When for some reasons, the Let’s Encrypt certificate has not be renewed on your Synology and those bloody stupid Web browsers won’t let you connect to the DSM for “Security Reasons”, you can still count on SSH to solve the problem.Continue reading...
I own a server at Online.net which now runs VMware ESXi free edition. The thing is VMs have to access the Wild Wild Web and provide public services while still being protected. So let’s configure OpenBSD to do so.Continue reading...
My ESXi is provided by Online.net and accessible from Internet. Reading the VMware documentation, one can see:
ESXi includes a firewall that is enabled by default.
At installation time, the ESXi firewall is configured to block incoming and outgoing traffic, except traffic for services that are enabled in the host’s security profile.
But the default security profile is way too loose! So here’s how to harden it a bit.Continue reading...
I decided to run VMware ESXi on my Online/Scaleway Start-2-L server. Using the online.net installer, you can “only” get ESXi 6.5.0d (64BITS). So here’s how to upgrade to 6.7.Continue reading...
On my new OpenBSD servers, I decided to use memory filesystem for /tmp. After looking at old servers usage, I decided that 64M of memory space would be enough.
# grep mfs /etc/fstab swap /tmp mfs rw,nodev,nosuid,-s=64m 0 0 And that seemed well sized. Until I ran syspatch(8) and got a whole bunch of errors:Continue reading...