Blog

Cowsay is one of those packages you just end up installing randomly on just about any client over time.

And if your using ansible you may be in for a little surprise:

Read more…

Django’s CSRF protection is usually a great thing, but when building (API) endpoints meant to be accessed by scripts/third parties it gets in the way of that.

This is how to disable it:

For a class based view

from django.utils.decorators import method_decorator
from django.views.decorators.csrf import csrf_exempt

@method_decorator(csrf_exempt, name='dispatch')
class MyView(View):
    pass

For a function based view

from django.views.decorators.csrf import csrf_exempt

@csrf_exempt
def my_view(request):
    pass

I write an extensive personal knowledge base using markdown, code-server and a variety of other tools. Originally, in 2021, I wanted to have something like Obsidian Publish but self-hosted, so I created it.

Over time my knowledge base evolved more into a second brain, tracking not only my technical notes and journal, but also things like recipes and hikes. With this my publishing pipeline, and the script at it’s core, extended in a multitude of ways.

Read more…

In this post I share my process for building the MVP for PodHistory, from idea to launched product and what my next steps will be.

Read more…

Since early 2019 the sprig library used by helm provides a concat function that does exactly this.

Read more…

This is a guide to a simple self organization/task management system I built for myself over the years.

From time to time I showed it to someone and they got some benefits from it, most adapted it to better fit their needs down the line, which is exactly what you should do with any kind of personal task management in my opinion.

Read more…

Go check out their website, it’s incredibly good at explaining itself.

To me, a backend heavy developer, HTMX is the frontend framework I like to use because:

• It does not feel like a JavaScript framework at all, but more like an extension of the HTTP/HTML model
• It allows me to write interfaces that feel responsive and modern to users while still doing all the heavy lifting in my backend with the tools I’m used to
• It works with my mental model, which is heavily based on the request-response cycle

When building a Python script that is long running or has to manage some state on termination it is helpful to handle a couple of signals:

• SIGINT: The signal sent when pressing Ctrl+C
• SIGTERM and SIGQUIT: Meant to terminate the process, sent by kill and process managers like systemd or supervisord

Handling them is possible with Pythons signals library:

import signals

class SignalHandler:
    stop = False

    def __init__(self):
        # Ctrl+C
        signal.signal(signal.SIGINT, self.exit_gracefully)

        # Supervisor/process manager signals
        signal.signal(signal.SIGTERM, self.exit_gracefully)
        signal.signal(signal.SIGQUIT, self.exit_gracefully)

    def exit_gracefully(self, *args):
        self.stop = True

Example 1: Simple loop

The simplest example is using the SignalHandler as the condition on the loop and have code to stop gracefully below the loop.

Read more…

Sometimes you have to do a specific task and you are fully capable of doing it manually, however those tasks are also great to flex your muscles and hack something together.

They can be an excellent tool to sharpen your skills with the tools you use regularly, and improve your quick prototyping skills.

In addition, with a couple of iterations, again sharpening an important skill, you could afterwards create a more general purpose tool from a hacky script.

Read more…

Since I spend more than 8 hours here most days I created a nice setup for myself. Thankfully I have a whole room just for my home office, so I take full advantage of that.

Besides my main desk I have a secondary desk, a couch, a couple of sideboards, a wall mounted whiteboard and a couple of shelves to display all the techy and nerdy things.

Main desk

My main desk is a custom build based on a FlexiSpot height adjustable electric frame. The tabletop is a 180x80x2.5cm pressed wood panel in a dark gray concrete look.

Read more…

Think before you enable this, it could be a security risk

• Shutdown Mac
• Press and hold the power button until the Recovery Mode menu appears
• Select Options, then click Continue
• From the Utilities menu select Startup Security Utility
• Select your startup disk and click Security Policy
  • Choose Reduced Security
  • Check the option Allow user management of kernel extensions from identified developers

Read more…

Given the recent rise in text-based language models, sometimes called AI tools, I wanted to share my thoughts and experiences in using them, especially in the context of blogging.

Read more…

These days I enjoy hiking quite a lot. To make it easier to just “pick up the pack and go” I created two basic packs that are optimized for my needs and the environment I’m usually hiking in, the Swabian Alps.

