIDR blocks.

https://blog.hofstede.it/geoip-aware-firewalling-with-pf-on-freebsd/

#FreeBSD #InfoSec #SysAdmin #pf #DevOps

Linux tip: `pidof process_name` returns process IDs by name. Unlike `pgrep`, it matches only the command name, not arguments. Use in scripts where you need exact process name matching. #Linux #SystemAdministration #SysAdmin

A new tool to follow the changes of your config files, even if they live outside of /etc. Etckeeper is nice but is restricted to /etc.

Thanks @kepon!

https://framagit.org/kepon/sysgit

#etckeeper #linux #sysadmin

5 days left to get your @bsdcan talk submitted! Join your friends in Canada to discuss the state of the *BSDs. See talks by leaders of our industry, parents of the Internet, and that person you've been seeing on mailing lists for years!:

https://www.bsdcan.org/2026/papers.html#main

#runbsd #netbsd #freebsd #openbsd #dragonflybsd #sysadmin

Linux tip: `strace -e trace=file program` traces only file-related system calls. Add `-o output.txt` to save results. Reveals which config files, libraries, or data files your program actually accesses. #Linux #SystemAdministration #SysAdmin

Linux tip: `systemd-analyze blame` shows which services slow down boot time. Use `systemd-analyze critical-chain` to see the dependency chain causing delays. Optimize the real bottlenecks. #Linux #SystemAdministration #SysAdmin

#sysAdmin

Travail d'aujourd'hui : récupérer une VM ArchLinux qui n'a pas été mise à jour depuis longtemps. Google est gentil et me donne plein d'idées (en général à base de 'rm -rf /quelque/chose').

🥊 VirtualBox vs KVM : Le match s'arrête ici !
Marre du message "Un autre hyperviseur est déjà installé" ? 🤯 Sur Linux, ils se battent pour votre processeur !

J'ai créé un petit script de bascule pour passer de l'un à l'autre en 1 seconde sans rien désinstaller 🚀

📖 La solution ici : https://wiki.blablalinux.be/fr/conflit-hyperviseurs-kvm-virtualbox-linux

#Linux #VirtualBox #KVM #BlablaLinux #SysAdmin #OpenSource

📖 Le tuto Wiki : https://wiki.blablalinux.be/fr/installation-virtualbox-debian-13-trixie

💻 Le script (GitHub/Gitea) : https://github.com/anyblabla/virtualbox

#Linux #Debian13 #VirtualBox #OpenSource #BlablaLinux #SysAdmin

C’est open-source, c’est efficace, et ça laisse plus de temps pour boire un café ☕️

#BlablaLinux #Python #WikiJS #Automation #Linux #GeekStuff #SysAdmin

This weekend I am pouring one out for the category I have come to call the *side project graveyard* lol

We all have that folder of half-finished apps, abandoned blogs and partial scripts. I say don't feel bad about them. Instead of calling them failures, I call them practice runs 😊

You learned something in every repo you abandoned. Maybe this weekend is the time to resurrect one? Or maybe just start a new one. Creativity is a muscle, keep flexing it. 💪🎨

#programming #weekend #creative #sideproject #infosec #python #indiedev #linux #sysadmin

Prêt à mettre à jour ton serveur ou ton vieux laptop reconditionné ? Fonce !

👉 https://www.debian.org/News/2026/20260110

#Debian #Linux #Trixie #OpenSource #SysAdmin #BlablaLinux #MiseAJour

I released Enroll 0.4.0 today! See the full changelog at https://git.mig5.net/mig5/enroll/releases/tag/0.4.0

Among the changes is this big new feature: --enforce for 'enroll diff'! Here's a video of it https://asciinema.org/a/767081

If a diff exists and `ansible-playbook` is available on the PATH, using this flag will make Enroll manifest the older harvest and apply it with #Ansible, thereby restoring files/packages/services/users as they were in the older harvest.

It’s like ‘puppet agent’ with puppetmaster!

For safety reasons, it won’t *downgrade* packages or delete *new* stuff detected from the newer harvest.

Even if you are already managing your servers with Ansible, ‘enroll harvest’ and ‘enroll diff’ add a powerful drift/compliance engine in their own right. And it’s all open source.

See more at https://enroll.sh

#sysadmin #devops

🛠️ Travaux de nuit terminés chez Blabla Linux !

On ne chôme pas ce soir : petite cure de jouvence pour nos services préférés 🚀

Au programme des mises à jour :

PasswordPusher (PWPush) 🔐
SnowShare ❄️
DrawIO 📐
Wiki.js 📚

Tout est à jour, stable et prêt à l'emploi. Parce qu'un sysadmin qui dort, c'est un sysadmin qui a tout mis à jour ! 😎

#BlablaLinux #SysAdmin #OpenSource #Debian #Proxmox #Lxc #Docker #MiseAJour

Alt...

Capture qui montrer montrer l'onglet "Recherche" du cluster Proxmox Blabla Linux.

No one tells you just how much work goes into a small YouTube channel. For me, Terminal Tilt is a labor of love, but it is a massive undertaking:

Research and Writing: This is the largest portion. Not just diving into topics, but finding ones truly worth your time.

Filming and Privacy: I have chosen a "headless" approach (screen-only). It respects my privacy and helps me manage the workload, but it still requires a lot of setup.

Voiceovers: This is the hardest part for me. Managing social anxiety while recording is a constant hurdle, but it is one I am getting better at with every video.

Editing: I am currently spending 8–12 hours per video (since last video). As I learn more techniques, the complexity grows, but so does the quality.

The small Stuff: Learning GIMP for thumbnails and managing promotion. Those little things really do add up.

I am disabled and currently navigating the long road to SSDI approval. My goal is to grow Terminal Tilt into something sustainable, a way to support myself while advocating for ethical, #NoAI, and #deGoogled technology. I am taking this seriously and I am having a lot of fun building this.

If you value independent, human-made tech content, there are a few ways to help keep the terminal open:

▶️ Subscribe on YouTube: https://www.youtube.com/@TerminalTilt

🧡 Patreon: https://www.patreon.com/cw/TerminalTilt

☕ Ko-Fi: https://ko-fi.com/terminaltilt

Thank you all for the follows, the boosts, and the support. It means the world to have your backing as I build an independent channel focused on what actually works, not just what's trending.

