Ansible local_action privilege de-escalation or: how to wait for a reboot

I increasingly use Ansible not only for glorious tasks like setting up my various VMs I use for prototyping but also for mundane things like resetting my personal laptop every time I get a new one or break it (dedicated readers of this blog will know me to do that a lot [2],[3],[4]). Most of … Continue reading Ansible local_action privilege de-escalation or: how to wait for a reboot

Securing a development server

In this post I talk about setting up and securely operating development tools like Jenkins and Gitlab on a server connected to the internet. All applications run behind a firewall and a reverse HTTP proxy which allows only HTTP requests from selected users through who authenticate themselves with client certificates. Putting web-facing software on the … Continue reading Securing a development server

Running varnish as unprivileged user

Since I haven't found any documentation on the topic of running varnish as non-root, I proudly present: how to run varnish as non-root. A warning ahead: this will require fiddling with init scripts, so make sure to keep backups. Also, scripts will be overwritten with each package update. Changes to /etc/init.d/varnish Ulimit calls are not … Continue reading Running varnish as unprivileged user

Eclipse/SVN keeps asking for keystore password on a mac

For my current project I'm working on a Mac and Eclipse kept asking for the OS keystore password every time SVN was accessed.  The eclipse error log says: "StorageException: No password provided." While I am sure that there are proper solutions to this problem, relaxing a constraint in the OS keystore did the job for … Continue reading Eclipse/SVN keeps asking for keystore password on a mac

sshfileuploader: uploading large files over ssh over an unreliable connection

I'm having for the last month a very bad internet connection which makes it almost impossible to upload files anywhere: drive, facebook or WARs to my toy server. Especially the latter one is really annoying as the SSH connection will really abort with an ugly network error. I suspect a misconfiguration in the TCP/IP settings … Continue reading sshfileuploader: uploading large files over ssh over an unreliable connection

mdadm woes

After migrating a software RAID 5 to Ubuntu LTS 12.04, the system wouldn't come up again after rebooting. I believe Chris Siebenmann to splendidly have analysed [1] the problem: a race condition with udev losing the race. His solution is to: Change /usr/share/initramfs-tools/scripts/mdadm-functionsas follows: degraded_arrays() { + udevadm settle mdadm --misc --scan --detail --test >/dev/null … Continue reading mdadm woes

Tomcat, Eclipse, Spring and reloading

As a  webapp gets bigger the time it takes to boot also increases which is a serious factor contributing to decreased focus and productivity when programming. When running Tomcat with Eclipse, the web application may restart even for the most trivial changes incurring long pauses. I found the following settings for Tomcat to minimize restarts … Continue reading Tomcat, Eclipse, Spring and reloading