I did some shuffling again. I’ve moved all my websites over to FreeBSD and the venerable Caddy webserver. I also ditched SaltStack and went full Ansible for maintaining everything.
So, this releases me from quite a few nasty dependancies. The SSL implementation of Caddy is based on the internal Go one, which doesn’t need the dingy OpenSSL at all. The configuration is a lot simpler and less complex than nginx’s. If only WordPress would work on PostgreSQL, then I would be shot of MySQL as well. Yeah, I could use MariaDB, but it’s actually the same bloody thing,
Performance so far has been great. It’s running really stable and I’m happy with it. I still have to figure out some high-availability issues (I’m looking into galera for replication).
I’ll promise to write some more on this blog. I’ve been really busy.
Nergal was the VPS (a virtual server, for the laypeople) which used to serve this website (amongst other things). After many years of faithful service, I had to decommission it because it was draining a bit too much of my funds. So, after some furious back upping and transferring of services and data, I just turned it off and sent it to Valhalla.
So, Ave Nergal. It was fun.
Seems I need to reboot some things again. So I am now moving my websites to Digital Ocean. Right now, this website is running on Ubuntu, PHP-hhvm, and MariaDB. And everything is managed
by SaltStack. It’s a nice low-maintenance setup this way.
I might retire the VPS I have at TransIP. It’s becoming a bit of an expense that I can avoid. DigitalOcean seems to scale a lot better for me, and less of a headache to maintain with Salt.
I’ll keep you guys updated.
Oh, if you want to help me out, check out Digital Ocean, and try it out with my referral link. If you use it, you get $10 for free, and I get a drop in my bucket: DigitalOcean
I started vaping 2 months ago. This coincided with me quitting smoking. I made do with a Lavatube 2 Mouth to Lung device for a while. When I knew I was serious, I got myself a serious device. I explain here:
So. nowadays I wire my own custom coils and stuff. I twist kanthal and nickel wire with drills, and I fiddle with screwdrivers and cotton to get something like so:
Then I drown it in a mixture of propylene glycol, vegetable glycerin, nicotine and flavouring, and set a current to it. I inhale the vapors that emanate from the heated coil.
At least it won’t give me or anyone around me cancer. It’s quite enjoyable.
So, I decided to make an effort to dump OpenSSL and replace it with LibreSSL. This has been mostly succesful (there are a few holdouts, but they are non-critical and they are not internet-facing, so no worries). But man, if you see how many places OpenSSL has stuck it’s grubby paws into, you would be shocked. It’s really a lot. Most of it software that has been around for a while. Also lots of stuff that many people trust. And I have seen interesting breakages from some apps that fall back to EGD for grabbing seeds. Yes, I am not kidding. This is one area where OpenSSL is extremely broken (random numbers). See http://opensslrampage.org/post/82975103611/so-the-openssl-codebase-does-get-the-time-add-it
As far as all the server daemons that I use, they are all OpenSSL-free now. I am happy. I would even say that everything performs a bit snappier now, but I think that’s confirmation bias and maybe the fact that everything got a restart.