using nginx to proxy private amazon s3 web services

I thought I’d share how I set up Nginx to proxy a private S3 bucket. I wanted to be able to password protect the contents of a bucket and without allowing any owner information of the bucket from leaking to the web user. A simple configuration can be used if you want to serve objects that are public: location ~* ^/s3/(.*) { resolver 172.31.0.2 valid=300s; resolver_timeout 10s; set $s3_bucket 'your_bucket.s3.amazonaws.com'; set $url_full '$1'; proxy_http_version 1.
Read full post gblog_arrow_right

aws management portal for vcenter

AWS Management Portal for vCenter enables you to manage your AWS resources using VMware vCenter. The portal installs as a vCenter plug-in within your existing vCenter environment. Once installed, it enables you to migrate VMware VMs to Amazon EC2 and manage AWS resources from within vCenter. The AWS resources that you create using the portal will be located in your AWS account, even though they have been created using vCenter.
Read full post gblog_arrow_right

insecure default in elasticsearch enables remote code execution

Elasticsearch has a flaw in its default configuration which makes it possible for any webpage to execute arbitrary code on visitors with Elasticsearch installed. If you’re running Elasticsearch in development please read the instructions on how to secure your machine. Elasticsearch version 1.2 (which is unreleased as of writing) is not vulnerable to remote code execution, but still has some security concerns. further reading http://bouk.co/blog/elasticsearch-rce/

integrating bitbucket and jenkins

I just had a little gotcha using Jenkins and trying to integrate it so that bitbucket can use git hooks to kick off builds on commits. So I thought I’d share how I managed to get it all working as to me it wasn’t that clear. Firstly I’ll assume you have a secured Jenkins instance setup and a repository on bitbucket. Once it’s working login to your jenkins instance as the user you wish to use to kick off builds and manually build a job you’ve configured.
Read full post gblog_arrow_right

ubuntu lts "trusty" affected kernel bug

Turns out the kernel that’s currently shipping with trusty LTS causes most java applications to ‘bork’ when starting up. This is due to a kernel bug that was introduced in the Linux kernel around 3.12 and then fixed in 3.13.5. Unfortunately Ubuntu 14.04-LTS ships with kernel 3.13.0. I’d suggesting holding off on that upgrade for a little while longer. If you already took the plunge maybe the mainline kernel build might help you out.
Read full post gblog_arrow_right