In the previous part of the Okta series we set up SSO for Grafana (see Okta: configuring Grafana SSO with OIDC and Role mapping) – now for a more interesting task: configuring SSO for AWS, with not just login but also user provisioning. Okta has a ready-made AWS IAM Identity Center App that lets you… Read More »
The RTFM migration from DigitalOcean to AWS went smoothly, and I’m gradually settling in. New infrastructure, everything new – so for the first while I want to keep a close eye on the server and blog state, which means setting up basic monitoring for WordPress: NGINX, PHP-FPM, the database, and the infrastructure running it all.… Read More »
Continuing the setup of the new RTFM server. The next step is configuring the ability to send mail from EC2, since both important messages for the root user and RTFM itself need to send emails. I was thinking of using AWS Simple Email Service – purely to refresh my memory on how to work with… Read More »
Every time I need to do this, I have to look it up, even though I’ve written about it somewhere before – but it was a long time ago: manually increasing the disk size on an AWS EC2. You get used to Kubernetes, where it’s enough to just change a value in a PersistentVolumeClaim, and… Read More »
While preparing the infrastructure for migrating RTFM from the DigitalOcean server to AWS (see AWS: basic infrastructure setup for WordPress) I decided to also try AWS ALB mutual authentication (for some reason I thought this feature launched at the last re:Invent, at the end of 2024, but it’s actually been around since late 2023 –… Read More »
I looked at the costs for the infrastructure described in the previous post AWS: basic infrastructure setup for WordPress, and let out a heavy sigh: One NAT Gateway is a quarter of my AWS spend, and even with AWS Credits I can’t help feeling a bit stingy about it. There’s an option to remove the… Read More »
It’s time for a major server upgrade for RTFM, which I usually do by migrating to a new server – because I also do various other upgrades along the way, like upgrading the PHP version or even migrating to a different cloud. This time I’m planning to move from DigitalOcean, where RTFM has been hosted… Read More »
In the previous post of the Home NAS on FreeBSD setup series, we got acquainted with restic – a utility for working with backups that supports encryption, snapshots, and change history; see FreeBSD: Home NAS, part 8 – backup of NFS and Samba data with restic. However, in addition to archival data in S3, I… Read More »
Continuing the topic of AWS Load Balancer logs: in the previous post, Golang: recording AWS Load Balancer logs to VictoriaLogs, we collected logs using our own logs collector in Golang. Now we need to get something useful out of these logs. Previously, when I had Loki on my project, we used its RecordingRules to create… Read More »
In the previous part, AWS: Getting Started with OpenSearch Service as a Vector Store, we looked at AWS OpenSearch Service in general, figured out how data is organized in it, what shards and nodes are, and what types of instances we actually need for data nodes. The next step is to create a cluster and… Read More »