Mastodon and FreeBSD

Together with updating all other craps and server migrations, I decided to finally update Mastodon install as well which I broke after upgrades and package removals.

Then in usual fashion, one of dependency didn’t install on FreeBSD because it’s missing pre-compiled binary and the build script has too strict settings causing the build to fail.

Did some hackery to figure out how to fix it (following this guide works) but then when I looked around the situation on the official uws module page it says it’s been unmaintained since forever. Googling around a bit it seems like the author is being a dick and ended up ragequitting the module. Mastodon dev was notified but no action is taken.

The good thing is I looked into replacing it with ws a long time ago and posted it to Mastodon issue tracker. As I’m not interested in doing the module-level hackery, I figured it’s easier to do it now. Also I forgot how I fixed it before which didn’t involve such hackery. Or maybe I did. I don’t know.

In the end I reapplied my patch and everything is good again.

Or not, because I switched PostgreSQL authentication to the shiniest Scram-SHA-256 which isn’t supported by node-postgres. The issue has been open forever and I’m not really interested in fixing it.

Thankfully someone tweeted me the existence of node-pg-native. I looked into it and even though it’s not a drop-in replacement for node-postgres, adding pg-native and setting NODE_PG_FORCE_NATIVE=1 environment variable will force the module to use native library which fixed the problem.

Except for node-libpq which for some reason doesn’t link correctly (my postgres is installed in non-standard path). Whoops. I think fixed it and hopefully it gets merged.

With all the fixes in place, everything seems fine.

Letsencrypt, cavemen edition

Just had to do some letsencrypt setup in some servers so I figured I should write down what I did so I can just check this page again instead of digging how I did it previously.

Requirements:

  • nginx
  • certbot

This assumes the server only serves https and redirects all http traffic. Adjust as needed otherwise.

Full nginx SSL/TLS config not included.

First add this config to nginx to handle verification:

# part of default port 80 config block
location /.well-known/acme-challenge/ {
    root /var/www/certbot;
}

And then create the directory (I’m not actually sure if needed):

# mkdir -p /var/www/certbot

Make the first cert because I’m too lazy to ensure the config directory is setup correctly:

# certbot certonly --webroot -w /var/www/certbot -d DOMAIN_NAME_GOES_HERE --keep --agree-tos --email SOME_KIND_OF@EMAIL_ADDRESS --no-eff-email

At this step, the certificate and all should have been properly generated.

Then use it in nginx configuration, the relevant server block:

ssl_certificate /etc/letsencrypt/live/DOMAIN_NAME_GOES_HERE/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/DOMAIN_NAME_GOES_HERE/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/DOMAIN_NAME_GOES_HERE/chain.pem;

If the full path seems too long, symlink it to nginx config base directory or something.

Update certbot CLI configuration located at /etc/letsencrypt/cli.ini:

rsa-key-size = 4096
text = True
authenticator = webroot
webroot-path = /var/www/certbot

To add more certificates:

# certbot certonly -d ANOTHER_DOMAIN

Don’t forget to update nginx configuration as before.

Since the certificate needs renewal periodically, create this simple script:

#!/bin/sh
# I personally put this in /root/bin/refresh-ssl-certbot

/usr/bin/certbot renew
/path/to/sbin/nginx -s reload

Make executable, etc. Try it to make sure it runs properly.

Then add it crontab. I usually do it weekly.

And done.

There might be smarter way using certbot’s nginx plugin or something but I haven’t bothered reading its documentation and initially this was just a stopgap switching from acme-client which is way simpler but stopped working for me few months ago.

IP address checker

Random idea I came up when reading nginx mailing list. A very simple way to set up external IP address checker using nginx on a remote server.

location = /ip {
    default_type text/plain;
    types { }

    return 200 $remote_addr\n;
}

Accessing /ip will then return the current external IP address. A more fancy output like JSON is possible as well.

HP Z210 SFF/CMT and SSD

My SSD doesn’t quite “work” with HP Z210 SFF/CMT.

