How to issue ACMEv2 Wildcard with Certbot on Ubuntu 18.04

We need to issue a willdcard SSL certificate for the domain *

Install certbot:

enter the following command to request the certificate (make sure you change the domain name with yours):

and follow the instructions. You will be required to create a TXT record for your domain.

Finally, do the following if you need to convert the private key to PKCS1 format:

Jenkins and SSL: x509: certificate signed by unknown authority error

This is something that really run me mad and took a while to have it sorted. Unfortunately there is not much documentation online, therefore I am posting this for personal reference and to help others who could stumble upon the same issue.

I needed to set-up a private Docker registry at as part of our CI/CD setup and obviously we wanted it over https.

This can be achieved easily with Letsencrypt just by following a couple of on-line tutorials, but it happens that I had a COMODO wildcard certificate for our testing domain.

Jenkins can be run with something like this:

However, make sure that REGISTRY_HTTP_TLS_CERTIFICATE is the entire certificate chain. With COMODO certificates you can achieve that with something like the following:

and then run the above docker command with:

Similarly, if you decide to put Jenkins behind a nginx proxy, as we did, make sure that the server section includes the following configuration variable:

My quest for a Linux compatible 5Ghz USB dongle

So, the day came when I finally got a fiber line at home: 150Mbps symmetrical.

No, just one problem left. The socket and, consequentially, the Wifi router are not on the same floor as my workstation.

So, options are:

  • a repeater (I have but only supports 2.4Ghz);
  • new USB antenna.

I decided to buy a new USB antenna and after a few unlucky try finally got a Zoweetek 1200Mbps Dual Band receiver:

Decent price and a lot of features.

Let’s install on Kubuntu 18.04 LTS.

First I tried:

No luck. It is reconigzed but does not show up on KDE wifi manager.

So, then:

It works.

If you need to check if your antenna is supported, firs look for the device id:

you will have get something like this:


Al look for the something like:

Speed test:











ZFS: setting up a mirror with ZIL and L2ARC optimizations

I have always been a big fan of ZFS and had the opportunity to set up a Solaris network backup server with data deduplication. It was the time when I was running my small VPS business and needed to be able to make live snapshots of our clients VPS disks. ZFS and its data deduplication feature saved the day!

Anyway, back to present. New PC at home with Kubuntu and I need a lot of fast storage to keep up with Parity heavy IO requirements.

I am going to set-up a ZFS mirror with dedicated L2ARC and SLOG devices.


First, I am going to get the IDs of the drives to add to the zpool:

Now, I am going to create a mirror pool named data with those two 3TB Toshiba HHDs:

A short explanation about the above command:

ashift=12 For Advanced Format Disks with 4KB sector size, an ashift of 12 is recommended for best performance.
-m will mount our zpool at /home/whitenoise/data/

Finally, I gong to add a caching SSD disk for the L2ARC and ZIL. The ZIL disk is definitely oversized for what I need but this is what I have available now:

and check the zpool status:

Everything seems to be OK.

The zfs daemon is capable of loading a zpool and mounting it at boot. In order to do this we need to setup a cache file, then enable the zfs daemon.

We can also active compression and atime with:

Compression has a low CPU footprint so you should have it active.


Now, I am going to tune the L2ARC device by adding the following to /etc/modprobe.d/zfs.conf

To get a full list of configurable options:



Converting an Array of Objects to an Object.

Very useful post which explains how to an array of objects to an object of objects: