Leveraging GitHub Actions for CI/CD
GitHub Actions is a very flexible tool, but it's important to leverage it securely. In this post I set out a basic framework for managing secure deployments to AWS, using a Django project as an example.
Matrix Synapse server setup guide
The last few days have been A Lot. I would like to start this blog post before I go anywhere else with it with some encouragement for those who have the means to do so to donate to any or all of these bail funds for protestors or find other ways to support your local BIPOC community.
New self-hosting experiments
As I’ve detailed previously on this blog, I mostly maintain my own web services. Stuff like my website, mail server, so on and so forth - I’m handling it with my own preferred architecture rather than outsourcing to a managed provider. Recently, I’ve been on a kick looking at what else I could take on on my domain, or what makes sense for me to explore.
Slimming down your Hugo static site
Over the last few months, I have spent a good chunk of time working on minimizing the page load on my website. When I first redeveloped out of Wordpress. Of course, the previous site was massive; I think I was running somewhere around a 2 MB page load with all the scripts and high-resolution pictures and stuff.
On content ownership
A quick one today. I wanted to touch on why I chose to redevelop the site as opposed to, say, just moving over into Medium or Blogger or something where I could just write and not worry about maintaining the website1. I did give serious thought to scrapping the content and just setting up redirects to Medium for a while.
Why I gave up on SEO
When I rebuilt this site earlier this year, one of the big changes I decided to make was that I wouldn’t bother with SEO. Quite frankly, I didn’t really see the point of it; before, I was at least in part using the blog to market myself as a professional, and for the last couple of years I haven’t had any reason to do that as I’m quite happy with where I’m at.
Building a comment system for a static site, part 3
Adding features like antispam, comment replies, and formatting rules to a custom-built comment system.
Building a comment system for a static site, part 2
Creating and implementing a dynamic comment system for a static website using AWS Lambda, API Gateway, and DynamoDB.
Building a comment system for a static site, part 1
Brainstorming a minimum viable product and defining requirements for a dynamic comment system for a static website.
Building a static site with Hugo, Terraform, and AWS
If you’re a frequent visitor to my blog, you may notice that it has a very new look as of today. This facelift isn’t just cosmetic or just related to any personal disclosures (although I’ll admit those played a role) - I’ve actually changed the framework that the blog runs on from Wordpress to Hugo as part of my exploration of serverless computing and web hosting.
Handling environment-specific parameters in a web hosting environment
One of the big roadblocks that I had to figure out when I was setting up some of my more complex websites was how to get environment-specific parameters to apply across environments. When you have things like different database endpoints, different passwords, even different debug options, it’s important that there’s an easy process that doesn’t add too much complexity to what you’re doing.
Basic nginx + PHP-FPM config for securely hosting multiple websites
I previously wrote a post about setting up PHP-FPM and Apache in a scalable way with vhosts and separate FPM pools. Since then, unfortunately, I feel like not only is the article outdated (written for an old version of CentOS) but that it also doesn’t reflect my current feelings towards scalable web hosting.
Migrating services with zero downtime using EFS and lsyncd
Today, I want to talk about a situation that I found myself in recently. I have a production mail server that I had to migrate recently, as the OS version was getting quite out of date. Unfortunately, when I stood the server up, I didn’t plan on ever migrating - so I set everything up using local storage.
Avoid duplicate Christmas gifts this year
Last year, my family and I ran into a Christmas gift issue for the first time; my grandfather ended up receiving 2 copies of the same book for Christmas from different people. Since we’re pretty spread out geographically and we tend to buy stuff from a lot of different sources, it was an understandable miscommunication.
Deleting all your Tweets
Don't pay a service to delete your tweets! Just follow the instructions in this post and do it yourself for free.
Adding SpamAssassin filtering to your mail server
Last week, I finally decided it was time to move forward with getting all of my mail self-hosted. I’d been using my mail server primarily for sending automated messages, but my previous mail service was really limiting me in terms of what I was able to do, so I finally bit the bullet and went for it.
Open Status Page
Back in 2016, I spent a little bit of time working on a project for some friends. As part of that, I wanted to provide website status monitoring in an easy to digest format. I started out by trying out the New Relic Synthetics monitoring service, but New Relic seemed like a little bit of overkill for what I was trying to do - without the need for server metrics or application metrics, what really was the point?
Lower your build costs with Jenkins and EC2 Spot Instances
Sometimes, a company may choose to avoid continuous integration due to the cost constraints of having a dedicated build server if working on-premises, or the high hourly cost of a powerful build server in the cloud. In a personal project I was working on recently, I ran right up against these cost constraints on a smaller scale - I didn’t want to wait forever for my builds to finish, but I also didn’t want to spend at a higher hourly rate to keep a build server up!
DevOps, put simply
I know I’m late to this party, and to be honest, Jon Hendren already said it a lot better than I could ever, but I wanted to write this - at the very least, to cut to the core of the hundreds of DevOps conferences and the thousands of mid-level managers throwing around the term like it’s the new buzzword-equivalent of “synergy".
Amazon now allows IAM roles to be attached to existing EC2 instances
Just wanted to dash off a quick note. Amazon Web Services announced last week that you can now add IAM roles to your existing EC2 instances. This means you won’t have to recreate an instance in order to attach a role - now, you can use my tutorial on sending backups of your EC2-hosted data to S3 on instances you’ve already created, and not just new instances.
