From 1fb13acf9985810194213c68404a229346a94779 Mon Sep 17 00:00:00 2001 From: davegallant Date: Tue, 2 Jan 2024 16:52:32 +0000 Subject: [PATCH] deploy: 028defa959edb68ff405be9f145b2b3149adae5c --- 404.html | 7 ++- .../16/appgate-sdp-on-arch-linux/index.html | 10 ++-- .../06/what-to-do-with-a-homelab/index.html | 10 ++-- .../08/why-i-threw-out-my-dotfiles/index.html | 10 ++-- .../index.html | 10 ++-- .../index.html | 10 ++-- .../running-k3s-in-lxc-on-proxmox/index.html | 8 +-- .../backing-up-gmail-with-synology/index.html | 10 ++-- .../index.html | 10 ++-- .../10/watching-youtube-in-private/index.html | 10 ++-- .../index.html | 10 ++-- .../index.html | 10 ++-- categories/index.html | 7 ++- categories/index.xml | 2 +- categories/page/1/index.html | 3 +- de/404.html | 4 ++ de/categories/index.html | 4 ++ de/categories/index.xml | 1 + de/categories/page/1/index.html | 2 + de/index.html | 4 ++ de/index.xml | 1 + de/page/1/index.html | 2 + de/sitemap.xml | 1 + {about => de/tags}/index.html | 11 ++-- de/tags/index.xml | 1 + de/tags/page/1/index.html | 2 + en/index.html | 2 + en/sitemap.xml | 1 + index.html | 7 ++- index.xml | 59 +++++++++++++------ ...27281cf868514bcdce21ddf23dc3520e6743e7.js} | 2 +- page/1/index.html | 3 +- page/2/index.html | 7 ++- post/index.html | 7 ++- post/index.xml | 58 ++++++++++++------ post/page/1/index.html | 3 +- post/page/2/index.html | 7 ++- sitemap.xml | 2 +- tags/aks/index.html | 7 ++- tags/aks/index.xml | 2 +- tags/aks/page/1/index.html | 3 +- tags/aws-vault/index.html | 7 ++- tags/aws-vault/index.xml | 2 +- tags/aws-vault/page/1/index.html | 3 +- tags/aws/index.html | 7 ++- tags/aws/index.xml | 2 +- tags/aws/page/1/index.html | 3 +- tags/azure/index.html | 7 ++- tags/azure/index.xml | 2 +- tags/azure/page/1/index.html | 3 +- tags/backup/index.html | 7 ++- tags/backup/index.xml | 2 +- tags/backup/page/1/index.html | 3 +- tags/bastion/index.html | 7 ++- tags/bastion/index.xml | 2 +- tags/bastion/page/1/index.html | 3 +- tags/cloud-sql-proxy/index.html | 7 ++- tags/cloud-sql-proxy/index.xml | 2 +- tags/cloud-sql-proxy/page/1/index.html | 3 +- tags/containers/index.html | 7 ++- tags/containers/index.xml | 2 +- tags/containers/page/1/index.html | 3 +- tags/database/index.html | 7 ++- tags/database/index.xml | 2 +- tags/database/page/1/index.html | 3 +- tags/degoogle/index.html | 7 ++- tags/degoogle/index.xml | 16 +++-- tags/degoogle/page/1/index.html | 3 +- tags/docker/index.html | 7 ++- tags/docker/index.xml | 2 +- tags/docker/page/1/index.html | 3 +- tags/dotfiles/index.html | 7 ++- tags/dotfiles/index.xml | 23 +++++--- tags/dotfiles/page/1/index.html | 3 +- tags/eks/index.html | 7 ++- tags/eks/index.xml | 2 +- tags/eks/page/1/index.html | 3 +- tags/gitea-actions/index.html | 7 ++- tags/gitea-actions/index.xml | 9 ++- tags/gitea-actions/page/1/index.html | 3 +- tags/gitea/index.html | 7 ++- tags/gitea/index.xml | 9 ++- tags/gitea/page/1/index.html | 3 +- tags/github-actions/index.html | 7 ++- tags/github-actions/index.xml | 9 ++- tags/github-actions/page/1/index.html | 3 +- tags/gmail/index.html | 7 ++- tags/gmail/index.xml | 2 +- tags/gmail/page/1/index.html | 3 +- tags/home-manager/index.html | 7 ++- tags/home-manager/index.xml | 23 +++++--- tags/home-manager/page/1/index.html | 3 +- tags/index.html | 7 ++- tags/index.xml | 2 +- tags/invidious/index.html | 7 ++- tags/invidious/index.xml | 16 +++-- tags/invidious/page/1/index.html | 3 +- tags/k3s/index.html | 7 ++- tags/k3s/index.xml | 2 +- tags/k3s/page/1/index.html | 3 +- tags/k8s/index.html | 7 ++- tags/k8s/index.xml | 2 +- tags/k8s/page/1/index.html | 3 +- tags/kubectl-plugin-socks5-proxy/index.html | 7 ++- tags/kubectl-plugin-socks5-proxy/index.xml | 2 +- .../page/1/index.html | 3 +- tags/linux/index.html | 7 ++- tags/linux/index.xml | 2 +- tags/linux/page/1/index.html | 3 +- tags/lxc/index.html | 7 ++- tags/lxc/index.xml | 2 +- tags/lxc/page/1/index.html | 3 +- tags/nix/index.html | 7 ++- tags/nix/index.xml | 23 +++++--- tags/nix/page/1/index.html | 3 +- tags/openwrt/index.html | 7 ++- tags/openwrt/index.xml | 16 +++-- tags/openwrt/page/1/index.html | 3 +- tags/page/1/index.html | 3 +- tags/page/2/index.html | 9 +-- tags/page/3/index.html | 9 +-- tags/page/4/index.html | 9 +-- tags/page/5/index.html | 7 ++- tags/pfsense/index.html | 7 ++- tags/pfsense/index.xml | 16 +++-- tags/pfsense/page/1/index.html | 3 +- tags/podman/index.html | 7 ++- tags/podman/index.xml | 2 +- tags/podman/page/1/index.html | 3 +- tags/privacy/index.html | 7 ++- tags/privacy/index.xml | 16 +++-- tags/privacy/page/1/index.html | 3 +- tags/proxmox/index.html | 7 ++- tags/proxmox/index.xml | 16 +++-- tags/proxmox/page/1/index.html | 3 +- tags/proxy/index.html | 7 ++- tags/proxy/index.xml | 2 +- tags/proxy/page/1/index.html | 3 +- tags/python/index.html | 7 ++- tags/python/index.xml | 2 +- tags/python/page/1/index.html | 3 +- tags/ransomware/index.html | 7 ++- tags/ransomware/index.xml | 2 +- tags/ransomware/page/1/index.html | 3 +- tags/router-on-a-stick/index.html | 7 ++- tags/router-on-a-stick/index.xml | 16 +++-- tags/router-on-a-stick/page/1/index.html | 3 +- tags/router/index.html | 7 ++- tags/router/index.xml | 16 +++-- tags/router/page/1/index.html | 3 +- tags/security/index.html | 7 ++- tags/security/index.xml | 2 +- tags/security/page/1/index.html | 3 +- tags/self-hosted/index.html | 7 ++- tags/self-hosted/index.xml | 37 ++++++++---- tags/self-hosted/page/1/index.html | 3 +- tags/socat/index.html | 7 ++- tags/socat/index.xml | 2 +- tags/socat/page/1/index.html | 3 +- tags/socks/index.html | 7 ++- tags/socks/index.xml | 2 +- tags/socks/page/1/index.html | 3 +- tags/synology/index.html | 7 ++- tags/synology/index.xml | 2 +- tags/synology/page/1/index.html | 3 +- tags/tailscale/index.html | 7 ++- tags/tailscale/index.xml | 23 +++++--- tags/tailscale/page/1/index.html | 3 +- tags/vlan/index.html | 7 ++- tags/vlan/index.xml | 16 +++-- tags/vlan/page/1/index.html | 3 +- tags/vpn/index.html | 7 ++- tags/vpn/index.xml | 2 +- tags/vpn/page/1/index.html | 3 +- tags/yewtu.be/index.html | 7 ++- tags/yewtu.be/index.xml | 16 +++-- tags/yewtu.be/page/1/index.html | 3 +- tags/youtube/index.html | 7 ++- tags/youtube/index.xml | 16 +++-- tags/youtube/page/1/index.html | 3 +- 180 files changed, 749 insertions(+), 449 deletions(-) create mode 100644 de/404.html create mode 100644 de/categories/index.html create mode 100644 de/categories/index.xml create mode 100644 de/categories/page/1/index.html create mode 100644 de/index.html create mode 100644 de/index.xml create mode 100644 de/page/1/index.html create mode 100644 de/sitemap.xml rename {about => de/tags}/index.html (63%) create mode 100644 de/tags/index.xml create mode 100644 de/tags/page/1/index.html create mode 100644 en/index.html create mode 100644 en/sitemap.xml rename js/{main.c26c1b7b76f4923d8125720886ede9ca08bfe20b924683914ba4c1c35d53667c6c2d764f5482d3860d36b9e58a50255bc22a03ff145555979852c5ec74f15e51.js => main.4be06c129d6a89e60a661c6ac8c8e0434d58fb0fa2f685f85e2c306aca62adc5e77e7c63cb1c8a2cc5794ea42927281cf868514bcdce21ddf23dc3520e6743e7.js} (98%) diff --git a/404.html b/404.html index 2c5c7ce4..46472b95 100644 --- a/404.html +++ b/404.html @@ -1,3 +1,4 @@ -404 Page not found
-

404 Page not found

This is not the page you're looking for.

Dave Gallant
-
\ No newline at end of file +404 Page not found +
+

404 Page not found

This is not the page you're looking for.

Dave Gallant
\ No newline at end of file diff --git a/blog/2020/03/16/appgate-sdp-on-arch-linux/index.html b/blog/2020/03/16/appgate-sdp-on-arch-linux/index.html index 4399e8e4..efa03cb0 100644 --- a/blog/2020/03/16/appgate-sdp-on-arch-linux/index.html +++ b/blog/2020/03/16/appgate-sdp-on-arch-linux/index.html @@ -1,5 +1,7 @@ -AppGate SDP on Arch Linux
+AppGate SDP on Arch Linux +

AppGate SDP on Arch Linux

2020-03-16 by Dave Gallant (updated: 2024-01-01)
linuxvpnpython

AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP 4.3.2 working on Arch Linux.

Depending on the AppGate SDP Server that is running, you may require a client that is more recent than the latest package on AUR. As of right now, the latest AUR is 4.2.2-1.

These steps highlight how to get it working with Python3.8 by making a 1 line modification to AppGate source code.

Packaging

We already know the community package is currently out of date, so let’s clone it:

git clone https://aur.archlinux.org/appgate-sdp.git
 cd appgate-sdp
@@ -57,6 +59,4 @@ Let’s try to run it.
This is a breaking change in Python3.8.
So what is calling platform.linux_distribution?
Let’s search for it:
$ sudo grep -r 'linux_distribution' /opt/appgate/linux/
 /opt/appgate/linux/nm.py:    if platform.linux_distribution()[0] != 'Fedora':
 
Aha! So this is in the local AppGate source code. This should be an easy fix. Let’s just replace this line with:
if True: # Since we are not using Fedora :)
-
Wrapping up
It turns out there are breaking changes in Python3.8.
The docs say Deprecated since version 3.5, will be removed in version 3.8: See alternative like the distro package.
I suppose this highlights one of the caveats of relying upon the system’s python, rather than having an isolated, dedicated environment for all dependencies.
-
Dave Gallant
-
\ No newline at end of file +

Wrapping up

It turns out there are breaking changes in Python3.8.

The docs say Deprecated since version 3.5, will be removed in version 3.8: See alternative like the distro package.

I suppose this highlights one of the caveats of relying upon the system’s python, rather than having an isolated, dedicated environment for all dependencies.

\ No newline at end of file diff --git a/blog/2021/09/06/what-to-do-with-a-homelab/index.html b/blog/2021/09/06/what-to-do-with-a-homelab/index.html index bac3c7f5..2ac774be 100644 --- a/blog/2021/09/06/what-to-do-with-a-homelab/index.html +++ b/blog/2021/09/06/what-to-do-with-a-homelab/index.html @@ -1,9 +1,9 @@ -What to do with a homelab
+What to do with a homelab +

What to do with a homelab

2021-09-06 by Dave Gallant (updated: 2024-01-01)

A homelab can be an inexpensive way to host a multitude of internal/external services and learn a lot in the process.

Do you want host your own Media server? Ad blocker? Web server? Are you interested in learning more about Linux? Virtualization? Networking? Security? Building a homelab can be an entertaining playground to enhance your computer skills.

One of the best parts about building a homelab is that it doesn’t have to be a large investment in terms of hardware. One of the simplest ways to build a homelab is out of a refurbished computer. Having multiple machines/nodes provides the advantage of increased redundancy, but starting out with a single node is enough to reap many of the benefits of having a homelab.

Virtualization

Virtualizing your hardware is an organized way of dividing up your machine’s resources. This can be done with something such as a Virtual Machine or something lighter like a container using LXC or runC. -Containers have much less overhead in terms of boot time and storage allocation. This Stack Overflow answer sums it up nicely.

image

A hypervisor such as Proxmox can be installed in minutes on a new machine. It provides a web interface and a straight-forward way to spin up new VMs and containers. Even if your plan is to run mostly docker containers, Proxmox can be a useful abstraction for managing VMs, disks and running scheduled backups. You can even run docker within an LXC container by enabling nested virtualization. You’ll want to ensure that VT-d and VT-x are enabled in the BIOS if you decide to install a hypervisor to manage your virtualization.

Services

So what are some useful services to deploy?

  • Jellyfin or Plex - basically a self-hosted Netflix that can be used to stream from multiple devices, and the best part is that you manage the content! Unlike Plex, Jellyfin is open source and can be found here.
  • changedetection - is a self-hosted equivalent to something like visualping.io that will notify you when a webpage changes and keep track of the diffs
  • Adguard or Pihole - can block a list of known trackers for all clients on your local network. I’ve used pihole for a long time, but have recently switched to Adguard since the UI is more modern and it has the ability to toggle on/off a pre-defined list of services, including Netflix (this is useful if you have stealthy young kids). Either of these will speed up your internet experience, simply because you won’t need to download all of the extra tracking bloat.
  • Gitea - A lightweight git server. I use this to mirror git repos from GitHub, GitLab, etc.
  • Homer - A customizable landing page for services you need to access (including the ability to quickly search).
  • Uptime Kuma - A fancy tool for monitoring the uptime of services.

There is a large number of services you can self-host, including your own applications that you might be developing. awesome-self-hosted provides a curated list of services that might be of interest to you.

VPN

You could certainly setup and manage your own VPN by using something like OpenVPN, but there is also something else you can try: tailscale. It is a very quick way to create fully-encrypted connections between clients. With its MagicDNS, your can reference the names of machines like homer rather than using an IP address. By using this mesh-like VPN, you can easily create a secure tunnel to your homelab from anywhere.

Monitoring

dashboard

Monitoring can become an important aspect of your homelab after it starts to become something that is relied upon. One of the simplest ways to setup some monitoring is using netdata. It can be installed on individual containers, VMs, and also a hypervisor (such as Proxmox). All of the monitoring works out of the box by detecting disks, memory, network interfaces, etc.

Additionally, agents installed on different machines can all be centrally viewed in netdata, and it can alert you when some of your infrastructure is down or in a degraded state. Adding additional nodes to netdata is as simple as a 1-line shell command.

As mentioned above, Uptime Kuma is a convenient way to track uptime and monitor the availability of your services.

uptime-kuma

In Summary

Building out a homelab can be a rewarding experience and it doesn’t require buying a rack full of expensive servers to get a significant amount of utility. There are many services that you can run that require very minimal setup, making it possible to get a server up and running in a short period of time, with monitoring, and that can be securely connected to remotely.

-
Dave Gallant
-
\ No newline at end of file +Containers have much less overhead in terms of boot time and storage allocation. This Stack Overflow answer sums it up nicely.

image

A hypervisor such as Proxmox can be installed in minutes on a new machine. It provides a web interface and a straight-forward way to spin up new VMs and containers. Even if your plan is to run mostly docker containers, Proxmox can be a useful abstraction for managing VMs, disks and running scheduled backups. You can even run docker within an LXC container by enabling nested virtualization. You’ll want to ensure that VT-d and VT-x are enabled in the BIOS if you decide to install a hypervisor to manage your virtualization.

Services

So what are some useful services to deploy?

  • Jellyfin or Plex - basically a self-hosted Netflix that can be used to stream from multiple devices, and the best part is that you manage the content! Unlike Plex, Jellyfin is open source and can be found here.
  • changedetection - is a self-hosted equivalent to something like visualping.io that will notify you when a webpage changes and keep track of the diffs
  • Adguard or Pihole - can block a list of known trackers for all clients on your local network. I’ve used pihole for a long time, but have recently switched to Adguard since the UI is more modern and it has the ability to toggle on/off a pre-defined list of services, including Netflix (this is useful if you have stealthy young kids). Either of these will speed up your internet experience, simply because you won’t need to download all of the extra tracking bloat.
  • Gitea - A lightweight git server. I use this to mirror git repos from GitHub, GitLab, etc.
  • Homer - A customizable landing page for services you need to access (including the ability to quickly search).
  • Uptime Kuma - A fancy tool for monitoring the uptime of services.

There is a large number of services you can self-host, including your own applications that you might be developing. awesome-self-hosted provides a curated list of services that might be of interest to you.

VPN

You could certainly setup and manage your own VPN by using something like OpenVPN, but there is also something else you can try: tailscale. It is a very quick way to create fully-encrypted connections between clients. With its MagicDNS, your can reference the names of machines like homer rather than using an IP address. By using this mesh-like VPN, you can easily create a secure tunnel to your homelab from anywhere.

Monitoring

dashboard

Monitoring can become an important aspect of your homelab after it starts to become something that is relied upon. One of the simplest ways to setup some monitoring is using netdata. It can be installed on individual containers, VMs, and also a hypervisor (such as Proxmox). All of the monitoring works out of the box by detecting disks, memory, network interfaces, etc.

Additionally, agents installed on different machines can all be centrally viewed in netdata, and it can alert you when some of your infrastructure is down or in a degraded state. Adding additional nodes to netdata is as simple as a 1-line shell command.

As mentioned above, Uptime Kuma is a convenient way to track uptime and monitor the availability of your services.

uptime-kuma

In Summary

Building out a homelab can be a rewarding experience and it doesn’t require buying a rack full of expensive servers to get a significant amount of utility. There are many services that you can run that require very minimal setup, making it possible to get a server up and running in a short period of time, with monitoring, and that can be securely connected to remotely.

\ No newline at end of file diff --git a/blog/2021/09/08/why-i-threw-out-my-dotfiles/index.html b/blog/2021/09/08/why-i-threw-out-my-dotfiles/index.html index 4b1fb5fb..c9886f1a 100644 --- a/blog/2021/09/08/why-i-threw-out-my-dotfiles/index.html +++ b/blog/2021/09/08/why-i-threw-out-my-dotfiles/index.html @@ -1,5 +1,7 @@ -Why I threw out my dotfiles
+Why I threw out my dotfiles +

Why I threw out my dotfiles

2021-09-08 (updated: 2024-01-01)
nixdotfileshome‑manager

Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (~/.zshrc, ~/.config/git/config, ~/.config/tmux/tmux.conf, etc). I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.

What is home-manager?

Before understanding home-manager, it is worth briefly discussing what nix is. nix is a package manager that originally spawned from a PhD thesis. Unlike other package managers, it uses symbolic links to keep track of the currently installed packages, keeping around the old ones in case you may want to rollback.

For example, I have used nix to install the package bind which includes dig. You can see that it is available on multiple platforms. The absolute path of dig can be found by running:

$ ls -lh $(which dig)
 lrwxr-xr-x 73 root 31 Dec  1969 /run/current-system/sw/bin/dig -> /nix/store/0r4qdyprljd3dki57jn6c6a8dh2rbg9g-bind-9.16.16-dnsutils/bin/dig

Notice that there is a hash included in the file path? This is a nix store path and is computed by the nix package manager. This nix pill does a good job explaining how this hash is computed. All of the nix pills are worth a read, if you are interested in learning more about nix itself. However, using home-manager does not require extensive knowledge of nix.

Part of the nix ecosystem includes nixpkgs. Many popular tools can be found already packaged in this repository. As you can see with these stats, there is a large number of existing packages that are being maintained by the community. Contributing a new package is easy, and anyone can do it!

home-manager leverages the nix package manager (and nixpkgs), as well the nix language so that you can declaratively define your system configuration. I store my nix-config in git so that I can keep track of my packages and configurations, and retain a clean and informative git commit history so that I can understand what changed and why.

Setting up home-manager

⚠️ If you run this on your main machine, make sure you backup your configuration files first. home-manager is pretty good about not overwriting existing configuration, but it is better to have a backup! Alternatively, you could test this out on a VM or cloud instance.

The first thing you should do is install nix:

curl -L https://nixos.org/nix/install | sh
@@ -108,6 +110,4 @@
   };
 }

Save the file and run:

home-manager switch
-

You should see another wave of /nix/store/* paths. The new configuration should now be active.

If you run zsh, you should see that you have starship and access to several other utils such as rg, fd, and exa.

This basic configuration above is also defining your ~/.config/git/config and .zshrc. If you already have either of these files, home-manager will complain about them already existing.

If you run cat ~/.zshrc, you will see the way these configuration files are generated.

You can extend this configuration for programs such as (neo)vim, emacs, alacritty, ssh, etc. To see other programs, take a look at home-manager/modules/programs.

Gateway To Nix

In ways, home-manager can be seen as a gateway to the nix ecosystem. If you have enjoyed the way you can declare user configuration with home-manager, you may be interested in expanding your configuration to include other system dependencies and configuration. For example, in Linux you can define your entire system’s configuration (including the kernel, kernel modules, networking, filesystems, etc) in nix. For macOS, there is nix-darwin that includes nix modules for configuring launchd, dock, and other preferences and services. You may also want to check out Nix Flakes: a more recent feature that allows you declare dependencies, and have them automatically pinned and hashed in flake.lock, similar to that of many modern package managers.

Wrapping up

The title of this post is slightly misleading, since it’s possible to retain some of your dotfiles and have them intermingle with home-manager by including them alongside nix. The idea of defining user configuration using nix can provide a clean way to maintain your configuration, and allow it to be portable across platforms. Is it worth the effort to migrate away from shell scripts and dotfiles? I’d say so.

-
Dave Gallant
-
\ No newline at end of file +

You should see another wave of /nix/store/* paths. The new configuration should now be active.

If you run zsh, you should see that you have starship and access to several other utils such as rg, fd, and exa.

This basic configuration above is also defining your ~/.config/git/config and .zshrc. If you already have either of these files, home-manager will complain about them already existing.

If you run cat ~/.zshrc, you will see the way these configuration files are generated.

You can extend this configuration for programs such as (neo)vim, emacs, alacritty, ssh, etc. To see other programs, take a look at home-manager/modules/programs.

Gateway To Nix

In ways, home-manager can be seen as a gateway to the nix ecosystem. If you have enjoyed the way you can declare user configuration with home-manager, you may be interested in expanding your configuration to include other system dependencies and configuration. For example, in Linux you can define your entire system’s configuration (including the kernel, kernel modules, networking, filesystems, etc) in nix. For macOS, there is nix-darwin that includes nix modules for configuring launchd, dock, and other preferences and services. You may also want to check out Nix Flakes: a more recent feature that allows you declare dependencies, and have them automatically pinned and hashed in flake.lock, similar to that of many modern package managers.

Wrapping up

The title of this post is slightly misleading, since it’s possible to retain some of your dotfiles and have them intermingle with home-manager by including them alongside nix. The idea of defining user configuration using nix can provide a clean way to maintain your configuration, and allow it to be portable across platforms. Is it worth the effort to migrate away from shell scripts and dotfiles? I’d say so.

\ No newline at end of file diff --git a/blog/2021/09/17/automatically-rotating-aws-access-keys/index.html b/blog/2021/09/17/automatically-rotating-aws-access-keys/index.html index 8b936327..4891dff4 100644 --- a/blog/2021/09/17/automatically-rotating-aws-access-keys/index.html +++ b/blog/2021/09/17/automatically-rotating-aws-access-keys/index.html @@ -1,8 +1,8 @@ -Automatically rotating AWS access keysAutomatically rotating AWS access keys +
-

Automatically rotating AWS access keys

2021-09-17 (updated: 2024-01-01)
awspythonsecurityaws‑vault

Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background.

In the longer term, migrating my local workflows to aws-vault seems like a more secure solution. This would mean that credentials (even temporary session credentials) never have to be written in plaintext to disk (i.e. where AWS suggests). Any existing applications, such as terraform, could be have their credentials passed to them from aws-vault, which retrieves them from the OS’s secure keystore. There is even a rotate command included.

-
Dave Gallant
-
\ No newline at end of file +In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.">
+

Automatically rotating AWS access keys

2021-09-17 (updated: 2024-01-01)
awspythonsecurityaws‑vault

Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background.

In the longer term, migrating my local workflows to aws-vault seems like a more secure solution. This would mean that credentials (even temporary session credentials) never have to be written in plaintext to disk (i.e. where AWS suggests). Any existing applications, such as terraform, could be have their credentials passed to them from aws-vault, which retrieves them from the OS’s secure keystore. There is even a rotate command included.

Dave Gallant
\ No newline at end of file diff --git a/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/index.html b/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/index.html index 24e09190..0c9a587e 100644 --- a/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/index.html +++ b/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/index.html @@ -1,5 +1,7 @@ -Replacing docker with podman on macOS (and Linux)
+Replacing docker with podman on macOS (and Linux) +

Replacing docker with podman on macOS (and Linux)

2021-10-11 (updated: 2024-01-02)
dockerpodmancontainers

There are a number of reasons why you might want to replace docker, especially on macOS. The following feature bundled in Docker Desktop might have motivated you enough to consider replacing docker:

Docker has been one of the larger influencers in the container world, helping to standardize the OCI Image Format Specification. For many developers, containers have become synonymous with terms like docker and Dockerfile (a file containing build instructions for a container image). Docker has certainly made it very convenient to build and run containers, but it is not the only solution for doing so.

This post briefly describes my experience swapping out docker for podman on macOS.

What is a container?

A container is a standard unit of software that packages up all application dependencies within it. Multiple containers can be run on a host machine all sharing the same kernel as the host. Linux namespaces help provide an isolated view of the system, including mnt, pid, net, ipc, uid, cgroup, and time. There is an in-depth video that discusses what containers are made from, and near the end there is a demonstration on how to build your own containers from the command line.

By easily allowing the necessary dependencies to live alongside the application code, containers make the “works on my machine” problem less of a problem.

Benefits of Podman

One of the most interesting features of Podman is that it is daemonless. There isn’t a process running on your system managing your containers. In contrast, the docker client is reliant upon the docker daemon (often running as root) to be able to build and run containers.

Podman is rootless by default. It is now possible to run the docker daemon rootless as well, but it’s still not the default behaviour.

I’ve also observed that so far my 2019 16" Macbook Pro hasn’t sounded like a jet engine, although I haven’t performed any disk-intensive operations yet.

Installing Podman

Running Podman on macOS is more involved than on Linux, because the podman-machine must run Linux inside of a virtual machine. Fortunately, the installation is made simple with brew (read this if you’re installing Podman on Linux):

brew install podman

The podman-machine must be started:

# This is not necessary on Linux
 podman machine init
@@ -41,6 +43,4 @@
 0
 podman start -a davegallant.github.io_hello_world_1
 Hello world
-

This should more or less provide the same results you would come to expect with docker. The README does clearly state that podman-compose is under development.

Summary

Installing Podman on macOS was not seamless, but it was manageable well within 30 minutes. I would recommend giving Podman a try to anyone who is unhappy with experiencing forced docker updates, or who is interested in using a more modern technology for running containers.

One caveat to mention is that there isn’t an official graphical user interface for Podman, but there is an open issue considering one. If you rely heavily on Docker Desktop’s UI, you may not be as interested in using podman yet.

Update: After further usage, bind mounts do not seem to work out of the box when the client and host are on different machines. A rather involved solution using sshfs was shared here.

I had been experimenting with Podman on Linux before writing this, but after listening to this podcast episode, I was inspired to give Podman a try on macOS.

-
Dave Gallant
-
\ No newline at end of file +

This should more or less provide the same results you would come to expect with docker. The README does clearly state that podman-compose is under development.

Summary

Installing Podman on macOS was not seamless, but it was manageable well within 30 minutes. I would recommend giving Podman a try to anyone who is unhappy with experiencing forced docker updates, or who is interested in using a more modern technology for running containers.

One caveat to mention is that there isn’t an official graphical user interface for Podman, but there is an open issue considering one. If you rely heavily on Docker Desktop’s UI, you may not be as interested in using podman yet.

Update: After further usage, bind mounts do not seem to work out of the box when the client and host are on different machines. A rather involved solution using sshfs was shared here.

I had been experimenting with Podman on Linux before writing this, but after listening to this podcast episode, I was inspired to give Podman a try on macOS.

\ No newline at end of file diff --git a/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/index.html b/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/index.html index 1d6d4a6f..5f584874 100644 --- a/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/index.html +++ b/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/index.html @@ -1,4 +1,6 @@ -Running K3s in LXC on Proxmox
+Running K3s in LXC on Proxmox +

Running K3s in LXC on Proxmox

2021-11-14 (updated: 2024-01-01)
k3sproxmoxlxcself‑hosted

It has been a while since I’ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I’ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it’d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment. LXC containers also provide an efficient way to use a machine’s resources.

What is K3s?

K3s is a Kubernetes distro that advertises itself as a lightweight binary with a much smaller memory-footprint than traditional k8s. K3s is not a fork of k8s as it seeks to remain as close to upstream as it possibly can.

Configure Proxmox

This gist contains snippets and discussion on how to deploy K3s in LXC on Proxmox. It mentions that bridge-nf-call-iptables should be loaded, but I did not understand the benefit of doing this.

Disable swap

There is an issue on Kubernetes regarding swap here. There claims to be support for swap in 1.22, but for now let’s disable it:

sudo sysctl vm.swappiness=0
 sudo swapoff -a

It might be worth experimenting with swap enabled in the future to see how that might affect performance.

Enable IP Forwarding

To avoid IP Forwarding issues with Traefik, run the following on the host:

sudo sysctl net.ipv4.ip_forward=1
@@ -42,6 +44,4 @@ As of 2021/11, it is still defaulting to the 1.19 channel, so I overrode it to 1
 
 NAME                                                           REFERENCE                             TARGETS   MINPODS   MAXPODS   REPLICAS   AGE
 horizontalpodautoscaler.autoscaling/tekton-pipelines-webhook   Deployment/tekton-pipelines-webhook   9%/100%   1         5         1          12h
-

I made sure to install Tailscale in the container so that I can easily access K3s from anywhere.

If I’m feeling adventurous, I might experiment with K3s rootless.

-
Dave Gallant
-
\ No newline at end of file +

I made sure to install Tailscale in the container so that I can easily access K3s from anywhere.

If I’m feeling adventurous, I might experiment with K3s rootless.

\ No newline at end of file diff --git a/blog/2022/03/13/backing-up-gmail-with-synology/index.html b/blog/2022/03/13/backing-up-gmail-with-synology/index.html index 79983f06..627ce5a6 100644 --- a/blog/2022/03/13/backing-up-gmail-with-synology/index.html +++ b/blog/2022/03/13/backing-up-gmail-with-synology/index.html @@ -1,6 +1,6 @@ -Backing up gmail with Synology
+Backing up gmail with Synology +

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

The thought of completely de-googling has crossed my mind on occassion. Convenience, coupled with my admiration for Google engineering, has prevented me from doing so thus far. Though, I may end up doing so at some point in the future.

