sysadmin

LUKS on NVMe: From 40 GiB/s to 4, Then Back to 20 GiB/s

Note: This testing described in this post was done over a year ago. It might be that things changed since then. At work, we recently upgraded our PostgreSQL servers. This time, however, we encountered an unexpected roadblock when attempting to enable full disk encryption (FDE) with LUKS - our standard deployment. In past benchmarks, enabling LUKS full-disk encryption cost us ~10%. This time, it left us with only 10% of our throughput - a 90% drop.

Continue reading →

Simplest ngrok-like reverse tunnel

Do you need a simple reverse TCP tunnel to a local service (like SSH), but you don’t want to install anything or use a one of the public ones. Warning: There is no authentication, use this only for temporary things or IP allowlisting to limit who can connect. Get the sish binary from github With that out of the way, on the server run ./sish --authentication=false --ssh-address=:9999 -i:9989 --bind-random-ports=false then run on the client

Continue reading →

Farewell C1

Yesterday in a datacenter somewhere in France there was suddenly an eery silence as the last remaining racks fell silent for the first time in a long time. As of yesterday, 1st of September 2021, Scaleway turned off their C1 ARM servers. I know because I still had one trusty little C1 server until today, a server I have had since it was brought online 7 years ago. It was never the fastest, or the biggest server I’ve had, but it was my little dedicated server.

Continue reading →

Backing up you VM with borg

Recently, for no specific reason at all I did a review of my backup plans of my tiny personal VM:s I have. As my disaster recover plan was mostly “I hope they don’t lose it all at once” I decided to upgrade it to “I have some backups, so I don’t lose it all at once”. To keep things simple and as I love micro optimising to see for how cheap I can get my personal VM’s, I decided to use my home NAS for backups instead of just paying for third-party storage like B2.

Continue reading →