Category: Server

Posted on

How to install cockpit dashboard on older Raspberry Pi 3, running Bookworm

Cockpit dashboard is a convenient dashboard for home user or enthusiasts for monitoring several SOHO servers. It supports multiple Linux based operating system, however there are some caveats in installing in Raspberry Pi 3 as it runs on older Bookworm based operating system.

first your need to add bookworm-backports.

echo "deb http://deb.debian.org/debian ${VERSION_CODENAME}-backports main" | sudo tee /etc/apt/sources.list.d/backports.list

Then you need to configure the keyring

curl -O http://http.us.debian.org/debian/pool/main/d/debian-archive-keyring/debian-archive-keyring_2023.4_all.deb 

sudo dpkg -i debian-archive-keyring_2023.4_all.deb

Afterwards, you need to run this combo command to update software packages list

apt update  && apt -y upgrade

Then finally you install cockpit via bookworm-backports

apt install -t bookworm-backports cockpit

After everything is done, you may check cockpit dashboard by going to:
http://<ip address>:9090. and log in using your system username and password.

sample screenshot of cockpit on raspberry pi 3 / bookworm
sample screenshot of cockpit on raspberry pi 3 / bookworm
sample screenshot of cockpit on raspberry pi 3 / bookworm
Posted on

Getting Rid of /.well-known/traffic-advice 404 errors in nginx web server

It seems Google have implemented private prefetch proxy in Chrome for Android.

The upside of this private prefetch proxy is improved browsing experience for mobile users by reducing waiting time for web pages to load.

The downside is, as web server administrators – you might find a lot of 404 status in your web logs.

To solve this, you could either :

  • Write directive to ignore 404 logs for “traffic-advice”
  • Create “/.well-known/traffic-advice file for each domain and set the file to be served with “application/trafficadvice+json” MIME type [source]

Solution

Luckily, TechTitBits have come up with a convenient solution which only involves adding a few lines in configuration files to enable Chrome for Android prefetched proxy in nginx.

location = /.well-known/traffic-advice {
    types { }
    default_type "application/trafficadvice+json; charset=utf-8";
    return 200 '[{ "user_agent": "prefetch-proxy", "fraction": 1 }]';
}

With this solution, you would only need to add the location block within the server { } context in the site configurations.

Thank you for the tip: Traffic Advice configuration for Nginx

Posted on

Solving DKIM verification FAILED with Bad Format in Gmail email messages

DKIM (Domain keys identified Mail) is a scheme for which allows a receiver to verify that the email originated (or authorized) by the domain’s owner via a digital signature.

Having DKIM signature adds credibility to the email messages sent from the origin host/domain, which is crucial for automated emailing system to avoid the messages from being suspected as SPAM email or spoofed email.

I managed to set up DKIM for an academic journal website which I’ve managed. The journal’s runs on Open Journal System web application, the addition of DKIM is crucial to avoid GMail or Microsoft Live from labeling the automated emails sent from the academic journal from being labeled as spam.

At first I found that the DKIM scheme that I’ve setup was running fine and the email messages was verified correctly from my Organizational email domain. However, I’ve noticed a problem when the automated email sent from OJS is not properly verified by Gmail-addressed account (@gmail.com). Upon inspection in the email header, I’ve noticed that the GMail marked the DKIM signature sent from my domain as “bad format”. Example below:

DKIM:	'FAIL' with domain jcrinn.com

dkim=neutral (bad format) header.i=@example.com header.s=mail header.b=AbCdE5g;

After hours of searching and debugging, including referring to the DKIM NS TXT record for reference, I finally found out that Gmail treat the “g=*” optional parameter as required, and thus I’ve to append “;g=*” to the DKIM TXT record on my domains’ DNS record.

So it become similar like this:

TXT default._domainkey  v=DKIM1; p=yourPublicKeywHiCHi5+abit+1OnG; g=*

After altering the records, it seems GMAIL finally able to verify the automated emails sent from my OJS-based web application

The “signed-by” is visible when DKIM is successfully validated by GMail

Hopefully this will work out fine for you too!

P/S: DigitalOcean has an excellent tutorial on DKIM installation and setup in GNU/Linux operating system.

Posted on

Digitalocean upgraded their Droplets hosting Offering

Good news for those looking for VPS hosting solution. Digitalocean has upgraded their droplet offering by increasing the diskpace and RAM at the same price point.

Here are the new Droplets package from Digitalocean:

The most interesting plan is Flexible droplets where you can resize the droplets at any time choosing between with RAM or vCPU at the same price point.

Benefit for existing customer:

Existing customer can enjoy the new price point by clicking “Resize” option to get the new offering from Digitalocean

Benefit for new customers:

New customer will enjoy USD10 giveaway when signing up with Digitalocean. Remember that Digitalocean charges by hour, so you can test drive their VPS in a few days and can decide whether you want to continue or not with their service without any penalty