DEV Community: csgeek

Writing Updates

csgeek — Wed, 26 Jan 2022 15:19:35 +0000

I've been going back and forth on this with some friends and a few blogs that I write for a community.

When I learned how to write in school I learned a few grammar rules which are no longer valid.

Always put two spaces after a period.
List of items has no comma for the conjunction. aka item1, item2 and item3. Vs item1, item2, and item3.

They are minor grammatical rules that are so ingrained in my muscle memory that I can't shake them. Do you find that you have some habits that need updating since you started writing? Do they matter? Even when I was in school I think there were some updates to proper grammar rules in the 4 years I was in High School. Do you find any grammar rules or habits so objectionable that it'll make you close the tab?

What are your thoughts? #ponderingPenguin

Kubernetes SSL Letsencrypt

csgeek — Fri, 04 Jun 2021 16:49:58 +0000

Create An Application
Load Balancer
Certificate Manager
- Certificate Issuer
- Certificate
Update Nginx To Enable SSL

Assumptions:

You have some familiarity with Docker and Kubernetes

NOTE : Any yaml file that’s included, please apply it via kubectl apply -f file.yml.

Once you have an application up and running you’ll need to ensure it’s secure. We’ll be explore using letsencrypt to enable SSL. It’s a free certificate authority and makes it very easy to obtain a certificate. Naturally SSL doesn’t mean your app is secure, but it’s a great first step.

LetsEncrypt has two methods to validate the authenticity of the request in order issue a certificate.

HTTP Validation
DNS Validation

Since we’re running in K8s, if you do use DNS validation you’ll need to use a DNS provider that integrates with K8s. In order to make this guide more portable and to avoid tying us to any particular DNS provider, I’m going to use HTTP Validation.

Create An Application

Before we get started, we just need to create a simple application to test this with. We’ll install a hello world app running 3 replicas and a service load balancer for port 80. Here’s the yaml I’ve used below.

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: hello-world
  name: hello-world
spec:
  replicas: 3
  selector:
    matchLabels:
      app: hello-world
  strategy: {}
  template:
    metadata:
      labels:
        app: hello-world
    spec:
      containers:
        - image: docker.io/lsizani/hello
          imagePullPolicy: Always
          name: hello-world
          ports:
            - containerPort: 80
          resources: {}
      restartPolicy: Always
status: {}
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: hello-world
  name: hello-docker-svc

  namespace: default

spec:
  ports:
    - port: 80
      protocol: TCP
      targetPort: 80
  selector:
    app: hello-world
  sessionAffinity: None
  type: ClusterIP

status:
  loadBalancer: {}

Now, the IP address of the service is still internal so you won’t be able to connect to it unless you run the following command temporarily.

kubectl port-forward svc/hello-docker-svc 8000:80

After which you can connect to http://127.0.0.1:8000 and you’ll see something along these lines:

Load Balancer

At this point we need to actually expose this to the public. You’ll need to install an nginx-ingress Load balancer.

helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
helm install nginx ingress-nginx/ingress-nginx --set controller.publishService.enabled=true

Configure nginx to serve traffic on port 80. Please note the lack of SSL. We’ll revisit this configuration and add SSL in a later pass.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: hello-docker
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/ssl-redirect: "false"

spec:
  rules:
    - host: hello.demo.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: hello-docker-svc
                port:
                  number: 80

I’m using the DNS name hello.demo.com which is just an example, but if your K8s cluster is configured correctly you’ll get provisioned an IP address. Please update the config to use your own DNS value and have it match the IP address.

For example, if hello.demo.com doesn’t resolve to your external IP address this won’t work and it’ll fail to generate an SSL.

At this point if we navigate to http://hello.demo.com we’ll see the nice little hello world screen we’ve seen previously.

Certificate Manager

Now, we need to add a certificate manager. This is where you could choose to use DNS validation. As I mentioned in the intro, I won’t be using DNS validation to make this guide agnostic to the platform. If you do simply specify the correct options you install the helm chart.

