Tuesday, November 12, 2024
Home labs are a great place to learn and tinker with systems. I love it because I get to wear my systems administrator hat. I’ve been doing a lot of application development lately as well as tinkering with various build & deployment tools for those applications. The best way, in my opinion, is docker. It’s just so good, you can package up all of the tools and configurations into a distributable unit, using an open standard.Sunday, March 10, 2024
There is a pattern I see often among junior/associate developers when it comes to handling environment-specific configuration. The observed pattern could be summarized as junior developers creating separate fields for development and production environments in the application, misunderstanding the need for a single environment-aware configuration, resulting in duplicated logic to handle different keys based on the environment. An example of this in action is there will be a request to add a field in the admin area of a website to store a key for some purpose.Monday, April 24, 2023
If you ask a group of people "what is DevOps?" you are likely going to get a variety of different answers. Some think it's just the automation of a pipeline. Some people may say it's just developers doing operations work. I subscribe to the idea that DevOps is a mental model for how to think about creating software. From that philosophy some concrete tactics have emerged, such as automating infrastructure and deployments.Friday, February 3, 2023
I have been developing Ruby on Rails apps in Docker for several years now. I couldn't imagine not using Docker at this point! An Introduction to DockerDocker an open-source project for automating the deployment of applications as portable self sufficient containers that run in cloud or on premises. Docker is also a company that owns this technology. The underlying technology that powers Docker has been part of Linux for many years.Friday, September 30, 2022
As I often love to tell people, I love monorepos and I use a monorepo for my own projects. But there is not really an out of the box solution for monorepos so you often end up having to write scripts to glue everything together. Sometimes it really does feel like wadding up a bunch of projets into a loose ball then duct taping and hot-gluing them together into a much bigger ball.Tuesday, September 13, 2022
Here is a a flexible terraform module for creating an AWS ACM with a variable number of additional SANs. Our infrastructure architecture is such that we have application load balancers that may serve multiple apps, and there was a need to create SSL certificates with multiple SANs to support those apps. While possible to add multiple SSL certificates to an application load balancer there is in fact a limit and so I wanted to avoid that altogether.Tuesday, September 13, 2022
Here is a directory structure that I am using for Terraform that I think works pretty well. The quick and dirty of it is to think of your configurations in terms of a organizational and systems hierarchy, and to design your plans to support that hierarchy. Each tier depends on and builds upon the previous tier. I create a separate terraform project for each tier of my stack. I am nearly 100% in AWS these days so this is going to feel a little AWS centric, but the basic idea is the same regardless of cloud provider.Sunday, August 7, 2022
Maintain a single .gitconfig between different operating systems by using proxy scripts for git diff and git merge tools. We first need to know which operating system we are using. I do this by by extracting the value from uname and then setting the value to an environtment variable. On MacOS this will return darwin, on most Linux distributions it should return linux. export DOTFILES_OS=`uname | awk '{print tolower($0)}'` In your .Monday, February 21, 2022
A monorepo is a software development strategy where code for many projects is stored in the same repository. The code doesn't necessarily have to be related. Okay, but why use a monorepo? Gathering all of my personal projects into a single repository makes it easier for me to manage and maintain the code. One repository is easier to deal with than a dozen. I can develop a common interface for building and deploying projects in the monorepo.Wednesday, March 10, 2021
Ruby on Rails is quickly becoming my framework of choice for my personal websites and projects. It's a pleasure to work with and has been easy to learn. But no framework is without its challenges. One of those challenges is of course deploying the app to a server. There are a lot of options for hosting and deploying a Rails app. But, I like to run my own servers which means I have to also take care of deploying to those servers.Saturday, March 6, 2021
Create a systemd service to run your rails app server. Ansible tasks to create the service: --- …snip… vars: rails_root: “/myapp” rails_user: “webuser” tasks: - name: Setup Rails Web Service template: dest: /usr/lib/systemd/system/rails-web.service src: templates/rails-web.systemd.j2 - name: Enable Rails Web Service systemd: name: rails-web daemon_reload: yes enabled: yes masked: no The ansible template "rails-web.systemd.j2": [Unit] Description=Rails Web [Service] Type=simple SyslogIdentifier=rails-web User={{ rails_user }} PIDFile={{ rails_root }}/tmp/pids/web.pid WorkingDirectory={{ rails_root }} ExecStart=/bin/bash -l -c “{{ rails_root }}/bin/rails s -b 0.Tuesday, March 2, 2021
Terraform is an awesome tool. To make it more awesome though we have wrapped it with some custom Ruby ERB templating to generate our terraform configurations from Yaml configurations. Terraform uses a declarative language. You describe the state you want and it figures out how to get there. The declarative nature of Terraform does not afford us the same control that a language like Ruby can provide, which is fine, but I have found that I end up managing _massive_ Terraform configurations.Monday, May 16, 2016
Custom tasks for Capistrano that I am using to help manage a Magento website. set :linked_files, %w{app/etc/local.xml .htaccess robots.txt} set :linked_dirs, %w{sitemap var media} namespace :mage do task :restart do on roles(:app) do execute "cd #{current_path} && rm -f maintenance.flag" end end task :disable do on roles(:app) do execute "cd #{current_path} && touch maintenance.flag" end end task :enable do on roles(:app) do execute "cd #{current_path} && rm -f maintenance.flag" end end task :clear_cache do on roles(:app) do execute "Monday, February 8, 2016
You want to share a topic branch with a colleague but do not want to push that branch upstream to Github/BitBucket/GitLab, etc. How do you do this? You could create a patch and email it. Or you could do it in the most crazy way possible and use Apache and allow your colleague to pull from your repo directly. This does take a bit more time to setup, but it would also be absolutely crazy dumb for everyone involved.Monday, May 25, 2015
Here is a rough outline of my Pantheon + Jenkins process. I like my code in BitBucket. I also like Pantheon (check them out). The Pantheon workflow is all about being the source of truth for your code. This is fine, and actually I dig it because it promotes good practices. However, I, and my company, have many projects in BitBucket already, and am using Jenkins more and more for some Continuous Integration functions.Monday, May 18, 2015
This is the Vagrantfile I am using for my development box at home and work. It is determines how much ram is available and how I want to allocate, how many CPUs are available, and configures the VM for me. I use NFS for shared folders. Finally, starting to use "hostupdater" to keep my host machines hosts file current. I would love to make that more dynamic, based on the Apache vhosts I have configured in the VM.Wednesday, April 1, 2015
Media Temple uses the OpenVZ virtualization system and I have quite a few Media Temple servers under Chef management. The one thing that has made management difficult is that by default during a Chef run ohai returns 127.0.0.1 as the default IP address which means I cannot run knife to execute commands from my workstation. For example, when I run knife node show mydv.server.com I get the following: $ knife node show mydv.Saturday, July 12, 2014
I use Chef to manage and provision new staging and production servers in our company. It takes a lot of the headache out of managing multiple servers and allows me to fire up new web & data servers for our projects with ease. I have several cookbooks that I use to configure servers and to setup/configure websites. In a nutshell, it's rad, and website deployments have never been easier. For my local development environment I currently run Ubuntu, with Apache, Nginx, PHP 5.Wednesday, July 9, 2014
It was brought to my attention at the office that a few of our recently launched websites had publicly exposed .git repository information. Unscrupulous users could use the exposed data to pull down the entire commit history, giving them unfiltered access to what is basically the blueprint for the website. What if someone accidentally uploaded a config file to the repository with sensitive information in it? Or what if the user was able to discover a major security vulnerability in the code that would have otherwise remained "