Login
I actually got pretty excited when they finally announced CentOS 8.
Why?
Because Iโm a weird computer guy who likes to try out different operating systems. Hell, I still have an OpenSolaris Live DVD from 2009 and I reseed Haiku torrents. I once even bought an overpriced 15-20 year old Mac desktop tower from a pawn shop just to play around with Mac OS 9.
So, as soon as I could, I spun up a local VM to test things out.
I had only been at Reclaim Hosting for a few months at that point, and had only officially been our SysAdmin for, like, a day when they announced CentOS 8. And my new role meant that I was going to be dealing with CentOS 8 quite a bit, seeing as how it was going to be the next version of the OS we run/ran quite a bit of our infrastructure on.
And then they killed CentOS.
And I had no idea what the hell we were supposed to do. Because if youโre running an enterprise Linux server then youโre gonna with the premier enterprise Linux distro: RHEL.
But if youโre running a ton of enterprise Linux servers and donโt have the budget to get a RHEL licenses for every single one, then youโll go with the free and community supported distro thatโs, like, 99% compatible with RHEL: CentOS.
Well, I guess not anymoreโฆ
I mean, rationally, I knew that alternatives/replacements were going to spring up. Eventually. Far too many people were far too reliant on CentOS to just let it die like that. But in the moment it was a little worrying, because:
So, yeah, very worrying in the moment.
But then cPanel made a great announcement: they were going to support Ubuntu.
Iโve run Ubuntu on both desktop and servers, and Iโll readily admit that Iโve had my problems with it (there are reasons why I run Manjaro on my desktop and not Ubuntu or one of its derivatives). apt can get weird awful sometimes with dependencies and I absolutely hate snaps. But itโs not all bad with Ubuntu. Itโs pretty straightforward to use, and I also like how there are ways to upgrade the server between releases (which is something that canโt be said for CentOS/RHEL, or even Debian, at least if I recall correctly). Oh, and (to my knowledge) they havenโt EOLโd a major release of an OS that is relied on by countless people out of nowhere for no good reason.
So, I was rather content to start working on getting us Ubuntu-ready in preparation for CentOS 7โs EOL.
But the Ubuntu stuff was still going to be a lot of work.
While both Ubuntu and CentOS are Linux, thereโs differences in package managers, package names and dependencies, paths to configuration files, and so on. So it wasnโt going to be a matter of just picking up our scripts from a CentOS machine and running them as they are on an Ubuntu machine. I had to test each part of the process, each script, each server vendor, each PHP module, and so on. If all of these tedious and repetitive little things werenโt part of the process to automate something, I may have gone insane, and so on.
For the most part it was simple. Replace yum with apt, replace checks for 7 with checks for 20.04, change the paths of some binaries, AND SO ON.
Maybe the tedium and repetition did drive me to madness, and so on.
It was actually the install processes for cPanel and Bitninja that caused the most headaches during the process.
Bitninja needed a specific dependency before it could be installed on Ubuntu, and a botched install of cPanel did something weird to the repos. So I had to install that package prior to doing anything else.
FreshRSS apt install apt-transport-https --yesAnd then the reason why the cPanel install was getting botched was that it didnโt like the installed-by-default MySQL client. So that (and its dependencies) had to be uninstalled rather early as well. It also had trouble installing a few dependencies, so I installed these right after.
apt remove snmp libsnmp35 libmysqlclient21 --yes && \
apt install libnl-genl-3-200 libnl-3-200 --yesBut even after all of that the cPanel install kept stalling up because service restarts (and outdated kernel versions) needed to be acknowledged interactively. So I had to make a conf change to just let those things happen automatically.
sed -i "s/^\#\$nrconf{restart}.*$/\$nrconf{restart} \= \'a\'\;/" /etc/needrestart/needrestart.conf && \
sed -i "s/^\#\$nrconf{kernelhints}.*$/\$nrconf{kernelhints} \= \-1\;/" /etc/needrestart/needrestart.confAnd then after cPanel was finally installed, I realized that the test WordPress instance I setup was totally broken. And after digging through cPanelโs PHP settings I saw that quite a few critical Easy Apache modules were not installed. Turns out that while CentOS has their package names like mod_whatever, Ubuntu has them like mod-whatever. But this was easy enough to fix with more sed.
sed -i "s/mod_/mod\-/g" /path/to/ea4modules.jsonSo after quite a bit of trial and error, quite a bit of reading the logs, and quite a bit of yelling at my machine, I finally was able to get an Ubuntu server running cPanel and all the other normal stuff! And after a few more tweaks and fixes, I was able to get another one up; and that second one became our first Shared Hosting server running Ubuntu as opposed to CentOS.
