by ezs | Jun 7, 2025 | evilzenscientist
Ah – the delights of the security dance.
This website, and others I maintain, use CloudFlare as the free front-end to safeguard against brute force and DDOS attacks. For several of these sites the geo-fencing is set to US only.
Last time round the certs failed to renew. Some troubleshooting, and the secondary challenge from the Let’s Encrypt ACME client was getting firewall denied at the Cloudflare side.
There is no allow-list of IPs, nor a single ASN to allow.
This FAQ from Let’s Encrypt is helpful – and I’ll probably need some process updates to make this more robust.
by ezs | Jun 7, 2025 | evilzenscientist
It’s that time of year again.
The SUSE Linux Enterprise Server roadmap is a great planning resource.
Upgrading from SLES 15 SP5 – and I got the choices of SP6 and SP7, the latter may be late public beta, release candidate or general availability. (Usually non-GA releases are flagged as such, so I suspect that the upstream repos have recently rolled over to GA. I’ll update over the coming week).
The usual zypper migration, resolve some dependency issues (deprecated packages, standalone items to make SLES 15 SP5 useful), accept the EULA, and ten minutes of updates and a reboot later.
Quick and easy.
by ezs | Apr 4, 2025 | evilzenscientist
Note for the future.
- Deletion performs a soft delete, which leaves the Log Management solution in place, which then can’t be deleted
- Make sure you do a hard delete, which allows the Log Management solution to be deleted.
I wish I remembered this every time.
by ezs | Apr 1, 2025 | evilzenscientist
Unmanaged disks (aka classic Azure disks) where the VHD lives inside a storage account are end of life at the end of September 2025.
We have a handful that are underpinning some older appliances.
Finding them is a simple Kusto search:
resources
| where type == “microsoft.compute/virtualmachines”
| join kind=leftouter (ResourceContainers | where type==’microsoft.resources/subscriptions’ | project subscriptionName=name, subscriptionId) on subscriptionId
| where properties.storageProfile.osDisk.managedDisk == “”
| extend osDiskName = properties.storageProfile.osDisk.name
| extend osDiskUri = properties.storageProfile.osDisk.vhd.uri
| project subscriptionName,resourceGroup, vmName = name, osDiskName, osDiskUri
| union (
resources
| where type == “microsoft.compute/virtualmachines”
| mvexpand dataDisk = properties.storageProfile.dataDisks
| where dataDisk.managedDisk == “”
| extend dataDiskName = dataDisk.name
| extend dataDiskUri = dataDisk.vhd.uri
| project vmName = name, dataDiskName, dataDiskUri, resourceGroup
)
by ezs | Mar 23, 2025 | evilzenscientist
Went into Mailchimp and did some much needed cleanup.
Archived some 50% of the mailing list that had unsubscribed.
I need to dig more into the platform, it’s been neglected for too long.
Recent Comments