FreeNAS Failed to create mountpoint

Problem

I have two FreeNAS servers running version 9.10 on a HP MicroServer Gen 8. The main server has 16 GB RAM with a Intel(R) Xeon(R) CPU E3-1220L V2 @ 2.30GHz while the secondary has 8 GB RAM and a Intel(R) Celeron(R) CPU G1610T @ 2.30GHz. These two replicate data in both directions for off site backup. I recently upgraded them both to FreeNAS 11 U2 while also taking the opportunity to migrate backups from ISCSI ZVOL to Datasets. This meant replicating the new datasets.

Read more…

Please share 🙂

NGINX Reverse Proxy LetsEncrypt Auto-Renew

Intro

I finally got round to moving all my web services off a single server and onto a new server using ESXi virtualisation. I got an older HP G7 DL380 with 2x Intel Xeon CPU’s and 64GB of RAM for around £300 off eBay. It does use more power (Averages 150W) however it is well worth it as it provides full RAID redundancy and virtualisation provides easy backup/snapshots before any modifications. I have decided to create a separate VM for each service and then use NGINX as a reverse proxy to handle all the SSL. This greatly reduces management overhead as I have only got to renew the certificates in one place, it also provides speed improvements as well as security.

I was initially put off LetsEncrypt with its short certificate lifetime and the need for automation, especially when I add a large and complex Apache configuration file however I decided to go for it with a brand new VM and I am glad I did; it is brilliant!!

Read more…

Please share 🙂

Restore missing LVM volume group

This post will show you how I managed to restore my laptop after the grub configuration got corrupted and could not find the LVM root partition.
The grub menu booted into grub-rescue which I could not use to boot the LVM partitions as it was an unrecognised file system. Therefore the only thing to do was boot into a LIVE system. I tried several but ended up using an Arch system as I could potentially chroot into the installed system.

Read more…

Please share 🙂

Create IPSec/L2TP, IPSec EAP for Android VPN

Introduction

Android supports IPSEC/L2TP & IPSEC with XAuth with either PSK or Certificates. I struggled to find any thorough information on setting up the server in its various forms so have written this blog mainly so I don’t forget how to do it! I am using a Ubuntu server with Strongswan providing the IPSec, XL2TPD providing the XL2TP and PPP. IPSec provides the encryption, L2TP does not provide any security! Firewall rules need to be added to prevent someone trying to connect to the L2TP port outside of the IPSec tunnel.

IPSec/L2TP PSK (Pre Shared Key)

Firstly lets start with the easiest one to setup; this doesn’t use certificates so makes it quicker to setup. We need to install strongswan to provide the IPSec, ppp and xl2tpd.

apt-get install strongswan xl2tpd ppp

Read more…

Please share 🙂

Install Kolab Mail Server on Ubuntu

This post will show you how to install Kolab mail server on ubuntu 14.04, in this example on a DigitalOcean VPS.  Kolab’s recipient policy will be removed because I do not need guaranteed unique email addresses, secondary alias addresses setup etc. DKIM is another important factor when configuring a mail server as it allows other mail servers to validate the authenticity of you emails. There are many useful plugins available for roundcube such as integration with Google Authenticator app. For sources see the reference section at the end.

Install Kolab

The first step is to install Kolab on the VPS. Add the following to /etc/apt/sources.list.d/kolab.list using nano or similar.

We need to import the authentication key to validate the packages. Run these commands.

To make sure the Ubuntu server priorities the packages from the Kolab repository we need to create a preferences file. Create and put the following in /etc/apt/preferences.d/kolab:

Setup Kolab

Read more…

Please share 🙂