Category Archives: Technical

New Confluence available at Simulakrum

New Confluence 5.9.7 is now available to the members of the appropriate groups in LDAP. There was an issue with Confluence-in-Docker in the installation phase where Confluence would reach the “Insert license key” step, and then simply spin in a vicious circle.

Found a workaround for that – simply do not attempt to add SSL keys to Confluence during the installation, but reach it through an openssh tunnel (make sure you reach it as “”) finish the installation, and then add SLL, LDAP and other necessities.

The steps are: Continue reading

Jenkins in a container

The server is now running from within a Docker container. Migration was flawless and done from scratch in less than 30 minutes. The reason was that Ubuntu would fail to restart a native jenkins service if another Docker container would use a port, albeit on a different IP. After being fed up with constant joggling between solutions for that, I decided it would be faster to simply “dockerise” Jenkins, too, and have it confined in a container for good.
Continue reading

Joomla’s rewrite rules break server-status

I’ve noticed that we’d lost all of the munin monitoring for Joomla-based sites after switching on Joomla‘s internal URL rewriting. The default rules in the recommended .htaccess file block the access to the Apache’s server-status page. A simple:

# allow status
RewriteCond %{REQUEST_URI} !=/server-status

just above the last rule there fixes this problem.

SSL not working: certificate verify failed (18)

If your ssmtp persistently returns a “SSL not working: certificate verify failed (18)” in logs, and you do have “TLS_CA_File=/etc/pki/tls/certs/ca-bundle.crt” in your conf, and you do use a self-signed certificate, try adding the certificate in “/usr/share/pki/ca-trust-source/anchors/” (Fedora 22 directory, may vary for other distros) and then re-try the mailer agian.

docker-registry behind a few proxies

Running a private docker-registry behind a few proxies took me while to configure, because I had several things that I couldn’t move. In particularly, it is an nginx in front of everything, and the docker-registry that I wanted as a “real” service, because I am still learning the docker ways, and I don’t want it as a container, yet.

I installed the docker-registry in a KVM VM, on a CentOS 7 – a standard business requirement one might say.

That part is easy: fetch the virt7-testing repo, as described here, and move on: Continue reading

mariadb 10 multi-master multi-database replication

Unlike mysqld 5.X, mariadb 10.X offers multi-master multi-database replication. That means it can use a single mariadb-server 10.X instance as a replication slave for all the other mysql-servers we need. Unlike supporting this combination, the very installation and set-up is rather straight-forward: Continue reading

OpenSuSE zombies from btrfs

I installed an openSuSE 13.2 x64. I opted out btrfs and went with ext4. I logged in and found zombies on a freshly installed and updated OS:

lizzy:~ # ps ajx | grep -w Z | grep -v grep ; uname -a
9955 10011 1149 1149 ? -1 Z 0 0:05 [btrfs-defrag-pl]
9955 10012 1149 1149 ? -1 Z 0 0:05 []
Linux lizzy 3.16.7-7-desktop #1 SMP PREEMPT Wed Dec 17 18:00:44 UTC 2014 (762f27a) x86_64 x86_64 x86_64 GNU/Linux

Zombies are coming from the btrfs-something-backend, but why? Those are a perl and a python scripts, ran from who-knows-where-and-why, and I will find them, and tame them, but this is not looking good – first I got some Adobe’s garbage (IC profiles and that idiotic flash player) pre-installed, and it took me a few minutes to figure out where to declare those as persona non-grata in yast, making sure they won’t try to update or install again on every single operation with packages! Now the zombies…

“This does not bond well, commander…”; yet XCOM is working flawlessly, out of the box, with the FLOSS radeon driver, and the dreadful NetworkManager is not calling home – openSUSE introduces wicked here, a home-brew connections manager that actually co-operates with the user well (unlike the NM, that hijacks everything it can, systemd-style). I’ll keep this lizard in my digital garden a bit more…

Debian Wheezy i386 in FreeBSD’s bhyve

Just managed to install a Debian Wheezy i386 in the FreeBSD’s bhyve, after a failed attempts with Fedora 21 server and openSuSE 13.2. Also, grub2-bhyve wasn’t reliable until I changed the arch to i386, and the type of medium to “netinstall” – that got it rolling.

One warning – the video is uncut, and thus suffers from a few half-minute gaps during the installation.

The FreeBSD used is FreeBSD 11.0-CURRENT amd64, because at the moment bhyve is functional for AMD CPUs only in CURRENT. Continue reading

Positive, comparative, and the code used in a linux

I read a thread where OpenBSD community were discussing the code for the network time daemon, and some figures stated there seemed almost unreal. Out of the pure curiosity, that has nothing to do with deeper understanding of the ntp daemon code, I ran “a test” used there on an OpenBSD, a FreeBSD and a Linux machine. The results are truly staggering:

uname -rms ; pwd ; for i in $(find . -name “*.[ch]”); do cat $i >> allcode; done ; egrep -v ‘[:blank:]*/?\*’ allcode | grep -v “^ *$” | wc -l
OpenBSD 5.6 amd64

uname -rms ; pwd ; for i in $(find . -name “*.[ch]”); do cat $i >> allcode; done ; egrep -v ‘[:blank:]*/?\*’ allcode | grep -v “^ *$” | wc -l
FreeBSD 11.0-CURRENT amd64

uname -rms ; pwd ; for i in $(find . -name “*.[ch]”); do cat $i >> allcode; done ; egrep -v ‘[[:blank:]]*/?\*’ allcode | grep -v “^ *$” | wc -l
Linux 3.17.6-200.fc20.x86_64 x86_64

Project OpenBSD proved itself time and again as a proper place if you want to learn coding!