Posts

    •  
    • 8 minute read

    It’s not unusual for a service to need access to some kind of configuration, or for that configuration to contain passwords that you’d prefer not to leak. The solution is simple: create a configuration file somewhere, make sure that it’s only readable to the user the service runs at, and you’re done. And then you find out about DynamicUser services, which is where the fun begins.

    Read more

    •  
    • 22 minute read

    Even though most traditional December activities are a bit impractical this year, Eric Wastl returns with his annual Advent of Code. Every day from December first until Christmas Day you get a small puzzle that you can solve by writing small programs or by being very good at solving jigsaw puzzles. If you want to learn a new programming language or just get better at the ones you know, I highly recommend trying it out.

    Read more

    •  
    • 7 minute read

    Aside from all the terrible things that are associated with the current year, it is also an even year, and it’s past April, so that means we got a new Ubuntu LTS release: Focal Fossa. A few weeks ago, after much anticipation, the upgrade path from Bionic was released which meant it was time to upgrade my VPS. In this post I’ll go over how it went, what went wrong, and what went right.

    Read more

    •  
    • 15 minute read

    WireGuard is the new kid on the block for creating a secure and maintainable VPN wherever you are. Contrary, to OpenVPN, set-up is relatively easy: you don’t have a thousand nobs to configure, it handles reconnects well, and it also claims to be faster, although I never really ran into issues in that regard. The superlatives don’t stop.

    As always, it turns out that the devil is in the details, and if your set-up is a bit different than everyone’s cup of tea then suddenly all the tutorials out there don’t really work for you anymore. I tried to set it up on my Raspberry Pi but I found that a combination of factors (not running Raspbian, not using iptables) made my life a bit more difficult. Every tutorial out there seems to assume that you do, but thanks to some wonderful resources I managed to figure out a way that works for me. In this post I’ll be going over how to install and configure WireGuard on a Raspberry Pi (running Arch Linux Arm) using nftables as our firewall.

    Read more

    •  
    • 7 minute read

    If you have a server that’s accessible from the internet, chances are you’ll be dealing with unwanted hacking attempts. Sometimes they’ll be security researchers trying to warn you about the existence of some vulnerability. Sometimes, they want to check if you’re accidentally running an open relay. Sometimes they’re actually nefarious people. And sometimes they just want you to subscribe to PewDiePie. Where do all these people come from?

    Read more

subscribe via RSS