Curious redirect to HTTP after upgrade to NextCloud 15.02

While trying to get NC Talk to work I upgraded my Next Cloud server to 15.02 and got side tracked troubleshooting an interesting issue: why are my logins now being silently redirected to HTTP instead of HTTPS? I might not have noticed this as quickly if I hadn't disabled HTTP on the box years ago.

Edit: Updated on Feb 7 with new information

Navigating the registration process for the OSCP's PwK Course

I've signed up to take the Penetration Testing with Kali Linux course from Offensive Security and want to make a few notes for other would-be course takers on the process to get registered.

Recovering from a botched attempt at a side by side encrypted Ubuntu installation

I found some time this week to upgrade my laptop to Ubuntu 18.04 (from 16.04). To ensure I could still 'go back' if necessary I went down the path of installing a second hard drive to setup a dual-boot configuration. There's only one problem with this approach: the Ubuntu 18.04 GUI installer doesn't give users the ability to setup a second encrypted ubuntu installation side-by-side with an existing one, even if the target is a new disk.

This set me down a path of adventure and discovery!

Minikube + Cilium on Ubuntu 18.04

We're investigating Kubernetes network overlays at work and I am spinning up sample environments to try things out. One that stands out so far is Cilium due to the fine-grained access controls that can be enforced. They have instructions for how to deploy on Minikube, but it took some finangling for me to be successful with my deployment configuration (Ubuntu 18.04 Server running Minikube 'local' without vagrant).

To cut to the chase, skip to the end to see a deploy script that deploys everything in order.

How to Develop a Thunderbird 60 Add-On (2018)

I've had an idea kicking around in the back of my mind for the last few months to create a Thunderbird extension that will indicate if an email sender's domain was recently registered and alert me. With the poor state of Thunderbird add-on documentation it is a real struggle to get started with anything beyond the most basic 'hello-world' extension. This time I decided to double-down and fight my way through to develop a working (Alpha quality) plugin that accomplishes my design.

If you are thinking about developing an extension for Thunderbird 60 and would like some pointers, read on for my choppy journey through Thunderbird extension development. Hopefully one or more of the pointers will save you time

Private Docker Registry 'x509: certificate signed by unknown authority'

While setting up a new private docker image registry with certificates signed by an internal certificate authority this week we ran into an issue getting our docker nodes to communicate:

Error response from daemon: Get https://private.registry.tld/v2/: x509: certificate signed by unknown authority

Following the guidance on self-signed certificates from Docker did not directly address the issue.

Using NodeJS to Connect to Elasticsearch with a Private Certificate Authority

I was asked to help troubleshoot a NodeJS project recently where the team was encountering trouble connecting to an elasticsearch instance securely (via https/tls). They would get an error back about 'self signed certificate in certificate chain`. In examining further, we were able to come up with a client configuration for the elasticsearch library that addressed the issue.

Notes on Navigating an AWS s3 Glacier Restore

Yesterday marked a first for me: I had to restore a few objects from a large S3 bucket that was backed up to Glacier. Along the way I learned a few things:

  1. Objects sent to glacier permanently retain the GLACIER storage class
  2. If your S3 objects were replicated across an AWS Account boundary, you might not have 'full control' of your objects (but AWS will gladly let you pay them to store them)
  3. The AWS CLI is unhelpful when it comes to recursively copying objects that are restored from glacier

The objects can be restored and downloaded, it just takes some specific knowledge

Exploring the Qualys API with golang

This past week I've been getting to know the Qualys API by writing an integration with Go. Along the way I've found some quirks that are worth mentioning for anyone getting to know the Qualys platform at the API level.

To jump straight to the sample code repository, you can go to the qualys-api-samples repo on GitHub.

Get Started with SQLBoiler [SQLite]

Over the last year I've been learning the Go programming language and overall it's been a pretty positive experience- except when it comes to quickly and easily interfacing with databases. While Go does include a 'sql' package targeted at low level interaction with database backends, out of the box you are not provided with something higher level (think rails ActiveRecord). For higher level abstraction there are many community supported packages available, which makes it time consuming to try/test each one and see if it fits your needs. Today I'm writing about SQLBoiler, specifically about working with its SQLite integration.

Update (2018-10-25): Now includes instructions for building sqlboiler as well as sqlboiler-sqlite3 and ensuring both of them are in the same directory or system path before usage.