Category: Site Updates

For quite some time behind the scenes I’ve been working on doing some housekeeping on this server. I began noticing the days after a MAME release things were getting really slow. Server slow to respond, major delays when I’d try to do anything, etc. It appears I had overburdened my poor little server. Running apache, postfix, mysql, fail2ban, and other general linux processes had taken all this lowely 1gb ram vps could handle.

Around this time Slackware 15.0 has come out which meant I was already planning all the changes I’d need and the upgrade/integration of what was already running for the new release. Software I had been building and maintaining for my use was now included within the distribution, but not everything was built for my needs. I began planning out how update process a while ago using multiple installs in vmware to build needed software and test configurations.

It was during this time I became interested in FreeBSD, and playing with the OS within VMs as well. I was surprised at how small the initial install was. Packages were easily installed and it tracked dependancies and took care of all of it. And it even can upgrade the OS inline, something you can do on slackware with a bit of work, but it’s not ideal. As I grew more and more familiar with FBSD and discovered more (the ports system!), I decided that I needed a reason to run it on a machine.

In the end, I decided I was going to re-build my email server on a FreeBSD box. The way the OS handles package and OS updates was a huge reason why I chose it rather than running two different Slackware VPSs. I wanted a machine I could setup once and can update without ever needing a re-install, that maximized the amount of space left over, without installing a ton of shovelware by default, (yes, 90% of a Linux distro is not needed).

This gave me a legit reason to continue to learn and use FreeBSD along side my fav Linux distro and I can even compare how the systems perform. (It’s worth noting overall Linux appears to perform better with less resources than BSD does.) After multiple attempted installs with different configurations, I settled on building the mail server using the iRedMail suite. It bundles user-built postfix, dovecot, roundcube and your choice of databases, including it’s own management software to maintain it all. Only, its bloated and it likely meant for larger scale operations. The main thing I got with this is a secure mail server, which I had struggled with before, (TLS is a bitch). It provided me with a great starting point to customize it for what I wanted it to do.

After fleshing that out for a week and trimming the fat, I was happy. That left my web server which needed work next. I opted to keep that running on Slackware and do a fresh install of the latest release, as a lot had changed in the six years since the last full release. I tore out much of the cruft and reduced its footprint as much as I could (there’s likely more I can remove, but I’m content for now). I looked into some web backends to bring the site more into this century (not that I don’t love my basic html site), I felt it was time to bring a little life to my space on the web.

So that brings us to this site-wide WordPress install (I’m sorry, Jeremy ;). I briefly looked into some other CMS solutions, but decided, for now I’ll go with what I’m familiar with. I always have the option to move on again (….right?!?) in the future. There’s still much to be done, and I’ll finish it up over the next week or so, but I just wanted to get it back online before the next MAME release comes. I hope to add some more content and things revolving around MAME and maybe other stuff as well. I don’t feel like I’m in a prison any longer and can finally do some other things that I’ve wanted to for some time now.

Much of my reluctance to add any content to this site stems from not wanting to design anything to hold said content. With WordPress, it mostly takes that element out of my hands and frees me to just do stuff. That also comes at a cost, of doing things within the confines of the environment, but I think it’s a nice starting point. I’m not sure if I’m happy with the themes I’m using or not, they work for now, but they’re still “basic bitch” as far as I’m concerned. Alas, I’m not a web-designer or graphic artist but just a lowly OS nerd, so don’t expect greatness any time soon. I’ll bring what little content I had online into this soon enough, but my goal of getting it up and running has been completed for now.

There are some things I’d like to go into detail about that have nothing to do with MAME, and I’ll use this space to do that. I’ll try my best to keep the sdlmame subdomain free from my rambling, as it really only has one point– to get MAME. I’ll ramble here. So if you want to read my rambles, check this space every so often and read me basically talking to myself. I’ve heard it gets old, but I’ve never gotten bored of it. Your mileage may vary.

Thanks for reading!

I had struggled to get SSL up and running on my server for years. I could generate self-signed certs and use them no problem, but getting actual certs working seemed to elude me. For some time now, everyone uses the great https://letsencrypt.org/ certs, and I wanted in on that as well. About 6 months ago I finally got them working thanks to a link I found in a WordPress plugin I had installed for SSL within WordPress. I finally had gotten legit working (not self-signed) certs for my server through the http://zerossl.com website. It was great. All my woes attempting to get certbot working on Slackware virtually disappeared. It created my certs, I installed them and they worked great right away!

Only when I went to renew them this time as they expire in 10 days, I noticed the site had changed on me. No longer was the free (awesome) service I found to generate my certs there but a shell of that service now with tiered payment plans (for a FREE certificate CA, at that!) For my sitewide wildcard cert, they now wanted $50 a MONTH for a cert only good for 3 months! Fucking insanity. Some poor sap like me has likely been put in a hell of a bind as a result of this shady bullshit. How one can take a free software initiative and turn it into a for-profit scam is beyond me, but I find it repulsive. We all have to make money, I get it. But destroying a useful gateway to a free to anyone cert signing service is downright disgusting practice.

So now I had to really figure this cert stuff out. Within 10 days at that.

I must point out, I don’t really need SSL on this server, I do use it mostly for personal security and the security blanket it provides users who see that nice little green lock icon and know they are getting safe content when they come here. That’s worth something, I think.

My issues stem from using a Linux distro that basically no one in the Linux industry uses for actually running any kind of server. Since I use Slackware, I’m basically a black sheep in a crowd of other black sheep (That’s me in the corner…). So certbot or any of the other ACME clients out there are not tailored or even support the basic utilities of my OS, so getting anything even running is a miracle in and of itself.

But that is when I found a great write-up by Slackware guru AlienBob, https://alien.slackbook.org/blog/using-letsencrypt-to-secure-your-slackware-webserver-with-https/. It took most of my free hours the past two days to work through setting this all up and testing it with my config, but I’ve got it running at this point. It will be a few months before I see if all the cron jobs go off without a hitch and it renews everything for me, but this article was a complete lifesaver. I’m genuinely happy there are people out there writing this kind of content still. Most things I’ve had to go and dive into a hole and sink or swim with Slackware, and this is one time where I didn’t have to do that for a change, and I still walked away learning something.

So I’d just like to thank AlienBOB for the write-up and also https://dehydrated.io/ for writing a script without 17 dependencies that finally enabled me to setup and maintain working SSL certs on this server. And as usual I’ve learned it best to stay away from a “free” service and just go learn it yourself, it’s more rewarding and always pays off in the end!

Today I updated WordPress. Two years later. And annoyingly enough, did it all manually since I’m OCD and I keep my server completely locked down like that. There is no FTP access as it’s insecure, and since I don’t use FTP, there’s no reason to enable an FTP server on my server. Ya dig?

I also changed the colors and theme today as well. Eventually this might even disappear completely and be replaced with either another install with a different focus, or I’ll duplicate it for that purpose and leave this one here.

Maybe I’ll actually write a blog someday…