xf.is blog

SEND_FPDMA_QUEUED – CAM status: Command timeout on pfSense ZFS install

Published in pfsense.

When installing pfSense 2.5.0 on Seeedstudio Odyssey Blue J4105 I observed the following error message in the system buffer after I selected ZFS install: After retrying couple of times the system installed successfully. After install this error caused the boot to stall for some time but it booted successfully. After some digging around I found […]

View service principal assignments (permissions) in Azure

Published in azure.

At work we recently moved our DNS hosting to Azure DNS in order to simplify our hosting and benefiting from existing RBAC in Azure AD.One benefit of the move is that we could generate limited API keys for clients to be able to use ACME DNS-01 challenge for certificate validation. We have been using acme.sh […]

Moving from KMS activation to Digital License (subscription)

Published in windows.

At work we are moving everything to Microsoft 365 and Azure AD and removing our on-premises environment. One of the issue we encountered was that when we removed the computer from the domain and joined Azure AD, Windows was still activated using our KMS host. In order to convert the computer to use step-up activation […]

List of free ACME SSL providers

Published in ssl.

Please note that many ACME clients only support Let’s Encrypt. Certbot should work with alternative ACME providers. Buypass Go SSL Norwegian certificate authority offering free SSL certificates valid for 180 days (Technical specifications). No wildcard certificates. ACME directory url: https://api.buypass.com/acme/directory Chains up to “Buypass Class 2 Root CA” valid until 2040 DNS CAA: buypass.com Rate […]

Configuring systemd user timer

Published in linux.

To run systemd timer jobs (cron) as a user you’ll need to create a systemd service folder as the user: By default, systemd will only run timers if the user is logged in so to be able to run timer jobs without logged in use we enable lingering session with Then you can drop the […]

haproxy: Monitor PostgreSQL for current master

Published in linux.

There are couple of methods for haproxy to monitor what PostgreSQL instance is currently master so that “dumb” clients can always write to a PostgreSQL instance (instead of connecting to the standby node). First there is the send-binary method by replicating the PostgreSQL V3 protocol but requires trusted connection and is TCP/IP only (no SSL). […]

vlan bridges in netplan

Published in linux.

Took me a while to figure this one out in the netplan yaml syntax: Bonus .vimrc settings for yaml

Pipe cron to syslog/journald

Published in linux.

Simple way to pipe cron script output to journalctl / syslog gives following in journalctl

Convert PostgreSQL cluster to use page checksums

Published in postgresql.

When upgrading PostgreSQL cluster from one major version to another you cannot use pg_upgrade tool to upgrade/convert cluster with page checksums disabled to a cluster with page checksums enabled. Instead you have to do dump and restore. On Debian/Ubuntu based systems this is made easier using the pg_createcluster / pg_dropcluster commands. Here I’m converting a […]

View CPU microcode revision from powershell

Published in windows.

A small powershell snippet to show what CPU microcode revision is running and what microcode revision the BIOS provides. Example output:

Next Page »