Jump to content
funtoo forums

666threesixes666

Members
  • Content Count

    132
  • Joined

  • Last visited

  • Days Won

    16

Reputation Activity

  1. Trolling
    666threesixes666 reacted to Chris Kurlinski for a blog entry, My day Job   
    Not sure how many people out there are like me, but here is a project I just about to complete for a client.
     
    I'm not in the IT industry, I'm in construction, a master plumber by trade, but do a lot of building management system integrations, and a lot of really specialty projects, like custom fire pits with iPad controls, high end pools ( we're talking 100K gal completely automated, heat pump / solar water heater for potable water, large solar systems ( looking forward to trying out the Tesla Power Wall ). Generally, anything that requires a computer interface, I'll do. Basic anything is boring, and not for me.
     
    Well, this leads my to my latest project that's wrapping up. (3) Years ago, I did a pool system for a client, but they didn't have time to build a structure over the equipment, and over the last (3) years the equipment is starting to fail, the Bahamian sun and sea is brutal on this kind of stuff. So I proposed to he client to build a structure over the equipment to protect it. He said great idea, what will it cost, and I went huh?
     
    After some thought and a lot of design work, I draw some plans up and priced it to the client, and he said great, when can you start.
     
    So here is the original design.

     
    And here is the final structure without paint.

     
    The only modification from the original design was the doors, which I custom built from Number 1 grade fir, and used some left over epi wood for the siding. Sanding and painting is all that is left.
  2. Trolling
    666threesixes666 reacted to uudruid74 for a blog entry, Adding SSL to Tengine / Nginx   
    OK, you've got your SSL certificate and you have tengine or nginx setup, but you need it secure. After all, you've heard of all the recent DH attacks, BEAST, CRIME, FREAK, Heartbleed and others, right? Is your system already secure? Test it! Check out The SSL Labs Test Site. I'm getting an A+ rating! The following assumes tengine, but nginx is exactly the same, just s/tengine/nginx/g;
     
    Need a certificate? OK - I highly recommend StartSSL. It's FREE! These guys will step you through the process by following the instructions on their site. If you have problems, the tech support via email is instantaneous and incredibly professional. My cert was the free variety, but if I ever upgrade, I will go to them because the support (to a non-paying customer no less) was so good.
     
    OK ... Make a file /etc/tengine/ssl.conf (or equiv for nginx):
    >#- Ports to listen on, all addresses, IPv6 and IPv4listen [::]:443 ssl;listen 443 ssl;#- Support current SSL standards and options onlyssl_session_cache shared:SSL:10m;ssl_session_timeout 10m;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_prefer_server_ciphers on;ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";ssl_session_tickets off;ssl_stapling on;ssl_stapling_verify on;#- And some security related headersadd_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";add_header X-Frame-Options DENY;add_header X-Content-Type-Options nosniff;
    Now, go into your sites-available and in the server{} configuration for the site you want to include SSL, add these lines:
    >include /etc/tengine/ssl.conf;ssl_dhparam /etc/ssl/tengine/dhparam4096;ssl_trusted_certificate /etc/ssl/tengine/startssl_trust_chain.crt;ssl_certificate /etc/ssl/tengine/ssl-unified.crt;ssl_certificate_key /etc/ssl/tengine/ssl.key;
    Now, there are 4 files here for SSL in addition to the one we just included. Let's look at where they come from. First, you should have a certificate file (ssl.crt in the following), and a key for that file (private_ssl.key). The CRT begins with "-----BEGIN CERTIFICATE-----", but you will need to view this in vi, not less (less will try to decode many of these files). Your private key is password protected (the key is "-----BEGIN RSA PRIVATE KEY-----" followed by a line that says ENCRYPTED). Since you probably don't want to issue a password every time you start your server, let's fix that first.
    >openssl rsa -in private_ssl.key -out /etc/ssl/tengine/ssl.key
    Easy enough? And we have one of our lines done. 3 to go!
     
