In my previous Article i described, how i created the PKI for my Home Network. This time i will show you how i implemented a few small scripts to automate the necessary maintenance for my PKI. Continue reading Automating the CRL generation and distribution of an OpenSSL Certificate Authority
Tag Archives: How to
Building a PKI with OpenSSL
In preparation of my new OpenVPN Server, I needed a PKI (Private Key Infrastructure). A PKI is basically just a way of managing digital certificates. My software of choice for this is OpenSSL, it lets you create certificates for pretty much every usage scenario and SSL is the standard for many encryption scenarios. I actually build a new PKI for my web Servers, but there some issues with it, that convinced me to create an entirely new PKI instead of just a sub CA for OpenVPN. This time i am documenting my approach, mostly to actually have some documentation on the subject, but also to help others avoid the mistakes I made with my old PKI. Continue reading Building a PKI with OpenSSL
Migrating Postfix and Dovecot from a MySQL User-Database to Active Directory
When I set up my Active Directory, I wanted to migrate all services at home to authenticate against it. Now that I had the AD running and a few not so critical services used it, it was time finally migrate this one. I don’t have an Exchange-Server at home(nor do I want one) and my colleague who tested Openchange said it is not quite ready yet. So I will have to do without Exchange-extensions for the AD. I will still be able to do the basic management for my mail users in the AD, but I won’t be able to use any of the exchange extensions or tools for it. Continue reading Migrating Postfix and Dovecot from a MySQL User-Database to Active Directory
Joining a Debian Server to Active Directory
To prepare my Mail Server for the user authentication and authorization over the AD I wanted to join my Mail Server to the Directory as well. My example systems are the Domain Controller "ad.example.com" and my Linux Mail server "mail.example.com". Continue reading Joining a Debian Server to Active Directory
Linksys SPA 3102 – Making it Work with Asterisk
I wanted to look into asterisk a little, but that only makes sense if I have some kind of telephone line for it. I don’t have a VOIP line that I could simply move to an asterisk install, but I do however have an analog telephone line which don’t use so far. Naturally I wanted to use that and since this was mostly for messing around a little I wanted to keep the costs low. Continue reading Linksys SPA 3102 – Making it Work with Asterisk
Authenticating Subsonic Against an Active Directory
One of the Services running on my Server is the Subsonic streaming server. Subsonic is an open source project and has some very nice features like on the fly transcoding to match a certain bandwidth and web based playback of videos and music. I mostly use it for the video playback on my phone or Laptop, but my family has access to it as well. Continue reading Authenticating Subsonic Against an Active Directory
Service Monitoring with Nagios
After setting up Nagios I had a network monitoring system, that could tell me when a host was down. While this is nice, it is not actually what I want to know. The goal of network monitoring is to determine, if all your services are running properly. Continue reading Service Monitoring with Nagios
Starting with Nagios
My Home IT has grown quite a bit over the last years. I am now at a point where a problem can have causes in a bunch of different machines.
This means, that i actually can spend quite some time to identify the service that has the problem. For example if my SQL Server goes down a lot of other services will not work anymore, but i might only see that my Mediacentre stopped working or that i can’t log into my E-Mail account anymore. Continue reading Starting with Nagios
Building a ZFS Fileserver
I decided to finally split my File-server from my Hypervisor. Mainly because there were some issues with my the System not liking one of my RAID Controllers resulting in all kinds of funky error Messages.
I found some nice used Hardware at a good enough price but i still had to decide on the Software. After asking around in the forums and reading up on it a little, it was clear that at this point the only real option was something with zfs. Continue reading Building a ZFS Fileserver