#TerminalTilt #Linux #GNUlinux #OpenSource #FOSS #FLOSS #Tech #Privacy #CyberSecurity #DigitalPrivacy #Debian #CommandLine #CLI #Terminal #Bash #FishShell #Dotfiles #Debian #Trixie #QueerTech #TransInTech #DisabledInTech #Accessibility #NoAI #HumanMade #DeGoogle #EthicalTech #Autonomy #SysAdmin #SelfHosted #HomeLab #Queer #LGBTQIA #LGBT #YouTube #ContentCreator #SmallStreamer #LinuxUser #IndieCreator #SupportIndependent #Mullvad #MutualAid #DisabilityMutualAid #QueerMutualAid

Something to be proud and scared about:

```
LAST BOOTED: Fri Feb 09 06:01:30 2018 (8 years and 7 months)
```

#SysAdmin

You don't even need a Linux computer to take part in my course "Basic Linux System Administration" that'll start next week. You can use Pubmox, our community lab infrastructure, to spin up as many Linux boxes as you need. It's only one of the many perks of being a TSR member.

And with the discount code "NY2026", you can save 50% **for the lifetime of your membership**. This sale ends tomorrow, so don't miss out!

https://monospacementor.com/courses/linsys-1/

#Linux #SysAdmin #SystemAdministration

A few days ago, a client’s data center (well, actually a server room) "vanished" overnight. My monitoring showed that all devices were unreachable. Not even the ISP routers responded, so I assumed a sudden connectivity drop. The strange part? Not even via 4G.

I then suspected a power failure, but the UPS should have sent an alert.

The office was closed for the holidays, but I contacted the IT manager anyway. He was home sick with a serious family issue, but he got moving.

To make a long story short: the company deals in gold and precious metals. They have an underground bunker with two-meter thick walls. They were targeted by a professional gang. They used a tactic seen in similar hits: they identify the main power line, tamper with it at night, and send a massive voltage spike through it.

The goal is to fry all alarm and surveillance systems. Even if battery-backed, they rarely survive a surge like that. Thieves count on the fact that during holidays, owners are away and fried systems can't send alerts. Monitoring companies often have reduced staff and might not notice the "silence" immediately.

That is exactly what happened here. But there is a "but": they didn't account for my Uptime Kuma instance monitoring their MikroTik router, installed just weeks ago. Since it is an external check, it flagged the lack of response from all IPs without needing an internal alert to be triggered from the inside.

The team rushed to the site and found the mess. Luckily, they found an emergency electrical crew to bypass the damage and restore the cameras and alarms. They swapped the fried server UPS with a spare and everything came back up.

The police warned that the chances of the crew returning the next night to "finish" the job were high, though seeing the systems back online would likely make them move on. They also warned that thieves sometimes break in just to destroy servers to wipe any video evidence.

Nothing happened in the end. But in the meantime, I had to sync all their data off-site (thankfully they have dual 1Gbps FTTH), set up an emergency cluster, and ensure everything was redundant.

Never rely only on internal monitoring. Never.

#IT #SysAdmin #HorrorStories #ITHorrorStories #Monitoring

Linux tip: `iostat -x 1` monitors disk I/O performance every second. Watch the `%util` column - consistently high values indicate I/O bottlenecks. Press Ctrl+C to stop monitoring. #Linux #Performance #SystemAdministration #SysAdmin

Every time I cancel a bloated SaaS subscription and replace it with a lightweight, open-source tool or a 50-line script I wrote myself, I feel my soul heal a little bit.

We over-complicate our workflows because we've been sold the idea that professional means expensive. Usually, it just means vendor lock-in.

Bonus points to you if this means moving away from Big Tech,

#SelfHosted #opensource #foss #programming #sysadmin #linux #selfhost #cybersecurity #digitalIndependence #bigtech

Fresh from the BSDCan program committee - submissions are coming in, but we can still take more!

If you have not made your submission, you have until Saturday, January 17th to get yours in!

Go to https://www.bsdcan.org/2026/papers.html to orient yourself, then submit via the submission link.

BSDCan is in Ottawa, with tutorials June 17-18, 2026, talks June 19-20, 2026

#bsdcan #conference #bsd #unix #development #freebsd #netbsd #openbsd #sysadmin #devops #freesoftware #libresoftware @bsdcan

Linux tip: `ss -s` provides socket statistics summary. Shows TCP/UDP connection counts and states. Much faster than parsing full socket lists when you just need connection metrics. #Linux #SystemAdministration #SysAdmin

----
Passwords shouldn't contain your name or username

The word 'password' is not permitted

Security tip: for added protection, select no if the web browser asks to store your password.
----

Hey, wow, someone in dev heard InfoSec's pleas!

"Password is very strong"

Yes, password is strong like ox

Oh, but sub-address fail

"Invalid format."

Except, oh, wait, yes! Don't have to use default of email address

YES!

Random string for the win!!!

#InfoSec #InfoSecGames #sysadmin #RandomString

Question pour tout mes p'tit⋅es gestionnaires de serveurs : DOCKER c'est un truc à apprendre, un basic, en 2026 ou mieux vaudrait s'en passer quand on peut ?

Le boost est soyeux.

Merci pour vos réponses.

#sysadmin #docker

I can say, however, that I've reunited with an "old friend" who is still in great shape. Before I get dozens of replies about it being insecure: in theory, it is, but it's not accessible from the outside. It's isolated within its own network and is only able to connect and fetch backups for 'extreme disaster recovery' (only at specific times, restricted by specific firewall rules). It served its purpose today, and tomorrow, it might be even more useful.

18:33:01 up 3188 days, 4:47, 1 user, load average: 5.09, 4.73, 4.74

Debian, Btrfs, and zero internal dust.
It's kept in a sterile, extremely protected room.

#IT #SysAdmin #Debian #Linux #Uptime #ServerUptime

Today, I lived through one of those (not only IT) horror stories. It's not over yet, but it’s definitely going to end up in a blog post. It's one of those situations where the 'horror' has already happened or is still going to happen, but this time, I'm the one handling the rescue. I couldn't prevent the disaster itself, but I managed to save the data.
What-a-day!

#IT #SysAdmin #HorrorStories #SaveTheData #OwnYourData

@mwl

Are they saying it's unrecordable because it wouldn't make sense? Or is it unrecordable because they don't know how to "read" it and maybe abbreviate parts of it that are unneeded for the example? That is, provide additional info like transcript of terminal session, command ls -lr, output lists files including mode, link count, size, modified time followed by file name.

Also, I don't use audio books, but it'd seems like it'd be nice to be able to skip those, but I guess the usual skip forward x seconds a few times would work fine.

#sysadmin

🕵️‍♂️ Trop d’anti-IA tue l’aperçu !

