This morning I solved a vexing problem so I am feeling good. I decided to redo my home lab from the ground up because I did a poor job planning and implementing it. Thus, my WordPress site got compromised. I am not proud of that one because normally I am really good about hardening systems. While troubleshooting something, I forgot to re-enable SELinux and I think that might have been the culprit. At least I had all of my posts backed up and all I lost was a draft of something I wasn’t really feeling anyway.
I just re-imported the posts on a fresh WordPress install with only the minimum number of plugins that I need in order to have everything function. I had a lot of extra shit that should have been reserved for a development environment. Lesson ultimately learned but it was a good one.
When I get home from work, I’ll bring my mail server back up but also re-implemented. Just by reading some man pages, I learned a lot more and I didn’t even have optimal connectivity between my cloud VPS and my home network. I never knew that multiple addresses could be assigned to a single WireGuard interface. Instead, I had 3 tunnels I was maintaining it became kind of a routing nightmare. This should make things vastly easier.
I am thinking about re-implementing the mail server on FreeBSD for the ZFS file system snapshot features. I already decided to standardize on one web server instead of having three separate ones. I also went the FreeBSD route for that. Mastodon is still powered by Debian Trixie. On the server side of things I profess to have a deep love for both FreeBSD and Alma Linux. For all intents and purposes, they’re equally good. I generally use FreeBSD when I need the features that ZFS provides or I need a routing/firewall platform. Alma Linux excels as a hypervisor. I do love Arch Linux for my desktop experience.
Sometimes the options are so equally good, it’s difficult to make a decision. I do want to avoid a homogeneous network as much as that is possible. It’s better to run a heterogeneous network so that you have less chance of a single point of failure: I am looking at you Microsoft. In many networks, that single point of failure is Windows.