Now also available via Tor
http://iwccx6ebuapto7dlkd4m5fooud6nqn2z7go7aass5c4q6vl6gzs5htad.onion/
Einträge
-
Updating my servers to Trixie
It’s about time. Debian Trixie has been released in August 2025. I finally got around to gather my motivation to execute the update.
I have like 5 VPS, all running Debian. Still running Bookworm until recently. So over the past two weeks, I upgraded the servers step by step, going with the “least problematic” servers first. (Gut feeling).
Turns out, my intuition was relatively right. What confused me extremely is that the upgrade notes appear to have moved to a readthedocs look like page. Previously, iirc, it was always a chapter in the Debian Handbook.
So, the pain points of Debian updates, for me, always is the config file updates. Usually, I want to keep my changes, but use some of the package maintainers changes. It’s frustrating for me that Debian asks me for a decision in the middle of an upgrade. I’d actually like an option, “just continue with the upgrade, keeping my config, for now”. Which could be problematic for major upgrades with option deprecations I guess? There probably is even some option for this (dpkg-reconfigure debconf?), and I just haven’t RTFM. As it happened in the past.
The actual major pain point was indeed the last server. I’ve been accumulating various questionable packages on this one, for some reason, I installed ffmpeg in the past, which means there were lot of X-related libraries pulled in. During the cleanup, I unwisely must’ve fired off some purge command1… Which I acknowledged without looking properly. The result was that my entire /etc/letsencrypt directory was erased, as I used the distro-supplied certbot in the past. I just removed the package at some point and installed certbot via pip. So Debian/dpkg still thought that directory needed cleanup. Ooops. So I spent yesterday evening, extremely frustrated, fiddling with the nginx config manually, adding temporary fake certs/keys, so that nginx would start at all, so that certbot could work, and I could re-add the certificates again.
The second biggest pain point is Python virtual environments. Since Debian upgrades always(?) update the Python minor version, all existing venv’s stop working, since a) they are created with a pointer to, e.g.
/usr/bin/python3.11, and b) packages/modules go into a version-specific site-packages subdirectory. So, the procedure always is go through all of them, recreate the venv, reinstall all packages, hope it still works. In my case, even the Python script that triggers buildbot builds didn’t work anymore, becausefrom future.utils import itertools2 didn’t work anymore, and needed to be replaced bydict.items(). And my looking glass didn’t work no more because apparently Python stopped shipping thecgimodule. The current “replacement” seems to be legacy-cgi. I have no “proper” solution for this yet.Lesson learned: Read the fucking output before you hit enter.
-
Via ansible, nonetheless. ↩
-