En voulant bloquer les robots IA sur Blabla Linux, j’ai accidentellement banni Facebook de mon serveur. Résultat : plus aucune image ni titre lors de mes partages ! 😅❌🖼️

Après un petit passage sous le capot de Nginx Proxy Manager, j'ai corrigé le tir et mis à jour mon Wiki avec un script pour éviter que ça vous arrive. 🛠️🐧

👉 La solution (et le script mis à jour) ici : https://wiki.blablalinux.be/fr/blocage-robots-ia-nginx-proxy-manager#h-7-retours-dexpérience-le-cas-des-réseaux-sociaux-facebook-ogp

#Linux #SysAdmin #NPM #OpenGraph #BlablaLinux

🚀 Personnalisation Fastfetch : le guide Blabla Linux s'agrandit !

Les 5-6 styles classiques restent sur le Wiki. Par contre, tous les nouveaux modèles sont maintenant dispos sur mon #Nextcloud pour plus de flexibilité ! 📂

Accès aux fichiers et au tuto : 👉 https://wiki.blablalinux.be/fr/guide-personnalisation-fastfetch-linux#et-ce-nest-que-le-début

#Linux #SysAdmin #OpenSource #Fastfetch

Multiple narrators have told me that my tech books are unrecordable, and cannot be made into audiobooks.

Pondering doing an "audio companion" where I read chapters but when we get command lines or sample cryptographic output I'd say "And then there's a bunch of e.g. OpenSSL garbage that includes the following information."

Would you #sysadmin audiobook listeners be interested?

Hard disk failure on a sunday .. le sigh!

ZFS to the rescue! 🙂

#linux #zfs #devops #sysadmin #diskfail

Marre des terminaux trop encombrés ? 🔲

J'ai ajouté un petit nouveau à ma collection Fastfetch : le style "The Thin Line". C'est ultra-finaud, ça prend zéro place et c'est parfait pour ceux qui aiment bosser avec des terminaux splittés sans perdre un pixel de visibilité 🌑

La sobriété incarnée pour ton Linux :
👉 https://wiki.blablalinux.be/fr/guide-personnalisation-fastfetch-linux#h-5-style-the-thin-line-minimaliste

#Linux #Fastfetch #Minimalist #Terminal #SysAdmin #BlablaLinux

AI models don’t really 'get' the BSDs. As a result, they often provide incomplete, imprecise, or flat-out wrong answers by defaulting to Linux paradigms. When it comes to illumos-based systems, they just completely lose the plot.

This is becoming a serious issue for the BSDs and illumos ecosystems. We are seeing entire websites flooded with AI-generated tutorials and guides that are totally incorrect. Most people don't realize this; they follow the instructions, fail, and then assume that the BSDs doesn't work well or are 'unstable' because they have supposedly changed since the guide was written.

Luckily, some people eventually find my blog, reach out, and finally understand what's actually going on. Others, unfortunately, end up on major social sites or comments, claiming that these systems are broken.

In 2026, one of our greatest challenges will be teaching people how to vet their sources and filter information.
And I see this as a very, very uphill battle.

#IT #SysAdmin #FreeBSD #NetBSD #OpenBSD #illumos #News #UnderstandingText #Disinformation

I’ve been losing my mind for almost 4 hours, and I feel like an idiot.

At first I couldn't understand why the TLS handshake was always taking more than 300 milliseconds. I thought it was a local or server-side issue. Only after about an hour did I test google.com and saw the exact same behavior.

That's when I realized that with my other WAN connection, the timing drops significantly.

So I started going crazy over my MikroTik configuration, convinced it had to be something related to multi-WAN. I even briefly asked an AI (I know, I know...), which said the problem was probably my neighbor, who had eaten too much pizza.

At that point, I kept spiraling.

Then it hit me that the Vodafone Station has its built-in Wi-Fi disabled, since I manage the network behind it. I could enable it and bypass the MikroTik. I enabled it and ran a direct test.

Bingo. Same problem.

So the issue is upstream. I suspect it’s "Vodafone Rete Sicura", some awful thing I never wanted and that probably does some kind of traffic inspection.

I really can't wait for FTTH to arrive so I can finally get rid of this stuff.

#IT #SysAdmin #Networking

RE: https://mastodon.bsd.cafe/@stefano/115821114259854559

To be honest, it was extremely easy:

can01:# zfs snapshot -r zroot/bastille@toUSA
can01:# zfs send -vR zroot/bastille@toUSA|ssh root@IP "zfs receive -F zroot/bastille"

...done!

#FreeBSD #RunBSD #ZFS #SysAdmin #IT #BastilleBSD

Stefano Marinelli » 🌐 2026-01-01
@stefano@mastodon.bsd.cafe

Ahah we have another media.bsd.cafe (and my blog)'s endpoint, in San Jose, CA - USA

The Racknerd black friday offer (10 dollars per year) was too interesting to skip 😆

#BSDCafe

One tool that could replace your usage of `df`, `mount`, `fdisk -l` and more:

https://www.grulic.org.ar/~mdione/glob/posts/printing-and-identifying-disks/

#SysAdmin

Example wrapper I’m using:

#!/bin/sh
#
# safeedit — RCS-backed safe editing with nvi
#
set -e
if [ $# -ne 1 ]; then
    echo "usage: safeedit <file>" >&2
    exit 1
fi
FILE="$1"
if [ ! -f "$FILE" ]; then
    echo "safeedit: file not found: $FILE" >&2
    exit 1
fi
DIR=$(dirname "$FILE")
BASE=$(basename "$FILE")
RCS_DIR="$DIR/RCS"
RCS_FILE="$RCS_DIR/$BASE,v"
mkdir -p "$RCS_DIR"
chmod 700 "$RCS_DIR"
if [ ! -f "$RCS_FILE" ]; then
    ci -l "$FILE"
else
    ci -u "$FILE" || true
    co -l "$FILE"
fi
exec nvi "$FILE"

Original post by https://io.mwl.io/@mwl/115814245521209100

#nvi #RCS #Unix #SysAdmin #ConfigManagement

Questions about #certificates:

* can trust stores (TSs) contain non-root certificates?
* can TSs contain self signed certificates?
* if a certificate in a TS has expired, does validation pass?
* I guess not, otherwise CA roots would not expire.
* most importantly: how does the TLS layer match a cert in the TS from the chain offered by the service?

#PKI #openssl #TLS #SysAdmin

Here is the CPU usage graph for the last 24 hours of the FediMeteo VM. A full 24 hours, during which a huge number of people are connecting, helped by the traction gained from being among the top stories on Hacker News and Lobsters, as well as the many shares across the Fediverse.

RAM usage? Active, around 450 MB. Then there is cache, ARC, and so on. But in practice, zero swap in use after days of uptime.

