Lately I’ve been learning web development with Django. I have a few projects I’ve been working on and have learned a ton. Something I came across in one of my projects was the need to encrypt fields in the database. Being a DevOps/Security guy I know the whole arguments against and for using encryption on specific database fields. In this case I am storing some usernames and passwords for a site I am scraping, and felt that encryption was better than nothing. I found an article but didn’t like the exact way they were implementing the encryption so I changed it. Below is that implementation:
For the last week or so I’ve been evaluating drone.io as a replacement for our current CI engine (spoiler: we aren’t going to use it). Something that I ran across that wasn’t immediately obvious on how to achieve was pulling private images from Google Container Repository. Although there is a thread on the Discouse forums that touches on it, I had to do some testing on my own to actually get it working. Here is what I did.
Yesterday I decided to resurrect my keybase account. For those of you that don’t know what Keybase is, I suggest you check it out. Among also being (another) secure method to chat, they have a unique feature that allows you to verify that you are the person who is behind other accounts and/or websites. For instance, I verified my Github account, so you can be sure that the Github account @binaryronin is actually the same person writing this article (as I also verified this website), and the person you are messaging on Keybase.
As I continue to push forward the use of AWX in our infrastructure, there is continued need to test what we are producing. Much like any other kind of development, sometimes we need a local environment to test something. This came up recently for me in AWX because I was testing a role that modified the AWS Task container in order to provide enhanced functionality. I wrote the following little shell provisioner that gets AWX up and running quickly for testing.
I’ve got AWX deployed in production currently. Obviously for production, you need to SSL for authentication. Since AWX doesn’t offer this currently, and I’m not paying $20/month just for a ELB for this, I decided to slap Nginx in front of the containers to proxy SSL. This ended up being a larger pain than I expected because of the websockets. Finally got it figured out and wanted to post my nginx config for anyone else trying to do the same thing.