-
Borgbackup, Private SSH Keys, and MacOS
Thursday, February 23, 2023
I use a MacBook Pro for work. It’s not ideal, but better than Windows. I also use the phenomenal Borg and Borgmatic for my backups up to BorgBase . I wanted to get my work laptop backed up in case of an issue, but was having problems getting OSX Ventura to read the unlocked private SSH key I use to connect. I ended up concocting this script which searches for the correct environment variables and sets them so the cronjob can use the key. …
-
gitlab, gitlab runners, k3s, and building all the things
Saturday, June 25, 2022
Although originally using Gitea for hosting, and Drone for my CI engine, this setup proved to be difficult. I continually had problems with Done, and actually had the Gitea database corrupt at one point. With all this I decided to just move back to Gitlab. They run a great service, and it’s what we use at work so I am quite familiar with them and their CI/CD setup. I installed the Gitlab Runner on my internal K3s cluster, and am now using that to do all my builds and deployments behind my firewall. I hit a few bumps along the way, so I wanted to document the final setup for posterity and anyone else who might be having issues as well. …
-
nginx-ingress, cert-manager, and default wildcard certificates
Friday, January 28, 2022
I have quite a few internal only services running on my Kubernetes cluster. For all these services I wanted to use SSL, but using the default method of getting an ACME certificate from Let’s Encrypt (HTTP-01) wouldn’t work due to my setup. I also didn’t want to have to generate a certificate for every service I decided to spin up. Using cert-manager I was able to generate an ACME wildcard certificate and then set it to the default certificate on the nginx-ingress. …
-
Using TinyDB JSON with S3
Thursday, October 28, 2021
We recently wanted to use S3 as a simple database storing a JSON object. Using both TindyDB and jsonObject I was able to make this work. I created a subclass using tinydb and used boto3 to connect to S3 and pull in a JSON object to use as a pseudo-ORM database. …
-
Drone and Hugo
Wednesday, August 4, 2021
This blog is deployed using a series of technologies from Kubernetes and Helm down to its core using Hugo. One of the annoyances with Hugo is that one needs to build the static content before it is deployed. This is easy enough to do, all you need to do is invoke the hugo command while in the correct directory, but I constantly forget to to this manual step. Instead of manually trying to remember to run this, I built out my Drone CI to do it for me. …
-
Cloudflared and Internal Services
Tuesday, July 20, 2021
In my new position I work more with Kubernetes than I ever have in the past. This is a great thing, because I think Kubernetes is an amazingly powerful tool, and is quite enjoyable to work with once you understand the in’s and out’s of it. As such I decided to migrate just about everything I run over to a new Kubernetes cluster. Initially I ran two clusters: one internal to my firewall for non-world accessible stuff, and one in the cloud for world accessible stuff. Then I found out about Cloudflare Tunnels (formerly Argo Tunnel) and moved to a single cluster proxying through Cloudflare. …
-
CentOS and Newer Versions of Python
Wednesday, September 2, 2020
When working on Python development locally on my Arch machine, I am generally either working on Python 3.7 or 3.8. This is usually not an issue since Lambda natively supports Python 3.7. However, on CentOS 7 and 8 the latest version of Python available is 3.6. In order to sanely get Python 3.7 on CentOS I wrote the following little playbook that uses Pyenv to install the version of Python I need on the servers. …
-
Vagrant, Libvirt, and nftables
Monday, August 17, 2020
Vagrant and libvirt work just fine together when using the standard iptables firewalling, but I wanted to move to the simpler (IMO) nftables. However, getting everything working properly was no simple task, so here is the process of how I got it all to work (finally). …
-
CentOS 8 Software RAID Monitoring
Sunday, July 5, 2020
My current home server uses software Linux RAID to run my two large RAID arrays. By default, CentOS 8 does not monitor the status of these RAID devices for you. It is highly recommended that you set up the monitoring of your devices lest you forget and have all your data disappear. …
-
Use JQuery to Write Data to a Variable
Saturday, April 25, 2020
Needed a way to put data pulled from my API (via Django REST Framework) into a variable for graphing. …