Installing the cert-manager:

helm repo add jetstack https://charts.jetstack.io
helm repo update
helm install \
  cert-manager jetstack/cert-manager \
  --namespace cert-manager \
  --create-namespace \
  --version v1.3.1 \
  --set installCRDs=true

Certificate Issuer

There’s a Prod and Staging environment for LetsEncrypt. I installed both of them for convenience. Staging isn’t rate limited and allows you to debug/validate behavior without risking getting hit by a quota.

Staging

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-staging
spec:
  acme:
    # You must replace this email address with your own.
    # Let's Encrypt will use this to contact you about expiring
    # certificates, and issues related to your account.
    email: user@email.com
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      # Secret resource that will be used to store the account's private key.
      name: letsencrypt-staging-ssl
    # Add a single challenge solver, HTTP01 using nginx
    solvers:
      - http01:
          ingress:
            class: nginx

Production

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: letsencrypt-prod
spec:
  acme:
    # You must replace this email address with your own.
    # Let's Encrypt will use this to contact you about expiring
    # certificates, and issues related to your account.
    email: samir@es.net
    server: https://acme-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      # Secret resource that will be used to store the account's private key.
      name: letsencrypt-prod
    # Add a single challenge solver, HTTP01 using nginx
    solvers:
      - http01:
          ingress:
            class: nginx

At this point we have the ability to create a certificate. It will utilize which ever issuer we want. In the example below, I’m using the letsencrypt-prod which matches the definition above.

Certificate

apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
  namespace: default
  name: hello-certs
spec:
  secretName: hello-certs
  issuerRef:
    name: letsencrypt-prod
    kind: ClusterIssuer
  dnsNames:
    - hello.demo.com

If everything worked correctly you should be able to see the certificate via

kubectl get secrets hello-certs -o json

Update Nginx To Enable SSL

Finally now that we have a certificate, let’s enable nginx to use it.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: hello-docker
  annotations:
    kubernetes.io/ingress.class: nginx
spec:
  tls:
    - hosts:
        - hello.demo.com
      secretName: hello-certs
  rules:
    - host: hello.demo.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: hello-docker-svc
                port:
                  number: 80

At this point you should be able to connect https://hello.demo.com and get a valid response.

You can also check the validity of your certificate by testing it via SSL Labs I received in A+ for the certificate I generated

Local Email Development Service

csgeek — Sat, 24 Apr 2021 17:30:03 +0000

Whenever I've worked on any application that sends out emails it's always an issue on how to mimic the behavior on my local laptop. Usually wherever the app is deployed is configured to be able to just 'work'. aka you can send email by connecting to localhost with no auth.

Now, how do I mimic locally? In the past i've tried setting up postfix etc in a docker stack, or more recently doing an smtp relay using google services.

For reference the previous pattern:

#!/usr/bin/env bash 
docker run --restart always --name mail \
    -e RELAY_HOST=smtp.gmail.com \
    -e RELAY_PORT=587 \
    -e RELAY_USERNAME=user \
    -e RELAY_PASSWORD=secret \
    -p 25:25 \ 
    -d bytemark/smtp

This pattern requires you to enable unsecured application in your google account.

The new pattern I've started using of late is leveraging the wonderful tool called MailHog.

To set it up simply add the following to your docker-compose.yml file.

  mail:
    image: mailhog/mailhog:v1.0.1
    container_name: mail
    ports:
      - 8025:8025
      - 1025:1025

If your application is running in docker you don't need to expose 1025, if you're running your app outside of docker, you need to get to 1025 to send mail.

don't forget to bring it up via docker-compose up -d mail

At this point you just need to configure your SMTP settings.

Here's an example snippet that I used for my app.

reporting:
  to: [csgeek@anyemail-host.com]
  from: "donotreply@foobar.com"
  subject: "Report for things"
  hostname: localhost
  username:
  password:
  port: 1025

Main parts you should note is the hostname is localhost, and port is 1025.

Then once everything is done you can connect to port 8025 and retrieve your email.

LetsEncrypt SSL DNS automation with lego

csgeek — Mon, 22 Mar 2021 16:14:51 +0000

if you haven't heard about letsencrypt you should. If you're still serving all your traffic over HTTP you should stop and move over the HTTPS everything. Honestly at this point there shouldn't be any reason not to use SSL. The CPU/server cost is minimal and there is tooling that makes this trivial. I'm going to walk you through the process of setting SSL using nginx and we'll use docker for good measure.

