Gone are the days where every employee sits in an office cubicle from 9AM to 5:30PM, Monday to Friday. Having a physical location with the blinking lights of a VPN appliance or whining server is no longer a given and thus the ‘traditional’ approach of whitelisting company IPs and having your colleagues VPN in to the corporate network just isn’t...
Despite the popularity of Kubernetes, AWS’s Elastic Container Service (ECS) offering is fantastic for many containerised workloads and avoids a lot of the complexity that comes from using and operating a full-blown container orchestration platform. Add in Fargate with its attractive pricing and low management overhead and you have a great way to easily host containers. One challenge of using...
In a previous article, we looked at a method of restricting access to a CloudFront distribution with the use of a CloudFront private key that could sign cookies granting access to private files or even a static website. With AWS Lambda@Edge, we can remove a few of the steps in that article and replace them with a Lambda function that...
Most build systems have a built-in method of producing status badges or a plugin that will create them. With CodeBuild, we can use CloudWatch Events and a Lambda function to generate a badge when our build succeeds or fails, upload it to S3 and then display it in our README. To get started, the following JSON is a shortened example...
Setting up mutual authentication can be a little daunting, especially when the docs for a library you’re using don’t always have a good example. Top it off with having to make your own certificates, and the whole process can be a real PITA! To make it easier, we’re going to be using a tool from the great people at Square,...
Amazon’s Simple Storage Service doesn’t natively support password-protected access, however we can use a CloudFront distribution and private ACL to control access to the bucket and then use Lambda to issue signed cookies after validating a password. via GIPHY How it works A user visits the CloudFront distribution. This could either be directly to the abcde.cloudfront.net hostname or a CNAME....
I’ve always wondered if there’s a way to speed up Ansible executions as creating a new SSH connection for each command seemed excessive. However, I’d never looked for a solution until today when I discovered a very neat feature that shares SSH connections called pipelining. Enabling it as simple as adding the following to an ansible.cfg file located somewhere it...
Finding a connection or memory leak can be difficult at the best of times and near-impossible without good visibility of what your application is doing. To make things worse, it’s easy to end up in production with something leaking that you may not have existing monitoring or metrics for. Adding this to the code might not be an option and...
Note to self: if you want PostgreSQL to accept your non-lowercase database name, enclosure its name with quotesdocker configserver firewall iptables csf debian systemd
The following creates the database frustratingerror: CREATE DATABASE FrustratingError; The following creates the database FrustratingError: CREATE DATABASE "FrustratingError";
By default, the Docker daemon will automatically configure iptables rules that allow communication with containers and, additionally, the outside world through the use of exposed ports. If you’re like me and using ConfigServer Firewall, this may not be desirable as these rules will bypass the firewall configuration and let anyone access the exposed container ports. To get around this, it’s...
At the time of writing, Rancher does not publish VM images that are not aimed at a particular cloud provider and I therefore set about installing RancherOS with just the provided ISO. Step 1: Download and import images To begin, download the RancherOS ISO and then upload it into OpenNebula’s image system. sudo -u oneadmin -i cd /tmp wget https://releases.rancher.com/os/latest/rancheros.iso...
I recently played around with a few Linux distros and ended up keeping CentOS as my daily driver. One thing I missed, however, was having the “System settings” option on the grub menu that would reboot the computer into the BIOS / UEFI options (present in Ubuntu & Debian). To add this option on CentOS, create the following file and...
One issue I had while replacing FreeNAS with FreeBSD was that, by defualt, vnet support isn’t enabled in the kernel. To resolve this, I compiled a custom kernel as follows: Step 1 - download the kernel sources Change the FreeBSD version, as appropriate. pkg install subversion svn checkout http://svn.freebsd.org/base/release/10.2.0/ /usr/src Step 2 - create a custom config cd /usr/src/sys/amd64/conf #...
I recently replaced FreeNAS with FreeBSD after installing even basic tools in the main OS (without first using a jail) became tedious and I wanted to explore how each of the components (e.g sharing & plugins) were implemented. Below is a service description file that Avahi will use to broadcast the server’s share capabilities. It allows an easy one-click to...
When working late at night, I enjoy using the excellent f.lux app. Unfortunately, setting it up on CentOS wasn’t as easy as I’d hoped. Below are the steps I took to get it working. Step 1 - install dependencies sudo pip install pexpect sudo yum install gnome-python2-gconf pyxdg python-appindicator Step 2 - install f.lux git clone https://github.com/Kilian/f.lux-indicator-applet.git cd f.lux-indicator-applet sudo...
Subscribe via RSS.