More secure deployments via ssh

2020-08-21 Infrastructure Linux Deployment Niclas Roßberger

If we deploy an application automatically we have to grant the CI (Continuous Integration) access to the server. Common practice is to do that via a GitLab Runner or a ssh account on the server. Personally I would not recommend to use a GitLab Runner for deployments, because you have to maintain it. Another potential issue is, that you normally register runners for your whole GitLab instance or groups. That results in a scenario in which everyone can use that runner and accidentally (or not) destroy, for example, your production server. Continue reading

Handling server configurations

2020-07-15 Infrastructure Niclas Roßberger

1. IntroDuring my work as a programmer I often encountered that configuration and infrastructure files only lived on the servers they belog to. If they had a copy in git, the states would always divert over time. One reason for this diverting is that you actively have to put the changed files in git, after you finished your work. It’s simply a thing you can forget. What do I mean by "infrastructure files"? Continue reading

Switching to Hugo

2020-06-17 Infrastructure Niclas Roßberger

If you see this post, my wordpress blog is gone. My Blog now uses Hugo. I really like formats like Markdown and AsciiDoc. These formats are expressive and you can edit them with every editor you want and don’t need expensive licenses, like for Word or similar. Another advantage is that you define what should happen by writing and not by clicking a button and hoping the programm does what you intended to do. Continue reading

Install cmake 3.11.1 on Ubuntu

2018-04-17 Infrastructure Linux Ubuntu Niclas Roßberger

Sometimes you just want a newer version than ubuntu ships. This code will update cmake to version 3.11.1 or any other version you want.

Automatic VirtualBox module signing for UEFI

2018-04-17 Infrastructure Linux Ubuntu Tutorials Niclas Roßberger

These steps are for all those people who hate to sign the Virtualbox modules every time and don’t want to disable UEFI.

Writing a basic Qt project with Qt Creator

2017-01-02 Programming Qt Tutorials Niclas Roßberger

I’m assuming you are already able to program and at least had a look at C++. For example I won’t explain why int main(int argc, char *argv[]) is in the C++ source code.

If you create a "Qt Console Application" you will have the following code:

Ubuntu: automatic password for second encrypted disk

2016-12-15 Infrastructure Linux Ubuntu Tutorials Niclas Roßberger

I just encountered the problem that I have to type two passwords at startup, for two encrypted disks. My first disk is encrypted through the Ubuntu installer. After some searching I found the perfect solution for that task. In German its called "Schlüsselableitung", in English derived keys. But perfect solutions often have a big issue why they don’t work, like here. I’m using Ubuntu 16.04 which uses ´systemd´, and that has problems with derived keys. So I found the second most perfect solution for me, using a key-file. Some people argue that this is a security issue, but the derived key is also obtainable with root rights, just like a key-file. And by the way, your private keys of your certificates are also stored on that disks and nearly nobody complains about that.

Older posts