To everyone who wants to collaborate on content creation for the BSD Journal - write to me, join us on Matrix, or just get in touch!
We're ready to create and publish content; the platform is robust and just needs your help!
#SysAdmin
12 posts11 participants2 posts today
Make Your Own Backup System – Part 1: Strategy Before Scripts
https://it-notes.dragas.net/2025/07/18/make-your-own-backup-system-part-1-strategy-before-scripts/
IT NotesMake Your Own Backup System – Part 1: Strategy Before Scripts
More from 
Stefano Marinelli
2.5 Admins 256: Why ZFS
To celebrate the 256 milestone we devote the whole episode to explaining why we use ZFS. We explain about data safety, data retention, data portability, and ease of administration.
On 14h July (though it was already the 15th here), some of my monitoring jails started throwing errors. Not all of them, though. On the same host, an Uptime Kuma instance was showing a ton of servers down, while LibreNMS wasn't displaying any issues. After investigating, I discovered why. The jail running LibreNMS was using local_unbound (integrated into FreeBSD), while the other, perhaps for speed, was using Cloudflare's DNS.
DNS is like email, the Fediverse, and other similar services: they work better and make us freer when they're decentralized.
Let's go back to decentralizing the internet. Its very existence, as we've known it, depends on it.
Cloudflare 1.1.1.1 Incident on July 14, 2025
https://blog.cloudflare.com/cloudflare-1-1-1-1-incident-on-july-14-2025/
The Cloudflare Blog · Cloudflare 1.1.1.1 Incident on July 14, 2025On July 14th, 2025, Cloudflare made a change to our service topologies that caused an outage for 1.1.1.1 on the edge, resulting in downtime for 62 minutes for customers using the 1.1.1.1 public DNS Resolver as well as intermittent degradation of service for Gateway DNS.
We’re deeply sorry for this outage.
This outage was the result of an internal configuration error and not the result of an attack or a BGP hijack. In this blog post, we’re going to talk about what the failure was, why it occurred, and what we’re doing to make sure this doesn’t happen again.
hey remember using a web browser for the very first time? oh man was that frickin’ cool or what #ncsa #iykyk #sysadmin #chromewasamistake #positivity
Microsoft apparently decided to install "Edge Game Assist" on Windows Server 2022 for... reasons, I guess. Just in case your domain controller needs this *very cool* feature:
www.microsoft.comGame Assist | Microsoft Edge
This is my remote #backup #server. Yup, is a #laptop. A very old one, it has more than 12 years, and has been used as server, 24h for the last 6 years. It curses me every single day, but still keeps doing its job (running a #Debian stable with #sftp).
It has a very little and thin #heatsink, it clogs very often. I clean it once a year, but I should do it more often. But since it's at my parent's, this is what I can do. The battery still manages to keep it on for a couple of minutes in the event of a power outage, so it's able to shut down cleanly (but then has to be restarted manually by my parents).
#selfhosting #sysadmin #linux
It has a very little and thin #heatsink, it clogs very often. I clean it once a year, but I should do it more often. But since it's at my parent's, this is what I can do. The battery still manages to keep it on for a couple of minutes in the event of a power outage, so it's able to shut down cleanly (but then has to be restarted manually by my parents).
#selfhosting #sysadmin #linux
With @rocinante you can manage pkg installs, sysrc configuration, sysctl values, running services, ZFS setup and file copies all from standard Bastillefiles.
Automated host config made easy!
Where do I find job postings for a remote-only sysadmin/devops specialist?
Answer I will not accept: LinkedIn. That place is enshittified beyond repair.
Friendly reminder that Slack is going to automagically enable their brand-new magical AI pixie dust in everyone’s workspace on (I think) the 17th, so maybe go log into your Slack admin account and maybe disable the AI pixie dust before it infects *you* #ai #slack #sysadmin #bofh #offbydefault #jfc #sigh
I'm wrapping up the last tasks before I can release my neat application that gives you aggregated reporting of updates on hosts over ssh.
I've been writing nightmare abstractions to handle the case where some package managers need sudo to refresh metadata from repositories (Debian, for instance). I personally just do NOPASSWD for the command in sudoers on my stuff.
The nightmare comes from password prompting. I'm at the point where I have half a mind to just... not do it?
And instead require users to setup sudoers like that if they want to sync repositories on systems where it's needed. I'd of course document it nicely.
Is that insane? As a user would that just make you go "URGH" and fiercely uninstall everything before emailing me a picture of your middle finger?
Linux tip: `ss -s` provides socket statistics summary. Shows TCP/UDP connection counts and states. Much faster than parsing full socket lists when you just need connection metrics. #Linux #SystemAdministration #SysAdmin
I check the pager alert notifications before lights out during my on-call week, to make sure there are no longstanding issues that haven't been addressed by our Tier 1 folks. The team is still green and learning. The habit has saved our collective backsides again tonight. #sysadmin
Lazy sysadmin request: does anyone have a link to a well-updated user agent list containing bots, scrapers, AI agents, crawlers etc?
There are a bazillion on Github and Codeberg and a lot of them aren't maintained.
Ta!
When I complain that some software (or its dependencies) doesn't work on *BSD but requires Linux, I'm not criticizing Linux. For me, it's not an OS battle, but a matter of freedom and avoiding a dangerous and rampant computing monoculture. And when people reply to me with "well, just use it on Linux" - while they're giving me sensible advice - they're missing the crucial point: if it ONLY runs on Linux, it's not Linux's fault, but we are, precisely, creating a dangerous monoculture.
This breaks *a lot* of modern node.js stacks, and that's one of the reasons why many of them don't work on FreeBSD (and other BSDs):
https://github.com/thx/resvg-js/pull/5
while this is a 2021 commit, it seems that many node.js dependencies recently started to depend on it
GitHubchore: remove FreeBSD support by yisibl · Pull Request #5 · thx/resvg-js
Interesting: Serving 200 million requests per day with a cgi-bin
https://jacob.gold/posts/serving-200-million-requests-with-cgi-bin/
Jake Gold · Serving 200 million requests per day with a cgi-binIn the early 2000s, we used to write a lot of CGI programs.
This was the primary way to make websites dynamic at the time. These CGI programs were usually written in Perl, but sometimes in C to increase performance.
The CGI mechanism is conceptually simple but powerful. When the web server receives an incoming request handled by a CGI script (e.g. GET /~jakegold/cgi-bin/guestbook.cgi), it:
Sets up environment variables containing request metadata (HTTP headers, query parameters, request method, etc.) Spawns a new process to execute the CGI program Passes the request body (if any) to the program via stdin Captures the program’s stdout as the HTTP response Sends any error output from stderr to the error log The CGI program reads the environment variables to understand the request, processes it, and writes an HTTP response to stdout, starting with headers.