I’ve been using Restic backup on several servers for more than a year now. As the software turned out to be very reliable and fast I decided to give it a try on my laptop. Until now I had to trigger my backup mechanism by hand every day, but as you can image this is not a very reliable way to make backups.

Today I looked for a way to automate Restic backups on my laptop while keeping the mechanism easy and inconspicuous. In this post I’d like to introduce you to my personal backup solution.

▸ Read more

As you might know, I’m running metalhead.club, a Mastodon instance for metalheads. Due to the increasing storage and computing demand (and because I wanted to drop my old host) I decided to move the instance to my new, more powerful host. Luckily I’ve packed the whole instance and all its dependencies into a LXC container (with LXD as container manager) a couple of months ago. Usually you would restore your Ruby / NodeJS environment on your new host, transfer database and application files as well as media files and make sure everything fits. In my case it was basically just a file system transfer and re-import on the new LXD host: Much easier and less error prone.

In this post I’ll show you the exact steps how I moved my Mastodon instance yesterday.

▸ Read more

If you’re running your on Mastodon instance you probably might not have jemalloc active on your Ruby setup. Jemalloc changes the way Ruby allocates memory and saves up RAM. On my 140 users instance RAM usage dropped by 300 MB just by using jemalloc.

▸ Read more

This how-to is based on my previous German how-to for Ubuntu 16.04 Server. Instead of using Spamassassin, Amavis, Pyzor and Razor as well es OpenDKIM, we’ll make use of Rspamd. Rspamd as a modern replacement will reduce the complexity of our setup and let us monitor its state via a web interface. As in earlier versions of my mailserver how-to, I’ll explain most important parts of the system as we install and configure them one after another. You will need basic Linux and command line knowledge to finish this guide. Going through this article will take probably about 45 minutes - depending on your speed and skills.

▸ Read more

In most cases running an own CA (certification authority) is not advisable. But there are exceptions: If you want to secure internal services of your company, using your own CA might be necessary. During my employment at ADITO Software GmbH I created a tool for X.509 certificate management. The root certificate of my tool had to be imported into every PC of the company. Unfortunately there are some pitfalls which I did not expect, but after some research I figured out how to import the new CA to Linux- and Windows PCs and to every major webbrowser.

▸ Read more