39 jails running, 39 snac instances, nginx serving the homepage, and HAProxy. HAProxy caching enabled. ZFS snapshots every 15 minutes, backups via zfs send and receive every hour. The same hourly schedule applies to the recalculation of cities, countries, and followers for the homepage.

All of this on a 4 euro per month FreeBSD VM.

If anyone has doubts about the quality and efficiency of FreeBSD, this is the data to show.

#FediMeteo #FreeBSD #RunBSD #IT #SysAdmin

Alt...

Time series graph showing CPU usage percentage over roughly 24 hours. The x axis represents time from about 13:00 to 12:00 the next day, and the y axis shows CPU usage from 0 to 100 percent. CPU usage fluctuates mostly between 15 and 35 percent, with periodic rises during daytime and early morning hours. Several short spikes reach around 45 to 55 percent, and one brief peak climbs to about 60 percent. Usage drops to lower levels, around 10 to 20 percent, during late evening and early morning periods. Overall, the graph shows moderate, variable CPU load with occasional sharp peaks.

New blog post: Managing FreeBSD Jails with Ansible.

I wrote jailexec - an Ansible connection plugin that lets you manage FreeBSD jails without running SSH inside each one. It connects to the jail host via SSH and uses jexec to run commands, just like you would manually.

Features:
• Single Python file, easy install
• Supports doas and sudo
• Secure two-stage file transfers
• Works with any jail manager

Blog: https://blog.hofstede.it/managing-freebsd-jails-with-ansible-the-jailexec-connection-plugin/

Code: https://github.com/chofstede/ansible_jailexec

#FreeBSD #Ansible #DevOps #SysAdmin #Jails #Automation

Le Wiki Blabla Linux s'agrandit ! 🐧✨

Besoin de pimper ton boot ou de booster tes VMs ? J'ai ce qu'il te faut :

🎨 Boot Stylé : Installe un splash screen sur Debian avec Plymouth.
👉 https://wiki.blablalinux.be/fr/installation-configuration-splash-screen-plymouth-debian

🚀 VM Turbo : Partage tes dossiers hôte ↔ VM comme un chef avec Virtio-fs.
👉 https://wiki.blablalinux.be/fr/partage-repertoire-virt-manager-virtiofs

C'est libre, c'est frais, et ça se partage sans modération ! 🍷

#Linux #Debian #SysAdmin #Virtmanager #Plymouth

Friends, at the end of a horrible year, please let's talk about something *nice*.

My EUR 0.02: You Have Installed OpenBSD. Now For The Daily Tasks. https://nxdomain.no/~peter/openbsd_installed_now_for_the_daily_tasks.html (tracked https://bsdly.blogspot.com/2024/09/you-have-installed-openbsd-now-for.html)

Bonus track: Yes, The Book of PF, 4th Edition Is Coming Soon https://nxdomain.no/~peter/yes_the_book_of_pf_4th_ed_is_coming.html (tracked https://bsdly.blogspot.com/2025/07/yes-book-of-pf-4th-edition-is-coming.html)

#freesoftware #openbsd #freebsd #bookofpf #networking #security #deveops #development #sysadmin @nostarch

I'm over 45 years old, live near #Tours in France, a dad of 2 kids, one with #FOXP1 syndrome.
I'm thirsty for knowledge, passionate about science and technology in all disciplines.
I try to take photos 🤣.
Aware that infinite growth isn't compatible with a finite world.
First contact with computing in the 80s: Logo on TO7…
I've been working as a #sysadmin #Linux, #Debian for over 20 years 👴.
#introduction

J’ai 45 ans passés, je suis papa de 2 enfants, dont un #FOXP1 en #Touraine.
Je suis assoiffé de connaissances, passionné de sciences et techniques, dans toutes les disciplines.
J’essaie de faire des photos 🤣.
Conscient que la croissance infinie n’est pas compatible avec un monde fini.
Premier contact avec l’informatique dans les années 80 : Logo sur TO7…
Je travaille comme #sysadmin #Linux, #Debian depuis plus de 20 ans 👴.
#introduction #introductionfr

Opération "Disque Dur qui Respire" 🌬️

Vous pensiez que la maintenance Mastodon sous Docker était une légende urbaine ? Détrompez-vous ! 😉

J'ai passé un coup de balai numérique et les captures parlent d'elles-mêmes. On ne parle pas de quelques MiB, mais d'un vrai soulagement pour le serveur ! 🧹💻

La preuve en images et le tuto complet ici : 👉 https://wiki.blablalinux.be/fr/maintenance-mastodon-docker#h-5-captures

#Mastodon #Docker #SysAdmin #SelfHosted #BlablaLinux

I need RHEL+Podman for something. But I also really really like ZFS, that I use on my #FreeBSD systems ...

RHEL 9.7 on a ZFS root 😀

Note: This is ENTIRELY unsupported and shouldn't be done in a production environment (seriously!) 🤡 😆

#linux #rhel #redhat #zfs #openzfs #unsupported #sysadmin

Alt...

Screenshot showing neofetch and a RHEL 9.7 system, that is running on a ZFS root

I Almost Died for a Full Sentry Database

A tale of bad logging practices, overengineering, and a near-death experience.

https://it-notes.dragas.net/2024/12/28/i-almost-died-for-a-full-sentry-database/

(Repost, one year later)

#ITNotes #IT #SysAdmin #HorrorStories #Sentry #CloudComputing #Cloud #Repost

Linux tip: `rsync -avz --progress source/ user@host:/destination/` syncs files via SSH with progress display. The `-a` preserves permissions, `-v` is verbose, `-z` compresses during transfer. #Linux #SystemAdministration #SysAdmin

@scy yeah, a typical issue when defining alerts, they only look at relative numbers and not absolute. You have to always use a mix of both.

#monitoring #SysAdmin #HomeLab

Running FreeBSD 15 VM-Image on Proxmox? You might have noticed your cloud-init static IPs are being ignored. 😓

The issue: Proxmox generates legacy cloud-init "v1" configs, but FreeBSD's new nuageinit tool only understands the modern "v2" format. The result is a silent fallback to DHCP (or no IP at all..).

I wrote a shell script to bridge the gap. It runs on the host and generates a custom ISO with the v2 syntax FreeBSD actually expects.

Read the full breakdown and grab the script:

https://blog.hofstede.it/freebsd-15-cloud-init-on-proxmox-working-around-nuageinits-network-config-gap/

#FreeBSD #Proxmox #SysAdmin #CloudInit #Virtualization

FreeBSD shorts:

Did you know "ps" can natively display Jail information?

