Braindump

This is the restart of my personal space in the world wide web.

Continue reading 

I wrote a package long time ago, maybe 6 years or so. Now, I switched my employer not long ago which uses clockodo to track times used on a task. Clockodo serves a clean webpage and some packages for major operating systems. But the lack of emacs support is a pain point for me since I use emacs most of the time and it’s the first program running and the last I close.

Continue reading 

Since I have serveral physical machines and virtual ones backups are a pressing point since their are running critical infrastructure for my company. I needed a fairly complicated setup with two backup layers and two steps as requested by the management. The lower layer is a regulary backup of the virtual machines and the higher layer is a regulary backup of the main data from some machines. These includes the main file store and the mail servers.

Continue reading 

I use Let’s encrypt to obtain valid TLS cerftificates for various services including mail. Each service has its own virtual machine or is a seperate physical machine. While having only one public IP address I use nginx as reverse proxy and TLS termination point for traffic running over HTTP/HTTPS. Since this machine is the only one accessible from the world wide web it also handles the certificate request for all other machines which need valid TLS certificates.

Continue reading 

I have a bunch of servers running within the company network. These server running multiple virtual machines such that these servers can be seen as a hypervisor. I connect to them using ssh and for additional security I use a second factor. 2FA or two-factor authentification can be used to improve the security by forcing the user not only provide the correct ssh key but also another secret shared by the machine and the user.

Continue reading 