OpenBSD 6.0: Simple NAT with pf
Dec 23, 2016
This post is more of a “note to self”, but this is a summary of a simple NAT setup between an “Internal” interface and an “External” interface on our OpenBSD server or router.
Why would we do this? Well we might have an OpenBSD machine acting as a router and so 1 public IP address on our “External” interface which is to be shared between our devices on our “Internal” network.
Salt Master on OpenBSD 6.0
Nov 21, 2016
Let’s get started with SaltStack, but let’s put a twist on it and install our Salt Master on OpenBSD 6.0.
Why OpenBSD? In the world of “Cloud Computing”, more and more data is no longer hosted on-site and on a huge scale. Security is, and should be, the biggest concern. Whilst no OS can mitigate poor code, a good secure OS out of the box helps. Our Salt Master must remain secure at all costs as it will touch on all of our infrastructure.
Oct 17, 2016
Today I have finally unboxed my brand new WASD keyboard with Cherry MX Blue switches.
This is a custom keyboard that I had partially funded by previous employer as a leaving present (aww, cheers guys).
Here’s the layout I chose:
… and this is what arrived… (apologies for the potato quality photos)
Getting started with RacherOS using Docker-Machine
Oct 10, 2016
Sadly, RancherOS is no longer available on Vagrant so dipping your toes in Rancher is a bit less easy. Or is it? The folks are Rancher are suggesting you use Docker-machine, a really nice command line tool for provisioning and managing Docker hosts! If you are used to Vagrant you already have a bit of a head start on getting to grips with Docker Machine.
What’s best is that we are going to do this in the comfort of our own VirtualBox installation.
Mounting EFS outside of AWS
Sep 08, 2016
Why EFS? Well, despite being 3x more expensive than Elastic Block Volumes, EFS is sharable between EC2 instances and it is literally Pay As You Go (PAYG), no over-provisioning in sight.
So for that NAS like experience without the need to buy hardware, EFS would sound like a winning solution. Unfortunately at the time of writing this (September 2016) it is not yet possible to directly mount EFS outside of your Amazon VPC.
Two underrated Bash aliases
Sep 07, 2016
Digital Ocean recently posted an article on must have Bash aliases.
Here are two unfortunate ones that are becoming part of my requirements to use a system.
alias dicker='docker' alias goit='git'
Dokuwiki Farm in a (Docker) Container
Sep 06, 2016
Today I released my Dokuwiki Farm container image on Docker Hub.
It is perhaps a little clunky and experimental, but it is the first image that I have published but it’s a fairly simple solution to hosting Dokuwiki.
It can run in single wiki mode, or it can run as an entire wiki farm with the option of shared logins between farm animals.
The base image For this we are taking the nginx:mainline-alpine image as it is very small and has the basic Nginx setup.
So this happened...
Sep 02, 2016
I may have geeked out my car. #tuxftw!
Setting Up a Ghost Blog with nginx, Certbot and Docker.
Aug 28, 2016
I thought I would write up my experiences with setting up Ghost served over HTTPS as it’s quite a good way of jumping into Docker and using nginx as a reverse proxy to route traffic between Docker applications.
In this tutorial we will use the following applications:
Debian (or other Linux) nginx (Web Server, Reverse Proxy and Load Balancer) Certbot (client for Let’s Encrypt certificates) Docker (containerization software) Docker-Compose (tool for defining multi-container environments, useful for single containers too!
Re-architecting a Global Data Object store
Aug 19, 2016
In a recent project I have had the opportunity to work with MongoDB, admittedly this is the first real attempt to do so in any real capacity.
For this project we created a number of Drupal websites with a centralised Data Object Store, referred to simply as the “GDO” (Global Data Object Store).
The main concept of the GDO is that data objects (in the form of JSON documents) can be stored centrally and accessed by every site/server within the AWS VPC (Virtual Private Cloud).