Use the -o flag to customize your columns.

Example (shows Jail ID, Name, PID, User, and resources):

# ps -aux -o jid,jail,pid,%cpu,%mem,command

#freebsd #sysadmin #devops #jails

Alt...

Console output of "ps -aux -o jid,jail,pid,%cpu,%mem,command", showing Jail information in the process-list alongside other standard fields.

Little bonus:

Want to see ONLY Jail processes, sorted by CPU%?

This command filters out the host system (JID 0) and sorts the rest by Jail ID and CPU usage:

ps -ax -o jid,jail,pid,user,%cpu,%mem,command | awk 'NR==1 {print; next} $1!=0 {print | "sort -k1n -k5rn"}'

#freebsd #sysadmin #devops #jails #commandline

Haack's Networking - Authoritative DNS w/ Bind9

- root zone and base server cluster
- name server registration; glue records
- full CLI-driven zones/records
- full Webmin-driven zones/records
- DNSSEC howto for CLI & Webmin

Wiki Tutorial: https://wiki.haacksnetworking.org/doku.php?id=computing:bind9dns

You can add zones/domains & create A, AAAA, SPF, DMARC, DKIM, SRV, CNAME, and/or any DNS record you want; it's self-hosting heaven ;O

#gnulinux #freesoftware #sysadmin #live #debian #peertube #bind9 #dns #opensource #selfhost

Alt...

screenshot of the webmin bind9 dns website panel for a public-facing bind9 cli + webmin dual tri-node authoritative DNS server covered in the tutorial

Haack's Networking - Informal Hacking Sessions #03

Today's agenda includes:

1) Writing the bind9 authoritative tutorial
2) Monitoring the rebuilt rsnapshot nodes
3) Editing and adding to the hard drive vitals post

https://content.haacksnetworking.org/w/byjvKm4LXLLn7q4ngYaG8f

#gnulinux #freesoftware #sysadmin #live #debian #peertube #bind9 #dns

Alt...

nuclear explosion in yellow, orange, and black tones ...

Haack's Networking - Informal Hacking Session #03

1) Today's agenda is rsnapshot script/stack migration from backup 8700 machine to 7920, i.e., to backup the backup.

2) Write the article for the bind9 authoritative DNS server.

3) If time and/or stamina permits, we will work on this month's timbre post where I cover my month's listening history.

Live Steam w/ Chat: https://content.haacksnetworking.org/w/byjvKm4LXLLn7q4ngYaG8f

#livestream #live #gnulinux #sysadmin #floss #freesoftware #rsync #rsnapshot #shellscripts

Alt...

Haack's Networking logo, which is two hs side by side

It will take a while but I will write up my tri-node authoritative DNS server tutorial today. I decided to do everything via the CLI but/and, I used Webmin as well for easy post-configuration record creation. DNSSEC is also covered. SOON. #gnulinux #sysadmin #floss #freesoftware #opensource

🚀 Marre des erreurs "Message manipulated" ou "400 Bad Request" sur vos instances Debian Trixie et Ubuntu 24.04 ? 🐧

J'ai mis à jour le wiki avec une configuration optimisée d'APT-Cacher NG pour stabiliser votre parc Proxmox et booster vos mises à jour ! ⚡️

👉 Lire le guide : https://wiki.blablalinux.be/fr/optimisation-apt-cacher-ng-debian-ubuntu

#Linux #Debian #Ubuntu #SelfHosted #SysAdmin #OpenSource

New blog post: Interactive System Troubleshooting with AI using linux-mcp-server

Instead of copy-pasting command output into AI chats, your AI assistant can now directly query your Linux systems - checking services, logs, network ports, and resources in real-time.

The post includes a live demo diagnosing a RHEL 10 server running an Omada controller.

https://blog.hofstede.it/interactive-system-troubleshooting-with-ai-the-linux-mcp-server/

#Linux #AI #MCP #RHEL #Fedora #SysAdmin #OpenSource

RE: https://mastodon.social/@jessie/115774314854244968

I notice that the British Library is also hiring a #Linux Server Specialist (#RedHat), UK only, to recover from their 2023 cyber attack.

https://ce0752li.webitrent.com/ce0752li_webrecruitment/wrd/run/etrec179gf.open?WVID=5071482BMD&LANG=USA&VACANCY_ID=8062619t4R

This posting is up in Boston Spa; that's not that Boston, not /that/ Boston, keep going.... yep that one.

It's interesting to see them trying to hiring #opsec and #sysadmin skills to try and harden their systems. Wonder if it will work.

tk 🍜 boosted

Jess Rose » 🌐 2025-12-24
@jessie@mastodon.social

Early Christmas present from me if you're reading this and you're a:

- Senior web developer
- In London
- Really into books and libraries
- Looking for work rn

I am excited to inform you that the British Library is hiring a new head of web development

https://ce0752li.webitrent.com/ce0752li_webrecruitment/wrd/run/etrec179gf.open?WVID=5071482BMD&LANG=USA

🕵️‍♂️ "Cacher n'est pas effacer !"
Vous pensez qu'un simple rectangle noir protège vos secrets dans un PDF ? ❌ Grosse erreur !

Je vous montre comment un petit script Python de quelques lignes peut lire à travers vos masquages OnlyOffice ou LibreOffice comme s'ils n'existaient pas. La sécurité, ce n'est pas du coloriage ! 🎨💻

Apprenez à vraiment protéger vos données sensibles sur le Wiki : 👉 https://wiki.blablalinux.be/fr/securite-pdf-reveler-texte-masque-python

#BlablaLinux #Sécurité #PDF #Python #Debian #OpenSource #SysAdmin

👉 Retrouve les configurations pour mes 15 services (WordPress, Mastodon, Gitea...) ici : 🔗 https://wiki.blablalinux.be/fr/gestion-centralisee-robots-txt-nginx-proxy-manager

C'est cadeau, c'est du partage, et c'est sur le Wiki ! 🐧🚀

#BlablaLinux #SysAdmin #SelfHosted #NPM #RobotsTxt #OpenSource #LogicielLibre

Tonight's wild to-do list:

1. Wrap presents and write Christmas cards.
2. Test/Implement High-Availability IMAP for my emails
3. Document and configure said HA capability in an ansible role.

I surely am a party machine!

#dovecot #homelab #sysadmin #imap #ansible #configmanagement

It’s day 2 of my Christmas vacation and I’ve cleaned the garage, rotated my S/MIME certs, and rewrote some of my sieve filters and hacks bash scripts as milters using pymilter, which has sped up my SMTP transaction by a factor of 10 🎉 #sysadmin #selfhosted #email

Clearly, I wasn’t built for sitting still.

