OpenVPN comes with example-scripts to update /etc/resolv.conf using "resolvconf" or systemd-resolvconf. I don't use one of them therefore I modified the script so that it simply changes /etc/resolv.conf directly. I placed a variable "IMMUTEABLE" in this script. If IMMUTEABLE is set to 1, this script will change the fileattribute of /etc/resolv.conf to immuteable. In that way it is possible to prevent other programms like dhcp-clients to change /etc/resolv.conf while openvpn is running.
I proudly pronounce the first (pre-)release of cryptorecord. Cryptorecords is a ruby gem that provides an API and scripts for creating crypto-related dns-records(e.g. DANE). Currently it supports TLSA, OPENPGPKEYS and SSHFP but I plan to support other records in future. The API doesn't create any keys or certificates. It just takes existing keyfiles to create the DNS-records.
I wrote a role for managing MaraDNS with Ansible.
- Ansible 2.1+ (might ork with prior versions too)
- Debian-based Linux-distribution
ansible-galaxy install whotwagner.maradns
Check_MK is a great monitoring tool. One of it's strengths actually is, that it can automatically detect services and monitors it. I always monitored all public ip-addresses of my servers if they are listed on any dns-blacklist. I had to add new public ip's manually, so I reached out for a new solution. I found a nice little plugin in a GitHub-repository of HeinleinSupport. The plugin waIs great, but I missed two things.
I created 2 tasks in RTOS: one for reading from uart and one for the display(8x8 LED-Matrix). Both tasks are communicating via queues. The space-invaders-programm gets started by pressing F1. If F2 is pressed, the programm will display all keyboard-input on the led-display.