Sebastiaan van Stijn thaJeztah

the grand idea

I like public key auth. I feel safer using them instead of a username and password login. But, I might not have my private key with me at a time where I need access.

I started using yubikey with LastPass and since I have it always on my keychain, I decided to find more ways to make use of it.

I wasn't originally aware, but if you pass a private key to ssh and sshd is configured to accept a key, it appears pam isn't used. Your authorized keys are checked and you are logged in. If you don't pass a private key, ssh falls back to the more standard un*x style login found in /etc/pam.d/sshd. This is where we'll add the yubikey pam. I am currently unaware of a way to use both public key auth and yubikey for login.

These steps worked for me on debian squeeze/wheezy.

more info at the yubico-pam github repo

Every so often I have to restore my gpg keys and I'm never sure how best to do it. So, I've spent some time playing around with the various ways to export/import (backup/restore) keys.

Method 1

Backup the public and secret keyrings and trust database

cp ~/.gnupg/pubring.gpg /path/to/backups/
cp ~/.gnupg/secring.gpg /path/to/backups/
cp ~/.gnupg/trustdb.gpg /path/to/backups/

or, instead of backing up trustdb...

3 x Cluster on AWS

manager1
worker1
worker2

Docker-machine commands

Use docker-machine to lay down 3 x hosts on AWS using docker-engine 1.12

docker-machine create --driver amazonec2  --amazonec2-private-address-only --engine-install-url https://test.docker.com/ levenson-docker-swarm-manager1 
docker-machine create --driver amazonec2  --amazonec2-private-address-only --engine-install-url https://test.docker.com/ levenson-docker-swarm-worker1

Description

This simple script will take a picture of a whiteboard and use parts of the ImageMagick library with sane defaults to clean it up tremendously.

The script is here:

#!/bin/bash
convert "$1" -morphology Convolve DoG:15,100,0 -negate -normalize -blur 0x1 -channel RBG -level 60%,91%,0.1 "$2"

Results

Proof of concept setup for Wordpress running under PHP-FPM with an Nginx frontend

Usage

Build a copy of this image:

git clone git://github.com/d9206eacb5a0ff5d6be0.git docker-nginx-fpm
cd docker-nginx-fpm
docker build -t nginx-fpm .

Setup LibreOffice Online (Log/Guide) [WIP]

About

This guide/log is based off my experience attempting to build and install LibreOffice Online and it's dependencies on my system.

The end goal is to get LibreOffice Online integrated with Karoshi Server.

LibreOffice Online is still in development (17/06/16).

Launch a one-off git server from any local repository.

I [tweeted this already][1] but I thought it could use some expansion:

Enable decentralized git workflow: git config alias.serve "daemon --verbose --export-all --base-path=.git --reuseaddr --strict-paths .git/"

Say you use a git workflow that involves working with a core "official" repository that you pull and push your changes from and into. I'm sure many companies do this, as do many users of git hosting services like Github.

Say that server, or Github, goes down for a bit.

Docker Swarm with Macvlan, Consul and Autoscaling

TL;DR:

This will get you routable containers with IPs on your existing subnets, advertising to Consul. They will also be scalable and placed across a cluster of Swarm hosts. It's assumed that you are already running Consul, so if not, there are a ton of tutorials out there. It's also assumed you know how to install Docker and various Linux kernels.

Bonus: We add an autoscaling API called Orbiter (https://gianarb.it/blog/orbiter-the-swarm-autoscaler-moves).

I just want to run containers, like now, on my existing infrastructure and networks!

So you have an existing environment. You use Consul for service discovery. Life is good. Containers are now a thing and you want to work them in without having to worry about overlay networking or reverse proxies. You also don't want to add extra latency (as some naysayers could use it as fuel to kill your hopes and dreams). Lastly, you don't have a lot of time to invest in a complex orchestration tool, such a

	<?php

	namespace JesusGoku;

	/**
	* NamesGenerator
	*
	* Port of NameGenerator use for Docker
	*
	* @author Jesús Urrutia <[email protected]>

	#!/bin/bash
	set -e

	function handle_event() {
	local entry="$1"
	local action=$(echo $entry \| jq -r '.action')
	local service=$(echo $entry \| jq -r '.service')
	local hook="./hooks/$service/$action"
	if [ -x "$hook" ]; then
	"$hook" "$entry"