In the previous part of the Okta series we set up SSO for Grafana (see Okta: configuring Grafana SSO with OIDC and Role mapping) – now for a more interesting task: configuring SSO for AWS, with not just login but also user provisioning. Okta has a ready-made AWS IAM Identity Center App that lets you… Read More »
The RTFM migration from DigitalOcean to AWS went smoothly, and I’m gradually settling in. New infrastructure, everything new – so for the first while I want to keep a close eye on the server and blog state, which means setting up basic monitoring for WordPress: NGINX, PHP-FPM, the database, and the infrastructure running it all.… Read More »
Continuing the setup of the new RTFM server. The next step is configuring the ability to send mail from EC2, since both important messages for the root user and RTFM itself need to send emails. I was thinking of using AWS Simple Email Service – purely to refresh my memory on how to work with… Read More »
Every time I need to do this, I have to look it up, even though I’ve written about it somewhere before – but it was a long time ago: manually increasing the disk size on an AWS EC2. You get used to Kubernetes, where it’s enough to just change a value in a PersistentVolumeClaim, and… Read More »
While preparing the infrastructure for migrating RTFM from the DigitalOcean server to AWS (see AWS: basic infrastructure setup for WordPress) I decided to also try AWS ALB mutual authentication (for some reason I thought this feature launched at the last re:Invent, at the end of 2024, but it’s actually been around since late 2023 –… Read More »
I looked at the costs for the infrastructure described in the previous post AWS: basic infrastructure setup for WordPress, and let out a heavy sigh: One NAT Gateway is a quarter of my AWS spend, and even with AWS Credits I can’t help feeling a bit stingy about it. There’s an option to remove the… Read More »
It’s time for a major server upgrade for RTFM, which I usually do by migrating to a new server – because I also do various other upgrades along the way, like upgrading the PHP version or even migrating to a different cloud. This time I’m planning to move from DigitalOcean, where RTFM has been hosted… Read More »
This post is technically part of the home NAS setup series on FreeBSD (see the beginning here – FreeBSD: Home NAS, part 1 – ZFS mirror setup), but I’ll publish it separately. I already have backup automation configured (there will be posts about that too), and right now data from the NAS is pushed to… Read More »
In the previous post of the Home NAS on FreeBSD setup series, we got acquainted with restic – a utility for working with backups that supports encryption, snapshots, and change history; see FreeBSD: Home NAS, part 8 – backup of NFS and Samba data with restic. However, in addition to archival data in S3, I… Read More »
Let’s continue our journey with AWS OpenSearch Service. What we have is a small AWS OpenSearch Service cluster with three data nodes, used as a vector store for AWS Bedrock Knowledge Bases. Previous parts: AWS: Introduction to OpenSearch Service as a vector store AWS: Creating an OpenSearch Service cluster and configuring authentication and authorization Terraform:… Read More »