Category Archives: HOWTO’s

OpenVPN: Let’s Encrypt DNS verification on AWS Route53 and OpenVPN Access Server SSL certificate auto update

24 May 2019
 

 In addition to the OpenVPN: SSL and hostname configuration post about OpenVPN Access Server, set up and configuration. So, three months passed and it’s time to renew Let’s Encrypt SSL certificate (see. Prometheus: Alertmanager и blackbox-exporter — проверка срока действия SSL и нотификация в Slack, Rus). I could you well-know for me scheme with the… Read More »

Debian: unattended-upgrades – automatic upgrades installation with email notifications via AWS SES

23 May 2019
 

 A unattended-upgrades package performs automated upgrades installation on Debian/Ubuntu systems. It’s a Python script (1500 lines) located at /usr/bin/unattended-upgrade (and /usr/bin/unattended-upgrades is a symlink to the /usr/bin/unattended-upgrade). CentsOS/RHEL analog – yum-cron. Install it: The main config file is /etc/apt/apt.conf.d/50unattended-upgrades where upgrade types, email settings etc can be configured. Upgrades related schedules are done in the… Read More »

AWS: VPC peering DNS resolution and DNS settings for OpenVPN Access Server

17 May 2019
 

 We have a VPC with OpenVPN Access Server running. This VPC is connected with other VPCs in our AWS account. The issue is that currently when a user is connected to VPN for the DNS resolution into EC2 instances private IPswe are using dnsmasq service on the VPN-host which has a /etc/dnsmasq.hosts file where are manually… Read More »

Bitwarden: an organization’s password manager self-hosted version installation on an AWS EC2

1 May 2019
 

 We consider Bitwarden as a passwords keeper for our project with the main goal to have an ability to have separated access to secrets by user roles and/or ACLs. I.e. Pass or KeePass are good for self-usage by one person but they have no main things – a normal web-interface and role-based access to data.… Read More »

Linux: GPG-keys, Pass – passwords manager, and passwords import from the KeePass database

25 April 2019
 

 pass – a password manager for Linux/UNIX. Stores data in tree-based directories/files structure and encrypts files with a GPG-key. In Arch Linux present by default, in Debian can be installed using apt from default repositories: For macOS can be installed with Homebrew: The pass itself is just a bash-script: GPG keys management Creating GPG key… Read More »

Golang: pointers – detailed overview

20 April 2019
 

 What is the pointer? Shortly, the pointer is a variable which stores an address of another variable, where some data is stored. A pointer example Let’s take the simplest example where a pointer is used: package main import “fmt” func main() { a := 1 b := &a fmt.Println(“A: “, a) fmt.Println(“B: “, b) fmt.Println(“B:… Read More »

Authy: step by step Multi-Factor Authentication configuration for Github and AWS

17 April 2019
 

  I’m sure that using MFA (Multi-Factor Authentication) today is oblivious. For 2FA (2-Factor Authentication) the most used method is TOTP – Time-based One-time Password, when alongside with the common login:password also needs to enter a code generated by a device or software. The most known implementation is Google Authenticator but also there is a… Read More »

Jenkins: a job to check a Github organization’s public repositories list

16 April 2019
 

 Proceeding with a Github repositories checker. To recall: the idea is to have such a check in case if somebody from developers accidentally will share our project’s private repository as public, or will create a public repository instead of making it as a private one – we will get a Slack alarm about such a… Read More »