Gentoo

How to enable TLS 1.3 on Gentoo Linux

I figured it was about time for this Gentoo powered blog to enjoy the security and performance enhancements provided by TLSv1.3. However, that meant leaving “Gentoo stable” behind and travel on a journey of discovery into the land of the unmasked and dangerous.

Gentoo - Tor 0.3.4.9 stable on amd64

So why is this release noteworthy? Well, I experienced an issue with the previous release (Tor 0.3.4.7) where I was unable to get sandboxing to work due to the following error:

Gentoo - ModSecurity 2.9.1 lands in stable on amd64

Gentoo developers recently marked mod_security-2.9.1 and modsecurity-crs 3.0.2 as stable on amd64, thus allowing me to move on from the dormant ModSecurity 2.7.7 release. Good thing I got this update on a Sunday though as it turned out to be more than a simple drop in replacement.

Gentoo - New slot for PHP 7.2 on amd64

PHP 7.2 just went stable on amd64 providing me with an opportunity to finally migrate away from PHP 7.0. Unlike the PHP 7.1 releases, PHP 7.2 offers significant performance improvements.

Python 3.6 default target reverted on Gentoo

After a long rebuild session yesterday due to the Python 3.6 upgrade, I was not overly impressed when issuing emerge --sync eventually resulted in a proposition to revert yesterdays work:

Python 3.6 is now the default target on Gentoo

Python 3.6 recently replaced Python 3.5 in the default Python targets on Gentoo systems. The change was announced a month ago, which provided more than enough time for me to forget all about it. Because of this, I was somewhat surprised today as Portage complained about unmet requirements for the fail2ban-0.9.6 ebuild.

Zapping crashed services on Gentoo Linux

While configuring my first Gentoo VPS I somehow managed to crash a service and discovered that I had actually no idea how to recover it. The service no longer had any matching processes but it still refused to stop, and simultaneously insisted it was already started. Severely embarrassed I made sure nobody was looking and rebooted the server.

How to enable HTTP/2 in Apache 2.4 on Gentoo Linux

I recently added support for the HTTP/2 protocol on this server and I am really pleased with the additional performance gains. This VPS was already running a functional LAMP stack, so the following steps describe the necessary configuration changes for my setup which relies on Apache with PHP-FPM.

Gentoo 17.0 profile upgrade is complete

This Scaleway hosted Gentoo x86_64 server (VC1S with 2 cores and 2GB of RAM) has finally completed the move to the new Gentoo 17.0 profile. Rebuilding my entire system consisting of 277 packages lasted 26 hours and went by without any issues. All packages were re-emerged with --jobs=1 to keep the system responsive during compilation, and to avoid exhausting available memory.

Gentoo 17.0 profile warning

Gentoo throwing a warning about the use of a deprecated profile.

Gentoo - Protect your running PHP version from emerge depclean

Now that I’ve been running this blog on Gentoo Linux for a while, I’ve discovered a few new potential gotchas when failing to pay attention while interacting with Portage. The latest addition to my list was nearly removing my running PHP installation with emerge --depclean.