    The next is to create a chain of certificates back to the root. For StartSSL, you download their cert:
    >wget https://www.startssl.com/certs/class1/sha2/pem/sub.class1.server.sha2.ca.pem
    Then make the file you need with your cert and theirs. Here's your next 2 files!
    >cat ssl.crt sub.class1.server.sha2.ca.pem > /etc/ssl/tengine/ssl-unified.crtcp sub.class1.server.sha2.ca.pem /etc/ssl/tengine/startssl_trust_chain.crt
    Now, the final command for the final file:
    >openssl dhparam -out /etc/ssl/tengine/dhparam4096 4096
    4096 might be overkill, but 1024 is the minimum and you might as well go all out just in case 1024 gets broken next month!
     
    Be sure all these files are secure!
    >chmod 0600 /etc/ssl/tengine/*
    Delete originals, clean up, then restart tengine.
     
    Next I'll cover gzip compression, detecting mobile client, and joomla configuration. Any particular one anyone wants to see first?
  3. Trolling
    666threesixes666 got a reaction from Tassie_Tux for a blog entry, forums faq   
    drobbins demands faqs so yer gonna get em...
     
    embedding images results in thumbnails, they're forever hosted at funtoo untill drobbins decided to nuke the website.
     
    to make large image postings, navigate to the tools above the post entry form and to the left of <> is an image to feed external (or internal) urls to.
     

     
    in the "my media" button you can attach garbage to posts, such as your blog entries or images you've posted.... like my "punch babies" or "dead larry"
     


     
    above is a quote box to the right of <> to get past the quote box, press enter a few times....
     
    <> is code... it pops up a window to enter code, to get past it again press enter a few times.
    ><h1><b>hello</b>world</h1>
    twitter just links a twitter link. @6three6sixes6
     
    to the left of font is special bb code. you can enter acronyms twitters and some others. they give hover dialog, mouse over the below word to see it in action.
     
    shart
     
    below the post is attachment stuff.... attach files to show up in my media for future postings.
     
    to change forum entry titles, ie from "my funtoo's borked" to "[solved]my funtoo's borked" go to "full editor mode" instead of quick edit mode.
     
    bam that's the faq jack
  4. Trolling
    666threesixes666 reacted to daixtr for a blog entry, First day   
    Gentoo was my first linux try that made sense. The source code is there, the compiler is there. And everything makes sense. There are difficulties along the way, but because the system made sense, it is always a worthwhile goal to overcome these difficulties. Maybe, Gentoo is a more coherent system. And now, that Funtoo is here, i will definitely give it a try.
  5. Trolling
    666threesixes666 got a reaction from duncan.britton for a blog entry, winter is coming   
    sorry drobbins, winters coming, and this -23 Celsius shit drives me crazy, i have alot of time to think about things.
     
    my quest is to wake from recurring dreams, to the collective recurring dream people call reality.
     
    ok personal philosophy... im a pantheist, meaning i see nature as god, and science as the quest to know god. i am a very small part of nature therefore i am small part of god. my parents are my creator, and they are of nature. im observing what's right in front of me.....
     
    personal meaning of life.... the meaning of life to me is to create a better world than i was given for my children, and their childrens children. my work ethic is next to insane. ill work to the bone for zero pay to these ends. im a how and why kind of person, "because" is not a sufficient answer. i do acknowledge i do not know everything, and sometimes i have to accept "i dont know how it works but it does" as an answer.
     
    programmatic unbalanced equations with fractal recursion, of infinite loops, and applied mathematics.... just as a computer program can feed back in on its self and perpetually load my dreams consist of using applied mathematics to make this problem a real world problem. i want to harness the power of the infinite loop, that leads back to its starting point to give another power cycle.
     
    how this works, the chain on the right side is longer, and heavier than on the left. the equation is unbalanced, and feeds back into its self. its a natural fractal.
     
    https://www.youtube.com/watch?v=2QRKzwgG_-U
     
    this one is like swinging on a swing set, you pump, and relax at specific times... you accumulate more energy than you put into it. only a robot is doing the pumping...
     

  6. Trolling
    666threesixes666 reacted to Andrew Hobden for a blog entry, First Toast!   
    Look mom, it works!
×
×
  • Create New...