One of our name servers, ns3.eskimo.com, is currently down.

     This was due to a combination of DNSSEC root-key change and my attempts to being lazy in resolving it.  I attempted to purge / re-install the bind package thinking that would get me fresh conf files including the DNS key file however, Redhat had removed the package from the CentOS repository so I could not re-install.

      I am in the process of moving this off of the CentOS6 server onto a Ubuntu based server.  This may cause slow name resolution at times if ns3 is tried first until this is completed.

     Zorin is presently down for an operating system upgrade.  Unfortunately, Zorin provides no online upgrade path, it is necessary to do a full re-install so it will be down for a few hours.

     I upgraded our web server operating system from Ubuntu 17.10 to Ubuntu 18.04 tonight.

     I replaced our previous database, MySql 5.7 with MariaDB 10.3.  This was not entirely smooth owing to the existence of mysql in the NIS database conflicting with the local user that the install script wanted to create and NOTHING in the error messages gave a clue as to why ti was failing.

     When all was said and done, this shaved about 150ms off of the time to first byte and about half a second off our total page load time so it was worthwhile.

     Router arrived last night.  Configured and brought it up to current software release and installed tonight.  All work is done, everything is back up and running normally.

     The router I ordered from Amazon did not arrive yesterday.  When I checked shipping, it had not even shipped.

     I called Amazon and they said they were out of stock and it was back ordered, estimated to be here on June 6th.

     I asked to have my one day shipping fee refunded since they obviously did not ship in time for it to arrive the next day, the droid refused.

     I asked to talk to a supervisor and made the same request, the supervisor complied.

     I’ve placed another order with a provider in Oregon that does have one in stock and it should be here Saturday or Monday.  I did not cancel the Amazon order so I will have a spare.  Operating without a hardware firewall is undesirable so wish to resolve this as soon as possible.

     In the meantime, our website can be reached via https://www.eskimo.com/ but not without the ‘www’.

     Several recent changes I made to our web server, compiling and installing the most recent versions of openssl and gnupg, and installing new SSL certificates with a slightly different more unified naming convention, broke guacd, the daemon that interfaces to the server to provide mapping of vnc or ssh to a desktop or terminal.

     I have since recompiled guacd and fixed the configuration file to reflect the new naming convention for the certificates.  The change to certificate naming and location allows me to drop a new certificate into one place and have it be effective system wide.

     Our border router failed today, this is the router that connects the outside world to our servers,  This particular model used to be carried by Fry’s but as luck would have it, they were sold out.  There are no other dealers that I can find listed locally so I’ve ordered a replacement from Amazon.

     In the meantime, I’ve configured one of our servers to play router.  This may slow things down somewhat but should not be significant.

     Microsoft Visual Studio Code is available now in all the Debian derived servers, this would include debian, mint, julinux, mxlinux, ubuntu, and zorin.  Although it is ‘code’ from the command line, on most machines it will only start from the menu’s.

     It is under Applications -> Programming -> Visual Studio Code

     I apologize for the brief interruptions in mail and web services today.  It was necessary to install new SSL encryption certificates as the old were about to expire.  Comodo is now Sectigo and they only shipped me the domain cert and one of two intermediate certificates and no root certs so the bundle-ca file they provided didn’t work.  Had to get them to re-issue so it took two installs.  In the process I discovered a configuration issue with the incoming mail servers.  Encrypted mail would only work if the far end requested STARTTLS on port 25, port 587 and 465 were not operational.  Now it will accept encrypted e-mail on any of these ports either STARTTLS or TLS wrapper mode.

     I received a call today asking when the web server would be back up.  The operating system was responsive, Apache was running but some pages would come up and some would not.  I wasn’t able to determine the cause but rebooted the server and it hung during the reboot attempt.  I then hard forced a boot and after it came back up it seemed to operate normally.