Dependencies/Tooling

Some familiarity with the following tools would be nice to have but not required.

Docker
nginx
SSL

SSL

LetsEncrypt provides free SSL/TLS certificate for the world at large as long as you can verify that you are who you are. They have several tools that validate you, the easiest being running a web server, adding a DNS entry and so on. Certbot is likely the most famous tool that generates SSL certificate

Personally I prefer using Lego which is a letsencrypt written in Go. Partly I'm a big fan of Go as a language so I appreciate the developer's choice but also it lets me wildcard certificates and SAN very easily.

Although you can generate an SSL easily enough in order to get a wildcard DNS verification is much easier and simpler to use. Though you do need a more legit DNS provider that has an API exposed. Lego has a long list of supported DNS Providers. I have used Amazon Route53 and will likely move to a GCP one down the line, but honestly any of them will work fine.

What is very cool and special about SAN is that it creates a single certificate that supports multiple domains.

You can run this anywhere but in my case I have it setup in /etc/letsencrypt.

The first step is obtaining the certificate the first time.

cd /etc/letsencrypt
AWS_ACCESS_KEY_ID=SECRET  AWS_SECRET_ACCESS_KEY="SECRET"  lego --dns route53 --domains="*.foobar.org" --domains="foobar.org"   --email valid@email run

As you can see I created a wildcard and a foobar.org. It's a bit annoying but *.foobar.org does not cover the base domain. You can enumerate all your domains if you don't want to have a wild card. Example

cd /etc/letsencrypt
AWS_ACCESS_KEY_ID=SECRET  AWS_SECRET_ACCESS_KEY="SECRET"  lego --dns route53 --domains="www.foobar.org" --domains="foobar.org" --domains="mail.foobar.org" --domains="ftp.foobar.org" --email valid@email run

Once you have your certificate you simply need to ensure to renew it regularly. I created a simple bash scripts to do so.

#!/usr/bin/env bash
cd /etc/letsencrypt/
DOMAINS="domain1 domain2 foobar.org"
AWS_KEY=<CHANGEME>
AWS_SECRET=<CHANGEME>

for domain in $DOMAINS;
do
        AWS_ACCESS_KEY_ID=$AWS_KEY  AWS_SECRET_ACCESS_KEY="$AWS_SECRET"  lego --dns route53 --domains="*.$domain" --domains="$domain"   --email user@gmail.com renew
done

Using AWS has a bit of a cost for using their DNS providers, but with the 3 domains I have I don't think my bill comes to more than maybe $3/month. That's well worth it to me.

Ghost Web Site

version: "3.7"
services:
  www:
    image: ghost:4.0.1
    ports:
      - "8890:2368"
    restart: always
    env_file: .env
    volumes:
      - ./content:/var/lib/ghost/content/
  mysql:
    container_name: shared_mysql
    image: mysql:5.7.29
    restart: always
    env_file: .env
    volumes:
      - ./data:/var/lib/mysql

At this point we expose a port locally 8890 that is serving HTTP traffic.

We need a .env file that is referenced in the MySQL and ghost instance.

## Database Ghost config
database__client=mysql
database__connection__host=shared_mysql
database__connection__user=root
database__connection__password=testing
database__connection__database=ghost

##MySQL config
MYSQL_ROOT_PASSWORD=testing
MYSQL_DATABASE=gbfest


## Domain config
#url=http://0.0.0.0:8890
url=https://www.foobar.org

## Email settings Production 
## FILL THESE IN as appropriate
#mail__from=donotreply@domain
#mail__transport=SMTP
#mail__options__port=587
#mail__options__host=
#mail_options_service=SMTP
#mail__options__auth__user=
#mail__options__auth__pass=

At this point we can bring up the website using docker-compose up -d but to earn brownie points, we'll use a systemd file.

Systemd startup script

in /etc/systemd/system create the following file. We'll assume you have a local user named docker_user that ideally has a shell of /bin/nologin that's part of the docker group.

ghost.service file:

[Unit]
Description = Ghost Website
After=docker.service
Requires=docker.service

[Service]
Type=simple
WorkingDirectory=/home/docker_user/ghost
ExecStart=/usr/bin/docker-compose up
ExecStop=/usr/bin/docker-compose stop
ExecReload =/usr/bin/docker-compose restart
User=docker_user
Group=docker
Restart=always
RestartSec=3


[Install]
WantedBy=multi-user.target

At this point we can start/stop/enable using systemd.

systemctl enable ghost.service
systemctl status ghost

In otherwords, if you restart your computer your website will still come up.

