Hi, interneteer

Welcome! Here are my most recent posts.

My Favorite Things From 2019

04 February 2020

I often think back to previous years about the best movies, games, and books that I find and wish I had recorded them somewhere. For 2019, I’m finally doing it - so here’s my biased, semi-organized, and somewhat late list of media that I really loved from 2019!

Shell Kung Fu

05 January 2019

My blog post about ssh is still the most frequently read content on my blog four years later. I’ve collected enough shell tricks that it’s about time for one of these type of posts about my favorite software tool of all time: the shell.

Going Completely Overboard with a Clustered Homelab

13 August 2018

A few months ago I rebuilt my router on an espressobin and got the itch to overhaul the rest of my homelab. While I could pick up some post-market AmaFaceGooSoft equipment for a typical high-power x86 lab, I decided to put the devops mantra of a distributed, fault-tolerant architecture to work and see how far I could get with lots of small, cheap, low-power machines instead.

In a nutshell, I’m running ~20 ARM-based single-board computer cluster that drives a container-scheduled application runtime (Nomad) backed by distributed storage (GlusterFS) with service discovery in place (Consul) to provide me with a platform to run all my applications and services with a mostly self-configured HTTPS (Let’s Encrypt) front end (Traefik). Vault, Prometheus, and a bunch of supporting applications are also deployed in order to make operating this setup secure, easy, and eminently scalable.

Building my ideal router for $50

09 April 2018

After my Asus N66U kicked the bucket, I considered a few options: another all-in-one router, upgrade to something like an EdgeRouter, or brew something custom. When I read the Ars Technica article espousing the virtues of building your own router, that pretty much settled it: DIY it is.

I’ve got somewhat of a psychological complex when it comes to rolling my own over-engineered solutions, but I did set some general goals: the end result should be cheap, low-power, well-supported by Linux, and extensible. Incidentally, ARM boards fit many of these requirements, and some like the Raspberry Pi have stirred up so much community activity that there’s great support for the ARM platform, even though it may feel foreign from x86.

I’ve managed to cobble together a device that is not only dirt cheap for what it does, but is extremely capable in its own right. If you have any interest in building your own home router, I’ll demonstrate here that doing so is not only feasible, but relatively easy to do and offers a huge amount of utility - from traffic shaping, to netflow monitoring, to dynamic DNS.

I built it using the espressobin, Arch Linux Arm, and Shorewall.

When Disks Die: A ZFS Recovery Post-Mortem

12 March 2018

I read a lot of tech success stories, but most of them revolve around building out or creating cool stuff. Last week, I had a catastrophic disk failure, and all I wanted was to find some recorded notes about disk recovery in Linux with ZFS. This is a record of my experience to illustrate the strength and maturity of ZFS on Linux and potentially help anyone in a similar situation in the future.

Systemd for (Impatient) Sysadmins

09 July 2017

systemd: it’s the init system that (some?) love to hate.

Full disclosure: I find systemd a little overbearing, although by no means would consider myself militantly anti-systemd. It has obvious advantages, and although I’m at philosophical odds with it at some levels, I see no reason why everybody shouldn’t understand it a bit better - especially now that most people will need to deal with it on their favorite distros.

Advent Of Code 2016 in Haskell

30 November 2016

I recently (finally!) finished the Advent of Code challenges using Haskell. I’m still a Haskell wannabe, but the suite of problems provided an interesting backdrop for a number of Haskell concepts that I wanted to share.

The long-form retrospective is here; if you want to see a condensed collection of a few Haskell toolchain by-products, check out my shorter summary under GitHub pages.

systemd, User Instances, Device Units, and Media Archiving

11 July 2015

I recently used systemd, HandBrake, and some simple scripts to digitize a large collection of physical media (for personal, archival use.) In this post I’ll go through systemd features that made this easier and cover all the components that make the automated pipeline work.

Kippo Honeypot Video Gallery

19 October 2014

Honeypots are rad. Their uses are varied, but I’ve used my own mostly for research (and entertainment.) It’s been running for over a year now, and I thought it would be worthwhile (and interesting) to summarize my findings.

Running Docker on CentOS - External Network Access

03 October 2014

This is just a short blip for people running Docker on CentOS who have encountered problems accessing containers from outside the localhost.

Practical Linux Pipelining

17 May 2014

There are many subtle joys associated with working almost exclusively in the command line all day: tab completion, a simple interface, and unix pipes.

SSH Kung Fu

27 April 2014

OpenSSH is an incredible tool. Though primarily relied upon as a secure alternative to plaintext remote tools like telnet or rsh, OpenSSH (hereafter referred to as plain old ssh) has become a swiss army knife of functionality for far more than just remote logins.

I rely on ssh every day for multiple purposes and feel the need to share the love for this excellent tool. What follows is a list for some of my use cases that leverage the power of ssh.

Please stop hashing passwords

20 April 2014

Have I got your attention? It’s a sensationalist title, but this is important and developers/administrators still get it wrong.

Both online and professionally, I encounter technical people still turning to traditional hashing algorithms like SHA or, Schneier forbid, MD5 when making decisions about scrambling user credentials. Even this recent question on Stack Overflow Exchange has yielded inaccurate answers. While choosing something like SHA-256 with salt isn’t necessarily a bad decision, it’s not the right decision – which, when it comes to cryptography, is critical to maintain the integrity of the system as a whole.

An Exercise in Weak Random Seed Exploitation

04 April 2014

Last weekend I participated in a capture-the-flag event sponsored by Bishop Fox and ran by students at BYU. Following the event I decided that it may be fun to try and crack the scoring software itself – so I’ve written up the process here to explain how I put the exploit together.

Docker DVWA Container How-To

02 March 2014

Docker is an interesting cgroups-based virtualization alternative that uses containers to deploy applications.

Yet Another Vim Setup

25 December 2013
Sample screenshot editing my .vimrc
Sample screenshot editing my .vimrc

Vim is an excellent text editor. I’ve used it for many years and like most vim users, have collected a fairly large collection of settings in my .vimrc and learned how to grok my vim usage effectively through a lot of trial and error.

To that end, I’ve tried to assemble a useful overview of my experience with vim.

Raspberry Pi XBMC How-To

29 December 2012
The final product
The final product

A while back I finally got my 512MB revision 2 model Raspberry Pi to successfully run OpenELEC. The picture to the right shows it running, using a shared network mount to access all of my media files.

Some folks requested a write-up detailing how I put everything together, so I’m going to try and provide a generalized walkthrough for those with the initiative to do something like this. Although I’m not assuming you’re a Linux guru, there’s some technical aspects to this - but it’s worth the effort.

The blog zygote

19 July 2012
Another blog to read, why not?
Another blog to read, why not?

Putting together all the moving pieces to get this blog to work the way I wanted took a little while. In the interest of sharing how I did it in case this helps others, I thought I’d share the approach I took.

In which I make a blog

12 June 2012

This is, hopefully, the beginning of my personal blog entries. I’ve started to blog several times over the years and only gotten this far. We’ll see how this attempt turns out.

I want to write my personal thoughts on here, technical discussions about computing, and pictures of cats in top hats if I have the resources to spare.

My email address is at the bottom of the site. If you want to give me any sort of feedback, go for it.