Automated Certificates for PostgreSQL with Let's Encrypt
As I’m building out my homelab I want to make sure everything is running securely with HTTPS and ssl everywhere. If I can run everything production like it will make it much easier to graduate any services to the public later much easier. Although I have no plans on making my PostgreSQL instance public, it will be running on my local network which has a lot of different devices. It seems prudent to ensure all connections to the PostgreSQL service is encrypted. ...
Primer on CORS and SOP
Cross-Origin Resource Sharing (CORS) is something I keep running headlong into and is always notoriously difficult to debug. So I decided to dig deep into CORS and get a better understanding of what it is, why it works the way it does, and how to best work with it. To understand CORS we first need to look at web browsers and how they communicate with web services. An HTTP request is sent either through a user interaction to the browser, or a script that runs on the page. When the request is made, the browser will check it’s local storage for any cookies and send those along with the request. ...
Reduce personal data leakage using Pi-hole, the easy way
This christmas my partner and I was ready early with all the preparations, so we found ourselves with a bit of time on our hands to do things that we always meant to do, but never had the time. I’ve had a Raspberry Pi 3B sitting on my shelf for a long time that I was going to set up to run a home automation setup. I haven’t had the time to sit down and go through in detail what is required, and while waiting the online solutions have gotten a lot better. It won’t save me from if I lose internet connectivity, but good enough to work for now, so I have decided to repurpose the Raspberry Pi for a different job. ...
Demystifying Hugo Archetypes
Archetypes in Hugo is a great way to make starting off a new page, blog post, or any other types of content. It is in essence a type template that makes it a little faster to create content by automatically generating a skeleton with pre-filled metadata and content to start you of. In my blog I use it to automatically differentiate between posts and other types of content. It took me a while to get me head around how this works, so I thought I would share how I think about this feature and hopefully it will help someone that thinks the same way as I do. ...
Netlify is easier and cheaper than google cloud
After setting out to try to build a simple and cheap static blog in the google cloud platform, I’ve come to the conclusion after trying to work through all the different services and tools offered, that google cloud platform isn’t a good fit for this kind of site. And that is okay. It was a fun experiment to see what I could get going and how cheap I could get it. I was initially thinking of running a simple GKE cluster and run the site on top of that, but then with the complexities of running multiple global load balancers and certificates to make sure I support ip v4 and v6 as well as supporting redirects from www.winsnes.io to winsnes.io both for http and https. It did start getting fairly complicated, and costly, as the redirection rules do add up. ...
Root Domain Support
Now we have the website deployed on the Google Cloud Platform as a static site, it allows us to access it by going to http://www.winsnes.io. This is fantastic, but what if someone goes to http://winsnes.io? This is the second post in the ongoing series about hosting a blog on the Google Cloud Platform for cheap. When we set up a storage bucket with a static site hosted on it, we ask Google to take care of all the domain name routing that happens in the background. And Google will happily route all requests to www.winsnes.io to the static buck and display the content of the blog. But we never told google to do anything about winsnes.io, so that won’t be routed correctly. ...
Set up a blog on Google Cloud Store using Hugo
This post is the first part of a long running series about running a blog in the cloud using production ready DevOps practices on the cheap. The code in this blog post is the same code I use to run this blog, and it is all available in a public github repository. The automatic CI and CD processes will be ran directly out of this public repository, and you will be able to see all the moving parts of what makes this blog work. Any credentials and secrets will of course not be included ;) ...