Howto Monitor SSL Certificates Expiration in Grafana (2024-05-30):
In today's digital landscape, ensuring the security of online communications is paramount, and SSL certificates play a crucial role in this process. Monitoring these certificates to prevent unexpected expirations is essential for maintaining uninterrupted service and trust. This HowTo guide provides a step-by-step approach to setting up monitoring for SSL certificates, ensuring you receive timely alerts before they expire. By utilizing powerful tools such as Blackbox Exporter, Alertmanager, Prometheus and Grafana, you can automate the notification process, allowing for proactive certificate management. This guide simplifies the setup process, making it accessible for both beginners and experienced professionals. With these instructions, you can enhance your security posture and avoid the risks associated with expired SSL certificates. How to receive alert messages from Grafana in your Matrix chat may also be interesting - I already covered that one here . Screenshot General This howto expects you to have an already working installation .... [read more]

Howto build Freedive - A FreeBSD GUI Management Tool (2024-05-23):
Freedive emerges as an innovative standalone tool for FreeBSD, offering a graphical user interface (GUI) that revolutionizes the way systems are managed, enabling both newcomers and experienced users to administer their FreeBSD installations with ease. This GUI, accessible through a mobile-friendly web interface, democratizes the use of FreeBSD by allowing beginners to engage with the operating system without the need to delve into the complexities of the command-line shell. Designed with responsiveness in mind, Freedive's interface adapts seamlessly to various screen sizes, ensuring that system administrators can perform essential tasks from virtually any device, be it a smartphone, tablet, or desktop. The intuitive design of Freedive's web interface lowers the entry barrier for managing FreeBSD systems, making it more approachable for users who may not be familiar with Unix-like environments. By providing a full spectrum of system management capabilities through its GUI, Freedive empowers users to perform tasks ranging from .... [read more]

Howto Create a Cheap Multi Site High Availability Setup with a Wireguard Tunnel (2024-05-12):
In today's interconnected world, ensuring high availability (HA) across multiple sites is crucial for businesses to maintain continuity and reliability. While traditional solutions often rely on complex protocols like BGP or GRE tunnels, implementing a cost-effective HA setup using WireGuard VPN tunnels provides a simpler yet robust alternative. This solution leverages the flexibility of WireGuard VPNs to create secure connections between multiple sites, with the added benefit of easy setup and management but also keeping the overall costs low. Within this solution all traffic terminates on public IPv4 and IPv6 IPs and will be routed or NATed (depending on the operators personal decision) to the desired endpoint. In this solution any endpoint can be used, even behind a (CG)NAT, because the site endpoint will initiate the VPN connection to the main Wireguard VPN server which holds the public IPs. In this example, a simple webserver will be made available in .... [read more]

Howto Integrate Matrix Alerts into Grafana (2024-05-07):
Unfortunately, Grafana does not support Matrix notification by default. While Matrix is originally a free and open-source chat service, it also provides API and Bot support which makes it handy for service notifications. With End-to-end encryption, open-source, self-hosting possibilities and multi client support it provides all necessary features to integrate this as a fast and reliable notification solution to receive any kind of monitoring alerts. With the grafana-matrix-forwarder by Hector S. , a Grafana integration for Matrix alert notifications can be easily done within just a few minutes. In this case, the grafana-matrix-forwarder (written in Go) just runs as a dedicated binary and accepts requests by http on port tcp/6000. The integration will follow as a webhook in Grafana. The installation and configuration of this forwarder is pretty easy and straight forward. The binary will just be copied and executed by a dedicated user.     useradd -m grafanamatrixforwarder -s /bin/nologin     cd .... [read more]

Howto Install QualvoSec Security Patch Management on Debian and Ubuntu (2024-03-07):
Security patch management is a critical aspect of maintaining the security and resilience of an organization's digital infrastructure. It involves the timely identification, testing, and application of software updates to address vulnerabilities in operating systems, applications, and other software components. This proactive approach is essential to prevent security breaches, data breaches, and unauthorized access, safeguarding sensitive information and ensuring smooth system operation. The how-to guide focuses on integrating QualvoSec (you can find more information here ) into an organization's infrastructure to streamline and enhance security patch management processes. QualvoSec is a comprehensive security solution designed to automate and simplify the patch management lifecycle. By following the guide, users can achieve benefits such as automated vulnerability assessment, centralized patch deployment, prioritization of critical patches, real-time monitoring and reporting, customizable policies and scheduling, and seamless integration with existing systems. The integration with QualvoSec provides centralized control over patch deployment, allowing users to .... [read more]

Howto Run Proxmox 8 VE on the ARM64 Hardware Architecture (2024-02-29):
In the ever-evolving landscape of virtualization and server management, one name has consistently stood out for its reliability, versatility, and innovation – Proxmox. Especially now, just after Broadcom dropped the free ESXi solution, Proxmox might be the real gamechanger. Traditionally associated with x86 architectures, Proxmox has been a stalwart companion for enterprises and enthusiasts alike, providing a robust platform for virtualization and container orchestration. However, as technology progresses and the demand for diversity in hardware options surges, the spotlight is now turning towards alternative architectures, with ARM64 emerging as a formidable contender. This blog post aims to unravel the untapped potential of running Proxmox on non-traditional hardware architectures, with a special focus on the ARM64 architecture. As we delve into the benefits, challenges, and the transformative impact of this choice, we invite you on a journey that explores the boundaries of what Proxmox can achieve beyond its familiar x86 habitat. .... [read more]

Install snac2 on FreeBSD – An ActivityPub Instance for the Fediverse (2024-01-05):
This HowTo guides you through the setup process of snac2 on a minimalistic FreeBSD (FreeBSD 14) system to run and serve your own ActivityPub instance within the Fediverse. snac2 is also compatible with Mastodon instances for further interactions. snac2 is a simple, minimalistic ActivityPub instance written in portable C and can run on all Linux and BSD systems. Within this HowTo snac2 will be installed behind a nginx reverse proxy for SSL/TLS offloading. First, we start installing the required package dependencies: pkg install git curl py39-certbot-nginx py39-certbot nginx Afterwards, the snac2 project repository can be cloned and snac2 compiled from the C code source: git clone cd snac2 make make install Thanks to Stefano (from the BSD Cafe project) for the FreeBSD rc service file to start the snac2 instance. Within the next steps we just copy the rc service file to the right location and prepare everything to .... [read more]

Howto install Ansible SemaphoreUI on Debian 12 (2023-11-05):
This mini How-To guide describes how to install Semaphore UI 2.8.75 in addition to Ansible 8.5 on Linux Debian 12 (Bookworm). Semaphore provides a modern and responsive webUI for running Ansible playbooks as an alternative to Ansible AWX (Tower) and the new Automation Platform. Semaphore is an open-source project written in GoLang and easy to use, install & to maintain. MySQL/MariaDB, PostgreSQL and BoltDB are supported as backend DBs. Within this HowTo MariaDB is used. Please also see the official docs here. Features: * Build, deploy & rollback * Group playbooks to projects * Manage environments, inventories, repositories and access keys * Run playbooks from the browser * Responsive UI allows the use of Semaphore on mobile devices * Run playbooks by schedule * View detailed logs of any playbook runs, at any time * Delegate other users the running of playbooks * Get notifications about playbook runs Prerequisites: In .... [read more]