Saboteur by Frederic Moyersoen
Link to the English version:
CategoryUncategorized
https://blog.juliobiason.net/thoughts/things-i-learnt-the-hard-way/
Here is how one can setup a nginx to count the https connections made.
Preparation
Create a new folder
mkdir ~/docker_ssl_proxy cd ~/docker_ssl_proxy
Put a dummy entry in your /etc/hosts file
127.0.0.1 YOURDOMAIN.com
Steps
First generate certificate
openssl req -subj '/CN=YOURDOMAIN.com' -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365
create a new file something.conf with the following content
server {
listen 4000 ssl;
ssl_certificate /etc/nginx/conf.d/cert.pem;
ssl_certificate_key /etc/nginx/conf.d/key.pem;
# access_log /dev/stdout;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location / {
return 200 'With style!';
add_header Content-Type text/plain;
}
}
Then run the docker with
docker run --rm -v `pwd`/logs:/var/log/nginx -v `pwd`:/etc/nginx/conf.d -p 4000:4000 nginx
Get the cacert
echo quit | openssl s_client -showcerts -servername server -connect YOURDOMAIN.com:4000 > cacert.pem curl --cacert cacert.pem https://YOURDOMAIN.com:4000/ -d 'hello world'
And finally do some connections
go-wrk -c=400 -t=8 -n=10000 -m="POST" -b='{"accountID":"1"}' -i https://YOURDOMAIN.com:4000
I don’t know why people started doing abbreviations, maybe in the past, the bytes were expensive. I suppose life was harsh and there was no enough food for all and the way they named their programs and variables is mirroring their life. Nowadays we have enough goods and time and free space everywhere and we still name our variables/etc. like we are at the dark ages.
My point is that when we are solving some problem is good to have all neurons of our brain to work solving the problem. If we have to decrypt variables, our project structure is not good, we haven’t used with our editor then we are putting bariers which block us of seeing the best solution because our brain is dedicating 5-10% of its power for nonsense.
I am not saying that we should use full sentences of naming the variables/methods/classes/packages/programs. Only that we do not need to spent time decrypting the abbreviation.
I would love to see an operating system where there is no hackish syndrome.
In the cloud
AWS give examples in their documentation with hackish. How it is possible AWS to have so high expectations for hiring developers and let them act as a woodcutter.
The load balancer names in AWS have a size limit in their names so you that you can have YOUR-APP-us-east-1-production load balancer. You have to name it Your-APP-us-east-1-prod.
At Home
My son is learning his computer language and yesterday he asked me what do the method Intn(n Int) – I can’t answer.
“Mom brg me sndwch!”
At Work
Here are some very popular examples
- dev > development
- prod > production
- ctx, ctx > context vs
- obj > object
Linux
Do you know why we write “mount” to mount some file system, and “umount” to unmount? Why?
The opposite command “mount” is not abbreviated to “mnt” or even “mt”. This inconsistency is crazy!
| For Robots | For Humans |
| lsblk | block-devices |
| mount | unmount |
You can do it from the Ruby on Rails application or even better way is to do it where you define your infrastructure and configure your proxy/loadbalancer etc. to allow it.
constrains manage
class Whitelist
def matches?(request)
vpn = IPAddr.new("10.1.0.0/16")
return true if Rails.env.development? || vpn.include?(request.remote_ip)
Rails.logger.info("Blocking access for #{request.remote_ip} to #{rifiniti_vpn}")
false
end
end
constraints Whitelist.new do
namespace :manage do
...protected
end
end
Way of testing kitchen with vaults
suites:
- name: default
run_list:
- recipe[....
data_bags_path: ../../data_bags_test
attributes:
chef-vault:
databag_fallback: true
copy your data_bags/ and decrypted vaults/ content in a new folder containing the merged content from both folders.
Do not forget to add data_bags_test folder in .git_ignore.
image from www.wannapik.com
If you want your developers and stuff to be happy please AVOID webex !
Webex is bad service
It has bad International connection. It doesn’t run on linux or unix and can’t be run in a browser. The IOS application is bad and doesn’t integrate with the links. The integration with the website and the calendars is bad. The website is slow and buggy and you can’t see the meeting on which you are invited. It is the worst of the software out there.
Zoom – It is like the webex. They look and feel the same one idea better, because it has client which can run in linux
Good one
https://www.bluejeans.com/ – works perfectly!
http://appear.in – free and great!
One can send a bunch of key => values to zabbix with the zabbix-trapper items.
Using this nice article as a base I have packed everthing in a class so that you can use it:
Example usage:
values = {
total_ram: 0,
wrong_data_center: 0,
linode_hosts: 0,
missing_from_zabbix: 0,
missing_from_graylog: 0,
}
zabbix_sender = ZabbixSender.new(Figaro['zabbix_server'])
zabbix_sender.message('super_druper_hostname', values)
require 'json'
class ZabbixSender
def initialize zabbix_host
@zabbix_host = zabbix_host
end
def message hostname, values
values_with_host = with_host(hostname, values)
params = {
"request" => "sender data",
"data" => values_with_host,
}
body = JSON.generate params
data_length = body.bytesize
data_header = "ZBXD\1".encode("ascii") + \
[data_length].pack("i") + \
"\x00\x00\x00\x00"
data_to_send = data_header + body
send data_to_send
end
private
def with_host hostname, hash
values = []
hash.each_pair do |key, value|
values << {
key: key,
value: value,
host: hostname,
}
end
values
end
def send data_to_send
socket = TCPSocket.new(@zabbix_host, 10051)
socket.write data_to_send.to_s
response_header = socket.recv(5)
if not response_header == "ZBXD\1"
puts "response: #{response_header}"
raise 'Got invalid response'
end
response_data_header = socket.recv(8)
response_length = response_data_header[0,4].unpack("i")[0]
response_raw = socket.recv(response_length)
socket.close
response = JSON.load(response_raw)
end
end
© 2026 Ivo Bardarov
Theme by Anders Norén — Up ↑