We consider Bitwarden as a passwords keeper for our project with the main goal to have an ability to have separated access to secrets by user roles and/or ACLs. I.e. Pass or KeePass are good for self-usage by one person but they have no main things – a normal web-interface and role-based access to data.… Read More »
pass – a password manager for Linux/UNIX. Stores data in tree-based directories/files structure and encrypts files with a GPG-key. In Arch Linux present by default, in Debian can be installed using apt from default repositories: [simterm] $ sudo apt install pass [/simterm] For macOS can be installed with Homebrew: [simterm] $ brew install pass [/simterm]… Read More »
I’m sure that using MFA (Multi-Factor Authentication) today is oblivious. For 2FA (2-Factor Authentication) the most used method is TOTP – Time-based One-time Password, when alongside with the common login:password also needs to enter a code generated by a device or software. The most known implementation is Google Authenticator but also there is a lot… Read More »
Proceeding with a Github repositories checker. To recall: the idea is to have such a check in case if somebody from developers accidentally will share our project’s private repository as public, or will create a public repository instead of making it as a private one – we will get a Slack alarm about such a… Read More »
This story happened on 10/06/2017, adding this post in English now. The original post (Rus) was written almost right after the well-known Not a Petya attack in Ukraine – that’s why it’s used in the title. I had a new project assigned to me. When I started its existing setup investigation – was just shocked.… Read More »
TestRail – Test Case Management Software for QA and Development Teams. Well – that’s all needed as a description) Below – its installation on Debian Linux with NGINX, Let’s Encrypt, PHP-FPM, MariaDB, and Exim. Project’s homepage – www.gurock.com/testrail Installation official documentation – here>>>. Setup will be on an AWS EC2. LEMP and SSL Login to… Read More »
After implementing the Loki system on my job’s project – I decided to add it for myself, so see my RTFM blog server’s logs. Also – want to add the node_exporter and alertmanager, to be notified about high disk usage. In this post, I’ll describe the Prometheus, node_exporter, Grafana, Loki, and promtail set up process… Read More »
We already have our OpenVPN AS running in Production, so a few more posts about last steps in its configuration. For now – need to configure SSL to avoid alerts in clients browsers. OpenVPN AS documentation for SSL setup – here>>>. Let’s Encrypt Install Let’s Encrypt client: [simterm] root@openvpnas2:~# git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt [/simterm] Open… Read More »
In addition to the OpenVPN: настройка OpenVPN Access Server и AWS VPC peering post – DNS settings example. We have the ci.example.com domain, which has to be resolved to its Public IP (of the AWS EC2 instance) if it’s requested from thу Internet – or to its Private IP – if requested via a VPN… Read More »
OpenVPN Access Server is ready to use OpenVPN server which requires minimal configuration. The free version allows you to have two clients. If you need more – you can buy additional licenses. Infrastructure description Currently to access our resources such as Jenkins, Nexus etc we are using Allow Rules in AWS Security Groups where each user… Read More »