Setting up Cloudflared, the DNS-over-HTTPS client, the correct way

DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol, which prevents eavesdropping and manipulation of DNS data by man-in-the-middle attacks by employing HTTPS encryptions between the DoH client and the DoH-based DNS resolver. At the time of writing, the official guide at Cloudflare is broken,… Continue reading Setting up Cloudflared, the DNS-over-HTTPS client, the correct way

Building the latest Windows 10 Enterprise VL USB installer from scratch

If you are a Microsoft Volume License customer, the usual channel for obtaining creating a bootable USB for OS installation is to obtain the ISO images via the Volume License Service Center (VLSC) or Microsoft Business Center (MBC), and then using tools such as Rufus or the good old Windows USB/DVD Download Tool to write… Continue reading Building the latest Windows 10 Enterprise VL USB installer from scratch

Published
Categorized as Guide, 折腾

Safely upgrade from Debian 9 to Debian 10

It is jarring when you come across VPS providers in mid-2020 and they only provide up to Debian 9 (or Debian 8) for the OS image. Fortunately, it can be easily upgraded via a few commands, as depicted in this article.

Published
Categorized as Guide, VPS

HAProxy as a TCP reverse proxy with DDNS target discovery and load balancing

HAProxy is an excellent tool for forwarding or load-balancing TCP traffic. It is far more memory-efficient than socat and offers a persistent configuration between reboots, but without requiring net.ipv4.ip_forward to be enabled. Compared to NGINX, HAProxy offers a more comprehensive and user-friendly status page with far more metrics, which can be easily integrated with third-party… Continue reading HAProxy as a TCP reverse proxy with DDNS target discovery and load balancing

A Cloudflare DDNS script that uses an API Token instead of your Global API Key

I have been using this simple bash script for a while for my DDNS needs. It is simple enough for quick deployment, and gets the job done. That is until Caddy2’s Cloudflare DNS provider moves away from Global API Key to API Token for the API access. This prompted me to rethink the security implications… Continue reading A Cloudflare DDNS script that uses an API Token instead of your Global API Key

Get Caddy 2.0 now with Cloudflare DNS Provider module for automatic TLS

Caddy 2.0 has finally entered GA since about a day ago, after three Release Candidates which I didn’t use. So now is high time to upgrade all our production servers to the latest and greatest version, because those 1.0.4 installation works really well and life is too boring when everything just works, we need to… Continue reading Get Caddy 2.0 now with Cloudflare DNS Provider module for automatic TLS

修改 ServerStatus-V 探针脚本配合 vnStat 2.x 版本使用

网上常见的改版 ServerStatus 探针里采用的流量统计是根据 python 函数 psutil.net_io_counters() 所返回的数值来显示的。所以每次系统重启就会清零,作为检测小鸡每月流量有没有跑超的实用性不大。后来发现了以 vnStat 流量统计为基础的 ServerStatus-V 项目,用比较科学的自然月流量采集方式补足了原来 ServerStatus 的短板,这也是我一直沿用的版本。 最近适逢 Ubuntu 20.04 LTS 问世,我把手头上一大波的 VPS 系统更新,大致顺利。但后来发现探针监控台里越来越多小鸡的流量报告均为 0 | 0。难道是更新后比较节省流量吗?当然是不存在的。强迫症发作下无可奈何只好研究一下代码… 果然,问题就出现在这行代码里:

Installing the latest version of Aria2 in Ubuntu 18.04 LTS

Aria2 is a headless (command-line based) multi-protocol downloader. It supports the downloading of HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink resources. Many frontends exist for Aria2, they are available either as standalone apps, or browser extensions. Technically Aria2 can function by itself, but I don’t consider its command-line functionalities to be usable for most. Thanks to… Continue reading Installing the latest version of Aria2 in Ubuntu 18.04 LTS

Activating Google Mobile Services on a HUAWEI MediaPad M6 8.4″

My Huawei MediaPad M6 8.4″ tablet has just arrived as a replacement for the everyday tablet that I broke earlier. Shattered glass and shit. Being a super-thin bezels sucker, I find the M6’s sub-S$400 pricetag irresistible. It even has harman/kardon audio… but I was soon disappointed to find out that it doesn’t support aptX codec.… Continue reading Activating Google Mobile Services on a HUAWEI MediaPad M6 8.4″