Synology MailPlus Server

Synology products are reasonably priced for what you get (essentially a cloud-in-a-box) and there is very little maintenance required. I’ve recently been in interested in syncing and snapshotting my personal data. I’ve setup Synology’s Cloud Sync and keep copies of most of my cloud data.

I’ve used tools such as gmvault with success in the past. Setting this up on a cron seems like a viable option. However, I don’t really need a lot of the features it offers and do not plan to restore this data to another account.

Synology’s MailPlus seems to be a good candidate for backing up this data. By enabling POP3 fetching, it’s possible to fetch all existing emails, as well as periodically fetch all new emails. If a disaster ever did occur, having these emails would be beneficial, as they are an extension of my memory bank.

Installing MailPlus can be done from the Package Center:

image

Next, I went into Synology MailPlus Server and on the left, clicked on Account and ensured my user was marked as active.

Afterwords, I followed these instructions in order to start backing up emails.

When entering the POP3 credentials, I created an app password solely for authenticating to POP3 from the Synology device. This is required because I have 2-Step verification enabled on my account. There doesn’t seem to be a more secure way to access POP3 at the moment. It does seem like app password access is limited in scope (when MFA is enabled). These app passwords can’t be used to login to the main Google account.

I made sure to set the Fetch Range to All in order to get all emails from the beginning of time.

After this, mail started coming in.

image

After fetching 19 years worth of emails, I tried searching for some emails. It only took a few seconds to search through ~50K emails, which is a relief if I ever did have to search for something important.

Securing Synology

Since Synology devices are not hermetically sealed, it’s best to secure them by enabling MFA to help prevent being the victim of ransomware. It is also wise to backup your system settings and volumes to the cloud using a tool such as Hyper Backup. -Encrypting your shared volumes should also be done, since unfortunately DSM does not support full disk encryption.

Summary

Having backups of various forms of cloud data is a good investment, especially in times of war. I certainly feel more at ease for having backed up my emails.

-
Dave Gallant
-
\ No newline at end of file +Encrypting your shared volumes should also be done, since unfortunately DSM does not support full disk encryption.

Summary

Having backups of various forms of cloud data is a good investment, especially in times of war. I certainly feel more at ease for having backed up my emails.

\ No newline at end of file diff --git a/blog/2022/04/02/virtualizing-my-router-with-pfsense/index.html b/blog/2022/04/02/virtualizing-my-router-with-pfsense/index.html index 14a19c90..0134b3c6 100644 --- a/blog/2022/04/02/virtualizing-my-router-with-pfsense/index.html +++ b/blog/2022/04/02/virtualizing-my-router-with-pfsense/index.html @@ -1,6 +1,6 @@ -Virtualizing my router with pfSense
+Virtualizing my router with pfSense +

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

pfSense

I figured this would be a good opportunity to try pfSense. I’ve heard nothing but positive things about pfSense and the fact it’s been around since 2004, based on FreeBSD, and written in PHP gave me the impression that it would be relatively stable (and I’d expect nothing less because it has an important job to do!). pfSense can be run on many different machines, and there are even some officially supported appliances. Since I already have a machine running Proxmox, why not just run it in a VM? It’d allow for automatic snapshotting of the machine. There is a good video on this by Techno Tim. Tim has a lot of good videos, and this one is about virtualizing pfSense.

Router on a stick

I had initially made the assumption that in order to build a router, you would need more than a single NIC (or a dual-port NIC) in order to support both WAN and LAN. This is simply not the case, because VLANs are awesome! In order to create a router, all you need is a single port NIC and a network switch that supports VLANs (also marketed as a managed switch). I picked up the Netgear GS308E because it has both a sufficient amount of ports for my needs, and it supports VLANs. It also has a nice sturdy metal frame which was a pleasant surprise.

After setting up this Netgear switch, it shoud be possible to access the web interface at http://192.168.0.239. It may be at a different address. To find the address, try checking your DHCP leases in your router interface (if you plugged it into an existing router). I realized I was unable to access this interface because I was on a different subnet, so I set my machine’s address to 192.168.0.22 in order to temporarily setup this switch. I assigned a static ip address to the switch (in System > Switch Information) so that it was in the same subnet as the rest of my network.

The web interface is nothing spectactular, but it allows for managing VLANs.

The following configuration will:

  • assign port 1 to be the LAN (connected to the Proxmox machine)
  • assign port 8 to be the WAN (connected to my ISP’s modem)

In the switch’s web interface, I went to VLAN and then 802.1Q, and then clicked on VLAN Configuration. I configured the ports to look like this:

vlan-config

Note that the VLAN Identifier Setting has been setup already with two VLANs (1 and 10). More VLANs can be created (i.e. to isolate IoT devices), but 2 VLANs is all we need for the initial setup of a router.

To replicate the above configuration, add a new VLAN ID 10 (1 should exist by default).

Next, go into VLAN Membership and configure VLAN 1’s port membership to be the following:

vlan-membership-1

and then configure VLAN 10’s port membership to be the following:

vlan-membership-10

Now, go into Port PVID and ensure that port 8 is set to PVID 10.

vlan-port-pvid

This above configuration will dedicate two of the eight ports to WAN and LAN. This will allow the internet to flow into the pfSense from the modem.

Setting up pfSense

pfSense is fairly easy to setup. Just download the latest ISO and boot up the virtual machine. -When setting up the machine, I mostly went with all of the defaults. Configuration can be changed later in the web interface, which is quite a bit simpler.

Since VLANs are going to be leveraged, when you go to Assign Interfaces, VLANs should be setup now like the following:

  • WAN should be vtnet0.10
  • LAN should be vtnet0

After going through the rest of the installation, if everything is connected correctly it should display both WAN and LAN addresses.

If all goes well, the web interface should be running at https://192.168.1.1.

pfsense-dashboard

And this is where the fun begins. There are many tutorials and blogs about how to setup pfSense and various services and packages that can be installed. I’ve already installed pfBlocker-NG.

Summary

It is fairly simple to setup a router with pfSense from within a virtual machine. A physical dedicated routing machine is not necessary and often does not perform as well as software running on faster and more reliable hardware. So far, pfSense has been running for over a week without a single hiccup. pfSense is a mature piece of software that is incredibly powerful and flexible. To avoid some of the instability I had experienced with OpenWrt, I enabled AutoConfigBackup, which is capable of automatically backing up configuration upon every change. I plan to explore and experiment with more services and configuration in the future, so the ability to track all of these changes gives me the peace of mind that experimentation is safe.

-
Dave Gallant
-
\ No newline at end of file +When setting up the machine, I mostly went with all of the defaults. Configuration can be changed later in the web interface, which is quite a bit simpler.

Since VLANs are going to be leveraged, when you go to Assign Interfaces, VLANs should be setup now like the following:

  • WAN should be vtnet0.10
  • LAN should be vtnet0

After going through the rest of the installation, if everything is connected correctly it should display both WAN and LAN addresses.

If all goes well, the web interface should be running at https://192.168.1.1.

pfsense-dashboard

And this is where the fun begins. There are many tutorials and blogs about how to setup pfSense and various services and packages that can be installed. I’ve already installed pfBlocker-NG.

Summary

It is fairly simple to setup a router with pfSense from within a virtual machine. A physical dedicated routing machine is not necessary and often does not perform as well as software running on faster and more reliable hardware. So far, pfSense has been running for over a week without a single hiccup. pfSense is a mature piece of software that is incredibly powerful and flexible. To avoid some of the instability I had experienced with OpenWrt, I enabled AutoConfigBackup, which is capable of automatically backing up configuration upon every change. I plan to explore and experiment with more services and configuration in the future, so the ability to track all of these changes gives me the peace of mind that experimentation is safe.

\ No newline at end of file diff --git a/blog/2022/12/10/watching-youtube-in-private/index.html b/blog/2022/12/10/watching-youtube-in-private/index.html index 41545a89..c4a02aa6 100644 --- a/blog/2022/12/10/watching-youtube-in-private/index.html +++ b/blog/2022/12/10/watching-youtube-in-private/index.html @@ -1,5 +1,7 @@ -Watching YouTube in private
+Watching YouTube in private +

Watching YouTube in private

2022-12-10 (updated: 2024-01-01)
invidiousdegoogleyoutubeyewtu.betailscaleprivacyself‑hosted

I recently stumbled upon yewtu.be and found it intriguing. It not only allows you to watch YouTube without being on YouTube, but it also allows you to create an account and subscribe to channels without a Google account. What sort of wizardry is going on under the hood? It turns out that it’s a hosted instance of invidious.

image

The layout is simple, and JavaScript is not required.

I started using yewtu.be as my primary client for watching videos. I subscribe to several YouTube channels and I prefer the interface invidiuous provides due to its simplicity. It’s also nice to be in control of my search and watch history.

A few days ago, yewtu.be went down briefly, and that motivated me enough to self-host invidious. There are several other hosted instances listed here, but being able to easily backup my own instance (including subscriptions and watch history) is more compelling in my case.

Hosting invidious

The quickest way to get invidious up is with docker-compose as mentioned in the docs.

I made a few modifications, and ended up with:

version: "3"
 services:
   invidious:
@@ -40,6 +42,4 @@
 
 volumes:
   postgresdata:
-

After invidious was up and running, I installed Tailscale on it to leverage its MagicDNS, and I’m now able to access this instance from anywhere at http://invidious:3000/feed/subscriptions.

I figured it would be nice to redirect existing YouTube links that others send me, so that I could seamlessly watch the videos using invidious.

I went looking for a way to redirect paths at the browser level. I found the lightweight proxy requestly, which can be used to modify http requests in my browser. I created the following rules:

requestly

Now the link https://www.youtube.com/watch?v=-lz30by8-sU will redirect to http://invidious:3000/watch?v=-lz30by8-sU

I’m still looking for ways to improve this invidious setup. There doesn’t appear to be a way to stream in 4K yet.

-
Dave Gallant
-
\ No newline at end of file +

After invidious was up and running, I installed Tailscale on it to leverage its MagicDNS, and I’m now able to access this instance from anywhere at http://invidious:3000/feed/subscriptions.

I figured it would be nice to redirect existing YouTube links that others send me, so that I could seamlessly watch the videos using invidious.

I went looking for a way to redirect paths at the browser level. I found the lightweight proxy requestly, which can be used to modify http requests in my browser. I created the following rules:

requestly

Now the link https://www.youtube.com/watch?v=-lz30by8-sU will redirect to http://invidious:3000/watch?v=-lz30by8-sU

I’m still looking for ways to improve this invidious setup. There doesn’t appear to be a way to stream in 4K yet.

\ No newline at end of file diff --git a/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/index.html b/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/index.html index 65557230..3519f367 100644 --- a/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/index.html +++ b/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/index.html @@ -1,5 +1,7 @@ -Using AKS and SOCKS to connect to a private Azure DB
+Using AKS and SOCKS to connect to a private Azure DB +

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Go Public?

Should the database be migrated to public subnets? Ideally not, since it is good practice to host internal infrastructure in restricted subnets.

How do others handle this?

With GCP, connecting to a private db instance from any machine can be achieved with cloud-sql-proxy. This works by proxying requests from your machine to the SQL database instance in the cloud, while the authentication is handled by GCP’s IAM.

So what about Azure? Is there any solution that is as elegant as cloud-sql-proxy?

A Bastion

Similar to what AWS has recommended, perhaps a bastion is the way forward?

Azure has a fully-managed service called Azure Bastion that provides secure access to virtual machines that do not have public IPs. This looks interesting, but unfortunately it costs money and requires an additional virtual machine.

Because this adds cost (and complexity), it does not seem like a desirable option in its current state. If it provided a more seamless connection to the database, it would be more appealing.

SOCKS

2023-12-13: An alternative to using a socks proxy is socat. This would allow you to relay tcp connections to a pod running in k8s, and then port-forward them to your localhost. If this sounds more appealing, install krew-net-forward and then run “kubectl net-forward -i mydb.postgres.database.azure.com -p 5432 -l 5432” to access the database through “localhost:5432”

SOCKS is a protocol that enables a way to proxy connections by exchanging network packets between the client and the server. There are many implementations and many readily available container images that can run a SOCKS server.

It’s possible to use this sort of proxy to connect to a private DB, but is it any simpler than using a virtual machine as a jumphost? It wasn’t until I stumbled upon kubectl-plugin-socks5-proxy that I was convinced that using SOCKS could be made simple.

So how does it work? By installing the kubectl plugin and then running kubectl socks5-proxy, a SOCKS proxy server is spun up in a pod and then opens up port-forwarding session using kubectl.

As you can see below, this k8s plugin is wrapped up nicely:

$ kubectl socks5-proxy
@@ -9,6 +11,4 @@ If this sounds more appealing, install using: image=serjs/go-socks5-proxy
 Creating SOCKS5 Proxy (Pod)...
 pod/davegallant-proxy created
-

With the above proxy connection open, it is possible to access both the DNS and private IPs accessible within the k8s cluster. In this case, I am able to access the private database, since there is network connectivity between the k8s cluster and the database.

Caveats and Conclusion

The above outlined solution makes some assumptions:

  • there is a k8s cluster
  • the k8s cluster has network connectivity to the desired private database

If these stars align, than this solution might work as a stopgap for accessing a private Azure DB (and I’m assuming this could work similarly on AWS).

It would be nice if Azure provided tooling similar to cloud-sql-proxy, so that using private databases would be more of a convenient experience.

One other thing to note is that some clients (such as dbeaver) do not provide DNS resolution over SOCKS. So in this case, you won’t be able to use DNS as if you were inside the cluster, but instead have to rely on knowing private ip addresses.

-
Dave Gallant
-
\ No newline at end of file +

With the above proxy connection open, it is possible to access both the DNS and private IPs accessible within the k8s cluster. In this case, I am able to access the private database, since there is network connectivity between the k8s cluster and the database.

Caveats and Conclusion

The above outlined solution makes some assumptions:

If these stars align, than this solution might work as a stopgap for accessing a private Azure DB (and I’m assuming this could work similarly on AWS).

It would be nice if Azure provided tooling similar to cloud-sql-proxy, so that using private databases would be more of a convenient experience.

One other thing to note is that some clients (such as dbeaver) do not provide DNS resolution over SOCKS. So in this case, you won’t be able to use DNS as if you were inside the cluster, but instead have to rely on knowing private ip addresses.

\ No newline at end of file diff --git a/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/index.html b/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/index.html index 3b206611..3ca91a2c 100644 --- a/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/index.html +++ b/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/index.html @@ -1,5 +1,7 @@ -Setting up Gitea Actions with Tailscale
+Setting up Gitea Actions with Tailscale +

Setting up Gitea Actions with Tailscale

2023-12-10 (updated: 2024-01-01)
giteagitea‑actionsgithub‑actionstailscaleself‑hosted

In this post I’ll go through the process of setting up Gitea Actions and Tailscale, unlocking a simple and secure way to automate workflows.

What is Gitea?

Gitea is a lightweight and fast git server that has much of the same look and feel as github. I have been using it in my homelab to mirror repositories hosted on other platforms such as github and gitlab. These mirrors take advantage of the decentralized nature of git by serving as “backups”. One of the main reasons I hadn’t been using it more often was due to the lack of integrated CI/CD. This is no longer the case.

Gitea Actions

Gitea Actions have made it into the 1.19.0 release. This feature had been in an experimental state up until 1.21.0 and is now enabled by default 🎉.

So what are they? If you’ve ever used GitHub Actions (and if you’re reading this, I imagine you have), these will look familiar. Gitea Actions essentially enable the ability to run github workflows on gitea. Workflows between gitea and github are not completely interopable, but a lot of the same workflow syntax is already compatible on gitea. You can find a documented list of unsupported workflows syntax.

Actions work by using a custom fork of nekos/act. Workflows run in a new container for every job. If you specify an action such as ‘actions/checkout@v3’, it defaults to downloading the scripts from github.com. To avoid internet egress, you could always clone the required actions to your local gitea instance.

Actions (gitea’s implementation) has me excited because it makes spinning up a network-isolated environment for workflow automation incredibly simple.

Integration with Tailscale

So how does Tailscale help here? Well, more recently I’ve been exposing my self-hosted services through a combination of traefik and the tailscale (through the tailscale-traefik proxy integration described here). This allows for a nice looking dns name (i.e. gitea.my-tailnet-name.ts.net) and automatic tls certificate management. I can also share this tailscale node securely with other tailscale users without configuring any firewall rules on my router.

Deploying Gitea, Traefik, and Tailscale

In my case, the following is already set up:

My preferred approach to deploying code in a homelab environment is with docker compose. I have deployed this in a proxmox lxc container based on debian with a hostname gitea. This could be deployed in any environment and with any hostname (as long you updated the tailscale machine name to your preferred subdomain for magic dns).

The docker-compose.yaml file looks like:

version: "3.7"
 services:
   gitea:
@@ -106,6 +108,4 @@
           from: RFD Notify
           body: |
             ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_number }}            
-

And voilà:

You may be wondering how the gitea runner is allowed to connect to the other hosts using ansible? Well, the nodes are in the same tailnet and have tailscale ssh enabled.

Areas for improvement

One enhancement that I would like to see is the ability to send notifications on workflow failures. Currently, this doesn’t seem possible without adding logic to each workflow.

Conclusion

Gitea Actions are fast and the resource footprint is minimal. My gitea instance is currently using around 250mb of memory and a small fraction of a single cpu core (and the runner is using a similar amount of resources). This is impressive since many alternatives tend to require substantially more resources. It likely helps that the codebase is largely written in go.

By combining gitea with the networking marvel that is tailscale, running workflows becomes simple and fun. Whether you are working on a team or working alone, this setup ensures that your workflows are securely accessible from anywhere with an internet connection.

-
Dave Gallant
-
\ No newline at end of file +

And voilà:

You may be wondering how the gitea runner is allowed to connect to the other hosts using ansible? Well, the nodes are in the same tailnet and have tailscale ssh enabled.

Areas for improvement

One enhancement that I would like to see is the ability to send notifications on workflow failures. Currently, this doesn’t seem possible without adding logic to each workflow.

Conclusion

Gitea Actions are fast and the resource footprint is minimal. My gitea instance is currently using around 250mb of memory and a small fraction of a single cpu core (and the runner is using a similar amount of resources). This is impressive since many alternatives tend to require substantially more resources. It likely helps that the codebase is largely written in go.

By combining gitea with the networking marvel that is tailscale, running workflows becomes simple and fun. Whether you are working on a team or working alone, this setup ensures that your workflows are securely accessible from anywhere with an internet connection.

\ No newline at end of file diff --git a/categories/index.html b/categories/index.html index af4ae56d..2268d4ef 100644 --- a/categories/index.html +++ b/categories/index.html @@ -1,3 +1,4 @@ -Categories
-

Categories

Dave Gallant
-
\ No newline at end of file +Categories +
+

Categories

Dave Gallant
\ No newline at end of file diff --git a/categories/index.xml b/categories/index.xml index a0738453..1f60b042 100644 --- a/categories/index.xml +++ b/categories/index.xml @@ -1 +1 @@ -Categories on/categories/Recent content in Categories onHugo -- gohugo.ioDave Gallant \ No newline at end of file +Categories on/categories/Recent content in Categories onHugo -- gohugo.ioenDave Gallant \ No newline at end of file diff --git a/categories/page/1/index.html b/categories/page/1/index.html index 0cf4ee08..fba1ffa4 100644 --- a/categories/page/1/index.html +++ b/categories/page/1/index.html @@ -1 +1,2 @@ -/categories/ \ No newline at end of file +/categories/ + \ No newline at end of file diff --git a/de/404.html b/de/404.html new file mode 100644 index 00000000..2cdf08d2 --- /dev/null +++ b/de/404.html @@ -0,0 +1,4 @@ +404 Page not found +
+

404 Page not found

This is not the page you're looking for.

Dave Gallant
\ No newline at end of file diff --git a/de/categories/index.html b/de/categories/index.html new file mode 100644 index 00000000..52029d19 --- /dev/null +++ b/de/categories/index.html @@ -0,0 +1,4 @@ +Categories +
+

Categories

Dave Gallant
\ No newline at end of file diff --git a/de/categories/index.xml b/de/categories/index.xml new file mode 100644 index 00000000..5500dbe4 --- /dev/null +++ b/de/categories/index.xml @@ -0,0 +1 @@ +Categories on/de/categories/Recent content in Categories onHugo -- gohugo.iodeDave Gallant \ No newline at end of file diff --git a/de/categories/page/1/index.html b/de/categories/page/1/index.html new file mode 100644 index 00000000..878fa480 --- /dev/null +++ b/de/categories/page/1/index.html @@ -0,0 +1,2 @@ +/de/categories/ + \ No newline at end of file diff --git a/de/index.html b/de/index.html new file mode 100644 index 00000000..0fd3f058 --- /dev/null +++ b/de/index.html @@ -0,0 +1,4 @@ + +
+

Dave Gallant
\ No newline at end of file diff --git a/de/index.xml b/de/index.xml new file mode 100644 index 00000000..5fae467e --- /dev/null +++ b/de/index.xml @@ -0,0 +1 @@ +<link>/de/</link><description>Recent content on</description><generator>Hugo -- gohugo.io</generator><language>de</language><copyright>Dave Gallant</copyright><atom:link href="/de/index.xml" rel="self" type="application/rss+xml"/></channel></rss> \ No newline at end of file diff --git a/de/page/1/index.html b/de/page/1/index.html new file mode 100644 index 00000000..e8cef229 --- /dev/null +++ b/de/page/1/index.html @@ -0,0 +1,2 @@ +<!doctype html><html lang=de><head><title>/de/ + \ No newline at end of file diff --git a/de/sitemap.xml b/de/sitemap.xml new file mode 100644 index 00000000..f1a96168 --- /dev/null +++ b/de/sitemap.xml @@ -0,0 +1 @@ +/de//de/categories//de/tags/ \ No newline at end of file diff --git a/about/index.html b/de/tags/index.html similarity index 63% rename from about/index.html rename to de/tags/index.html index 8788c46a..85d8f289 100644 --- a/about/index.html +++ b/de/tags/index.html @@ -1,7 +1,4 @@ -About
-

About

I’m a software tinkerer with a passion for infrastructure, tooling, security, and coffee.

Feel free to reach out at me@davegallant.ca.

Dave Gallant
-
\ No newline at end of file +Tags +
+

Tags

Dave Gallant
\ No newline at end of file diff --git a/de/tags/index.xml b/de/tags/index.xml new file mode 100644 index 00000000..0e748eea --- /dev/null +++ b/de/tags/index.xml @@ -0,0 +1 @@ +Tags on/de/tags/Recent content in Tags onHugo -- gohugo.iodeDave Gallant \ No newline at end of file diff --git a/de/tags/page/1/index.html b/de/tags/page/1/index.html new file mode 100644 index 00000000..d883f59d --- /dev/null +++ b/de/tags/page/1/index.html @@ -0,0 +1,2 @@ +/de/tags/ + \ No newline at end of file diff --git a/en/index.html b/en/index.html new file mode 100644 index 00000000..d6e6da9b --- /dev/null +++ b/en/index.html @@ -0,0 +1,2 @@ +/ + \ No newline at end of file diff --git a/en/sitemap.xml b/en/sitemap.xml new file mode 100644 index 00000000..d31e1db1 --- /dev/null +++ b/en/sitemap.xml @@ -0,0 +1 @@ +/2024-01-02T09:33:25-05:00/tags/gitea/2024-01-01T23:33:36-05:00/tags/gitea-actions/2024-01-01T23:33:36-05:00/tags/github-actions/2024-01-01T23:33:36-05:00/post/2024-01-02T09:33:25-05:00/tags/self-hosted/2024-01-01T23:33:36-05:00/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/2024-01-01T23:33:36-05:00/tags/2024-01-02T09:33:25-05:00/tags/tailscale/2024-01-01T23:33:36-05:00/tags/aks/2024-01-01T23:33:36-05:00/tags/aws/2024-01-01T23:33:36-05:00/tags/azure/2024-01-01T23:33:36-05:00/tags/bastion/2024-01-01T23:33:36-05:00/tags/cloud-sql-proxy/2024-01-01T23:33:36-05:00/tags/database/2024-01-01T23:33:36-05:00/tags/eks/2024-01-01T23:33:36-05:00/tags/k8s/2024-01-01T23:33:36-05:00/tags/kubectl-plugin-socks5-proxy/2024-01-01T23:33:36-05:00/tags/proxy/2024-01-01T23:33:36-05:00/tags/socat/2024-01-01T23:33:36-05:00/tags/socks/2024-01-01T23:33:36-05:00/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/2024-01-01T23:33:36-05:00/tags/degoogle/2024-01-01T23:33:36-05:00/tags/invidious/2024-01-01T23:33:36-05:00/tags/privacy/2024-01-01T23:33:36-05:00/blog/2022/12/10/watching-youtube-in-private/2024-01-01T23:33:36-05:00/tags/yewtu.be/2024-01-01T23:33:36-05:00/tags/youtube/2024-01-01T23:33:36-05:00/tags/openwrt/2024-01-01T23:33:36-05:00/tags/pfsense/2024-01-01T23:33:36-05:00/tags/proxmox/2024-01-01T23:33:36-05:00/tags/router/2024-01-01T23:33:36-05:00/tags/router-on-a-stick/2024-01-01T23:33:36-05:00/blog/2022/04/02/virtualizing-my-router-with-pfsense/2024-01-01T23:33:36-05:00/tags/vlan/2024-01-01T23:33:36-05:00/blog/2022/03/13/backing-up-gmail-with-synology/2024-01-01T23:33:36-05:00/tags/backup/2024-01-01T23:33:36-05:00/tags/gmail/2024-01-01T23:33:36-05:00/tags/ransomware/2024-01-01T23:33:36-05:00/tags/synology/2024-01-01T23:33:36-05:00/tags/k3s/2024-01-01T23:33:36-05:00/tags/lxc/2024-01-01T23:33:36-05:00/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/2024-01-01T23:33:36-05:00/tags/containers/2024-01-02T09:33:25-05:00/tags/docker/2024-01-02T09:33:25-05:00/tags/podman/2024-01-02T09:33:25-05:00/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/2024-01-02T09:33:25-05:00/blog/2021/09/17/automatically-rotating-aws-access-keys/2024-01-01T23:33:36-05:00/tags/aws-vault/2024-01-01T23:33:36-05:00/tags/python/2024-01-01T23:33:36-05:00/tags/security/2024-01-01T23:33:36-05:00/tags/dotfiles/2024-01-01T23:33:36-05:00/tags/home-manager/2024-01-01T23:33:36-05:00/tags/nix/2024-01-01T23:33:36-05:00/blog/2021/09/08/why-i-threw-out-my-dotfiles/2024-01-01T23:33:36-05:00/blog/2021/09/06/what-to-do-with-a-homelab/2024-01-01T23:33:36-05:00/blog/2020/03/16/appgate-sdp-on-arch-linux/2024-01-01T23:33:36-05:00/tags/linux/2024-01-01T23:33:36-05:00/tags/vpn/2024-01-01T23:33:36-05:00/categories/ \ No newline at end of file diff --git a/index.html b/index.html index ec0c205a..fd226bf4 100644 --- a/index.html +++ b/index.html @@ -1,4 +1,5 @@ -— Software Engineer
+— Software Engineer +

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

Read more >

Running K3s in LXC on Proxmox

2021-11-14 (updated: 2024-01-01)
k3sproxmoxlxcself‑hosted
It has been a while since I’ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I’ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it’d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment.
Read more >

Automatically rotating AWS access keys

2021-09-17 (updated: 2024-01-01)
awspythonsecurityaws‑vault
Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. -In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.
Read more >

Why I threw out my dotfiles

2021-09-08 (updated: 2024-01-01)
nixdotfileshome‑manager

Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (~/.zshrc, ~/.config/git/config, ~/.config/tmux/tmux.conf, etc). I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.

Read more >

What to do with a homelab

2021-09-06 by Dave Gallant (updated: 2024-01-01)

A homelab can be an inexpensive way to host a multitude of internal/external services and learn a lot in the process.

Read more >
Dave Gallant
-
\ No newline at end of file +In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.
Read more >

Why I threw out my dotfiles

2021-09-08 (updated: 2024-01-01)
nixdotfileshome‑manager

Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (~/.zshrc, ~/.config/git/config, ~/.config/tmux/tmux.conf, etc). I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.