Final Notes on ghost

At this point we're listening to traffic on http://localhost:8890 that we are not exposing to the internet because like good little internet samaritans we have firewall rules that prevents bad actors from getting in. But we do need to let people wanting to see our website access.

Nginx SSL Wrapping

If you haven't you should open up port 80 and 443 on your webserver. We won't be serving traffic on 80 but if someone comes on 80 we should redirect them and in order to do that we need 80 exposed.

in /etc/nginx/sites-available we're going to create the following ghost.conf.

server {
    # SSL configuration
    #
    listen 443 ssl;
    listen [::]:443 ssl;

        access_log /var/log/nginx/ghost_access.log;
        error_log /var/log/nginx/ghost_error.log;

        ssl_certificate /etc/letsencrypt/.lego/certificates/_.foobar.org.crt;
        ssl_certificate_key /etc/letsencrypt/.lego/certificates/_.foobar.org.key;

        client_max_body_size 50M;


        root /var/www/html/ghost;
        index index.html index.htm;

        server_name www.foobar.org;
        large_client_header_buffers 4 32k;

        location / {
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header        X-Forwarded-Proto $scheme;
            proxy_pass http://0.0.0.0:8890;
            include proxy_params;
        }

        location ~ /(data|conf|bin|inc)/ {
            deny all;
        }

        location = /robots.txt {
            allow all;
            log_not_found off;
            access_log off;
        }

        # Block access to "hidden" files and directories whose names begin with a
        # period. This includes directories used by version control systems such
        # as Subversion or Git to store control files.
        location ~ (^|/)\. {
            return 403;
        }


}

server {
    listen 80;
    listen [::]:80;
    return 301 https://$host$request_uri;

    server_name www.foobar.org;
}

Before this is finalized we need to enable the site.

cd /etc/nginx/sites-enabled
ln -s ../sites-available/ghost.conf 01_ghost.conf
nginx -t ## Validates config
systemclt restart nginx

We're essentially redirecting port 80 to 443 and creating a proxy that wraps all traffic around SSL and services traffic for www.foobar.org. That also means if we connect to our server by IP we'll get the default page rather then a valid website.

Backup Strategies

At this point you should be taking a regular SQL dump of your database, and backup the content of your ghost website. The ghost lab has a export for all your content which you should use regularly before doing any major operations.

Final Notes

I personally like using Google Storage for all my images content. I'm currently maintaining a copy of the ghost docker image with additional plugins so support GS with plans of adding S3 soon. You can find the source here and docker images can be found here. The tags are matched to the official ghost docker container.

Awesome Kubernetes Resources

csgeek — Mon, 15 Mar 2021 18:41:27 +0000

A much more comprehensive list can be found here. This is likely a subset of the items in that repo and a few additions of tools i’ve tried out or want to try out to make my K8s life easier.

CLI Tools:

Helm Kubernetes package manager
K9s CLI management tool.
kube-shell integrated shell environment

Cluster Provisioning

kind Docker based kubernetes deployment.
minikube VM based cross-platform kubernetes with addons support

Automation and CI/CD

flux 2

Development:

Hephy Developer workflow tool
Skaffold client side deployment

Testing/Troubleshooting

Backup/Restore

Velero

Service Mesh:

Istio

Certifications

killer Kubernetes Exam Simulator

Home Backup Solution

csgeek — Thu, 11 Mar 2021 18:04:23 +0000

Home Backup Solution

I setup a NAS a while ago using Arch Linux and ZFS migrating away from Synology. It’s really nice to control your data and be able to use more advanced tooling then the limited set of applications that are available from Synology.

I had S3 backups setup with Synology and wanted to create something similar on the Arch Server.

I have about 3 TB of data I want to backup and was looking for something that’s secure and is a bit more intelligent than a crontab of aws sync.

