About

I'm a Linux/Unix sysadmin with experience in High Availability, scaling and clustering, security, (Open)SSL and general linux system administration. I've worked as a sysadmin (devops) for Certificate Authorities, Hospitals, Managed Service providers, Datacenters Development shops and large Internet Service providers. I currently work for an Openstack provider. I like to design, build and manage large, complex and high available systems. I like to work with configuration management tools and version control systems. Documentation, monitoring and backups are things I do first, not when the time allows it later.
This is my personal website, please do note that these articles do not reflect opinions or policies of any of my (previous) employers, only my personal one.


Latest Items

Build a FreeBSD 10.3-release Openstack Image with bsd-cloudinit

27-04-2016 | Remy van Elst

We are going to prepare a FreeBSD image for Openstack deployment. We do this by creating a FreeBSD 10.3-RELEASE instance, installing it and converting it using bsd-cloudinit. We'll use the CloudVPS public Openstack cloud for this. We'll be using the Openstack command line tools, like nova, cinder and glance.

Read more...

IPv6 in a Docker container on a non-ipv6 network

12-04-2016 | Remy van Elst

At work and at home my ISP's have native IPv6. I recently was at a clients location where they had no IPv6 at all and had to set up and demonstrate an application in a Docker container with IPv6 functionality. They said the had IPv6 but on location it appeared that IPv6 wasn't working. Since IPv6 was required for the demo the container needed a workaround. This article describes the workaround I used to add IPv6 to a Docker container on a non IPv6 network.

Read more...

Active Directory and Exchange Command Line Powershell

27-02-2016 | Remy van Elst

This is a collection of Powershell snippets to install Active Directory, create a new Active Directory Domain, join an existing Active Directory domain and to install Microsoft Exchange 2013. The snippets were tested on Windows Server 2012 R2.

Read more...

Let's Encrypt with DirectAdmin, now built in!

24-02-2016 | Remy van Elst

Let's Encrypt is a new certificate authority, recognized by all major browsers. They make it a breeze to set up TLS certificates for your web server. And for free! Let's Encrypt is supported by major players like Mozilla, Akamai, Cisco, the EFF, the Internet Security Research Group and others. Let's Encrypt provides free, automatic and secure certificates so that every website can be secured with an SSL certificate. This article shows you how to setup Let's Encrypt with the DirectAdmin web control panel. DirectAdmin now supports Lets Encrypt natively since 1.50, so no more ssh fiddling, just via the control panel, for all the users on the server.

Read more...

Recap of week 04, 2016

30-01-2016 | Remy van Elst

Recap of week 04 of 2016, covering open source and sysadmin related news, articles, guides, talks, discussions and fun stuff.

Read more...

Recap of week 03, 2016

23-01-2016 | Remy van Elst

Recap of week 03 of 2016, covering open source and sysadmin related news, articles, guides, talks, discussions and fun stuff.

Read more...

Ansible playbook for GoAccess Log Analyzer

17-01-2016 | Remy van Elst

This is a small Ansible playbook to deploy the GoAccess log analyzer on Debian based systems. Next to Piwik, I use goaccess myself to get better insights in who and what visits my servers. This role is ment to be included in your webserver playbooks.

Read more...

Recap of week 02, 2016

16-01-2016 | Remy van Elst

Recap of week 02 of 2016, covering open source and sysadmin related news, articles, guides, talks, discussions and fun stuff.

Read more...

Deborphan cleanup until no more orphaned packages left

11-01-2016 | Remy van Elst

Deborphan removes packages it thinks your system doesn't need anymore. It is a great tool for package cleanup and maintenance. Sometimes, after cleaning up the packages, it will find new packages that are orphaned (because you just cleaned up). This is a small script that cleans up with deborphan until there is nothing more to cleanup.

Read more...

Recap of week 01, 2016

10-01-2016 | Remy van Elst

Recap of week 01 of 2016, covering open source and sysadmin related news, articles, guides, talks, discussions and fun stuff.

Read more...

Microsoft Office 2013 and 2010 on Linux

02-01-2016 | Remy van Elst

This guide shows you how to run Microsoft Office 2013 and 2010 on Linux using CrossOver. It guides you through the installation and gives a review on what parts of the Office suite work with Linux.

Read more...

Recap of week 53, 2015

01-01-2016 | Remy van Elst

Recap of week 53 of 2015, covering open source and sysadmin related news, articles, guides, talks, discussions and fun stuff.

