Monoliths & Microservices

An opinionated overview

Ever since diving into the software development world I was troubled by a duality: On the one hand I have built and operated many services described as monolithic with relative ease, on the other hand I’m always told I, and others, should build microservices because they are better in a variety of ways. With this post I’m going to compare both software architectures by looking at the key benefits often associated with microservices and additional considerations I think are important. [Read More]

Simple git changelog

A simple changelog system on top of git commit messages. The main idea is to generate “release notes” from a diff in commits before a release. It can easily be run manually or as part of a merge/pull CI pipeline. In this case it looks for commit messages starting with one of these [ADD], [REMOVE], [INFO] and just outputs those, but those patters can be adjusted to fit any existing commit schema. [Read More]

Going Part Time

(Re)starting my indie journey

Starting on the first of March 2022 I no longer work full-time in my day job. That sentence has been about a year in the making and makes me both happy and a bit scared about the future. I have been doing some side-hustle and projects since I’ve been 16 building websites with my dad, so you could say it has been a long time coming. Right now I have set myself three mid-term goals to build up something that brings me joy and financial independence. [Read More]

Local S3 with MinIO in Django

In production I would consider it best practice to use a S3 solution for serving assets. Namely static files and user-generated media. This describes my setup on how to do this locally too. The main benefit for me is that there is less of a difference between environments and I can test S3 specific features in my app. Setup I will assume a already working Django project and MacOS with [[brew]] installed, but brew specific parts are easilly replicated on different systems using their native package managers. [Read More]
python  django  s3  minio 

Hidden WSL Fileshare

WSL file systems get exposed as a hidden share network share: \\wsl$\<WSL Name>\<path\to\file>

For example, my Debian home folder is at: \\wsl$\Debian\home\kamner

wsl  windows 

Windows Terminal: Open New WSL Tab In Linux Home Folder

The path you are in when opening a new WSL tab is determined by startingDirectory. This parameter needs to be a valid Windows path, which isn’t great if we want to end up in /home/kamner inside WSL. The nice thing about WSL is that it will resolve windows paths into their equivalent WSL/linux path if possible. For example, C:\Scripts would resolve to /mnt/c/Scripts. Using this and the neat trick that the WSL filesystem is exposed as a a hidden fileshare ([[technology/windows/wsl-hidden-fileshare]]) we can get to where we want. [Read More]

Resolve .local Through Nameserver With Netplan

When using netplan it is easy to force .local DNS requests to go to you nameservers instead of being only resolved locally (the default and standard).

This also works with all other strange .WHATEVER domains you may have lying around in your organization.

Snippet from netplan configuration:

 nameservers:
        addresses:
          - X
          - Y
        search:
          - local
          - myotherstupiddomain

MongoDB Logrotate

MongoDB does not rotate it’s log on it’s own. To get it to ratet we will use logrotate. First, we need to configure some things in mongod.conf to get the desired behaviour when we utilize logrotate. systemLog: destination: file path: /var/log/mongodb/mongod.log logAppend: true logRotate: reopen Afterwards, we can create a logroatet configuration going in /etc/logrotate.d/mongodb. /var/log/mongodb/mongod.log { rotate 5 # Keep the last 5 rotated logs, so 6 files including the currently active size 10M # Rotate once the log reaches 10MB in size, depending on your envrionment you could instead use daily, weekly, monthly, etc missingok # It's ok if the log file does not exist create 0600 mongodb mongodb # Permissions and ownership for the roatetd logs delaycompress # Don't compress on first rotation, so we have the current log and log. [Read More]

Customize Freshervice User Portal

It is possible to customize almost all of the user portal but you better know what you are doing. Otherwise you may end up like me, spending way more time than you ever should on customizing this damn portal. Let’s hope this one helps you, otherwise feel free to reach out to me on Twitter. Page Header Place a variation of the below at Admin > General Settings > Helpdesk Rebranding > Requester Portal Branding > Customize Portal > Layout And Pages > Portal Pages > General Pages > Portal Home [Read More]

DNS Resolution Everywhere

Usually at leas one of those is present on any system dig nslookup host But sometimes the usual suspects don’t work, especially in container-land. After trying them you may try some more involved/unknown things: getent Part of glibc, this will probably work on nearly every system. getent hosts example.org Or, if you specifically want to query A or AAAA records. getent ahostsv4 example.org getent ahostsv6 example.org Using Python2 Or Python3 Given this depends on glibc it is more of a alternative than another real solution [Read More]

Publish Parts Of Obsidian To My Personal Site

The idea at the start was simple. Do something like Obsidian Publish , so read frontmatter and if it contains published: True put it up on a website to view. Info I have since rewritten and updated this tool: New version The Basics I started with taking a look at different static site generators but after a bit of testing I ended up back at Hugo, which I already use for ps1. [Read More]

curl: Modify DNS Resolution

You can intercept normal name resolution in curl with the --resolve parameter allowing you to do things like talk to a specific site of a DNS load-balanced setup or talk to a new deployment not yet made productive. You can specify the resolve option multiple times so you can even catch redirects and move them to where you want as well. It’s important to note that this intercept does only work on the ports you specify in the entries. [Read More]

How SELinux screws with scripts when run over VMware Tools

SELinux by default prohibits certain things from working through VMware tools (Ansible connection or plain API).

This can be solved two ways:

  • Disabling SELinux: BAD, but easy
  • Writing a custom SELinux policy: complicated but more secure

Note: Adding/Changing this policy through a VMware tools connection is thankfully possible

Example policy

This policy is the base for a VMware tools policy and allows entering the rpm context (yum).

module custom-vmtools 1.0;

require {
        type rpm_script_t;
        type vmtools_unconfined_t;
        class process transition;
}

#============= vmtools_unconfined_t ==============

allow vmtools_unconfined_t rpm_script_t:process transition

Replace Line In YAML While Keeping Indentation Using Ansible

In theory Ansible should be declarative and have full control over the systems we touch with it. In practice, this is unfortunately not always the case. With this nifty task we can replace the value of a key (given as yaml_key) to a new value (given as new_value) while preserving it’s indentation. - name: Replace values in YAML file while keeping their indentation lineinfile: backup: true backrefs: true state: present path: foo. [Read More]