I sometimes see questions like "Which certificate should I get?" or "I'm planning to get X, does it worth the price/work I invest?" in forums/reddit. Most of the time I also can't answer it, because I am not really sure if my RHCE certificate helped me or not. It will also expire few months later. And after giving some thought, I've decided to let it. Even though I understand "It will be a clear sign about how well I know what I am doing" theory behind it, if I were hiring someone technical, a certificate wouldn't slightly change my idea in any way.
I've been playing with Nixops lately. Wanted to deploy a nixos server to Vultr (since it's my current provider). Nixos ISO was in the list of ISO's you can attach. After a small search, I've found a cool script on GitHub to bootstrap the environment properly. Yet, I wanted it to be encrypted (yeah I know, entering password on boot..) and forked it to make securestrap ¯_(ツ)_/¯ I like how easy the whole declarative stuff is.
When I was new to Linux, I settled on Debian unstable after trying some of the popular distros. Ironically it was so stable that I got bored and switched to Gentoo. And for about a year, since our infrastructure is largely consist of Debian on my workplace, I was using Debian again. And here I am, craving for another toy to play with. Since I like to learn new stuff by getting my hands dirty, I looked up for something new.
If you're working on multiple computers/servers, managing your personal config files is a hard task. And as a sysadmin, I need my settings to be as global as possible. Many people are uploading their dotfiles under GitHub or some other public place. This has downsides, at least for me, since one can easily have private information embedded inside these files. Some people synchronizes these files to cloud services like Dropbox.
I am on Linkedin for quite long time. My profile setting about recruiters is always "Open", even when I am not looking for a job, which causes all kind of weird queries to fill my inbox. This forces me not to care, when I feel like the message is a cheap copy/paste template starting with my name, I just press the "No" button. But on this post, I'd like to introduce 5 main categories of recruiters who are reaching me all the time, since this became entertainment for me after a while:
I was using DigitalOcean for more than a year and I was pretty happy with it. And the performance déjà vu hit me again: Server got slower and slower, eventually forced me to increase the specs. Since I was paying more, I wanted to test other providers. Instantly I realized grass is greener on the other side. I switched to Vultr... If you're doing the same performance hungry stuff, you can feel the change very easily.
On this post, I just want to rant about how internet sees you: A significant, yet unimportant data mine. Oh, also this topic is popular nowadays, thanks to the report from The Guardian. I just read the statement of Zuckerberg, which somewhat feels like babysitting. Whatever, this is a way bigger problem than Facebook. Every service we use today, is either run by: A company who sucks every bit of data from you; information, behavior, interests, social interaction, personal preferences for every situation (political, economical etc.
I recently bought a Yubikey, mainly to force myself to lean on the security/crypo topics a bit more. So far it seems working, since I now have a shiny gpg key, which has subkeys for signing/authentication under it. Also programmed one of its slots to use HOTP etc. While examining to see what can I do more, I realize gpg-agent has "ssh-agent emulation" feature. So I can export ssh public key from my gpg/auth key and use it to authenticate while logging in to servers.
Sometimes you need to run an ssh-agent if you're deploying something which requires ssh keys. Running is easy, you generally do something like: eval `ssh-agent` && ssh-add (some key) And if this is an automated process, you may realize your server has tons of ssh-agent processes after a while. You might want to kill the created agent, and you'll probably try doing with that SSH_AGENT_PID enviroment variable. I don't know why, and I hate to inspect, this approach fails.
I've recently switched to Firefox Quantum. It was not an easy task, after all I was using Chromium since version 3 or something (maybe from 2010, not sure). I've watched a nice browser getting bloated with corporate ideas and I wanted to give Firefox a try after long time, especially with all the hype which was going on after rewriting their engine via Rust. The rewrite seems invalidated most of the extensions by not having the backwards-compatible flag (but being a Chrom{e,ium} user means I'm not used to have customization), I had few extensions to run anyway.