Telekom Cloud CI/CD demo
Pre-requisites Preparation Base infrastructure Notes ...
Post tagged: service
3D Printing updates
A quick guide to 3D printing materials
Ansible Best Practices
This is a conversion from a presentation/pdf by Tim Appnel. I attached a copy here too. Roles and Modules ...
OpenTofu
Introduction Origins Why use OpenTofu Using OpenTofu ...
Inetd like service with systemd
This is an example of a socket-activated per-connection service (which is usually referred to as inetd-like service). A thorough explanation can be found at 0pointer.de. Define a socket unit The key point here is to specify Accept=yes, which will make the socket accept connections (behaving like inetd) and pass ...
cisco bridging
This article is here as a reminder. So, for testing, I needed to configure a Cisco CSR1000V virtual router as a bridge. So I used a version 16 Cisco IOS XE image. To make my life easier I used the "wizard" that runs the first time to automatically configure bridgning. Ironically, this created an invalid ...
File system encryption in Alpine Linux
This is similar to my previous article Encrypting Filesystem in Void Linux but for Alpine Linux The point of this recipe is to create a encrypted file sytem so that when the disc is disposed, it does not need to be securely erased. This is particularly important for SSD devices ...
Enable syslog with void
In void Linux, the default is without logging. Most cases it is OK for desktop use. If you want to enable syslog service in void, you need to install: socklog-void Also to let your user have access to the logs, use: ...
Stupid SSL tricks
Some hints and tips foor doing SSL related things: Netcat for SSL This command lets you connect to a SSL server (a-la netcat): cat request.txt | openssl s_client -connect server:443 Creating self-signed certificates This is a single command to generate a self-signed certificate: ...
My tale of IPv6 blues
My ISP provider is KPN. They recently enabled IPv6 in my street. I was using before a IPv6 Tunnel Broker, starting with SixXS and after they went out, with Hurricane Electric. So naturally, I decided to switch to KPN's native IPv6 service. They provide a /64 prefix, which is reasonable. Would be better ...
Docker on Alpine Linux
Alpine Linux Quick installation See wiki For Alpine Linux > 3.8 Un-comment community repo from /etc/apk/repositories apk add docker rc-update add docker boot ...
3 Open Source Password Managers
Keep your data and accounts safe by using a secure open source password manager to store unique, complex passwords. Maintaining complex, unique passwords for each site and service you use is among the most common pieces of advice that security professionals provide to the public every year. Yet no matter how many times it is said, it seems like a week doesn't ...
using cachefiles on an Linux NFS share
If you often mount and access a remote NFS share on your system, you will probably want to know how to improve NFS file access performance. One possibility is using file caching. In Linux, there is a caching filesystem called FS-Cache which enables file caching for network file systems such as NFS. FS-Cache is built into the Linux kernel 2.6.30 and higher. ...
Starting with 3D Printing
So I finally tried my hand at 3D printing. Obviously I did not buy at 3D printer. These are either quite expensive or you need to assemble them yourself, which I don't think is in my capacity level. To get started, you first need a 3D model to print. There are several 3D models available in Thingieverse, however I actually wanted to make my own model. After all, that is the whole point of 3D printing. Custom made parts/objects that can be printed as needed. To create a 3D model you need some 3D modelling software. For my very first model I opted for TinkerCAD. This is software that runs on the cloud that lets you create your own 3D models. This is particularly interesting because you don't need to install anything on your computer and it would essentially run on anything where a web browser runs. For a web based application, it is quite responsive and feature-full. You can use (like me) a facebook account to sign-in. Models can then be downloaded as an ".stl" file (the format used by 3D printers) or send directly to 3D printing service such as 3D Hubs. 3D Hubs, is an online 3D Printing service which facilitates transactions betwen 3D Printer owners (Hubs) and people who want to make 3D prints. Printer owners can join the platform to offer 3D printing services while customers can locate printer owners to get their 3D models printed nearby. ...
Windows administration from the command line
Windows system administration is very mouse driven and to reach all tools you need to browse through Windows explorer. If you are like me and prefer to log on a limited privilege account and use Runas to perform admin tasks, you can open these consoles with the .msc file names. Here is a list of admin tools with their .msc file names. domain.msc: AD Domains and Trusts ...
Deploying Kerberos based SSO
This article goes over how to implement Single-Sign-On on Linux. It goes over the integration around the Kerberos service and the applications, like for example FireFox. Pre-requisites ...
Let's Encrypt
This is a service that let's you get SSL certificates for HTTPS. These certificates are trusted by major browsers. See Let's Encrypt This is a barebones howto to get SSL certificates: git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt This contains the client software for let's encrypt. ./letsencrypt-auto certonly --manual This will start by updating and getting any needed dependencies and then jump to a wizard like configuration to get this done. Follow the prompts and pay special attention on the prompt used to validate your domain. (You need to create a couple of folders and a file with the right content). Afterwards your certificates will be in: ...
Enable local file caching for NFS share on Linux
In Linux, there is a caching filesystem called FS-Cache which enables file caching for network file systems such as NFS. FS-Cache is built into the Linux kernel 2.6.30 and higher. In order for FS-Cache to operate, it needs cache back-end which provides actual storage for caching. One such cache back-end is cachefiles. Therefore, once you set up cachefiles, it will automatically enable file caching for NFS shares. ...
Using CloudFlare
So I have signed up 0ink.net to use the CloudFlare service. CloudFlare is a reverse proxy service that is supposed to speed up and improve web server security. This is done by: globally distributed reverse proxy cache network ...
Native Kerberos Authentication with SSH
This article is about integrating OpenSSH in a kerberos environment. Allthough OpenSSH can provide passwordless logins (through Public/Private keys), it is not a true SSO set-up. This article makes use of Kerberos TGT service to implement a true SSO configuration for OpenSSH. Pre-requisites First off, you'll need to make sure that the OpenSSH server's Kerberos configuration (in /etc/krb5.conf) is correct and works, and that the server's keytab (typically /etc/krb5.keytab) contains an entry for host/fqdn@REALM (case-sensitive). I won't go into details on how this is done again; instead, I'll refer you to any one of the recent Kerberos-related articles (like this one, this one, or even this one). Just be sure that you can issue a kinit -k host/fqdn@REALM and get back a Kerberos ticket without having specify a password. (This tells you that the keytab is working as expected.) ...
Page 1 / 2
»