Blog Security Review

I have spent the last few afternoons down in a security rabbit hole that started with a certain someone complaining that my blog was reported as unsecure because it did not support HTTPS. As this rabbit hole is quite deep, I invite you to ensuring you have a cool beverage or hot cup of coffee close at hand if you decide to continue reading…

Read More

Raspberry Pi computers

On Wednesday February 29th 2012 Modern Family aired the “Leap Day” episode, which I loved because Phil was so excited that he had an extra day he took it off to spend with this family. Mr Eben Upton also took full advantage of the extra day and released the Raspberry Pi model B credit card size computer that cost 27.7€. The origin story I remember hearing at the time was that Eben and a friend were drinking a beer at a pub lamenting about the knowledge level of the computer science majors at a university where one of them taught. They remembered how they had been baptized with some government subsidized computer in the early 80’s that introduced them to programming and hacking (using this term in a good way to mean really playing with and understanding how things work) but the new students knew a little HTLM and thought they knew everything. So they thought what if we turn More’s Law on its head and instead of doubling the capacity, pack everything that was possible into a computer for a price point of of $20. With a computer for $20 anyone could hack away without too much fear of breaking something, and it would be possible to equip whole computer labs for the price of one regular computer.

So on that particular extra day back in 2012 I did not take it off, but I did spend hours in a virtual line trying to buy my first Raspberry Pi.

Read More

Grafana Monitoring

Grafana monitoring and more importantly alerting!

So the first docker containers I fired up on my new Raspbery Pi 4 with 8 GB of RAM when I received it back in July of 2022 were Telegraf, Influx, and Grafana to monitor the new little doggy. And I got a really pretty dashboard working and then kinda forgot about it:

Until this week when I realized that I had a process pegged at 100% since way back in december:

t be good

So the first thing to do was to figure out what was pegging the CPU which turned out to be a nightly log rotation that went bad. Unfortunately can’t put too many details because I did not take any notes while investigating and solving, only can comment that it had created thousands of files and every time it tried to run hung. Trying to clean up the files was really fun as doing an rm with a wildcard even gave me and error that there were too many files. Google to the rescue and I got that under control but realized that having a really pretty dashboard did nothing if I did not setup up alerting when things were abnormal.

Read More

A new word of the day

This morning listening to Today Explained hosted by the amazing Sean Rameswaram I learned a new word! Not any word, but the Merriam-Webster word of year for 2022: gaslighting. This is a true indicator that I really don’t follow regular American news feeds as it appears that this word was reintroduced back in 2016 in a teen vogue article and has been gaining utilization year after year since, and this year was the most searched word on Merriam-Webster’s site.

Read More

Wireguard

A “Personal Virtual Private Network” (PVPN)

I don’t quite remember if it was the first time I had configured a VPN terminator (probably had already done some PPTP work) but I distinctly remember my first brush with IPSec. It must have been around 1998 or 1999. Can’t remember the manufacture for sure, but suspect it was Cisco. That was when real paper manuals were included, and boy was that a case where RTFM was required. And the reason I remember this, is because how incredibly confusing, prone to misconfiguration, and all around not really fun it was. Fast forward to a weekend in early july 2022 when I discovered Wireguard a completely new take on VPNs that make it simple and lightening fast.

Read More

Blog Analytics

Let’s get some metrics!

So before even publishing my new hexo blog on the real internet I thought that a first requirement was to get some analytics in place so I can see utilization. I figure and suspect that the whole injecting javascript and calling home tends to freak people out and is probably pretty prone to a cat a mouse game of evasion (therefore more ops time to keep it working) therefore I have opted for log analytics. I will achieve this using a docker “on-premise” instance of Matomo (formally Piwik).

Read More