Who would have thought, right? :-)
After installing my certificate from Let’s Encrypt last week I was immediately confronted with the fact that I had made the wrong choice in regard to key sizes. By using a 4096-bit private key I was relying too heavily on the RPi2’s CPU. This became abundantly clear as page load times were increased by 500 – 1000ms.
So you’re hosting your own WordPress blog on a Raspberry Pi 2 and want to join the HTTPS everywhere movement to ensure optimal privacy for your visitors. That’s great, but what kind of performance penalty can you expect as CPU intensive tasks are hardly a favorite with the RPi2. Is the extra computational cost of encrypting data and doing handshakes going to significantly slow down your site?
Well, you can probably answer that question yourself as your browser has just loaded this page over a secured TLS connection. Though WordPress can still serve static content generated by my caching plugin, there is no hiding the additional burden of doing handshakes and encryption. On my RPi2, the extra overhead is between 500 – 1000ms depending on latency.
I had some issues today with the Akonadi server failing on my Slackware 14.1 box at the office, so I resorted to killing X for a quick revival. However, issuing startx only resulted in the following errors:
I woke up this morning to a mail informing me that WordPress had been upgraded to version 4.4.1. Shortly after I tried to access my blog to verify that everything had gone smoothly, but unfortunately my webserver showed no sign of life. Since I’ve previously had a few hard learned lessons with the RPi2, that made me a bit uneasy. A couple of hours later though, as I was reviewing my logs, the problem became pretty obvious:
Some big news was revealed through the Slackware Current (pre-release) changelog today as the switch from udev to eudev was finally announced.
udev, which is a device manager for the Linux kernel was absorbed into systemd back in 2012 with a notion of fully supporting systems not running systemd.
As a response to the merging of udev into systemd, the Gentoo eudev project (an udev fork) officially launched a few months later. Their goal was to provide better compatibility with existing software, older kernels, various toolchains and anything else required by users.
So the last report from my Slackware based RPi2 hosting project ended on a cliffhanger (pun intended), as I was just recovering after suffering data corruption, the occasional kernel panic and random errors. Suspecting the instability might be caused by my overly optimistic approach to overclocking and overvolting, I decided to turn things down a few notches.
Excited by the prospect of hosting my blog on the new Raspberry Pi 2, I decided lately to wave goodbye to the local datacenter and unleash a Slackware Linux box into the wild (full story here).
Everything went (mostly) without a hitch until I wanted to get back in sync with the Slackware-current tree. After applying the available updates and issuing a reboot, the system seemed operational and nothing from the logs gave any indication of imminent failure.
Two weeks ago, I decided to move this blog from its old hosting and deploy it on a Raspberry Pi 2. The geek in me could no longer resist the urge to discover if a $35 worth computer could replace the need for commercial hosting. Besides, what a great opportunity to finally get my hands on Slackware’s official ARM port.
Raspberry Pi 2 Model B Raspberry Pi 2 Micro USB Power Cable 1.2A MicroSDHC Ultra UHS-I 32GB
Slackware ARM current Package series: a, ap, d, l, k, n (and a few from “x”). Apache 2.4.12 (rebuilt) MariaDB 5.5.40 (rebuilt) PHP 5.4.40 with mod_proxy_fcgi and php-fpm (rebuilt) Non stock packages: Modsecurity 2.9.0 Fail2ban 0.9.1
A hardware floating-point unit you say, well I’d never heard of it.
No additional software is required on a full Slackware 14.1 install.
Slackware 14.1 ships with KDE 4.10.5.
If you don’t already have a key pair (secret and public key), then your first order of business is to create one. The preferrable option is to use the CLI with the command:
gpg --gen-key
KDE provides two graphical tools for working with GPG, namely KGpg and Kleopatra. KGpg will walk you through the initial setup using an interactive wizard and subsequently create the needed key pair and config files (do not use Kleopatra for your initial setup).
If you’re importing an existing private key then make sure to change the default trust level afterwards.
IPredator is a swedish VPN service offered with the stated goal of providing internet privacy.