  09:32:00 am  
Ubuntu, FreeBSD

Ubuntu squid with SSL

Link: http://lawrencechen.net/ddclient-aamp-squid

This is an update to the "ddclient & squid" here

Ran into a new problem recently....though the need for SSL in squid on ubuntu is deprecated, by the fact that I'm slowly replacing this server with a FreeBSD server.

As a result, I don't pay attention to this ubuntu server as much as I used to, so I've configured unattended-upgrade. It was installed, but it didn't seem to do anything in that on other servers I'd log in to find that there are lots (40+) of patches available and more than half that are security. Since I came across how to configure it to do more than just security patches, including send me email and on some systems automatically reboot when necessary. (should've thought to see how unattended-upgrade is configured and doing such things in the Ubuntu AMI I have in AWS)

Since I got unattended-upgrade configured on this old server (32-bit Ubuntu Server, which I've heard they have a 12.04LTS download for??? They had said they dropped 32-bit server support, so there was version with 10.04LTS. So I couldn't upgrade and now I'm way past EOL, which is causing problems...probably need to hunt down the landscape and ubuntuone services and nuke them, instead of letting them degrade my server for being EOL.) I've also had to update packages on here from outside sources to keep things running, so guess I should work harder on abandoning this server.... Where it'll likely get reborn as [yet ]a[nother] FreeBSD server....along with the server that I think I have all the parts collected for it, but just need to sit down and put it together. It started as a mostly function pulled 1U server, in need of ... well either new fans or a new case.... I opted for the new case route. It also needed drives and memory. But, as a result of the new case route...aside from case/powersupply...it meant I would need to get heatsinks...since the passive ones based on the 1U case channeling air flow....would be hard to recreate in the tower case I went with. Its a huge tower case, given that its an E-ATX motherboard...yet it isn't a full tower (like the formerly windows machine called TARDIS...someday I'll work its regeneration....need money to buy all the bits and pieces that'll make that up, which I haven't fully worked out what those will be....or where it'll go since my dual 23" widescreen FreeBSD desktop has consumed all of the desk that it would've shared....and not really keen on the idea of a KVM for this situation. :hmm: )

Anyways...every day I get an email from unattended-upgrade for this system.... with:

Unattended upgrade returned: True

Packages that are upgraded:
Packages with upgradable origin but kept back:
 squid squid-cgi 

Package installation log:

Unattended-upgrades log:
Initial blacklisted packages: 
Starting unattended upgrades script
Allowed origins are: ["['Ubuntu', 'heron-security']", "['Ubuntu', 'heron-updates']"]
package 'squid' upgradable but fails to be marked for upgrade (E:Unable to correct problems, you have held broken packages.)
Packages that are upgraded: squid-common
Writing dpkg log to '/var/log/unattended-upgrades/unattended-upgrades-dpkg_2013-07-06_08:05:42.056193.log'
All upgrades installed

This is because of that quirk where even though I rebuilt my version with SSL, and kept it the same version...it wants to install its version to replace mine (of the same version). Which is why I did the hold thing.

I could do the alternative of add a string to make my version advance from current....though I suppose I won't unhold...so that unattended-upgrade won't upgrade should such a thing appear (unlikely since both the OS and squid are ancient...and there'll be no more updates.) But, the intent is to hopefully silence unattended-upgrade in this matter.

Though kind of surprised its still doing something....hmmm, guess there was a new security patch to squid 2.7 back on January 29, 2013....that I've been missing (suppose its already downloaded the update in its 'cache'....or the backend is still there, its just not getting updates beyond what's there....whatever, I think I'm down to one more service to move off....)


  11:29:00 pm  
Hardware, Software, Computer, Networking, Operating Systems, Ubuntu, FreeBSD, CFEngine

The home servers migration got off to a rough start...

My 10.04LTS servers are nearing the end of the line, but the move to get them upgraded is starting to get close....

At first I was waiting for the 12.04.1LTS update to appear, so that I might try upgrading them to Precise. But, then it struck me that it struck me that it might be time to replace one of the servers with new hardware.

The boxes had been servers for many years now, but in 10.04 they dropped support for 32-bit hardware as servers....which means one of my servers, and the more important one...is nearing EOL.

So, back in August....I came across a Shuttle XS36V open box on newegg.com....so I ordered one, along with an 8GB SODIMM memory set (a pair of 4GB)....the computers support a maximum of 4GB, but in my mind I was thinking that if this worked, I might get another to make a pair.

But, then it sat around as I go on to other projects....I had figured on using one of the 120GB SSDs that I had acquired earlier....

Realized what was strange about these boxes was they had serial ports, so I started thinking about network serial and setting these boxes up headless. Since I had done a server at work for serial with FreeBSD, I got to thinking that I would do the same with this. Plus I was really finding to be much more predictable/stable than Ubuntu....something that's good in a server.

I started revising the plans as I went....ended up deciding that I would have one that is default cable and one that is default dsl, and running the usual core...one would be master DNS, and the other one be the primary slave....just as one would be primary DHCP and the other secondary....both would do freeradius. Both would NTP servers. Both would do mail, though zen is my main mail system. They would have both apache and nginx on them...apache to run local web services....and nginx doing reverse proxy to the other web apps on my home network (kind of important since current cable router is a step back with it only supporting 16 port forwards....though I have a replacement that I'll get to setting up some day...)

