A Hoverbear's Musings

Over the last couple days at asquera we’ve been on a retreat at the Landhaus Fredenwalde. It’s really beautiful out here and it’s given me a chance to work on a few small projects which I’ve been wanting to explore for awhile now. Anyways, yesterday I set up a system that uses Ansible, Let’s Encrypt, nginx, and DigitalOcean to terminate HTTP and proxy requests to arbitrary hosts. The intended use case for this is to have Github Pages sites able to be dropped onto a custom domain that is SSL enabled, but there are many other use cases which I...

Unlike most of this blog this post is not technical in the slightest, instead it’s a personal update. Though, I have been wanting to write this post for a long time now! Many things have happened in the last few months, and life is still swirling all around me. Many things seemed uncertain, other things still do. Irregardless, things are pretty darn cool. Anyways, here’s what’s happened lately. The First Degree I went Camosun College in late 2010, and transfered to the University of Victoria in 2012. As of June 2016, I’ve finished my program and recieved my degree! I’m...

This is the fifth part of an ongoing series on configuring a new server. In our last post we discussed and configured some basic tools. For all intensive purposes, our ‘root’ system is complete. What we’ll be doing now is building the infrastructure to run containers the way we want to. Before we get around to setting things up, let’s describe the what we’re up to. Currently, the only external service the server is running is ssh. We’d like our server to host more services. These services are likely to be both internal services like databases, and external services like...

This is the fourth of a series on taking up residence on a new server. In our last post we talked about how to set up some basic network services like ssh and configure iptables, our firewall. In this post we’ll talk about making your server feel like home. There are a grand number of things we can do at this point to make our time on the machine enjoyable. Take time to evaluate your choices though. This ‘root’ host is going to be our ‘control seat’ so it’s not going to be doing much more than orcestrating virtualized environments....

This is the third in a series of posts about getting settled into a server. First we talked about choosing a server, then we talked about installing a base OS on a dedicated server. In this post we’ll discuss configuring, securing, and hardening our server. In our last post we left our new server in a very, very minimal state. Heck, we didn’t even tell it it’s own name! In this post we’ll talk about configuration. Throughout this process we’re going to try to keep things simple and tightly knit. Through most of this guide you’ll need to be using...

This is the second post of a series on settling into new servers. The first was about choosing a server. This post is specifically targetted at newly acquired VPS and Dedicated servers. We’ll talk about installing our chosen distribution, configuring its basics, and familiarizing ourselves with the new metal. What Distribution? This choice is entirely dependent on your personal tastes and use case. Different distributions are catered well to different things, even different installation media of specific distributions are different enough to warrant considering. You might be interested in Ubuntu if you’re new to Linux or interested in doing things...

This is the first in a series of posts where we’ll discuss the process of obtaining, setting up, and settling into a new headless server. Along the way we’ll install Linux, configure firewalls and web servers, set up virtual machines, tinker with system knobs, explore automation tools, and generally have a great time. In this post, We’ll discuss things to keep in mind when searching for your own hosting, things to look for, and the differences between distinctions. This series is not intended to be a comprehensive guide. These are just the notes and rambling of a hobbyist server admin...

Late last year I was given an opporunity to participate in the Mozilla Winter of Security 2016! I’m happy to report it was, and still is, super cool. Plans diverted significantly at the very start of the project as it was discovered that the “menagerie” of certificates we wanted to build already existed. What joy! In order to avoid any “not-invented-here” syndrome problems we pivoted, like a failing startup, and I moved to become a contributor to BadSSL. One of my mentors, April King, happened to already be a contributor to BadSSL and helped me get acquainted with the repository...

I’ve begun redesigning my website with my own theme! With school finishing and new employment looming I decided to take the time to make my site truly my own. As a result I’ve rewritten all of the Jekyll liquid templates and styles myself and have been having a lot of fun learning how to use things like display: flexbox. I’m sure there will be bugs and people will have suggestions on how to improve things, please feel welcome to email me if you do.

This year helped again with Gathering Our Voices. I worked in the same capacity as previous years and had a similarly great time. Rather than talking at length about events I’d rather share pictures. All of these photos were taken by my friend Geoff Howe. All images are wholly owned by the BCAAFC and you may not reproduce or use them in anything without their permission. Day 1 Day 2 Day 3 Day 4