Creating your own PKI using Cloudflare’s CFSSL

For those looking for a strait forward PKI, here’s how to get it, using Cloudflare’s CFSSL. Why CFSSL? If you’re looking for a simple solution, this is as simple as it can get: install Go Compiler, compile CFSSL and your done. Drawback? There’s little flexibility in terms or library versions. You get what Go offers. Now, CFSSL isn’t the most well documented application over there and yes, some configuration items aren’t document at all, so see right below on how to create a PKI using CFSSL. Editor’s Note: This walkthrough was corrected to support the new “ca_constraint” parameter. 8        

Authenticated Public NTP server howto

Configuring an NTP server is by far not the most strait forward nor best documenting activities while managing a data center. Adding authentication on top of it, just makes things worse, far worse. Fortunately, it’s something only done once. The end goal: Authenticated NTP. ntpdate -d -k /etc/ntp.keys -a 10 9 Jul 23:24:33 ntpdate[19359]: ntpdate [email protected] Fri May 28 01:20:57 UTC 2010 (1) Looking for host and service ntp host found : transmit( receive( receive: authentication passed

UHD Premium – How to screw the consumer in favor an industry player

One of the big news during CES 2016 was the announcement of UHD Alliance Ultra HD Premium specifications. However, all said and done, it was a complete disappointment as far as consumer interests were concerned. The end result is nowhere nearer anything which can be useful for a consumer to take an informed decision on which new TV set to buy. Why? To understand, one needs to spot the questions the UHD Alliance set out to answer, and where it failed, miserably and fully intentionally.

Radmin on Mac OSX

It’s been literally years since I (and others) requested Radmin to add Mac OSX to the list of operative systems supported by the client version of Radmin Remote control. Actually one can actually see posts requesting this feature back in 2005. So much for listening to user’s requests…. … Well, enough is enough and it’s time to leave the Windows virtual machine, and use Radmin on Mac OSX through Wine and all it’s native beauty. It take a number of hours, but at the end it’s well worth the wait. Install Macports This step is only necessary if you don’t already …

Using Memcached on QNAP QTS 4.1.x

EDIT: For QTS 4.2 onwards use this guide which includes the right package.   For too long I’ve been struggling against my Semantic Mediawiki performance running on a QNAP machine. Pages were taking 10+ seconds be generated and new pages could take around 30s. Although those were certainly not the most simple of wikis, judging for the number of semantic properties and templates associated, those times were simply unacceptable, even for an Atom based hardware. After trying to improve QNAP’s Mysql performance, and upgrading to the latest available php 5.5 on QNAP (which already supports OPCache by default), all without …

ownCloud 7 on QNAP QTS 4.1

EDIT: This procedure is working as of ownCloud 7.0.2. Both QNAP and ownCloud have evolved since the lat updates, but some of the news aren’t exactly good: QNAP no longer supports customised apache config files; ownCloud 7 updater removes any unknown files from onwCloud root directory. How to fix both? Well, as for number one, there’s no good alternative, but it can be altogether worked around. As for number two, the fix (and workaround for one) is the following: edit .htaccess file present on ownCloud root dir, and add the following lines on the <IfModule mod_php5.c> tag: php_value eaccelerator.enable 0 php_value eaccelerator.optimizer …

HDMI-CEC Guide: What it is and why you should have it (and use it)

Editor’s note: HDMI-CEC is also known as Anynet+ (Samsung), CE-Link (Toshiba), EZ-Sync (Panasonic), Bravia Theater Sync (Sony) and SimpleLink (LG). Apart from any eventual proprietary extensions, all support the same basic functionality. There is a plague invading our living rooms for the past couple of years: remotes. First there was only one: the TV remote, then the VCR remote came in, but over the last couple of years, things started to go awry: DVD remote, Bluray remote, cable box remote, AV receiver remote and so forth. Typical AV setup during the years The thing is, when the TV remote appeared, there was only …

QNAP VPN access on Owncloud 7

One of the changes Owncloud 7 brought was related to security. Unlike Owncloud 6, version 7 added a configuration items which allows to select which domains can access Owncloud. This configuration is not relevant if you only want to allow access from your local network, but if you have QNAP serving as VPN endpoint (ou router) things need to be changed. This is due to the different addressing used by VPNs. For instance, local domestic networks are usually 192.168.x.y, but VPNs are often on the range of 10.0.0.x. On QNAP default values are 10.0.0.x for PPTP VPN and 10.8.0.x for …

Owncloud database migration from SQLite to MySQL – QNAP specific

One of new few features on Owncloud 7 is the possibility to migrate databases. On my case, I originally installed Owncloud on SQLite, which is fine for a small number of files and one single user, but when going into the tens of thousands of files and multi user, SQLite is no longer a solution. Then, how do we get out of SQLite without having to start from scratch ? Set up QNAP to locally run Owncloud; Create a new mysql database; Migrate database.

Installing Owncloud 7 on QNAP hardware – upgrade from version 6

Edit: If you’re getting a blank screen after upgrading to ownCloud 7.0.2 or QNAP QTS 4.1, go to this post: View. Little more the 3 months ago I published the guide for Ownclod 6 on QNAP hardware, and Owncloud 7 is upon us. If you wan’t to see how history was made, feel free to have a look at all the previous posts on Owncloud: Installing Owncloud 6 on QNAP hardware – Additional Steps for version 6. For first time install, please make sure you follow the eaccelerator step Installing and using ownCloud on QNAP hardware Owncloud database migration, also on …

Back to Top