Lifestream

Posts from July 2017

06:33 utc jul 30 2017 permalink

I was first introduced to closures in summer '08 via #ruby blocks. This was probably the most magical moment I've ever experienced programming. That code was just another object you could pass around was amazing. Lisp would've been mind blowing. #history

05:46 utc jul 30 2017 permalink

when reading from stdin, ansible-vault encrypt_string does not trim trailing newlines, forcing one to use echo -n. #ansible knows this is a sharp edge and documents it, but they should do the right thing and make it consistent with password files #fail

05:44 utc jul 30 2017 permalink

in the quest to thin out the top-level directory sprawl in hyperbola, I got rid of .secrets. required rotating ansible vault password and rekeying everything because my password had single quotes, double quotes, and backticks (of course) #fail

05:36 utc jul 30 2017 permalink

#fail do not try to install ansible in a virtualenv in packer. you need a compiler. you don't want a compiler

01:41 utc jul 30 2017 permalink

the hyperbola + hyperbola-tools binary star monorepos is a common failure state, so I am told #fail

01:40 utc jul 30 2017 permalink

I just realized that by merging hyperbola-tools into hyperbola and converting my ad hoc ruby scripts to python, I moved to a monorepo and standardized on a language

05:23 utc jul 25 2017 permalink

6. addendum: since I already had a deploy script, it was straightforward to translate it to #ansible tasks

05:23 utc jul 25 2017 permalink

6. problem: bespoke deployment steps. deploy and cron run as lopopolo. deploy needs sudo password. solution: #ansible deploy_helper module

05:21 utc jul 25 2017 permalink

5. problem: environment names are inconsistent across tooling and deployment. solution: hyperbola_environment #ansible variable which parameterizes everything

05:20 utc jul 25 2017 permalink

4. addendum: I used #LetsEncrypt before migrating to AWS with a combination of cron, systemd timers, and dehydrated. ACM is easier, less error prone, and set-it-and-forget-it #win

05:18 utc jul 25 2017 permalink

4. problem: https is hard. solution: ACM + #terraform + ALB + CloudFront

05:17 utc jul 25 2017 permalink

3. problem: manual, bespoke server configuration. solution: #ansible, #vagrant, #packer, prebaked AMIs. immutable infrastructure

05:16 utc jul 25 2017 permalink

2. django-backup.py sucks. problems: email based, backup size is limited, unconfirmed delivery, plaintext transmission. solution: move media to versioned S3 bucket, daily RDS snapshots, logical backup json to S3

05:14 utc jul 25 2017 permalink

1. problem: python not running the latest 2.7.x release. solution: pyenv for local development and xenial (python3.5) + ansible + (future) deadsnakes ppa

05:13 utc jul 25 2017 permalink

I found a page in my wiki called hyperbola suckage 2015. This was a forward-looking list of gripes to fix as I moved from hyperbola1 to a new host #history

00:53 utc jul 24 2017 permalink

unexpectedly memory: I had to spoof my mac address to that of my xbox 360 so that I could register it on MIT's network #history

00:37 utc jul 24 2017 permalink

DNS is flipped and propagated! Live in #aws! #win

09:58 utc jul 22 2017 permalink

#aurora was much less forgiving with unique constraints than mysql. The schema for one of my utf8mb4 varchars had a max length of 255 and a unique index. It appears mysql silently truncates, whereas aurora complained the index was > 767 bytes. ~ #win

09:57 utc jul 22 2017 permalink

One source of difficulty was getting django, s3, vpc endpoints, and security groups to work together to enable s3 access from my backends #fail

09:55 utc jul 22 2017 permalink

my #terraform life became much easier by using name_prefix instead of name. name and name_prefix parameters were never interpolated. Instead, use interpolation in tags. In practice this means config can change without rebuilding the world #win