Update FreeBSD 7.2

The freebsd-update command can be used to update a FreeBSD system

https://www.freebsd.org/doc/handbook/updating-upgrading-freebsdupdate.html

freebsd-update 
usage: freebsd-update [options] command … [path] 
Options:
   -b basedir   -- Operate on a system mounted at basedir
                   (default: /)
   -d workdir   -- Store working files in workdir
                   (default: /var/db/freebsd-update/)
   -f conffile  -- Read configuration options from conffile
                   (default: /etc/freebsd-update.conf)
   -k KEY       -- Trust an RSA key with SHA256 hash of KEY
   -r release   -- Target for upgrade (e.g., 6.2-RELEASE)
   -s server    -- Server from which to fetch updates
                   (default: update.FreeBSD.org)
   -t address   -- Mail output of cron command, if any, to address
                   (default: root)
Commands:
   fetch        -- Fetch updates from server
   cron         -- Sleep rand(3600) seconds, fetch updates, and send an
                   email if updates were found
   upgrade      -- Fetch upgrades to FreeBSD version specified via -r option
   install      -- Install downloaded updates or upgrades
   rollback     -- Uninstall most recently installed updates
   IDS          -- Compare the system against an index of "known good" files.

To get the updates do

freebsd-update fetch

Let it run and download the updates, then run

freebsd-update install

Should say it is installing updates. Then done.

LibreNMS ./validate.sh – Some folders have incorrect file permissions, this may cause issues.

Helpful article here. https://wifitechtalk.com/librenms-permissions-error/

When running the following command,

sudo /opt/librenms/validate.sh

I’ve been getting the following errors.

[FAIL]  Some folders have incorrect file permissions, this may cause issues.
    [FIX]: 
    sudo chown -R librenms:librenms /opt/librenms
    sudo setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
    sudo chmod -R ug=rwX /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
    Files:
     /opt/librenms/storage/framework/views/adc52b677409cdba8d8e89dc

You can run the commands and fix the problem, but they pop up later and it does the same thing.

Create Script to fix permissions

Work around is to have a script run these commands every few minutes.

vi /root/librenms_fix_permissions.sh

Add the following

#!/bin/bash 
sudo chown -R librenms:librenms /opt/librenms 
sudo setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/ 
sudo chmod -R ug=rwX /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/

Make the script executable

sudo chmod +x librenms_fix_permissions.sh

Add to Crontab

sudo crontab -e 

Add the following entry to Cron to run every 30 minutes

*/30 * * * * /root/librenms_fix_permissions.sh

Firefox performance improvements for Linux

Bunch of tweaks and enhancements are on the arch wiki

https://wiki.archlinux.org/index.php/Firefox/Tweaks

Two specific ones that can help with performance are enabling OMTC and WebRender

https://wiki.archlinux.org/index.php/Firefox/Tweaks#Enable_OpenGL_Off-Main-Thread_Compositing_(OMTC)

Open up Firefox and about:config

Search for “layers.acceleration.force-enabled”

Enable layers.acceleration.force-enabled

Search for “gfx.webrender.all” and set to true

Enable gfx.webrender.all

Restart Firefox.

Email error – The certificate does not match the expected identity of the site that it was retrieved from.

The certificate does not match the expected identity of the site that it was retrieved from.
The server's identity does not match the identity in the certificate
Hostname in certificate didn't match

The reason for the above errors are due to the fact that the email client is trying to use mail.mydomain.com and the email server is mail.emailserver.com.

So the email client pulls the certificate for mail.emailserver.com and reads that this certificate is for mail.emailserver.com, NOT for mail.mydomain.com. Hence the conflict and it throws an error.

If you can, accepting the certificate should let everything work. It appears that on recent versions of iOS their may be some problems trusting it. The other work around is to use the actual mail server host. So mail.emailserver.com

Installing LineageOS on Raspberry Pi B+

Download LineageOS

Download the unofficial LineageOS 16 build from the following page

https://konstakang.com/devices/rpi3/LineageOS16.0/

Unzip

Unzip the file with

unzip ~/Downloads/lineage-16.0-20200207-UNOFFICIAL-KonstaKANG-rpi3.zip

Write to SD Card

Either use the instructions on the following link to write it to the SD card

https://www.raspberrypi.org/documentation/installation/installing-images/windows.md

Or use DD

WARNING! Make sure “/dev/mmcblk0” is the correct SD Card. Refer to here if you need to locate the path for the SD Card.

sudo dd if=~/Downloads/lineage-16.0-20200207-UNOFFICIAL-KonstaKANG-rpi3.img of=/dev/mmcblk0 bs=1M status=progress

Plug you SD Card into your Pi and boot it up.

How To setup a L2TP vpn in Mikrotik

Open up PPP and select L2TP Server. Set it to Enabled, set IPsec to yes, and set the IPsec secret.

Add L2TP Server

Next go to PPP -> Profiles and modify the default-encryption one. You can setup an IP Pool to use for the VPN clients when they connect.

Setup Profiles

Next go to the PPP -> Secrets and configure the user to connect.

Setup User

Setup your VPN client and connect.

LibreNMS – Daily.sh failed

All the following commands are run from the “/opt/librenms” directory

$ sudo ./daily.sh 
Re-running /opt/librenms/daily.sh as librenms user
Updating to latest codebase                        FAIL
error: Your local changes to the following files would be overwritten by merge:
        html/js/lang/de.js
        html/js/lang/en.js
Please, commit your changes or stash them before you can merge.
...
$

Checking with validate.php shows that you can run githup-remove to fix it

$ sudo ./validate.php
[WARN]  Your install is over 24 hours out of date, last update: Mon, 23 Feb 2020 05:43:12 +0000
         [FIX]: 
         Make sure your daily.sh cron is running and run ./daily.sh by hand to see if there are any errors.
 [WARN]  Your local git contains modified files, this could prevent automatic updates.
         [FIX]: 
         You can fix this with ./scripts/github-remove
         Modified Files:
          html/js/lang/de.js
...
$

Run “sudo ./scripts/github-remove -d”

$ sudo ./scripts/github-remove -d
Are you sure you want to delete all modified and untracked files? [y/N] y
$

You should also be able to remove the files individually if the above command does not work.

Run validate again to make sure it checks out good.

Now run ./daily.sh