Bin ziemlich zufrieden, mit dem jetzt erreichten Setup, für das automatisierte Deployment unserer Serveranwendungen. Jeder im Team kann jetzt via Jenkins eine aktuelle Version der Anwendungen deployen.

Dazu haben wir über die letzten Monate die verschiedenen bisherigen Artefakte (war, jar) in Docker Images verpackt, docker-compose Konfigurationen für die verschiedenen Installationsumgebungen erstellt (Test, Produktion, Intern, …) und zuletzt noch git repositories mit Hooks eingerichtet, die bei einem Push das Deployment anstoßen.

I am working a lot via ssh on different Linux servers. For authentication on those I always use a ssh key. I am also tunneling my ssh key for git to those servers because I often need to work with git repositories there (containing configuration files for example).

Of course I need those ssh keys also when I am working with sudo and last week I had to make this work on a new server again. The trick is to configure the following line in the /etc/sudoers file:

Yesterday I installed subversion on a Debian server again and I had too look for some guidance in the web again. This time I decided to write it down for myself.

I installed the following packages with aptitude:

sudo aptitude install libapache2-svn subversion subversion-tools

Afterwards the needed modules were already enabled in my apache2 configuration - I looked in /etc/apache2/mods-enabled/ and saw dav.load, dav_svn.conf and dav_svn.load linked. All I had to do was to create a repository by using svnadmin:

Damn. My cable provider Liwest encrypted all channels today. I was using my VDR now for over three years and now … it is black.

Without a smartcard I will not be able to receive digital TV channels anymore. Now I have to think about a solution - adding a common interface to my VDR and buying a smartcard? Completely change to another device?

If you want to secure your web site you can configure your apache2 server to require a client certificate. You do this by adding the following to options to the ssl host configuration:

SSLCACertificateFile /etc/ssl/private/CAcert.pem

SSLVerifyClient require
SSLVerifyDepth 10

To create a client certificate use the following commands

openssl genrsa -out client.key 1024
openssl req -new -key client.key -out client.csr

The create client.csr file has to be signd by your CA with the following command:

Today Ubuntu 5.10 was released give it a try if you are looking for a modern, stable, good looking linux desktop distribution 😉

I wanted to improve the resolution of the console on a linux server. After reading some forums and HOWTO’s I found out that it’s very easy, you just have to add vga=MODE to your kernel parameters - where MODE stands for the desired screen resolution.The possible screen resolultions are listet here. These values are hexadecimal so vga=791 stands for 1024×768 and 16 Bit Colors (0×317).

A friend of mine had trouble with his VDR based on Debian Sarge - he added a SATA disk, partitioned, formatted an mounted it, added an entry in/etc/fstab and everything seemed to be fine - until he rebooted.When the system booted the disk was not mounted automatically at the mount point defined in /etc/fstab. After logging in and typing mount -a the disk was mounted correctly.

The problem was that the required modules for SATA were not loaded early enough. To fix this I did the following:

Today I finished the setup of my new mail server. Based on the recently released Sarge 3.1 I used the following configuration:

• exim - as MTA
• fetchmail - to collect my emails from various accounts
• procmail - to pipe incoming mails through the spam and virus filters
• dovecot - IMAP Server
• squirrelmail - webmail interface
• spamassassin - THE anti-spam-solution
• ClamAV - to check new mails for virus

Of course the web interface and the IMAP server are only accessibly through a secure connection.