Read more >

What to do with a homelab

2021-09-06 by Dave Gallant (updated: 2024-01-01)

A homelab can be an inexpensive way to host a multitude of internal/external services and learn a lot in the process.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/index.xml b/index.xml index e508721d..0e580abf 100644 --- a/index.xml +++ b/index.xml @@ -1,27 +1,50 @@ -<link>/</link><description>Recent content on</description><generator>Hugo -- gohugo.io</generator><copyright>Dave Gallant</copyright><lastBuildDate>Sun, 10 Dec 2023 17:22:11 -0500</lastBuildDate><atom:link href="/index.xml" rel="self" type="application/rss+xml"/><item><title>About/about/Mon, 01 Jan 0001 00:00:00 +0000/about/I&rsquo;m a software tinkerer with a passion for infrastructure, tooling, security, and coffee. -Feel free to reach out at me@davegallant.ca.Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a -href="https://tailscale.com/" -class="link--external" target="_blank" rel="noreferrer" +<link>/</link><description>Recent content on</description><generator>Hugo -- gohugo.io</generator><language>en</language><copyright>Dave Gallant</copyright><lastBuildDate>Sun, 10 Dec 2023 17:22:11 -0500</lastBuildDate><atom:link href="/index.xml" rel="self" type="application/rss+xml"/><item><title>Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a + href="https://tailscale.com/" + + + class="link--external" target="_blank" rel="noreferrer" + >Tailscale</a>, unlocking a simple and secure way to automate workflows.</p>Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p>Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a -href="https://yewtu.be" -class="link--external" target="_blank" rel="noreferrer" + href="https://yewtu.be" + + + class="link--external" target="_blank" rel="noreferrer" + >yewtu.be</a> and found it intriguing. It not only allows you to watch YouTube without <em>being on YouTube</em>, but it also allows you to create an account and subscribe to channels without a Google account. What sort of wizardry is going on under the hood? It turns out that it&rsquo;s a hosted instance of <a -href="https://invidious.io/" -class="link--external" target="_blank" rel="noreferrer" + href="https://invidious.io/" + + + class="link--external" target="_blank" rel="noreferrer" + >invidious</a>.</p>Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a -href="https://en.wikipedia.org/wiki/OpenWrt" -class="link--external" target="_blank" rel="noreferrer" + href="https://en.wikipedia.org/wiki/OpenWrt" + + + class="link--external" target="_blank" rel="noreferrer" + >OpenWrt</a> for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a <a -href="https://openwrt.org/packages/index/start" -class="link--external" target="_blank" rel="noreferrer" + href="https://openwrt.org/packages/index/start" + + + class="link--external" target="_blank" rel="noreferrer" + >large index of packages</a>. Ever since I&rsquo;ve connected some standalone wireless access points, I&rsquo;ve had less of a need for an off-the-shelf all-in-one wireless router combo. I&rsquo;ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!</p>Backing up gmail with Synology/blog/2022/03/13/backing-up-gmail-with-synology/Sun, 13 Mar 2022 18:49:10 -0400/blog/2022/03/13/backing-up-gmail-with-synology/<p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p>Running K3s in LXC on Proxmox/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/Sun, 14 Nov 2021 10:07:03 -0500/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/It has been a while since I&rsquo;ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I&rsquo;ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it&rsquo;d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment.Replacing docker with podman on macOS (and Linux)/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/Mon, 11 Oct 2021 10:43:35 -0400/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/<p>There are a number of reasons why you might want to replace docker, especially on macOS. The following feature bundled in Docker Desktop might have motivated you enough to consider replacing docker:</p>Automatically rotating AWS access keys/blog/2021/09/17/automatically-rotating-aws-access-keys/Fri, 17 Sep 2021 12:48:33 -0400/blog/2021/09/17/automatically-rotating-aws-access-keys/Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.Why I threw out my dotfiles/blog/2021/09/08/why-i-threw-out-my-dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/blog/2021/09/08/why-i-threw-out-my-dotfiles/<p>Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (<code>~/.zshrc</code>, <code>~/.config/git/config</code>, <code>~/.config/tmux/tmux.conf</code>, etc). I have tried several different ways to manage them, including <a -href="https://www.atlassian.com/git/tutorials/dotfiles" -class="link--external" target="_blank" rel="noreferrer" + href="https://www.atlassian.com/git/tutorials/dotfiles" + + + class="link--external" target="_blank" rel="noreferrer" + >bare git repos</a> and utilities such as <a -href="https://www.gnu.org/software/stow/" -class="link--external" target="_blank" rel="noreferrer" + href="https://www.gnu.org/software/stow/" + + + class="link--external" target="_blank" rel="noreferrer" + >GNU Stow</a>. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: <a -href="https://github.com/nix-community/home-manager" -class="link--external" target="_blank" rel="noreferrer" + href="https://github.com/nix-community/home-manager" + + + class="link--external" target="_blank" rel="noreferrer" + >home-manager</a>.</p>What to do with a homelab/blog/2021/09/06/what-to-do-with-a-homelab/Mon, 06 Sep 2021 01:12:54 -0400/blog/2021/09/06/what-to-do-with-a-homelab/<p>A homelab can be an inexpensive way to host a multitude of internal/external services and learn <em>a lot</em> in the process.</p>AppGate SDP on Arch Linux/blog/2020/03/16/appgate-sdp-on-arch-linux/Mon, 16 Mar 2020 22:00:15 -0400/blog/2020/03/16/appgate-sdp-on-arch-linux/<p>AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP <code>4.3.2</code> working on Arch Linux.</p> \ No newline at end of file diff --git a/js/main.c26c1b7b76f4923d8125720886ede9ca08bfe20b924683914ba4c1c35d53667c6c2d764f5482d3860d36b9e58a50255bc22a03ff145555979852c5ec74f15e51.js b/js/main.4be06c129d6a89e60a661c6ac8c8e0434d58fb0fa2f685f85e2c306aca62adc5e77e7c63cb1c8a2cc5794ea42927281cf868514bcdce21ddf23dc3520e6743e7.js similarity index 98% rename from js/main.c26c1b7b76f4923d8125720886ede9ca08bfe20b924683914ba4c1c35d53667c6c2d764f5482d3860d36b9e58a50255bc22a03ff145555979852c5ec74f15e51.js rename to js/main.4be06c129d6a89e60a661c6ac8c8e0434d58fb0fa2f685f85e2c306aca62adc5e77e7c63cb1c8a2cc5794ea42927281cf868514bcdce21ddf23dc3520e6743e7.js index 0e228c4b..e72dcad4 100644 --- a/js/main.c26c1b7b76f4923d8125720886ede9ca08bfe20b924683914ba4c1c35d53667c6c2d764f5482d3860d36b9e58a50255bc22a03ff145555979852c5ec74f15e51.js +++ b/js/main.4be06c129d6a89e60a661c6ac8c8e0434d58fb0fa2f685f85e2c306aca62adc5e77e7c63cb1c8a2cc5794ea42927281cf868514bcdce21ddf23dc3520e6743e7.js @@ -1,5 +1,5 @@ (()=>{var re=Object.create;var K=Object.defineProperty;var ne=Object.getOwnPropertyDescriptor;var ae=Object.getOwnPropertyNames;var ie=Object.getPrototypeOf,se=Object.prototype.hasOwnProperty;var Y=(n,c)=>()=>(c||n((c={exports:{}}).exports,c),c.exports);var oe=(n,c,g,S)=>{if(c&&typeof c=="object"||typeof c=="function")for(let s of ae(c))!se.call(n,s)&&s!==g&&K(n,s,{get:()=>c[s],enumerable:!(S=ne(c,s))||S.enumerable});return n};var V=(n,c,g)=>(g=n!=null?re(ie(n)):{},oe(c||!n||!n.__esModule?K(g,"default",{value:n,enumerable:!0}):g,n));var J=Y((ce,B)=>{var ue=typeof window!="undefined"?window:typeof WorkerGlobalScope!="undefined"&&self instanceof WorkerGlobalScope?self:{};var b=function(n){var c=/(?:^|\s)lang(?:uage)?-([\w-]+)(?=\s|$)/i,g=0,S={},s={manual:n.Prism&&n.Prism.manual,disableWorkerMessageHandler:n.Prism&&n.Prism.disableWorkerMessageHandler,util:{encode:function t(r){return r instanceof a?new a(r.type,t(r.content),r.alias):Array.isArray(r)?r.map(t):r.replace(/&/g,"&").replace(/"+l.content+""};function e(t,r,o,u){t.lastIndex=r;var l=t.exec(o);if(l&&u&&l[1]){var f=l[1].length;l.index+=f,l[0]=l[0].slice(f)}return l}function i(t,r,o,u,l,f){for(var x in o)if(!(!o.hasOwnProperty(x)||!o[x])){var m=o[x];m=Array.isArray(m)?m:[m];for(var A=0;A=f.reach);C+=_.value.length,_=_.next){var P=_.value;if(r.length>t.length)return;if(!(P instanceof a)){var L=1,E;if(N){if(E=e(z,C,t,I),!E||E.index>=t.length)break;var M=E.index,R=E.index+E[0].length,$=C;for($+=_.value.length;M>=$;)_=_.next,$+=_.value.length;if($-=_.value.length,C=$,_.value instanceof a)continue;for(var O=_;O!==r.tail&&($f.reach&&(f.reach=Z);var G=_.prev;j&&(G=w(r,G,j),C+=j.length),d(r,G,L);var te=new a(x,T?s.tokenize(H,T):H,W,H);if(_=w(r,G,te),X&&w(r,_,X),L>1){var q={cause:x+","+A,reach:Z};i(t,r,o,_.prev,C,q),f&&q.reach>f.reach&&(f.reach=q.reach)}}}}}}function p(){var t={value:null,prev:null,next:null},r={value:null,prev:t,next:null};t.next=r,this.head=t,this.tail=r,this.length=0}function w(t,r,o){var u=r.next,l={value:o,prev:r,next:u};return r.next=l,u.prev=l,t.length++,l}function d(t,r,o){for(var u=r.next,l=0;l/,greedy:!0},prolog:{pattern:/<\?[\s\S]+?\?>/,greedy:!0},doctype:{pattern:/"'[\]]|"[^"]*"|'[^']*')+(?:\[(?:[^<"'\]]|"[^"]*"|'[^']*'|<(?!!--)|)*\]\s*)?>/i,greedy:!0,inside:{"internal-subset":{pattern:/(^[^\[]*\[)[\s\S]+(?=\]>$)/,lookbehind:!0,greedy:!0,inside:null},string:{pattern:/"[^"]*"|'[^']*'/,greedy:!0},punctuation:/^$|[[\]]/,"doctype-tag":/^DOCTYPE/i,name:/[^\s<>'"]+/}},cdata:{pattern://i,greedy:!0},tag:{pattern:/<\/?(?!\d)[^\s>\/=$<%]+(?:\s(?:\s*[^\s>\/=]+(?:\s*=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+(?=[\s>]))|(?=[\s/>])))+)?\s*\/?>/,greedy:!0,inside:{tag:{pattern:/^<\/?[^\s>\/]+/,inside:{punctuation:/^<\/?/,namespace:/^[^\s>\/:]+:/}},"special-attr":[],"attr-value":{pattern:/=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+)/,inside:{punctuation:[{pattern:/^=/,alias:"attr-equals"},{pattern:/^(\s*)["']|["']$/,lookbehind:!0}]}},punctuation:/\/?>/,"attr-name":{pattern:/[^\s>\/]+/,inside:{namespace:/^[^\s>\/:]+:/}}}},entity:[{pattern:/&[\da-z]{1,8};/i,alias:"named-entity"},/&#x?[\da-f]{1,8};/i]};b.languages.markup.tag.inside["attr-value"].inside.entity=b.languages.markup.entity;b.languages.markup.doctype.inside["internal-subset"].inside=b.languages.markup;b.hooks.add("wrap",function(n){n.type==="entity"&&(n.attributes.title=n.content.replace(/&/,"&"))});Object.defineProperty(b.languages.markup.tag,"addInlined",{value:function(c,g){var S={};S["language-"+g]={pattern:/(^$)/i,lookbehind:!0,inside:b.languages[g]},S.cdata=/^$/i;var s={"included-cdata":{pattern://i,inside:S}};s["language-"+g]={pattern:/[\s\S]+/,inside:b.languages[g]};var a={};a[c]={pattern:RegExp(/(<__[^>]*>)(?:))*\]\]>|(?!)/.source.replace(/__/g,function(){return c}),"i"),lookbehind:!0,greedy:!0,inside:s},b.languages.insertBefore("markup","cdata",a)}});Object.defineProperty(b.languages.markup.tag,"addAttribute",{value:function(n,c){b.languages.markup.tag.inside["special-attr"].push({pattern:RegExp(/(^|["'\s])/.source+"(?:"+n+")"+/\s*=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+(?=[\s>]))/.source,"i"),lookbehind:!0,inside:{"attr-name":/^[^\s=]+/,"attr-value":{pattern:/=[\s\S]+/,inside:{value:{pattern:/(^=\s*(["']|(?!["'])))\S[\s\S]*(?=\2$)/,lookbehind:!0,alias:[c,"language-"+c],inside:b.languages[c]},punctuation:[{pattern:/^=/,alias:"attr-equals"},/"|'/]}}}})}});b.languages.html=b.languages.markup;b.languages.mathml=b.languages.markup;b.languages.svg=b.languages.markup;b.languages.xml=b.languages.extend("markup",{});b.languages.ssml=b.languages.xml;b.languages.atom=b.languages.xml;b.languages.rss=b.languages.xml;(function(n){var c=/(?:"(?:\\(?:\r\n|[\s\S])|[^"\\\r\n])*"|'(?:\\(?:\r\n|[\s\S])|[^'\\\r\n])*')/;n.languages.css={comment:/\/\*[\s\S]*?\*\//,atrule:{pattern:RegExp("@[\\w-](?:"+/[^;{\s"']|\s+(?!\s)/.source+"|"+c.source+")*?"+/(?:;|(?=\s*\{))/.source),inside:{rule:/^@[\w-]+/,"selector-function-argument":{pattern:/(\bselector\s*\(\s*(?![\s)]))(?:[^()\s]|\s+(?![\s)])|\((?:[^()]|\([^()]*\))*\))+(?=\s*\))/,lookbehind:!0,alias:"selector"},keyword:{pattern:/(^|[^\w-])(?:and|not|only|or)(?![\w-])/,lookbehind:!0}}},url:{pattern:RegExp("\\burl\\((?:"+c.source+"|"+/(?:[^\\\r\n()"']|\\[\s\S])*/.source+")\\)","i"),greedy:!0,inside:{function:/^url/i,punctuation:/^\(|\)$/,string:{pattern:RegExp("^"+c.source+"$"),alias:"url"}}},selector:{pattern:RegExp(`(^|[{}\\s])[^{}\\s](?:[^{};"'\\s]|\\s+(?![\\s{])|`+c.source+")*(?=\\s*\\{)"),lookbehind:!0},string:{pattern:c,greedy:!0},property:{pattern:/(^|[^-\w\xA0-\uFFFF])(?!\s)[-_a-z\xA0-\uFFFF](?:(?!\s)[-\w\xA0-\uFFFF])*(?=\s*:)/i,lookbehind:!0},important:/!important\b/i,function:{pattern:/(^|[^-a-z0-9])[-a-z0-9]+(?=\()/i,lookbehind:!0},punctuation:/[(){};:,]/},n.languages.css.atrule.inside.rest=n.languages.css;var g=n.languages.markup;g&&(g.tag.addInlined("style","css"),g.tag.addAttribute("style","css"))})(b);b.languages.clike={comment:[{pattern:/(^|[^\\])\/\*[\s\S]*?(?:\*\/|$)/,lookbehind:!0,greedy:!0},{pattern:/(^|[^\\:])\/\/.*/,lookbehind:!0,greedy:!0}],string:{pattern:/(["'])(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1/,greedy:!0},"class-name":{pattern:/(\b(?:class|extends|implements|instanceof|interface|new|trait)\s+|\bcatch\s+\()[\w.\\]+/i,lookbehind:!0,inside:{punctuation:/[.\\]/}},keyword:/\b(?:break|catch|continue|do|else|finally|for|function|if|in|instanceof|new|null|return|throw|try|while)\b/,boolean:/\b(?:false|true)\b/,function:/\b\w+(?=\()/,number:/\b0x[\da-f]+\b|(?:\b\d+(?:\.\d*)?|\B\.\d+)(?:e[+-]?\d+)?/i,operator:/[<>]=?|[!=]=?=?|--?|\+\+?|&&?|\|\|?|[?*/~^%]/,punctuation:/[{}[\];(),.:]/};b.languages.javascript=b.languages.extend("clike",{"class-name":[b.languages.clike["class-name"],{pattern:/(^|[^$\w\xA0-\uFFFF])(?!\s)[_$A-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\.(?:constructor|prototype))/,lookbehind:!0}],keyword:[{pattern:/((?:^|\})\s*)catch\b/,lookbehind:!0},{pattern:/(^|[^.]|\.\.\.\s*)\b(?:as|assert(?=\s*\{)|async(?=\s*(?:function\b|\(|[$\w\xA0-\uFFFF]|$))|await|break|case|class|const|continue|debugger|default|delete|do|else|enum|export|extends|finally(?=\s*(?:\{|$))|for|from(?=\s*(?:['"]|$))|function|(?:get|set)(?=\s*(?:[#\[$\w\xA0-\uFFFF]|$))|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|static|super|switch|this|throw|try|typeof|undefined|var|void|while|with|yield)\b/,lookbehind:!0}],function:/#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*(?:\.\s*(?:apply|bind|call)\s*)?\()/,number:{pattern:RegExp(/(^|[^\w$])/.source+"(?:"+(/NaN|Infinity/.source+"|"+/0[bB][01]+(?:_[01]+)*n?/.source+"|"+/0[oO][0-7]+(?:_[0-7]+)*n?/.source+"|"+/0[xX][\dA-Fa-f]+(?:_[\dA-Fa-f]+)*n?/.source+"|"+/\d+(?:_\d+)*n/.source+"|"+/(?:\d+(?:_\d+)*(?:\.(?:\d+(?:_\d+)*)?)?|\.\d+(?:_\d+)*)(?:[Ee][+-]?\d+(?:_\d+)*)?/.source)+")"+/(?![\w$])/.source),lookbehind:!0},operator:/--|\+\+|\*\*=?|=>|&&=?|\|\|=?|[!=]==|<<=?|>>>?=?|[-+*/%&|^!=<>]=?|\.{3}|\?\?=?|\?\.?|[~:]/});b.languages.javascript["class-name"][0].pattern=/(\b(?:class|extends|implements|instanceof|interface|new)\s+)[\w.\\]+/;b.languages.insertBefore("javascript","keyword",{regex:{pattern:RegExp(/((?:^|[^$\w\xA0-\uFFFF."'\])\s]|\b(?:return|yield))\s*)/.source+/\//.source+"(?:"+/(?:\[(?:[^\]\\\r\n]|\\.)*\]|\\.|[^/\\\[\r\n])+\/[dgimyus]{0,7}/.source+"|"+/(?:\[(?:[^[\]\\\r\n]|\\.|\[(?:[^[\]\\\r\n]|\\.|\[(?:[^[\]\\\r\n]|\\.)*\])*\])*\]|\\.|[^/\\\[\r\n])+\/[dgimyus]{0,7}v[dgimyus]{0,7}/.source+")"+/(?=(?:\s|\/\*(?:[^*]|\*(?!\/))*\*\/)*(?:$|[\r\n,.;:})\]]|\/\/))/.source),lookbehind:!0,greedy:!0,inside:{"regex-source":{pattern:/^(\/)[\s\S]+(?=\/[a-z]*$)/,lookbehind:!0,alias:"language-regex",inside:b.languages.regex},"regex-delimiter":/^\/|\/$/,"regex-flags":/^[a-z]+$/}},"function-variable":{pattern:/#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*[=:]\s*(?:async\s*)?(?:\bfunction\b|(?:\((?:[^()]|\([^()]*\))*\)|(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*)\s*=>))/,alias:"function"},parameter:[{pattern:/(function(?:\s+(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*)?\s*\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\))/,lookbehind:!0,inside:b.languages.javascript},{pattern:/(^|[^$\w\xA0-\uFFFF])(?!\s)[_$a-z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*=>)/i,lookbehind:!0,inside:b.languages.javascript},{pattern:/(\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\)\s*=>)/,lookbehind:!0,inside:b.languages.javascript},{pattern:/((?:\b|\s|^)(?!(?:as|async|await|break|case|catch|class|const|continue|debugger|default|delete|do|else|enum|export|extends|finally|for|from|function|get|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|set|static|super|switch|this|throw|try|typeof|undefined|var|void|while|with|yield)(?![$\w\xA0-\uFFFF]))(?:(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*\s*)\(\s*|\]\s*\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\)\s*\{)/,lookbehind:!0,inside:b.languages.javascript}],constant:/\b[A-Z](?:[A-Z_]|\dx?)*\b/});b.languages.insertBefore("javascript","string",{hashbang:{pattern:/^#!.*/,greedy:!0,alias:"comment"},"template-string":{pattern:/`(?:\\[\s\S]|\$\{(?:[^{}]|\{(?:[^{}]|\{[^}]*\})*\})+\}|(?!\$\{)[^\\`])*`/,greedy:!0,inside:{"template-punctuation":{pattern:/^`|`$/,alias:"string"},interpolation:{pattern:/((?:^|[^\\])(?:\\{2})*)\$\{(?:[^{}]|\{(?:[^{}]|\{[^}]*\})*\})+\}/,lookbehind:!0,inside:{"interpolation-punctuation":{pattern:/^\$\{|\}$/,alias:"punctuation"},rest:b.languages.javascript}},string:/[\s\S]+/}},"string-property":{pattern:/((?:^|[,{])[ \t]*)(["'])(?:\\(?:\r\n|[\s\S])|(?!\2)[^\\\r\n])*\2(?=\s*:)/m,lookbehind:!0,greedy:!0,alias:"property"}});b.languages.insertBefore("javascript","operator",{"literal-property":{pattern:/((?:^|[,{])[ \t]*)(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*:)/m,lookbehind:!0,alias:"property"}});b.languages.markup&&(b.languages.markup.tag.addInlined("script","javascript"),b.languages.markup.tag.addAttribute(/on(?:abort|blur|change|click|composition(?:end|start|update)|dblclick|error|focus(?:in|out)?|key(?:down|up)|load|mouse(?:down|enter|leave|move|out|over|up)|reset|resize|scroll|select|slotchange|submit|unload|wheel)/.source,"javascript"));b.languages.js=b.languages.javascript;(function(){if(typeof b=="undefined"||typeof document=="undefined")return;Element.prototype.matches||(Element.prototype.matches=Element.prototype.msMatchesSelector||Element.prototype.webkitMatchesSelector);var n="Loading\u2026",c=function(h,v){return"\u2716 Error "+h+" while fetching file: "+v},g="\u2716 Error: File does not exist or is empty",S={js:"javascript",py:"python",rb:"ruby",ps1:"powershell",psm1:"powershell",sh:"bash",bat:"batch",h:"c",tex:"latex"},s="data-src-status",a="loading",e="loaded",i="failed",p="pre[data-src]:not(["+s+'="'+e+'"]):not(['+s+'="'+a+'"])';function w(h,v,k){var t=new XMLHttpRequest;t.open("GET",h,!0),t.onreadystatechange=function(){t.readyState==4&&(t.status<400&&t.responseText?v(t.responseText):t.status>=400?k(c(t.status,t.statusText)):k(g))},t.send(null)}function d(h){var v=/^\s*(\d+)\s*(?:(,)\s*(?:(\d+)\s*)?)?$/.exec(h||"");if(v){var k=Number(v[1]),t=v[2],r=v[3];return t?r?[k,Number(r)]:[k,void 0]:[k,k]}}b.hooks.add("before-highlightall",function(h){h.selector+=", "+p}),b.hooks.add("before-sanity-check",function(h){var v=h.element;if(v.matches(p)){h.code="",v.setAttribute(s,a);var k=v.appendChild(document.createElement("CODE"));k.textContent=n;var t=v.getAttribute("data-src"),r=h.language;if(r==="none"){var o=(/\.(\w+)$/.exec(t)||[,"none"])[1];r=S[o]||o}b.util.setLanguage(k,r),b.util.setLanguage(v,r);var u=b.plugins.autoloader;u&&u.loadLanguages(r),w(t,function(l){v.setAttribute(s,e);var f=d(v.getAttribute("data-range"));if(f){var x=l.split(/\r\n?|\n/g),m=f[0],A=f[1]==null?x.length:f[1];m<0&&(m+=x.length),m=Math.max(0,Math.min(m-1,x.length)),A<0&&(A+=x.length),A=Math.max(0,Math.min(A,x.length)),l=x.slice(m,A).join(` -`),v.hasAttribute("data-start")||v.setAttribute("data-start",String(m+1))}k.textContent=l,b.highlightElement(k)},function(l){v.setAttribute(s,i),k.textContent=l})}}),b.plugins.fileHighlight={highlight:function(v){for(var k=(v||document).querySelectorAll(p),t=0,r;r=k[t++];)b.highlightElement(r)}};var y=!1;b.fileHighlight=function(){y||(console.warn("Prism.fileHighlight is deprecated. Use `Prism.plugins.fileHighlight.highlight` instead."),y=!0),b.plugins.fileHighlight.highlight.apply(this,arguments)}})()});var Q=Y((de,U)=>{(function(){if(typeof Prism=="undefined")return;var n=Object.assign||function(a,e){for(var i in e)e.hasOwnProperty(i)&&(a[i]=e[i]);return a};function c(a){this.defaults=n({},a)}function g(a){return a.replace(/-(\w)/g,function(e,i){return i.toUpperCase()})}function S(a){for(var e=0,i=0;i{(function(){if(typeof Prism=="undefined")return;var n=Object.assign||function(a,e){for(var i in e)e.hasOwnProperty(i)&&(a[i]=e[i]);return a};function c(a){this.defaults=n({},a)}function g(a){return a.replace(/-(\w)/g,function(e,i){return i.toUpperCase()})}function S(a){for(var e=0,i=0;ie&&(w[y]=` `+w[y],d=h)}i[p]=w.join("")}return i.join(` `)}},typeof U!="undefined"&&U.exports&&(U.exports=c),Prism.plugins.NormalizeWhitespace=new c({"remove-trailing":!0,"remove-indent":!0,"left-trim":!0,"right-trim":!0}),Prism.hooks.add("before-sanity-check",function(a){var e=Prism.plugins.NormalizeWhitespace;if(!(a.settings&&a.settings["whitespace-normalization"]===!1)&&Prism.util.isActive(a.element,"whitespace-normalization",!0)){if((!a.element||!a.element.parentNode)&&a.code){a.code=e.normalize(a.code,a.settings);return}var i=a.element.parentNode;if(!(!a.code||!i||i.nodeName.toLowerCase()!=="pre")){a.settings==null&&(a.settings={});for(var p in s)if(Object.hasOwnProperty.call(s,p)){var w=s[p];if(i.hasAttribute("data-"+p))try{var d=JSON.parse(i.getAttribute("data-"+p)||"true");typeof d===w&&(a.settings[p]=d)}catch(u){}}for(var y=i.childNodes,h="",v="",k=!1,t=0;t/,greedy:!0},prolog:{pattern:/<\?[\s\S]+?\?>/,greedy:!0},doctype:{pattern:/"'[\]]|"[^"]*"|'[^']*')+(?:\[(?:[^<"'\]]|"[^"]*"|'[^']*'|<(?!!--)|)*\]\s*)?>/i,greedy:!0,inside:{"internal-subset":{pattern:/(^[^\[]*\[)[\s\S]+(?=\]>$)/,lookbehind:!0,greedy:!0,inside:null},string:{pattern:/"[^"]*"|'[^']*'/,greedy:!0},punctuation:/^$|[[\]]/,"doctype-tag":/^DOCTYPE/i,name:/[^\s<>'"]+/}},cdata:{pattern://i,greedy:!0},tag:{pattern:/<\/?(?!\d)[^\s>\/=$<%]+(?:\s(?:\s*[^\s>\/=]+(?:\s*=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+(?=[\s>]))|(?=[\s/>])))+)?\s*\/?>/,greedy:!0,inside:{tag:{pattern:/^<\/?[^\s>\/]+/,inside:{punctuation:/^<\/?/,namespace:/^[^\s>\/:]+:/}},"special-attr":[],"attr-value":{pattern:/=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+)/,inside:{punctuation:[{pattern:/^=/,alias:"attr-equals"},{pattern:/^(\s*)["']|["']$/,lookbehind:!0}]}},punctuation:/\/?>/,"attr-name":{pattern:/[^\s>\/]+/,inside:{namespace:/^[^\s>\/:]+:/}}}},entity:[{pattern:/&[\da-z]{1,8};/i,alias:"named-entity"},/&#x?[\da-f]{1,8};/i]};Prism.languages.markup.tag.inside["attr-value"].inside.entity=Prism.languages.markup.entity;Prism.languages.markup.doctype.inside["internal-subset"].inside=Prism.languages.markup;Prism.hooks.add("wrap",function(n){n.type==="entity"&&(n.attributes.title=n.content.replace(/&/,"&"))});Object.defineProperty(Prism.languages.markup.tag,"addInlined",{value:function(c,g){var S={};S["language-"+g]={pattern:/(^$)/i,lookbehind:!0,inside:Prism.languages[g]},S.cdata=/^$/i;var s={"included-cdata":{pattern://i,inside:S}};s["language-"+g]={pattern:/[\s\S]+/,inside:Prism.languages[g]};var a={};a[c]={pattern:RegExp(/(<__[^>]*>)(?:))*\]\]>|(?!)/.source.replace(/__/g,function(){return c}),"i"),lookbehind:!0,greedy:!0,inside:s},Prism.languages.insertBefore("markup","cdata",a)}});Object.defineProperty(Prism.languages.markup.tag,"addAttribute",{value:function(n,c){Prism.languages.markup.tag.inside["special-attr"].push({pattern:RegExp(/(^|["'\s])/.source+"(?:"+n+")"+/\s*=\s*(?:"[^"]*"|'[^']*'|[^\s'">=]+(?=[\s>]))/.source,"i"),lookbehind:!0,inside:{"attr-name":/^[^\s=]+/,"attr-value":{pattern:/=[\s\S]+/,inside:{value:{pattern:/(^=\s*(["']|(?!["'])))\S[\s\S]*(?=\2$)/,lookbehind:!0,alias:[c,"language-"+c],inside:Prism.languages[c]},punctuation:[{pattern:/^=/,alias:"attr-equals"},/"|'/]}}}})}});Prism.languages.html=Prism.languages.markup;Prism.languages.mathml=Prism.languages.markup;Prism.languages.svg=Prism.languages.markup;Prism.languages.xml=Prism.languages.extend("markup",{});Prism.languages.ssml=Prism.languages.xml;Prism.languages.atom=Prism.languages.xml;Prism.languages.rss=Prism.languages.xml;(function(n){var c=/(?:"(?:\\(?:\r\n|[\s\S])|[^"\\\r\n])*"|'(?:\\(?:\r\n|[\s\S])|[^'\\\r\n])*')/;n.languages.css={comment:/\/\*[\s\S]*?\*\//,atrule:{pattern:RegExp("@[\\w-](?:"+/[^;{\s"']|\s+(?!\s)/.source+"|"+c.source+")*?"+/(?:;|(?=\s*\{))/.source),inside:{rule:/^@[\w-]+/,"selector-function-argument":{pattern:/(\bselector\s*\(\s*(?![\s)]))(?:[^()\s]|\s+(?![\s)])|\((?:[^()]|\([^()]*\))*\))+(?=\s*\))/,lookbehind:!0,alias:"selector"},keyword:{pattern:/(^|[^\w-])(?:and|not|only|or)(?![\w-])/,lookbehind:!0}}},url:{pattern:RegExp("\\burl\\((?:"+c.source+"|"+/(?:[^\\\r\n()"']|\\[\s\S])*/.source+")\\)","i"),greedy:!0,inside:{function:/^url/i,punctuation:/^\(|\)$/,string:{pattern:RegExp("^"+c.source+"$"),alias:"url"}}},selector:{pattern:RegExp(`(^|[{}\\s])[^{}\\s](?:[^{};"'\\s]|\\s+(?![\\s{])|`+c.source+")*(?=\\s*\\{)"),lookbehind:!0},string:{pattern:c,greedy:!0},property:{pattern:/(^|[^-\w\xA0-\uFFFF])(?!\s)[-_a-z\xA0-\uFFFF](?:(?!\s)[-\w\xA0-\uFFFF])*(?=\s*:)/i,lookbehind:!0},important:/!important\b/i,function:{pattern:/(^|[^-a-z0-9])[-a-z0-9]+(?=\()/i,lookbehind:!0},punctuation:/[(){};:,]/},n.languages.css.atrule.inside.rest=n.languages.css;var g=n.languages.markup;g&&(g.tag.addInlined("style","css"),g.tag.addAttribute("style","css"))})(Prism);Prism.languages.clike={comment:[{pattern:/(^|[^\\])\/\*[\s\S]*?(?:\*\/|$)/,lookbehind:!0,greedy:!0},{pattern:/(^|[^\\:])\/\/.*/,lookbehind:!0,greedy:!0}],string:{pattern:/(["'])(?:\\(?:\r\n|[\s\S])|(?!\1)[^\\\r\n])*\1/,greedy:!0},"class-name":{pattern:/(\b(?:class|extends|implements|instanceof|interface|new|trait)\s+|\bcatch\s+\()[\w.\\]+/i,lookbehind:!0,inside:{punctuation:/[.\\]/}},keyword:/\b(?:break|catch|continue|do|else|finally|for|function|if|in|instanceof|new|null|return|throw|try|while)\b/,boolean:/\b(?:false|true)\b/,function:/\b\w+(?=\()/,number:/\b0x[\da-f]+\b|(?:\b\d+(?:\.\d*)?|\B\.\d+)(?:e[+-]?\d+)?/i,operator:/[<>]=?|[!=]=?=?|--?|\+\+?|&&?|\|\|?|[?*/~^%]/,punctuation:/[{}[\];(),.:]/};Prism.languages.javascript=Prism.languages.extend("clike",{"class-name":[Prism.languages.clike["class-name"],{pattern:/(^|[^$\w\xA0-\uFFFF])(?!\s)[_$A-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\.(?:constructor|prototype))/,lookbehind:!0}],keyword:[{pattern:/((?:^|\})\s*)catch\b/,lookbehind:!0},{pattern:/(^|[^.]|\.\.\.\s*)\b(?:as|assert(?=\s*\{)|async(?=\s*(?:function\b|\(|[$\w\xA0-\uFFFF]|$))|await|break|case|class|const|continue|debugger|default|delete|do|else|enum|export|extends|finally(?=\s*(?:\{|$))|for|from(?=\s*(?:['"]|$))|function|(?:get|set)(?=\s*(?:[#\[$\w\xA0-\uFFFF]|$))|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|static|super|switch|this|throw|try|typeof|undefined|var|void|while|with|yield)\b/,lookbehind:!0}],function:/#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*(?:\.\s*(?:apply|bind|call)\s*)?\()/,number:{pattern:RegExp(/(^|[^\w$])/.source+"(?:"+(/NaN|Infinity/.source+"|"+/0[bB][01]+(?:_[01]+)*n?/.source+"|"+/0[oO][0-7]+(?:_[0-7]+)*n?/.source+"|"+/0[xX][\dA-Fa-f]+(?:_[\dA-Fa-f]+)*n?/.source+"|"+/\d+(?:_\d+)*n/.source+"|"+/(?:\d+(?:_\d+)*(?:\.(?:\d+(?:_\d+)*)?)?|\.\d+(?:_\d+)*)(?:[Ee][+-]?\d+(?:_\d+)*)?/.source)+")"+/(?![\w$])/.source),lookbehind:!0},operator:/--|\+\+|\*\*=?|=>|&&=?|\|\|=?|[!=]==|<<=?|>>>?=?|[-+*/%&|^!=<>]=?|\.{3}|\?\?=?|\?\.?|[~:]/});Prism.languages.javascript["class-name"][0].pattern=/(\b(?:class|extends|implements|instanceof|interface|new)\s+)[\w.\\]+/;Prism.languages.insertBefore("javascript","keyword",{regex:{pattern:RegExp(/((?:^|[^$\w\xA0-\uFFFF."'\])\s]|\b(?:return|yield))\s*)/.source+/\//.source+"(?:"+/(?:\[(?:[^\]\\\r\n]|\\.)*\]|\\.|[^/\\\[\r\n])+\/[dgimyus]{0,7}/.source+"|"+/(?:\[(?:[^[\]\\\r\n]|\\.|\[(?:[^[\]\\\r\n]|\\.|\[(?:[^[\]\\\r\n]|\\.)*\])*\])*\]|\\.|[^/\\\[\r\n])+\/[dgimyus]{0,7}v[dgimyus]{0,7}/.source+")"+/(?=(?:\s|\/\*(?:[^*]|\*(?!\/))*\*\/)*(?:$|[\r\n,.;:})\]]|\/\/))/.source),lookbehind:!0,greedy:!0,inside:{"regex-source":{pattern:/^(\/)[\s\S]+(?=\/[a-z]*$)/,lookbehind:!0,alias:"language-regex",inside:Prism.languages.regex},"regex-delimiter":/^\/|\/$/,"regex-flags":/^[a-z]+$/}},"function-variable":{pattern:/#?(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*[=:]\s*(?:async\s*)?(?:\bfunction\b|(?:\((?:[^()]|\([^()]*\))*\)|(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*)\s*=>))/,alias:"function"},parameter:[{pattern:/(function(?:\s+(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*)?\s*\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\))/,lookbehind:!0,inside:Prism.languages.javascript},{pattern:/(^|[^$\w\xA0-\uFFFF])(?!\s)[_$a-z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*=>)/i,lookbehind:!0,inside:Prism.languages.javascript},{pattern:/(\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\)\s*=>)/,lookbehind:!0,inside:Prism.languages.javascript},{pattern:/((?:\b|\s|^)(?!(?:as|async|await|break|case|catch|class|const|continue|debugger|default|delete|do|else|enum|export|extends|finally|for|from|function|get|if|implements|import|in|instanceof|interface|let|new|null|of|package|private|protected|public|return|set|static|super|switch|this|throw|try|typeof|undefined|var|void|while|with|yield)(?![$\w\xA0-\uFFFF]))(?:(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*\s*)\(\s*|\]\s*\(\s*)(?!