More work today on HD
Moderator: Site Moderator
-
- Site Admin
- Posts: 3924
- Joined: Wed Apr 21, 2004 3:00 pm
More work today on HD
Finally set up HD to use Let's Encrypt as our certificate authority. As you can see, HD gets a pretty good score, though not perfect. I'll keep tweaking things to make it as good as possible.
For now, https connections are very secure. I plan to configure the site so that it only accepts https connections. This change should be seamless and invisible to most, assuming your browser is reasonably updated.
More work to come, I'm always looking to improve things.
For now, https connections are very secure. I plan to configure the site so that it only accepts https connections. This change should be seamless and invisible to most, assuming your browser is reasonably updated.
More work to come, I'm always looking to improve things.
If only the best birds sang, the woods would be silent.
- shadylane
- Master of Distillation
- Posts: 10363
- Joined: Sat Oct 27, 2007 11:54 pm
- Location: Hiding In the Boiler room of the Insane asylum
Re: More work today on HD
Thanks UJ
Re: More work today on HD
im impressed
I'm just the bank and the mule
post your still pics here
http://homedistiller.org/forum/viewtopi ... 16&t=66917
post your still pics here
http://homedistiller.org/forum/viewtopi ... 16&t=66917
Re: More work today on HD
+1, not easy to maintain a site with this much traffic.
Re: More work today on HD
Great. I've heard of them. They just passed the 100 million mark. Just curious, why is the cert only good for 3 months? Is this normal and you have to get another one every 90 days?Uncle Jesse wrote:Finally set up HD to use Let's Encrypt as our certificate authority.
-
- Master of Distillation
- Posts: 3387
- Joined: Thu Dec 01, 2016 6:27 pm
- Location: Ontario
Re: More work today on HD
Thanks Dave for the hours you put into the up keep of this site.. greatly appreciated..
Mars
Mars
" I know quite certainly that I myself have no special talent. Curiosity, Obsession and dogged endurance, combined with self-criticism, have brought me to my knowledge and understanding "
– Albert Einstein
– Albert Einstein
-
- Site Admin
- Posts: 3924
- Joined: Wed Apr 21, 2004 3:00 pm
Re: More work today on HD
The certs are free and I assume only last 3 months to make security a top priority.RedwoodHillBilly wrote:Great. I've heard of them. They just passed the 100 million mark. Just curious, why is the cert only good for 3 months? Is this normal and you have to get another one every 90 days?Uncle Jesse wrote:Finally set up HD to use Let's Encrypt as our certificate authority.
I have an automatic cron job which checks the cert every night and replaces it automatically when it's about to expire.
If only the best birds sang, the woods would be silent.
Re: More work today on HD
Good idea, I may have to steal it. I've been using self signed certs for my own server (running on an Asus router that doesn't do routing, may replace with RPi3), but I'm the only one that uses it. Maybe I'll try Let's Encrypt.Uncle Jesse wrote: I have an automatic cron job which checks the cert every night and replaces it automatically when it's about to expire.
-
- Site Admin
- Posts: 3924
- Joined: Wed Apr 21, 2004 3:00 pm
Re: More work today on HD
I assume this is a home router? Which OS would you use on the rpi3? I'd probably go with NetBSD even though I'm a FreeBSD guy. NetBSD just has the support for all the oddball devices.RedwoodHillBilly wrote:Good idea, I may have to steal it. I've been using self signed certs for my own server (running on an Asus router that doesn't do routing, may replace with RPi3), but I'm the only one that uses it. Maybe I'll try Let's Encrypt.Uncle Jesse wrote: I have an automatic cron job which checks the cert every night and replaces it automatically when it's about to expire.
If only the best birds sang, the woods would be silent.
Re: More work today on HD
ya, this is for home. I have Comcast business with 5 statics. For the RasPi, I would probably be lazy and use Rasbian. On the Asus I use DDWRT and the OptWare packages. With the Pi, I would have to check if the packages I need are available, I would assume so. I just run e-mail (SMTP & POP3), a simple web server (lighttpd), Authoritative DNS server, Open VPN, & an MQQT server. So my requirements aren't that great for my home system. Anything that doesn't have SystemD is ok, I prefer SystemV init systems. I don't want a windows like system with all of the cruft.Uncle Jesse wrote: I assume this is a home router? Which OS would you use on the rpi3? I'd probably go with NetBSD even though I'm a FreeBSD guy. NetBSD just has the support for all the oddball devices.
