majorlinux
de9b661b9d
New article documenting missing /etc/pki/tls/certs/ca-bundle.crt symlink on Hetzner Fedora images breaking Postfix TLS, curl, and dnf. Updated VPS migration baseline checklist with timezone, CA bundle, and crond verification steps. Updated logwatch fleet setup with crond check. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
12 KiB
12 KiB
| created | updated |
|---|---|
| 2026-04-02T16:03 | 2026-05-11T07:35 |
- Home
- Linux & Sysadmin
- Linux File Permissions
- Managing Linux Services with systemd
- SSH Config & Key Management
- Package Management Reference
- Ansible Getting Started
- Bash Scripting Patterns
- SnapRAID & MergerFS Storage Setup
- mdadm — Rebuilding a RAID Array After Reinstall
- Linux Distro Guide for Beginners
- WSL2 Instance Migration to Fedora 43
- WSL2 Training Environment Rebuild
- WSL2 Backup via PowerShell
- Self-Hosting & Homelab
- Self-Hosting Starter Guide
- Docker vs VMs for the Homelab
- Debugging Broken Docker Containers
- Docker Healthchecks
- Watchtower SMTP via Localhost Postfix Relay
- Setting Up Caddy as a Reverse Proxy
- Tailscale for Homelab Remote Access
- Network Overview
- Wake-on-LAN via Router SSH
- Pi-hole v6 Group Management — Per-Client DNS Rules
- AWS S3 Cost Management
- VPS Migration Baseline Checklist
- rsync Backup Patterns
- Tuning Netdata Web Log Alerts
- Tuning Netdata Docker Health Alarms
- Deploying Netdata to a New Server
- Netdata SELinux AVC Denial Monitoring
- Netdata n8n Enriched Alert Emails
- Logwatch Fleet Setup — Surviving Package Upgrades
- Updating n8n Running in Docker
- Mastodon Instance Tuning
- Mastodon — The
--prune-profilesTrap and How to Recover - Ghost Email Configuration with Mailgun
- Claude Code Remote Control — Mobile Access to a Persistent Host Session
- Linux Server Hardening Checklist
- Standardizing unattended-upgrades with Ansible
- Fail2ban Custom Jail: Apache 404 Scanner Detection
- Fail2ban Custom Jail: Apache PHP Webshell Probe Detection
- Fail2ban Custom Jail: WordPress Login Brute Force
- wp-fail2ban Plugin Logpath on Debian/Ubuntu (auth.log not syslog)
- SELinux: Fixing Fail2ban grep execmem Denial
- UFW Firewall Management
- Firewall Hardening with firewalld on Fedora Fleet
- Fail2ban Custom Jail: Nginx Bad Request Detection
- Fail2ban Custom Jail: Apache Bad Request Detection
- SSH Hardening Fleet-Wide with Ansible
- ClamAV Fleet Deployment with Ansible
- Fail2Ban Digest Mode — Fleet-Wide Quiet Alerts
- Apache CVE-2026-23918 — HTTP/2 Double Free Mitigation
- Open Source & Alternatives
- SearXNG: Private Self-Hosted Search
- FreshRSS: Self-Hosted RSS Reader
- Gitea: Self-Hosted Git
- rmlint: Duplicate File Scanning
- tmux: Persistent Terminal Sessions
- screen: Simple Persistent Sessions
- rsync: Fast, Resumable File Transfers
- Ventoy: Multi-Boot USB Tool
- Vaultwarden: Self-Hosted Password Manager
- yt-dlp: Video Downloading
- Streaming & Podcasting
- Troubleshooting
- Apache Outage: Fail2ban Self-Ban + Missing iptables Rules
- Mail Client Stops Receiving: Fail2ban IMAP Self-Ban
- firewalld: Mail Ports Wiped After Reload
- Tailscale SSH: Unexpected Re-Authentication Prompt
- Fail2ban & UFW Rule Bloat Cleanup
- Custom Fail2ban Jail: Apache Directory Scanning
- Tuning Netdata
web_log_1m_successfulfor Redirect-Heavy WordPress Sites - Castopod: Stale Federated Avatar URLs After Remote Profile Updates
- Castopod Posts Don't Appear on Mastodon — Diagnosing the Federation Path
- Nextcloud AIO Unhealthy 20h After Nightly Update
- n8n Behind Reverse Proxy: X-Forwarded-For Trust Fix
- Docker & Caddy Recovery After Reboot (Fedora + SELinux)
- ISP SNI Filtering with Caddy
- Obsidian Vault Recovery — Loading Cache Hang
- Qwen2.5-14B OOM on RTX 3080 Ti (12GB)
- LoRA adapter — GGUF conversion fails with 'config.json not found'
- yt-dlp YouTube JS Challenge Fix on Fedora
- Gemini CLI Manual Update
- MajorWiki Setup & Publishing Pipeline
- Gitea Actions Runner: Boot Race Condition Fix
- Cron Heartbeat False Alarm: /var/run Cleared by Reboot
- SELinux: Fixing Dovecot Mail Spool Context (/var/vmail)
- mdadm RAID Recovery After USB Hub Disconnect
- Windows OpenSSH Server (sshd) Stops After Reboot
- Windows OpenSSH: WSL Default Shell Breaks Remote Commands
- Pi-hole AI Blocklist Blocks Claude Desktop (ERR_CONNECTION_REFUSED)
- Claude Desktop MCP Server Started via wsl.exe Sees Empty Environment (WSLENV)
- Claude Desktop MCP Mass-Disconnect After Blocking SSH Reboot
- Patching PHP 8.4 Implicit-Nullable Deprecations in Vendor Packages
- Ollama Drops Off Tailscale When Mac Sleeps
- Ollama:
ollama runwith Piped Stdin Bypasses Chat Template + SYSTEM Prompt - rsync over Tailscale: Hung in TCP Teardown After Transfer Completes
- iOS Tailscale Clients Report HostName="localhost" — Breaks /etc/hosts Generators
- macOS: Repeating Alert Tone from Mirrored iPhone Notification
- ClamAV CPU Spike: Safe Scheduling with nice/ionice
- Fedora CA Bundle Missing Symlink — TLS Breaks Fleet-Wide
- Ansible: Vault Password File Not Found
- Ansible: ansible.cfg Ignored on WSL2 Windows Mounts
- Ansible: SSH Timeout During dnf upgrade on Fedora Hosts
- Ansible: regex_search Capture-Group Argument Fails in set_fact
- Fedora Networking & Kernel Troubleshooting
- Systemd Session Scope Fails at Login
- wget/curl: URLs with Special Characters Fail in Bash
- Ansible: Check Mode False Positives in Verify/Assert Tasks
- Ansible Fails with Permission Denied While
ssh <alias>Works (Host Alias Bypass) - Ghost EmailAnalytics Lag Warning — What It Means and When to Worry
- claude-mem: --setting-sources Empty Arg Bug (Claude Code 2.1.x)