🔹 A tour of my personal #Proxmox setup (hardware & config).
🔹 How to set up efficient monitoring with #VictoriaMetrics.
🔹 Real-time stress testing (let’s see if we can break it live!).
Whether you run a #Raspberry Pi or a full rack in your basement, come hang out and get some inspiration for your winter projects.
📅 When: December 30th at 10am PT | 6pm GMT | 7pm CET

🔗 Live on our YouTube Channel
https://youtube.com/live/rsSHcONUfGU
#Homelab #DevOps #Proxmox #VictoriaMetrics #SysAdmin #HolidayProjects

Pimp my Mastodon ! 🎨🐧

Le bleu par défaut, c'est sympa, mais aux couleurs de Blabla Linux, c'est mieux ! J'ai sorti le pinceau (et surtout le CSS) pour harmoniser mon instance avec le blog et le wiki 🖌️

Envie de faire pareil sur la vôtre ? Je vous ai mâché le travail (avec code, capture et GIF à l'appui) sur le Wiki :

👉 https://wiki.blablalinux.be/fr/personnaliser-css-mastodon

On se retrouve là-bas pour voir la vie en Vert & Orange ! 🚀

#Mastodon #CSS #SelfHosted #Linux #OpenSource #BlablaLinux #SysAdmin

A short while ago I was explaining to a client the reason why his website has seen a very significant increase in load over the past few weeks. On many of the servers I manage, I see connections coming from residential users, yes, but mainly from unscrupulous AI scrapers that do not care about overloading everything. Someone on their side replied to me: "Wouldn’t moving everything to the cloud solve the problem? I mean... autoscaling!"

That sparked a somewhat "conspiratorial" thought. Some colleagues have told me that, with the recent surge in AI bot traffic, their costs have skyrocketed. Given how much money is being spent, and not earned, on AI, are we really sure this is not, in some way, planned or at least welcomed as a way to increase costs for end users of cloud services and funnel them into AI budgets?

#SysAdmin #IT

Quand ton cerveau d'admin système passe en mode "Automatisation totale"… ✨

J'ai tellement de campagnes planifiées pour 2026 qu'on dirait que j'ai installé un module de prédiction du futur sur mon Proxmox ! 🔮

Le Wiki Blabla Linux va chauffer, vous n'êtes pas prêts ! 🚀

#Listmonk #Organisation #SelfHosted #SysAdmin #BlablaLinux

📡 Besoin d'un Proxy ?

Fini de fouiller dans les menus de Gnome ! J'ai publié le guide complet pour installer Squid sur Debian.

Le bonus Blabla Linux : mes alias magiques pour activer/désactiver le proxy en une seconde dans le terminal ! ✨

📖 À lire ici : https://wiki.blablalinux.be/fr/installation-configuration-proxy-squid-debian

#Linux #Debian #Squid #Proxy #Gnome #SysAdmin

Depuis ce matin 6h15...
Avec de bonnes grosses interruptions ou ça ne répondait pas du tout ...

#sysadmin #fail

Alt...

Capture du site de la poste indiquant une panne générale

A lifetime of backups

https://ludovic.hirlimann.net/2025/08/a-lifetime-of-backups.html

#backup #sysadmin

You are an experienced Dev(Sec)Ops. How well do you know Kubernetes?

#devops #devsecop #infosec #it #ops #sysadmin

Grew up in the 60s & 70s and that's my feeble excuse for the uncontrollable tittering at my Nextcloud's daily status check - I just can't help myself... 😁

Security & setup warnings:

High-performance backend

No High-performance backend configured - Running Nextcloud Talk without the High-performance backend only scales for very small calls (max. 2-3 participants). Please set up the High-performance backend to ensure calls with multiple participants work seamlessly.

#nextCloud #sysAdmin

#til

* `rsync --archive` doea not include `--hard-links`. #SysAdmin

The federated feed is great, but I want to follow more experts who are deep in the weeds.

Tag a Mastodon account that posts high-quality content about:

• Reverse Engineering
• Vintage Computing
• Network Security
• Accessibility / UX
• Privacy
• Enshittification
• Art
• Photography

Who is your favorite "must-follow" account that deserves more eyes?

#weekend #followfriday #feditips #askfedi #linux #sysadmin #mastodon #vintage #infosec #enshittification #art #photography #writing #design #ux

thank you for the useful error message, tt-rss! #sysadmin

"Exception while creating PDO object:SQLSTATE[08006] [7] connection to server at "127.0.0.1", port 3306 failed: received invalid response to SSL negotiation: Z"

🚀 Le secret des mails bien sapés !
Tu t'es déjà demandé comment personnaliser l'aperçu de tes newsletters sans polluer ton design ? 📧✨

Je viens de publier un nouveau guide sur le Wiki pour dompter le preheader invisible dans Listmonk ! Tes campagnes vont enfin avoir de la gueule dans la boîte de réception de tes abonnés 🐧🛠️

Le tuto complet avec l'astuce du nettoyage visuel : 👉 https://wiki.blablalinux.be/fr/listmonk-optimisation-preheader

#BlablaLinux #Listmonk #Mailing #Newsletter #SelfHosted #SysAdmin #EmailMarketing

Have you worked with tags on your jails yet?

One nice benefit of using tags is that you can also TARGET by tag name, meaning you can group like systems and maintain those separate from others.

`bastille tags help`

Usage:
bastille tags TARGET [add|delete] tag1,tag2
bastille tags TARGET list [TAG]

#FreeBSD #BastilleBSD #SysAdmin #DevOps

Comparing devices at the office this afternoon.

#IT #SysAdmin #Networking #MikroTik #FreeBSD

Alt...

A small office desk with two MikroTik networking devices being compared. A white MikroTik Chateau 5G router with two external antennas sits at the back, while a smaller dark gray MikroTik hAP ax lite LTE6 stands in front of it, connected by a cable. Both devices use two different sims of the same mobile provider. In the background, a gray stand with a FreeBSD sticker is visible next to a wall radiator.

The SATADOM in my FreeNAS mini XL died. If I need to replace that, I might as well investigate alternate BSD-based NAS software.

I know a few folks tried to build #FreeBSD-based successors to #freenas Did any of them get traction? #sysadmin

🤖 STOP aux bots d'IA qui scrapent vos données ! ✋

Au lieu de se battre avec des dizaines de robots.txt (Hello WordPress & Gitea), on passe à l'offensive centralisée. 🛡️

On bloque les GPTBot, ClaudeBot, et autres directement à la porte, au niveau de notre cher NGINX Proxy Manager !