Speaking of which, thatโs where youโre reading this from now. Yeah, my sites are now being served from a new Ubuntu server rather than a CentOS server. I was my own test subject. Partly because I wanted to hold off on subjecting anyone else to my OS experiments, and partly because FIRST ACCOUNT ON OUR FIRST UBUNTU SHARED HOSTING SERVER. WOO.
So thatโs nice.
Ubuntu is definitely going to be our future. At least on the cPanel front.
But weโre not gonna be fully locked in to Ubuntu like we were with CentOS. Just in case, yโknow? Because while cPanel is a big part of what Reclaim Hosting does, it isnโt the only thing, and some of the things we run do require something CentOS-ish. And that something CentOS-ish is shaping up to be AlmaLinux.
And maybe (thanks to cPanel) we might even be able use AlmaLinux to extend the lives of our existing servers through in-place upgrades from CentOS 7!
Maybe.
Thatโs something I still need to look into.
But Iโll talk about that more when we get there.
I2P is one of the many darknets floating around (running over?) the internet and Iโve been playing around with it since, like, high school. Itโs peer-to-peer, censorship resistant, and overall just super cool. And by peer-to-peer I mean that you can share files over the network (using torrents) while both remaining anonymous and not being a nuisance to other users (unlike Tor).
Also unlike Tor it doesnโt have its own โbrowser bundleโ.
I mean, it did at one point. But then it got discontinued.
Before the browser bundle I had to rely on a manually configured secondary browser, which I am now back to doing. Itโs not a majorly inconvenient process, but wow was that browser bundle very convenient.
Iโve been a die hard user of Firefox (and browsers based on/related to Firefox, like Camino or pre-Chromium Flock) since the early/mid 2000s and I have no plans to ever switch over to Chrome or its ilk. Even though the browser wars are over, I will forever continue the struggle as part of the dissident Firefox-users campaign. Sure, I have to rely on Google for plenty of other things (like my phone, calendar, contacts, cloud storage, captcha protection for this site, and so on), but theyโll never get my browser! Or email! Or web searches (mostly)!
You can have my Gecko layout engine when you uninstall it from my cold, bricked, SSD.
So obviously, Iโd use something Firefox-ish for my manually configured secondary browser. And the Firefox-ish browser Iโm using here is SeaMonkey; the direct descendant of the original Mozilla Application Suite which Firefox, as well as Thunderbird (which I still use as a desktop mail/RSS client), were spun off of from.
In addition to a browser, SeaMonkey includes an email (and newsgroup) client, an IRC client, an HTML editor, and an email address book.
So, why SeaMonkey? And not, likeโฆ a separate Firefox profile or container tab or something.
Well, for all their similarities (both being darknet-proxy-software things and all), I2P and Tor are different. They fill different niches, I guess. While they both have hidden services and out-proxies to the clearweb, Torโs focus is definitely on the latter, while I2P seems to focus more on the former. And I2Pโs hidden services arenโt all websites (Iโm not saying all of Torโs are though); I2P also has email, and IRC, and torrents too!
And also Iโm already comfortable doing things this way. Leave me alone.
The first thing I did here was actually getting the software. I did a manual download/installation rather than relying on my machineโs package manager, because I didnโt want to have to build possibly outdated versions from the AUR that may overwrite whatever changes I made after an update. Links to download both SeaMonkey and I2P are below.
Download SeaMonkey โ https://www.seamonkey-project.org/releases/
Download I2P โ https://geti2p.net/en/download
Like I said before, I2P hidden services arenโt all websites, but that is a large part of them, so configuring SeaMonkeyโs browser was going to be necessary.
