LVM Transaction ID mismatch and metadata resize error

I nearly lost my LVM thin pool on my laptop recently due to the metadata nearly filling up (99.4%). I first noticed this when trying to install something and the root filesystem was read only. Rebooting the machine re-mounted the root partition as RW. Trying to get this pool into a healthy shape gave me all sorts of transaction id and meta errors so hopefully this post will assist someone.

My LVM Layout

I use LVM on my Fedora 27 system along with encryption; it is probably useful to share the layout so the rest of the blog makes sense.

Using the LVS command:

Read more…

Please share 🙂

FreeNAS Failed to create mountpoint

Problem

I have two FreeNAS servers running version 9.10 on a HP MicroServer Gen 8. The main server has 16 GB RAM with a Intel(R) Xeon(R) CPU E3-1220L V2 @ 2.30GHz while the secondary has 8 GB RAM and a Intel(R) Celeron(R) CPU G1610T @ 2.30GHz. These two replicate data in both directions for off site backup. I recently upgraded them both to FreeNAS 11 U2 while also taking the opportunity to migrate backups from ISCSI ZVOL to Datasets. This meant replicating the new datasets.

Read more…

Please share 🙂

NGINX Reverse Proxy LetsEncrypt Auto-Renew

Intro

I finally got round to moving all my web services off a single server and onto a new server using ESXi virtualisation. I got an older HP G7 DL380 with 2x Intel Xeon CPU’s and 64GB of RAM for around £300 off eBay. It does use more power (Averages 150W) however it is well worth it as it provides full RAID redundancy and virtualisation provides easy backup/snapshots before any modifications. I have decided to create a separate VM for each service and then use NGINX as a reverse proxy to handle all the SSL. This greatly reduces management overhead as I have only got to renew the certificates in one place, it also provides speed improvements as well as security.

I was initially put off LetsEncrypt with its short certificate lifetime and the need for automation, especially when I add a large and complex Apache configuration file however I decided to go for it with a brand new VM and I am glad I did; it is brilliant!!

Read more…

Please share 🙂

Restore missing LVM volume group

This post will show you how I managed to restore my laptop after the grub configuration got corrupted and could not find the LVM root partition.
The grub menu booted into grub-rescue which I could not use to boot the LVM partitions as it was an unrecognised file system. Therefore the only thing to do was boot into a LIVE system. I tried several but ended up using an Arch system as I could potentially chroot into the installed system.

Read more…

Please share 🙂

Create IPSec/L2TP, IPSec EAP for Android VPN

Introduction

Android supports IPSEC/L2TP & IPSEC with XAuth with either PSK or Certificates. I struggled to find any thorough information on setting up the server in its various forms so have written this blog mainly so I don’t forget how to do it! I am using a Ubuntu server with Strongswan providing the IPSec, XL2TPD providing the XL2TP and PPP. IPSec provides the encryption, L2TP does not provide any security! Firewall rules need to be added to prevent someone trying to connect to the L2TP port outside of the IPSec tunnel.

IPSec/L2TP PSK (Pre Shared Key)

Firstly lets start with the easiest one to setup; this doesn’t use certificates so makes it quicker to setup. We need to install strongswan to provide the IPSec, ppp and xl2tpd.

apt-get install strongswan xl2tpd ppp

Read more…

Please share 🙂