Blog

As most of the servers running actual software are these days virtual machines, in our case running under KVM, having a serial console accessible from the hypervisor is always a good idea in case troubleshooting is needed without network access.

Apache Web Server users can setup HTTP authentication against LDAP by installing and configuring appropritate module. For NGINX users the life can get more complicated when they need such feature. However, there is an easy solution.

The well-known rclone tool for accessing and synchronizing cloud-based storage can have its configuration encrypted using a symmetric cipher with password-derived key. However some elaborate work is needed to provide a higher protection of the configuration secrets - for example using the YubiKey 5 security token. There is alredy some development under way to streamline such usage.

In 2016 we decided to implement our website in WordPress which was deemed adequate at that time. However the times are a-changing and now we have migrated to our custom publishing pipeline using Racket and Punct.

It took ages, however the replacement of our autonomous system border router (ASBR) is done. In addition we managed to converge our backbone L2 and L3 equipment and finally get a rid of two single points of failure (SPOF) in sequence.