Configuring the browser is pretty straightforward. The process for SeaMonkey is more-or-less the same as the process for Firefox, the only difference being the location of where the changes needed to be made. In SeaMonkey, the Preferences are in the Edit menu, and the proxy settings will be in Proxies under the Advanced section.
And once thatโs configured (and once I2P is running) the router homepage can be found here: http://127.0.0.1:7657
I will admit that it has been a bit painful when I have to run updates for SeaMonkey, as Iโve had to temporarily disable the proxy. Updates to I2P, however, are done entirely within I2P! Via torrents!
I love torrents.
Thanks to the mysterious and venerable postman, getting an I2P email address is super easy. And it works like any other email address; messages can be sent to whoever! And that ainโt just limited to other folks with I2P email addresses. It works Clearnet-to-I2P (and vice versa) as well!
I donโt really make use of the email service, because Iโd really only be sending encrypted emails talking about encryption (relevant xkcd), but itโs still a useful tool for folks that need it. And by default, I2P actually has a pre-configured browser-integrated mail client that works great.
But sometimes having a dedicated(-ish) mail client is good. Itโs not something I need, but still, I can do it with SeaMonkey.
If you can set up a mail client for a normal email account then you can do the same for an I2P mail account. Only POP3 works though, so thatโs what I had to use; no IMAP. Also, I didnโt have to select any encryption/connection security settings because all packets being sent through I2P are encrypted anyways.
I used 127.0.0.1 as the host for both POP and SMTP over ports 7660 and 7659 respectively (as mentioned in I2Pโs list of used ports). By default, these ports are tunneled to/from the mail service that postman runs, but if I wanted to use another service I can change them in the I2P tunnel settings.
I was able to configure the IRC client, Chatzilla, pretty quickly as well. It was just the matter of adding a network named irc2p, and then adding a server under that network, with the actual โserverโ being 127.0.0.1 and the port being 6668.
And again, no encryption/connection security settings were necessary here either because everythingโs encrypted anyways.
I2P has some documentation on configuring other IRC clients thatโs definitely worth a read.
Like the email service, the mentioned port (6668) is also set to tunnel to/from the a service run by postman, but I can always change this if I want (same way as the email stuff).
Since I did a manual install of both SeaMonkey and I2P, I had to do some manual work to actually set up a shortcut. I installed both pieces of software in the same directory (i2p-browser) and then wrote a bash script to, first, start the I2P router (in headless mode) and, then, start SeaMonkey. After SeaMonkey exits, I then stop the router.
#!/bin/bash
/path/to/my/i2p-browser/i2p/i2prouter start && wait
/path/to/my/i2p-browser/seamonkey/seamonkey && wait
/path/to/my/i2p-browser/i2p/i2prouter stopI then created a .desktop file to point at this script, and stuck it where all of those custom .desktop files go in GNOME (~/.local/share/applications/). That way a shortcut will be in my applications menu, and I can start the whole thing with one click.
[Desktop Entry]
Type=Application
Name=i2p Browser
Comment=
Categories=Network;WebBrowser;Security;
Exec=bash /path/to/my/i2p-browser/i2p_browser_start.sh
Icon=/path/to/my/i2p-browser/i2p/docs/console.icoYeah, I use GNOME. Fight me.
By default, when I2P starts, it will open the router console in the default browser. Since I didnโt want this, and wanted to use SeaMonkey, I unchecked that settings in the router config.
A web browser, mail client, and IRC client. That pretty much covers everything thatโs part of SeaMonkey. And once itโs all configured, itโs on to browsing the invisible internet.
But what about torrents? Iโve mentioned torrents a few times here. How am I going to start using those? Well I could try configuring my normal torrent client, Deluge, to proxy traffic through I2P using a SAM Bridge andโฆ
I2P actually includes, by default, a browser-accessible torrent client called I2PSnark! And, because of how I2P works, itโs totally anonymous! Since, like, everything is encrypted. And also I2P is a darknet.
I2P has plenty of other cool features that I really need to explore, like anonymous git hosting. Maybe after I play around with (finally) setting up my own hidden service on I2P (theyโre called eepsites) like I did with Tor I can finally do that.
Read more of this story at Slashdot.
