Servers

I have for many years paid to have a fixed IP number at home. The main reason was to allow me to access servers and have the remote access restricted to the home IP number. This was just one of many layers of the security of the server and the SSH setup, but no more.

I’ve been playing with (Tailscale)[https://tailscale.com/] which essentially provide an overlay network and allows you to have a secure private network across the public internet. Tailscale has a free plan perfectly suitable for my uses and clients for just about any machine, so getting all machines attached to a private network through Tailscale is surprising easy.

If you’re jumping around on servers and need to figure out what the IPnumber(s) of the server are, here’s a little bash line which usually works (tough with a few catches):

ifconfig eth0 | grep inet | awk '{ print $2 }'

This command assume the eth0 is the public WAN interface in the server. If there are more network cards this may not be correct - or the only interface for the net.

I’m using Let’s Encrypt as Certificate Authority on this and many other sites. I like it, as it allows me to automate certificate creation and renewals, however I also have some monitoring making sure everything works as expected.

I recently got a few alerts as some certificates weren’t renewed as expected. I figured nothing had changed on the server setup and there was renewal happening for a few days, I started looking into it and found the issue why the renewal was failing, so here’s the story.

One of Linux five star things is the cronjobs. They allow you to automatically run stuf (scripts, applications, etc.) at quite specific times.

The crontab is the place controlling when the stuff is run and you can list the crontab using the commaand crontab -l for the current user.

If you want to edit the crontab, just use the command crontab -e and it launches the crontab in the default editor (set EDITOR env variable to change the editor used). The format is basically like this: