After confirming that they do support DNS LOC records, I couldn’t find any documentation about how to successfully create them using terraform, so here goes:
[Read More]Docker, rust, cargo and 137 Errors
I kept getting OOMKilled when trying to build Rust apps in Docker containers on GitHub Actions (and also locally, using buildx
). The return code of any cargo
command that touched the list of crates would end up with the command killed after 30-90 seconds.
I found two solutions:
[Read More]On Cough Syrup and Cold Medicine
This is a great article, with fantastic takeaways: How to understand cough medicines.
[Read More]AWS ACM Moving to Dynamic Intermediates
I wonder how many things are going to break when AWS changes how ACM certs are issued. They’re moving to “dynamic” (ie, randomly allocated) intermediates starting 11th October 2022, which is surprisingly soon!
They say not to use certificate pinning, but lots of people do, and I’m sure there’s a load of custom config/deployment methods out there that’ll rely on some kind of static intermediate.
Good luck, friends!
[Read More]Stop Edge Sleeping Tabs
Microsoft’s Edge browser is pretty cool, I use it instead of Chrome because .. somehow Microsoft has become less creepy than Google?
They’ve recently added efficiency mode, which is handy until it starts sleeping the tab that Octoprint is on, which queues up all the “live view” features and somehow makes them replay at super-speed when I go back to the tab.
AAAAANNYWAY. I did some searching and couldn’t find the answer to “how do I stop Edge from sleeping pinned tab” because that’s not a thing (article on what can stop a tab to sleep here).
[Read More]Livejournal 19 Year Anniversary
Well, I definitely feel old…
![You have received a virtual gift for your 19 anniversary in LiveJournal](/2022/07/2022-07-10-livejournal-congratulations-19-years.jpg)
Curiously, I didn’t even have to log in to view my virtual gift…
![Thank you for being with us for 19 years! With love, LJ Team.](/2022/07/2022-07-11-livejournal-virtual-gift.jpg)
Housing Cost Increases and Perception
The low cost of borrowing money combined with a few other forces have really pushed up housing prices around here lately, and people keep telling me that “oh but your place has gone up in value, it all works out!”
I knew in my bones it wasn’t right, but I did some quick math.
Mortgage | Townhouse Value | House Cost | Mortgage Increase | |
---|---|---|---|---|
2019 | $250,000.00 | $320,000.00 | $480,000.00 | $160,000.00 |
2022 | $250,000.00 | $450,000.00 | $680,000.00 | $230,000.00 |
Increase | 140.63% | 141.67% | 143.75% |
This is based on similar houses in similar locations, as I’ve been looking for some time.
[Read More]GitHub's Dependabot and Actions
I sent this to a friend who I’d been talking to about automation things, they probably didn’t expect this huge wall of text 😁 Since this isn’t a DM over social media, I’ve included the code and cleaned up the links, and shared it so hopefully I can find it in the future and it’ll help someone else who’s interested.
I’ve had this on my todo list so here goes.. I was going on about how cool Dependabot is, and how it automagically makes Pull Requests (PRs) for updating packages in repositories… since you asked for some details it’s probably easiest to show an example of how I’ve got it set up.
[Read More]
Terraform, AWS Access Keys and Keybase
Per the Terraform AWS Provider docs for the aws_iam_access_key resource, I figured I’d try this Keybase PGP thing.
This is the config I’ve got (and stayed with, because it wasn’t wrong):
resource "aws_iam_access_key" "example_key" {
user = aws_iam_user.example.name
pgp_key = "keybase:yaleman"
}
While trying to apply the config however, I got this error…
│ Error: Error retrieving Public Key for keybase:yaleman: unable to fetch keys for user(s) "yaleman" from keybase
│
│ with aws_iam_access_key.example_key,
│ on example.tf line 26, in resource "aws_iam_access_key" "example_key":
│ 26: resource "aws_iam_access_key" "example_key" {
│
Well, that’s annoying and slightly vague!
[Read More]Terraform, Kubernetes and Github Container Registry Oh My
After much muttering and searching and and then some help from the lovely people on the rands slack, I ended up with a snippet for authenticating my kubernetes cluster to the Github Container Registry using terraform configuration.
tl;dr: create a dockerconfigjson
-type secret and use it in the image_pull_secrets
field
Create a secret with the authentication details:
resource "kubernetes_secret" "ghcr_auth" {
metadata {
name = "ghcr-auth"
}
type = "kubernetes.io/dockerconfigjson"
data = {
".dockerconfigjson" = jsonencode({
"auths" = {
"https://ghcr.io" = {
"auth" : base64encode("${var.github_username}:${var.github_pat}")
}
}
})
}
}
The github_pat
variable has a Personal Access Token with access to read:packages
. It’s not actually a variable in my config, because I’m way more secure than that, but… it’s an example.