C'est plus propre, plus efficace, et ça fait plaisir à notre CPU. 😉

👉 La méthode complète, avec le fichier .conf à créer : https://wiki.blablalinux.be/fr/blocage-robots-ia-nginx-proxy-manager

#nginx #sysadmin #npm #ia #ai #robots #crawlers

🚨 Astuce #SysAdmin ! 🚨

Optimisez vos animations web : apprenez à convertir vos GIFs en MP4 légers et performants avec FFmpeg ! Un guide essentiel pour tout administrateur système sous Linux.

Le contrôle du CRF expliqué pour un équilibre parfait entre qualité et taille.

👉 https://wiki.blablalinux.be/fr/optimisation-gif-mp4-ffmpeg-linux

#Linux #FFmpeg #Optimisation #DevOps #AdminSys #TechTip #LogicielLibre

• donner la carte graphique à un conteneur pour faire du offload pour #jellyfin.

• donner un dongle usb #zigbee à un conteneur pour créer mon serveur #homeassistant (et ne plus dépendre d'un service cloud)

Use setgid on shared directories: `chmod g+s /shared/project`. New files inherit group ownership, preventing permission chaos when multiple users collaborate.

🔗 Learn more in my course: https://monospacementor.com/courses/linsys-1/

#Linux #SystemAdministration #SysAdmin

RE: https://mastodon.bsd.cafe/@82mhz/115722686490910352

In my experience, 95% of the situations I follow could transition to totally open-source solutions without major problems. Some others could do so by implementing a progressive plan.

The limitation is almost always human: people accustomed to working in a certain way for years, and a lack of willingness and commitment to change, even minimal change. If in private sectors, this happens under the "threat" of a drop in productivity. If in public sectors, under the threat of severe inefficiencies.

I saw a local election won (in part) thanks to a promise not to change anything.

Inertia, at times, causes incalculable damage.

#IT #SysAdmin #OpenSource

Stefano Marinelli boosted

Andreas (82MHz) » 🌐 2025-12-15
@82mhz@mastodon.bsd.cafe

My home state of Bavaria is planning to spend 1 billion Euros in the next five years on Microsoft products. One fucking billion Euros!
Meanwhile, the state of Schleswig Holstein has been transitioning to open source software and estimates that it will save them around 15 million Euros a year.

Maybe it's time to move.

https://www.heise.de/en/news/Cloud-Row-in-Bavaria-over-billion-euro-Microsoft-contract-without-tender-11114488.html

https://www.heise.de/en/news/Goodbye-Microsoft-Schleswig-Holstein-relies-on-Open-Source-and-saves-millions-11105459.html

We are approaching the 28th or 29th anniversary of my “Thursday” story. Back in 1996 or 1997, I was head of #IT for the UVA CS department. I was pretty much as amateur then as I am now. But I digress.

I come home and check my answering machine messages. “Hi Paco, it’s Gabe. It’s Thursday and the printers aren’t working. Can you have a look?”

It wasn’t just Thursday. It was Christmas day.

Gabe was the only Jewish faculty member in the department at the time, and he wasn’t going to let a perfectly good Thursday go to waste.

#techsupport #sysadmin #ChristmasDay

I'm looking at the architecture of things like Fedora Silverblue, NixOS, and the Steam Deck.

The concept of an immutable root filesystem with atomic updates seems like the technically correct way to do an OS. No more dependency hell, no more breaking the system with a bad sudo command. But the muscle memory of apt-get install / dnf install is hard to break. Containerizing everything (flatpak/distrobox) feels like a friction point for quick tasks.
For those who daily drive an immutable distro: Was the learning curve worth the stability? Or is it still too much friction for a machine? 🤔

#askfedi #linux #fedora #steam #steamdeck #NixOS #foss #opensource #programming #sysadmin

Wasting bunch of time reducing the public IPv4 usage on AWS for a client to reduce recurring monthly costs (AWS charges by the hour for IPv4s)

There are things AWS doesn’t even support that would help, like giving an RDS instance a public IPv6 without public IPv4. It's dual-stack or die! Please, I don't need any IPv4…

I pray for the day all networking is #IPv6 native and any IPv4 is just gateways for backcompat for laggards…

#networking #sysadmin

✨️ Your Terminal Wrapped, 2025 Edition ✨️
>You typed sudo !! 482 times because you're in charge, but forgetfully.
>You distro-hopped 4 times, proving that the perfect desktop environment is always the next one.
>You spent 26 hours compiling a program from source that was already in your package manager.
>Your top artist was grep. Your most played track was | less.
>You explained to a Windows user that "no, it's not a black screen, it's working" 17 times.
>It's been 3 minutes since you last ran apt update && apt upgrade.
>There are 2 kernel updates waiting for you RIGHT NOW. Good luck with your Wi-Fi driver.

#linux #sysadmin #wrapped #vim #alpine #gnome #kde #manjaro #linuxmint #arch #fedora #debian #ubuntu #terminal

When you try to install a software on FreeBSD, using the official "install.sh" way but it tries to write binaries in /usr/bin instead of /usr/local/bin

#RunBSD #FreeBSD #Linux #Linuxisms #IT #SysAdmin

Alt...

Toy Story meme: Linuxisms, Linuxisms everywhere

Le NGINX qui râle, le Certbot qui tourne... tout est sous contrôle. On corrige, on optimise, on découvre... et on recommence. C'est la vie de l'infra ! 😉

#HomeLabLife #Sysadmin #Linux #NGINX

Goodbye Linux & Podman, hello FreeBSD & Jails!

Just migrated my blog (https://blog.hofstede.it) to a fully native BSD stack (where my Gemini Capsule was already living).

Stack (using Bastille VNET Jails)
- Caddy (Ingress, TLS, Reverse-Proxy)
- Nginx Jail (Internal. Static file serving)
- PF

The Cool Part: A Zero-Trust CI/CD pipeline.

My Forgejo runner deploys via restricted rrsync into an air-gapped "transporter" jail, which nullfs mounts the web root.

Security: Source-IP restricted, no interactive shells, no PTY.

The simplicity of files-on-disk beats container abstraction every time.

#BastilleBSD #SelfHosted #SysAdmin #IPv6 #ZFS #FreeBSD #RunBSD

Filebrowser is open for public registration & more testing on the navidrome/jellyfin instances. Drop-in music/media and and watch it populate!

https://upload.gnulinux.studio
https://upload.gnulinux.media

Create an account & test away. Post issues here as replies or DM me. Main site:

https://gnulinux.studio
https://gnulinux.media

User: pubglug
Pass: musicisawesome
Pass: moviesareawesome

#music #opensource #freesoftware #demo #jellyfin #navidrome #debian #sysadmin

Library gets nuked every Monday at 3am.