  • Model: CT525MX300SSD1
  • Brand: Crucial
  • Type: MX300
  • Capacity: 525Go
  • Error:
    • 1798- Hard drive with hardware encryption enabled detected while in RAID mode. Drive: SATA0 (Dark Blue). Drives that are using hardware encryption should not be included in RAID volumes. Using them may cause volume corruption and unpredictable behavior.

It can still be booted (I think) but F1 needs to be pressed when on startup which is annoying.

Note that same type but with 275Go capacity doesn’t have same problem.

Update 2017-05-31: Doesn’t work with Z210 CMT either. Same error.

Update 2017-08-04: Forgot to update but the drive does work after I clear out the eDrive mode or something. It was done using Crucial’s SSD utility.

Upgrade Log 3

The last one for this batch! Everything arrived, assembled, and finished without much problem.

Windows 10 is even more annoying than ever. Disabling Cortana now must be done using Group Policy. Great. I have to slowly live it up because this is the future of Windows and I don’t see myself using another operating system for desktop for foreseeable future.

Also, don’t disable universal app background process if you want a functional start menu search.

<insert a bunch of other tweaks here>

Up next

Closest upgrade I can think of is getting an extra 6+To drive so I have 6 drives raidz2 instead of current 5 which is quite a waste. I’m not sure how to migrate the data though. That’ll cost about 25k?

And I remembered about my netbook only having 2Gio of RAM. Surely can be upgraded to 8Gio for maximum lulz. Or just more useful. I remember it’s much more usable when it’s running on 4Gio of RAM. I don’t exactly remember when and why it’s only 2 now. It already has SSD so the RAM upgrade would pretty much max out upgrades for this system. Not counting higher capacity/performance SSD because I don’t think it won’t make much difference apart of having more storage – faster SSD won’t help the slow CPU much. 5k for RAM.

After that, I can certainly use more storage for my main desktop. A 1To SSD would certainly be nice. A bit expensive at 33k.

With storage out of the way (and moves the 525Go drive to office desktop), I think my office server can also use some storage upgrade. Just like current home server, it can certainly use two more drives for optimum raidz2. That means a controller, HDD cage, and one extra HDD (because I already have one spare 3To HDD). The total would be about 51k.

There’s VGA card upgrade for main desktop but I’m still not sure about that. I don’t really need it but certainly would be nice! Let’s pretend it’ll cost 40k for whatever card at that budget whenever the upgrade is happening.

Talking about VGA card, there’s also a would-be-nice upgrade for my office desktop VGA. It’s currently running GT730 which is not quite fast. Limited to 45W, current choice is limited to GT1030 at 10k.

At this point there isn’t much left to be upgraded. So let’s upgrade the server RAM to 32Gio from currently pitiful 12Gio. I would like to pretend it’s cheap but it really isn’t even now. I was pretty lucky last time getting two sticks of 8Gio for just 10k but it won’t happen often. So maybe about 25k I’d be willing to spend.

I think there is no more after this. I probably won’t reach this far until at least next year or even later anyway and something may break in the meantime, requiring change of plan.

  1. (5k) RAM: 8Gio PC3-12800S
  2. (25k+) Storage: 6+To HDD
  3. (33k) Storage: 1To SSD
  4. Storage:
    • (4k) Controller: LSI SAS 9212
    • (7k) Misc: HDD Cage 2 5.25″ to 3 3.5″
    • (15k?) Storage: 3+To HDD
  5. (40k) VGA card: ???
  6. (10k) VGA card: GT1030 (or better)
  7. (25k) RAM: 32Gio PC3-12800E

Total: 164k.

…maybe this will happen sooner than expected ( ゚◡゚)

Upgrade Log 2

“New” “server” has arrived. So have the SATA/SAS controller and hdd backplane.

Unfortunately the 5.25″ bay separator is a bit too big so I had to “fix” it.

The cage works complete with hot swap.

So is the SAS card. Flashed to P20 IT mode without much problem. Someone mentioned it might fail on UEFI motherboard booted to DOS in BIOS mode but I didn’t encounter such problem.

Updated the system BIOS as well.

