tl;dr - I moved from server-side stored sessions provided by Network.Wai.Session to client-side signed+encrypted session tokens provided by Wai.ClientSession for my Servant-powered webapp, it’s pretty easy, skim through to see the setup code, /login and /logout code that was required. UPDATE After posting to r/haskell, user u/cocreature pointed out the existence of the servant-auth package – it looks like an awesome solution so also make sure to give that a try before rolling your own.
tl;dr - I had to SSH tunnel with a proxy computer in the middle due to some weird ISP restrictions/regular OpenVPN not working properly for me. Basically the setup is to SSH tunnel from one machine to another, and run another tunnel on the proxy computer. I used this surprisingly low latency setup to run a SOCKS5 proxy that did the job. “Remote Port Forwarding” is what I was doing, and a super awesome blog post helped show me the way.
tl;dr - My setup of Docker on Arch Linux is having some issues, around docker0 not properly holding on to it’s IPV4 addresses (listed as inet in ip addr output). I originally though it was a problem with Alpine CDNs, but it was actually docker0 throwing up repeatedly. Short term work around I’ve found is to just create the missing link again, w/ sudo ip addr add 172.17.0.1⁄16 dev docker0.
tl;dr - Setting up piwik is pretty straight forward, since I’ve gone through the trouble of setting up a database before, and piwik’s web based setup is pretty convenient. This post is the last in the pipeline that’s related to Kubernetes for a bit. One of the most useful tools I’ve ever come across is Piwik – it’s an excellent self-hostable tool for doing web analytics like tracking visits to your website (this very site uses it as well).
tl;dr - Gandi redesigned it’s website and I like it I’m a happy user of Gandi.NET’s domain services, and I recently noticed that they went through a redesign that I thought was pretty well done (read: didn’t make me angry). It’s not like their old interface was bad by any stretch, it was pretty easy to find things, it wasn’t terrible looking, and it was pretty much consistent. I actually liked it a lot as it was.
tl;dr - Setting up Mailu on Kubernetes was pretty simple, once TLS and Ingress are all set up. It’s just a matter of configuring the ingress controller, adding the right ingress resources, and making the right resource configuration for Mailu. I encounter some (mostly self-inflicted) issues along the way, but you can find the resource config that worked for me at the end. Up until now on every VPS that I’ve purchased/used, I’ve manually set up Postfix and Dovecot and all the related services on the machine, navigating documentation, setting up additional users, adding virutal mailboxes, etc.
tl;dr - I do a web speed test on this site, get spam from a firm that does website speed consulting, I rant a little bit about it, then share a little bit about a startup idea I had at the end. I’ll be back to regular “exploring Kubernetes” related posts tomorrow! So this just happened (<5 minutes ago), but within seconds of heading over to Pingdom’s Speed test (I was really trying to test Piwik tracking on this blog), I got an email from some firm called SpeedUpgency that I’ve never heard of:
tl;dr - Rancher 2.0 is out, Check out the demo video, it’s pretty slick. I start to set up Rancher, mess up, do some debugging, and eventually get it working with a bit of a hack. Skip to the end section (named “The whole process, abdridged”) before wrap up to see the full list of steps I took for getting Rancher running on my own local single node Kubernetes cluster.
tl;dr - It’s pretty easy if you have let’s encrypt certificates set up, and Kubernetes Ingress/DNS working properly (I’ve covered how I set these up in previous posts so check them out for reference). Skim through to see the final Kubernetes resource configuration that I use in production for Passcue.me So far we’ve gone through a lot of Kubernetes related posts, from setting up Kubernetes manually on a single machine, to getting regular non-authenticated HTTP apps running on Kubernetes, to setting up a database on kubernetes and setting up letsencrypt-powered TLS certificates.
tl;dr - letsencrypt is awesome, ployst/docker-letsencrypt makes it easy to use with Kubernetes (feel free to check out the blog post that describes it). There are even easier ways to do it these days that I haven’t tried: kube-lego which looks pretty amazing. After going through figuring out how to run HTTP applications on Kubernetes, as well as how to run databases on Kubernetes, the next natural step is to figure out how to gear up to running HTTPS applications on Kubernetes.