Also, on the off chance that my backup takes more than a few days, I wanted it to be smart enough to not execute two jobs at the same time.

Choosing Storage Solution

I was initially using S3 but firstly I find the AWS permissioning incredibly convoluted to manage. I started using GCP more so of late and I really like its simplicity. I ended up giving it a go and made sure to use the equivalent of their ‘cold storage’

From the available list of Storage classes I ended up choosing ‘Archive’

it Also seems to have a very reasonable pricing for essentially long term storage that does not need to be access very frequently as you can see below.

The other reason I chose GS (Google Storage) over S3 is because the tool I ended up choosing didn’t support S3 coldstorage backup.

Backup Service

Duplicati is a really cool project though it can be a bit tricky to setup. I ended up utilizing docker-compose and docker to get it up and running.

Here’s my simple little setup.

version: "3.7"
services:
  duplicati:
    image: ghcr.io/linuxserver/duplicati
    container_name: duplicati
    hostname: duplicati
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Los_Angeles
# - CLI_ARGS= #optional
    volumes:
      - ./config:/config
      - /backups:/backups
      - /tank:/source
    ports:
      - 8200:8200
    restart: unless-stopped

Please note the mounts. /backups is the destination where you want to store data. I’m mainly using it for the cloud storage so that is mainly pointless. /tank is my ZFS mount point which is mapped to /source and of course the configuration is exposed as a local volume.

Systemd Service

Place the following file under /etc/systemd/system/duplicati.service

[Unit]
Description = Duplicati
After=docker.service
Requires=docker.service

[Service]
Type=idle
WorkingDirectory=/home/docker_user/backup
ExecStart=/usr/bin/docker-compose up
ExecStop=/usr/bin/docker-compose stop
ExecReload =/usr/bin/docker-compose restart
User=docker_user
Restart=always
RestartSec=3
RestartPreventExitStatus=0
TimeoutStopSec=10

[Install]
WantedBy=multi-user.target

As you can see I’m running this as a special user I created with limited permissions only being used for running docker applications.

Let’s enable the service using:

systemclt enable duplicati

and of course if you haven’t done so already you should start the service.

systemctl start duplicati

BackUp Data

Once duplicati is running it’ll be accessible via at port 8200. My NAS’s local ip, is 192.168.1.200, so I can access it via http://192.168.1.200:8200

You should see something that looks like this:

Encryption

When you create a backup it’ll ask you to enter an Encryption key if you would like. GS is already private but the added level of encryption doesn’t hurt. Like all secrets make sure you remember the key in case you need it for disaster recovery.

Destination

The next screen lets you setup the GS bucket. You can use any number of alternative offsite solution ranging from a local backup, (s)ftp, S3, Azure, webdav and many more. You can find the full list here.

If you use GS, then authorization is made very simply by simply clicking on the Auth key will generate a token for duplicati to use.

Source

The next two steps i’ll skip over as they’re fairly straight forward. Just choose the Source data. If you remember you mounted your Raid/ZFS as /source and the destination if you did mount it should be /backup. Navigation has a mild windows feel with My Computer replacing the typical root but otherwise this should feel familiar. You can add a single or multiple paths.

Please note, that the output will be stored in a duplicati special format. You won’t be able to go to the backup location and simply look at the files without Duplicati restoring the data.

Schedule

The schedule is pretty easy to setup. Though it would be nice if they supported cron expression, I found their UI pretty flexible and configurable for every pattern that I was interested in.

Backup Retention

Finally the backup retention. You can set it up so backups older than so many days are deleted, or ensure that you have no more than N number of backups etc. Smart backup retention is pretty cool as well keeping one copy of the last 7 days, one copy of the last 4 weeks and one copy of the last 12 months. Personally since i’m storing about 3 TB of data as it is, I’m only keeping one copy remotely.

Final Step, Backup Duplicati

I also wanted to backup my Duplicati installation. Initially I had setup duplicati to save to my NAS as a local backup but since I need duplicati to restore it I ended up just adding a little cron + rsync to ensure that I have a copy of the settings in case I do something extra dumb and destroy my docker installation of duplcati.

References/ Requirements

Project Management Tools

csgeek — Tue, 19 Jan 2021 18:29:30 +0000

As a software developer I've been using Jira for a very long time and I do like it partly because of its features and partially due to familiarity. I do find the basic concepts from Jira missing in far too many project management tools.

