tech stuff.

Debugging regex from the CLI

leave a comment »

Just stumbled across this obvious solution from the why didn’t I realize this earlier? department. GNU grep makes an great regex debugger!

Read the rest of this entry »

Written by Lee Verberne

2017/02/21 at 12:43

Posted in Uncategorized

Alpine Linux doesn’t work with KubeDNS. Sad.

leave a comment »

I was really getting into building docker images from Alpine Linux. I like its philosophy and general 5MB-ness. I discovered tonight, however, that its libc resolver has some significant differences from that of GNU libc. Most notably, the resolver queries all nameservers in parallel and doesn’t support a search path.

I don’t care that much about the search path for these images. Querying the nameservers in parallel sounds great, but unfortunately Kubernetes’ KubeDNS configures a resolv.conf that expects in-order querying. Only the first nameserver will respond with cluster local records.

Oh well, guess I’ll switch everything back over to debian…

Written by Lee Verberne

2015/08/26 at 21:27

Posted in Containers

Tagged with ,

Hardening SSH

leave a comment »

Here’s an interesting article on Secure Secure Shell.

Written by Lee Verberne

2015/01/06 at 21:50

Posted in Internet

Tagged with

Backup to Google Cloud Storage using duplicity 0.6.22

with 2 comments

My patch to add support to duplicity  for Google Cloud Storage was merged and released with duplicity version 0.6.22.  Now backing up to GCS is as easy as backing up to S3.  Here are the steps:

  1. Install duplicity >= 0.6.22.
  2. Enable Interoperable Access in the Cloud Storage Dashboard.
  3. Generate Interoperable Storage Access Keys in the Cloud Storage Dashboard.
  4. Create your bucket:
    $ gsutil mb -c DRA gs://BUCKETNAME

    The -c DRA flag enables Durable Reduced Availability for this bucket, which makes sense for backups.

  5. Run gsutil config -a to generate a ~/.boto configuration file with your key info.  Alternatively (or if you don’t use gsutil) you can set the GS_ACCESS_KEY_ID and GS_SECRET_ACCESS_KEY environment variables.
  6. Backup using a gs:// URL.  For example:
    $ duplicity --full-if-older-than 1M --exclude /home/user/.cache \
        /home/user gs://BUCKETNAME/backups/user

Written by Lee Verberne

2013/08/29 at 22:42

Posted in Internet

Tagged with , , ,

OSError with duplicity 0.6.19 on OpenBSD and OS X

leave a comment »

Sometime around duplicity 0.6.15 (ish) I started running into OSError exceptions that I just didn’t have time to track down. I’ve finally made time, though, and it wasn’t too hard to track down the culprit. I didn’t realize it at the time, but this only affects non-privileged users running duplicity. tl;dr choose a different TMPDIR.

Read the rest of this entry »

Written by Lee Verberne

2012/11/21 at 12:17

Posted in BSD, OS X

Tagged with , , ,

Updated OpenBSD softraid install page

leave a comment »

With their 5.1 release, OpenBSD has added support for placing the root filesystem on a softraid(4) device for the i386 and amd64 architectures.  Additionally, the amd64 port supports booting the system from a kernel on the softraid device.

Previously, the way to provide system redundancy using software RAID was to use softraid for all of your filesystems except the root filesystem.  The root filesystem would be copied to an identically sized partition on the second disk every night by the /etc/daily script.  It was up to you to keep the boot blocks up-to-date.

Awesome.  I’ve updated my Installing OpenBSD using softraid page.  I’ll let you know how it goes.

Written by Lee Verberne

2012/06/25 at 14:23

Posted in BSD

Tagged with ,

SuperMicro iKVM Video Only

with 4 comments

Frustrated that the IPMI iKVM session on your brand new SuperMicro server says “Video Only” at the top and your virtual keyboard won’t work?  I was.  I’m sure the culprit could be any of a number of issues, but for me it was a BIOS setting.

Read the rest of this entry »

Written by Lee Verberne

2012/06/21 at 21:55

Posted in Hardware

Tagged with , ,