Alt...

screenshot of filebrowser project page

Once again (third time!) the very much not professional winging it big time #linux #SysAdmin was baffled for an hour or more, did Timeshift restores and much more before he... RESTARTED THE ×÷×÷×÷×÷ ROUTER!!!

#learning

Here is a small tip: to easily configure your installed FreeBSD, use the `bsdconfig` command as the root user. A lot of FreeBSD users or developers (including some IT/sysadmin folks) don't know this, but you can use `bsdconfig` to set up many system configuration settings, both for new systems and for changing settings on existing systems.

#unix #tips #freebsd #sysadmin

Alt...

A screenshot of bsdconfig(8) command running on my FreeBSD machine.

Demo'ing Navidrome and Jellyfin for our Public GNU/Linux Club:

User: pubglug
Pass: musicisawesome
Pass: moviesareawesome

https://gnulinux.studio [music]
https://gnulinux.media [videos]

#music #opensource #freesoftware #demo #jellyfin #navidrome #debian #sysadmin

Come join the fun: https://matrix.to/#/#introductions:gnulinux.club

Each of these instances has an associated filebrowser instance: https://tech.haacksnetworking.org/2025/12/09/setting-up-a-secure-public-facing-filebrowser-instance/

Making uploading, editing, removing, etc., music easy. DMs to test Filebrowser!

Alt...

cover of brand new day by lime, on navidrome instance

Mise à jour ⚙️ réussie vers Mastodon v4.5.3 !

En tant qu'administrateur système sous Linux, j'apprécie toujours quand la mise à jour se passe sans accroc. Merci Docker de m'épargner le RAILS_ENV=production bundle exec rails assets:precompile ! 😅

🚀 Le Fédivers continue de tourner !

#sysadmin #mastodon #update #linux #docker

The difference between a community-led open source operating system and a corporate-backed open-source OS?

The company wants AI in the system, the company gets AI. #sysadmin

https://fedoramagazine.org/find-out-how-your-fedora-system-really-feels-with-the-linux-mcp-server/

Bonjour tout le monde,

Je suis Build & Release Manager @ Arkane Lyon #gamedev

Je bidouille #devops et #sysadmin
J'héberge et gère plusieurs services dont cette instance #mastodon

Je fais aussi du #speedrun sur plusieurs jeux dont #DEATHLOOP et Super Smash Bros. Melee.

J'aime bien les jeux de société #JdS et jeux de rôle #JdR, surtout #DnD

Enfin, je fais un peu de #broderie, surtout du #pointdecroix

J'ai un blog où je partage tout ça :

https://blog.coukaratcha.fr

#introduction #introductionfr

When you start patching or upgrading an old server with issues... and it suddenly feels like a TV commercial from my childhood.

https://www.youtube.com/watch?v=8Cfo06DvA5M

#IT #SysAdmin

I found this funny. credit https://www.threeboy.com/

#sysadmin #technology #life #jobs

Alt...

A comic strip titled "TrueNuff Heck Support" Jay is IT person and when looking at the coworker monitor, he yells "NO," when asked, "JAY, CAN I INSTALL ...?" Jay walks away from a female coworker who says, "I THINK MY COMPUTER NEEDS ....," to which he replies, "IT DOESN'T." Another coworker shouts, "HEY! WHY'S MY COMPUTER BROKEN AGAIN?" Jay yells back, "BECAUSE YOU DOWNLOAD DUMB SHIT." Later, Jay is relaxing on a couch playing video games. Another person asks him, "HOW WAS WORK?" Jay, holding a bottle, smiles and replies, "AWESOME."

Morning thought: HAProxy’s caching may not be as advanced as other solutions (such as the excellent Varnish), but for some use cases it is fantastic.

#haproxy #Varnish #IT #SysAdmin #Caching

I decided to spin up a secure Filebrowser instance like the Navidrome lead dev suggests, make it public-facing w/ TLS and a reverse proxy, a simple brute force fail2ban jail for it, and an ACL to make sure it plays nice with the navidrome user. Here's the original article and the Filebrowser one:

Navidrome Setup: https://tech.haacksnetworking.org/2025/10/29/setting-up-navidrome/

Filebrowser Setup: https://tech.haacksnetworking.org/2025/12/09/setting-up-a-secure-public-facing-filebrowser-instance/

#floss #freesoftware #opensource #selfhost #navidrome #filebrowser #linux #gnulinux #sysadmin

Alt...

picture of filebrowser open source web-based file browser home page logo and banner

Alt...

FAQ by lead Navidrome dev on what they suggest for managing files on the remote instance; they suggested Filebrowser

Live: https://content.haacksnetworking.org/w/byjvKm4LXLLn7q4ngYaG8f #stream #live #sysadmin #floss #music #navidrome #airsonic #subsonic #subsonicapi #opensource #freesoftware #selfhosted #mailserver #email #postfix #dovecot

I have a strong suspicion that the VM running FediMeteo is being throttled. The network speed is abysmal, and the same goes for I/O.

Tomorrow morning I’ll try moving it to another provider at the same price. Let’s see, I’m really curious to observe what happens.

#FediMeteo #IT #SysAdmin

I have an enforcing #DMARC policy set up on my personal email domain. I use #DMARCAnalyzer for processing aggregate reports from servers that send them. Every week I log in and check to make sure everything's fine, i.e., (a) there isn't a significant uptick of people forging emails from my domain that I should look into (unlikely), and (b) I haven't broken something stupid in my infrastructure and caused my own outbound emails to violate my policy.
#SMTP #emailAdmin #sysAdmin (1/2)

I’ve finally retired the old cron + sh setup for the weather bots. It served us well, but it had a major flaw: if I rebooted the server while it was posting, the job just died halfway. If the server was down during a scheduled slot, the forecast was lost forever.

So, I wrote a custom Python daemon to run inside the FreeBSD Jails.

• It’s stateful now. If a crash happens at city 15 of 50, it resumes exactly there on reboot.

• If the server naps/is rebooting during a scheduled run, the bot realizes it missed a slot and runs immediately upon waking up.

C'est une lecture essentielle pour tout SysAdmin qui veut tirer le maximum de son matériel, même reconditionné ! 😉

➡️ Découvrez le guide complet : https://wiki.blablalinux.be/fr/meilleurs-headers-npm-nginx-securite-gzip

#linux #nginx #proxy #sysadmin #hearders