Article breaks down using Longhorn (version 1.7) for backups, self-hosting, and recovery. It’s for seasoned DevOps and SysAdmin folks who like doing things themselves. You’ll find a step-by-step guide on setting up and restoring backups with Longhorn, Velero, and GitOps. The goal is to show you a tried-and-true setup for getting your backups and restores working smoothly.
Snippet for generating go-flags parameters in VS Code.
In today’s world of distributed systems and microservices, security has become more critical than ever. One common approach to securing these systems is through the use of OpenID Connect (OIDC), an identity layer built on top of the OAuth 2.0 protocol. However, integrating OIDC into command-line interface (CLI) applications can be challenging due to the complexity of OIDC flows.
In this short article there is a use-case of using oauth2c to obtain token via CLI. Keycloak is used as primary refernce of IDP, but any other OIDC complient solutions should work in the same way.
Delay request before redirect to the original URL
Rates to USD from different world-wide currencies. Updates once per day from Philippines Central Bank.
I have been working with Synology Disk Station products for SOHO for a long time now. It’s a costly NAS but worth it because of: the combination of high-quality software (DSM) and hardware, and it is friendly for newcomers and professionals alike.
By default, Synology offers access to the NAS UI via HTTPS or HTTP protocol.
While HTTP is the simplest option, HTTPS (if done properly) is much more secure. However, the self-signed certificate, provided by Synology is not good neither in terms of security or user experience (ie: RED alerts in browsers and etc).
In general, in DSM 7 you may issue a certificate by two methods:
- request a free certificate from Let’s Encrypt
- import already existing certificate
The first option is available only in case you exposed your Synology to the public internet which might not be the best idea in terms of security.
In this article, I would like to share an approach on how to secure a connection to the Synology by issuing a valid (!) certificate without exposing NAS to the outer world.
Automatic dashboard generation for Ingress objects.
Features:
- No JS
- Supports OIDC (Keycloak, Google, Okta, …) and Basic authorization
- Automatic discovery of Ingress objects, configurable by annotations
- Supports static configuration (in addition to Ingress objects)
- Multiarch docker images: for amd64 and for arm64
Hassle-free minimal CI/CD for git repos for docker-based projects.
Features:
- zero configuration for repos by default
- optional automatic TLS by Let’s Encrypt
- optional automatic domain registration by supported providers