Creating S3 backups of EC2 data in the AWS cloud
As part of my switch over to the AWS cloud and specifically EC2 after my physical server started having issues, I wanted to make sure that I had reliable, consistent backups. Amazon provides a great solution for this in the form of Amazon S3, a service that provides eleven 9’s of durability for stored data.
A definitive Postfix/Dovecot mail server guide
My physical server finally bit the dust last month, so I finally took the opportunity to move up to the Amazon Web Services cloud. In the process of building my new cloud server, I realized I needed to get a mail server working - but I hadn’t ever built out a Linux mail server before past the very basics of configuring Postfix and Dovecot for a web hosting environment.
How to set up 2FA on your CentOS server
Recently, I was looking into (casually, as an experiment) setting up two-factor authentication on CentOS 7, using Google Authenticator. All of the articles out there right now are kind of out of date, though, so I figured I’d walk through the process from an “it worked for me” perspective so that everyone has an updated reference in 2016.
An easy dedicated syslog server
Recently, I had the need to put together a centralized internal logging server. While the growth of external monitoring services like Loggly or Sumo Logic is awesome (and trust me, I’m not arguing this point – I use both of these services extensively myself!), centralized syslog is still the best solution in some use cases.
Enable cross-origin requests in Zabbix
Recently, I received a couple of requests asking about how to get zabbixweb working on an external server, as by default you can’t hit the Zabbix API from external servers on both the appliance downloaded from the Zabbix site and the default install on RHEL-based Linux servers. I looked back at my original blog post, and sure enough, I forgot to explain how to do that!
Multiple-site configuration for Varnish Server
Recently, I started looking into building a Varnish server that could handle multiple websites, possibly running multiple frameworks. I knew that it was possible to include extra VCL’s based on hostname as seen on the Varnish Software blog, but when I tried to implement that in my config, I kept on getting errors.
Resolving EPEL 404 errors (yum errno 14)
Today, I ran into an interesting issue with yum where I was unable to contact EPEL repository mirrors – every mirror was throwing “filelists.sqlite.xz: [Errno 14] HTTP Error 404 – Not Found”. I tried uninstalling and reinstalling the epel-release package, but that didn’t help. It turns out that this issue is caused by cached data in yum and can sometimes happen when repos update.
An outline for designing multi-layer system architecture
Recently, I was tasked with improving site performance and page load speed by refining our server architecture at one of my positions. I had given this some thought in the past, but this gave me an opportunity to reconsider the way I look at infrastructure. In one of the projects I’m working on, I had to think a lot about purpose differentiation – having different processes on different servers that communicate between each other as opposed to having one big behemoth of a program that requires a monster server to run on.
How to install Symantec Backup Exec Agent on CentOS/RHEL 7 Minimal
Recently, I was helping evaluate new long-term backup options to replace Microsoft’s DPM due to their lack of support for Linux, and one of the options that we were looking at was Symantec Backup Exec 2014. Unfortunately, if you look at their software compatibility list, you’ll notice that they do support Red Hat 7, but with a very important caveat – you can’t install as minimal.
Installing Varnish 3 on CentOS 7
Oddly, there isn’t a lot of information on installing Varnish 3 on CentOS 7. There’s well-written instructions on the official site for CentOS 5/6, but for 7, it seems like you’re stuck with Varnish 4 (from the epel-release repository), especially if you’ve searched around and found forum threads like this one.
Zabbix web interface up on GitHub
Just a quick note that I’ve added the Zabbix frontend to a GitHub repository. There’s been a lot of interest in this frontend over the last week or so, and to that end I figured it’d be nice to have a place where we could all get together and work on improving it.
Building a better Zabbix frontend
Recently, I ended up looking into Zabbixas a server monitoring solution. I was very impressed, but I felt that the reporting features left something to be desired; they were very robust, but it was hard to get all the information I wanted on one page.Zabbix’s bulky monitoring screensIt was great for monitoring one server on a screen – giving me history of resource usage in pretty graphs and so on – but there really wasn’t a good way to get a view that would give me all of this information in a compact manner for all of the servers I wanted to monitor, at the same time.
Installing Apache 2.4 with PHP 5.4 on CentOS 6.5
Recently, we were looking into how to install Apache 2.4 and PHP 5.4 with PHP-FPM on our CentOS boxes, as PHP 5.3 with Apache 2.2 was feeling a bit outdated. Since CentOS 7 isn’t quite out yet, we put together a process to install these on our CentOS 6.5 servers (Update: Now that CentOS 7 is out, the process is a lot more straightforward: just run yum install httpd php php-fpm.
Putting the “fast” back in FastInviter
I’ve been developing a new tool recently. It’s called FastInviter, and is publicly available at both its website as well as in a GitHub repository. I’ve been having a lot of fun developing it, but I hit a big snag along the way that made it seem…well, more like SlowInviter, to be honest.
My trip to jQueryTO
Over the weekend, I went to the jQueryTO conference in Toronto along with a couple of work collegaues. I’m not a pure jQuery developer by trade – sure, I know a bit about it, and I use it to do my AJAX calls, stuff like that, but I’m not coding in it all the time – so I wasn’t sure how much benefit I’d see from it.