In a previous post, I introduced Bee2, a Ruby application designed to provision servers and setup DNS records. Later I expanded it using Ansible roles to setup OpenVPN, Docker and firewalls. In the latest iteration, I’ve added a rich Docker library designed to provision applications, run jobs and backup/restore data volumes. I’ve also included some basic Dockerfiles for setting up HAProxy with LetsEncrypt and Nginx for static content. Building this system has given me a lot more flexibility than what I would have had with something like Docker Compose. It’s not anywhere near as scalable as something like Kubernetes or DC/OS with Marathon, but it works well for my personal setup with just my static websites and personal projects.

Read More

I went to University in a small town whose population reduced by a third when school was out of session. Past the edge of town was a state park filled with amazing waterfalls, but if you turned off a few roads early, you’d come to a dead end. Beside the road was a trail that led back between houses and down to a secluded creek, a series of cliffs and a maze of paths used by dirt bikes and all-terrain vehicles. We spent weekends exploring this crazy area which so few people knew about.

Today it’s now officially part of the larger state park network. The old entrance has been closed off and an official parking lot has been built three kilometers away. Many of the most amazing trails have been closed off to the world, either sighting safety concerns or with no trespassing signs indicating the borders of private property. What was once a place of imagination and exploration became tamed. Other hikers I met from that era are glad the area is preserved, but I could hear the sense of loss and nostalgia in their voices; that feeling of saudade from that time when we felt like we were on the frontier, trekking through an undiscovered country in our own backyards. On those weekends, between the deadlines of projects, assignments, fraternity parties and final exams, we spent time exploring, both our world and ourselves.

Read More

Sometime in 2008, MySpace had a data breach of nearly 260 million accounts. It exposed passwords that were weakly hashed and forced lowercase, making them relatively easy to crack. In 2012, Yahoo Voice had a data breach of nearly half a million usernames and unencrypted passwords. Now you may think to yourself, “I don’t care. I never use my old MySpace or Yahoo account,” but in the case of the Yahoo data breach, 59% of users also had an account compromised in the Sony breach of 2011, and were using the exact same password for both services!

Using leaked usernames and passwords from one service to attempt to gain entry to other services is known as credential stuffing. People should use a different password for every website or service. Password reuse is one of the major ways online accounts become compromised. For the average person, using a password manager to generate unique passwords for every website and app may seem a bit cumbersome or complicated. But there is another way to have unique passwords for every website; passwords that can easily be remembered, yet are difficult to guess. The solution, often discouraged by security experts, is creating a password algorithm.

Read More

In a previous post, I showed how I wrote a provisioning system for servers on Vultr. In this post, I’m going to expand upon that framework, adding support for Firewalls, Docker, a VPN system and everything needed to create a small and secure infrastructure for personal projects. Two servers will be provisioned, one as a web server running a docker daemon with only ports 80 and 443 exposed, and a second that establishes a VPN to connect securely to the docker daemon on the web server.

Read More

In 2015, due to a series of events, I began a journey across the globe where I lived out of two bags for eleven months. In May of 2017, I left my full time job and started another journey, this time driving across the US. It’s been several months since I started this new minimalist adventure, and it’s not been entirely what I expected. I’ve seen a lot of amazing friends and family. I’ve had a couple of setbacks. I’ve struggled with people, relationships and burnout. My journey is not quite over, but I’ve already learned a considerable amount about myself, people and America.

Read More

The Daily Stormer, a website with highly controversial hate speech, was recently scrubbed from the Internet. This wasn’t due to government censorship or illegal content, but due to the fact that no private hosting provider would allow their content. DigitalOcean and DreamHost refused to host their content in 2014. In August of 2017, CloudFlare terminated their CDN services for the website. GoDaddy terminated their domain registration with a 24 hour warning. The site owners migrated to Google Domains, which also refused to allow the domain transfer. NameCheap refused to allow them to register a domain as well.

What is interesting about this situation is the Daily Stomer carried only content. Although legally protected as free speech, at least in the US, hosting and infrastructure providers are free to refuse service to any company. Many of the companies mentioned above quoted specific clauses in their terms of service about hate speech or inciting violence. On its surface, it seems like these tech companies are helping to make it difficult to host hateful content on the Internet. However, with such a limited set of providers and domain registration services on the Internet, does the dominance of such few companies in the hosting space allow the means for industry to decide what content is allowable? Are Google, GoDaddy and others effectively censoring opinions they find disagreeable?

Read More

“I only dance when I’ve been drinking,” is one of those phrases every social dancer had heard when attempting to encourage a friend to come learn how to dance. It’s not the same as saying, “I don’t dance,” which is a mere acknowledgment that dancing is something one does not enjoy (or thinks they will not enjoy). To qualify the necessity for alcohol often implies that one may like to express oneself through movement, but has difficulty dealing with the self-perceived embarrassment. Such people may fear allowing themselves to feel silly, unless they are under the influence of a substance that can reduce that anxiety. But learning to be silly, together and fully aware, and to move our bodies to music in ways that evoke powerful emotions of love and life, can grant people a freedom to create and enjoy the art form known as dancing.

Read More

No one enjoys changing hosting providers. I haven’t had to often, but when I have, it involved manual configuration and copying files. As I’m looking to deploy some new projects, I’m attempting to automate the provisioning process, using hosting providers with Application Programming Interfaces (APIs) to automatically create virtual machines and run Ansible playbooks on those machines. My first attempt involved installing DC/OS on DigitalOcean which met with mixed results.

In this post, I’ll be examining Bee2, a simple framework I built in Ruby. Although the framework is designed to be expandable to different providers, initially I’ll be implementing a provisioner for Vultr, a new hosting provider that seems to be competing directly with DigitalOcean. While their prices and flexibility seem better than DigitalOcean’s, their APIs are a mess of missing functions, poll/waiting and interesting bugs.

Read More

Back in 2013, a startup known as Cloud at Cost attempted to run a hosting service where users paid a one-time cost for Virtual Machines (VMs). For a one-time fee, you could get a server for life. I had purchased one of these VMs, intending to use it as a status page. However, their service has been so unreliable that it’s a shot in the dark as to whether a purchased VM will be available from week to week. Recent changes to their service policy are attempting to recoup their losses through a $9 per year service fee. It’s a poor attempt to salvage a bad business model from a terrible hosting provider.

Read More