Data storage finally outgrew the 1Gb network’s capacity to effectively back it up in a timely manner. Then Solarwinds effectively demonstrated how vulnerable users of commercial software are. The nefarious n’er-do-well cyber vector is officially un-constrained. Remote users may not appreciate it, but the site is now hosted on a beefy 2nd gen Ryzen with plenty of RAM, running nothing but open-source software. Moving things off the old Synology NAS was a week-long project fraught with bumps in the sysadmin road and learning updates aplenty.
The video-monitor project mentioned in the last post yesterday was a 3-day debacle, due mostly to my own rusty admin skills. There were import issues with the WordPress site, so look for missing images and broken links until I go back and fix everything. I’ve yet to have a WordPress site of any size import correctly.
The Synology stuff is great kit, but aimed more at corporate customers with deep pockets on the high end, with minimal performance/capability on the low end. My DS418play is a great little mid-tier 4-pocket raid machine that served well for several years, performing all the typical LAMP duties associated with a web site like this. But it’s mine in name alone, with no OS/application control. Can’t trust it anymore, and it contains spinning disks. Pretty sure I never trusted the DSL router either, but at least it’s a throwaway item.
Planned new topology will be a 10Gb edge behind a real stateful firewall. Activating a 2nd interface on this machine will be the day it moves into pure server status and I start building a new workstation. That last portion of the project awaits funding.
The 5712 Trumpomania silver lining: Build Back Better!
Late Update 8 Jan: Turns out every local WordPress link is off by the same .php value and there’s ALOT of missing carriage returns. I’ve been displeased with the direction WordPress is heading – this just confirms my fears. I believe this is actually the first time I’ve run the latest version. Synology is always versions behind and even runs an ancient kernel. I’m sure i’ts been securely Synolygized, but…
I have a feeling alot more software licences are going to soon be re-written, or alot less COTS is gonna be found in the networks. Can’t trust ’em.