FrOSCon is a conference about Free Software and Open Source in Sankt-Augustin near Bonn, Germany. Here I want to give my impressions from the visit this year. (btw, it was the 10th FrOSCon this year)

Read more →

If wanted to setup a very simple apt repository on RHEL system to server a small environment with Debian/Mint systems. So the goal is just to place some already built deb packages to some apt repository. Unfortunally it turned to be not a straight forward task like with yum repos. All common ways are based on the Debian/Ubuntu scripts, which are not available on the RHEL platform via packages.

This post covers following:

  • Creation of APT repository on very simple way without involvment of usual tools like apt-ftparchive or reporepo
  • APT repository will be GPG signed, to allow verification of integrity
  • APT repository will be build on the CentOS/RHEL platform and serve Ubuntu/Debian clients

Read more →

If you have already some CentOS/RHEL installation and you want to move it to a RAID/LVM with full disk encryption, then this post is for you. We will move a minimal simple CentOS 7 installation on a single disk with LVM to the full encrypted RAID1&LVM setup.

Read more →

I got a brand new yubikey neo and wanted to get it running on my Mint 17 MATE(based on Ubuntu 14.04 Trusty Tahr) installation for GPG encryption and SSH authentification. It turned out to be not an well-transparent and easy task. So this post gives my expirience on this topic, but isn’t limited to Yubikey only and should apply to other OpenPGP cards as well.

Read more →

Gitlab provides manual installation instructions for Ubuntu only, this post covers the procedure how to install it on CentOS/RHEL/RedHat 6.X.

Read more →

If you want to use WebEx on Ubuntu/Mint 64 bit, you will see: it works. But you won’t be able to do screen sharing or probably even to see webcam video streams.

The only one solution is to use 32bit oracle java incl. browser plugin, so browser has to be 32bit as well. If you want to keep 64bit browser on the system and to use 32bit setup only for WebEx, then this howto is for you:)

Read more →

It was always annoying for me to type in the login credentials on the Hotspots of Deutsche Telekom. As I’m lazy, here is a script which can be integrated with networkmanager via dispatcher.d interface, which checks for the right interface and right SSID, then calls the login page with according credentials.

Read more →

Puppet structure

puppet

It not always easy to find a good folder hierarchy and structure for puppetmaster, as you have to find a way to combine it with different tools and workflows like git, librarian or r10k.

As I still miss some kind of best practice whitepaper from puppetlabs, I want to cover here my view on this:

  • with using hiera
  • with or without using full autodeployment like r10k
  • without any git submodules

Read more →

I wanted to setup phpVirtualBox on my new Intel NUC, which is running gentoo-hardened. Unfortunately VirtualBox can’t run with couple of grsecurity/pax flags enabled in kernel. To get VirtualBox running you have to disable following kernel config flags: CONFIG_PAX_KERNEXEC CONFIG_PAX_RANDKSTACK CONFIG_PAX_MEMORY_UDEREF CONFIG_GRKERNSEC_HIDESYM and to enable: CONFIG_PAX_ELFRELOCS (if you have CONFIG_PAX_MPROTECT)

Read more →

SSH key management is required in each environment.

In this post I want explain how to do it with puppet on the simple way.

I’ve created a module, which is a wrapper around core puppet types User and Ssh_authorized_key. This wrapper enables an easy key management via integration with hiera on puppet. (and it was a good exercise in rspec-puppet:) )

Read more →