Self-hosting: for a decentralized and responsible Internet
Give IPv6 connectivity to its Docker containers using an IPv6 block from its ISP
Use the additional IPv6 blocks of the Free and Orange network
Multi-Hosts TLS Certificate
It is sometimes convenient to have a domain distributed over two or more machines. This technique, as old as DNS, is interesting to spread the load between multiple hosts, or to provide a bit of high availability. Indeed, if a host becomes inaccessible, at least half of the requests will continue to be successful.
However, since TLS connections have become the norm, and certificates should be renewed automatically, it could be hard to control the validation and the distribution.
I will present you a technique which, with the help of a finely configured web server, allows to get a different certificate on each machine, but usable for the same subdomain.
[Read More]RTL8153B support for 4.9 kernel
If you buy a recent USB to Ethernet adapter, embedding a Realtek chip, you possibly face, like me, the following error, when connecting it:
r8152 4-1.1:1.0 (unnamed net_device) (uninitialized): Unknown version 0x6010
r8152 4-1.1:1.0 (unnamed net_device) (uninitialized): Unknown Device
[Read More]
Support for the user namespace in grsecurity kernel
Grsecurity has completely disabled, on purpose, the user namespace code for the kernel.
As the goal of this namespace is to gain (virtualy) root privilegies inside a namespace (in theory, it shouldn’t give more priviledgies than the one you initialy have outside of your namespace), there are some interesting use cases, or, in my case I need to perform some demo in front of my students.
[Read More]Slow memhog for testing cgroups
Use Gitolite Access Control In Gitweb
Are you using gitolite and gitweb? Two nice and lightweight projects, but perhaps you are tired to manage access control in gitweb?
Here is some simple tricks to use gitolite access list directly into gitweb, automatically.
[Read More]PGP key
My personal PGP key is the following: 0x842807a84573cc96.
pub 4096R/4573CC96 2014-06-23 [expires: 2022-06-30]
Key fingerprint = E722 B5B7 3CA7 FA93 5FC1 AA09 8428 07A8 4573 CC96
uid Pierre-Olivier Mercier <nemunaire@nemunai.re>
sub 4096R/9D2855C3 2014-06-23 [expires: 2022-06-30]
[Read More]