Using Hurricane Electric free DNS service for slaves

So apart from setting ns[2345] as your DNS servers at your registrar and adding a slave at you need to do the following:

  1. Allow transfer AXFR to Server that pulls zones is, not
  2. Remove from allow transfer ACLs if it was there.
  3. Set the server to send NOTIFY’s to Yes, to ns1, not to doesn’t listen for any DNS requests including NOTIFY’s.

BIND example

The NOTIFY part is a bit tricky, so here’s an example from my setup.

Creating an ACL for

At the top level of named.conf:

acl he-slaves
{; // IPv4
2001:470:600::2; // IPv6

Basic zone setup

zone "" in
type master;
file "data/";

Notification setup

Add this to the zone:

notify explicit;

So the zone looks like:

zone "" in
type master;

notify explicit;
{; //

file "data/";

PowerDNS 4 example

execute this commands on PowerDNS machine

pdnsutil set-meta ALLOW-AXFR-FROM AUTO-NS
pdnsutil set-meta ALSO-NOTIFY

The result can be checked via:

pdnsutil get-meta

Suppress warning messages using mysql from within Terminal, but password written in shell script

Here’s how I got my bash script for my daily mysqldump database backups to work more securely.
1. First use mysql_config_editor (comes with mysql 5.6+) to set up the encrypted password file. Suppose your username is „db_user“. Running from the shell prompt:

mysql_config_editor set –login-path=local –host=localhost –user=db_user –password

It prompts for the password. Once you enter it, the user/pass are saved encrypted. Of course, change „system_username“ to your username on the server.

2. Change your shell script from this:

mysqldump -u db_user -pInsecurePassword my_database | gzip > db_backup.tar.gz

to this:

mysqldump –login-path=local my_database | gzip > db_backup.tar.gz

No more exposed passwords.

Samba 4 config example

# Samba 4 config example
# Connected to existing remote Samba 4 Active Directory Directory Controller

# ZFS pool @ /storage
# Network is
# Samba is installed with:
# pkg install samba42
# and then joined to existing AD with:
# samba-tool domain join <params
# After this /usr/local/etc/smb4.conf is edited and restarted with /usr/local/etc/rc.d/samba_server restart
# Global parameters
server string = Samba Server
hosts allow = 192.168.101.
load printers = no
max log size = 50
# Add aio_load=“YES“ FreeBSD’s /etc/rc.conf
aio read size = 16384
aio write size = 16384
aio write behind = true
use sendfile = true
read raw = true
min receivefile size = 16384
interfaces =
dns proxy = no
# These files are never saved
veto files = /Thumbs.db/.DS_Store/._.DS_Store/.apdisk/
delete veto files = yes
workgroup = HOME
realm = home.lan
netbios name = STORAGE
server role = active directory domain controller

path = /var/db/samba4/sysvol/home.lan/scripts
read only = No

path = /var/db/samba4/sysvol
read only = No

# ZFS pool
path = /storage
force directory mode = 0666
force create mode = 0666
create mask = 0666
directory mask = 0666
read only = no
public = no
writable = yes
vfs objects = zfsacl
nfs4:mode = special
nfs4:acedup = merge
nfs4:chown= yes
vfs object = recycle
# Remove deleted files to recycle bin directory with username and timestamp
recycle:repository = /storage/recyclebin/%U/%T
recycle:keeptree = Yes
recycle:touch = Yes
recycle:versions = Yes
recycle:directory_mode = 0666
recycle:subdir_mode = 0666
nt acl support = yes
inherit acls = no
map acl inherit = yes

How to support full unicode in MySQL database and fixup seeing weird characters on your WordPress blog

Change mysql settings ( my.cnf ) using manual from

Fix your wordpress installation existing posts using ideas from this blog – For some  strange reasons old unpublished drafts on my blog written in cyrillic are broken!

If you have owncloud server installed, migrate all data and functionality to nextcloud. Now my personal cloud works under php 7.1 also.

Now site has almost everything up and running.

Still waiting for weathermap plugin to support cacti 1.0 plugin architecture!



В момента над 50% от уеб трафикът използва защитени HTTPS връзки към уеб сървърите. Как да защитите и вашият собствен сайт и как да настроите вашият  уеб сървър, така че да имате висока степен на защитеност може да Ви помогне

В кръга на шегата, това което ме изуми е резултатът на някой институции в .gov домейна ….