\s)(?:[^()\s]|\s+(?![\s)])|\([^()]*\))+(?=\s*\)\s*\{)/,lookbehind:!0,inside:Prism.languages.javascript}],constant:/\b[A-Z](?:[A-Z_]|\dx?)*\b/});Prism.languages.insertBefore("javascript","string",{hashbang:{pattern:/^#!.*/,greedy:!0,alias:"comment"},"template-string":{pattern:/`(?:\\[\s\S]|\$\{(?:[^{}]|\{(?:[^{}]|\{[^}]*\})*\})+\}|(?!\$\{)[^\\`])*`/,greedy:!0,inside:{"template-punctuation":{pattern:/^`|`$/,alias:"string"},interpolation:{pattern:/((?:^|[^\\])(?:\\{2})*)\$\{(?:[^{}]|\{(?:[^{}]|\{[^}]*\})*\})+\}/,lookbehind:!0,inside:{"interpolation-punctuation":{pattern:/^\$\{|\}$/,alias:"punctuation"},rest:Prism.languages.javascript}},string:/[\s\S]+/}},"string-property":{pattern:/((?:^|[,{])[ \t]*)(["'])(?:\\(?:\r\n|[\s\S])|(?!\2)[^\\\r\n])*\2(?=\s*:)/m,lookbehind:!0,greedy:!0,alias:"property"}});Prism.languages.insertBefore("javascript","operator",{"literal-property":{pattern:/((?:^|[,{])[ \t]*)(?!\s)[_$a-zA-Z\xA0-\uFFFF](?:(?!\s)[$\w\xA0-\uFFFF])*(?=\s*:)/m,lookbehind:!0,alias:"property"}});Prism.languages.markup&&(Prism.languages.markup.tag.addInlined("script","javascript"),Prism.languages.markup.tag.addAttribute(/on(?:abort|blur|change|click|composition(?:end|start|update)|dblclick|error|focus(?:in|out)?|key(?:down|up)|load|mouse(?:down|enter|leave|move|out|over|up)|reset|resize|scroll|select|slotchange|submit|unload|wheel)/.source,"javascript"));Prism.languages.js=Prism.languages.javascript;(function(n){var c="\\b(?:BASH|BASHOPTS|BASH_ALIASES|BASH_ARGC|BASH_ARGV|BASH_CMDS|BASH_COMPLETION_COMPAT_DIR|BASH_LINENO|BASH_REMATCH|BASH_SOURCE|BASH_VERSINFO|BASH_VERSION|COLORTERM|COLUMNS|COMP_WORDBREAKS|DBUS_SESSION_BUS_ADDRESS|DEFAULTS_PATH|DESKTOP_SESSION|DIRSTACK|DISPLAY|EUID|GDMSESSION|GDM_LANG|GNOME_KEYRING_CONTROL|GNOME_KEYRING_PID|GPG_AGENT_INFO|GROUPS|HISTCONTROL|HISTFILE|HISTFILESIZE|HISTSIZE|HOME|HOSTNAME|HOSTTYPE|IFS|INSTANCE|JOB|LANG|LANGUAGE|LC_ADDRESS|LC_ALL|LC_IDENTIFICATION|LC_MEASUREMENT|LC_MONETARY|LC_NAME|LC_NUMERIC|LC_PAPER|LC_TELEPHONE|LC_TIME|LESSCLOSE|LESSOPEN|LINES|LOGNAME|LS_COLORS|MACHTYPE|MAILCHECK|MANDATORY_PATH|NO_AT_BRIDGE|OLDPWD|OPTERR|OPTIND|ORBIT_SOCKETDIR|OSTYPE|PAPERSIZE|PATH|PIPESTATUS|PPID|PS1|PS2|PS3|PS4|PWD|RANDOM|REPLY|SECONDS|SELINUX_INIT|SESSION|SESSIONTYPE|SESSION_MANAGER|SHELL|SHELLOPTS|SHLVL|SSH_AUTH_SOCK|TERM|UID|UPSTART_EVENTS|UPSTART_INSTANCE|UPSTART_JOB|UPSTART_SESSION|USER|WINDOWID|XAUTHORITY|XDG_CONFIG_DIRS|XDG_CURRENT_DESKTOP|XDG_DATA_DIRS|XDG_GREETER_DATA_DIR|XDG_MENU_PREFIX|XDG_RUNTIME_DIR|XDG_SEAT|XDG_SEAT_PATH|XDG_SESSION_DESKTOP|XDG_SESSION_ID|XDG_SESSION_PATH|XDG_SESSION_TYPE|XDG_VTNR|XMODIFIERS)\\b",g={pattern:/(^(["']?)\w+\2)[ \t]+\S.*/,lookbehind:!0,alias:"punctuation",inside:null},S={bash:g,environment:{pattern:RegExp("\\$"+c),alias:"constant"},variable:[{pattern:/\$?\(\([\s\S]+?\)\)/,greedy:!0,inside:{variable:[{pattern:/(^\$\(\([\s\S]+)\)\)/,lookbehind:!0},/^\$\(\(/],number:/\b0x[\dA-Fa-f]+\b|(?:\b\d+(?:\.\d*)?|\B\.\d+)(?:[Ee]-?\d+)?/,operator:/--|\+\+|\*\*=?|<<=?|>>=?|&&|\|\||[=!+\-*/%<>^&|]=?|[?~:]/,punctuation:/\(\(?|\)\)?|,|;/}},{pattern:/\$\((?:\([^)]+\)|[^()])+\)|`[^`]+`/,greedy:!0,inside:{variable:/^\$\(|^`|\)$|`$/}},{pattern:/\$\{[^}]+\}/,greedy:!0,inside:{operator:/:[-=?+]?|[!\/]|##?|%%?|\^\^?|,,?/,punctuation:/[\[\]]/,environment:{pattern:RegExp("(\\{)"+c),lookbehind:!0,alias:"constant"}}},/\$(?:\w+|[#?*!@$])/],entity:/\\(?:[abceEfnrtv\\"]|O?[0-7]{1,3}|U[0-9a-fA-F]{8}|u[0-9a-fA-F]{4}|x[0-9a-fA-F]{1,2})/};n.languages.bash={shebang:{pattern:/^#!\s*\/.*/,alias:"important"},comment:{pattern:/(^|[^"{\\$])#.*/,lookbehind:!0},"function-name":[{pattern:/(\bfunction\s+)[\w-]+(?=(?:\s*\(?:\s*\))?\s*\{)/,lookbehind:!0,alias:"function"},{pattern:/\b[\w-]+(?=\s*\(\s*\)\s*\{)/,alias:"function"}],"for-or-select":{pattern:/(\b(?:for|select)\s+)\w+(?=\s+in\s)/,alias:"variable",lookbehind:!0},"assign-left":{pattern:/(^|[\s;|&]|[<>]\()\w+(?:\.\w+)*(?=\+?=)/,inside:{environment:{pattern:RegExp("(^|[\\s;|&]|[<>]\\()"+c),lookbehind:!0,alias:"constant"}},alias:"variable",lookbehind:!0},parameter:{pattern:/(^|\s)-{1,2}(?:\w+:[+-]?)?\w+(?:\.\w+)*(?=[=\s]|$)/,alias:"variable",lookbehind:!0},string:[{pattern:/((?:^|[^<])<<-?\s*)(\w+)\s[\s\S]*?(?:\r?\n|\r)\2/,lookbehind:!0,greedy:!0,inside:S},{pattern:/((?:^|[^<])<<-?\s*)(["'])(\w+)\2\s[\s\S]*?(?:\r?\n|\r)\3/,lookbehind:!0,greedy:!0,inside:{bash:g}},{pattern:/(^|[^\\](?:\\\\)*)"(?:\\[\s\S]|\$\([^)]+\)|\$(?!\()|`[^`]+`|[^"\\`$])*"/,lookbehind:!0,greedy:!0,inside:S},{pattern:/(^|[^$\\])'[^']*'/,lookbehind:!0,greedy:!0},{pattern:/\$'(?:[^'\\]|\\[\s\S])*'/,greedy:!0,inside:{entity:S.entity}}],environment:{pattern:RegExp("\\$?"+c),alias:"constant"},variable:S.variable,function:{pattern:/(^|[\s;|&]|[<>]\()(?:add|apropos|apt|apt-cache|apt-get|aptitude|aspell|automysqlbackup|awk|basename|bash|bc|bconsole|bg|bzip2|cal|cargo|cat|cfdisk|chgrp|chkconfig|chmod|chown|chroot|cksum|clear|cmp|column|comm|composer|cp|cron|crontab|csplit|curl|cut|date|dc|dd|ddrescue|debootstrap|df|diff|diff3|dig|dir|dircolors|dirname|dirs|dmesg|docker|docker-compose|du|egrep|eject|env|ethtool|expand|expect|expr|fdformat|fdisk|fg|fgrep|file|find|fmt|fold|format|free|fsck|ftp|fuser|gawk|git|gparted|grep|groupadd|groupdel|groupmod|groups|grub-mkconfig|gzip|halt|head|hg|history|host|hostname|htop|iconv|id|ifconfig|ifdown|ifup|import|install|ip|java|jobs|join|kill|killall|less|link|ln|locate|logname|logrotate|look|lpc|lpr|lprint|lprintd|lprintq|lprm|ls|lsof|lynx|make|man|mc|mdadm|mkconfig|mkdir|mke2fs|mkfifo|mkfs|mkisofs|mknod|mkswap|mmv|more|most|mount|mtools|mtr|mutt|mv|nano|nc|netstat|nice|nl|node|nohup|notify-send|npm|nslookup|op|open|parted|passwd|paste|pathchk|ping|pkill|pnpm|podman|podman-compose|popd|pr|printcap|printenv|ps|pushd|pv|quota|quotacheck|quotactl|ram|rar|rcp|reboot|remsync|rename|renice|rev|rm|rmdir|rpm|rsync|scp|screen|sdiff|sed|sendmail|seq|service|sftp|sh|shellcheck|shuf|shutdown|sleep|slocate|sort|split|ssh|stat|strace|su|sudo|sum|suspend|swapon|sync|sysctl|tac|tail|tar|tee|time|timeout|top|touch|tr|traceroute|tsort|tty|umount|uname|unexpand|uniq|units|unrar|unshar|unzip|update-grub|uptime|useradd|userdel|usermod|users|uudecode|uuencode|v|vcpkg|vdir|vi|vim|virsh|vmstat|wait|watch|wc|wget|whereis|which|who|whoami|write|xargs|xdg-open|yarn|yes|zenity|zip|zsh|zypper)(?=$|[)\s;|&])/,lookbehind:!0},keyword:{pattern:/(^|[\s;|&]|[<>]\()(?:case|do|done|elif|else|esac|fi|for|function|if|in|select|then|until|while)(?=$|[)\s;|&])/,lookbehind:!0},builtin:{pattern:/(^|[\s;|&]|[<>]\()(?:\.|:|alias|bind|break|builtin|caller|cd|command|continue|declare|echo|enable|eval|exec|exit|export|getopts|hash|help|let|local|logout|mapfile|printf|pwd|read|readarray|readonly|return|set|shift|shopt|source|test|times|trap|type|typeset|ulimit|umask|unalias|unset)(?=$|[)\s;|&])/,lookbehind:!0,alias:"class-name"},boolean:{pattern:/(^|[\s;|&]|[<>]\()(?:false|true)(?=$|[)\s;|&])/,lookbehind:!0},"file-descriptor":{pattern:/\B&\d\b/,alias:"important"},operator:{pattern:/\d?<>|>\||\+=|=[=~]?|!=?|<<[<-]?|[&\d]?>>|\d[<>]&?|[<>][&=]?|&[>&]?|\|[&|]?/,inside:{"file-descriptor":{pattern:/^\d/,alias:"important"}}},punctuation:/\$?\(\(?|\)\)?|\.\.|[{}[\];\\]/,number:{pattern:/(^|\s)(?:[1-9]\d*|0)(?:[.,]\d+)?\b/,lookbehind:!0}},g.inside=n.languages.bash;for(var s=["comment","function-name","for-or-select","assign-left","parameter","string","environment","function","keyword","builtin","boolean","file-descriptor","operator","punctuation","number"],a=S.variable[1].inside,e=0;e>/g,function($,O){return"(?:"+R[+O]+")"})}function g(E,R,$){return RegExp(c(E,R),$||"")}function S(E,R){for(var $=0;$>/g,function(){return"(?:"+E+")"});return E.replace(/<>/g,"[^\\s\\S]")}var s={type:"bool byte char decimal double dynamic float int long object sbyte short string uint ulong ushort var void",typeDeclaration:"class enum interface record struct",contextual:"add alias and ascending async await by descending from(?=\\s*(?:\\w|$)) get global group into init(?=\\s*;) join let nameof not notnull on or orderby partial remove select set unmanaged value when where with(?=\\s*{)",other:"abstract as base break case catch checked const continue default delegate do else event explicit extern finally fixed for foreach goto if implicit in internal is lock namespace new null operator out override params private protected public readonly ref return sealed sizeof stackalloc static switch this throw try typeof unchecked unsafe using virtual volatile while yield"};function a(E){return"\\b(?:"+E.trim().replace(/ /g,"|")+")\\b"}var e=a(s.typeDeclaration),i=RegExp(a(s.type+" "+s.typeDeclaration+" "+s.contextual+" "+s.other)),p=a(s.typeDeclaration+" "+s.contextual+" "+s.other),w=a(s.type+" "+s.typeDeclaration+" "+s.other),d=S(/<(?:[^<>;=+\-*/%&|^]|<>)*>/.source,2),y=S(/\((?:[^()]|<>)*\)/.source,2),h=/@?\b[A-Za-z_]\w*\b/.source,v=c(/<<0>>(?:\s*<<1>>)?/.source,[h,d]),k=c(/(?!<<0>>)<<1>>(?:\s*\.\s*<<1>>)*/.source,[p,v]),t=/\[\s*(?:,\s*)*\]/.source,r=c(/<<0>>(?:\s*(?:\?\s*)?<<1>>)*(?:\s*\?)?/.source,[k,t]),o=c(/[^,()<>[\];=+\-*/%&|^]|<<0>>|<<1>>|<<2>>/.source,[d,y,t]),u=c(/\(<<0>>+(?:,<<0>>+)+\)/.source,[o]),l=c(/(?:<<0>>|<<1>>)(?:\s*(?:\?\s*)?<<2>>)*(?:\s*\?)?/.source,[u,k,t]),f={keyword:i,punctuation:/[<>()?,.:[\]]/},x=/'(?:[^\r\n'\\]|\\.|\\[Uux][\da-fA-F]{1,8})'/.source,m=/"(?:\\.|[^\\"\r\n])*"/.source,A=/@"(?:""|\\[\s\S]|[^\\"])*"(?!")/.source;n.languages.csharp=n.languages.extend("clike",{string:[{pattern:g(/(^|[^$\\])<<0>>/.source,[A]),lookbehind:!0,greedy:!0},{pattern:g(/(^|[^@$\\])<<0>>/.source,[m]),lookbehind:!0,greedy:!0}],"class-name":[{pattern:g(/(\busing\s+static\s+)<<0>>(?=\s*;)/.source,[k]),lookbehind:!0,inside:f},{pattern:g(/(\busing\s+<<0>>\s*=\s*)<<1>>(?=\s*;)/.source,[h,l]),lookbehind:!0,inside:f},{pattern:g(/(\busing\s+)<<0>>(?=\s*=)/.source,[h]),lookbehind:!0},{pattern:g(/(\b<<0>>\s+)<<1>>/.source,[e,v]),lookbehind:!0,inside:f},{pattern:g(/(\bcatch\s*\(\s*)<<0>>/.source,[k]),lookbehind:!0,inside:f},{pattern:g(/(\bwhere\s+)<<0>>/.source,[h]),lookbehind:!0},{pattern:g(/(\b(?:is(?:\s+not)?|as)\s+)<<0>>/.source,[r]),lookbehind:!0,inside:f},{pattern:g(/\b<<0>>(?=\s+(?!<<1>>|with\s*\{)<<2>>(?:\s*[=,;:{)\]]|\s+(?:in|when)\b))/.source,[l,w,h]),inside:f}],keyword:i,number:/(?:\b0(?:x[\da-f_]*[\da-f]|b[01_]*[01])|(?:\B\.\d+(?:_+\d+)*|\b\d+(?:_+\d+)*(?:\.\d+(?:_+\d+)*)?)(?:e[-+]?\d+(?:_+\d+)*)?)(?:[dflmu]|lu|ul)?\b/i,operator:/>>=?|<<=?|[-=]>|([-+&|])\1|~|\?\?=?|[-+*/%&|^!=<>]=?/,punctuation:/\?\.?|::|[{}[\];(),.:]/}),n.languages.insertBefore("csharp","number",{range:{pattern:/\.\./,alias:"operator"}}),n.languages.insertBefore("csharp","punctuation",{"named-parameter":{pattern:g(/([(,]\s*)<<0>>(?=\s*:)/.source,[h]),lookbehind:!0,alias:"punctuation"}}),n.languages.insertBefore("csharp","class-name",{namespace:{pattern:g(/(\b(?:namespace|using)\s+)<<0>>(?:\s*\.\s*<<0>>)*(?=\s*[;{])/.source,[h]),lookbehind:!0,inside:{punctuation:/\./}},"type-expression":{pattern:g(/(\b(?:default|sizeof|typeof)\s*\(\s*(?!\s))(?:[^()\s]|\s(?!\s)|<<0>>)*(?=\s*\))/.source,[y]),lookbehind:!0,alias:"class-name",inside:f},"return-type":{pattern:g(/<<0>>(?=\s+(?:<<1>>\s*(?:=>|[({]|\.\s*this\s*\[)|this\s*\[))/.source,[l,k]),inside:f,alias:"class-name"},"constructor-invocation":{pattern:g(/(\bnew\s+)<<0>>(?=\s*[[({])/.source,[l]),lookbehind:!0,inside:f,alias:"class-name"},"generic-method":{pattern:g(/<<0>>\s*<<1>>(?=\s*\()/.source,[h,d]),inside:{function:g(/^<<0>>/.source,[h]),generic:{pattern:RegExp(d),alias:"class-name",inside:f}}},"type-list":{pattern:g(/\b((?:<<0>>\s+<<1>>|record\s+<<1>>\s*<<5>>|where\s+<<2>>)\s*:\s*)(?:<<3>>|<<4>>|<<1>>\s*<<5>>|<<6>>)(?:\s*,\s*(?:<<3>>|<<4>>|<<6>>))*(?=\s*(?:where|[{;]|=>|$))/.source,[e,v,h,l,i.source,y,/\bnew\s*\(\s*\)/.source]),lookbehind:!0,inside:{"record-arguments":{pattern:g(/(^(?!new\s*\()<<0>>\s*)<<1>>/.source,[v,y]),lookbehind:!0,greedy:!0,inside:n.languages.csharp},keyword:i,"class-name":{pattern:RegExp(l),greedy:!0,inside:f},punctuation:/[,()]/}},preprocessor:{pattern:/(^[\t ]*)#.*/m,lookbehind:!0,alias:"property",inside:{directive:{pattern:/(#)\b(?:define|elif|else|endif|endregion|error|if|line|nullable|pragma|region|undef|warning)\b/,lookbehind:!0,alias:"keyword"}}}});var F=m+"|"+x,T=c(/\/(?![*/])|\/\/[^\r\n]*[\r\n]|\/\*(?:[^*]|\*(?!\/))*\*\/|<<0>>/.source,[F]),I=S(c(/[^"'/()]|<<0>>|\(<>*\)/.source,[T]),2),N=/\b(?:assembly|event|field|method|module|param|property|return|type)\b/.source,W=c(/<<0>>(?:\s*\(<<1>>*\))?/.source,[k,I]);n.languages.insertBefore("csharp","class-name",{attribute:{pattern:g(/((?:^|[^\s\w>)?])\s*\[\s*)(?:<<0>>\s*:\s*)?<<1>>(?:\s*,\s*<<1>>)*(?=\s*\])/.source,[N,W]),lookbehind:!0,greedy:!0,inside:{target:{pattern:g(/^<<0>>(?=\s*:)/.source,[N]),alias:"keyword"},"attribute-arguments":{pattern:g(/\(<<0>>*\)/.source,[I]),inside:n.languages.csharp},"class-name":{pattern:RegExp(k),inside:{punctuation:/\./}},punctuation:/[:,]/}}});var D=/:[^}\r\n]+/.source,z=S(c(/[^"'/()]|<<0>>|\(<>*\)/.source,[T]),2),_=c(/\{(?!\{)(?:(?![}:])<<0>>)*<<1>>?\}/.source,[z,D]),C=S(c(/[^"'/()]|\/(?!\*)|\/\*(?:[^*]|\*(?!\/))*\*\/|<<0>>|\(<>*\)/.source,[F]),2),P=c(/\{(?!\{)(?:(?![}:])<<0>>)*<<1>>?\}/.source,[C,D]);function L(E,R){return{interpolation:{pattern:g(/((?:^|[^{])(?:\{\{)*)<<0>>/.source,[E]),lookbehind:!0,inside:{"format-string":{pattern:g(/(^\{(?:(?![}:])<<0>>)*)<<1>>(?=\}$)/.source,[R,D]),lookbehind:!0,inside:{punctuation:/^:/}},punctuation:/^\{|\}$/,expression:{pattern:/[\s\S]+/,alias:"language-csharp",inside:n.languages.csharp}}},string:/[\s\S]+/}}n.languages.insertBefore("csharp","string",{"interpolation-string":[{pattern:g(/(^|[^\\])(?:\$@|@\$)"(?:""|\\[\s\S]|\{\{|<<0>>|[^\\{"])*"/.source,[_]),lookbehind:!0,greedy:!0,inside:L(_,z)},{pattern:g(/(^|[^@\\])\$"(?:\\.|\{\{|<<0>>|[^\\"{])*"/.source,[P]),lookbehind:!0,greedy:!0,inside:L(P,C)}],char:{pattern:RegExp(x),greedy:!0}}),n.languages.dotnet=n.languages.cs=n.languages.csharp})(Prism);Prism.languages.hcl={comment:/(?:\/\/|#).*|\/\*[\s\S]*?(?:\*\/|$)/,heredoc:{pattern:/<<-?(\w+\b)[\s\S]*?^[ \t]*\1/m,greedy:!0,alias:"string"},keyword:[{pattern:/(?:data|resource)\s+(?:"(?:\\[\s\S]|[^\\"])*")(?=\s+"[\w-]+"\s+\{)/i,inside:{type:{pattern:/(resource|data|\s+)(?:"(?:\\[\s\S]|[^\\"])*")/i,lookbehind:!0,alias:"variable"}}},{pattern:/(?:backend|module|output|provider|provisioner|variable)\s+(?:[\w-]+|"(?:\\[\s\S]|[^\\"])*")\s+(?=\{)/i,inside:{type:{pattern:/(backend|module|output|provider|provisioner|variable)\s+(?:[\w-]+|"(?:\\[\s\S]|[^\\"])*")\s+/i,lookbehind:!0,alias:"variable"}}},/[\w-]+(?=\s+\{)/],property:[/[-\w\.]+(?=\s*=(?!=))/,/"(?:\\[\s\S]|[^\\"])+"(?=\s*[:=])/],string:{pattern:/"(?:[^\\$"]|\\[\s\S]|\$(?:(?=")|\$+(?!\$)|[^"${])|\$\{(?:[^{}"]|"(?:[^\\"]|\\[\s\S])*")*\})*"/,greedy:!0,inside:{interpolation:{pattern:/(^|[^$])\$\{(?:[^{}"]|"(?:[^\\"]|\\[\s\S])*")*\}/,lookbehind:!0,inside:{type:{pattern:/(\b(?:count|data|local|module|path|self|terraform|var)\b\.)[\w\*]+/i,lookbehind:!0,alias:"variable"},keyword:/\b(?:count|data|local|module|path|self|terraform|var)\b/i,function:/\w+(?=\()/,string:{pattern:/"(?:\\[\s\S]|[^\\"])*"/,greedy:!0},number:/\b0x[\da-f]+\b|\b\d+(?:\.\d*)?(?:e[+-]?\d+)?/i,punctuation:/[!\$#%&'()*+,.\/;<=>@\[\\\]^`{|}~?:]/}}}},number:/\b0x[\da-f]+\b|\b\d+(?:\.\d*)?(?:e[+-]?\d+)?/i,boolean:/\b(?:false|true)\b/i,punctuation:/[=\[\]{}]/};(function(n){n.languages.ignore={comment:/^#.*/m,entry:{pattern:/\S(?:.*(?:(?:\\ )|\S))?/,alias:"string",inside:{operator:/^!|\*\*?|\?/,regex:{pattern:/(^|[^\\])\[[^\[\]]*\]/,lookbehind:!0},punctuation:/\//}}},n.languages.gitignore=n.languages.ignore,n.languages.hgignore=n.languages.ignore,n.languages.npmignore=n.languages.ignore})(Prism);Prism.languages.json={property:{pattern:/(^|[^\\])"(?:\\.|[^\\"\r\n])*"(?=\s*:)/,lookbehind:!0,greedy:!0},string:{pattern:/(^|[^\\])"(?:\\.|[^\\"\r\n])*"(?!\s*:)/,lookbehind:!0,greedy:!0},comment:{pattern:/\/\/.*|\/\*[\s\S]*?(?:\*\/|$)/,greedy:!0},number:/-?\b\d+(?:\.\d+)?(?:e[+-]?\d+)?\b/i,punctuation:/[{}[\],]/,operator:/:/,boolean:/\b(?:false|true)\b/,null:{pattern:/\bnull\b/,alias:"keyword"}};Prism.languages.webmanifest=Prism.languages.json;(function(n){var c=/(?:\\.|[^\\\n\r]|(?:\n|\r\n?)(?![\r\n]))/.source;function g(d){return d=d.replace(//g,function(){return c}),RegExp(/((?:^|[^\\])(?:\\{2})*)/.source+"(?:"+d+")")}var S=/(?:\\.|``(?:[^`\r\n]|`(?!`))+``|`[^`\r\n]+`|[^\\|\r\n`])+/.source,s=/\|?__(?:\|__)+\|?(?:(?:\n|\r\n?)|(?![\s\S]))/.source.replace(/__/g,function(){return S}),a=/\|?[ \t]*:?-{3,}:?[ \t]*(?:\|[ \t]*:?-{3,}:?[ \t]*)+\|?(?:\n|\r\n?)/.source;n.languages.markdown=n.languages.extend("markup",{}),n.languages.insertBefore("markdown","prolog",{"front-matter-block":{pattern:/(^(?:\s*[\r\n])?)---(?!.)[\s\S]*?[\r\n]---(?!.)/,lookbehind:!0,greedy:!0,inside:{punctuation:/^---|---$/,"front-matter":{pattern:/\S+(?:\s+\S+)*/,alias:["yaml","language-yaml"],inside:n.languages.yaml}}},blockquote:{pattern:/^>(?:[\t ]*>)*/m,alias:"punctuation"},table:{pattern:RegExp("^"+s+a+"(?:"+s+")*","m"),inside:{"table-data-rows":{pattern:RegExp("^("+s+a+")(?:"+s+")*$"),lookbehind:!0,inside:{"table-data":{pattern:RegExp(S),inside:n.languages.markdown},punctuation:/\|/}},"table-line":{pattern:RegExp("^("+s+")"+a+"$"),lookbehind:!0,inside:{punctuation:/\||:?-{3,}:?/}},"table-header-row":{pattern:RegExp("^"+s+"$"),inside:{"table-header":{pattern:RegExp(S),alias:"important",inside:n.languages.markdown},punctuation:/\|/}}}},code:[{pattern:/((?:^|\n)[ \t]*\n|(?:^|\r\n?)[ \t]*\r\n?)(?: {4}|\t).+(?:(?:\n|\r\n?)(?: {4}|\t).+)*/,lookbehind:!0,alias:"keyword"},{pattern:/^```[\s\S]*?^```$/m,greedy:!0,inside:{"code-block":{pattern:/^(```.*(?:\n|\r\n?))[\s\S]+?(?=(?:\n|\r\n?)^```$)/m,lookbehind:!0},"code-language":{pattern:/^(```).+/,lookbehind:!0},punctuation:/```/}}],title:[{pattern:/\S.*(?:\n|\r\n?)(?:==+|--+)(?=[ \t]*$)/m,alias:"important",inside:{punctuation:/==+$|--+$/}},{pattern:/(^\s*)#.+/m,lookbehind:!0,alias:"important",inside:{punctuation:/^#+|#+$/}}],hr:{pattern:/(^\s*)([*-])(?:[\t ]*\2){2,}(?=\s*$)/m,lookbehind:!0,alias:"punctuation"},list:{pattern:/(^\s*)(?:[*+-]|\d+\.)(?=[\t ].)/m,lookbehind:!0,alias:"punctuation"},"url-reference":{pattern:/!?\[[^\]]+\]:[\t ]+(?:\S+|<(?:\\.|[^>\\])+>)(?:[\t ]+(?:"(?:\\.|[^"\\])*"|'(?:\\.|[^'\\])*'|\((?:\\.|[^)\\])*\)))?/,inside:{variable:{pattern:/^(!?\[)[^\]]+/,lookbehind:!0},string:/(?:"(?:\\.|[^"\\])*"|'(?:\\.|[^'\\])*'|\((?:\\.|[^)\\])*\))$/,punctuation:/^[\[\]!:]|[<>]/},alias:"url"},bold:{pattern:g(/\b__(?:(?!_)|_(?:(?!_))+_)+__\b|\*\*(?:(?!\*)|\*(?:(?!\*))+\*)+\*\*/.source),lookbehind:!0,greedy:!0,inside:{content:{pattern:/(^..)[\s\S]+(?=..$)/,lookbehind:!0,inside:{}},punctuation:/\*\*|__/}},italic:{pattern:g(/\b_(?:(?!_)|__(?:(?!_))+__)+_\b|\*(?:(?!\*)|\*\*(?:(?!\*))+\*\*)+\*/.source),lookbehind:!0,greedy:!0,inside:{content:{pattern:/(^.)[\s\S]+(?=.$)/,lookbehind:!0,inside:{}},punctuation:/[*_]/}},strike:{pattern:g(/(~~?)(?:(?!~))+\2/.source),lookbehind:!0,greedy:!0,inside:{content:{pattern:/(^~~?)[\s\S]+(?=\1$)/,lookbehind:!0,inside:{}},punctuation:/~~?/}},"code-snippet":{pattern:/(^|[^\\`])(?:``[^`\r\n]+(?:`[^`\r\n]+)*``(?!`)|`[^`\r\n]+`(?!`))/,lookbehind:!0,greedy:!0,alias:["code","keyword"]},url:{pattern:g(/!?\[(?:(?!\]))+\](?:\([^\s)]+(?:[\t ]+"(?:\\.|[^"\\])*")?\)|[ \t]?\[(?:(?!\]))+\])/.source),lookbehind:!0,greedy:!0,inside:{operator:/^!/,content:{pattern:/(^\[)[^\]]+(?=\])/,lookbehind:!0,inside:{}},variable:{pattern:/(^\][ \t]?\[)[^\]]+(?=\]$)/,lookbehind:!0},url:{pattern:/(^\]\()[^\s)]+/,lookbehind:!0},string:{pattern:/(^[ \t]+)"(?:\\.|[^"\\])*"(?=\)$)/,lookbehind:!0}}}}),["url","bold","italic","strike"].forEach(function(d){["url","bold","italic","strike","code-snippet"].forEach(function(y){d!==y&&(n.languages.markdown[d].inside.content.inside[y]=n.languages.markdown[y])})}),n.hooks.add("after-tokenize",function(d){if(d.language!=="markdown"&&d.language!=="md")return;function y(h){if(!(!h||typeof h=="string"))for(var v=0,k=h.length;v",quot:'"'},p=String.fromCodePoint||String.fromCharCode;function w(d){var y=d.replace(e,"");return y=y.replace(/&(\w{1,8}|#x?[\da-f]{1,8});/gi,function(h,v){if(v=v.toLowerCase(),v[0]==="#"){var k;return v[1]==="x"?k=parseInt(v.slice(2),16):k=Number(v.slice(1)),p(k)}else{var t=i[v];return t||h}}),y}n.languages.md=n.languages.markdown})(Prism);(function(n){var c=n.languages.powershell={comment:[{pattern:/(^|[^`])<#[\s\S]*?#>/,lookbehind:!0},{pattern:/(^|[^`])#.*/,lookbehind:!0}],string:[{pattern:/"(?:`[\s\S]|[^`"])*"/,greedy:!0,inside:null},{pattern:/'(?:[^']|'')*'/,greedy:!0}],namespace:/\[[a-z](?:\[(?:\[[^\]]*\]|[^\[\]])*\]|[^\[\]])*\]/i,boolean:/\$(?:false|true)\b/i,variable:/\$\w+\b/,function:[/\b(?:Add|Approve|Assert|Backup|Block|Checkpoint|Clear|Close|Compare|Complete|Compress|Confirm|Connect|Convert|ConvertFrom|ConvertTo|Copy|Debug|Deny|Disable|Disconnect|Dismount|Edit|Enable|Enter|Exit|Expand|Export|Find|ForEach|Format|Get|Grant|Group|Hide|Import|Initialize|Install|Invoke|Join|Limit|Lock|Measure|Merge|Move|New|Open|Optimize|Out|Ping|Pop|Protect|Publish|Push|Read|Receive|Redo|Register|Remove|Rename|Repair|Request|Reset|Resize|Resolve|Restart|Restore|Resume|Revoke|Save|Search|Select|Send|Set|Show|Skip|Sort|Split|Start|Step|Stop|Submit|Suspend|Switch|Sync|Tee|Test|Trace|Unblock|Undo|Uninstall|Unlock|Unprotect|Unpublish|Unregister|Update|Use|Wait|Watch|Where|Write)-[a-z]+\b/i,/\b(?:ac|cat|chdir|clc|cli|clp|clv|compare|copy|cp|cpi|cpp|cvpa|dbp|del|diff|dir|ebp|echo|epal|epcsv|epsn|erase|fc|fl|ft|fw|gal|gbp|gc|gci|gcs|gdr|gi|gl|gm|gp|gps|group|gsv|gu|gv|gwmi|iex|ii|ipal|ipcsv|ipsn|irm|iwmi|iwr|kill|lp|ls|measure|mi|mount|move|mp|mv|nal|ndr|ni|nv|ogv|popd|ps|pushd|pwd|rbp|rd|rdr|ren|ri|rm|rmdir|rni|rnp|rp|rv|rvpa|rwmi|sal|saps|sasv|sbp|sc|select|set|shcm|si|sl|sleep|sls|sort|sp|spps|spsv|start|sv|swmi|tee|trcm|type|write)\b/i],keyword:/\b(?:Begin|Break|Catch|Class|Continue|Data|Define|Do|DynamicParam|Else|ElseIf|End|Exit|Filter|Finally|For|ForEach|From|Function|If|InlineScript|Parallel|Param|Process|Return|Sequence|Switch|Throw|Trap|Try|Until|Using|Var|While|Workflow)\b/i,operator:{pattern:/(^|\W)(?:!|-(?:b?(?:and|x?or)|as|(?:Not)?(?:Contains|In|Like|Match)|eq|ge|gt|is(?:Not)?|Join|le|lt|ne|not|Replace|sh[lr])\b|-[-=]?|\+[+=]?|[*\/%]=?)/i,lookbehind:!0},punctuation:/[|{}[\];(),.]/};c.string[0].inside={function:{pattern:/(^|[^`])\$\((?:\$\([^\r\n()]*\)|(?!\$\()[^\r\n)])*\)/,lookbehind:!0,inside:c},boolean:c.boolean,variable:c.variable}})(Prism);(function(n){var c=/(?:[\w-]+|'[^'\n\r]*'|"(?:\\.|[^\\"\r\n])*")/.source;function g(S){return S.replace(/__/g,function(){return c})}n.languages.toml={comment:{pattern:/#.*/,greedy:!0},table:{pattern:RegExp(g(/(^[\t ]*\[\s*(?:\[\s*)?)__(?:\s*\.\s*__)*(?=\s*\])/.source),"m"),lookbehind:!0,greedy:!0,alias:"class-name"},key:{pattern:RegExp(g(/(^[\t ]*|[{,]\s*)__(?:\s*\.\s*__)*(?=\s*=)/.source),"m"),lookbehind:!0,greedy:!0,alias:"property"},string:{pattern:/"""(?:\\[\s\S]|[^\\])*?"""|'''[\s\S]*?'''|'[^'\n\r]*'|"(?:\\.|[^\\"\r\n])*"/,greedy:!0},date:[{pattern:/\b\d{4}-\d{2}-\d{2}(?:[T\s]\d{2}:\d{2}:\d{2}(?:\.\d+)?(?:Z|[+-]\d{2}:\d{2})?)?\b/i,alias:"number"},{pattern:/\b\d{2}:\d{2}:\d{2}(?:\.\d+)?\b/,alias:"number"}],number:/(?:\b0(?:x[\da-zA-Z]+(?:_[\da-zA-Z]+)*|o[0-7]+(?:_[0-7]+)*|b[10]+(?:_[10]+)*))\b|[-+]?\b\d+(?:_\d+)*(?:\.\d+(?:_\d+)*)?(?:[eE][+-]?\d+(?:_\d+)*)?\b|[-+]?\b(?:inf|nan)\b/,boolean:/\b(?:false|true)\b/,punctuation:/[.,=[\]{}]/}})(Prism);(function(n){var c=/[*&][^\s[\]{},]+/,g=/!(?:<[\w\-%#;/?:@&=+$,.!~*'()[\]]+>|(?:[a-zA-Z\d-]*!)?[\w\-%#;/?:@&=+$.~*'()]+)?/,S="(?:"+g.source+"(?:[ ]+"+c.source+")?|"+c.source+"(?:[ ]+"+g.source+")?)",s=/(?:[^\s\x00-\x08\x0e-\x1f!"#%&'*,\-:>?@[\]`{|}\x7f-\x84\x86-\x9f\ud800-\udfff\ufffe\uffff]|[?:-])(?:[ \t]*(?:(?![#:])|:))*/.source.replace(//g,function(){return/[^\s\x00-\x08\x0e-\x1f,[\]{}\x7f-\x84\x86-\x9f\ud800-\udfff\ufffe\uffff]/.source}),a=/"(?:[^"\\\r\n]|\\.)*"|'(?:[^'\\\r\n]|\\.)*'/.source;function e(i,p){p=(p||"").replace(/m/g,"")+"m";var w=/([:\-,[{]\s*(?:\s<>[ \t]+)?)(?:<>)(?=[ \t]*(?:$|,|\]|\}|(?:[\r\n]\s*)?#))/.source.replace(/<>/g,function(){return S}).replace(/<>/g,function(){return i});return RegExp(w,p)}n.languages.yaml={scalar:{pattern:RegExp(/([\-:]\s*(?:\s<>[ \t]+)?[|>])[ \t]*(?:((?:\r?\n|\r)[ \t]+)\S[^\r\n]*(?:\2[^\r\n]+)*)/.source.replace(/<>/g,function(){return S})),lookbehind:!0,alias:"string"},comment:/#.*/,key:{pattern:RegExp(/((?:^|[:\-,[{\r\n?])[ \t]*(?:<>[ \t]+)?)<>(?=\s*:\s)/.source.replace(/<>/g,function(){return S}).replace(/<>/g,function(){return"(?:"+s+"|"+a+")"})),lookbehind:!0,greedy:!0,alias:"atrule"},directive:{pattern:/(^[ \t]*)%.+/m,lookbehind:!0,alias:"important"},datetime:{pattern:e(/\d{4}-\d\d?-\d\d?(?:[tT]|[ \t]+)\d\d?:\d{2}:\d{2}(?:\.\d*)?(?:[ \t]*(?:Z|[-+]\d\d?(?::\d{2})?))?|\d{4}-\d{2}-\d{2}|\d\d?:\d{2}(?::\d{2}(?:\.\d*)?)?/.source),lookbehind:!0,alias:"number"},boolean:{pattern:e(/false|true/.source,"i"),lookbehind:!0,alias:"important"},null:{pattern:e(/null|~/.source,"i"),lookbehind:!0,alias:"important"},string:{pattern:e(a),lookbehind:!0,greedy:!0},number:{pattern:e(/[+-]?(?:0x[\da-f]+|0o[0-7]+|(?:\d+(?:\.\d*)?|\.\d+)(?:e[+-]?\d+)?|\.inf|\.nan)/.source,"i"),lookbehind:!0},tag:g,important:c,punctuation:/---|[:[\]{}\-,|>?]|\.\.\./},n.languages.yml=n.languages.yaml})(Prism);var Fe=V(Q());(function(){if(typeof Prism=="undefined"||typeof document=="undefined")return;var n=[],c={},g=function(){};Prism.plugins.toolbar={};var S=Prism.plugins.toolbar.registerButton=function(e,i){var p;if(typeof i=="function"?p=i:p=function(w){var d;return typeof i.onClick=="function"?(d=document.createElement("button"),d.type="button",d.addEventListener("click",function(){i.onClick.call(this,w)})):typeof i.url=="string"?(d=document.createElement("a"),d.href=i.url):d=document.createElement("span"),i.className&&d.classList.add(i.className),d.textContent=i.text,d},e in c){console.warn('There is a button with the key "'+e+'" registered already.');return}n.push(c[e]=p)};function s(e){for(;e;){var i=e.getAttribute("data-toolbar-order");if(i!=null)return i=i.trim(),i.length?i.split(/\s*,\s*/g):[];e=e.parentElement}}var a=Prism.plugins.toolbar.hook=function(e){var i=e.element.parentNode;if(!(!i||!/pre/i.test(i.nodeName))&&!i.parentNode.classList.contains("code-toolbar")){var p=document.createElement("div");p.classList.add("code-toolbar"),i.parentNode.insertBefore(p,i),p.appendChild(i);var w=document.createElement("div");w.classList.add("toolbar");var d=n,y=s(e.element);y&&(d=y.map(function(h){return c[h]||g})),d.forEach(function(h){var v=h(e);if(v){var k=document.createElement("div");k.classList.add("toolbar-item"),k.appendChild(v),w.appendChild(k)}}),p.appendChild(w)}};S("label",function(e){var i=e.element.parentNode;if(!(!i||!/pre/i.test(i.nodeName))&&i.hasAttribute("data-label")){var p,w,d=i.getAttribute("data-label");try{w=document.querySelector("template#"+d)}catch(y){}return w?p=w.content:(i.hasAttribute("data-url")?(p=document.createElement("a"),p.href=i.getAttribute("data-url")):p=document.createElement("span"),p.textContent=d),p}}),Prism.hooks.add("complete",a)})();(function(){if(typeof Prism=="undefined"||typeof document=="undefined")return;if(!Prism.plugins.toolbar){console.warn("Copy to Clipboard plugin loaded before Toolbar plugin.");return}function n(a,e){a.addEventListener("click",function(){g(e)})}function c(a){var e=document.createElement("textarea");e.value=a.getText(),e.style.top="0",e.style.left="0",e.style.position="fixed",document.body.appendChild(e),e.focus(),e.select();try{var i=document.execCommand("copy");setTimeout(function(){i?a.success():a.error()},1)}catch(p){setTimeout(function(){a.error(p)},1)}document.body.removeChild(e)}function g(a){navigator.clipboard?navigator.clipboard.writeText(a.getText()).then(a.success,function(){c(a)}):c(a)}function S(a){window.getSelection().selectAllChildren(a)}function s(a){var e={copy:"Copy","copy-error":"Press Ctrl+C to copy","copy-success":"Copied!","copy-timeout":5e3},i="data-prismjs-";for(var p in e){for(var w=i+p,d=a;d&&!d.hasAttribute(w);)d=d.parentElement;d&&(e[p]=d.getAttribute(w))}return e}Prism.plugins.toolbar.registerButton("copy-to-clipboard",function(a){var e=a.element,i=s(e),p=document.createElement("button");p.className="copy-to-clipboard-button",p.setAttribute("type","button");var w=document.createElement("span");return p.appendChild(w),y("copy"),n(p,{getText:function(){return e.textContent},success:function(){y("copy-success"),d()},error:function(){y("copy-error"),setTimeout(function(){S(e)},1),d()}}),p;function d(){setTimeout(function(){y("copy")},i["copy-timeout"])}function y(h){w.textContent=i[h],p.setAttribute("data-copy-state",h)}})})();(function(){if(typeof Prism=="undefined"||typeof document=="undefined")return;var n=/(?:^|\s)command-line(?:\s|$)/,c="command-line-prompt",g="".startsWith?function(e,i){return e.startsWith(i)}:function(e,i){return e.indexOf(i)===0},S="".endsWith?function(e,i){return e.endsWith(i)}:function(e,i){var p=e.length;return e.substring(p-i.length,p)===i};function s(e){var i=e.vars=e.vars||{};return"command-line"in i}function a(e){var i=e.vars=e.vars||{};return i["command-line"]=i["command-line"]||{}}Prism.hooks.add("before-highlight",function(e){var i=a(e);if(i.complete||!e.code){i.complete=!0;return}var p=e.element.parentElement;if(!p||!/pre/i.test(p.nodeName)||!n.test(p.className)&&!n.test(e.element.className)){i.complete=!0;return}var w=e.element.querySelector("."+c);w&&w.remove();var d=e.code.split(` diff --git a/page/1/index.html b/page/1/index.html index 2b641798..d6e6da9b 100644 --- a/page/1/index.html +++ b/page/1/index.html @@ -1 +1,2 @@ -/ \ No newline at end of file +/ + \ No newline at end of file diff --git a/page/2/index.html b/page/2/index.html index 7c7ac3d2..034cde17 100644 --- a/page/2/index.html +++ b/page/2/index.html @@ -1,4 +1,5 @@ -— Software Engineer
+— Software Engineer +

