Category: sysadmin

SSL/TLS client certificate verification with Python v3.4+ SSLContext

Normally, an SSL/TLS client verifies the server’s certificate. It’s also possible for the server to require a signed certificate from the client. These are called Client Certificates. This ensures that not only can the client trust the server, but the server can also trusts the client. Traditionally in Python, you’d pass the ca_certs parameter to the […]

A short security review of Bitwarden

Update 2021-02-25: (Disclaimer: I’m not a cryptographer, and not affiliated or sponsored by Passbolt in any way, shape or form). I’ve reviewed another Open Source personal and team password manager called Passbolt. Without going into a full review, its security looks impressive. Passbolt uses plain, old, trusted GPG with asymmetric public / private key encryption […]

Multi-git-status now shows branches with no upstream

Just a quick update on Multi-git-status. It now also shows branches with no upstream. These are typically branches created locally that haven’t been configured to track a local or remote branch. Any changes in those branches are lost when the repo is removed from your machine. Additionally, multi-git-status now handles branches with slashes in them […]

Restic (backup) deleting old backups is extremely slow

Here’s a very quick note: I’ve been using the Restic backup tool with the SFTP backend for a while now, and so far it was great. Until I tried to prune some old backups. It takes two hours to prune 1 GiB of data from a 15 GiB backup. During that time, you cannot create […]

Lurch: a unixy launcher and auto-typer

I cobbled together a unixy command / application launcher and auto-typer. I’ve dubbed it Lurch. Features: Fuzzy filtering as-you-type. Execute commands. Open new browser tabs. Auto-type into currently focussed window Auto-type TOTP / rfc6238 / two-factor / Google Authenticator codes. Unixy and composable. Reads entries from stdin. You can use and combine these features to […]

multi-git-status can now hide repos that don’t need attention

I’ve added an “-e” argument to my multi-git-status project. It hides repositories that have no unpushed, untracked or uncommitted changes. Without “-e”: And with the “-e” argument:

Ansible-cmdb v1.26: Generate a host overview of Ansible facts.

I’ve just released ansible-cmdb v1.26. Ansible-cmdb takes the output of Ansible’s fact gathering and converts it into a static HTML overview page containing system configuration information. It supports multiple templates (fancy html, txt, markdown, json and sql) and extending information gathered by Ansible with custom data. This release includes the following features and improvements: Custom and host local facts […]

Umatrix makes the web usable again

As happens with all media, once corporations join in because there is money to be made, things quickly devolve into a flaming heap of shit. The internet is no exception to this rule. With the coming of Javascript and DHTML in the late 90’s, ads soon started appearing on the web. Not long after, pop-ups […]

Ansible-cmdb v1.23: Generate a host overview of Ansible facts.

I’ve just released ansible-cmdb v1.23. Ansible-cmdb takes the output of Ansible’s fact gathering and converts it into a static HTML overview page containing system configuration information. It supports multiple templates (fancy html, txt, markdown, json and sql) and extending information gathered by Ansible with custom data. This release includes the following changes: group_vars are now parsed. Sub directories in […]

Root your Docker host in 10 seconds for fun and profit

Disclaimer: There is no actual profit. That was just one of those clickbaity things everybody seems to like so much these days. Also, it’s not really fun. Alright, on with the show! A common practice is to add users that need to run Docker containers on your host to the docker group. For example, an […]

Search this blog: