This is followup to my local docker development environment described here https://github.com/Voronenko/traefik2-compose-template. In addition to classic dockerized projects, I also have number of kubernetes projects. Kubernetes is both resource and money consuming platform. As I don’t always need external cluster, solution I use for local development for kubernetes is https://k3s.io/.

This platform positions itself as a lightweight kubernetes, but truth is that it is one of the smallest certified Kubernetes distribution built for IoT & Edge trcomputing, capable also to be deployed on a prod scale to VMs.

I use k3s in two ways: I have k3s installed locally on…


When it comes to developing sites that use subdomains, this can be a challenging or boring task to set up in development because localhost isn’t a fully qualified domain name. You can’t just goto example.localhost. You either constantly edit /etc/hosts or setting up some dnsmasq in your local network.

So far most often used solutions by myself were http://lvh.me — a free service that resolves itself along with all subdomains to localhost, and similar to it service nip.io which allows to code ip address to resolve into domain name 192–168–1–250.nip.io, and thus allowing to generate letsencrypt certificate to mentioned domain.


I used to work with several startups recently. Authentication is present in any product you do. Authentication is not simple. Not hard in the development sense well-defined standards such as OAuth2 are complete, extensively documented and supported by an ecosystem of tooling.

Rather, authentication is hard to get right sometimes. There are number of limitations like time constraints, product owner concentrated on other features, budget constraints and so on. If you have some previously developed user subsystem which evolves from project to project — that is cool. Otherwise you are about to start yet another authentication subsystem for your project…


As I visit several IT conferences during the year, I am often given some perks and promos from service providers. This time I was given some code from IBM Cloud, dedicated to the cloud conference, thus on return decided to give it a try.

Most likely, when marketing@ibm.com issues such promo codes to developers and contractors, it expects that developers will consider IBM Cloud to their customers on a next project, but who knows.

Upon registration, you discover, that you are unable to easily apply promo code, thus you proceed with account upgrade, which involves entering credit card details. I…


Long long time ago I was using Evernote as a my personal knowledge base. I was collecting snippets of knowledge from my projects I was working on. One of the constant challenges was ensuring that I do not paste accidentally sensitive data as a part of the snippets. From other hand I was using only part of Evernote offering — mostly tree like notes organization and full text search to filter cards.

Since few years now I am having pet projects with extensive use of Jupyter notebooks. One day I asked myself — why not use Jupyter notebook as a…


Letsencrypt is nowadays very popular certificates authority.

It is standard de-facto for most of situations when you need green sealed certificate on your environment. New version of the API (v2) provides very nice way to issue wildcard certificates using DNS validation.

Although it is not recommended to put read/write dns credentials on a such environment, there might be exception that forces you to do so on a temporary basis.

Workaround below provides way to limit write scope of the credentials, when your domain is served by AWS Route53.

Let’s assume we want to create wildcard certificate for our staging environment


Simple proof of concept, how to share some sensitive variables between terraform and ansible in a way that allows committing into git, while also being reasonably easy to decrypt, and be used natively via ansible play.

Ansible

Let’s create some sensitive variables in ansible play, env-default-secure-vars.yml:

and encrypt this file using ansible-vault encrypt env-default-secure-vars.yml

Let’s check if ansible can work wish encrypted vars, using playbook

Terraform

Now let’s see how can we consume in terraform the same data ?

Fortunately, we have built-in provider external, that allows consuming json feed returned by external program

Let’s write shell routine…


Coming from unix world, I really enjoy so-called one-liners — easy to remember commands that do some useful bootstrapping.

Few examples from my dotfiles: https://github.com/voronenko/dotfiles

Saying, if I want to configure my favorite shell on some new VPS

or configure my dotfiles configuration on a more permanent box

That approach works pretty well on linux, thus when I have windows related work, I am trying to reuse similar approach. Few examples from my winfiles: script below configures my PowerShell profile on a new windows server, and optionally installs my “swiss knife” set of tools for the windows system.


Actually, this article is the memory for myself. Article describes notes on setting up network infrastructure with remote xiaomi mi gateways, so the openhab will still receive multicasts with sensors updates also from remote endpoints.

Network setup

If you are reading this article, you know, that xiaomi smart home gateway after some firmware update no longer provides REST interface for updates. Instead, it provides updates purely in local network using multicast to group 224.0.0.50 and port 9898. This means, that all updates are isolated now to local network only, and prevents one instance of openhab from controlling different sites.

Keeping in mind…


I had a bit of spare time on Friday, and come over proof of concept article on sending TextToSpeech to amazon echo.

Originally I was inspired by possibility to spell custom phrases on Amazon Echo by reading following article https://www.gehrig.info/alexa/Alexa.html

Unfortunately, example did not work for myself out of the box — shell login never worked for me w/o captcha, thus next three points are on getting right session cookies to run the demo.

This article is summary of findings, and might be starting point for some new experiments.

Cookies needed to work with “API”

To work with Echodot api via curl or wget, the easiest…

Vyacheslav Voronenko

Software engineer, with project management background. Founder @ softasap.com — cool automation for the people :) — have a problem that needs to be solved?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store