Dave Gallant
-
\ No newline at end of file +Newer Posts
Dave Gallant
\ No newline at end of file diff --git a/post/index.html b/post/index.html index 1a6dd2f0..444c27f0 100644 --- a/post/index.html +++ b/post/index.html @@ -1,4 +1,5 @@ -Posts
+Posts +

Posts

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

Read more >

Running K3s in LXC on Proxmox

2021-11-14 (updated: 2024-01-01)
k3sproxmoxlxcself‑hosted
It has been a while since I’ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I’ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it’d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment.
Read more >

Automatically rotating AWS access keys

2021-09-17 (updated: 2024-01-01)
awspythonsecurityaws‑vault
Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. -In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.
Read more >

Why I threw out my dotfiles

2021-09-08 (updated: 2024-01-01)
nixdotfileshome‑manager

Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (~/.zshrc, ~/.config/git/config, ~/.config/tmux/tmux.conf, etc). I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.

Read more >

What to do with a homelab

2021-09-06 by Dave Gallant (updated: 2024-01-01)

A homelab can be an inexpensive way to host a multitude of internal/external services and learn a lot in the process.

Read more >
Dave Gallant
-
\ No newline at end of file +In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.
Read more >

Why I threw out my dotfiles

2021-09-08 (updated: 2024-01-01)
nixdotfileshome‑manager

Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (~/.zshrc, ~/.config/git/config, ~/.config/tmux/tmux.conf, etc). I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.

Read more >

What to do with a homelab

2021-09-06 by Dave Gallant (updated: 2024-01-01)

A homelab can be an inexpensive way to host a multitude of internal/external services and learn a lot in the process.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/post/index.xml b/post/index.xml index 87581379..bd037c4b 100644 --- a/post/index.xml +++ b/post/index.xml @@ -1,26 +1,50 @@ -Posts on/post/Recent content in Posts onHugo -- gohugo.ioDave GallantSun, 10 Dec 2023 17:22:11 -0500Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a -href="https://tailscale.com/" -class="link--external" target="_blank" rel="noreferrer" +Posts on/post/Recent content in Posts onHugo -- gohugo.ioenDave GallantSun, 10 Dec 2023 17:22:11 -0500Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a + href="https://tailscale.com/" + + + class="link--external" target="_blank" rel="noreferrer" + >Tailscale</a>, unlocking a simple and secure way to automate workflows.</p>Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p>Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a -href="https://yewtu.be" -class="link--external" target="_blank" rel="noreferrer" + href="https://yewtu.be" + + + class="link--external" target="_blank" rel="noreferrer" + >yewtu.be</a> and found it intriguing. It not only allows you to watch YouTube without <em>being on YouTube</em>, but it also allows you to create an account and subscribe to channels without a Google account. What sort of wizardry is going on under the hood? It turns out that it&rsquo;s a hosted instance of <a -href="https://invidious.io/" -class="link--external" target="_blank" rel="noreferrer" + href="https://invidious.io/" + + + class="link--external" target="_blank" rel="noreferrer" + >invidious</a>.</p>Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a -href="https://en.wikipedia.org/wiki/OpenWrt" -class="link--external" target="_blank" rel="noreferrer" + href="https://en.wikipedia.org/wiki/OpenWrt" + + + class="link--external" target="_blank" rel="noreferrer" + >OpenWrt</a> for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a <a -href="https://openwrt.org/packages/index/start" -class="link--external" target="_blank" rel="noreferrer" + href="https://openwrt.org/packages/index/start" + + + class="link--external" target="_blank" rel="noreferrer" + >large index of packages</a>. Ever since I&rsquo;ve connected some standalone wireless access points, I&rsquo;ve had less of a need for an off-the-shelf all-in-one wireless router combo. I&rsquo;ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!</p>Backing up gmail with Synology/blog/2022/03/13/backing-up-gmail-with-synology/Sun, 13 Mar 2022 18:49:10 -0400/blog/2022/03/13/backing-up-gmail-with-synology/<p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p>Running K3s in LXC on Proxmox/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/Sun, 14 Nov 2021 10:07:03 -0500/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/It has been a while since I&rsquo;ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I&rsquo;ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it&rsquo;d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment.Replacing docker with podman on macOS (and Linux)/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/Mon, 11 Oct 2021 10:43:35 -0400/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/<p>There are a number of reasons why you might want to replace docker, especially on macOS. The following feature bundled in Docker Desktop might have motivated you enough to consider replacing docker:</p>Automatically rotating AWS access keys/blog/2021/09/17/automatically-rotating-aws-access-keys/Fri, 17 Sep 2021 12:48:33 -0400/blog/2021/09/17/automatically-rotating-aws-access-keys/Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.Why I threw out my dotfiles/blog/2021/09/08/why-i-threw-out-my-dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/blog/2021/09/08/why-i-threw-out-my-dotfiles/<p>Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (<code>~/.zshrc</code>, <code>~/.config/git/config</code>, <code>~/.config/tmux/tmux.conf</code>, etc). I have tried several different ways to manage them, including <a -href="https://www.atlassian.com/git/tutorials/dotfiles" -class="link--external" target="_blank" rel="noreferrer" + href="https://www.atlassian.com/git/tutorials/dotfiles" + + + class="link--external" target="_blank" rel="noreferrer" + >bare git repos</a> and utilities such as <a -href="https://www.gnu.org/software/stow/" -class="link--external" target="_blank" rel="noreferrer" + href="https://www.gnu.org/software/stow/" + + + class="link--external" target="_blank" rel="noreferrer" + >GNU Stow</a>. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: <a -href="https://github.com/nix-community/home-manager" -class="link--external" target="_blank" rel="noreferrer" + href="https://github.com/nix-community/home-manager" + + + class="link--external" target="_blank" rel="noreferrer" + >home-manager</a>.</p>What to do with a homelab/blog/2021/09/06/what-to-do-with-a-homelab/Mon, 06 Sep 2021 01:12:54 -0400/blog/2021/09/06/what-to-do-with-a-homelab/<p>A homelab can be an inexpensive way to host a multitude of internal/external services and learn <em>a lot</em> in the process.</p>AppGate SDP on Arch Linux/blog/2020/03/16/appgate-sdp-on-arch-linux/Mon, 16 Mar 2020 22:00:15 -0400/blog/2020/03/16/appgate-sdp-on-arch-linux/<p>AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP <code>4.3.2</code> working on Arch Linux.</p> \ No newline at end of file diff --git a/post/page/1/index.html b/post/page/1/index.html index b79cb460..7e185155 100644 --- a/post/page/1/index.html +++ b/post/page/1/index.html @@ -1 +1,2 @@ -/post/ \ No newline at end of file +/post/ + \ No newline at end of file diff --git a/post/page/2/index.html b/post/page/2/index.html index 0eada7c8..d5969a28 100644 --- a/post/page/2/index.html +++ b/post/page/2/index.html @@ -1,4 +1,5 @@ -Posts
+Posts +

Posts

Dave Gallant
-
\ No newline at end of file +Newer Posts
Dave Gallant
\ No newline at end of file diff --git a/sitemap.xml b/sitemap.xml index ea7e9dc6..be94e156 100644 --- a/sitemap.xml +++ b/sitemap.xml @@ -1 +1 @@ -/about/2024-01-02T09:33:25-05:00/2024-01-02T09:33:25-05:00/tags/gitea/2024-01-01T23:33:36-05:00/tags/gitea-actions/2024-01-01T23:33:36-05:00/tags/github-actions/2024-01-01T23:33:36-05:00/post/2024-01-02T09:33:25-05:00/tags/self-hosted/2024-01-01T23:33:36-05:00/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/2024-01-01T23:33:36-05:00/tags/2024-01-02T09:33:25-05:00/tags/tailscale/2024-01-01T23:33:36-05:00/tags/aks/2024-01-01T23:33:36-05:00/tags/aws/2024-01-01T23:33:36-05:00/tags/azure/2024-01-01T23:33:36-05:00/tags/bastion/2024-01-01T23:33:36-05:00/tags/cloud-sql-proxy/2024-01-01T23:33:36-05:00/tags/database/2024-01-01T23:33:36-05:00/tags/eks/2024-01-01T23:33:36-05:00/tags/k8s/2024-01-01T23:33:36-05:00/tags/kubectl-plugin-socks5-proxy/2024-01-01T23:33:36-05:00/tags/proxy/2024-01-01T23:33:36-05:00/tags/socat/2024-01-01T23:33:36-05:00/tags/socks/2024-01-01T23:33:36-05:00/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/2024-01-01T23:33:36-05:00/tags/degoogle/2024-01-01T23:33:36-05:00/tags/invidious/2024-01-01T23:33:36-05:00/tags/privacy/2024-01-01T23:33:36-05:00/blog/2022/12/10/watching-youtube-in-private/2024-01-01T23:33:36-05:00/tags/yewtu.be/2024-01-01T23:33:36-05:00/tags/youtube/2024-01-01T23:33:36-05:00/tags/openwrt/2024-01-01T23:33:36-05:00/tags/pfsense/2024-01-01T23:33:36-05:00/tags/proxmox/2024-01-01T23:33:36-05:00/tags/router/2024-01-01T23:33:36-05:00/tags/router-on-a-stick/2024-01-01T23:33:36-05:00/blog/2022/04/02/virtualizing-my-router-with-pfsense/2024-01-01T23:33:36-05:00/tags/vlan/2024-01-01T23:33:36-05:00/blog/2022/03/13/backing-up-gmail-with-synology/2024-01-01T23:33:36-05:00/tags/backup/2024-01-01T23:33:36-05:00/tags/gmail/2024-01-01T23:33:36-05:00/tags/ransomware/2024-01-01T23:33:36-05:00/tags/synology/2024-01-01T23:33:36-05:00/tags/k3s/2024-01-01T23:33:36-05:00/tags/lxc/2024-01-01T23:33:36-05:00/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/2024-01-01T23:33:36-05:00/tags/containers/2024-01-02T09:33:25-05:00/tags/docker/2024-01-02T09:33:25-05:00/tags/podman/2024-01-02T09:33:25-05:00/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/2024-01-02T09:33:25-05:00/blog/2021/09/17/automatically-rotating-aws-access-keys/2024-01-01T23:33:36-05:00/tags/aws-vault/2024-01-01T23:33:36-05:00/tags/python/2024-01-01T23:33:36-05:00/tags/security/2024-01-01T23:33:36-05:00/tags/dotfiles/2024-01-01T23:33:36-05:00/tags/home-manager/2024-01-01T23:33:36-05:00/tags/nix/2024-01-01T23:33:36-05:00/blog/2021/09/08/why-i-threw-out-my-dotfiles/2024-01-01T23:33:36-05:00/blog/2021/09/06/what-to-do-with-a-homelab/2024-01-01T23:33:36-05:00/blog/2020/03/16/appgate-sdp-on-arch-linux/2024-01-01T23:33:36-05:00/tags/linux/2024-01-01T23:33:36-05:00/tags/vpn/2024-01-01T23:33:36-05:00/categories/ \ No newline at end of file +/en/sitemap.xml2024-01-02T09:33:25-05:00/de/sitemap.xml \ No newline at end of file diff --git a/tags/aks/index.html b/tags/aks/index.html index 95ea283a..a5ab81a3 100644 --- a/tags/aks/index.html +++ b/tags/aks/index.html @@ -1,3 +1,4 @@ -aks
-

aks

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
-
\ No newline at end of file +aks +
+

aks

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/aks/index.xml b/tags/aks/index.xml index edbea291..7a591319 100644 --- a/tags/aks/index.xml +++ b/tags/aks/index.xml @@ -1 +1 @@ -aks on/tags/aks/Recent content in aks onHugo -- gohugo.ioDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file +aks on/tags/aks/Recent content in aks onHugo -- gohugo.ioenDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file diff --git a/tags/aks/page/1/index.html b/tags/aks/page/1/index.html index 093f897c..903075da 100644 --- a/tags/aks/page/1/index.html +++ b/tags/aks/page/1/index.html @@ -1 +1,2 @@ -/tags/aks/ \ No newline at end of file +/tags/aks/ + \ No newline at end of file diff --git a/tags/aws-vault/index.html b/tags/aws-vault/index.html index dc9542f9..973ea25f 100644 --- a/tags/aws-vault/index.html +++ b/tags/aws-vault/index.html @@ -1,4 +1,5 @@ -aws-vault
+aws-vault +

aws-vault

Automatically rotating AWS access keys

2021-09-17 (updated: 2024-01-01)
awspythonsecurityaws‑vault
Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. -In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.
Read more >
Dave Gallant
-
\ No newline at end of file +In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.
Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/aws-vault/index.xml b/tags/aws-vault/index.xml index cf182ee7..1d5d27f0 100644 --- a/tags/aws-vault/index.xml +++ b/tags/aws-vault/index.xml @@ -1,2 +1,2 @@ -aws-vault on/tags/aws-vault/Recent content in aws-vault onHugo -- gohugo.ioDave GallantFri, 17 Sep 2021 12:48:33 -0400Automatically rotating AWS access keys/blog/2021/09/17/automatically-rotating-aws-access-keys/Fri, 17 Sep 2021 12:48:33 -0400/blog/2021/09/17/automatically-rotating-aws-access-keys/Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. +aws-vault on/tags/aws-vault/Recent content in aws-vault onHugo -- gohugo.ioenDave GallantFri, 17 Sep 2021 12:48:33 -0400Automatically rotating AWS access keys/blog/2021/09/17/automatically-rotating-aws-access-keys/Fri, 17 Sep 2021 12:48:33 -0400/blog/2021/09/17/automatically-rotating-aws-access-keys/Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. In the longer term, migrating my local workflows to aws-vault seems like a more secure solution. \ No newline at end of file diff --git a/tags/aws-vault/page/1/index.html b/tags/aws-vault/page/1/index.html index 28f9f5f8..ab79b312 100644 --- a/tags/aws-vault/page/1/index.html +++ b/tags/aws-vault/page/1/index.html @@ -1 +1,2 @@ -/tags/aws-vault/ \ No newline at end of file +/tags/aws-vault/ + \ No newline at end of file diff --git a/tags/aws/index.html b/tags/aws/index.html index 1f6886f6..779c023c 100644 --- a/tags/aws/index.html +++ b/tags/aws/index.html @@ -1,4 +1,5 @@ -aws
+aws +

