Convincing Kubernetes to Trust a Backend

I run Kubernetes at home. Yeah, I’ve said it. It’s out there now. Now we’re past that, here’s how to convince traefik to talk nicely to a HTTPS backend server, in this case a test instance of GoatNS. I use Terraform for my configuration management, k3s to build/control the platform, with its built-in traefik for routing traffic. I’ve got a deployment set up, exposing port 4443 from the container, and using cert-manager. [Read More]

Terraforming Cloudflare DNS LOC Records

After confirming that they do support DNS LOC records, I couldn’t find any documentation about how to successfully create them using terraform, so here goes: resource cloudflare_record pizza_loc_record { zone_id = var.zone_id name = "pizza.example.com" type = "LOC" data { lat_degrees = 1 lat_direction = "N" lat_minutes = 2 lat_seconds = 3 long_degrees = 1 long_direction = "E" long_minutes = 2 long_seconds = 3 precision_horz = 10 precision_vert = 10 altitude = 10 size = 10 } ttl = 69 } DNS LOC records are defined in RFC1876. [Read More]

Docker, rust, cargo and 137 Errors

I kept getting OOMKilled when trying to build Rust apps in Docker containers on GitHub Actions (and also locally, using buildx). The return code of any cargo command that touched the list of crates would end up with the command killed after 30-90 seconds. I found two solutions: Use nightly and use the sparse-registry option. Tracking Issue: 9069 RFC: #2789 The sparse-registry feature allows cargo to interact with remote registries served over plain HTTP rather than git. [Read More]

On Cough Syrup and Cold Medicine

This is a great article, with fantastic takeaways: How to understand cough medicines Supplementing vitamins C and D might help prevent the common cold, and taking zinc might help shorten its duration. Staying well-hydrated will help with your symptoms. Drinking honey-and-lemon or glycerol syrup will help. If honey and lemon proves insufficient, reach for pseudoephedrine if your nose is blocked or you have a sinus headache, paracetamol if you’re experiencing pain and fever, guaifenesin if you want to cough up more mucus, or pholcodine or dextromethorphan if you’d like to suppress a cough. [Read More]

AWS ACM Moving to Dynamic Intermediates

I wonder how many things are going to break when AWS changes how ACM certs are issued. They’re moving to “dynamic” (ie, randomly allocated) intermediates starting 11th October 2022, which is surprisingly soon! They say not to use certificate pinning, but lots of people do, and I’m sure there’s a load of custom config/deployment methods out there that’ll rely on some kind of static intermediate. Good luck, friends! [Read More]

Stop Edge Sleeping Tabs

Microsoft’s Edge browser is pretty cool, I use it instead of Chrome because .. somehow Microsoft has become less creepy than Google? They’ve recently added efficiency mode, which is handy until it starts sleeping the tab that Octoprint is on, which queues up all the “live view” features and somehow makes them replay at super-speed when I go back to the tab. AAAAANNYWAY. I did some searching and couldn’t find the answer to “how do I stop Edge from sleeping pinned tab” because that’s not a thing (article on what can stop a tab to sleep here). [Read More]

Housing Cost Increases and Perception

The low cost of borrowing money combined with a few other forces have really pushed up housing prices around here lately, and people keep telling me that “oh but your place has gone up in value, it all works out!” I knew in my bones it wasn’t right, but I did some quick math. Mortgage Townhouse Value House Cost Mortgage Increase 2019 $250,000.00 $320,000.00 $480,000.00 $160,000.00 2022 $250,000.00 $450,000.00 $680,000.00 $230,000. [Read More]

GitHub's Dependabot and Actions

I sent this to a friend who I’d been talking to about automation things, they probably didn’t expect this huge wall of text 😁 Since this isn’t a DM over social media, I’ve included the code and cleaned up the links, and shared it so hopefully I can find it in the future and it’ll help someone else who’s interested. I’ve had this on my todo list so here goes.. I was going on about how cool Dependabot is, and how it automagically makes Pull Requests (PRs) for updating packages in repositories… since you asked for some details it’s probably easiest to show an example of how I’ve got it set up. [Read More]

Terraform, AWS Access Keys and Keybase

Per the Terraform AWS Provider docs for the aws_iam_access_key resource, I figured I’d try this Keybase PGP thing. This is the config I’ve got (and stayed with, because it wasn’t wrong): resource "aws_iam_access_key" "example_key" { user = aws_iam_user.example.name pgp_key = "keybase:yaleman" } While trying to apply the config however, I got this error… │ Error: Error retrieving Public Key for keybase:yaleman: unable to fetch keys for user(s) "yaleman" from keybase │ │ with aws_iam_access_key. [Read More]