When you need to setup a new Linux server on one of the popular VPS providers, the first steps are often similar. A big reason I have a blog is so I can copy/paste common tasks I need to do more than once. So, below are the first few steps I take when setting up a new Ubuntu 18.04 server on Digital Ocean.
Step 1: Create new server, add ssh key While the directions will vary between VPS providers, the first step is to provision a new server and then configure it to accept SSH keys.
While converting my various websites to hugo static sites, I looked at various ways to push my local changes to production. Ultimately, I chose s3_website as the best choice for my setup. The tool is static site generator agnostic so works well with jekyll, middleman, hugo and others but in case you are curious, the tech stack I use is:
hugo [static website generator] Amazon Web Servics (AWS) S3 for storage / web hosting Cloudfront for CDN Certificate Manager for TLS Route 53 for DNS (alias support) s3_website for deploys Installing s3_website on macOS Installing s3_website on macOS requires a few dependencies so I wanted to document them here for anyone else interested in using it.
As a general rule, I don’t like password hints. If the hint is any good, it would give an attacker additional info to crack your password.
However, I had that sinking feel of dread the other day after I rebuilt a MacBook Pro, attached the TimeMachine backup drive and was prompted for the password.
On the previous build of the computer, I must have entered the password, saved it to the keychain and forgot about it.
If you are leveraging git submodule for Hugo themes and you are accustomed to using git diff to see what changes you made and totally forgot to commit, you will need to tweak your command for git submodules. By appending --submodule=diff you will see diffs for submodules as well:
$ git diff --submodule=diff You can run this command at your top level repo and see all changes in that repo plus submodule(s) or cd into a specific submodule and see see the diffs for those changes only.
If you are leveraging git submodule for Hugo themes and you are accustomed to using git without passwords (via ssh urls), you’ll find that when you add a git submodule, it will be setup for “https urls” and thus prompt you for a password:
$ git push origin master Username for 'https://github.com': This is obviously annoying but easy to fix. You can check the urls for your origin with git remote -v:
When I first started tinkering with Hugo for static website generation, I would find a Hugo theme that I like, cd into my themes directory and would simply git clone the repo into my website. This works, makes sense and is the most common install instructions from the theme authors.
However, you will likely run into an issue where you want to make an edit to the theme only for your website.
I recently updated to the latest stable version of node (v7.5.0) with the following command:
$ nvm install stable --reinstall-packages-from=node and when I ran my ios-triage cli app, I saw several DeprecationWarning messages:
(node:3958) DeprecationWarning: Calling an asynchronous function without callback is deprecated. Initially I was pretty excited because I recently taught myself node and as a noob I knew I was missing some callbacks which was preventing my async.parallel final function to not run.
What is Technical Debt? Technical debt is a popular term within the software industry. First coined by well-known programmer Ward Cunningham, technical debt is a metaphor that explains the long-term burden developers and software teams incur when taking shortcuts.
ThoughtWorks’ Martin Fowler sums up the point well:
“Doing things the quick and dirty way sets us up with a technical debt, which is similar to a financial debt. Like a financial debt, the technical debt incurs interest payments, which come in the form of the extra effort that we have to do in future development because of the quick and dirty design choice.
One of my talks at RSA 2014 tried to convince attendees that they shouldn’t fear root on mobile. The talk, while lightly attended, seemed well received. Max Eddy of PCMag did a nice write up on it entitled Phones Can’t Be Trusted, Security Needs Root in Mobile.
Abbreviated “history” of root access It’s funny if you think about the history of privilege on computer systems (this is a broad generalization of computer history).
My website has annoyed me for years. I’ve built custom sites, used wordpress, and many others I’ve simply forgotten. My first webpage ever was coded for an independent study during college (1992!). For years, my site simply said:
note to self: use drop database with extreme caution
I read a lot (online) and have much I’d like to share. So I’m excited to finally bring my website back online. I host using GitHub Pages and look forward to sharing things again.