A few months ago I had a strange behaviour: Sometimes the L2TP/IPSec connection between my workstation at home and our company VPN silently failed. After clicking on the VPN connection icon in the tasktray it only showed Connecting to… and stopped working after 60 seconds. The VPN connection status did Read more…
Most of the time you are doing local web development without HTTPS and self-signed certificates but good-ol’ plain HTTP. For security and SEO reasons, HTTPS should be enabled in your production environment all the time. One important requirement for production environments is, that every incoming plain HTTP request has to Read more…
Shortly after I had started the work on nerdhood.de I built a deployment pipeline. The bash-based build script for my Laravel application was easy but triggering the deployment itself turned out to be more difficult than expected. In the end I built something with two AWS Lambda function, SNS, an Read more…
For a customer of us we had to set up two webserver environment on physical servers. We picked up both server systems (having a Super Micro X10DRI-LN4+ and a PNY Quadro P1000 installed in addition to other components) and booted up the system. During the IPMI initalization phase, the whole Read more…
Most of my articles are written in English but this topic is more or less focussed on German businesses so I’ll do this write-up in German. Für das WordPress-Plug-in Next Active Directory Integration bieten wir als virtuelle Dienstleistung eine Support-Lizenz in diversen Stufen an. Die Bezahlung der Dienstleistung erfolgt dabei Read more…
We are currently in the process of migrating our alerting infrastructure from OMD to Atlassian’s OpsGenie. Most of the features (SMS, phone call etc.) worked out of the box but we struggled with pushing alerts back into our on-premises Jira instance. Enable logging of POST requests OpsGenie does not provide Read more…
I am currently working on a Jenkins declarative pipeline to connect the Jenkins builds with Kubernetes, Helm and Netflix Spinnaker. One of TODOs has been to deploy different artifacts (e.g. a helm chart my-chart-0.0.1.tar.gz) to an AWS S3-compatible bucket inside a Minio installation with help of pipeline-aws-plugin. When running my Read more…
Just a quick reminder how to run a Spring Boot JAR (or any other self JAR executable) with SELinux enabled: To make this persistent you have to use the bin_exec_t type as java_exec_t is just an alias: To let systemd start this service, you have to create a systemd unit Read more…
Today I struggled an hour or so to access a AWS hosted web application through IPv6. Just follow these rules: Get an IPv6 CIDR for your VPC: Go to VPC > Your VPCs > ${YOUR_VPC} > Edit CIDRs > Add IPv6 CIDR. The IPv6 CIDR is automatically choosen by AWS. Read more…
One of the common required tasks for an application using a persistence store is to initialize the underlying database with basic data sets. Most of the time this contains something like admin users or default roles. Setting the stage To give a proper example, we have the database table role Read more…