Writing a Custom Model Field for Encryption

Lately I’ve been learning web development with Django. I have a few projects I’ve been working on and have learned a ton. Something I came across in one of my projects was the need to encrypt fields in the database. Being a DevOps/Security guy I know the whole arguments against and for using encryption on specific database fields. In this case I am storing some usernames and passwords for a site I am scraping, and felt that encryption was better than nothing. I found an article but didn’t like the exact way they were implementing the encryption so I changed it. Below is that implementation:
Read more →

Migrating to Lambda from Cron Jobs

One of my jobs (at least as I see it) is not only to automate infrastructure, but also to consolidate and simplify infrastructure. Too many companies I have worked at have small bits of amazing things, surrounded by loads of convoluted messes left by others. As we move more and more into public cloud infrastructure, in this case AWS, I started thinking about the things I could simplify using AWS only tools. The old way of doing things (as set up by the engineers before me) was to have loads of cron jobs, running across multiple machines, for tasks like taking EBS snapshots. This isn’t a problem when everything is humming along perfectly, but as soon as something breaks, the hunt for where it broke begins. My old strategy involved using the bastion hosts (those that sat on the outside of the VPC for access to VPC machines). But even this could be missed by someone who doesn’t understand my particular way of doing things. This also doesn’t provide consolidated logging either, unless you consume logs from every bastion host into some logging service. Enter Lambda.
Read more →

Appending open-resolv-conf settings to OpenVPN Configuration Files

Quick bit of Python code that I came up with this evening. I was running into an issue inserting some open-resolv-conf configuration commands to the end of my VPN providers OpenVPN configuration files. These resolv-conf settings are important in order to fix DNS leaks when using a VPN tunnel. The issue was that spaces in the file name don’t play nicely when used in a simple shell script. So I cooked up this Pythonic way to do it.
Read more →