aws

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >

Automatically rotating AWS access keys

2021-09-17 (updated: 2024-01-01)
awspythonsecurityaws‑vault
Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. -In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.
Read more >
Dave Gallant
-
\ No newline at end of file +In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.
Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/aws/index.xml b/tags/aws/index.xml index 592e0cc4..de3d338e 100644 --- a/tags/aws/index.xml +++ b/tags/aws/index.xml @@ -1,2 +1,2 @@ -aws on/tags/aws/Recent content in aws onHugo -- gohugo.ioDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p>Automatically rotating AWS access keys/blog/2021/09/17/automatically-rotating-aws-access-keys/Fri, 17 Sep 2021 12:48:33 -0400/blog/2021/09/17/automatically-rotating-aws-access-keys/Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. +aws on/tags/aws/Recent content in aws onHugo -- gohugo.ioenDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p>Automatically rotating AWS access keys/blog/2021/09/17/automatically-rotating-aws-access-keys/Fri, 17 Sep 2021 12:48:33 -0400/blog/2021/09/17/automatically-rotating-aws-access-keys/Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. In the longer term, migrating my local workflows to aws-vault seems like a more secure solution. \ No newline at end of file diff --git a/tags/aws/page/1/index.html b/tags/aws/page/1/index.html index 2c863cbe..dcb46158 100644 --- a/tags/aws/page/1/index.html +++ b/tags/aws/page/1/index.html @@ -1 +1,2 @@ -/tags/aws/ \ No newline at end of file +/tags/aws/ + \ No newline at end of file diff --git a/tags/azure/index.html b/tags/azure/index.html index f743861e..67e47938 100644 --- a/tags/azure/index.html +++ b/tags/azure/index.html @@ -1,3 +1,4 @@ -azure
-

azure

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
-
\ No newline at end of file +azure +
+

azure

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/azure/index.xml b/tags/azure/index.xml index 817fcfa7..b39ddb1c 100644 --- a/tags/azure/index.xml +++ b/tags/azure/index.xml @@ -1 +1 @@ -azure on/tags/azure/Recent content in azure onHugo -- gohugo.ioDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file +azure on/tags/azure/Recent content in azure onHugo -- gohugo.ioenDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file diff --git a/tags/azure/page/1/index.html b/tags/azure/page/1/index.html index 41efed15..90b8ce45 100644 --- a/tags/azure/page/1/index.html +++ b/tags/azure/page/1/index.html @@ -1 +1,2 @@ -/tags/azure/ \ No newline at end of file +/tags/azure/ + \ No newline at end of file diff --git a/tags/backup/index.html b/tags/backup/index.html index 31e08c81..13904df1 100644 --- a/tags/backup/index.html +++ b/tags/backup/index.html @@ -1,3 +1,4 @@ -backup
-

backup

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

Read more >
Dave Gallant
-
\ No newline at end of file +backup +
+

backup

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/backup/index.xml b/tags/backup/index.xml index 553937df..92c8c503 100644 --- a/tags/backup/index.xml +++ b/tags/backup/index.xml @@ -1 +1 @@ -backup on/tags/backup/Recent content in backup onHugo -- gohugo.ioDave GallantSun, 13 Mar 2022 18:49:10 -0400Backing up gmail with Synology/blog/2022/03/13/backing-up-gmail-with-synology/Sun, 13 Mar 2022 18:49:10 -0400/blog/2022/03/13/backing-up-gmail-with-synology/<p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p> \ No newline at end of file +backup on/tags/backup/Recent content in backup onHugo -- gohugo.ioenDave GallantSun, 13 Mar 2022 18:49:10 -0400Backing up gmail with Synology/blog/2022/03/13/backing-up-gmail-with-synology/Sun, 13 Mar 2022 18:49:10 -0400/blog/2022/03/13/backing-up-gmail-with-synology/<p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p> \ No newline at end of file diff --git a/tags/backup/page/1/index.html b/tags/backup/page/1/index.html index e52fb218..6ae38436 100644 --- a/tags/backup/page/1/index.html +++ b/tags/backup/page/1/index.html @@ -1 +1,2 @@ -/tags/backup/ \ No newline at end of file +/tags/backup/ + \ No newline at end of file diff --git a/tags/bastion/index.html b/tags/bastion/index.html index 9a068230..de459ff4 100644 --- a/tags/bastion/index.html +++ b/tags/bastion/index.html @@ -1,3 +1,4 @@ -bastion
-

bastion

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
-
\ No newline at end of file +bastion +
+

bastion

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/bastion/index.xml b/tags/bastion/index.xml index ad50ef22..b4112e32 100644 --- a/tags/bastion/index.xml +++ b/tags/bastion/index.xml @@ -1 +1 @@ -bastion on/tags/bastion/Recent content in bastion onHugo -- gohugo.ioDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file +bastion on/tags/bastion/Recent content in bastion onHugo -- gohugo.ioenDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file diff --git a/tags/bastion/page/1/index.html b/tags/bastion/page/1/index.html index 7e46dbfe..215490a1 100644 --- a/tags/bastion/page/1/index.html +++ b/tags/bastion/page/1/index.html @@ -1 +1,2 @@ -/tags/bastion/ \ No newline at end of file +/tags/bastion/ + \ No newline at end of file diff --git a/tags/cloud-sql-proxy/index.html b/tags/cloud-sql-proxy/index.html index 900f65f1..4cb2f71c 100644 --- a/tags/cloud-sql-proxy/index.html +++ b/tags/cloud-sql-proxy/index.html @@ -1,3 +1,4 @@ -cloud-sql-proxy
-

cloud-sql-proxy

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
-
\ No newline at end of file +cloud-sql-proxy +
+

cloud-sql-proxy

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/cloud-sql-proxy/index.xml b/tags/cloud-sql-proxy/index.xml index 812cafcd..94edfa6d 100644 --- a/tags/cloud-sql-proxy/index.xml +++ b/tags/cloud-sql-proxy/index.xml @@ -1 +1 @@ -cloud-sql-proxy on/tags/cloud-sql-proxy/Recent content in cloud-sql-proxy onHugo -- gohugo.ioDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file +cloud-sql-proxy on/tags/cloud-sql-proxy/Recent content in cloud-sql-proxy onHugo -- gohugo.ioenDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file diff --git a/tags/cloud-sql-proxy/page/1/index.html b/tags/cloud-sql-proxy/page/1/index.html index 15607d78..77e17b02 100644 --- a/tags/cloud-sql-proxy/page/1/index.html +++ b/tags/cloud-sql-proxy/page/1/index.html @@ -1 +1,2 @@ -/tags/cloud-sql-proxy/ \ No newline at end of file +/tags/cloud-sql-proxy/ + \ No newline at end of file diff --git a/tags/containers/index.html b/tags/containers/index.html index 9fde901e..f6536871 100644 --- a/tags/containers/index.html +++ b/tags/containers/index.html @@ -1,3 +1,4 @@ -containers
-

containers

Dave Gallant
-
\ No newline at end of file +containers +
+

containers

Dave Gallant
\ No newline at end of file diff --git a/tags/containers/index.xml b/tags/containers/index.xml index 0daf9df2..22012854 100644 --- a/tags/containers/index.xml +++ b/tags/containers/index.xml @@ -1 +1 @@ -containers on/tags/containers/Recent content in containers onHugo -- gohugo.ioDave GallantMon, 11 Oct 2021 10:43:35 -0400Replacing docker with podman on macOS (and Linux)/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/Mon, 11 Oct 2021 10:43:35 -0400/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/<p>There are a number of reasons why you might want to replace docker, especially on macOS. The following feature bundled in Docker Desktop might have motivated you enough to consider replacing docker:</p> \ No newline at end of file +containers on/tags/containers/Recent content in containers onHugo -- gohugo.ioenDave GallantMon, 11 Oct 2021 10:43:35 -0400Replacing docker with podman on macOS (and Linux)/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/Mon, 11 Oct 2021 10:43:35 -0400/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/<p>There are a number of reasons why you might want to replace docker, especially on macOS. The following feature bundled in Docker Desktop might have motivated you enough to consider replacing docker:</p> \ No newline at end of file diff --git a/tags/containers/page/1/index.html b/tags/containers/page/1/index.html index c317498b..1e49d06e 100644 --- a/tags/containers/page/1/index.html +++ b/tags/containers/page/1/index.html @@ -1 +1,2 @@ -/tags/containers/ \ No newline at end of file +/tags/containers/ + \ No newline at end of file diff --git a/tags/database/index.html b/tags/database/index.html index ddca19fa..b4c4ef8a 100644 --- a/tags/database/index.html +++ b/tags/database/index.html @@ -1,3 +1,4 @@ -database
-

database

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
-
\ No newline at end of file +database +
+

database

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/database/index.xml b/tags/database/index.xml index e0ec99a2..9f0576af 100644 --- a/tags/database/index.xml +++ b/tags/database/index.xml @@ -1 +1 @@ -database on/tags/database/Recent content in database onHugo -- gohugo.ioDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file +database on/tags/database/Recent content in database onHugo -- gohugo.ioenDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file diff --git a/tags/database/page/1/index.html b/tags/database/page/1/index.html index fe8cb73f..f9ee0def 100644 --- a/tags/database/page/1/index.html +++ b/tags/database/page/1/index.html @@ -1 +1,2 @@ -/tags/database/ \ No newline at end of file +/tags/database/ + \ No newline at end of file diff --git a/tags/degoogle/index.html b/tags/degoogle/index.html index 5fbd288f..b5f67731 100644 --- a/tags/degoogle/index.html +++ b/tags/degoogle/index.html @@ -1,3 +1,4 @@ -degoogle
-

degoogle

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

Read more >
Dave Gallant
-
\ No newline at end of file +degoogle +
+

degoogle

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/degoogle/index.xml b/tags/degoogle/index.xml index 9e117fd4..2c062696 100644 --- a/tags/degoogle/index.xml +++ b/tags/degoogle/index.xml @@ -1,7 +1,13 @@ -degoogle on/tags/degoogle/Recent content in degoogle onHugo -- gohugo.ioDave GallantSat, 10 Dec 2022 21:46:55 -0500Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a -href="https://yewtu.be" -class="link--external" target="_blank" rel="noreferrer" +degoogle on/tags/degoogle/Recent content in degoogle onHugo -- gohugo.ioenDave GallantSat, 10 Dec 2022 21:46:55 -0500Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a + href="https://yewtu.be" + + + class="link--external" target="_blank" rel="noreferrer" + >yewtu.be</a> and found it intriguing. It not only allows you to watch YouTube without <em>being on YouTube</em>, but it also allows you to create an account and subscribe to channels without a Google account. What sort of wizardry is going on under the hood? It turns out that it&rsquo;s a hosted instance of <a -href="https://invidious.io/" -class="link--external" target="_blank" rel="noreferrer" + href="https://invidious.io/" + + + class="link--external" target="_blank" rel="noreferrer" + >invidious</a>.</p>Backing up gmail with Synology/blog/2022/03/13/backing-up-gmail-with-synology/Sun, 13 Mar 2022 18:49:10 -0400/blog/2022/03/13/backing-up-gmail-with-synology/<p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p> \ No newline at end of file diff --git a/tags/degoogle/page/1/index.html b/tags/degoogle/page/1/index.html index 3fc52048..d99624aa 100644 --- a/tags/degoogle/page/1/index.html +++ b/tags/degoogle/page/1/index.html @@ -1 +1,2 @@ -/tags/degoogle/ \ No newline at end of file +/tags/degoogle/ + \ No newline at end of file diff --git a/tags/docker/index.html b/tags/docker/index.html index 27f1e9b9..48a77a24 100644 --- a/tags/docker/index.html +++ b/tags/docker/index.html @@ -1,3 +1,4 @@ -docker
-

docker

Dave Gallant
-
\ No newline at end of file +docker +
+

docker

Dave Gallant
\ No newline at end of file diff --git a/tags/docker/index.xml b/tags/docker/index.xml index 56187f83..6fd58f3b 100644 --- a/tags/docker/index.xml +++ b/tags/docker/index.xml @@ -1 +1 @@ -docker on/tags/docker/Recent content in docker onHugo -- gohugo.ioDave GallantMon, 11 Oct 2021 10:43:35 -0400Replacing docker with podman on macOS (and Linux)/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/Mon, 11 Oct 2021 10:43:35 -0400/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/<p>There are a number of reasons why you might want to replace docker, especially on macOS. The following feature bundled in Docker Desktop might have motivated you enough to consider replacing docker:</p> \ No newline at end of file +docker on/tags/docker/Recent content in docker onHugo -- gohugo.ioenDave GallantMon, 11 Oct 2021 10:43:35 -0400Replacing docker with podman on macOS (and Linux)/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/Mon, 11 Oct 2021 10:43:35 -0400/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/<p>There are a number of reasons why you might want to replace docker, especially on macOS. The following feature bundled in Docker Desktop might have motivated you enough to consider replacing docker:</p> \ No newline at end of file diff --git a/tags/docker/page/1/index.html b/tags/docker/page/1/index.html index d412c316..4e4af791 100644 --- a/tags/docker/page/1/index.html +++ b/tags/docker/page/1/index.html @@ -1 +1,2 @@ -/tags/docker/ \ No newline at end of file +/tags/docker/ + \ No newline at end of file diff --git a/tags/dotfiles/index.html b/tags/dotfiles/index.html index d22e65c0..ef9ec859 100644 --- a/tags/dotfiles/index.html +++ b/tags/dotfiles/index.html @@ -1,3 +1,4 @@ -dotfiles
-

dotfiles

Why I threw out my dotfiles

2021-09-08 (updated: 2024-01-01)
nixdotfileshome‑manager

Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (~/.zshrc, ~/.config/git/config, ~/.config/tmux/tmux.conf, etc). I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.

Read more >
Dave Gallant
-
\ No newline at end of file +dotfiles +
+

dotfiles

Why I threw out my dotfiles

2021-09-08 (updated: 2024-01-01)
nixdotfileshome‑manager

Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (~/.zshrc, ~/.config/git/config, ~/.config/tmux/tmux.conf, etc). I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/dotfiles/index.xml b/tags/dotfiles/index.xml index 67bb81ec..d6e3a621 100644 --- a/tags/dotfiles/index.xml +++ b/tags/dotfiles/index.xml @@ -1,10 +1,19 @@ -dotfiles on/tags/dotfiles/Recent content in dotfiles onHugo -- gohugo.ioDave GallantWed, 08 Sep 2021 00:42:33 -0400Why I threw out my dotfiles/blog/2021/09/08/why-i-threw-out-my-dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/blog/2021/09/08/why-i-threw-out-my-dotfiles/<p>Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (<code>~/.zshrc</code>, <code>~/.config/git/config</code>, <code>~/.config/tmux/tmux.conf</code>, etc). I have tried several different ways to manage them, including <a -href="https://www.atlassian.com/git/tutorials/dotfiles" -class="link--external" target="_blank" rel="noreferrer" +dotfiles on/tags/dotfiles/Recent content in dotfiles onHugo -- gohugo.ioenDave GallantWed, 08 Sep 2021 00:42:33 -0400Why I threw out my dotfiles/blog/2021/09/08/why-i-threw-out-my-dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/blog/2021/09/08/why-i-threw-out-my-dotfiles/<p>Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (<code>~/.zshrc</code>, <code>~/.config/git/config</code>, <code>~/.config/tmux/tmux.conf</code>, etc). I have tried several different ways to manage them, including <a + href="https://www.atlassian.com/git/tutorials/dotfiles" + + + class="link--external" target="_blank" rel="noreferrer" + >bare git repos</a> and utilities such as <a -href="https://www.gnu.org/software/stow/" -class="link--external" target="_blank" rel="noreferrer" + href="https://www.gnu.org/software/stow/" + + + class="link--external" target="_blank" rel="noreferrer" + >GNU Stow</a>. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: <a -href="https://github.com/nix-community/home-manager" -class="link--external" target="_blank" rel="noreferrer" + href="https://github.com/nix-community/home-manager" + + + class="link--external" target="_blank" rel="noreferrer" + >home-manager</a>.</p> \ No newline at end of file diff --git a/tags/dotfiles/page/1/index.html b/tags/dotfiles/page/1/index.html index 02d9ab25..06ed4aba 100644 --- a/tags/dotfiles/page/1/index.html +++ b/tags/dotfiles/page/1/index.html @@ -1 +1,2 @@ -/tags/dotfiles/ \ No newline at end of file +/tags/dotfiles/ + \ No newline at end of file diff --git a/tags/eks/index.html b/tags/eks/index.html index 8fd40212..1587ec11 100644 --- a/tags/eks/index.html +++ b/tags/eks/index.html @@ -1,3 +1,4 @@ -eks
-

eks

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
-
\ No newline at end of file +eks +
+

eks

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/eks/index.xml b/tags/eks/index.xml index 431b40fa..8297f284 100644 --- a/tags/eks/index.xml +++ b/tags/eks/index.xml @@ -1 +1 @@ -eks on/tags/eks/Recent content in eks onHugo -- gohugo.ioDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file +eks on/tags/eks/Recent content in eks onHugo -- gohugo.ioenDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file diff --git a/tags/eks/page/1/index.html b/tags/eks/page/1/index.html index 98e93b75..5573538c 100644 --- a/tags/eks/page/1/index.html +++ b/tags/eks/page/1/index.html @@ -1 +1,2 @@ -/tags/eks/ \ No newline at end of file +/tags/eks/ + \ No newline at end of file diff --git a/tags/gitea-actions/index.html b/tags/gitea-actions/index.html index 66a15fc6..611c1252 100644 --- a/tags/gitea-actions/index.html +++ b/tags/gitea-actions/index.html @@ -1,3 +1,4 @@ -gitea actions
-

gitea actions

Dave Gallant
-
\ No newline at end of file +gitea actions +
+

gitea actions

Dave Gallant
\ No newline at end of file diff --git a/tags/gitea-actions/index.xml b/tags/gitea-actions/index.xml index df364e5a..8841aade 100644 --- a/tags/gitea-actions/index.xml +++ b/tags/gitea-actions/index.xml @@ -1,4 +1,7 @@ -gitea actions on/tags/gitea-actions/Recent content in gitea actions onHugo -- gohugo.ioDave GallantSun, 10 Dec 2023 17:22:11 -0500Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a -href="https://tailscale.com/" -class="link--external" target="_blank" rel="noreferrer" +gitea actions on/tags/gitea-actions/Recent content in gitea actions onHugo -- gohugo.ioenDave GallantSun, 10 Dec 2023 17:22:11 -0500Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a + href="https://tailscale.com/" + + + class="link--external" target="_blank" rel="noreferrer" + >Tailscale</a>, unlocking a simple and secure way to automate workflows.</p> \ No newline at end of file diff --git a/tags/gitea-actions/page/1/index.html b/tags/gitea-actions/page/1/index.html index 62af827f..95039921 100644 --- a/tags/gitea-actions/page/1/index.html +++ b/tags/gitea-actions/page/1/index.html @@ -1 +1,2 @@ -/tags/gitea-actions/ \ No newline at end of file +/tags/gitea-actions/ + \ No newline at end of file diff --git a/tags/gitea/index.html b/tags/gitea/index.html index b22c4290..9a1d14ef 100644 --- a/tags/gitea/index.html +++ b/tags/gitea/index.html @@ -1,3 +1,4 @@ -gitea
-

gitea

Dave Gallant
-
\ No newline at end of file +gitea +
+

gitea

Dave Gallant
\ No newline at end of file diff --git a/tags/gitea/index.xml b/tags/gitea/index.xml index 3e4b6359..2989ebf9 100644 --- a/tags/gitea/index.xml +++ b/tags/gitea/index.xml @@ -1,4 +1,7 @@ -gitea on/tags/gitea/Recent content in gitea onHugo -- gohugo.ioDave GallantSun, 10 Dec 2023 17:22:11 -0500Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a -href="https://tailscale.com/" -class="link--external" target="_blank" rel="noreferrer" +gitea on/tags/gitea/Recent content in gitea onHugo -- gohugo.ioenDave GallantSun, 10 Dec 2023 17:22:11 -0500Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a + href="https://tailscale.com/" + + + class="link--external" target="_blank" rel="noreferrer" + >Tailscale</a>, unlocking a simple and secure way to automate workflows.</p> \ No newline at end of file diff --git a/tags/gitea/page/1/index.html b/tags/gitea/page/1/index.html index 5967f88f..318d6ec2 100644 --- a/tags/gitea/page/1/index.html +++ b/tags/gitea/page/1/index.html @@ -1 +1,2 @@ -/tags/gitea/ \ No newline at end of file +/tags/gitea/ + \ No newline at end of file diff --git a/tags/github-actions/index.html b/tags/github-actions/index.html index 328da04a..e049e8ea 100644 --- a/tags/github-actions/index.html +++ b/tags/github-actions/index.html @@ -1,3 +1,4 @@ -github actions
-

github actions

Dave Gallant
-
\ No newline at end of file +github actions +
+

github actions

Dave Gallant
\ No newline at end of file diff --git a/tags/github-actions/index.xml b/tags/github-actions/index.xml index 65a12086..3b9b4adb 100644 --- a/tags/github-actions/index.xml +++ b/tags/github-actions/index.xml @@ -1,4 +1,7 @@ -github actions on/tags/github-actions/Recent content in github actions onHugo -- gohugo.ioDave GallantSun, 10 Dec 2023 17:22:11 -0500Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a -href="https://tailscale.com/" -class="link--external" target="_blank" rel="noreferrer" +github actions on/tags/github-actions/Recent content in github actions onHugo -- gohugo.ioenDave GallantSun, 10 Dec 2023 17:22:11 -0500Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a + href="https://tailscale.com/" + + + class="link--external" target="_blank" rel="noreferrer" + >Tailscale</a>, unlocking a simple and secure way to automate workflows.</p> \ No newline at end of file diff --git a/tags/github-actions/page/1/index.html b/tags/github-actions/page/1/index.html index c7c70037..340b8bb1 100644 --- a/tags/github-actions/page/1/index.html +++ b/tags/github-actions/page/1/index.html @@ -1 +1,2 @@ -/tags/github-actions/ \ No newline at end of file +/tags/github-actions/ + \ No newline at end of file diff --git a/tags/gmail/index.html b/tags/gmail/index.html index 140a893e..ed7ba214 100644 --- a/tags/gmail/index.html +++ b/tags/gmail/index.html @@ -1,3 +1,4 @@ -gmail
-

gmail

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

Read more >
Dave Gallant
-
\ No newline at end of file +gmail +
+

gmail

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/gmail/index.xml b/tags/gmail/index.xml index e118a7ec..3600ed5c 100644 --- a/tags/gmail/index.xml +++ b/tags/gmail/index.xml @@ -1 +1 @@ -gmail on/tags/gmail/Recent content in gmail onHugo -- gohugo.ioDave GallantSun, 13 Mar 2022 18:49:10 -0400Backing up gmail with Synology/blog/2022/03/13/backing-up-gmail-with-synology/Sun, 13 Mar 2022 18:49:10 -0400/blog/2022/03/13/backing-up-gmail-with-synology/<p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p> \ No newline at end of file +gmail on/tags/gmail/Recent content in gmail onHugo -- gohugo.ioenDave GallantSun, 13 Mar 2022 18:49:10 -0400Backing up gmail with Synology/blog/2022/03/13/backing-up-gmail-with-synology/Sun, 13 Mar 2022 18:49:10 -0400/blog/2022/03/13/backing-up-gmail-with-synology/<p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p> \ No newline at end of file diff --git a/tags/gmail/page/1/index.html b/tags/gmail/page/1/index.html index 862ac997..6e11ccca 100644 --- a/tags/gmail/page/1/index.html +++ b/tags/gmail/page/1/index.html @@ -1 +1,2 @@ -/tags/gmail/ \ No newline at end of file +/tags/gmail/ + \ No newline at end of file diff --git a/tags/home-manager/index.html b/tags/home-manager/index.html index 6febadac..097ac1e5 100644 --- a/tags/home-manager/index.html +++ b/tags/home-manager/index.html @@ -1,3 +1,4 @@ -home-manager
-

home-manager

Why I threw out my dotfiles

2021-09-08 (updated: 2024-01-01)
nixdotfileshome‑manager

Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (~/.zshrc, ~/.config/git/config, ~/.config/tmux/tmux.conf, etc). I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.

Read more >
Dave Gallant
-
\ No newline at end of file +home-manager +
+

home-manager

Why I threw out my dotfiles

2021-09-08 (updated: 2024-01-01)
nixdotfileshome‑manager

Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (~/.zshrc, ~/.config/git/config, ~/.config/tmux/tmux.conf, etc). I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/home-manager/index.xml b/tags/home-manager/index.xml index f5b6a67d..f1c20684 100644 --- a/tags/home-manager/index.xml +++ b/tags/home-manager/index.xml @@ -1,10 +1,19 @@ -home-manager on/tags/home-manager/Recent content in home-manager onHugo -- gohugo.ioDave GallantWed, 08 Sep 2021 00:42:33 -0400Why I threw out my dotfiles/blog/2021/09/08/why-i-threw-out-my-dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/blog/2021/09/08/why-i-threw-out-my-dotfiles/<p>Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (<code>~/.zshrc</code>, <code>~/.config/git/config</code>, <code>~/.config/tmux/tmux.conf</code>, etc). I have tried several different ways to manage them, including <a -href="https://www.atlassian.com/git/tutorials/dotfiles" -class="link--external" target="_blank" rel="noreferrer" +home-manager on/tags/home-manager/Recent content in home-manager onHugo -- gohugo.ioenDave GallantWed, 08 Sep 2021 00:42:33 -0400Why I threw out my dotfiles/blog/2021/09/08/why-i-threw-out-my-dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/blog/2021/09/08/why-i-threw-out-my-dotfiles/<p>Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (<code>~/.zshrc</code>, <code>~/.config/git/config</code>, <code>~/.config/tmux/tmux.conf</code>, etc). I have tried several different ways to manage them, including <a + href="https://www.atlassian.com/git/tutorials/dotfiles" + + + class="link--external" target="_blank" rel="noreferrer" + >bare git repos</a> and utilities such as <a -href="https://www.gnu.org/software/stow/" -class="link--external" target="_blank" rel="noreferrer" + href="https://www.gnu.org/software/stow/" + + + class="link--external" target="_blank" rel="noreferrer" + >GNU Stow</a>. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: <a -href="https://github.com/nix-community/home-manager" -class="link--external" target="_blank" rel="noreferrer" + href="https://github.com/nix-community/home-manager" + + + class="link--external" target="_blank" rel="noreferrer" + >home-manager</a>.</p> \ No newline at end of file diff --git a/tags/home-manager/page/1/index.html b/tags/home-manager/page/1/index.html index dc0ba177..f168061f 100644 --- a/tags/home-manager/page/1/index.html +++ b/tags/home-manager/page/1/index.html @@ -1 +1,2 @@ -/tags/home-manager/ \ No newline at end of file +/tags/home-manager/ + \ No newline at end of file diff --git a/tags/index.html b/tags/index.html index 17319a8c..45dbb271 100644 --- a/tags/index.html +++ b/tags/index.html @@ -1,3 +1,4 @@ -Tags
-

Tags

gitea

2023-12-10 (updated: 2024-01-01)

aks

2023-05-22 (updated: 2024-01-01)

aws

2023-05-22 (updated: 2024-01-01)

azure

2023-05-22 (updated: 2024-01-01)

bastion

2023-05-22 (updated: 2024-01-01)
Dave Gallant
-
\ No newline at end of file +Tags +
+