I have gotten into conversations with other volunteers and developers about what to use and it seems everyone has a strong dislike for Jira/Atlassian but I have yet to find any tool that does just the basic things I need.

Requirement:

Sprint Support
A backlog (this seems to be very rare). Just to be clear, a column on your board named backlog isn't a backlog. I want a backlog that is out of view until we talk about the tickets then the 'board' is only items you need to look at.
A board with states / transitions. ie: ToDo, InProgress, QA, Review, Done etc...
Nice to have: Timeline / Gant chart to track dependencies.

At this point I've tried using: Asana, Trello, Wrike, Taiga and Jira.

Breakdown

Trello: a cute toy to get organized but becomes absolute nightmare to manager after a few months. Sprints and other advanced features are available via addons but they're basically hacks / after thoughts added in later.
Asana: nice idea but it seems to want to want to be too many things. Calendar, Forms, Inbox, Board etc. It does have some nice features.
Wrike: Same overly complicated and missing key features unless you pay. Various views to see the same tickets but not really a way to do sprints.
Taiga: The ONLY one so far that does a backlog. It fails in that it has too many issue types and the grouping is weird. Certain types of tickets/task/issues/stories are only visible in certain areas and you need to convert the ticket from type A to type B to pull it into the sprint and such. It is able to pull from github and does a 2 way sync which is very cool.

So at this point the only reasonable tool i've ended up with is Jira that it seems everyone hates but honestly I haven't found the features i need anywhere else. What do people use for real project management that isn't a toy short lived project?

The Toxicity Of Open Source

csgeek — Mon, 28 Dec 2020 19:37:22 +0000

My most recent experiences though really saddened me and exposed a certain toxicity in the OSS community that I really wish wasn't so prevalent.

I've been posting on and off on dev.to but I never introduced myself so let me preface this post with a bit about me to give some context.

I've been using open source and Linux on and off since the early 2000s. My first linux distro was Caldera 2.4 an old RPM based that was cool in its hayday and then turned towards the dark side with various different lawsuits against Linux that never went anywhere.

I've been involved in more Linux Users Groups, mailing lists and conferences then I can count. I helped start a Linux conference that's been running for a good while after I graduated educating and teaching people about the benefits of Linux and Open Source.

Though the pandemic climate makes it difficult to have the same experience. Planning a conference exposed me to open source and open culture in a way that going to LUGs never had. I had the opportunity to get a true grasp of what the Free Software Foundation (FSF) truly stands for and talk and meet with some of the key figures of Linux/OSS movement.

I've always appreciated Open Source because it provides me as a user with (first off an alternative to commercial programs) and the freedom to run, edit, contribute and share (the 4 FSF freedoms). I've always appreciated the freedom of choice that Linux has. Nobody needs 15 editors, but I really do love that there are 15 different ways to add 'hello world' to a text document.

We've built up a community that is all about the freedom of expression, freedom of choice, freedom to use code and software in anyway you desire with the appropriate permissive license. So it's always sad when you hear and see people bashing other users because they don't agree with their choices. Yes we have our mini flame wars of vim vs emacs vs nano. Some people take it a bit too seriously but at the end of the day most respect other's people choice to use whatever they like and move on. (I would like to think at least)

I volunteered to help with an Open Source conference and they rallied last minute to try and figure out what they could do this year since everyone is quarantined still. They spent their time and researched the best tools they could find given the time, resources, and skillset available to them and ended up choosing Zoom. I know, not my favorite tool either but at the end of the day, it's a well tested tool that works. They ran an entire 3 day event on zoom that had the founder of redhat, the fsf and so many more incredible speakers sharing their knowledge and expertise. Yet, somehow all of that was eclipsed by the rants about the platform they chose.

There were so many tweets and messages I ran across of that were complaining about the tooling. Yes, we know that Zoom isn't open source, but if we're using zoom to show a video from key figures in OSS speaking about relevant topics that is important to them and zoom is allowing us to share that content with a wider audience. Does it matter that much that it's closed source? If we value a user's ability to choose, shouldn't we actually let the people choose.