-
- Site Admin
- Posts: 3924
- Joined: Wed Apr 21, 2004 3:00 pm
Re: More work today on HD
Never used systemd and never will. What a ridiculously stupid mistake that nonsense is.RedwoodHillBilly wrote:ya, this is for home. I have Comcast business with 5 statics. For the RasPi, I would probably be lazy and use Rasbian. On the Asus I use DDWRT and the OptWare packages. With the Pi, I would have to check if the packages I need are available, I would assume so. I just run e-mail (SMTP & POP3), a simple web server (lighttpd), Authoritative DNS server, Open VPN, & an MQQT server. So my requirements aren't that great for my home system. Anything that doesn't have SystemD is ok, I prefer SystemV init systems. I don't want a windows like system with all of the cruft.Uncle Jesse wrote: I assume this is a home router? Which OS would you use on the rpi3? I'd probably go with NetBSD even though I'm a FreeBSD guy. NetBSD just has the support for all the oddball devices.
It's gotten quite a few folks over to FreeBSD though. I hear OpenBSD is recreating a few of the key elements since they use Gnome as the default WM and Gnome now depends on a few key parts of systemd.
If I can't view/modify a config, rc file or log with VI, I don't want to use that OS.
If only the best birds sang, the woods would be silent.
Re: More work today on HD
WM & Gnome, what is that you speak of? I tend to use the command line for my servers. Don't need no stinkin' GUIUncle Jesse wrote:
Never used systemd and never will. What a ridiculously stupid mistake that nonsense is.
It's gotten quite a few folks over to FreeBSD though. I hear OpenBSD is recreating a few of the key elements since they use Gnome as the default WM and Gnome now depends on a few key parts of systemd.
If I can't view/modify a config, rc file or log with VI, I don't want to use that OS.
I've heard good things about FreeBSD, I should check it out.
The masochist in me wants to run a gentoo distro (build the airplane before you can fly it). But I'm too old for that shit. I've been using Linux since 1996 and always compiled my own kernel and support packages, but I don't want to have to build everything that I run.
I guess that's why I now use a small Asus router for my server instead of using a larger server with Apache, Bind, and Sendmail like I used to. That and it's very low power (my T-Mobile femto cell, cable modem, wireless router, and server uses 25W) which makes the UPS last longer.
-
- Site Admin
- Posts: 3924
- Joined: Wed Apr 21, 2004 3:00 pm
Re: More work today on HD
I run lots of servers without X11 but many which also run it. At work our unix based app uses X11 for the users.RedwoodHillBilly wrote:WM & Gnome, what is that you speak of? I tend to use the command line for my servers. Don't need no stinkin' GUIUncle Jesse wrote:
Never used systemd and never will. What a ridiculously stupid mistake that nonsense is.
It's gotten quite a few folks over to FreeBSD though. I hear OpenBSD is recreating a few of the key elements since they use Gnome as the default WM and Gnome now depends on a few key parts of systemd.
If I can't view/modify a config, rc file or log with VI, I don't want to use that OS.
I've heard good things about FreeBSD, I should check it out.
The masochist in me wants to run a gentoo distro (build the airplane before you can fly it). But I'm too old for that shit. I've been using Linux since 1996 and always compiled my own kernel and support packages, but I don't want to have to build everything that I run.
I guess that's why I now use a small Asus router for my server instead of using a larger server with Apache, Bind, and Sendmail like I used to. That and it's very low power (my T-Mobile femto cell, cable modem, wireless router, and server uses 25W) which makes the UPS last longer.
And right now I'm on a FreeBSD box using firefox as I post this. I use Lumina though, not Gnome. Too heavy with dependencies and bells and whistles. I don't want or need all that.
I've used FreeBSD since the beginning. Used some Linux but not nearly as much. I do run OpenELEC on a rpi2 though and it's pretty cool.
If only the best birds sang, the woods would be silent.
Re: More work today on HD
Had to look up OpenELEC. I haven't used a media server since MythTV. It spoiled me with it's smart commercial identification. But I don't watch that much TV anymore. I do have a QNAP NAS that has all of my media on it.
- MoonBreath
- Site Donor
- Posts: 2238
- Joined: Thu Jan 31, 2013 7:34 pm
- Location: Horseshoe Bend, Ky.
Re: More work today on HD
Say what? Say how? Dad was in crypto, then lifetime at Westinghouse, most in tcc center running the computer room (huge), before headn up company payroll.
But I didn't go tech, opting for oilrigs and towboats along with powerplants and auto dealerships ..Mechanical not technical.
I can't imagine what it takes to keep the site safe and runnin.
Thanks UJ, folks like you keep the world on axis.
Makes a feller want to kick in.
But I didn't go tech, opting for oilrigs and towboats along with powerplants and auto dealerships ..Mechanical not technical.
