<!-- Some styling for better description lists --><style type='text/css'>dt { font-weight: bold;float: left;display:inline;margin-right: 1em} dd { display:block; margin-left: 2em}</style>
***: vtoms has joined #arpnetworks
<br> heavysixer has joined #arpnetworks
<br> ChanServ sets mode: +o heavysixer
<br> fink has joined #arpnetworks
fink: <u>RandalSchwartz</u>: thanks for your help re: zfs, i've got everything running on the 768 vps, seems to be fine so far
RandalSchwartz: cool!
<br> install zfs-snapshot-mgmt too
<br> then you get auto snapshots
fink: ok
j3m: how do you get zfs on / installed on the vps?
RandalSchwartz: you boot from the CD, follow the instructions
<br> fink just did this... he has experience
<br> based on my experience
fink: haha
RandalSchwartz: I've done it twice now :)
j3m: okay, that is my misunderstanding, I don't have a vps yet, didn't realize you could boot from a cd
RandalSchwartz: yes - a virtual Freebsd-8 release CD is always installed
fink: <u>j3m</u>: yea i didn't know either. arpnetworks should have a wiki! then we can post our experiences
RandalSchwartz: so you can "boot" from it if something hoses on your maindrive
j3m: that is handy :)
RandalSchwartz: this cuts down on Garry's support time for those of us who know
j3m: is zfs io performance okay on vps? I mean compared to zfs single disk or a 2-disk mirror on real hardware?
RandalSchwartz: fast enough for me. :)
<br> keep in mind, the underlying disk is raid already
<br> so you don't need to use raidz
<br> but the snapshots and other things are worth the trip
fink: <u>j3m</u>: speed was not my major concern, as much as the other benefits of zfs, such as management/backups
j3m: I've been using it locally and zfs + jails is very nice
fink: <u>j3m</u>: yea, exactly
<br> i'm only worried about using it with under 1gig of ram
RandalSchwartz: zfs adjusts automatically for that
j3m: yeah, box here has 1.5
RandalSchwartz: it used to require some sysctl tuning
<br> now it just works
fink: <u>RandalSchwartz</u>: oh ok, cool. i read about cyschubert's laptop here: http://wiki.freebsd.org/ZFSTuningGuide
j3m: 8.0 does seem to be a huge improvement
<br> anyone ever try to get iredmail working in a jail?
fink: <u>j3m</u>: heh, i was just looking at iredmail last night
<br> i think i will try it soon
j3m: I tried here but it really wanted 127.0.0.1 to work
<br> tried to manually fix all the configs... but no luck yet
fink: <u>RandalSchwartz</u>: do you have any links on not needing to tune for zfs? the handbook still says we should
<br> <u>j3m</u>: you're trying the betas?
j3m: yes, was trying beta3
RandalSchwartz: hmm. something I read googling around for error messages
<br> don't remember now
<br> might have been a misinterpretation
j3m: <u>fink</u>: I cloned the Mercurial repository now, going to try and fix the scripts it uses to set things up
fink: <u>RandalSchwartz</u>: maybe it applies to hte new stuff in 8.1
<br> <u>j3m</u>: cool, i'd like to know how it goes
<br> <u>j3m</u>: are you using ldap or mysql?
j3m: ldap is required
<br> so I am using that
<br> it still uses mysql I think as well, can't remember for sure
fink: do you have an existing ldap db?
j3m: no
<br> installed on a fresh jail, the setup script installs all the ports it needs
<br> the ldap actually worked fine
fink: ok
j3m: I could use the admin web interface to manage email accounts and whatnot
<br> it just wasn't able to recieve mail and pass it through all the seperate steps for spam and virus stuff
<br> lots of 127.0.0.1 ports involved there
fink: <u>j3m</u>: right, that's annoying
RandalSchwartz: good thing there's 65,000 ports :)
j3m: yeah, lol
fink: i'm planning on having the mailserver, db, various webservers in different jails, so it will take a lot of hacking, i assume…
RandalSchwartz: imagine if the boys at berkely had only given a single byte value for that
fink: pays to think ahead
RandalSchwartz: well, ipv4 wasn't far enough ahead
<br> but who knew that there'd be this many internet machines
j3m: yeah, supprising IPv4 worked as long as it did
<br> <u>fink</u>: I'm doing basically that locally now, but the mailserver part isn't quite there yet...