Then while I was poking around on newegg.com, spotted that there was another open box Shuttle XS36V....so now I had two boxes. I had picked up once Cyclades ACS1 earlier on ebay, so I got a second....a 'new' one for about the same price. Just needed to find time. Perhaps after FreeBSD 9.1 drops.

Well, it dropped....but I still wasn't ready...now I needed some SSD drives for the machines. So, I used the $30 in RewardZone for the new TV I had gotten in September, and picked up a pair for 128GB SanDisk Extremes. And, then I started setting up the ACS1s....hmmm, wonder if I have any serial cables. Okay, I'll buy some of those first.... I end up ordering from TigerDirect, as they have a better price on RJ45 to DB9 adapters....not that I need them for the actual ACS1 to Shuttle XS36v connection...that's just a 9F to 9F null modem cable.

  12:51:00 pm  
Hardware, Computer, Home, Appliances, Storage

Getting dry in my condo, cooler too.

Winter has been weird this year...but there's a winter storm alert finally? Though its the rain and snow kind with ice accumulation and inches of snow type. Just as long as it isn't another icepocalyse of 4 years ago.

Though seems interesting that the computer I bought to replace the one I lost during the icepocalyse, died on Friday. Almost as if it was designed to die after 4 years. Annoyed, because its orac, my backuppc/file server. There's 16 drives on the machine, a total raw storage of 23TB....though only about 11.5 usable TB. And, a whole lot less in TiBs.

I'm hoping its something simple though....was looking at the hardware monitor in the BIOS screen...where it reads out voltages...and the lower voltages are low....though are those from the supply or are those generated on the motherboard? Seemed to me that motherboard generates some of the values, but not sure what I'll do if that's the case.

Also seems odd that it died shortly after I turned on heat Friday morning. Anyways...I had been considering getting a new power supply for orac for other reasons, so I jumped over to Amazon and took the plunge to get a new one by Amazon Prime. I had also been meaning to upgrade the case fan on it orac....I mentioned this before....stock fan is 80mm, but there's holes for a bigger fan. I had/have some extra ones around, so I had tried those...except that my extras are too big...so not 120mm. So, I had looked at 92mm, and I did end up with one, but failed to notice that it wasn't a 3-pin fan. So, maybe I'll add one of those to.

So, cart is adding up...and I'm looking at items I have 'saved for later'....and well, new humidifier is among there. Its pretty expensive....~$88 Its an Essick Air Tower Humidifier, though its about the same price as what my old Essick Air unit...though thinking the tower form would work better with where I've been using the old one, plus the old one's fan has become the issue... Though I guess its only 2 years old. I wish I could find something like the humidifier I had back when I was in Medicine Hat....while it eventually got nasty inside, that thing worked well for years and wasn't that expensive as I recall. And, it was easy to fill too. Since, then...I guess the Essick Air is the first one that I got more than one season out of....two whole ones, in fact (though some debate as to how well near the end.) And, it did a good job too. Plus the tower I'm looking at, uses the same wicks as the old one...so I already have an extra set somewhere.

Though having an extra set of wicks isn't a requirement for what I get...though footprint and output are...and pretty much I think wick types are the only kind I'll consider now. And, brand isn't necessarily a requirement...though past experience with other brands has made me leary of others. Plus there's feature differences. Some do take less space, but only have one tank. But, I'm running this single humidifier to try to humidify my entire condo...so it does have to be big as well... But, have time before I have to complete the order...so reviewing all the results....wouldn't be so painful if amazon's search was so fuzzy. I'm searching for just "humidifier", and its showing me things like cribs, pillows, swaddles, bassinets, dehumidifiers, evaporator coolers, air purifiers, bottle brush, nipple cleaner, heaters, bonsai tree, air conditioners...though the cigar related humidifiers probably aren't out of line, though I don't really think they should be in the department I'm searching under. And, the further out...finding humidifiers becomes less and less likely, but sometimes there'll be one here and there....though I'm sure if they weren't so fuzzy, I wouldn't have 10x the results to wade through....though sometimes the result is way near the end. But, not this time.

Anyways...that's pretty much what should just be in my amazon cart. But, if I add a few more items, I can get 6-month do not pay on my Amazon card....and I've already put off getting the humidifier too long already.

  07:57:00 am  
Hardware, Computer, Storage, Ubuntu

Worked on Orac last night

Back on March 28th, when I last wrote about working on Orac, I mentioned that I looked at the harddrive cage to see about the condition of the fan on there....only to find that there was no fan there.

Reviewing the manual on the Gateway website, I found that the cage is used in more than one model...and that some of those models have fans, while evidently mine did not. Browsing the parts list for some of the other Gateway models that used the same drive cage, I found reference to a 60mm x 10mm fan, which I deduced was probably the fan that I would need to get for this location. I did find that from the Gateway manual for my model, that the motherboard did have a front chassis fan connector.

So, after some thought and checking first amazon.com, it struck me that eBay might be the better place to go. So I found a seller on eBay that explicitly said he shipped by USPS and bought one, and from another seller I got fan screws (a bunch of them, because I've needed them in the past before and I'm sure I'll have need for them in the future....as it was I didn't actually need them this time though.)

Because I had recently built my new backuppc pool (should be posting about that adventure some day), I had been waiting for a moment when Orac was idle again and not busy refilling the pool with full backups of everything....It hadn't gotten any fulls of Zen yet, it didn't detect that Zen had gone away to apply the recent Microsoft patches during its recent attempt, so I had to step in and stop it. So that seemed like a good time to take Orac down.

