Surnia Ulula has switched to a lighter and more responsive theme. The theme is called Dazzling by Colorlib. I’ve made a few changes to the default stylesheet, but this is certainly not the end — just the beginning. ;-) Let me know what you think, and if you see any styling / layout issues, please let me know. :)
If you manage a DNS master, and push zones to several slaves / secondaries, you may have found that over time — as configuration files and firewall rules change — one or more slaves may have lost its ability to update its zone files. Perhaps the slave is no longer being notified, or it may have lost the necessary zone transfer permissions from the master. In a large distributed environment where DNS changes are frequent, checking the SOA serial number for all the NS servers in a zone can be quite helpful — a quick way to eliminate the DNS as a possible source of a problem. Here is a perl script I wrote a few years back to retrieve the SOA serial number for a given domain.
Pinterest has published several methods that website owners can use to provide information for their Rich Pins format, including the standard Open Graph meta tags. Open Graph meta tags generally include the title, description, one or more images, but can also include product details, author information, etc. This past week I found a serious incompatibility between Pinterest’s support of the ‘article:author’ meta tag, and that of Facebook (the leading proponent of the Open Graph standard).
- The Open Graph protocol website describes the ‘article:author’ value as a “profile array – Writers of the article”.
- Facebook describes the ‘article:author’ value as “An array of Facebook profile URLs or IDs of the authors for this article”.
- And Pinterest describes the value as “Article author, all line breaks and HTML tags will be removed”.
Recently, I needed to sync several directories on a backup / fail-over server with the same directories on a production server. Rsync over SSH takes care of this, but if you want to tighten security, you must use the “command” restriction in the SSH authorized_keys file — This restricts the authenticated key to running a single command, with a specific set of arguments. For example, let’s look at a typical command that might be run from a backup server to rsync daily database dumps:
backup$ rsync -av --delete -e "ssh -i $HOME/.ssh/prod-rsync-key" \
Nginx Inc. provides access to the nginx-plus package and repository using SSL certificates. Their instructions include the configuration of apt for Ubuntu, but for people using apt-mirror and Puppet to manage their internal servers, additional custom configurations are required.
The standard apt configuration for nginx-plus might look like this:
$ cat /etc/apt/apt.conf.d/90nginx
The connection to the nginx-plus repository must be made using HTTPS and authentication is handled by client certificates. As provided, apt-mirror is not able to manage SSL certificates, so two sections in the apt-mirror script must be modified. The
%config_variables array defines the settings read from its configuration files. We will add the ‘certificate’, ‘private_key’, and ‘ca_certificate’ settings to the array.