News

After a long time working on other things, I've started rebuilding a bunch of the systems backing Toreishi.net. As part of that, I've decided to move from XWiki to Confluence (especially since, let's be honest, XWiki is essentially an open-source Confluence clone). I've been partial to the Atlassian collaboration suite since I worked with it several years ago, and I haven't encountered anything commercial that comes close to Confluence and JIRA in the intervening years. I still need to import a bunch of old data over, but there should be a fair amount of content resurrected and updated in the upcoming months. 😄

Yes, it's been a while since I've updated anything here. I really should do more updates. 😋 I've worked on a few things, so will start scribbling things here in the meantime.

At the moment, I'm replacing my older server at home with an Intel NUC. While doing so, I was looking at installing Windows Server on my server as before... except that a few things have changed. For starters, since it's a 7th Generation Intel Core-based system, Windows Server 2012 R2 is no longer supported. Okay, I can deal with that... except that my preferred minimal server interface is no longer supported. Thanks?

So I suppose I'll end up running VMware ESXi there too. Except that there have been changes there as well, with VMware 6.5, where the native Windows client has been deprecated. Thanks? And on top of that, predictably, ESXi doesn't support the 7th Gen NUC out of the box. Fortunately, there are workarounds, but... bleh.

Just can't win, I guess...

Welcome!

This is the newly set up home for toreishi.net, which will serve both as a personal soapbox for the infrequent times I have something to say, as well as a reference site for users of the site (as I find time to document things, at least!). Things will be a bit cluttered for now, but bear with the mess - it'll get better!

Apologies for the short term use of reCAPTCHA for anonymous comments - I find that it tends to create some fairly ridiculous entries, but I'll need to get better at my Ruby hacking skills before I can replace it with are you a human, which I find much more tolerable.

I've been somewhat busy over the past few months, which has led to a definite dearth of updates, but I'm now at the point where I'm starting to work on a number of technical projects.

• As you can see, I've moved over the blog from using Wagn to using XWiki. A good piece of this has to do with the annoyance of trying to using Ruby Gems from a system administrator's perspective (running gem as root, which you normally want to do since it's installing files in /usr, then creates files that have bad permissions) and with dealing with Ruby app servers (for some reason, Passenger was magically working, and then equally magically broke). I don't love Ruby enough to fight with it, especially given how Gems are administratively unfriendly in how they're too much like the Wild West to be packaged in a native manner.
• I'm working on migrating from two physical servers to a single physical server running VMware ESXi with multiple virtualized hosts. This should allow me to better isolate systems from each other.
• Along with the above, I'm working on moving the physical server to be colocated, which should help buffer users from anything I may be doing with my connection.

The User Documentation page is now up, although it's restricted to users. Easy accessibility for current users is awaiting LDAP integration in Wagn, but that's supposedly coming Soon™.

In the meantime, I'm continuing to putter around learning better how some of these systems work. For example, hooking up a CentOS> system to a Windows Server system via Active Directory (using CentrifyExpress) has been fairly interesting, due to the downstream implications of not necessarily using local PAM authentication (since AD provides LDAP services, for example). Although I'm still having to get used to PuTTY using the Windows Kerberos ticket to do SSO onto my Linux system....

Miscellaneous notes so far:

• Having AD LDAP means that as long as I push users to have an AD account, my non-elevated web applications don't need to have local PAM access (which requires some form of elevation).
• Anything that does check PAM now needs to know to check AD as well (via pam_centrifydc.so).