Basics

I have some basics I duplicated and carry in both my packs, these are:

• Pen & paper
• Multitool
• Mini first aid kit in a ziploc bag
  • Paracetamol
  • Band aids
  • Gel sanitizer
• Foam pad
• Waterproof poncho
• A bit of cash, usually around 20-30€ these days
• A piece of paper with my and my emergency contacts information
• Fisherman’s Friend for a fresh feeling and honestly because my parents had them when we were hiking

Prepared packs

Small pack

I’m currently using a Terra Peak Flex 20l in red for my smaller backpack. It’s a nice size for shorter hikes and fits me well.

Read more…

Now that we have talked about the benefits of running your own server and how to run your own server let’s take a look at some things you could run on your own personal server and some things you should better not.

Read more…

There are many ways to run your own server, from setting up a Raspberry Pi on your desk to renting a physical server at a provider.

In this post, we will focus on setting up a virtual server with DigitalOcean, which is one of the easiest ways to get started.

Read more…

In the world of technology, we are moving further and further away from operating directly on servers, but there are still significant benefits to be gained from running a personal server.

I have been running some kind of personal server for many years now and I strongly believe anyone working in technology can benefit greatly from doing so. Here’s why:

Read more…

In this post I will go over the MVP building phase of Honeypot Login, from idea to launched product and what my next steps will be.

Read more…

The 1Password CLI op works either in connection with a client app, like on the Mac, or standalone, useful on a server.

# Login
eval $(op signin)

# Get favorites
op item list --vault "Private" --favorite

# Get a specific item
op item get <ID>

# !! Important: Sign out at the end
op signout

Some helper functions

Helpers to more easily work with the op cli.

1login() {
    eval $(op signin)
}

alias 1signout="op signout"

1search() {
    term=$1
    if [ -n "$2" ]
    then
      vault="$2"
    else
      vault="Private"
    fi
    echo "Searching for '$term' in vaut '$vault'"
    op item list --vault "$vault" --long | grep "$term" --ignore-case
}

1get() {
    op item get $*
}

Things I do to be a good code reviewee.

Read more…

Setting up a new repository for YAML linting today I was running in a bit of an issue with yamllint.

I was using a YAML list to specify ingores, as mentioned in the documentation:

ignore:
  - "*.dont-lint-me.yaml"
  - "/bin/"
  - "!/bin/*.lint-me-anyway.yaml"

This however did not work with the above mentioned error message. After a lot of debugging I found that they released a new version recently which introduced this feature.

My solution was to update my locally build container image to the latest version, as of writing 1.29.0, in which this feature is introduced.

Read more…

This is somewhere between a rant about the app and backing services no longer working, a collection of information I could find out about it and a possible search-result for others facing the same issues and not really finding anything online just like me.

Update: March 2023

The company seems to no longer exist.

I have switched to the eufy smart scales, which are made by Anker, a reputable manufacturer.

Read more…

A simple Python client to interact with ArgoCD.

Read more…

The problem

If you use ssh-agent with an encrypted ssh key it does not persist when you open a new terminal window.

The solution

Use keychain instead.

1. Install

   sudo apt install keychain
   

2. Add to your shells rc file, eg. .bashrc or .zshrc

   # Repeat this line for all keys you want to unlock and use this way
   /usr/bin/keychain -q --nogui $HOME/.ssh/id_rsa
   source $HOME/.keychain/wsl-sh
   

3. Unlock your keys on shell startup and enjoy

Tools I use and recommend.

• carrd.co

  Extremely simple and affordable website publishing, I use it for landing pages and quick MVPs

• DigitalOcean

  My first choice for personal servers and simple MVP deployments with their App Platform

• GitLab.com

  My go-to git-server and allrounder CI/CD, both on premise in the enterprise and in the cloud for my own projects

• PythonAnywhere

  They provide a great service, best described as a PHP-webspace, but for Python

  Read more…

Running any kind of personal infrastructure sometimes requires your attention based on certain events or failure states, no matter how much you automate tasks.

Over the years I have used E-Mail, Telegram bots and a variety of other tools for this purpose. However all of them have the drawback that they mix with other kinds of information and are not easilly usable in scripts.

Read more…

Read more…

Sometimes you may want to commit only the files you have changed and not any newly created files, this can easily be achieved by this command: git commit -a

Read more…

This is a list of interesting blog posts, talks and such things that I found over the years.

Some of them may teach you something relevant, some may just further your general understanding of tech. From personal experience they can lead you down the rabbit hole really fast, enjoy with care!

Talks

• Why web tech is like this by Steve Sanderson
• Learning from Disaster by Ian Hughes
• Failure is Always an Option by Dylan Beattie
• Architecture: The Stuff That’s Hard to Change by Dylan Beattie
• Computational Creativity by Dylan Beattie
• How I built Rockstar: Parsing esoteric languages with .NET by Dylan Beattie
• Fractals, Factories and Fast Food by Dylan Beattie
• The cost of code by Dylan Beattie
• The Art of Code by Dylan Beattie
• The Web That Never Was by Dylan Beattie
• The (Fictional) Day Google Forgot To Check Passwords by Tom Scott
• The Basics (Playlist) by Tom Scott

Blog posts

• How to make static site publishing easier by Luke Harris
• Django Views - The Right Way by Luke Plant
• The yaml document from hell by Ruud van Asseldonk
• Command-line Tools can be 235x Faster than your Hadoop Cluster by Adam Drake
• A failed attempt at monetizing technical writing by Luc van Donkersgoed
• SRE: A Day In The Life, Over The Years by By Anthony Sandoval of Reddit Engineering
• You Broke Reddit: The Pi-Day Outage by Jayme Howard of Reddit Engineering
• Kubernetes Deployment Antipatterns – part 1 by Kostis Kapelonis
• How to Model Your Gitops Environments and Promote Releases between Them by Kostis Kapelonis
• Programming Sucks by Peter Welch
• Stack Overflow: How We Do App Caching - 2019 Edition by Nick Craver

Guides & Books

• Django Views - The Right Way by Luke Plant

Other things

• Development Standards by Luke Plant
• The Password Game by Neal Agarwal
• The case of the 500-mile email by Trey Harris

Incidents happen, and we can and should always learn from them, to be better prepared for the next time things go wrong.

A great tool to do that is the post-mortem, it is a process designed to recap the incident, learn from mistakes and improve the system as a result.

Read more…

This is my checklist for publishing a new post on my blog:

Preparation

• Finalize the posts name and sluggify it
• Pick a image if fitting
• Create a new post with hugo new content/posts/<slug of post>.md
• Move the draft from my current writing tool to this new file
• Fill in the generated front matter template
• If the post is ~1.000+ words enable the TOC
• Run spell-check in VSCode and fix things

Proofing

• Run local hugo server hugo server -bind=0.0.0.0
• Wait at least an hour
• Open the locally served page on the iPad, grab a cup of tea and read it
• Make last changes and typo fixes as needed
• Place a `

Read more…

Export a CSV formatted report of projects in user-namespace on a GitLab instance.

This is especially useful if you think about limiting or disabling this feature.

Read more…

Ever since diving into the software development world I was troubled by a duality:

On the one hand I have built and operated many services described as monolithic with relative ease, on the other hand I’m always told I, and others, should build microservices because they are better in a variety of ways.

With this post I’m going to compare both software architectures by looking at the key benefits often associated with microservices and additional considerations I think are important.

Read more…

A simple changelog system on top of git commit messages.

The main idea is to generate “release notes” from a diff in commits before a release. It can easily be run manually or as part of a merge/pull CI pipeline.

In this case it looks for commit messages starting with one of these [ADD], [REMOVE], [INFO] and just outputs those, but those patters can be adjusted to fit any existing commit schema.

Read more…

The other day I was playing around in WSL with a colleague of mine and we did this:

Read more…

The problem: Docker itself can’t be run in WSL2 as it requires the docker daemon, usually run though systemd.

The solution: Podman works just fine and can easily be installed, although we will need to configure some things to make it work properly.

Read more…

Starting on the first of March 2022 I no longer work full-time in my day job.

That sentence has been about a year in the making and makes me both happy and a bit scared about the future.

Read more…

Using some output redirection and the --write-out parameter we can produce a script that simply outputs the status code of a curl request.

Read more…

When adding yamllint to an existing project it can be hard to fix all the errors at once.

I wrote a simple script to create a rules block that simply ignores all rules that currently trigger for a file. This works by generating a rules block ignoring paths.

Read more…

Older Versions of Windows 10 and all Windows Server 2012 systems have no local user management commandlets.