Processor installed without much problem – finally another server with Ivy Bridge processor. SAS card seems to be a bit problematic when system boot support is enabled. I just disable it and everything seems fine. Ethernet card also installed without problem. SSD thankfully detected without hitch and the OS from previous server boots fine.

Still quite a lot of restructuring needed thanks to two servers being merged but there’s nothing else to do hardware side (unless I decided to buy extra drive to round up the data pool to 6 drives raidz2).

Office server also done the rearrangement and now has more threads but much less memory.

Office desktop is currently gimped a bit with just E3-1225 but that will be fixed once the DDR4 memory arrives. And then the graphics card will get a downgrade from GTX660 to GT730.

Now waiting for the memory. I hope it arrives this month so I can say goodbye to this memory-starved system as soon as possible.

That reminds me, I should put up old stuff for auction…

Upgrade log 1

Ordered the RAM sticks. According to the store they’re on backorder and should arrive in one or two months. Hopefully they actually arrive. And doesn’t take two months.

It’s the most annoying part because barely anyone sells what I want and most of them are stupid overpriced.

On another note, I’ve gotten the all in one server. Should arrive sometime this week.

Accompanying the server, I also secured the drive bay converter and SATA (SAS) controller.

I can then proceed to put it in service once everything arrive. Starting from basic check, reflashing the controller, updating BIOS, and swapping parts. Need to take out 1230v2 from office desktop.

I’m thinking of doing everything at once after the basic preparation is done so I can minimize downtime. It’ll be my router after all. And web server. And storage server. Everything~

If there’s no problem, I’ll continue finishing new office desktop and swapping parts for end state of office server.

That will conclude the most troublesome parts. Assuming everything works as planned, that is.

Sure hope there’s no problem with new Ryzen system~

I will probably end up getting a new SSD though. Or not. We’ll see.

Upgrade plan

It’s time to upgrade my system! Everything! Or not really because some parts are just shuffled around.

Here’s the planned final state.

Home / Server

  • System: Dell PowerEdge T110 II
  • Processor: Intel Xeon E3-1230v2
  • RAM:
    • DDR3 PC3-12800 ECC UDIMM 8Gio x4
  • PCI cards:
    • SATA Controller / LSI SAS 9212-4i
    • Ethernet Controller / Realtek 8111
  • Misc:
    • 2×5.25″ to 3×3.5″ HDD Converter Bay / Century iStarUSA BPN-DE230SS-BK
  • Drives:
    • Seagate 600 SSD 240Go
    • SanDisk Ultra II SSD 240Go
    • Western Digital Red HDD 6To x5 (or 6?)

New all in one server replacing current combination of Microserver and Z210 SFF.

Home / Desktop

  • System: Custom built
    • Case: SilverStone Micro ATX SST-PS07B
    • Power supply: Antec Green 650W / EA-650-GREEN
    • Motherboard: ASRock AB350M Pro4
  • Processor: AMD Ryzen 7 1700
  • RAM:
    • DDR4 PC4-19200 ECC UDIMM 16Gio x2
  • VGA: ASUS GeForce GTX950 / GTX950-2G
  • Optical drive: TSST (Toshiba Samsung) DVD-ROM 16x
  • Drives:
    • Crucial MX300 SSD 525Go
    • Samsung 840 SSD 250Go
    • Western Digital Blue HDD 250Go x2

Now with 100% more modern everything. No, just new processor/motherboard/RAM.

The VGA and SSD can use better upgrade but those will do for now.

Office / Server

  • System: HP Z210 CMT
  • Processor: Intel Xeon E3-1235
  • RAM:
    • DDR3 PC3-10600 ECC UDIMM 4Gio x2
    • DDR3 PC3-10600 ECC UDIMM 2Gio x2
  • Misc:
    • 1×5.25″ to 1×3.5″ HDD Converter Bay / Century iStarUSA BPN-DE110SS-SV
  • Drives:
    • Transcend SSD370 SSD 512Go
    • Samsung 850 EVO SSD 500Go
    • Seagate 7200.10 (or 11?) HDD 3To x5 (4 connected due to lack of SATA ports)

Processor is upgraded from E3-1225 but RAM is downgraded from 20Gio total.

