java – troubleshooting SSL/TLS truststores

Troubleshooting TLS issues involving a Java app can be difficult if the division of responsibility means that responsibility for the certs and truststores is not vested in a team with any Java skill.  This post is aimed at someone, like me, in that situation. SSLPoke Atlassian (JIRA/Confluence/Bitbucket) provide a simple program that does about as […]

wileyfox swift (crackling) squashfs fun

TL;DR It’s easy to get lulled into a false sense of security.  I bricked my Wileyfox Swift trying to install Lineage: with hindsight, should have tried harder to ensure I had a backout. I’d have tried using ‘dd’ to back up the ‘system’ partition, as the usual toolset (TWRP, adb, fastboot etc) don’t seem to […]

https using Cloudflare

Why? Lots of good reasons as of July 2018 posted here by Troy Hunt, including that the National Cyber Security Centre (part of GCHQ) says so here – the title of that blog post is ‘serve websites over HTTPS (always)’. As we state in our HTTPS guidance, all websites should use HTTPS, even if they don’t include […]

puppet apply #8 – puppet apply and hiera

Adding classes At present, puppet apply should look something like this: $ sudo scripts/puppetapply.sh + /opt/puppetlabs/bin/puppet apply –test –environment=local /etc/puppetlabs/code/environments/local/manifests Info: Loading facts Notice: Compiled catalog for clientname in environment local in 0.16 seconds Info: Applying configuration version ‘xxx’ Notice: Applied catalog in 0.09 seconds Let’s add back in the clientscope class. This will populate […]

puppet apply #7 – classification via hiera

Hiera introduction Hiera is used to store data. Roles and profiles are about code reusability, and separating data and code is probably the other main pillar of Puppet best practise. Hiera layers the data, allowing you to selectively mask values with others based on properties of the puppet client.  The trick is to pick useful […]