Lets Encrypt

Bootstrapping Hyperledger Fabric 1.0

Aug 8, 2017

I am proud to say that I have been working with the Hyperledger Fabric project nearly since it’s inception almost two years ago. While frustrating at times in the beginning (as is the case with most open-source, popular, and pre-alpha software), I have grown to enjoy working with the Fabric. It has improved my skills in a variety of areas such as golang, docker, encryption, pkcs11, continuous integration, and many more. Since the Fabric recently went 1.0, this blog post will focus on how to bootstrap the fabric without the aid of cryptogen tool.

Syncthing - Why You Should be Using it

Apr 4, 2017

Choosing a secure file syncing application has never been easier. After evaluating a variety of options such Dropbox, OwnCloud, and Seafile for over 5 years, the journey is finally over. I have found the best option - Syncthing. Let me explain why you should consider it.

Building Tiny Secure Docker Containers

Mar 3, 2017

It’s very tempting to use the most popular Linux distributions as a base for docker containers. In fact, most of the time, that is actually a good idea. However, when trying to build the most secure container possible, at the lowest possible size, these base images become bloat. Why include libraries and other binaries in your docker container if your application does not need them?

x509 Certificate Manual Signature Verification

Feb 2, 2017

While going through the manual of openssl, I thought it would be a good exercise to understand the signature verification process for educational purposes. As a fruit to my labor, I would also develop a simple script to automate the process.

Ansible - Interacting with external REST API

Jan 1, 2017

Ansible has many powerful modules. One of which is called uri which is capable of sending any kind of HTTP request. Using this module, it is fairly simple to allow ansible to intelligently talk to a REST API. This will come in handy during for automation of the sensu monitoring docker infrastructure I am currently working on.

OpenSSL - Reference

Dec 12, 2016

OpenSSL is quite and extensive project. The docs for the cli (openssl commands) gives you an overview on just how many things you can do with openssl. Knowing openssl is essential in the security field. I will use this post as a reference for frequent things I do with openssl and update it when needed.

Hardening Nginx

Jul 7, 2016

Nginx is a great web server which offers very high performance with little resource consumption. This makes it ideal for docker containers, small embedded devices, or even just dealing with a ton of connections. I also often use Nginx’s powerful proxy capabilities. Nginx is one of those applications I use quite often, pretty much for anything related to http(s). Having said that, it becomes very important for me to be able to deploy this in a secure manner.

Let's Encrypt Muli-Domain Across Unique IPs

May 5, 2016

Let’s Encrypt is awesome! This service allows you to automate the retrieval of as many valid TLS certificates as you wish, as long as you can “prove” that you own the domain. One of the first proofs that they offered was the http-01 challenge. This proof works by essentially sending your domain a random HTTP GET request string which your lets-encrypt client must receive and send back.

Docker Storage Driver - Devicemapper

Apr 4, 2016

Docker relies on storage engines to layer images. The default storage driver depends on who packaged docker for your OS. Fortunately, it’s not too difficult to change; However you may lose your images and containers so it’s best to decide on a driver when you begin.

MemSQL - Cheatsheet

Apr 4, 2016

MemSQL is a cool distributed In-Memory Database which offers high performance, sharded horizontal scale-out design, High Availability (with Enterprise edition), and the familiar SQL syntax. It also ships with a great looking GUI that displays most of information you need to know about your cluster.

Let's Encrypt Muli-Domain Across Unique IPs

gbolo

Bootstrapping Hyperledger Fabric 1.0

Syncthing - Why You Should be Using it

Building Tiny Secure Docker Containers

x509 Certificate Manual Signature Verification

Ansible - Interacting with external REST API

OpenSSL - Reference

Hardening Nginx

Let's Encrypt Muli-Domain Across Unique IPs

Docker Storage Driver - Devicemapper

MemSQL - Cheatsheet