Read more...

Recursively find all [installed] package dependencies

31-12-2015 | Remy van Elst

This small script shows you all packages [installed] that are a dependency from a package, and the dependencies of those packages. I installed the build-essential package, but apt-get remove-ing that package doens't remove the development tools. So I was wondering what packages were installed, including those dependencies, to remove the ones I didn't want. This small script shows you all packages that are dependencies of a package, and repeats that for those packages.

Read more...

Recap of week 52, 2015

26-12-2015 | Remy van Elst

Recap of week 52, covering open source and sysadmin related news, articles, guides, talks, discussions and fun stuff.

Read more...

IPSEC VPN on Ubuntu 15.10 with StrongSwan

20-12-2015 | Remy van Elst

This is a guide on setting up an IPSEC VPN server on Ubuntu 15.04 using StrongSwan as the IPsec server and for authentication. It has a detailed explanation with every step. We choose the IPSEC protocol stack because of vulnerabilities found in pptpd VPNs and because it is supported on all recent operating systems by default. More than ever, your freedom and privacy when online is under threat. Governments and ISPs want to control what you can and can't see while keeping a record of everything you do, and even the shady-looking guy lurking around your coffee shop or the airport gate can grab your bank details easier than you may think. A self hosted VPN lets you surf the web the way it was intended: anonymously and without oversight.

Read more...

IPSEC VPN on Ubuntu 15.04 with StrongSwan

20-12-2015 | Remy van Elst

This is a guide on setting up an IPSEC VPN server on Ubuntu 15.04 using StrongSwan as the IPsec server and for authentication. It has a detailed explanation with every step. We choose the IPSEC protocol stack because of vulnerabilities found in pptpd VPNs and because it is supported on all recent operating systems by default. More than ever, your freedom and privacy when online is under threat. Governments and ISPs want to control what you can and can't see while keeping a record of everything you do, and even the shady-looking guy lurking around your coffee shop or the airport gate can grab your bank details easier than you may think. A self hosted VPN lets you surf the web the way it was intended: anonymously and without oversight.

Read more...

Recap of week 51, 2015

19-12-2015 | Remy van Elst

Recap of week 51, covering open source and sysadmin related news, articles, guides, talks, discussions and fun stuff.

Read more...

Forward or save outgoing email with Exim

16-12-2015 | Remy van Elst

I have a specific server where requirements state that all outgoing email should be saved for archival and auditing purposes. The server uses the Exim mail transfer agent, which makes this easy to configure. The outgoing email is also forwarded to an off-site mailbox, both for backup and easy consulting. This captures all outgoing email, sent by PHP scripts or cronjobs, or user accounts that send via exim. This tutorial also shows how to forward or save all outgoing email for a specific domain.

Read more...

Recap of week 50, 2015

12-12-2015 | Remy van Elst

Recap of week 50 of 2015, covering open source and sysadmin related stuff.

Read more...

Generate hashes of files with rhash for archival storage

11-12-2015 | Remy van Elst

Recently I had to archive a large amount of files to archival storage. To save space and reduce the amount of files I decided to create archives with tar. The files will be stored to tapes and DVD's, and will be restored in full, so random access times are not an issue, therefore the tar.gz choice. I do want to make sure that when the files need to be restored they still are correct. I first dabbled with some long shell commands to create checksums and verify them, but then I found the `rhash` tool in the repositories. It allows you to create checksums of files and folders, recursively, with all sorts of checksums, like CRC, MD5, SHA1 and many more. It also makes bulk validation very simple. This small article shows you how to create an archive file with the checksums included and shows you how to validate these checksums later on.

Read more...

Let's Encrypt with DirectAdmin or other Web Control Panels

10-12-2015 | Remy van Elst

Let's Encrypt is a new certificate authority, recognized by all major browsers. They make it a breeze to set up TLS certificates for your web server. And for free! Let's Encrypt is supported by major players like Mozilla, Akamai, Cisco, the EFF, the Internet Security Research Group and others. Let's Encrypt provides free, automatic and secure certificates so that every website can be secured with an SSL certificate. This article shows you how to setup Let's Encrypt with the DirectAdmin web control panel. The guide is generic, so it works for other controlpanels as well. For now it works with the beta, and required some linux knowledge and root access to the hosting server.

Read more...

All Items