The main okcomputer.org website is in the process of being moved to a new server this weekend. Some applications may be off-line for short periods of time. Let me know if you have any questions and thank you for your patience!
Sorry, folks, but the server crashed again late yesterday afternoon. I’m going to have it up and down for the next hour or so.
Apologies for the downtime today. After an almost seamless upgrade to Ubuntu 9.10 the server had two completely unexplained crashes within the first 90 minutes back online. I paid a visit to the colocation facility, but couldn’t find any issues or get the crash to repeat. I used my time there to clean out some old kernel cruft, so maybe that will help. Anyway, I’ll post a real maintenance window before I do the next upgrade.
As promised, I finally made new certificates for all okcomputer.org TLS and SSL-enabled services. The new certs were pushed into production for HTTPS, SMTP STARTTLS and IMAPS this afternoon, and (so far) they seem to be working fine.
As usual, my recommendation is to set-up the okcomputer.org CA certificate as a trusted authority in your web browser and/or email client, and you won’t be bothered by certificate warnings until 2013. (The new service certificates will expire in February 2011.)
Please contact me if you have any questions.
After over a year since our last fiasco, I have finally gotten around to restoring the okcomputer.org homepage. Rita, I hope you’re happy. Please let me know if you’re having any problems with your favorite okcomputer.org sites and services.
In the meantime, we’ve added a new affiliate site, kip-kids.com, for Keneseth Israel Preschool.
It also appears that all of our application certificates have expired. I’ll update them this weekend.
okcomputer.org will be upgraded from Ubuntu Linux 7.10 to 8.04 Friday morning, May 23, between 10:00AM and Noon EDT. Most services will experience some downtime during that time period. Please let me know if you have any questions.
Update (Fri May 23 2008, 11:46 AM): The server has been upgraded and most services appear to be running well. Service testing will continue throughout the day. Please let me know if you encounter any issues.
Shortly after the big server rebuild a few weeks back I was examining the web server logs and I noticed that several sites were stealing okcomputer.org bandwidth by linking images from the okcomputer.org Photo Gallery directly into their web sites. So while I was rebuilding the web server I implemented a very common Apache mod_rewrite recipe so that these bandwidth stealers would get a very different image than the one they linked to — nothing gross, just the pic of me playing the ukulele that I drag out every now and then.
Well, apologies if you accidentally got that photo when you were trying to print your Photo Gallery pictures through Shutterfly. I hadn’t thought about that, but it’s fixed now.
I will be upgrading all WordPress installations tonight from version 2.3.2 to 2.3.3. Blogs will be offline for a short period of time around Midnight.
In the interest of security, I have already updated the version of the vulnerable xmlrpc.php file to a patched version in each installation with no obvious ill effects.
I spent last night rebuilding the okcomputer.org certificate authority and creating new certificates for all TLS and SSL-enabled services. Very early this morning I pushed the new certificates for HTTPS, SMTP STARTTLS and IMAPS into production and they seem to be working fine.
The beauty of this is that you can now set-up the okcomputer.org CA certificate as a trusted authority in your web browser and/or email client and you won’t be bothered by certificate warnings for the next five years. (The individual service certificates expire yearly.)
I’ll try to get a page up here soon explaining how to import the CA certificate (you should just be able to click the link above to install it in your browser), but please feel free to contact me if you have any questions.
User accounts, IMAP service and SMTP will be migrated to the new server Friday night, January 11, between 10:00PM and Midnight EST. During this time period SSH logins will be disabled (including scp) and mail services will not be functional. Incoming mail will be queued on an external server so nothing should be dropped.
Please let me know if you have any questions.
UPDATE 1/12/2008:
I’ve synchronized all login accounts and moved SMTP and IMAP to the new server. IMAP and SMTP relaying have tested good using SquirrelMail and Thunderbird. Exim is receiving mail and testing it with SpamAssassin.
Jessica reported a password problem, which has me a bit nervous, so please try to test your accounts ASAP and let me know about any problems.