I attended SoCraTes 2017 in Soltau. SoCraTes is an “Unconference”, where the participants set their own agenda and come up with topics for their sessions. Sessions can be presentations, workshops and open discussions. Here are the notes from some of the sessions I attended: Programming Exercise: Banishing State The example of this exercise was taken from a real-life project: A book indexing service that takes keyword/page number pairs as input and outputs either the page number, a range of page numbers or nothing, depending on previous inputs.
By default, many Vagrant boxes install a SSH key for the default user of a virtual machine image. This is fully transparent and you can log in to the machine with the vagrant ssh command. But what if you want to log in with the standard ssh command, connect with rsync or run an Ansible playbook? This article shows how to find and reuse the connection parameters for your Vagrant box.
Encrypting credentials like SSH keys or database passwords and putting the encrypted file in a semi-public Git repository is both convenient and scary. Convenient because every user of the repository only has to know only one password. Scary because you now rely on encryption and passwords instead of other security practices. So the question arose in my team “Assuming there are no implementation errors, how secure are Ansible Vaults?" Since the first 10 Google results did not answer this question quick enough, I decided to read the source code and answer the question myself.
I attended the Wikimedia Hackathon 2017 in Vienna. This is a summary and review of what I learned there while working on the prototype of the “Advanced Search Form” extension for MediaWiki. The first hurdle for working on the feature was setting up a MediaWiki environment. The recommended way is the Vagrant environment, but I’ve had bad experiences with that in the past and did not want do download tons of stuff over the conference WiFi.
This article will teach you how create user accounts with the configuration management software Ansible. You will learn how to create users with passwords, SSH-only users and users with temporary passwords that must be changed. Some background on passwords on Linux The file /etc/passwd hints at passwords, but stores only an “x” or other character where the password has been stored historically. The real passwords are stored in the file /etc/shadow, in a hashed format.
My last PHP update broke Spress, the static site generator I use for this blog. I decided to move my blog generation to a more stable and portable environment - a Docker container. I’ve documented what I did and what I learned with this blog post. This is my first attempt to do something with Docker, please excuse any bad practices. You can find the finished Dockerfile at https://github.com/gbirke/spress-docker. Writing the Dockerfile FROMphp:alpineAs the base image I’m using the alpine variant of the official PHP Docker image to keep the storage space for the image as small as possible.
Test-driven driven development in PHP can become a pain when you’re dealing with the file system. The builtin functions like stat, getfilemtime, fopen and fgets assume the existence of actual files. Until now, I assumed you’d have to add a library like FileFetcher, Flysystem, Gaufrette or vfsSystem to your dependencies. While those libraries are nice, they are additional dependencies and some add additional capabilities like caching or providing a unified interface to cloud storage.
Your Git commit logs provide a good approximation of your habits and time zone: When you sleep, if you are working full time, which projects are private and and which are work-related (weekend vs workday commits), when you go to lunch, etc. By setting the environment variables GIT_AUTHOR_DATE and GIT_COMMITTER_DATE before committing, you can change the recorded time of a commit. But always setting those variables before committing becomes tedious, so I experimented with a shell function that sets the environment variables for me.