Tags

gitea

2023-12-10 (updated: 2024-01-01)

aks

2023-05-22 (updated: 2024-01-01)

aws

2023-05-22 (updated: 2024-01-01)

azure

2023-05-22 (updated: 2024-01-01)

bastion

2023-05-22 (updated: 2024-01-01)
Dave Gallant
\ No newline at end of file diff --git a/tags/index.xml b/tags/index.xml index cf0d8864..c80dcc21 100644 --- a/tags/index.xml +++ b/tags/index.xml @@ -1 +1 @@ -Tags on/tags/Recent content in Tags onHugo -- gohugo.ioDave GallantSun, 10 Dec 2023 17:22:11 -0500gitea/tags/gitea/Sun, 10 Dec 2023 17:22:11 -0500/tags/gitea/gitea actions/tags/gitea-actions/Sun, 10 Dec 2023 17:22:11 -0500/tags/gitea-actions/github actions/tags/github-actions/Sun, 10 Dec 2023 17:22:11 -0500/tags/github-actions/self-hosted/tags/self-hosted/Sun, 10 Dec 2023 17:22:11 -0500/tags/self-hosted/tailscale/tags/tailscale/Sun, 10 Dec 2023 17:22:11 -0500/tags/tailscale/aks/tags/aks/Mon, 22 May 2023 16:31:29 -0400/tags/aks/aws/tags/aws/Mon, 22 May 2023 16:31:29 -0400/tags/aws/azure/tags/azure/Mon, 22 May 2023 16:31:29 -0400/tags/azure/bastion/tags/bastion/Mon, 22 May 2023 16:31:29 -0400/tags/bastion/cloud-sql-proxy/tags/cloud-sql-proxy/Mon, 22 May 2023 16:31:29 -0400/tags/cloud-sql-proxy/database/tags/database/Mon, 22 May 2023 16:31:29 -0400/tags/database/eks/tags/eks/Mon, 22 May 2023 16:31:29 -0400/tags/eks/k8s/tags/k8s/Mon, 22 May 2023 16:31:29 -0400/tags/k8s/kubectl-plugin-socks5-proxy/tags/kubectl-plugin-socks5-proxy/Mon, 22 May 2023 16:31:29 -0400/tags/kubectl-plugin-socks5-proxy/proxy/tags/proxy/Mon, 22 May 2023 16:31:29 -0400/tags/proxy/socat/tags/socat/Mon, 22 May 2023 16:31:29 -0400/tags/socat/socks/tags/socks/Mon, 22 May 2023 16:31:29 -0400/tags/socks/degoogle/tags/degoogle/Sat, 10 Dec 2022 21:46:55 -0500/tags/degoogle/invidious/tags/invidious/Sat, 10 Dec 2022 21:46:55 -0500/tags/invidious/privacy/tags/privacy/Sat, 10 Dec 2022 21:46:55 -0500/tags/privacy/yewtu.be/tags/yewtu.be/Sat, 10 Dec 2022 21:46:55 -0500/tags/yewtu.be/youtube/tags/youtube/Sat, 10 Dec 2022 21:46:55 -0500/tags/youtube/openwrt/tags/openwrt/Sat, 02 Apr 2022 18:50:09 -0400/tags/openwrt/pfsense/tags/pfsense/Sat, 02 Apr 2022 18:50:09 -0400/tags/pfsense/proxmox/tags/proxmox/Sat, 02 Apr 2022 18:50:09 -0400/tags/proxmox/router/tags/router/Sat, 02 Apr 2022 18:50:09 -0400/tags/router/router-on-a-stick/tags/router-on-a-stick/Sat, 02 Apr 2022 18:50:09 -0400/tags/router-on-a-stick/vlan/tags/vlan/Sat, 02 Apr 2022 18:50:09 -0400/tags/vlan/backup/tags/backup/Sun, 13 Mar 2022 18:49:10 -0400/tags/backup/gmail/tags/gmail/Sun, 13 Mar 2022 18:49:10 -0400/tags/gmail/ransomware/tags/ransomware/Sun, 13 Mar 2022 18:49:10 -0400/tags/ransomware/synology/tags/synology/Sun, 13 Mar 2022 18:49:10 -0400/tags/synology/k3s/tags/k3s/Sun, 14 Nov 2021 10:07:03 -0500/tags/k3s/lxc/tags/lxc/Sun, 14 Nov 2021 10:07:03 -0500/tags/lxc/containers/tags/containers/Mon, 11 Oct 2021 10:43:35 -0400/tags/containers/docker/tags/docker/Mon, 11 Oct 2021 10:43:35 -0400/tags/docker/podman/tags/podman/Mon, 11 Oct 2021 10:43:35 -0400/tags/podman/aws-vault/tags/aws-vault/Fri, 17 Sep 2021 12:48:33 -0400/tags/aws-vault/python/tags/python/Fri, 17 Sep 2021 12:48:33 -0400/tags/python/security/tags/security/Fri, 17 Sep 2021 12:48:33 -0400/tags/security/dotfiles/tags/dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/tags/dotfiles/home-manager/tags/home-manager/Wed, 08 Sep 2021 00:42:33 -0400/tags/home-manager/nix/tags/nix/Wed, 08 Sep 2021 00:42:33 -0400/tags/nix/linux/tags/linux/Mon, 16 Mar 2020 22:00:15 -0400/tags/linux/vpn/tags/vpn/Mon, 16 Mar 2020 22:00:15 -0400/tags/vpn/ \ No newline at end of file +Tags on/tags/Recent content in Tags onHugo -- gohugo.ioenDave GallantSun, 10 Dec 2023 17:22:11 -0500gitea/tags/gitea/Sun, 10 Dec 2023 17:22:11 -0500/tags/gitea/gitea actions/tags/gitea-actions/Sun, 10 Dec 2023 17:22:11 -0500/tags/gitea-actions/github actions/tags/github-actions/Sun, 10 Dec 2023 17:22:11 -0500/tags/github-actions/self-hosted/tags/self-hosted/Sun, 10 Dec 2023 17:22:11 -0500/tags/self-hosted/tailscale/tags/tailscale/Sun, 10 Dec 2023 17:22:11 -0500/tags/tailscale/aks/tags/aks/Mon, 22 May 2023 16:31:29 -0400/tags/aks/aws/tags/aws/Mon, 22 May 2023 16:31:29 -0400/tags/aws/azure/tags/azure/Mon, 22 May 2023 16:31:29 -0400/tags/azure/bastion/tags/bastion/Mon, 22 May 2023 16:31:29 -0400/tags/bastion/cloud-sql-proxy/tags/cloud-sql-proxy/Mon, 22 May 2023 16:31:29 -0400/tags/cloud-sql-proxy/database/tags/database/Mon, 22 May 2023 16:31:29 -0400/tags/database/eks/tags/eks/Mon, 22 May 2023 16:31:29 -0400/tags/eks/k8s/tags/k8s/Mon, 22 May 2023 16:31:29 -0400/tags/k8s/kubectl-plugin-socks5-proxy/tags/kubectl-plugin-socks5-proxy/Mon, 22 May 2023 16:31:29 -0400/tags/kubectl-plugin-socks5-proxy/proxy/tags/proxy/Mon, 22 May 2023 16:31:29 -0400/tags/proxy/socat/tags/socat/Mon, 22 May 2023 16:31:29 -0400/tags/socat/socks/tags/socks/Mon, 22 May 2023 16:31:29 -0400/tags/socks/degoogle/tags/degoogle/Sat, 10 Dec 2022 21:46:55 -0500/tags/degoogle/invidious/tags/invidious/Sat, 10 Dec 2022 21:46:55 -0500/tags/invidious/privacy/tags/privacy/Sat, 10 Dec 2022 21:46:55 -0500/tags/privacy/yewtu.be/tags/yewtu.be/Sat, 10 Dec 2022 21:46:55 -0500/tags/yewtu.be/youtube/tags/youtube/Sat, 10 Dec 2022 21:46:55 -0500/tags/youtube/openwrt/tags/openwrt/Sat, 02 Apr 2022 18:50:09 -0400/tags/openwrt/pfsense/tags/pfsense/Sat, 02 Apr 2022 18:50:09 -0400/tags/pfsense/proxmox/tags/proxmox/Sat, 02 Apr 2022 18:50:09 -0400/tags/proxmox/router/tags/router/Sat, 02 Apr 2022 18:50:09 -0400/tags/router/router-on-a-stick/tags/router-on-a-stick/Sat, 02 Apr 2022 18:50:09 -0400/tags/router-on-a-stick/vlan/tags/vlan/Sat, 02 Apr 2022 18:50:09 -0400/tags/vlan/backup/tags/backup/Sun, 13 Mar 2022 18:49:10 -0400/tags/backup/gmail/tags/gmail/Sun, 13 Mar 2022 18:49:10 -0400/tags/gmail/ransomware/tags/ransomware/Sun, 13 Mar 2022 18:49:10 -0400/tags/ransomware/synology/tags/synology/Sun, 13 Mar 2022 18:49:10 -0400/tags/synology/k3s/tags/k3s/Sun, 14 Nov 2021 10:07:03 -0500/tags/k3s/lxc/tags/lxc/Sun, 14 Nov 2021 10:07:03 -0500/tags/lxc/containers/tags/containers/Mon, 11 Oct 2021 10:43:35 -0400/tags/containers/docker/tags/docker/Mon, 11 Oct 2021 10:43:35 -0400/tags/docker/podman/tags/podman/Mon, 11 Oct 2021 10:43:35 -0400/tags/podman/aws-vault/tags/aws-vault/Fri, 17 Sep 2021 12:48:33 -0400/tags/aws-vault/python/tags/python/Fri, 17 Sep 2021 12:48:33 -0400/tags/python/security/tags/security/Fri, 17 Sep 2021 12:48:33 -0400/tags/security/dotfiles/tags/dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/tags/dotfiles/home-manager/tags/home-manager/Wed, 08 Sep 2021 00:42:33 -0400/tags/home-manager/nix/tags/nix/Wed, 08 Sep 2021 00:42:33 -0400/tags/nix/linux/tags/linux/Mon, 16 Mar 2020 22:00:15 -0400/tags/linux/vpn/tags/vpn/Mon, 16 Mar 2020 22:00:15 -0400/tags/vpn/ \ No newline at end of file diff --git a/tags/invidious/index.html b/tags/invidious/index.html index f3d13242..15de687a 100644 --- a/tags/invidious/index.html +++ b/tags/invidious/index.html @@ -1,3 +1,4 @@ -invidious
-

invidious

Dave Gallant
-
\ No newline at end of file +invidious +
+

invidious

Dave Gallant
\ No newline at end of file diff --git a/tags/invidious/index.xml b/tags/invidious/index.xml index 5ce97653..f9a65270 100644 --- a/tags/invidious/index.xml +++ b/tags/invidious/index.xml @@ -1,7 +1,13 @@ -invidious on/tags/invidious/Recent content in invidious onHugo -- gohugo.ioDave GallantSat, 10 Dec 2022 21:46:55 -0500Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a -href="https://yewtu.be" -class="link--external" target="_blank" rel="noreferrer" +invidious on/tags/invidious/Recent content in invidious onHugo -- gohugo.ioenDave GallantSat, 10 Dec 2022 21:46:55 -0500Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a + href="https://yewtu.be" + + + class="link--external" target="_blank" rel="noreferrer" + >yewtu.be</a> and found it intriguing. It not only allows you to watch YouTube without <em>being on YouTube</em>, but it also allows you to create an account and subscribe to channels without a Google account. What sort of wizardry is going on under the hood? It turns out that it&rsquo;s a hosted instance of <a -href="https://invidious.io/" -class="link--external" target="_blank" rel="noreferrer" + href="https://invidious.io/" + + + class="link--external" target="_blank" rel="noreferrer" + >invidious</a>.</p> \ No newline at end of file diff --git a/tags/invidious/page/1/index.html b/tags/invidious/page/1/index.html index a6635751..27654fee 100644 --- a/tags/invidious/page/1/index.html +++ b/tags/invidious/page/1/index.html @@ -1 +1,2 @@ -/tags/invidious/ \ No newline at end of file +/tags/invidious/ + \ No newline at end of file diff --git a/tags/k3s/index.html b/tags/k3s/index.html index cc4ff48f..e7491e16 100644 --- a/tags/k3s/index.html +++ b/tags/k3s/index.html @@ -1,3 +1,4 @@ -k3s
-

k3s

Running K3s in LXC on Proxmox

2021-11-14 (updated: 2024-01-01)
k3sproxmoxlxcself‑hosted
It has been a while since I’ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I’ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it’d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment.
Read more >
Dave Gallant
-
\ No newline at end of file +k3s +
+

k3s

Running K3s in LXC on Proxmox

2021-11-14 (updated: 2024-01-01)
k3sproxmoxlxcself‑hosted
It has been a while since I’ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I’ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it’d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment.
Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/k3s/index.xml b/tags/k3s/index.xml index 107ae965..48b23211 100644 --- a/tags/k3s/index.xml +++ b/tags/k3s/index.xml @@ -1 +1 @@ -k3s on/tags/k3s/Recent content in k3s onHugo -- gohugo.ioDave GallantSun, 14 Nov 2021 10:07:03 -0500Running K3s in LXC on Proxmox/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/Sun, 14 Nov 2021 10:07:03 -0500/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/It has been a while since I&rsquo;ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I&rsquo;ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it&rsquo;d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment. \ No newline at end of file +k3s on/tags/k3s/Recent content in k3s onHugo -- gohugo.ioenDave GallantSun, 14 Nov 2021 10:07:03 -0500Running K3s in LXC on Proxmox/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/Sun, 14 Nov 2021 10:07:03 -0500/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/It has been a while since I&rsquo;ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I&rsquo;ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it&rsquo;d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment. \ No newline at end of file diff --git a/tags/k3s/page/1/index.html b/tags/k3s/page/1/index.html index 8aa28e67..253e2e45 100644 --- a/tags/k3s/page/1/index.html +++ b/tags/k3s/page/1/index.html @@ -1 +1,2 @@ -/tags/k3s/ \ No newline at end of file +/tags/k3s/ + \ No newline at end of file diff --git a/tags/k8s/index.html b/tags/k8s/index.html index 24ca9239..bc389e9d 100644 --- a/tags/k8s/index.html +++ b/tags/k8s/index.html @@ -1,3 +1,4 @@ -k8s
-

k8s

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
-
\ No newline at end of file +k8s +
+

k8s

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/k8s/index.xml b/tags/k8s/index.xml index f6b9ad2e..be1fcc17 100644 --- a/tags/k8s/index.xml +++ b/tags/k8s/index.xml @@ -1 +1 @@ -k8s on/tags/k8s/Recent content in k8s onHugo -- gohugo.ioDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file +k8s on/tags/k8s/Recent content in k8s onHugo -- gohugo.ioenDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file diff --git a/tags/k8s/page/1/index.html b/tags/k8s/page/1/index.html index af330bbc..d2d322f4 100644 --- a/tags/k8s/page/1/index.html +++ b/tags/k8s/page/1/index.html @@ -1 +1,2 @@ -/tags/k8s/ \ No newline at end of file +/tags/k8s/ + \ No newline at end of file diff --git a/tags/kubectl-plugin-socks5-proxy/index.html b/tags/kubectl-plugin-socks5-proxy/index.html index 340b1608..977815f8 100644 --- a/tags/kubectl-plugin-socks5-proxy/index.html +++ b/tags/kubectl-plugin-socks5-proxy/index.html @@ -1,3 +1,4 @@ -kubectl-plugin-socks5-proxy
-

kubectl-plugin-socks5-proxy

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
-
\ No newline at end of file +kubectl-plugin-socks5-proxy +
+

kubectl-plugin-socks5-proxy

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/kubectl-plugin-socks5-proxy/index.xml b/tags/kubectl-plugin-socks5-proxy/index.xml index 8d684b93..67307de3 100644 --- a/tags/kubectl-plugin-socks5-proxy/index.xml +++ b/tags/kubectl-plugin-socks5-proxy/index.xml @@ -1 +1 @@ -kubectl-plugin-socks5-proxy on/tags/kubectl-plugin-socks5-proxy/Recent content in kubectl-plugin-socks5-proxy onHugo -- gohugo.ioDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file +kubectl-plugin-socks5-proxy on/tags/kubectl-plugin-socks5-proxy/Recent content in kubectl-plugin-socks5-proxy onHugo -- gohugo.ioenDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file diff --git a/tags/kubectl-plugin-socks5-proxy/page/1/index.html b/tags/kubectl-plugin-socks5-proxy/page/1/index.html index 247d53af..b542d619 100644 --- a/tags/kubectl-plugin-socks5-proxy/page/1/index.html +++ b/tags/kubectl-plugin-socks5-proxy/page/1/index.html @@ -1 +1,2 @@ -/tags/kubectl-plugin-socks5-proxy/ \ No newline at end of file +/tags/kubectl-plugin-socks5-proxy/ + \ No newline at end of file diff --git a/tags/linux/index.html b/tags/linux/index.html index c5233dec..d8b9c46c 100644 --- a/tags/linux/index.html +++ b/tags/linux/index.html @@ -1,3 +1,4 @@ -linux
-

linux

Dave Gallant
-
\ No newline at end of file +linux +
+

linux

Dave Gallant
\ No newline at end of file diff --git a/tags/linux/index.xml b/tags/linux/index.xml index 99462e69..13b4df9b 100644 --- a/tags/linux/index.xml +++ b/tags/linux/index.xml @@ -1 +1 @@ -linux on/tags/linux/Recent content in linux onHugo -- gohugo.ioDave GallantMon, 16 Mar 2020 22:00:15 -0400AppGate SDP on Arch Linux/blog/2020/03/16/appgate-sdp-on-arch-linux/Mon, 16 Mar 2020 22:00:15 -0400/blog/2020/03/16/appgate-sdp-on-arch-linux/<p>AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP <code>4.3.2</code> working on Arch Linux.</p> \ No newline at end of file +linux on/tags/linux/Recent content in linux onHugo -- gohugo.ioenDave GallantMon, 16 Mar 2020 22:00:15 -0400AppGate SDP on Arch Linux/blog/2020/03/16/appgate-sdp-on-arch-linux/Mon, 16 Mar 2020 22:00:15 -0400/blog/2020/03/16/appgate-sdp-on-arch-linux/<p>AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP <code>4.3.2</code> working on Arch Linux.</p> \ No newline at end of file diff --git a/tags/linux/page/1/index.html b/tags/linux/page/1/index.html index 1a755463..2f1cdb38 100644 --- a/tags/linux/page/1/index.html +++ b/tags/linux/page/1/index.html @@ -1 +1,2 @@ -/tags/linux/ \ No newline at end of file +/tags/linux/ + \ No newline at end of file diff --git a/tags/lxc/index.html b/tags/lxc/index.html index 718b2458..35d2468c 100644 --- a/tags/lxc/index.html +++ b/tags/lxc/index.html @@ -1,3 +1,4 @@ -lxc
-

lxc

Running K3s in LXC on Proxmox

2021-11-14 (updated: 2024-01-01)
k3sproxmoxlxcself‑hosted
It has been a while since I’ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I’ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it’d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment.
Read more >
Dave Gallant
-
\ No newline at end of file +lxc +
+

lxc

Running K3s in LXC on Proxmox

2021-11-14 (updated: 2024-01-01)
k3sproxmoxlxcself‑hosted
It has been a while since I’ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I’ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it’d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment.
Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/lxc/index.xml b/tags/lxc/index.xml index 43aa1fb6..9a9485cf 100644 --- a/tags/lxc/index.xml +++ b/tags/lxc/index.xml @@ -1 +1 @@ -lxc on/tags/lxc/Recent content in lxc onHugo -- gohugo.ioDave GallantSun, 14 Nov 2021 10:07:03 -0500Running K3s in LXC on Proxmox/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/Sun, 14 Nov 2021 10:07:03 -0500/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/It has been a while since I&rsquo;ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I&rsquo;ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it&rsquo;d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment. \ No newline at end of file +lxc on/tags/lxc/Recent content in lxc onHugo -- gohugo.ioenDave GallantSun, 14 Nov 2021 10:07:03 -0500Running K3s in LXC on Proxmox/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/Sun, 14 Nov 2021 10:07:03 -0500/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/It has been a while since I&rsquo;ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I&rsquo;ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it&rsquo;d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment. \ No newline at end of file diff --git a/tags/lxc/page/1/index.html b/tags/lxc/page/1/index.html index e478d250..42604227 100644 --- a/tags/lxc/page/1/index.html +++ b/tags/lxc/page/1/index.html @@ -1 +1,2 @@ -/tags/lxc/ \ No newline at end of file +/tags/lxc/ + \ No newline at end of file diff --git a/tags/nix/index.html b/tags/nix/index.html index 121869b8..1d4aa166 100644 --- a/tags/nix/index.html +++ b/tags/nix/index.html @@ -1,3 +1,4 @@ -nix
-

nix

Why I threw out my dotfiles

2021-09-08 (updated: 2024-01-01)
nixdotfileshome‑manager

Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (~/.zshrc, ~/.config/git/config, ~/.config/tmux/tmux.conf, etc). I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.

Read more >
Dave Gallant
-
\ No newline at end of file +nix +
+

nix

Why I threw out my dotfiles

2021-09-08 (updated: 2024-01-01)
nixdotfileshome‑manager

Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (~/.zshrc, ~/.config/git/config, ~/.config/tmux/tmux.conf, etc). I have tried several different ways to manage them, including bare git repos and utilities such as GNU Stow. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: home-manager.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/nix/index.xml b/tags/nix/index.xml index 49652bf1..79065985 100644 --- a/tags/nix/index.xml +++ b/tags/nix/index.xml @@ -1,10 +1,19 @@ -nix on/tags/nix/Recent content in nix onHugo -- gohugo.ioDave GallantWed, 08 Sep 2021 00:42:33 -0400Why I threw out my dotfiles/blog/2021/09/08/why-i-threw-out-my-dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/blog/2021/09/08/why-i-threw-out-my-dotfiles/<p>Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (<code>~/.zshrc</code>, <code>~/.config/git/config</code>, <code>~/.config/tmux/tmux.conf</code>, etc). I have tried several different ways to manage them, including <a -href="https://www.atlassian.com/git/tutorials/dotfiles" -class="link--external" target="_blank" rel="noreferrer" +nix on/tags/nix/Recent content in nix onHugo -- gohugo.ioenDave GallantWed, 08 Sep 2021 00:42:33 -0400Why I threw out my dotfiles/blog/2021/09/08/why-i-threw-out-my-dotfiles/Wed, 08 Sep 2021 00:42:33 -0400/blog/2021/09/08/why-i-threw-out-my-dotfiles/<p>Over the years I have collected a number of dotfiles that I have shared across both Linux and macOS machines (<code>~/.zshrc</code>, <code>~/.config/git/config</code>, <code>~/.config/tmux/tmux.conf</code>, etc). I have tried several different ways to manage them, including <a + href="https://www.atlassian.com/git/tutorials/dotfiles" + + + class="link--external" target="_blank" rel="noreferrer" + >bare git repos</a> and utilities such as <a -href="https://www.gnu.org/software/stow/" -class="link--external" target="_blank" rel="noreferrer" + href="https://www.gnu.org/software/stow/" + + + class="link--external" target="_blank" rel="noreferrer" + >GNU Stow</a>. These solutions work well enough, but I have since found what I would consider a much better solution for organizing user configuration: <a -href="https://github.com/nix-community/home-manager" -class="link--external" target="_blank" rel="noreferrer" + href="https://github.com/nix-community/home-manager" + + + class="link--external" target="_blank" rel="noreferrer" + >home-manager</a>.</p> \ No newline at end of file diff --git a/tags/nix/page/1/index.html b/tags/nix/page/1/index.html index c9a28d92..09a46b63 100644 --- a/tags/nix/page/1/index.html +++ b/tags/nix/page/1/index.html @@ -1 +1,2 @@ -/tags/nix/ \ No newline at end of file +/tags/nix/ + \ No newline at end of file diff --git a/tags/openwrt/index.html b/tags/openwrt/index.html index 8f830bcd..8c0f0992 100644 --- a/tags/openwrt/index.html +++ b/tags/openwrt/index.html @@ -1,3 +1,4 @@ -openwrt
-

openwrt

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >
Dave Gallant
-
\ No newline at end of file +openwrt +
+

openwrt

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/openwrt/index.xml b/tags/openwrt/index.xml index 53c1c0aa..2c6a4b0d 100644 --- a/tags/openwrt/index.xml +++ b/tags/openwrt/index.xml @@ -1,7 +1,13 @@ -openwrt on/tags/openwrt/Recent content in openwrt onHugo -- gohugo.ioDave GallantSat, 02 Apr 2022 18:50:09 -0400Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a -href="https://en.wikipedia.org/wiki/OpenWrt" -class="link--external" target="_blank" rel="noreferrer" +openwrt on/tags/openwrt/Recent content in openwrt onHugo -- gohugo.ioenDave GallantSat, 02 Apr 2022 18:50:09 -0400Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a + href="https://en.wikipedia.org/wiki/OpenWrt" + + + class="link--external" target="_blank" rel="noreferrer" + >OpenWrt</a> for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a <a -href="https://openwrt.org/packages/index/start" -class="link--external" target="_blank" rel="noreferrer" + href="https://openwrt.org/packages/index/start" + + + class="link--external" target="_blank" rel="noreferrer" + >large index of packages</a>. Ever since I&rsquo;ve connected some standalone wireless access points, I&rsquo;ve had less of a need for an off-the-shelf all-in-one wireless router combo. I&rsquo;ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!</p> \ No newline at end of file diff --git a/tags/openwrt/page/1/index.html b/tags/openwrt/page/1/index.html index f1473e32..60ef2bfd 100644 --- a/tags/openwrt/page/1/index.html +++ b/tags/openwrt/page/1/index.html @@ -1 +1,2 @@ -/tags/openwrt/ \ No newline at end of file +/tags/openwrt/ + \ No newline at end of file diff --git a/tags/page/1/index.html b/tags/page/1/index.html index 4f275aad..cdb9c5db 100644 --- a/tags/page/1/index.html +++ b/tags/page/1/index.html @@ -1 +1,2 @@ -/tags/ \ No newline at end of file +/tags/ + \ No newline at end of file diff --git a/tags/page/2/index.html b/tags/page/2/index.html index 9d7592ad..3c703c7a 100644 --- a/tags/page/2/index.html +++ b/tags/page/2/index.html @@ -1,5 +1,6 @@ -Tags
+Tags +

Tags

database

2023-05-22 (updated: 2024-01-01)

eks

2023-05-22 (updated: 2024-01-01)

k8s

2023-05-22 (updated: 2024-01-01)

proxy

2023-05-22 (updated: 2024-01-01)

socat

2023-05-22 (updated: 2024-01-01)

socks

2023-05-22 (updated: 2024-01-01)

degoogle

2022-12-10 (updated: 2024-01-01)

privacy

2022-12-10 (updated: 2024-01-01)
Dave Gallant
-
\ No newline at end of file +Newer Posts +Older Posts >
Dave Gallant
\ No newline at end of file diff --git a/tags/page/3/index.html b/tags/page/3/index.html index fa8e7218..5a346bb7 100644 --- a/tags/page/3/index.html +++ b/tags/page/3/index.html @@ -1,5 +1,6 @@ -Tags
+Tags +

Tags

yewtu.be

2022-12-10 (updated: 2024-01-01)

youtube

2022-12-10 (updated: 2024-01-01)

openwrt

2022-04-02 (updated: 2024-01-01)

pfsense

2022-04-02 (updated: 2024-01-01)

proxmox

2022-04-02 (updated: 2024-01-01)

router

2022-04-02 (updated: 2024-01-01)

vlan

2022-04-02 (updated: 2024-01-01)

backup

2022-03-13 (updated: 2024-01-01)

gmail

2022-03-13 (updated: 2024-01-01)
Dave Gallant
-
\ No newline at end of file +Newer Posts +Older Posts >
Dave Gallant
\ No newline at end of file diff --git a/tags/page/4/index.html b/tags/page/4/index.html index 2fc42d3e..1717c4ea 100644 --- a/tags/page/4/index.html +++ b/tags/page/4/index.html @@ -1,5 +1,6 @@ -Tags
+Tags +

Tags

synology

2022-03-13 (updated: 2024-01-01)

k3s

2021-11-14 (updated: 2024-01-01)

lxc

2021-11-14 (updated: 2024-01-01)

docker

2021-10-11 (updated: 2024-01-02)

podman

2021-10-11 (updated: 2024-01-02)

python

2021-09-17 (updated: 2024-01-01)

security

2021-09-17 (updated: 2024-01-01)
Dave Gallant
-
\ No newline at end of file +Newer Posts +Older Posts >
Dave Gallant
\ No newline at end of file diff --git a/tags/page/5/index.html b/tags/page/5/index.html index 25598bd3..88c467c2 100644 --- a/tags/page/5/index.html +++ b/tags/page/5/index.html @@ -1,4 +1,5 @@ -Tags
+Tags +

Tags

dotfiles

2021-09-08 (updated: 2024-01-01)

nix

2021-09-08 (updated: 2024-01-01)

linux

2020-03-16 (updated: 2024-01-01)

vpn

2020-03-16 (updated: 2024-01-01)
Dave Gallant
-
\ No newline at end of file +Newer Posts
Dave Gallant
\ No newline at end of file diff --git a/tags/pfsense/index.html b/tags/pfsense/index.html index f58c0113..e1e598ee 100644 --- a/tags/pfsense/index.html +++ b/tags/pfsense/index.html @@ -1,3 +1,4 @@ -pfsense
-

pfsense

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >
Dave Gallant
-
\ No newline at end of file +pfsense +
+

pfsense

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/pfsense/index.xml b/tags/pfsense/index.xml index 0146fb8e..b5988b2b 100644 --- a/tags/pfsense/index.xml +++ b/tags/pfsense/index.xml @@ -1,7 +1,13 @@ -pfsense on/tags/pfsense/Recent content in pfsense onHugo -- gohugo.ioDave GallantSat, 02 Apr 2022 18:50:09 -0400Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a -href="https://en.wikipedia.org/wiki/OpenWrt" -class="link--external" target="_blank" rel="noreferrer" +pfsense on/tags/pfsense/Recent content in pfsense onHugo -- gohugo.ioenDave GallantSat, 02 Apr 2022 18:50:09 -0400Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a + href="https://en.wikipedia.org/wiki/OpenWrt" + + + class="link--external" target="_blank" rel="noreferrer" + >OpenWrt</a> for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a <a -href="https://openwrt.org/packages/index/start" -class="link--external" target="_blank" rel="noreferrer" + href="https://openwrt.org/packages/index/start" + + + class="link--external" target="_blank" rel="noreferrer" + >large index of packages</a>. Ever since I&rsquo;ve connected some standalone wireless access points, I&rsquo;ve had less of a need for an off-the-shelf all-in-one wireless router combo. I&rsquo;ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!</p> \ No newline at end of file diff --git a/tags/pfsense/page/1/index.html b/tags/pfsense/page/1/index.html index bdfe98d6..25a2b477 100644 --- a/tags/pfsense/page/1/index.html +++ b/tags/pfsense/page/1/index.html @@ -1 +1,2 @@ -/tags/pfsense/ \ No newline at end of file +/tags/pfsense/ + \ No newline at end of file diff --git a/tags/podman/index.html b/tags/podman/index.html index 691f1683..22e2461f 100644 --- a/tags/podman/index.html +++ b/tags/podman/index.html @@ -1,3 +1,4 @@ -podman
-

podman

Dave Gallant
-
\ No newline at end of file +podman +
+

podman

Dave Gallant
\ No newline at end of file diff --git a/tags/podman/index.xml b/tags/podman/index.xml index db6c03bc..b7e863e2 100644 --- a/tags/podman/index.xml +++ b/tags/podman/index.xml @@ -1 +1 @@ -podman on/tags/podman/Recent content in podman onHugo -- gohugo.ioDave GallantMon, 11 Oct 2021 10:43:35 -0400Replacing docker with podman on macOS (and Linux)/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/Mon, 11 Oct 2021 10:43:35 -0400/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/<p>There are a number of reasons why you might want to replace docker, especially on macOS. The following feature bundled in Docker Desktop might have motivated you enough to consider replacing docker:</p> \ No newline at end of file +podman on/tags/podman/Recent content in podman onHugo -- gohugo.ioenDave GallantMon, 11 Oct 2021 10:43:35 -0400Replacing docker with podman on macOS (and Linux)/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/Mon, 11 Oct 2021 10:43:35 -0400/blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/<p>There are a number of reasons why you might want to replace docker, especially on macOS. The following feature bundled in Docker Desktop might have motivated you enough to consider replacing docker:</p> \ No newline at end of file diff --git a/tags/podman/page/1/index.html b/tags/podman/page/1/index.html index 846412ae..091b8dc0 100644 --- a/tags/podman/page/1/index.html +++ b/tags/podman/page/1/index.html @@ -1 +1,2 @@ -/tags/podman/ \ No newline at end of file +/tags/podman/ + \ No newline at end of file diff --git a/tags/privacy/index.html b/tags/privacy/index.html index 34deecac..9697bb64 100644 --- a/tags/privacy/index.html +++ b/tags/privacy/index.html @@ -1,3 +1,4 @@ -privacy
-

privacy

Dave Gallant
-
\ No newline at end of file +privacy +
+

privacy

Dave Gallant
\ No newline at end of file diff --git a/tags/privacy/index.xml b/tags/privacy/index.xml index e8d75e05..1210a7b5 100644 --- a/tags/privacy/index.xml +++ b/tags/privacy/index.xml @@ -1,7 +1,13 @@ -privacy on/tags/privacy/Recent content in privacy onHugo -- gohugo.ioDave GallantSat, 10 Dec 2022 21:46:55 -0500Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a -href="https://yewtu.be" -class="link--external" target="_blank" rel="noreferrer" +privacy on/tags/privacy/Recent content in privacy onHugo -- gohugo.ioenDave GallantSat, 10 Dec 2022 21:46:55 -0500Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a + href="https://yewtu.be" + + + class="link--external" target="_blank" rel="noreferrer" + >yewtu.be</a> and found it intriguing. It not only allows you to watch YouTube without <em>being on YouTube</em>, but it also allows you to create an account and subscribe to channels without a Google account. What sort of wizardry is going on under the hood? It turns out that it&rsquo;s a hosted instance of <a -href="https://invidious.io/" -class="link--external" target="_blank" rel="noreferrer" + href="https://invidious.io/" + + + class="link--external" target="_blank" rel="noreferrer" + >invidious</a>.</p> \ No newline at end of file diff --git a/tags/privacy/page/1/index.html b/tags/privacy/page/1/index.html index c8956c62..82c21cea 100644 --- a/tags/privacy/page/1/index.html +++ b/tags/privacy/page/1/index.html @@ -1 +1,2 @@ -/tags/privacy/ \ No newline at end of file +/tags/privacy/ + \ No newline at end of file diff --git a/tags/proxmox/index.html b/tags/proxmox/index.html index 1b235a4b..4c3643c8 100644 --- a/tags/proxmox/index.html +++ b/tags/proxmox/index.html @@ -1,3 +1,4 @@ -proxmox
-

proxmox

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >

Running K3s in LXC on Proxmox

2021-11-14 (updated: 2024-01-01)
k3sproxmoxlxcself‑hosted
It has been a while since I’ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I’ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it’d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment.
Read more >
Dave Gallant
-
\ No newline at end of file +proxmox +
+

