Using Kibana API as an Elasticsearch Proxy

While searching for an elasticsearch tail -f, I stumble upon this nice piece of software that does exactly that. Reading the configuration file I noticed the server_kibana-proxy section and wondered if that meant that elasticsearch could be queried via kibana, and it turns out that yes, you don’t have to expose ES port (:9200), you can use kibana’s API instead, in particular the console API to be able to query ES directly.

Build a Single in Tree Linux Kernel Module (Debian & Clones)

How misleading and complicated this task should be that I’m writing such an article in 2022? Anyway, if you struggle compiling a simple, standalone Linux kernel module on Debian, Ubuntu, Mint and the like, here’s the recipe: Fetch linux-source-<version> and linux-headers-<version> $ sudo apt install linux-source-5.4.0 linux-headers-$(uname -r) Do not use apt-get source linux-source-<version>, only pain will you find. Untar the fetched archive where you’d like $ tar jxvf /usr/src/linux-source-5.4.0.tar.bz2 Copy your current kernel configuration $ cd linux-source-5.

Migrating A ZPool To A Smaller Disk

A week ago, I’ve migrated my gateway to a standalone machine running FreeBSD 13.1. The whole process was certainly flawless and soon enough it was forwarding packets to and from my network. Quite happy with the result, I didn’t expect it to crash less than 2 days after its first production hour. At first I thought it could have been the temperature, the graphic card, the memory… until it crashed again a couple of days after and I saw this:

An Innocent Mount Issue

I work as a freelance contractor for about a year now, I quit a 10+ years regular CTO job to give into more technical subjects, troubleshoot, code, build infrastructures, A-Team style, I help companies with complex matters that might require experience and rigorousness. One of my last missions was really, really fun to deal with. A rather big company handling scientific, secret-level data, had an issue with their storage system.

No AP After Flashing Tasmota to Sonoff Mini

I’m in the process of automating pretty much all I can in my house, and one piece of well known IOT hardware is eWelink’s Sonoff mini, which has the good taste of being flashable when set in DYI mode. This has multiple benefits, one of them is not to rely on a Chinese cloud to handle my house’s lights. There are plenty of tutorials on how to achieve this, it is not the aim of this short article.

Postfix to GMail Catchall (updated… again)

The other day, my wife asked me if I could just redirect all mails going to her own domain to her GMail account. “Easy task”, foolish past-me thought, not knowing the standards you have to meet to actually forward a mail from somwhere to GMail… I naively searched for a simple bouncing method and postfix’s virtual tables seemed perfectly fit for the task (from man virtual): The main applications of virtual aliasing are: o To redirect mail for one address to one or more addresses.

Boot an Existing ZFS From a FreeBSD LiveCD

Because I ran gpart bootcode on the wrong partition of every replacement disk I swapped and because my motherboard is incapable of finding an EFI partition, I basically bricked my FreeBSD NAS / gateway. It took me a ridiculous amount of time in order to find how to boot into an existing ZFS FreeBSD installation from a FreeBSD LiveCD (I used mini-memstick). Finally, in a 2014 thread from the FreeBSD questions mailing list, someone mentioned the magic invocation, and from there I deducted the remaining parts.

Executing A Smart Contract in geth

Since Binance Smart Chain and more specifically DeFi on BSC are a thing, I’ve been learning the amazing ways of Smart Contracts, and while many documentation exist on this topic, I didn’t find a clear one on how to “simply” execute a Smart Contract on geth, aka Go Ethereum, the most used Ethereum implementation and client. Geth can interact with the Ethereum blockchain using, well… Javascript, and more specifically an (old) implementation of web3.

Ledger Nano On KVM

In order to keep my cryptocurrencies as secure as possible, I only interact with those within a virtual machine located on an encrypted USB stick. I own both a Ledger Nano S and a Ledger Nano X, which connect using USB. Also I don’t use libvirt for this as I want it to be as easily and quickly usable as possible. So here’s the secret formula in order to access those hardware wallets from a GNU/Linux KVM VM via USB pass through:

Make Postfix Trigger Blacklistd on Failed Authentication

The other day, I realized that from time to time, alpine, my console mail client for about 20+ years now, would close the connection to the IMAP server because of an “error”. Digging in the logs, I realized my server was being bruteforced for months, if not years. NetBSD being the fantastic OS it is, it actually had nearly no effect on my server’s behaviour, only those annoying connections closing from time to time.