Came across Caddy (v2) recently and took the time to take a peek at what it can really do for me. After gawking at its landing page posters for awhile, I've come up with several use cases I want to put Caddy through to see if it really is the haproxy/nginx/traefik app killer that I've been looking for.
In short, I've been using Tailscale, but it drains my battery when I leave it enabled on my phone but I need access to my network for nightly backups. VMWare Workstation 17 (on Windows 11) has a pretty bad UX for networking. That said, its the lesser of problematic hypervisors, so its my poison of choice. Recently I had a requirement to make the networking behave more deterministically.
test
Due to the metric driven corporations like Microsoft, Google, and Apple, two-factor authentication has become a sort of an infection. While most of the 1st world's population will benefit by the increased security of 2FA, it remains a fact that there are a significant number of folks that will be left behind due to the fact that they don't have smart phones or access to smart phones at the point of authentication.
Recently resolved a long standing issue with my k3s implementation that was causing many DNS issues within my setup whenever the system restarted (usually due to automatically nightly patching). It was all due to the way that k3s cleverly injects "host names" into the K8s controller node's coredns service. This could be nice if it wasn't a namespace conflict where it was injecting k8s and k8s.vinnie.work.
When things go wrong in Kubernetes, things can go really wrong and there isn't much documentation on how to inspect the system out of band of what a working kubectl can deliver. This can be maddening. This article covers some of what is going on under the hood of Kubernetes and Containerization so that you have some more tools in your collection for inspecting Kubernetes issues from within kubectl and out-of-band of Kubernetes.
So my Docker image and container collection has grow over the past years and I see no sign of it stopping. From adding random services for integrations to multi container services for development, staging, and deployment, to throw away containers, to scheduled task automation .... its time that I start to consider setting up my own Platform as a Service (PaaS).
This is my overview of kubernetes. There are many like it, but this one is mine.
Back in 2020 when I first started looking into building a mobile application I wanted to do things "smart" by architect-ing the backend system on Kubernetes. After all, kubernetes was the hot new thing that all the cloud services were supporting. I think I went about it all wrong at the time. I took a very top down approach (which I very often do) jumped right into some cloud infrastructure on GKE and just started poking around with kubectl and the various GUIs. Turns out this doesn't work in Kubernetes land without some solid base knowledge. I had no context, no terminology. To make matters worse, I watched a few how-to videos on youtube that went kind of like: "kubectl this, kubectl that, and viola! You have a working infrastructure." In reality "Kubernetes is not making my job easier! Kubernetes is just creating another career's worth of complexity in my application." At the time I settled for docker-compose instead.
Now I've returned to Kubernetes in pursuit for a flexible home/DIY Platform As A Service (PaaS).
I've recently been beefing up my security posture by added very secure and randomly generated passwords to all systems that I have console access too. This in turn has created a new issue where I need to copy/paste that password whenever I sudo.
Turns out there is a solution to this problem that has been around since at least 2013. I'm talking about the ability to use SSH keys to authenticate sudo commands so you don't have to constantly unlock the secure password from the password vault and you don't need to submit to NOPASSWD: in /etc/sudoers.
Its a new year and always a good time to have intentions on new behaviors. While I didn't intend on this being a new years resolution, I've recently decided that I want to start maintaining a personal password manager. I've been against this in the past because if I neglect the service, it could be hacked, I could lose it, or any number of other bad things that would make my life a lot harder than before I had the manager. Therefore, I've defined some ground rules to ease my paranoia while still increasing my security posture across all of my projects.
Suppose you have a new software product that has a lot of value to an end-user, but the variability of the product would prevent you from delivering a full solution to end users simply because of the lead time required to develop a GUI with reasonable UX. What to do?
In my opinion, the conventional wisdom is to apply agile methodologies and develop only the options the user needs now. Naturally this is what I want to do, but its also my belief that the user should be able to tweak and experiment with the code base (as I do) to get the greatest value in the shortest amount of time.