Aaron Lauterer


MSSQL Accross Subnets

A was faced with the situation that a client could not connect to it's MSSQL named instance in another subnet. There is a firewall in between those subnets. The firewall rule allowed TCP 1433, 1434 and Pings. The client was able to ping the server. So far so good. But the SQL client could not connect to the server. A nmap scan of the server showed that port 1433 or 1434, the classical MSSQL ports, were not open. As it turns out, the server was set to use dynamic por…

Tomcat behind reverse proxy

I had to set up a system for Atlassian's Jira and Confluence that would be accessed by at least two different URLs. The Tomcat servers are behind an NGINX server that handles the whole SSL stuff. In the past, when such a system would have only one very specific URL I would set the proxyName=<FQDN/URL> in the connector section in the server.xml and be good. Jira or Confluence would generate the right URLs. But in this case I ran…

Migrate a VirtualBox OVA to ESXi

I had to migrate an OVA exported by VirtualBox to an ESXi 6. TL;DR: Untar the OVA, copy the vmdk file to ESXi, migrate the vmdk with vmkfstools and create a new VM using the new vmdk file for the HDD. You got time to read it all An OVA file is a tarball of the VMs vmdk and the OVF file containing all the settings in XML format. My first naive attempt by importing the OVA using t…

Start i3lock on Sleep with SystemD

Ever wondered how to automatically lock your screen when you put your laptop to sleep? Like me you most likely found a SystemD unit file looking a lot like the one below. What annoyed me though was that the lock command would be executed after the system reached the sleep target, ergo when waking up. This resulted in a brief flicker where my screen was visible before i3lock kicked in.

Arch Linux on an encrypted ZFS root system

Note as of October 2019 The native ZFS encryption introduced in version 0.8 is working quite fine and you can use it for a root file system. With this in mind this guide is probably a bit outdated. This blog entry is my personal documentation. If it helps others even better. I will try to keep it as up to date as possible. What helped me when I tried this the first time was the Read more →

F5 - add route through the MGMT interface

Quick note to myself.

Having an environment where some services (LDAP, Radius, ...) that the F5 needs to access are not reachable from the Virtual Server but only via the management interface can be tricky. Adding a specific route to the host in question will solve this.

Get last and first element in a URL

While working on this website with HUGO I needed the first and last element of the current URL in variables at some point. There is a snippet available to get the last element in a URL that does some delimit and split magic. When looking into how to get the first element I came up with another way to also get the last element that m…

Connecting to the serial console of a Virtualbox Linux VM

I wanted to run through some Arch Linux install procedures and document them. My plan was to connect to the VM via serial console so I could use my regular terminal emulator to copy the output that I was interested in. How to Basics In the settings of the VM enable the serial console with the following properties: Port Mode: Host Pipe Connect to existing pipe/socket …