Not today...

Filed under admin...

comments

Snippet

Install custom certificate with mkcert

Following my previous post about generating a custom root certificate and a PKI. I will share today a small snippet to install your self made certificate on your laptop (or fleet) to be used by the system or the browsers. It works on OSX, Linux and Windows by using a nice hidden feature of mkcert. Following the documentation, we can see that we can install a certificate from a custom location. Read More...

Tagged bash , admin

comments

Snippet

KVM with Docker bridge

This post will explain how to use the docker bridge as a KVM bridge. In this post I will use the Qemu command line to manage my VMs. There is a lot of ways to connect a VM to the internet. The most common one is via network address translation (NAT). This method has a few down side, the main one being that you need to explicitely configure port forwarding for your VM services to be reachable from the host. Read More...

Tagged admin , cli

comments

Snippet

Socat, Telnet and Unix sockets

Once in a while I use telnet, mostly to check if a port is open (the infamous telnet localhost 22) and sometimes to send a random http request. However, telnet has a few caveats which are: not able to read from stdin not able to deal with https not able to handle unix sockets Those limitations are pushing me towards the use of the socat utility. Here I will show a few situations in which I am now using socat. Read More...

Tagged cli , admin , bash

comments

Snippet

The wild kubectl logs issue

A quick post to present one of my finding during my Kubernetes journey. It may help people since it took me some time to find this out. I am currently using Kubernetes a lot for my job. I am part of the infrastructure team and need to debug some setups. I am using kubectl logs extensively and I found a few interesting options I’d like to share. Most of the time you will have multiple containers handling requests and you want to see what is happening in all of them. Read More...

Tagged kubernetes , admin , cli

comments

Tuto

Wireguard on a Linux Alpine with Docker

For most of my infrastructure, I am now using Alpine Linux. I like it because it only has a small number of moving parts. It’s easy to know and master them, it is making my life easier :). So, I decided to install one on my VPS. Like my distro I wanted it to be simple and small. For all those reasons I went for Wireguard. The fact that it is the new cool kid, may also have helped. Read More...

Tagged alpine , admin

comments

Tuto

Gopass

A pretty good security advice would be to never write down a password unencrypted on disk. This can be pretty tricky to achieve, especially on personal and development environments. So let me introduce gopass which is a tool aiming to help with this problem. First of all, let me say it right away, the CLI interface is not that good. Took me a lot of time to set things properly as options may be cryptic and behavior is not obvious as first sight. Read More...

Tagged admin , cli

comments

OS

Alpine on a Raspberry (part 2)

I had to buy a new raspberry (the old one did not survive :p), a version 3 A+. Now, I will go over again the installation process. Since I encountered a few new problems. Setup SD Card This is exactly the same as the previous version. So I let you check out the other article. First boot and in-memory setup Here a few changes, using a version 3A+ requires to setup the wifi. Read More...

Tagged admin

comments

OS

Alpine on a Raspberry

Lately, I decided to re-install my old Raspberry Pi (version 1, yes I’m that old) to create a small home server. Since I am using Alpine and liking it quite a lot, I wanted to install it on my new little toy project. I followed documentations and tutorials ( here and here) and finally succeeded. I am now writing it down so I remember what has been achieved. Setup SD Card This one was quite tricky because if anything is not exactly what is expected your raspberry will never boot! Read More...

Tagged admin

comments

Snippet

Simple HTTPs server

Sometimes we need to create a simple server saying hello through https. Here is a simple snippet to achieve this in a shell. # first we generate a self signed certificate for domain foo openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \ -out foo.crt -keyout foo.key -subj "/CN=foo.com" # then we start a server using socat sudo socat "ssl-l:443,cert=foo.crt,key=foo.key,verify=0,fork,reuseaddr" \ SYSTEM:"echo HTTP/1.0 200; echo Content-Type\: text/plain; echo; echo Hello World\! Read More...

Tagged cli , admin

comments

os

Start libvirt VM as unprivileged user

Quick post for starting a VM inside libvirt as a non-root user. Also contains some useful snippets. I want to start an alpine virt iso (from here) inside kvm through libvirt. But I am sick to run all my virsh commands prefixed with sudo. DISCLAIMER: This will contain some of my conclusions with my partial understanding of those tools. I am quite sure that all of this can be improved, but I don’t have time to invest on this for the moment. Read More...

Tagged admin , bash