Mastodon has recently gained popularity amongst tech-savvy users after Elon Musk has bought Twitter. With November’s wave of new Mastodon users, many servers experienced mayor problems with their performance - so did metalhead.club, the Mastodon instance that I’m hosting myself. Here’s how I tackled performance issues on metalhead.club.

Read more

Situation: One of my servers is located at my home. It’s connected to the internet via two different interfaces at the same time:

  • Physical Interface: Connected to Deutsche Telekom ISP via DSL / landline.
  • Virtual Wireguard VPN interface: Connected to one of my data center servers, has a public IPv6 address.

The “data center server” acts as a gateway for my home server and routes a static IPv6 address to it. This setup lets me reach my home server via a static and public IP address, although my DSL provider does not assign a static IPv6 subnet to my landline. (But that is subject to another story … ;-) ).

After finishing the setup, I ran into the problem of asymmetric routing: Packets addresses to my static IPv6 address (and thus routed via the Wireguard VPN) did arrive at my home server, but the response packets were not send back the same way: They were routed via my Deutsche Telekom landline and therefore originated from another source IP address, which the original requester did not expect.

Read more

I use my Dell XPS 13 9360 on a daily basis since early 2017 and never regretted the investment. But over the years, the battery has degraded and in the end - two weeks ago - my laptop started to behave unexpectedly: When I shut it off, the power indicator went off, but after about 4-5 more seconds it turned back on and my laptop started as if the power button was pressed. The only way to shut it down permanently was to press the power button for some more seconds and thus causing a force-shutdown.

Read more

A few days ago I noticed that I could not use my OPNsense firewall as a SSH jump host to my other servers. I’m not sure how long this issue has existed, or if it has always existed, but since I’ve had IPv6 connectivity after a long time of IPv4-only internet, I could definitely feel the consequences.

While ssh root@opnsense worked perfectly, ssh -6 root@opnsense failed with a timeout. Verbose output of the ssh command showed that the client was trying to access the correct IPv6 address of my firewall, but obviously it did not receive any response.

Read more

It happened again - this time on my Fedora machine! I ended up with a laptop that won’t boot after some package changes. Last time that happened was ~ 4 years ago when Arch Linux could not decrypt my main partitions due to some changes on a crypto library. This time the accident was caused by a simple dnf command:

dnf autoremove

I intended to remove dangling packages from my system - expecting my package manager to know which packages are needed and which not. Unfortunately some really important packages (amongst some legacy packages) were removed. My laptop was not even able to start any boot loader - it booted straight to the device diagnosis application that the hardware manufacturer ships.

Read more

Lately I switched from a binary Ejabberd package to a self-built version of Ejabberd on my XMPP server trashserver.net. This was done mainly because the “Debian Backports” repository did not offer the version of Ejabberd that I urgently needed. While the repo was stuck at 20.02, I wanted to provide the users 20.04 to be able to drastically improve the user experience during video calls.

Read more

By default your Debian server will try to deliver system / Cron emails to your mailbox server directly. While this is convenient for very simple setups, you might run into trouble if your inbox server expects DKIM-signed mails or does not accept emails from every IP address, but only from mail senders with good reputation. For that reason I’m running a single, well configured email gateway server, which is forwarding the mails from all my hosts into the internet. But how to tell all the hosts to send their mails via a central gateway? Installing and configuring Postfix is one way …

Read more

In this guide I’ll show the necessary steps to set up a Codeberg Git repository in Drone CI and run a simple build pipeline to generate and upload your static Hugo website. Anoxinon e.V. from Germany is using a very similar setup to make its blog authors’ life easier.

All the steps are shown in an LXD based environment on Debian 10 Buster. Of course it will work very similarly on other Linux systems.

Read more

If you follow my Mastodon account, you might know that I like IPv6 very much. I’m trying to do my best to offer all my services via the new IP protocol. Lately I was investigating the use of IPv6 in my server network. Unfortunately the result was quite disappointing:

Bad IPv6 statistics

Read more

Usually there’s no reason to get worried if you forget the password for an online service that you’re using. Platform providers are aware of their forgetful users and provide a simple method to reset your password and regain access to your account. All you need to do is to enter your email address and wait for a customized link. That link lets you change your password or request a new one.

Read more