My technical Blog full of how to guides, code snippets and more.
Blog
Clearpass TACACS+ Server with Cisco Nexus User Privilege Roles
Cisco Nexus NS-OS switches provide a slightly different way compared to their IOS variants at assigning privileges to users who login either via the local database or a remote source. IOS use privilege levels 0-15 where as NS-OS uses roles ‘network-admin’ and ‘network-operator’. IOS levels 0 provides no privileges, level 1 provides read only and […]
Read PostHow to run OpenVPN in LXC Proxmox
I run a number of small Proxmox installations on a mixture of old and new PC hardware at various location and I needed a secure way to access them and transfer data between VM’s and containers which run on them. Given the limited resources on some, I wanted to run OpenVPN in LXC rather than […]
Read PostUsing Github Actions to push to Azure Blob
Azure Blob is a great place to store static resources for websites with it’s cheap running costs, ease of setup and ability to host them directly from it. The only problem I found was uploading the resources. Yes, it’s possible to upload them via the GUI, or by running the AzCopy packages. But, I didn’t […]
Read PostEnabling Ubuntu automatic security updates
My estate of servers consisting of VM’s, LXC containers and of course Raspberry Pi’s has grown over the years, but has now grown to a point (especially over the COVID-19 lockdowns) where it takes a significant amount of time to go around and preform manual security and recommended updates to them all. This has prompted […]
Read PostSAML SSO plugin for Grav CMS
I like integrating apps with my centralised authentication system, SAML SSO provided my SimpleSAMLphp. I mainly setup SAML to authenticate with Zoho, my email provided with my AD user accounts across the internet (Post Azure AD). I enjoyed using SimpleSAMLphp so much I migrated other system like Nextcloud to it. After having run Grav for […]
Read PostConfiguring MFA SSH on Linux using Google Authenticator
I find it very useful to have Raspberry Pi’s at mine and other family members house (different ISP’s) to preform various traceroute, latency and iperf tests. Rather than running full OpenVPN clients, I opted for exposing them using port-forwarding to the internet. This poses a significant security issue as SSH is a port which can […]
Read PostTACACS+ configuration for Cisco, Aruba ProCurve, Comware switches
Operate a large estate of switch? Why not setup a TACACS server. User become accountable for network administration and that local password doesn’t need to be memorable, idea for when an administrator leaves and it doesn’t get updated. Cisco: Cisco Nexus: Aruba, HP ProCurve HPE, Comware
Read PostHow to remove Azure “reddog” DNS suffix
I recently noticed that the three VM’s I run in Azure (courtesy of my VSE subscription) had picked up a new DNS suffix. reddog.microsoft.com. You can find out more information about the DNS Suffix below: Why is there a “reddog” DNS Suffix for my VM’s? Page 1 of 0 | cloudelicious IP address assignment in […]
Read PostWhy I switched to Grav CMS
I recently discovered Grav, a flat file PHP CMS. My previous website ran on Concrete5 which I was getting tired of due to it’s slowness, massiveness and the fact it was consuming so much resource on my web server. The appeal of Grav was taken from a number of factors. The first being it was […]
Read PostHow to add network routes to Proxmox NetPlan
I run a strange network topology with various VLANs and VPNs at home, in remote locations and in the cloud. Because of this, I needed to add routes to the NetPlan configuration file. In order to manually edit the interfaces file, first copy it: The file will contain the configuration for all interfaces configured via […]
Read PostExport Netatmo weather station data to MySQL using the API
I recently bought and installed a Netatmo Weather Station to replace an old dumb Oregon Scientific station. I chose this station for it’s smart capabilities. However, after using the Netatmo web app I decided I would like access to the raw date my station was collecting. The obvious choice was to write a simple script […]
Read PostHow to run a firmware upgrade on a Cisco 5500 wireless LAN controller
Need to upgrade the firmware on a Cisco 5500 WLC, here is a step by step guide. If your controllers are setup in a HA pair, these commands should be run on both, but missing out the AP upgrade setups.
Read PostHow to suppress IPv6 RA on Cisco and Cisco Nexus
Servers have a habit of automatically configuring IPv6 when an interface is added to a VLAN or Port though SLAAC. This is useful for client networks but not so useful for servers. It is possible to suppress RA messages to prevent this from a Cisco router interface. The command is slightly different on a Cisco […]
Read PostHow to disable TFA from the CLI on Proxmox
This took me hours and hours of research to work out how to disable lost TFA on an account on Proxmox. I was only experimenting on a test server, however I wanted to ensure I knew how to recover it if I enabled TFA on my root user. Console access isn’t subject to this additional […]
Read PostUseful to know APC UPS CLI configuration options
Most of the ACP UPS configuration can be done from the GUI, by default it is set to DHCP. However, there are a number of other useful options that can only be accessed via the CLI commands. Below is a couple of useful commands. They are pretty self explanatory.
Read Post