I can't imagine what it takes to keep the site safe and runnin.
Thanks UJ, folks like you keep the world on axis.
Makes a feller want to kick in.
*Spend it all, Use it up, Wear it out*
Beware of sheet-sniffers and dime-droppers!
Beware of sheet-sniffers and dime-droppers!
-
- Site Admin
- Posts: 3924
- Joined: Wed Apr 21, 2004 3:00 pm
Re: More work today on HD
Finally got it to A+!
If only the best birds sang, the woods would be silent.
- Oldvine Zin
- Site Donor
- Posts: 2414
- Joined: Sat Jun 06, 2015 9:16 pm
- Location: Pacific Northwest
- nerdybrewer
- Site Donor
- Posts: 1642
- Joined: Thu Jan 23, 2014 3:00 pm
- Location: Pacific Northwest
Re: More work today on HD
UJ - this - and you - are AWESOME!!Uncle Jesse wrote:Finally got it to A+!
Thank you!
Cranky's spoonfeeding:
http://homedistiller.org/forum/viewtopic.php?t=52975
Time and Oak will sort it out.
http://homedistiller.org/forum/viewtopic.php?t=52975
Time and Oak will sort it out.
Re: More work today on HD
Wow nice
Letsencrypt is really cool. I have used it on a few sites that does not need the insurances, bells and whistle.
+1 for FreeBSD ! I started using it for web servers in 1992, it's so stable and I could strip the 4.x on a 64MB CF memory card
I also used the OpenBSD on Ultrasparc and it was freaking fast at the time.
Glad everything is going fine for the server, the site and the forum.
Letsencrypt is really cool. I have used it on a few sites that does not need the insurances, bells and whistle.
+1 for FreeBSD ! I started using it for web servers in 1992, it's so stable and I could strip the 4.x on a 64MB CF memory card
I also used the OpenBSD on Ultrasparc and it was freaking fast at the time.
Glad everything is going fine for the server, the site and the forum.
-
- Site Admin
- Posts: 3924
- Joined: Wed Apr 21, 2004 3:00 pm
Re: More work today on HD
Talking my language!cede wrote:Wow nice
Letsencrypt is really cool. I have used it on a few sites that does not need the insurances, bells and whistle.
+1 for FreeBSD ! I started using it for web servers in 1992, it's so stable and I could strip the 4.x on a 64MB CF memory card
I also used the OpenBSD on Ultrasparc and it was freaking fast at the time.
Glad everything is going fine for the server, the site and the forum.
If only the best birds sang, the woods would be silent.
Re: More work today on HD
FreeBSD can take you anywhereUncle Jesse wrote: Talking my language!
You made me check one of my server and it is not up todate as it got a F at the test. Need to patch that tomorrow !
- raketemensch
- Site Donor
- Posts: 2001
- Joined: Sun Nov 09, 2014 2:10 pm
- Location: Tralfamadore
Re: More work today on HD
I know we’re not supposed to get political, but that’s why I use a Maccede wrote:FreeBSD can take you anywhereUncle Jesse wrote: Talking my language!
You made me check one of my server and it is not up todate as it got a F at the test. Need to patch that tomorrow !
It’s the smoothest Unix/Linux/BSD workstation I’ve ever had.
Re: More work today on HD
Ahahah !
I had an Apple II, you know the one with the tiny screen in the squared box that runned appletalk network....
Went on PC for decades because it was cheaper, but got back to mac because I had to do video editing. I'm glad I did !
Then I converted the board of directors at work, one by one, and now I do not hear anyone yelling at his computer anymore !
BSD are the most stable and secure unices I worked with.
I had an Apple II, you know the one with the tiny screen in the squared box that runned appletalk network....
Went on PC for decades because it was cheaper, but got back to mac because I had to do video editing. I'm glad I did !
Then I converted the board of directors at work, one by one, and now I do not hear anyone yelling at his computer anymore !
BSD are the most stable and secure unices I worked with.
-
- Site Admin
- Posts: 3924
- Joined: Wed Apr 21, 2004 3:00 pm
Re: More work today on HD
At it's heard, the MacOS started as Mach and FreeBSD. Of course, it's come a long way since then. Jordan of the FreeBSD project and later head of Unix group at Apple is a good friend of mine.raketemensch wrote:I know we’re not supposed to get political, but that’s why I use a Maccede wrote:FreeBSD can take you anywhereUncle Jesse wrote: Talking my language!
You made me check one of my server and it is not up todate as it got a F at the test. Need to patch that tomorrow !
It’s the smoothest Unix/Linux/BSD workstation I’ve ever had.
If only the best birds sang, the woods would be silent.