How to configure WireGuard VPN as gateway on Rocky Linux / CentOS 8

From WireGuard’s perspective, there is no server and client – all points in a WireGuard network are called peers, and they can connect to each other without a central point and not necessarily in a star topology. However, in this particular configuration scenario and because one peer is central to the whole infrastructure I’m setting up (as it’s the only one to always have a static public IP address, open ports and it can also be used to tunnel all other peers’ traffic), I’m calling it a server – while all other peers I will consider clients.

How to filter SSH connections with hosts.allow on Rocky Linux / CentOS 8

The TCP Wrappers suite of programs is no longer included in RHEL 8, meaning the hosts.allow/deny files no longer exist nor work. This makes quick filtering SSH connections per IP address a bit more difficult as it requires configuring the firewall.

Luckily, the tcp_wrappers package is still available in the EPEL repository even for versions 8 so the previous functionality can be restored, albeit with some additional steps.

How to add (experimental) sensors support for IT8665E in CentOS

Due to lacking driver support for newer hardware I have been missing hardware monitoring on my home server for more than 4 years now, having access to only hard disks temperatures.

Now the time has come to upgrade the good ol’ machine to a new hardware configuration – and of course the new hardware is also unsupported in even the latest CentOS kernels.

How to configure IPSec/L2TP VPN server in CentOS 6

I had to look for an alternate VPN system to use when I need to dial back to my home network while on the move to access my media library or when I require a trusted connection or a whitelisted IP.

The next best thing (and least complicated to set up going from PPTP) is IPSec/L2TP, which has built-in support in most current operating systems (including Windows, Linux and Android). Due to its double-encapsulation nature (L2TP performs the tunnelling of data and IPSec provides the encrypted channel), L2TP/IPSec has a more complex setup and configuration procedure, both for the server and the client.

Automatically restart Webmin/Virtualmin in case of failure

Running out of memory sometimes happens on swap-less VPSes, and it seems Webmin (together with its twin, Virtualmin) are among the first processes to die in out-of-memory cases.

Setting up a little script to check for and restart Webmin if it is no longer running is a pretty simple (workaround) solution – but should never replace the proper procedure of adjusting the settings or upgrading the VPS to avoid running out of memory in the future.

Fixing Postfix authentication issues on CentOS 6 with Virtualmin

The weirdest errors are those occurring on a freshly installed system where you’d expect for everything to simply work (with the default configs). But such new installs rarely work.

Roudcube successfully connects and sends emails through localhost. At the same time, external clients are unable to send emails through SMTP. The issues is…

Recover from a broken rpmdb and missing rpm/Packages in CentOS

One can never have too many backups. There’s always room for one more backup. Backups are what keep computers running (most of the time)… Except when backups are not set up. At all. Not even a single antiqued copy exists of what broke down…

Let’s imagine that worst case scenario. Let’s imagine…