Office / Desktop

  • System: HP Z210 SFF
  • Processor: Intel Xeon E3-1270
  • RAM:
    • DDR3 PC3-10600 ECC UDIMM 8Gio x4
  • VGA: MSI GT730
  • PCI cards:
    • USB 3 Controller / Inateck 2 Ports USB3
  • Optical drive: HP DVD-RW 16x?
  • Drives:
    • Crucial MX300 SSD 275Go
    • Seagate Barracuda HDD 250Go x2

Another victim here. The RAM is now ECC but the VGA is downgraded far from GTX660 which I’m moving to somewhere far away.

Notes

Now I look again there’s possibility the current drive structure plan to not work because of compatibility problem. I will need to figure that out later and shuffle the drives around as need. I should’ve taken memo of the compatibility problems I encountered.

NEC Express5800/53Xg review

More reviews! I’ve always wanted to write these because there doesn’t seem to be many information on those. Most likely because they’re branded PC. Not only that, they’re branded workstation PC. Expensive new but dirt cheap second hand. Being workstation, I also expect them to last quite a long time.

Anyway, after the uselessness of Z210 SFF for desktop, I got its CMT version and used it for a while. That one has relatively similar specs, just larger and fit normal GPU and can supply enough power to it. There’s no problem with it except being large.

Surfing around Yahoo! Auction again, this time I found this NEC Express5800/53Xg. At 14100 yen total with shipping, it came with E3-1225, 4Gio of RAM, and two 250Go WD Blue hard drives.

Unlike the HP counterpart, this one is noisy. So bad that I ended up replacing the front 8cm fan with my spare Gelid fan. It helped a bit. Then I replaced the CPU HSF with the only one that seems to be compatible with it, Thermaltake Engine 27. It helped a lot. I also put some resistors on the tiny back fan. Also helped a lot.

Thankfully the headers are standard and BIOS doesn’t stop when it spots missing fans.

Unfortunately, it resulted in hot CPU. Mainly because the replacement HSF is rated for 70W TDP CPU while the installed CPU is 80W. Whoops. At least it works. Most of the time. Just a bit hot. 100°C hot.

And it’s still kind of noisy.

It doesn’t support Ivy Bridge CPU either so I can’t use E3-1230v2 which has 69W TDP.

On the bright side, it uses riser so it accepts full sized GPU. And the motherboard can also supply full 75W to it.

In the end, it’s usable for desktop. Kind of.

The other problem is it only has 2 RAM slots, maxing out at 16Gio. I thought it’s enough. Except it isn’t. Task manager is currently showing I’m using 14.6Gio which isn’t quite comforting. Electron apps are to blame but in the end I just need more RAM because I ultimately use those apps.

(WthasApp using 300Mio? Really? And Slack 500Mio? What the hell is this?)

It also has two gigabit ethernet which I have no use of.

Another small complain is it’s got slim DVD which isn’t as nice as normal drive. Mainly the attaching the disc part.

Internally there are only three SATA ports. And the hard drive cage, while completely standard, is a pain to install/remove drives with because it needs full removal of optical drive and the cage itself.

My unit didn’t come with rubber feet so I used this thing. Works pretty well.

Conclusion

  • usable for desktop (it’s my current desktop)
    • except it’s noisy and/or hot
  • should be fine for server as well if 16Gio is enough

The noise pretty bad and the heat is worrying so I’m considering replacing it with something else. Of course there’s Ryzen. But it’s expensive and is way more than what I need. It also won’t run Windows 7 unless Microsoft backs their stance. I may consider it next year but for now I don’t think it’ll happen. Maybe it’ll happen sooner than I thought.

Alternatively there’s another workstation candidate: Fujitsu Celsius J510. It also seems to support full sized GPU. Assuming it’s not too long, that is. Turned out the PCIe slot is at the bottom which means it only supports single slot GPU. Nope.