proxmox

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >

Running K3s in LXC on Proxmox

2021-11-14 (updated: 2024-01-01)
k3sproxmoxlxcself‑hosted
It has been a while since I’ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I’ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it’d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment.
Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/proxmox/index.xml b/tags/proxmox/index.xml index c42e2c00..96d84a8d 100644 --- a/tags/proxmox/index.xml +++ b/tags/proxmox/index.xml @@ -1,7 +1,13 @@ -proxmox on/tags/proxmox/Recent content in proxmox onHugo -- gohugo.ioDave GallantSat, 02 Apr 2022 18:50:09 -0400Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a -href="https://en.wikipedia.org/wiki/OpenWrt" -class="link--external" target="_blank" rel="noreferrer" +proxmox on/tags/proxmox/Recent content in proxmox onHugo -- gohugo.ioenDave GallantSat, 02 Apr 2022 18:50:09 -0400Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a + href="https://en.wikipedia.org/wiki/OpenWrt" + + + class="link--external" target="_blank" rel="noreferrer" + >OpenWrt</a> for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a <a -href="https://openwrt.org/packages/index/start" -class="link--external" target="_blank" rel="noreferrer" + href="https://openwrt.org/packages/index/start" + + + class="link--external" target="_blank" rel="noreferrer" + >large index of packages</a>. Ever since I&rsquo;ve connected some standalone wireless access points, I&rsquo;ve had less of a need for an off-the-shelf all-in-one wireless router combo. I&rsquo;ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!</p>Running K3s in LXC on Proxmox/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/Sun, 14 Nov 2021 10:07:03 -0500/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/It has been a while since I&rsquo;ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I&rsquo;ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it&rsquo;d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment. \ No newline at end of file diff --git a/tags/proxmox/page/1/index.html b/tags/proxmox/page/1/index.html index b3189e57..d826c9cb 100644 --- a/tags/proxmox/page/1/index.html +++ b/tags/proxmox/page/1/index.html @@ -1 +1,2 @@ -/tags/proxmox/ \ No newline at end of file +/tags/proxmox/ + \ No newline at end of file diff --git a/tags/proxy/index.html b/tags/proxy/index.html index 11e31107..92ba6dd2 100644 --- a/tags/proxy/index.html +++ b/tags/proxy/index.html @@ -1,3 +1,4 @@ -proxy
-

proxy

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
-
\ No newline at end of file +proxy +
+

proxy

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/proxy/index.xml b/tags/proxy/index.xml index 329ff64e..9045cee8 100644 --- a/tags/proxy/index.xml +++ b/tags/proxy/index.xml @@ -1 +1 @@ -proxy on/tags/proxy/Recent content in proxy onHugo -- gohugo.ioDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file +proxy on/tags/proxy/Recent content in proxy onHugo -- gohugo.ioenDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file diff --git a/tags/proxy/page/1/index.html b/tags/proxy/page/1/index.html index c1551421..b621fb91 100644 --- a/tags/proxy/page/1/index.html +++ b/tags/proxy/page/1/index.html @@ -1 +1,2 @@ -/tags/proxy/ \ No newline at end of file +/tags/proxy/ + \ No newline at end of file diff --git a/tags/python/index.html b/tags/python/index.html index c78ef793..31b66496 100644 --- a/tags/python/index.html +++ b/tags/python/index.html @@ -1,4 +1,5 @@ -python
+python +

python

Automatically rotating AWS access keys

2021-09-17 (updated: 2024-01-01)
awspythonsecurityaws‑vault
Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. -In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.
Read more >
Dave Gallant
-
\ No newline at end of file +In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.
Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/python/index.xml b/tags/python/index.xml index baa5c640..e884cb1c 100644 --- a/tags/python/index.xml +++ b/tags/python/index.xml @@ -1,2 +1,2 @@ -python on/tags/python/Recent content in python onHugo -- gohugo.ioDave GallantFri, 17 Sep 2021 12:48:33 -0400Automatically rotating AWS access keys/blog/2021/09/17/automatically-rotating-aws-access-keys/Fri, 17 Sep 2021 12:48:33 -0400/blog/2021/09/17/automatically-rotating-aws-access-keys/Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. +python on/tags/python/Recent content in python onHugo -- gohugo.ioenDave GallantFri, 17 Sep 2021 12:48:33 -0400Automatically rotating AWS access keys/blog/2021/09/17/automatically-rotating-aws-access-keys/Fri, 17 Sep 2021 12:48:33 -0400/blog/2021/09/17/automatically-rotating-aws-access-keys/Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.AppGate SDP on Arch Linux/blog/2020/03/16/appgate-sdp-on-arch-linux/Mon, 16 Mar 2020 22:00:15 -0400/blog/2020/03/16/appgate-sdp-on-arch-linux/<p>AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP <code>4.3.2</code> working on Arch Linux.</p> \ No newline at end of file diff --git a/tags/python/page/1/index.html b/tags/python/page/1/index.html index 1c1032f8..cc232bcd 100644 --- a/tags/python/page/1/index.html +++ b/tags/python/page/1/index.html @@ -1 +1,2 @@ -/tags/python/ \ No newline at end of file +/tags/python/ + \ No newline at end of file diff --git a/tags/ransomware/index.html b/tags/ransomware/index.html index 3b048ac8..d215a54e 100644 --- a/tags/ransomware/index.html +++ b/tags/ransomware/index.html @@ -1,3 +1,4 @@ -ransomware
-

ransomware

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

Read more >
Dave Gallant
-
\ No newline at end of file +ransomware +
+

ransomware

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/ransomware/index.xml b/tags/ransomware/index.xml index 4b4c10e0..1ad88a8a 100644 --- a/tags/ransomware/index.xml +++ b/tags/ransomware/index.xml @@ -1 +1 @@ -ransomware on/tags/ransomware/Recent content in ransomware onHugo -- gohugo.ioDave GallantSun, 13 Mar 2022 18:49:10 -0400Backing up gmail with Synology/blog/2022/03/13/backing-up-gmail-with-synology/Sun, 13 Mar 2022 18:49:10 -0400/blog/2022/03/13/backing-up-gmail-with-synology/<p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p> \ No newline at end of file +ransomware on/tags/ransomware/Recent content in ransomware onHugo -- gohugo.ioenDave GallantSun, 13 Mar 2022 18:49:10 -0400Backing up gmail with Synology/blog/2022/03/13/backing-up-gmail-with-synology/Sun, 13 Mar 2022 18:49:10 -0400/blog/2022/03/13/backing-up-gmail-with-synology/<p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p> \ No newline at end of file diff --git a/tags/ransomware/page/1/index.html b/tags/ransomware/page/1/index.html index a699c462..96324dee 100644 --- a/tags/ransomware/page/1/index.html +++ b/tags/ransomware/page/1/index.html @@ -1 +1,2 @@ -/tags/ransomware/ \ No newline at end of file +/tags/ransomware/ + \ No newline at end of file diff --git a/tags/router-on-a-stick/index.html b/tags/router-on-a-stick/index.html index 619dc516..ec6ac77f 100644 --- a/tags/router-on-a-stick/index.html +++ b/tags/router-on-a-stick/index.html @@ -1,3 +1,4 @@ -router-on-a-stick
-

router-on-a-stick

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >
Dave Gallant
-
\ No newline at end of file +router-on-a-stick +
+

router-on-a-stick

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/router-on-a-stick/index.xml b/tags/router-on-a-stick/index.xml index 6e0043b9..50ac9fd2 100644 --- a/tags/router-on-a-stick/index.xml +++ b/tags/router-on-a-stick/index.xml @@ -1,7 +1,13 @@ -router-on-a-stick on/tags/router-on-a-stick/Recent content in router-on-a-stick onHugo -- gohugo.ioDave GallantSat, 02 Apr 2022 18:50:09 -0400Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a -href="https://en.wikipedia.org/wiki/OpenWrt" -class="link--external" target="_blank" rel="noreferrer" +router-on-a-stick on/tags/router-on-a-stick/Recent content in router-on-a-stick onHugo -- gohugo.ioenDave GallantSat, 02 Apr 2022 18:50:09 -0400Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a + href="https://en.wikipedia.org/wiki/OpenWrt" + + + class="link--external" target="_blank" rel="noreferrer" + >OpenWrt</a> for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a <a -href="https://openwrt.org/packages/index/start" -class="link--external" target="_blank" rel="noreferrer" + href="https://openwrt.org/packages/index/start" + + + class="link--external" target="_blank" rel="noreferrer" + >large index of packages</a>. Ever since I&rsquo;ve connected some standalone wireless access points, I&rsquo;ve had less of a need for an off-the-shelf all-in-one wireless router combo. I&rsquo;ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!</p> \ No newline at end of file diff --git a/tags/router-on-a-stick/page/1/index.html b/tags/router-on-a-stick/page/1/index.html index 9fd3fbee..69c16c57 100644 --- a/tags/router-on-a-stick/page/1/index.html +++ b/tags/router-on-a-stick/page/1/index.html @@ -1 +1,2 @@ -/tags/router-on-a-stick/ \ No newline at end of file +/tags/router-on-a-stick/ + \ No newline at end of file diff --git a/tags/router/index.html b/tags/router/index.html index 016a47cf..50e4ed26 100644 --- a/tags/router/index.html +++ b/tags/router/index.html @@ -1,3 +1,4 @@ -router
-

router

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >
Dave Gallant
-
\ No newline at end of file +router +
+

router

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/router/index.xml b/tags/router/index.xml index a29f63ea..23092514 100644 --- a/tags/router/index.xml +++ b/tags/router/index.xml @@ -1,7 +1,13 @@ -router on/tags/router/Recent content in router onHugo -- gohugo.ioDave GallantSat, 02 Apr 2022 18:50:09 -0400Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a -href="https://en.wikipedia.org/wiki/OpenWrt" -class="link--external" target="_blank" rel="noreferrer" +router on/tags/router/Recent content in router onHugo -- gohugo.ioenDave GallantSat, 02 Apr 2022 18:50:09 -0400Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a + href="https://en.wikipedia.org/wiki/OpenWrt" + + + class="link--external" target="_blank" rel="noreferrer" + >OpenWrt</a> for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a <a -href="https://openwrt.org/packages/index/start" -class="link--external" target="_blank" rel="noreferrer" + href="https://openwrt.org/packages/index/start" + + + class="link--external" target="_blank" rel="noreferrer" + >large index of packages</a>. Ever since I&rsquo;ve connected some standalone wireless access points, I&rsquo;ve had less of a need for an off-the-shelf all-in-one wireless router combo. I&rsquo;ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!</p> \ No newline at end of file diff --git a/tags/router/page/1/index.html b/tags/router/page/1/index.html index 638b8931..018d976b 100644 --- a/tags/router/page/1/index.html +++ b/tags/router/page/1/index.html @@ -1 +1,2 @@ -/tags/router/ \ No newline at end of file +/tags/router/ + \ No newline at end of file diff --git a/tags/security/index.html b/tags/security/index.html index 634b0f99..72ff5bcb 100644 --- a/tags/security/index.html +++ b/tags/security/index.html @@ -1,4 +1,5 @@ -security
+security +

security

Automatically rotating AWS access keys

2021-09-17 (updated: 2024-01-01)
awspythonsecurityaws‑vault
Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. -In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.
Read more >
Dave Gallant
-
\ No newline at end of file +In the longer term, migrating my local workflows to aws-vault seems like a more secure solution.
Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/security/index.xml b/tags/security/index.xml index 3de8446d..e12e1cea 100644 --- a/tags/security/index.xml +++ b/tags/security/index.xml @@ -1,2 +1,2 @@ -security on/tags/security/Recent content in security onHugo -- gohugo.ioDave GallantFri, 17 Sep 2021 12:48:33 -0400Automatically rotating AWS access keys/blog/2021/09/17/automatically-rotating-aws-access-keys/Fri, 17 Sep 2021 12:48:33 -0400/blog/2021/09/17/automatically-rotating-aws-access-keys/Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. +security on/tags/security/Recent content in security onHugo -- gohugo.ioenDave GallantFri, 17 Sep 2021 12:48:33 -0400Automatically rotating AWS access keys/blog/2021/09/17/automatically-rotating-aws-access-keys/Fri, 17 Sep 2021 12:48:33 -0400/blog/2021/09/17/automatically-rotating-aws-access-keys/Rotating credentials is a security best practice. This morning, I read a question about automatically rotating AWS Access Keys without having to go through the hassle of navigating the AWS console. There are some existing solutions already, but I decided to write a script since it was incredibly simple. The script could be packed up as a systemd/launchd service to continually rotate access keys in the background. In the longer term, migrating my local workflows to aws-vault seems like a more secure solution. \ No newline at end of file diff --git a/tags/security/page/1/index.html b/tags/security/page/1/index.html index 2847dee2..3037cb52 100644 --- a/tags/security/page/1/index.html +++ b/tags/security/page/1/index.html @@ -1 +1,2 @@ -/tags/security/ \ No newline at end of file +/tags/security/ + \ No newline at end of file diff --git a/tags/self-hosted/index.html b/tags/self-hosted/index.html index 4c4cae97..72858e1c 100644 --- a/tags/self-hosted/index.html +++ b/tags/self-hosted/index.html @@ -1,3 +1,4 @@ -self-hosted
-

self-hosted

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >

Running K3s in LXC on Proxmox

2021-11-14 (updated: 2024-01-01)
k3sproxmoxlxcself‑hosted
It has been a while since I’ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I’ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it’d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment.
Read more >
Dave Gallant
-
\ No newline at end of file +self-hosted +
+

self-hosted

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >

Running K3s in LXC on Proxmox

2021-11-14 (updated: 2024-01-01)
k3sproxmoxlxcself‑hosted
It has been a while since I’ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I’ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it’d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment.
Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/self-hosted/index.xml b/tags/self-hosted/index.xml index dc522f1c..286178a6 100644 --- a/tags/self-hosted/index.xml +++ b/tags/self-hosted/index.xml @@ -1,16 +1,31 @@ -self-hosted on/tags/self-hosted/Recent content in self-hosted onHugo -- gohugo.ioDave GallantSun, 10 Dec 2023 17:22:11 -0500Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a -href="https://tailscale.com/" -class="link--external" target="_blank" rel="noreferrer" +self-hosted on/tags/self-hosted/Recent content in self-hosted onHugo -- gohugo.ioenDave GallantSun, 10 Dec 2023 17:22:11 -0500Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a + href="https://tailscale.com/" + + + class="link--external" target="_blank" rel="noreferrer" + >Tailscale</a>, unlocking a simple and secure way to automate workflows.</p>Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a -href="https://yewtu.be" -class="link--external" target="_blank" rel="noreferrer" + href="https://yewtu.be" + + + class="link--external" target="_blank" rel="noreferrer" + >yewtu.be</a> and found it intriguing. It not only allows you to watch YouTube without <em>being on YouTube</em>, but it also allows you to create an account and subscribe to channels without a Google account. What sort of wizardry is going on under the hood? It turns out that it&rsquo;s a hosted instance of <a -href="https://invidious.io/" -class="link--external" target="_blank" rel="noreferrer" + href="https://invidious.io/" + + + class="link--external" target="_blank" rel="noreferrer" + >invidious</a>.</p>Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a -href="https://en.wikipedia.org/wiki/OpenWrt" -class="link--external" target="_blank" rel="noreferrer" + href="https://en.wikipedia.org/wiki/OpenWrt" + + + class="link--external" target="_blank" rel="noreferrer" + >OpenWrt</a> for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a <a -href="https://openwrt.org/packages/index/start" -class="link--external" target="_blank" rel="noreferrer" + href="https://openwrt.org/packages/index/start" + + + class="link--external" target="_blank" rel="noreferrer" + >large index of packages</a>. Ever since I&rsquo;ve connected some standalone wireless access points, I&rsquo;ve had less of a need for an off-the-shelf all-in-one wireless router combo. I&rsquo;ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!</p>Running K3s in LXC on Proxmox/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/Sun, 14 Nov 2021 10:07:03 -0500/blog/2021/11/14/running-k3s-in-lxc-on-proxmox/It has been a while since I&rsquo;ve actively used Kubernetes and wanted to explore the evolution of tools such as Helm and Tekton. I decided to deploy K3s, since I&rsquo;ve had success with deploying it on resource-contrained Raspberry Pis in the past. I thought that this time it&rsquo;d be convenient to have K3s running in a LXC container on Proxmox. This would allow for easy snapshotting of the entire Kubernetes deployment. \ No newline at end of file diff --git a/tags/self-hosted/page/1/index.html b/tags/self-hosted/page/1/index.html index dc7a1b6f..6006e6c7 100644 --- a/tags/self-hosted/page/1/index.html +++ b/tags/self-hosted/page/1/index.html @@ -1 +1,2 @@ -/tags/self-hosted/ \ No newline at end of file +/tags/self-hosted/ + \ No newline at end of file diff --git a/tags/socat/index.html b/tags/socat/index.html index bb3c647a..b5dd8c57 100644 --- a/tags/socat/index.html +++ b/tags/socat/index.html @@ -1,3 +1,4 @@ -socat
-

socat

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
-
\ No newline at end of file +socat +
+

socat

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/socat/index.xml b/tags/socat/index.xml index 96df237f..75017bdb 100644 --- a/tags/socat/index.xml +++ b/tags/socat/index.xml @@ -1 +1 @@ -socat on/tags/socat/Recent content in socat onHugo -- gohugo.ioDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file +socat on/tags/socat/Recent content in socat onHugo -- gohugo.ioenDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file diff --git a/tags/socat/page/1/index.html b/tags/socat/page/1/index.html index 8bbd1b44..78a8057e 100644 --- a/tags/socat/page/1/index.html +++ b/tags/socat/page/1/index.html @@ -1 +1,2 @@ -/tags/socat/ \ No newline at end of file +/tags/socat/ + \ No newline at end of file diff --git a/tags/socks/index.html b/tags/socks/index.html index 372e5986..8324e124 100644 --- a/tags/socks/index.html +++ b/tags/socks/index.html @@ -1,3 +1,4 @@ -socks
-

socks

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
-
\ No newline at end of file +socks +
+

socks

Using AKS and SOCKS to connect to a private Azure DB

2023-05-22 (updated: 2024-01-01)
aksawsazurebastioncloud‑sql‑proxydatabaseeksk8skubectl‑plugin‑socks5‑proxyproxysocatsocks

I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I’d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I’d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/socks/index.xml b/tags/socks/index.xml index d736dab5..e358bc97 100644 --- a/tags/socks/index.xml +++ b/tags/socks/index.xml @@ -1 +1 @@ -socks on/tags/socks/Recent content in socks onHugo -- gohugo.ioDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file +socks on/tags/socks/Recent content in socks onHugo -- gohugo.ioenDave GallantMon, 22 May 2023 16:31:29 -0400Using AKS and SOCKS to connect to a private Azure DB/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/Mon, 22 May 2023 16:31:29 -0400/blog/2023/05/22/using-aks-and-socks-to-connect-to-a-private-azure-db/<p>I ran into a roadblock recently where I wanted to be able to conveniently connect to a managed postgres database within Azure that was not running on public subnets. And by conveniently, I mean that I&rsquo;d rather not have to spin up an ephemeral virtual machine running in the same network and proxy the connection, and I&rsquo;d like to use a local client (preferably with a GUI). After several web searches, it became evident that Azure does not readily provide much tooling to support this.</p> \ No newline at end of file diff --git a/tags/socks/page/1/index.html b/tags/socks/page/1/index.html index ad6c23a7..2d1743c6 100644 --- a/tags/socks/page/1/index.html +++ b/tags/socks/page/1/index.html @@ -1 +1,2 @@ -/tags/socks/ \ No newline at end of file +/tags/socks/ + \ No newline at end of file diff --git a/tags/synology/index.html b/tags/synology/index.html index a649eea2..de65a3ee 100644 --- a/tags/synology/index.html +++ b/tags/synology/index.html @@ -1,3 +1,4 @@ -synology
-

synology

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

Read more >
Dave Gallant
-
\ No newline at end of file +synology +
+

synology

Backing up gmail with Synology

2022-03-13 (updated: 2024-01-01)
degooglesynologygmailbackupransomware

I’ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/synology/index.xml b/tags/synology/index.xml index c8c0d80c..bb37c7f5 100644 --- a/tags/synology/index.xml +++ b/tags/synology/index.xml @@ -1 +1 @@ -synology on/tags/synology/Recent content in synology onHugo -- gohugo.ioDave GallantSun, 13 Mar 2022 18:49:10 -0400Backing up gmail with Synology/blog/2022/03/13/backing-up-gmail-with-synology/Sun, 13 Mar 2022 18:49:10 -0400/blog/2022/03/13/backing-up-gmail-with-synology/<p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p> \ No newline at end of file +synology on/tags/synology/Recent content in synology onHugo -- gohugo.ioenDave GallantSun, 13 Mar 2022 18:49:10 -0400Backing up gmail with Synology/blog/2022/03/13/backing-up-gmail-with-synology/Sun, 13 Mar 2022 18:49:10 -0400/blog/2022/03/13/backing-up-gmail-with-synology/<p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p> \ No newline at end of file diff --git a/tags/synology/page/1/index.html b/tags/synology/page/1/index.html index eba8b0b4..ec70eecc 100644 --- a/tags/synology/page/1/index.html +++ b/tags/synology/page/1/index.html @@ -1 +1,2 @@ -/tags/synology/ \ No newline at end of file +/tags/synology/ + \ No newline at end of file diff --git a/tags/tailscale/index.html b/tags/tailscale/index.html index 9b038a42..5d425650 100644 --- a/tags/tailscale/index.html +++ b/tags/tailscale/index.html @@ -1,3 +1,4 @@ -tailscale
-

tailscale

Dave Gallant
-
\ No newline at end of file +tailscale +
+

tailscale

Dave Gallant
\ No newline at end of file diff --git a/tags/tailscale/index.xml b/tags/tailscale/index.xml index 1c933d31..6559c37a 100644 --- a/tags/tailscale/index.xml +++ b/tags/tailscale/index.xml @@ -1,10 +1,19 @@ -tailscale on/tags/tailscale/Recent content in tailscale onHugo -- gohugo.ioDave GallantSun, 10 Dec 2023 17:22:11 -0500Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a -href="https://tailscale.com/" -class="link--external" target="_blank" rel="noreferrer" +tailscale on/tags/tailscale/Recent content in tailscale onHugo -- gohugo.ioenDave GallantSun, 10 Dec 2023 17:22:11 -0500Setting up Gitea Actions with Tailscale/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/Sun, 10 Dec 2023 17:22:11 -0500/blog/2023/12/10/setting-up-gitea-actions-with-tailscale/<p>In this post I&rsquo;ll go through the process of setting up Gitea Actions and <a + href="https://tailscale.com/" + + + class="link--external" target="_blank" rel="noreferrer" + >Tailscale</a>, unlocking a simple and secure way to automate workflows.</p>Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a -href="https://yewtu.be" -class="link--external" target="_blank" rel="noreferrer" + href="https://yewtu.be" + + + class="link--external" target="_blank" rel="noreferrer" + >yewtu.be</a> and found it intriguing. It not only allows you to watch YouTube without <em>being on YouTube</em>, but it also allows you to create an account and subscribe to channels without a Google account. What sort of wizardry is going on under the hood? It turns out that it&rsquo;s a hosted instance of <a -href="https://invidious.io/" -class="link--external" target="_blank" rel="noreferrer" + href="https://invidious.io/" + + + class="link--external" target="_blank" rel="noreferrer" + >invidious</a>.</p> \ No newline at end of file diff --git a/tags/tailscale/page/1/index.html b/tags/tailscale/page/1/index.html index 72ab39f2..2b34a466 100644 --- a/tags/tailscale/page/1/index.html +++ b/tags/tailscale/page/1/index.html @@ -1 +1,2 @@ -/tags/tailscale/ \ No newline at end of file +/tags/tailscale/ + \ No newline at end of file diff --git a/tags/vlan/index.html b/tags/vlan/index.html index 9fa3bb4d..0a9661db 100644 --- a/tags/vlan/index.html +++ b/tags/vlan/index.html @@ -1,3 +1,4 @@ -vlan
-

vlan

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >
Dave Gallant
-
\ No newline at end of file +vlan +
+

vlan

Virtualizing my router with pfSense

2022-04-02 (updated: 2024-01-01)
pfsenserouteropenwrtrouter‑on‑a‑stickproxmoxvlanself‑hosted

My aging router has been running OpenWrt for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a large index of packages. Ever since I’ve connected some standalone wireless access points, I’ve had less of a need for an off-the-shelf all-in-one wireless router combo. I’ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!

Read more >
Dave Gallant
\ No newline at end of file diff --git a/tags/vlan/index.xml b/tags/vlan/index.xml index d6347716..5b714348 100644 --- a/tags/vlan/index.xml +++ b/tags/vlan/index.xml @@ -1,7 +1,13 @@ -vlan on/tags/vlan/Recent content in vlan onHugo -- gohugo.ioDave GallantSat, 02 Apr 2022 18:50:09 -0400Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a -href="https://en.wikipedia.org/wiki/OpenWrt" -class="link--external" target="_blank" rel="noreferrer" +vlan on/tags/vlan/Recent content in vlan onHugo -- gohugo.ioenDave GallantSat, 02 Apr 2022 18:50:09 -0400Virtualizing my router with pfSense/blog/2022/04/02/virtualizing-my-router-with-pfsense/Sat, 02 Apr 2022 18:50:09 -0400/blog/2022/04/02/virtualizing-my-router-with-pfsense/<p>My aging router has been running <a + href="https://en.wikipedia.org/wiki/OpenWrt" + + + class="link--external" target="_blank" rel="noreferrer" + >OpenWrt</a> for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a <a -href="https://openwrt.org/packages/index/start" -class="link--external" target="_blank" rel="noreferrer" + href="https://openwrt.org/packages/index/start" + + + class="link--external" target="_blank" rel="noreferrer" + >large index of packages</a>. Ever since I&rsquo;ve connected some standalone wireless access points, I&rsquo;ve had less of a need for an off-the-shelf all-in-one wireless router combo. I&rsquo;ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!</p> \ No newline at end of file diff --git a/tags/vlan/page/1/index.html b/tags/vlan/page/1/index.html index 26155bc5..a849275c 100644 --- a/tags/vlan/page/1/index.html +++ b/tags/vlan/page/1/index.html @@ -1 +1,2 @@ -/tags/vlan/ \ No newline at end of file +/tags/vlan/ + \ No newline at end of file diff --git a/tags/vpn/index.html b/tags/vpn/index.html index 229b5def..b702f470 100644 --- a/tags/vpn/index.html +++ b/tags/vpn/index.html @@ -1,3 +1,4 @@ -vpn
-

vpn

Dave Gallant
-
\ No newline at end of file +vpn +
+

vpn

Dave Gallant
\ No newline at end of file diff --git a/tags/vpn/index.xml b/tags/vpn/index.xml index 0a743de5..29b143b1 100644 --- a/tags/vpn/index.xml +++ b/tags/vpn/index.xml @@ -1 +1 @@ -vpn on/tags/vpn/Recent content in vpn onHugo -- gohugo.ioDave GallantMon, 16 Mar 2020 22:00:15 -0400AppGate SDP on Arch Linux/blog/2020/03/16/appgate-sdp-on-arch-linux/Mon, 16 Mar 2020 22:00:15 -0400/blog/2020/03/16/appgate-sdp-on-arch-linux/<p>AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP <code>4.3.2</code> working on Arch Linux.</p> \ No newline at end of file +vpn on/tags/vpn/Recent content in vpn onHugo -- gohugo.ioenDave GallantMon, 16 Mar 2020 22:00:15 -0400AppGate SDP on Arch Linux/blog/2020/03/16/appgate-sdp-on-arch-linux/Mon, 16 Mar 2020 22:00:15 -0400/blog/2020/03/16/appgate-sdp-on-arch-linux/<p>AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP <code>4.3.2</code> working on Arch Linux.</p> \ No newline at end of file diff --git a/tags/vpn/page/1/index.html b/tags/vpn/page/1/index.html index 78c2a9e8..bdb42c0c 100644 --- a/tags/vpn/page/1/index.html +++ b/tags/vpn/page/1/index.html @@ -1 +1,2 @@ -/tags/vpn/ \ No newline at end of file +/tags/vpn/ + \ No newline at end of file diff --git a/tags/yewtu.be/index.html b/tags/yewtu.be/index.html index cabf6112..f0521dcb 100644 --- a/tags/yewtu.be/index.html +++ b/tags/yewtu.be/index.html @@ -1,3 +1,4 @@ -yewtu.be
-

yewtu.be

Dave Gallant
-
\ No newline at end of file +yewtu.be +
+

yewtu.be

Dave Gallant
\ No newline at end of file diff --git a/tags/yewtu.be/index.xml b/tags/yewtu.be/index.xml index 98e6b726..a2bc2d9b 100644 --- a/tags/yewtu.be/index.xml +++ b/tags/yewtu.be/index.xml @@ -1,7 +1,13 @@ -yewtu.be on/tags/yewtu.be/Recent content in yewtu.be onHugo -- gohugo.ioDave GallantSat, 10 Dec 2022 21:46:55 -0500Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a -href="https://yewtu.be" -class="link--external" target="_blank" rel="noreferrer" +yewtu.be on/tags/yewtu.be/Recent content in yewtu.be onHugo -- gohugo.ioenDave GallantSat, 10 Dec 2022 21:46:55 -0500Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a + href="https://yewtu.be" + + + class="link--external" target="_blank" rel="noreferrer" + >yewtu.be</a> and found it intriguing. It not only allows you to watch YouTube without <em>being on YouTube</em>, but it also allows you to create an account and subscribe to channels without a Google account. What sort of wizardry is going on under the hood? It turns out that it&rsquo;s a hosted instance of <a -href="https://invidious.io/" -class="link--external" target="_blank" rel="noreferrer" + href="https://invidious.io/" + + + class="link--external" target="_blank" rel="noreferrer" + >invidious</a>.</p> \ No newline at end of file diff --git a/tags/yewtu.be/page/1/index.html b/tags/yewtu.be/page/1/index.html index 77edcf4f..19a2019c 100644 --- a/tags/yewtu.be/page/1/index.html +++ b/tags/yewtu.be/page/1/index.html @@ -1 +1,2 @@ -/tags/yewtu.be/ \ No newline at end of file +/tags/yewtu.be/ + \ No newline at end of file diff --git a/tags/youtube/index.html b/tags/youtube/index.html index e5c56a10..e6f7d520 100644 --- a/tags/youtube/index.html +++ b/tags/youtube/index.html @@ -1,3 +1,4 @@ -youtube
-

youtube

Dave Gallant
-
\ No newline at end of file +youtube +
+

youtube

Dave Gallant
\ No newline at end of file diff --git a/tags/youtube/index.xml b/tags/youtube/index.xml index 0b32d220..516fa282 100644 --- a/tags/youtube/index.xml +++ b/tags/youtube/index.xml @@ -1,7 +1,13 @@ -youtube on/tags/youtube/Recent content in youtube onHugo -- gohugo.ioDave GallantSat, 10 Dec 2022 21:46:55 -0500Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a -href="https://yewtu.be" -class="link--external" target="_blank" rel="noreferrer" +youtube on/tags/youtube/Recent content in youtube onHugo -- gohugo.ioenDave GallantSat, 10 Dec 2022 21:46:55 -0500Watching YouTube in private/blog/2022/12/10/watching-youtube-in-private/Sat, 10 Dec 2022 21:46:55 -0500/blog/2022/12/10/watching-youtube-in-private/<p>I recently stumbled upon <a + href="https://yewtu.be" + + + class="link--external" target="_blank" rel="noreferrer" + >yewtu.be</a> and found it intriguing. It not only allows you to watch YouTube without <em>being on YouTube</em>, but it also allows you to create an account and subscribe to channels without a Google account. What sort of wizardry is going on under the hood? It turns out that it&rsquo;s a hosted instance of <a -href="https://invidious.io/" -class="link--external" target="_blank" rel="noreferrer" + href="https://invidious.io/" + + + class="link--external" target="_blank" rel="noreferrer" + >invidious</a>.</p> \ No newline at end of file diff --git a/tags/youtube/page/1/index.html b/tags/youtube/page/1/index.html index db90b42b..c67b9e4c 100644 --- a/tags/youtube/page/1/index.html +++ b/tags/youtube/page/1/index.html @@ -1 +1,2 @@ -/tags/youtube/ \ No newline at end of file +/tags/youtube/ + \ No newline at end of file