rand(Ø)

> beautiful code & photos

about <

Posts tagged: server

MySQL: silent insecure password warning

By Joris Berthelot Published January 22nd 2021 Tagged server, bash, process substitution, cli, console, devops, hack, mysql, zsh, trick, shell, protip, mariadb, linux, hint, howto, database, docker

I won't invent anything new here but I'll share a quick improvement on an answer I've found on Stack Overflow.

If you are doing batch actions and don't want to write in .mylogin.cnf file, there's the trick: use a process substitution!

$ mysqldump --defaults-extra-file=<(printf "[client]\nhost = host.rds.amazonaws.com\nuser = username\npassword = \$PassW0rd\$") \
    database > dump.sql

This also works for any other file input, like Docker env file run param:

> Continue Reading

Cross-region & cross-account AWS resources Terraform planning

By Joris Berthelot Published September 30th 2020 Tagged terraform, amazon aws, aws, aws ecs, deployment, work, trick, sys-admin, server, s3, protip, howto, hint, devops, development, code, english, infrastructure, cloud, cloud computing

Hey, it's been a while, right?

Lately, I'm leading some big changes in our infrastrure since I'm wrapping a Blue/Green deployment into another one. Uh?

Long story short: our product runs on AWS ECS Docker containers, and because we have one sub-domain per app instance, we use Apache wildcard sub-domains. Meaning a single container handles traffic from many clients/instances. We already have a Blue/Green deployment process in place but at the Docker container level, not at the client level. The idea is to entirely duplicate the whole stack (with all its flaws) and a sub-domain pointing to

> Continue Reading

CSP Header Hacking for Apache2

By Joris Berthelot Published May 15th 2020 Tagged apache, http, hack, csp, header, content-security-policy, mod_headers, report-to, server, browser, devops, english, howto, protip, sys-admin, workaround

Hello,

I write here to report my latest dirty hack. Story—

While enforcing our HTTP server configuration at work, we are slowly implementing CSP policies and one of them allow Web browsers to report violations to a given endpoint.

At this moment, we are only at the reporting step of the implementation because the first time we attempted to roll this header out, it ended up breaking our staging env.

So, it's recommended to set the Content-Security-Policy-Report-Only header.

This header takes the report-uri directive which allows the browser to push the violation findings to a given endpoint.

For this example:

> Continue Reading

Upgrading in a few commands

By Joris Berthelot Published February 16th 2020 Tagged docker, rancheros, digital-ocean, self-hosting, blog, devops, container, deployment, english, migration, news, productivity, protip, reverse-proxy, server, upgrade

It has been over a year now that I migrated my 2 blogs on full Docker-hosting and I wanted it to be as simple as possible for several reasons:

  • Docker is easy to work with and to maintain
  • Everything is Dockerizable
  • I don't want to spend more than an hour every month or so to upgrade my stacks

At work, we previously used CoreOS to deploy a fleet of Dockerized apps but it was hard to maintain but more specifically, CoreOS is designed for distributed apps, which is not the case of this blog.

So, I searched for a simpler

> Continue Reading

Build a basic Docker stack on Digital Ocean

By Joris Berthelot Published December 4th 2015 Tagged server, digital-ocean, docker, webservice, proxy, reverse-proxy

As I'm getting more and more familiar with NodeJS and Docker, I'd like to Dockerize the few Webapps that run on this server so I can avoid to maintain different stacks.

I use Digital Ocean virtual hosting and I'm pretty happy with it.

Docker is straigtforward enough when it comes to run some containers for testing or development purposes but when you need to deal with High Availability or auto-scaling, it could become a real pain in the ass to configure a CoreOS cluster with all the layers that comes with it.
You'd need to setup fleet, a reverse proxy

> Continue Reading

Architecture LAMP sur cluster HA actif-passif

By Joris Berthelot Published January 23rd 2012 Tagged apache, cluster, français, ha, mysql, network, php, project, server, wp-imported

Pour cette nouvelle année 2012, je vais commencer gros avec un article qui traine depuis des mois maintenant. En fait, ce sera un gros clin d’œil à la (seule) période réellement passionnante de cette seconde année de Master Ingénierie Informatique : la mise en œuvre d'une architecture HA (High Availability).

De plus, ayant échoué (de peu) à ce projet durant ma formation malgré l'investissement personnel, j'ai souhaité le refaire par moi-même car cela m'a passionné et plus tard, j'espère que j'aurais l'occasion de faire plus que configurer des vhosts !

Accès rapide

LinuxHA-Logo

Au vu de la taille du sous-menu, cet article

> Continue Reading