You can't scream from the mountain tops about how amazing Linux is, and how you appreciate the freedom of choice, then look condescendingly at the poor plebeian who chose to use Windows.

Sure, not my favorite operating system. I do find it limiting to my day to day tasks, but that's my experience. There might be a legitimate reason that an individual may NEED to use windows, or hell maybe they just like it. They honestly don't even need to justify their choice. They DO deserve to be able to say they are using windows, mac, photoshop, office or honestly any piece of software and any technology without being put on the defensive about it. There is nothing I can imagine that would hurt the Linux community more than this false sense to elitism that makes people dismiss others because their values or choices don't align with theirs.

I've gotten into so many conversation with people in the community about this. If you value the freedom of choice, then you can't be upset that the person's choice doesn't line with your views.

Am I completely off base here or am I missing something in the OSS community?

The year of the "Linux Desktop" will never come if every time someone is curious about our community we respond with antagonism, judgement, and all around toxicity. I'm naturally speaking about a vocal minority of the community but I do want to bring it to attention. Those few individuals no matter how brilliant and capable they might be are doing, in my opinion, more harm than good.

Newbie Question

csgeek — Mon, 05 Oct 2020 16:42:10 +0000

Maybe someone can enlighten me on this, I've seen multiple people create linked articles where it's a 5 part tutorial and such.

How does one associate two articles together? I actually just wanted to add an addendum but knowing how to create a multi-part series would be very helpful.

Github Actions vs Travis CI

csgeek — Tue, 22 Sep 2020 02:09:09 +0000

I was wondering if anyone would mind sharing their thoughts on Github Actions.

I've been using Travis CI for a while and it seems to work fairly well but every once in a while I really would love to use something that's more docker centric which I think Github actions is.

Travis CI

free for open source projects, you can easily set secrets to allow for a variety of different patterns. Downside is that it seems like what a bit of a blackbox on what version of X come with their images. Especially once you start doing Matrix configuration (ie. I need to run a python test, golang, and ruby test for my code base)

Github Action

Much younger than Travis CI. It seems pretty green when I tried it out initially but I am curious of people's thoughts on it.

I did notice that it was using a more docker based approach. So maybe it's worth giving it another go.

Thoughts? Comments? Any love or hate ? Open to other solutions, ideally free/OSS.

Blog Posting Platform

csgeek — Sat, 19 Sep 2020 19:24:43 +0000

I was debating between two platforms that essentially do the same thing which is take Markdown -> shiny.

Docusaurus

The first one I've used heavily for documentation purposes but rarely for blogging. It's a project from facebook called Docusaurus (Linking their beta version because its just so much prettier ).

I feel like it's more geared at writing docs than blogging, but here's the pluses.

Write once in MD and get pretty output.
Easy to deploy to github.io and other hosting sites.
I supports jsx so you can embed quasi html code inside your markdown.
Since it's a react app you utilize react component to enhance your blog.

Downsides:

Although it has advanced features like jsx and react components, the source .md will not really look right on github for example. You'll need to generate it to see the whole picture. (Though it's the price you pay for it)
I can't seem to manage to every spell docusaurus correctly no matter how many times I type it out. :\ personal issue.

Hugo

I haven't explored this fully but it's a markdown generator written in Go (big win for me). It's super fast though I doubt I'll need to worry about compiling 20,000 md files anytime soon.

There are also interesting tooling like Hugo Academic which provides an easy way of creating content. (Then again, VSCode works just as well for starting out )

It also seems to have a much wider array of themes to choose from, though most of them are giving me issues, likely a noob problem.

Any thoughts on these two or any other ones you'd like to toss in the mix?

Honestly the main goal is to write in .md push to some 'origin' self hosted version and able to also publish to say dev.to, medium, and other fun platforms i post on.

Rapid Development + Scaling Web

csgeek — Mon, 31 Aug 2020 21:19:56 +0000

What does everyone use these days for rapid development for the web?

I tend to have strong feelings against wordpress and similar CMS, but end up needing a CMS like features to allow people to post, login, moderate etc.

I'm not stuck with any technology but I know i'm not great on the frontend side, so I'd love to find something that's fast to get something out while not being a nightmare to scale up if we need to down the line (Like Wordpress for example )

--
csgeek