Category: Uncategorized

I decided to get a lot of IT work done this weekend. One of my major goals was to get my lab systems on to a virtual network. The virtual network uses NAT for outbound connectivity but does allow some things inbound. I had to do this the manual way and it’s been a challenge. One of the things that makes Linux and BSD so powerful are their networking tool set. With the pretty much stock install, you can set up an entire virtual network within a host. If you’re willing to roll up your sleeves, there are some very cool things to do.

The first thing I did was create a virtual network with a bridge on my server called virbr10. The virbr10 has a dummy interface called virbr10-dummy. The dummy interface is just to keep the bridge in an up state while the virtual machines load on boot. It’s an important thing to do so that the boot time is faster.

This consolidation is ultimately a good thing but taking a lot longer than I had planned. I am still wrestling with getting my Mastodon instance moved but that’s okay. I know Mastodon can be really finicky. It’s not tolerant of stupid/arrogant sysadmins. 😆

I’m feeling every bit my age and it is partly my fault for not thinking to bring my afternoon dose of Gabapentin. It was poor planning because I worked a standing shift and I am a Type 2 Diabetic. Well at least I’m on the bus home. Sadly, I have not heard from Securitas yet. I was really hoping to hear from them and pick up a new security job as the company I work for now is dead end. I want to be done with them. The sooner the better.

In more positive news, my home computer lab is working well now. I have a virtualized OPNsense router that outperforms the piece of rubbish supplied by Verizon. The one thing I have not been able to get going is WireGuard on the router. For now, I spun up a container to power WireGuard. I also spun up another container for Mastodon. I have to see what other services I can host.

I am currently using the 169.254.0.0/16 but I broke it down into a single 169.254.0.0/29 for my home use but that won’t work. I was planning on using that block as tunnel endpoint addresses for the WAN I’m building. I need to rethink this some. For now, it’s okay but it won’t be for much longer. I’m building this WAN in the name of learning.

I am in the phase where I am starting to consider technology and architecture stacks for my business. Below is some of my brainstorming on the subject matter. I did get myself set up with a VoIP line and pretty cool number in my area code, 302. Obviously I am not sharing the number until I am fully ready to go. I don’t need the spam and robocalling just yet.

I think I have the rest of my technology stack worked out. The underlying operating system will be AlmaLinux 10. Since I am going to be small, the architecture can remain very simple. I’ll have two virtual servers, one to power my internal workflow and the other strictly for the website and e-commerce. I don’t expect to do a large volume on it as I will only be offering four services, so for now, simplicity is key.

So the entire stack for the website and e-commerce platform will be LEMP or Linux, eNGINX, MariaDB, and PHP with Valkey. For my internal processes, I will most likely go the route of LAMP or Linux, Apache, MariaDB, and PHP with Valkey. This will be robust enough for my needs. Again, I want to “Keep It Simple Stupid.” The key will be getting services restored quickly when they go down. I will continue to use Linux on the desktop.