DevOPS

I was thinking about migrating some cloud services into Terraform, but we seemed to have too many domains. So I wrote a small python script that takes a domain, then using doctl (the DigitalOcean command line) it extracts all current records. After that it outputs the file into tf and also gives a import command to import the current state in Terraform state.

Using a GoPro as a stream source over Wi-Fi? What about streaming from SLOBS to two Twitch channels at once? Having a dedicated recording machine? Streaming to multiple platforms? Maybe even host a LAN party with a commentary stream? You can use RTMP and a custom ingest for streaming. This way you are able to accomplish what you want. In this article, I will guide the setup and show examples for the different use cases. It can be a bit technical for most people, but I will be happy to help if you have questions.

This document will get you step by step through the generation of a GPG smartcard key, with the correct subkeys for use on a smartcard like OpenPGP smartcard or the Yubikey. This will also allow you to use your GPG Authentication subkey for SSH support.

The following script takes a Bind9 zonefile, gets all AAAA records from it and generated PTR records based on them.

What you need to do:

1. Edit the Zone header in the script.
2. Run the script with ./generate_v6_ptr.sh /path/to/zonefile.zone

This will output the zones on STDOUT. If you want to save this to a zonefile, you can use this example: ./generate_v6_ptr.sh /path/to/zonefile.zone > /etc/bind/ip6.arpa.zone

When you run an LDAP server you want to use it to authenticate as much as possible using this system, either to comply with security policies or make it easier for users to login using one authentication method. If you use the Apache2 webserver you can setup HTTP Basic authentication with LDAP. In this tutorial I will show how I accomplished this.

Thanks to the new VPC functionality in DigitalOcean can be used to provide Kubernetes with a static external IPv4. This can be handy in cases where you need to deal with IP whitelists, for example, if you use your Kubernetes cluster as a CI building tool. However, this requires some config setup and a privileged pod running on each node to automatically update the routes. This article will help guide you through the setup.

So you got an OpenLDAP server running? Great! Now you want to connect it to as many systems as possible to ease the burden of managing users and authorization. However, you also want to allow SSH key authorisation managed via a central place. Can LDAP be used for this? This article will help you get started to set this up in your organisation.