<br> <u>fink</u>: it's not actually that much hacking, most things work fine in jails
fink: <u>j3m</u>: i mean, to get all the jails to work with iredmail
j3m: oh... yeah, if you are going to split that up it might get dicey
<br> good luck, lol
<br> :)
<br> I have never been very good at getting a working mailserver configuration that actually did everything I wanted it to
fink: <u>j3m</u>: yea, that's why iredmail looks cool
j3m: iredmail looks like the easiest way
fink: plus it's python, so it's easy to hack, hopefully
j3m: however, it's meant to be all on one server
<br> all you have to do one a clean jail is run it's setup script
<br> on*
fink: <u>j3m</u>: yea but i don't want the webserver & db & email server etc all running in one jail
j3m: I didn't like that idea either, but the amount of work to change it seemed too much to bother
<br> especially with jails and snapshots
<br> as long as those services are all used only for the mail, at least the entire mail system is isolated
<br> and I would just firewall off all the ports except smtp and imap ones
<br> can use ssh port forwarding to access the web interface when needed
<br> at least that's my plan once I get iredmail working...
fink: <u>j3m</u>: sounds reasonable
***: ziyourenxiang has quit IRC (Quit: ziyourenxiang)
dxtr: Uhm, up_the_irons
<br> This is bad. Realbad.
<br> Real vad*
<br> bad!
<br> Christ :P
<br> Hum. If I sign my message (GPG) - what does that mean? That I'm including my key and stuff?
toddf: heh
<br> signing only gives enough of a fingerprint to proove it was your key that signed it
<br> change one char inside the message, signature is invalid
<br> change one char inside the signature, signature is invalid
<br> thats all
<br> if you understood public key cryptography .. this would be a no brainer ;-)
***: yoberi has joined #arpnetworks
dxtr: <u>toddf</u>: I thought I did :D
yoberi: Hi all, does anyone know if the arpnetworks VPS accounts include dedicated ipv4 addresses? Will I need to learn ipv6 to use any arpnetworks services? Thanks.
dxtr: Garry should really update his pgp key
<br> It was like revoked last year
toddf: <u>yoberi</u>: yes and no
yoberi: <u>toddf</u>: please do explain!
toddf: <u>yoberi</u>: http://arpnetworks.com/vps says clearly 'Dedicated IPs' and 'Native IPv6 network'
j3m: they do include ipv4 addresses, 1 for free, you don't need to learn ipv6, though you should
toddf: you can use or not your IPv6 allocation
<br> should, yes, I like this ;-)
yoberi: Will I be able to host such services as a mail relay (as an offsite backup)?
toddf: just look at the disk and the mem and the bandiwdth .. if you don't exceed those you're good to go
yoberi: <u>j3m</u>: okay that's sweet. I just need one ipv4 address to tackle my current issues. Would like an excuse to learn ipv6 as well
toddf: backups might require some thinking given the price of disk but mail seems quite easily doable
dxtr: <u>toddf</u>: I assume you don't have any kind of responsibility? :)
toddf: <u>dxtr</u>: quite the opposite, own and run my own business, this is `fun' for me
dxtr: <u>toddf</u>: Right
yoberi: I'm really just looking for a backup for when both of our ISPs is down, or the mail server is being serviced
toddf: <u>yoberi</u>: up to you to configure the system as you wish, you get the mem and disk and bandwidth, and the ability to ask for a different iso to be available if you are not liking what is there by default, and the VPS is yours to do with what you wish (though illegal activity is frowned upon here, otherwise, go have fun)
yoberi: <u>toddf</u>: sounds great-- just what I need to handle backup offsite services. Thanks for the tips/advice.
dxtr: <u>toddf</u>: Hey, could you check my pgp key out? :)
<br> 11C1331A - I sent that to a key server at least
toddf: <u>gpg</u>: requesting key 11C1331A from hkp server keys.gnupg.net
<br> <u>gpg</u>: key 11C1331A: public key "Kim Lidström <dexter@dxtr.cc>" imported
<br> <u>gpg</u>: Total number processed: 1
<br> <u>gpg</u>: imported: 1 (RSA: 1)
<br> $ gpg --list-keys 11C1331A
<br> pub 4096R/11C1331A 2010-04-05
<br> uid Kim Lidström <dexter@dxtr.cc>
<br> sub 4096R/DC3E3F11 2010-04-05
dxtr: <u>toddf</u>: Cool
<br> But does that give you my public key?
***: schmir has joined #arpnetworks
<br> schmir has quit IRC (Remote host closed the connection)
fink: on the console server: what keycombo is this? [Enter `^Ec?' for help]
<br> oh, got it nvm
up_the_irons: ctrl-e followed by 'c' followed by '?'
fink: thanks
up_the_irons: np
<br> anyone got an ipad yet? ;)
amdprophet: i've got 6
<br> kidding, i wish i had even one
dxtr: Hey, up_the_irons
jlgaddis: heh, i was gonna try to get bruce schneier to sign my pgp key the other day, but i settled for signing my book
up_the_irons: LOL
j3m: lol
amdprophet: ROFL
j3m: met him at a party once
<br> wish I would have been less inebriated, lol
<br> ah well...
jlgaddis: <u>j3m</u>: i wish that a lot
j3m: lol
jlgaddis: off to chase a tornado, later
dxtr: How the hell does this work!? :(
<br> Mutt an gnupg
j3m: <u>dxtr</u>: something like this - http://codesorcery.net/old/mutt/mutt-gnupg-howto
dxtr: <u>j3m</u>: Yeah, I saw that
<br> But I was like "wtf!?" when I sent my friend a key (And vice versa) and all we saw was the signature
j3m: not sure, never tried gnupg with mutt...
up_the_irons: <u>dxtr</u>: I usually hit: (p)gp followed by (b)oth (sign and encrypt)
dxtr: <u>up_the_irons</u>: Yeah, well, do I really want to encrypt it before I got his key? :D
up_the_irons: <u>dxtr</u>: no, you need his pub key to encrypt it for him
dxtr: Exactly
<br> Well, we tried to send each other our public keys but all we saw (in mutt) was the signatures
<br> But apparently it worked
au: morning
up_the_irons: <u>dxtr</u>: you should see something like this near the top of the message:
<br> [-- The following data is PGP/MIME encrypted --]
dxtr: <u>up_the_irons</u>: Yeah :)
RandalSchwartz: up_the_irons - did you feel the quake yesterday?
up_the_irons: <u>RandalSchwartz</u>: no, was driving at the time
RandalSchwartz: I'm happy I wasn't up on the 44th floor
dxtr: 44th floor? I don't think we have that many building with 44 floors here :D
up_the_irons: hehe
dxtr: buildings
<br> On the other hand we have like ~10,000,000 citizens
au: new yorkers?
dxtr: Make that ~9,500,000
RandalSchwartz: Yes - my office is on the 44th floor of the 9th tallest building in LA
<br> (Paul Hastings)
<br> I'm eye-level with the continuous cop copters :)
dxtr: That's sick
<br> I'm getting sick when I'm at the second floor in this apartment
<br> .. AND THE KITCHEN IS ON THE SECOND FLOOR
RandalSchwartz: wow
dxtr: :D
<br> I'm still amazed how my last VPS can reach pretty good speeds (Stockholm<->LA) while my home ISP doesn't
<br> To the VPS I've got here that is
au: hej dxtr :)
dxtr: <u>au</u>: Hej?
au: not a swede?
dxtr: Yes I am
au: was saying hello :P
dxtr: Viking, gräv bort skåne, etc.
<br> True swede o
au: I know little swedish :P I am from Australia
dxtr: Oh
<br> I thought we knew each other or something :P
***: fink has quit IRC (Quit: fink)
<br> z0mbie has joined #arpnetworks
z0mbie: hi
<br> admin?
***: z0mbie has quit IRC (Client Quit)
<br> z0mbie has joined #arpnetworks
<br> download has joined #arpnetworks
z0mbie: sux
download: hi
<br> mel
z0mbie: lol
<br> dont have admin
***: download has quit IRC ()
<br> z0mbie has quit IRC (Quit: suck my dick)
dxtr: At least he's being mature about it
***: fink has joined #arpnetworks
<br> Ehtyar has quit IRC (Remote host closed the connection)
<br> Ehtyar has joined #arpnetworks
<br> heavysixer has quit IRC (Quit: heavysixer)
au: bbl
***: fink has quit IRC (Quit: fink)
<br> au has quit IRC (Quit: ZNC - http://znc.sourceforge.net)