Categories
Uncategorized

.plan

Login name: notabro
In real life: Ghost In The Shell
On since 1978 on pts/0 from pong.atari.com
0 seconds Idle Time
Unread mail since Thu Jan 1 00:22:52 1981

Old man from the mountain, yelling at clouds

             .`=-._.-=-.-=..-'\
             |                |
    .-._     |-.            ./
   /''  `.   |  `-._.--._.-' |  .-.
   |:.    `-./               |.`  .)
   \ `-._    `---..__..----._/   .'
    '-.._'-`-.-._    _..----.__.'
         `-.-..-.`--`   .-.  \
           'o/o`\  /     >)) /
           `-..-.( \    `-' |
   .----._.-`     .'     _).-.
  (           ) .`      _)/   `.
   `-._--._ -'.`    .-._).      \
        (_.-._)    / |  |        \
       (_          /_|   \        |
      (_           / |    `._/     \
     (_           _/ \      |      |
    (_           _)   |     /      |
    (_           _)    \    |      \
   (_            _)     `._ \      |
  (_           _)        |@ /_..--'
 (_           _)         |@  |   |
(_            _)         \   / ..\_
 (_           _)           .'_ '`. `-.
  (_        _)            (_/ ) \\\ \ \
    (_    _)                 (_/ /| /\_)
     (_.-_) LGB               (_/(_/

I once had a beard almost this long, and wore a 
black leather cowboy hat to work.

I'm here to talk about sysadmin, and grumble about
how you could once run an entire graphical
operating system in 512k of memory, including a
web browser, but today, it takes over a gig of
ram just to display a single web page. You want
the truth? You can't HANDLE the truth: it's a 
gorram fraking miracle that our society continues
to function as well as it does, considering how
little skill or effort it would take to "crash"
it (and no, I'm not going to go into the details 
of how that might be done). Log4j is a recent 
and highly visible demonstration of this. You
really don't want to know how the sausage is
made. Really.
Categories
containerization

keycloak certificate reloading

In my post on container lifetimes I discussed how I wanted to make keycloak perform dynamic SSL certificate reloading. The maximum lifetime of an SSL certificate is no longer dictated by the Certificate Authority, but rather a cabal of web browser developers who wield a big schwartz. I am using free certificates provided by Letsencrypt, you may think that is amateur or juvenile, but I think it’s extortion what CAs charge for a certificate.

Continue reading “keycloak certificate reloading”
Categories
containerization

on container lifetimes

My project uses containerization extensively and during development I’ve formed some opinions. I’ve learned that my views on process management are different than what seems to be the accepted standard.

The stack I’m working with consists of Keycloak for authentication, MySQL for database storage, Apache for HTTP, and Django to run the backend, with React on the frontend.

I’ve recently been working on orchestration, the “infrastructure as code” part of making my project run with templatable YAML files. I have a reasonably fast computer that I do primary development on, but even with that speed it takes a while to build containers and do other tasks.

The direction of containerization seems to be towards a tear it down and build a new one philosophy instead of trying to reuse existing container instances.

Continue reading “on container lifetimes”
Categories
Uncategorized

whoami

Some day I may be able to reveal who I am, but you will have to wait.

I created this Blog to talk about a stealth project I have been working on since the Pandemic started. I want a place I can anonymously share problems and solutions, design and architecture, ideas and opinions.

It is my hope this site offers help and can be a place for discourse on subjects like Linux, MySQL, Containerization, and industry practices.