su buster

Seems every couple months I have to look this up again, so I'm just going to drop it here. If you're having trouble running privileged commands after su in buster, well... they changed it. For the better, I'm sure, but changed all the same. The su command in buster is…

USW CLI PoE

Trying to do a remote reboot of a UniFi device is straightforward when UniFi controller is up, but what if UniFi cloudkey needs the reboot? Do the following, assuming the UCK is attached to port 23 of the USW. ssh user@usw telnet localhost en configure interface 0/23 poe…

Ansible survey foreign EdgeMAX

As we've been improving our systems automation with ansible, that has included bringing 'foreign' devices with unknown states into consistency and management by ansible. This will look at some tricks used to survey and update EdgeMAX routers. First things first is having some idea of what types of equipment are…

Ansible Let's Encrypt

I used to have acme.sh handling much of the routine work of updating SSL certificates, but as I've moved automation into ansible/AWX, that has included let's encrypt certificates. This post provides an example of updating certificates using acme-dns with DNS hosted through google cloud platform. It's designed to…

Proxmox Let's Encrypt

Intro We operate a proxmox cluster which is not exposed to the public internet, but we still wanted to secure the appliances with good certificates to avoid constantly clicking-through SSL warnings. Thanks to DNS acme challenge, let's encrypt is happy to issue valid certificates for domains that point to private…