This is a working polyfill to allow scripts using local user management to run on old systems.

Source code

PSGallery package

In production I would consider it best practice to use a S3 solution for serving assets. Namely static files and user-generated media.

This describes my setup on how to do this locally too.

The main benefit for me is that there is less of a difference between environments and I can test S3 specific features in my app.

Setup

I will assume a already working Django project and MacOS with [[brew]] installed, but brew specific parts are easilly replicated on different systems using their native package managers.

Read more…

The path you are in when opening a new WSL tab is determined by startingDirectory. This parameter needs to be a valid Windows path, which isn’t great if we want to end up in /home/kamner inside WSL.

The nice thing about WSL is that it will resolve windows paths into their equivalent WSL/linux path if possible.

For example, C:\Scripts would resolve to /mnt/c/Scripts.

Using this and the neat trick that the WSL filesystem is exposed as a a hidden fileshare ([[technology/windows/wsl-hidden-fileshare]]) we can get to where we want.

Read more…

WSL file systems get exposed as a hidden share network share: \\wsl$\<WSL Name>\<path\to\file>

For example, my Debian home folder is at: \\wsl$\Debian\home\kamner

When using netplan it is easy to force .local DNS requests to go to you nameservers instead of being only resolved locally (the default and standard).

This also works with all other strange .WHATEVER domains you may have lying around in your organization.

Snippet from netplan configuration:

 nameservers:
        addresses:
          - X
          - Y
        search:
          - local
          - myotherstupiddomain

MongoDB does not rotate it’s log on it’s own.

To get it to ratet we will use logrotate.

First, we need to configure some things in mongod.conf to get the desired behaviour when we utilize logrotate.

systemLog:
 destination: file
 path: /var/log/mongodb/mongod.log
 logAppend: true
 logRotate: reopen

Afterwards, we can create a logroatet configuration going in /etc/logrotate.d/mongodb.

/var/log/mongodb/mongod.log
{
 rotate 5 # Keep the last 5 rotated logs, so 6 files including the currently active
 size 10M # Rotate once the log reaches 10MB in size, depending on your envrionment you could instead use daily, weekly, monthly, etc
 missingok # It's ok if the log file does not exist
 create 0600 mongodb mongodb # Permissions and ownership for the roatetd logs
 delaycompress # Don't compress on first rotation, so we have the current log and log.1 uncompressed
 compress  # Compress everything else
 sharedscripts # Run this script only once and not for every matching file
 postrotate # Script to run after rotating
 /bin/kill -SIGUSR1 $(systemctl show --property MainPID --value mongod.service)
 endscript # End of script
}

The postrotate script simply finds the PID of mongod.service: systemctl show --property MainPID --value mongod.service and sends it a SIGUSR1 which is the signal MongoDB expects if you wish to rotate the log.

Read more…

Debian/Ubuntu

grep -vH "#" /var/spool/cron/crontabs/*

RedHat/Centos/Rocky

grep -vH "#" /var/spool/cron/*

Usually at least one of those is present on any system

• dig
• nslookup
• host

But sometimes the usual suspects don’t work, especially in container-land. After trying them you may try some more involved/unknown things:

getent

Part of glibc, this will probably work on nearly every system.

getent hosts example.org

Or, if you specifically want to query A or AAAA records.

getent ahostsv4 example.org
getent ahostsv6 example.org

Using Python2 Or Python3

Given this depends on glibc it is more of a alternative then another real solution.

Read more…

It is possible to customize almost all of the user portal but you better know what you are doing. Otherwise you may end up like me, spending way more time than you ever should on customizing this damn portal.

Let’s hope this one helps you, otherwise feel free to reach out to me on Twitter.

Page Header

Place a variation of the below at Admin > General Settings > Helpdesk Rebranding > Requester Portal Branding > Customize Portal > Layout And Pages > Portal Pages > General Pages > Portal Home

Read more…

The idea at the start was simple. Do something like Obsidian Publish , so read frontmatter and if it contains published: True put it up on a website to view.

The Basics

I started with taking a look at different static site generators but after a bit of testing I ended up back at Hugo, which I already use for ps1.guru and a few other projects.

Read more…

The idea at the start was simple. Do something like Obsidian Publish , so read frontmatter and if it contains published: True put it up on a website to view.

Read more…