in Tech

tagged fedora, vagrant, virtualbox

Upgrading to Fedora 23

I upgraded to Fedora 23 last night, and it went pretty smoothly.

I started with sudo dnf system-upgrade download --releasever=23, which started with a fun dowload of 2.5G of package upgrades (still better than Xcode!). I ran into the documented upgrade issue with the vagrant package, but the workaround of --allowerasing fixed it.

All the copr and rpmfusion packages I was using were all set for Fedora 23, and nearly all worked right away (more on that in a bit).

Then came the scary sudo dnf system-upgrade reboot. I entered in my encryption password, and it started spewing out the list of packages it was going to upgrade. Aaand then about a thousand packages in, it went screwy. After freaking out for a few seconds and tweeting about it (priorities!), I hit esc to go into the GUI mode, and esc again for text mode, and everything was fine. Yay!

Everything else went fine, and it booted up into Fedora 23 properly. The first thing that went wrong was that it did not automatically connect to my wifi network, and it couldn't see any of them. Turning the wifi off and on fixed it. I had seen thiis issue once on Fedora 22, so I don't think this is a new regression. Since VirtualBox broke last time, I tested it next...and it was broken. The kernel module wasn't built. I noticed that the kernel-debug and kernel-debug-devel had not been upgraded, so I ran sudo dnf update --best --allowerasing to force their upgrade. After a reboot and sudo akmods, VirtualBox started up! (Related, there's been some progress on getting MediaWiki-Vagrant to work with libvirt so I can drop VirtualBox.)

After that, I tested out Chromium and PyCharm since they are from a copr repository, and both worked fine. The only major thing left I haven't tested is the Google Hangouts plugin, but I try and avoid using it so that might take a while.

Overall, this upgrade went pretty nicely, and felt relatively non-disruptive. So far the most jarring difference is the new wallpaper. :-)

in Tech

tagged letsencrypt

Lets Encrypt first impressions

Today I spent two hours setting up an SSL certificate with Lets Encrypt for the wikiconferenceusa.org website.

It. Was. Easy. It was relatively straightforward, and I felt comfortable with all the steps I went through.

First, I cloned the git repository, and ran the letsencrypt-auto script, which installed the necessary dependencies and started setting up our account and fetching the SSL certificates. At this point it complained that we had a service running on port 80 (varnish) and that we had to stop it temporarily for the process to continue. That wasn't really ideal as it would have caused downtime. After asking in #letsencrypt on freenode, I was pointed to the --webroot-path option, which worked, and required no downtime!

At that point, the certificates were saved in /etc/letsencrypt/ and ready for usage. Since we already had a different certificate for wikimediadc.org, we had to set up SNI, which also was pretty straightforward. Except I made a typo and spent 30-45 minutes randomly debugging until I noticed it, and then everything worked!

In conclusion, it was really easy. I've signed up legoktm.com for their beta, hopefully it is approved soon, so you'll be able to read this over HTTPS :-)