17. Nov 2017

MSSQL Accross Subnets

A was faced with the situation that a client could not connect to it’s MSSQL named instance in another subnet. There is a firewall in between those subnets. The firewall rule allowed TCP 1433, 1434 and Pings. The client was able to ping the server. So far so good. But the SQL client could not connect to the server. A nmap scan of the server showed that port 1433 or 1434, the classical MSSQL ports, were not open.

19. Oct 2017

Tomcat behind reverse proxy

I had to set up a system for Atlassian’s Jira and Confluence that would be accessed by at least two different URLs. The Tomcat servers are behind an NGINX server that handles the whole SSL stuff. In the past, when such a system would have only one very specific URL I would set the proxyName=<FQDN/URL> in the connector section in the server.xml and be good. Jira or Confluence would generate the right URLs.

17. Oct 2017

Migrate a VirtualBox OVA to ESXi

I had to migrate an OVA exported by VirtualBox to an ESXi 6. TL;DR: Untar the OVA, copy the vmdk file to ESXi, migrate the vmdk with vmkfstools and create a new VM using the new vmdk file for the HDD. You got time to read it all An OVA file is a tarball of the VMs vmdk and the OVF file containing all the settings in XML format.

17. May 2017

Start i3lock on Sleep with SystemD

Ever wondered how to automatically lock your screen when you put your laptop to sleep? Like me you most likely found a SystemD unit file looking a lot like the one below. What annoyed me though was that the lock command would be executed after the system reached the sleep target, ergo when waking up. This resulted in a brief flicker where my screen was visible before i3lock kicked in.

18. Apr 2017

Arch Linux on an encrypted ZFS root system

This blog entry is my personal documentation. If it helps others even better. I will try to keep it as up to date as possible. What helped me when I tried this the first time was the github gist by codedreality. Since then I modified and adapted his procedure a bit to fit my personal needs. The goal is to have an encrypted Arch Linux running on ZFS as root file system with an additional swap partition to enable hibernation.

13. Apr 2017

F5 - add route through the MGMT interface

Quick note to myself. Having an environment where some services (LDAP, Radius, …) that the F5 needs to access are not reachable from the Virtual Server but only via the management interface can be tricky. Adding a specific route to the host in question will solve this. The command where is the server we want to reach and the gateway for the management interface is: tmsh create sys management-route 10.

15. Feb 2017

Get last and first element in a URL

While working on this website with HUGO I needed the first and last element of the current URL in variables at some point. There is a snippet available to get the last element in a URL that does some delimit and split magic. When looking into how to get the first element I came up with another way to also get the last element that might be a bit more understandable.