Let's Encrypt from Start to Finish Let's Encrypt from Start to Finish: Generating and Testing a Cert This post wraps up (most of) the server config and puts it to use. It covers my approach to generating a cert, and provides some useful openssl commands for verification. Most of the work here is simply shuffling files around.
Let's Encrypt from Start to Finish Let's Encrypt from Start to Finish: Useful Headers This post looks a collection of useful security headers. I've tried to explain what each one does, where it can be helpful, and where it might bite you. None of these are absolutely necessary; if nothing else I strongly recommend using HSTS.
Let's Encrypt from Start to Finish Let's Encrypt from Start to Finish: Tuning with OpenSSL This post sets up all the backend security logic (minus headers). I've tried to provide an explanation of each component and good values to use (or the means to create your own). If you don't have OpenSSL, most of this is meaningless.
Let's Encrypt from Start to Finish Let's Encrypt From Start to Finish: First Steps This post is a catch-all for items that aren't closely related to the other major tasks. It covers good resources, certbot installation, and my approach to reusing Let's Encrypt config.
Google Chrome Chrome Remote Debugging on Windows I've had trouble with this before, apparently, so this time I'm documenting the process. The official Google docs leave out a couple of setup steps, which is seriously frustrating.
Let's Encrypt from Start to Finish Let's Encrypt from Start to Finish: Overview This post begins with the sad state of affairs that is the current US internet landscape but quickly moves on to more interesting topics like background information on HTTP, HTTPS, HSTS, Let's Encrypt, and `certbot`.
music 2017 Music I missed writing about music. This is the first year I haven't had slam in my top five since probably 2012. 2017 was the first year since maybe 2010 that I made a playlist for someone. I don't know what came over me. 2017 was also the year I broke down and started using Spotify.
Wizards of the Web Housekeeping: December 2017 Sensible SSH with Ansible was delayed by a flood of yak shaves, but it's still (mostly) in active development. I'll be shaking down a new tool over the course of Let's Encrypt from Start to Finish; it's the most involved yak shave from Sensible
certbot The certbot Hook API Hopefully this is useful to someone else. I got confused by the language change from renew to deploy hooks and spent some time ripping the code apart to see how
NPM Package Manager Showdown: Yarn and NPM on a VPS I've worked pretty hard to stay out the whole JS package manager debate. NPM's always done what I needed. Prior to yesterday evening, I had no baseline for comparison. Sure,
git Update Repo Badges Automatically: Preview After a day of furious coding and way more debugging, I think I finally have a collection of git hooks that will properly update badge references. Check out the repo; it's still pretty raw. I've manually tested it with both vanilla and git-flow (if
Vagrant Ubuntu Notes: Unlocking /var/lib/dpkg I ran into some issues this morning setting up a Xenial box via Vagrant. On boot, /var/lib/dpkg was totally locked with nothing I knew to link it to in ps aux. I've created a fairly novel solution; my purchase today was learn about something new.
Sensible SSH with Ansible Sensible SSH with Ansible: Vagrant Setup This post looks at how to quickly and easily mimick common environments in Vagrant. If you're using a different tool, feel comfortable with Vagrant multi-machine setups, or plan on running Vagrant from a pleasant operating system, you can probably skip this post.
Sensible SSH with Ansible Sensible SSH with Ansible: Overview As the first post in the series, this will provide a roadmap for the series and a brief overview of the tools involved.
JavaScript Deconstructing Epom Ads for Personal Edification Don't do anything dumb with this information. I've been sitting on this for awhile, so it might not be valid anymore. I haven't checked. I am not and would never suggest you take advantage of anyone, even a company that makes its money taking advantage of you.
NPM NPM Lifecycle Stages: A Study in Stream Editors NPM has created a solid set of discrete stages that describe every state a package might be in. Getting programmatic access to that set is more convoluted than it sounds.
Windows Docker in WSL Being able to run a Docker host natively in Windows would be awesome. Being able to interact with it via WSL would be even more awesome.
KeePass KeePass + ssh I've begun taking my online identity a bit more seriously and I'm building a collection of keys for everything. It's safe, but it's insanely annoying to have to re-enter all those passphrases more than once, say, a month.
KeePass KeePass + FreeRDP My xfreerdp credential solution is to use Keepass (I recommend ~2; that's what you'll see below.). Like other repetitive user-based CLI tasks, KeePass kills xfreerdp.