Two years of Manjaro Linux and counting

I grew up fond of the Linux operating system for a long time. I’ve been in my 20’s a die-hard fan of Debian and I’m still a die-hard fan for it whenever I’m put in the situation of installing a production-grade environment, tending to trust the community process that goes on there to validate the packages before they arrive to the “stable” repositories.

Long time ago, I was also a Gentoo fan, because being the owner of an dual-core Intel back in the time, I needed to effectively squeeze every CPU cycle out of the machine. I couldn’t afford switching PCs on an yearly basis. So I spend days if not weeks compiling and recompiling KDE until it fit my purpose.

Continue reading →

Wildcard DNS in Let’s Encrypt with Go.CD, Ansible, FreeIPA and S3

When I started working on my own home-cloud (a weird term for a small self-sustained, bare-metal paid cloud on Hetzner) I needed a way to have trusted SSL certificates. I really, really hate the warning messages of the browsers when entering an self-signed site. One of my goals was to use Let’s Encrypt, put HAproxy in front of any and all services and have HAproxy do the SSL termination (and even internally, to have all services use Let’s Encrypt signed certificates).

As part of this small architecture (based on Proxmox in a cluster configuration) it was chosen also to deploy a 5-node FreeIPA cluster to manage DNS mostly but also I took advantage of other IdM features. Another goal was to implement the wildcard DNS challenge so that I wouldn’t have to configure each and every sub-domain I required (there were a couple of TLDs and a miriad of sub-domains which I already forgot their names).

Continue reading →

Continuous delivery of infrastructure as code using Go.CD and Ansible

I’m fond of the CI/CD movement, mostly because I can quickly see the value in automating the build and deployment pipeline and getting a quick feedback and if all tests pass, a good feeling of reliability of the service I’m deploying. A few years ago I would’ve used Go.CD for both CI and CD pipelines and I have yet to see a project that does not benefit from this ideology in some way or form.

The history of Go.CD starts as CruisteControl, probably the first CI software that was built in this industry, long before Jenkins became popular. Born in ThoughtWorks, backed by Folwer & friends, originally named Cruise in homage to the original CI tool, but quickly renamed to “Go” to avoid the confusion.

Continue reading →

30 years of democracy, a documentary about the burden of being free

I was born in 1988. So I’m 31 going 32 next year and pretty much all my conscious life I’ve been part of the “new-found” democracy. I’ve seen my parents live, suffer, adapt through the changes in economy, even caught a glimpse of the inflation and how money was loosing value as each day passed by.

One typical journalism organization in Romania, called Recorder, recently published a 3-hour documentary on the 30 years of democracy and the burden that we’ve been through, as a nation, to sustain that idea. It’s well worth your time and I won’t spoil it here giving away the plot and history that it shows.

Continue reading →

My Beautiful Dacia, a story about a country and its car

I finally got over to watch “My Beautiful Dacia” (or in our language: “Dacia, dragostea mea” a 2009 documentary about the history of the Dacia car manufacturer but most importantly a mirror image of the country itself and how the different eras (communism and post-communism) have affected this brand’s capability to stay competitive in the car market.

Today, Dacia is recognized as a good and cheap brand of cars that will last you a couple of million miles. With a price tag around 12k euros in Europe (at the time of writing) is well within reach of most pockets. It’s amazing to see how this feeling of reliability has kept past the decades, as the same was said about the previous 1100 and 1300 models. It’s humbling to say the least to the efforts made by Romanian workers (and owners) to keep this brand alive to this day (2020) and for the years to come.

Continue reading →

The Rise and Fall of Nokia, a modern documentary on smartphones

I grew up in the mobile phone era. Go back almost two decades ago and it was the year 2002. I was saving money to buy myself a Nokia, after having owned an Alcatel. One of the most popular and still a motive for many memes today, the Nokia 3310 was the mobile phone that pretty much everyone had and they had it for years. Fast-forward 2010 or 2015 and people still held 3310 close to their heart.

A few weeks ago I got the chance to watch an interesting documentary “The Rise and Fall of Nokia” (by BBC) about this Finish unicorn company that pretty much revolutionized the mobile industry. Not in the sense of Apple (with touch-screens) but in the sense of making the mobile phone sufficiently easy to carry and “humane”.

Continue reading →

Sleepy town center of Ramnicu Valcea

Today late in the day we had to hop on in the car and go towards Ramnicu Valcea, the nearest town to where my in-laws have their house. My wife was not feeling good, maybe going down with a cold. She had a runny eye and it was bugging her for the whole day. Late in the day, she could not take it anymore so we went out to find a pharmacy.

We parked at River Plaza Mall. It was quite free in comparison to other days I’ve been there. Probably because it’s 23 of December and night. Malls in this country tend to be overcrowded, like we don’t have anything else better to do. Anyway, since we were very close to the town center we went upwards to an X-mass fair. The decorations attracted my attention, they were of very good taste, simple, light, not too dazzling (in comparison to Mioveni which is the most decorated city of all or Bucharest in some former years).

Continue reading →

Idempotent LXC with Ansible and Proxmox using “pvesh”

Back a few months when I started my Hetzner deployment of a small Proxmox cluster I checked to see if there was an Proxmox module for Ansible. And indeed there is one on the official documentation but as I was soon to discover, it didn’t work with my Proxmox 6 installation due to issue #59164 which got resolved (but is only available in 2.9.2 which my Debian-based Go.CD agents can’t see right now). Of course, I could install from “pip” sources and that would solve the versioning issue, but back then this was still an issue.

So what I wanted is an idempotent way of creating mostly LXC containers using Proxmox. Initially I wanted to go the REST API way but it was kind of complicated (in the sense of doing that from Ansible code). Secondly, there was the ‘pvesh’ CLI tool that we could use and based on the available “nextid” command I was able to “test” if the declared “vmid” existed:

Continue reading →

An year in review, my 2019

One of the hardest, longest, most tiring years I’ve had in my 30 years or so. Not even 2018 and our marriage could be compared to 2019. First of all, our son grew to 2+ years, becoming a toddler. With that, a whole heap of attention that we need to dedicate to him. It’s also the year I’ve changed two jobs, seeking something that keep me thinking. Passing through jobs I came to realize that happiness doesn’t stand in having challenge at work but in resolving small challenges at home, in your free time, on your own projects (technical) but also spending some time with your toddler now and then (I will admit I’m the geek-ish kind of father with not so much interest for goofing around).

On the bright side of things and financially, we were able to keep above sea water and pay-off some debts, including closing some credits. While the mortgage is an impossible one to pay up-front, small personal debts were shutdown this year. For me, that’s a good start for 2020 and I hope it gives me the piece of mind to wind-down and chill.

Continue reading →

Getting there …

Another midnight catches me tinkering away at my own little cloud on the Internet. Since renting these 6 machines in Hetzner I’ve been literally hacking away for the past month on setting things up fully automated (that means also dns-01 challenges for all my domains automated with Ansible + FreeIPA for the core services, DNS included and tightening up security).

Out of all 6 machines, given 6TB per machine accumulated 36TB on top of which I put a few volumes of Gluster, two of them as “backup” and “ha-vms-root-fs” as I called it. Understandably, one is for (local, fast recovery) backups, doh, one is to host HA VMs declared as “resources” in Proxmox so the cluster takes care of making them HA if one machine fails). The one for backups in addition to TLK (TurnKey Linux) which provides the “tlkbam-backup” cron.

Continue reading →