dodwell.us

I thought I’d share how I set up Nginx to proxy a private S3 bucket. I wanted to be able to password protect the contents of a bucket and without allowing any owner information of the bucket from leaking to the web user. A simple configuration can be used if you want to serve objects that are public: location ~* ^/s3/(.*) { resolver 172.31.0.2 valid=300s; resolver_timeout 10s; set $s3_bucket 'your_bucket.s3.amazonaws.com'; set $url_full '$1'; proxy_http_version 1.1; proxy_set_header Host $s3_bucket; proxy_set_header Authorization ''; proxy_hide_header x-amz-id-2; proxy_hide_header x-amz-request-id; proxy_hide_header Set-Cookie; proxy_ignore_headers "Set-Cookie"; proxy_buffering off; proxy_intercept_errors on; proxy_pass http://$s3_bucket/$url_full; } To setup nginx to...…

AWS Management Portal for vCenter enables you to manage your AWS resources using VMware vCenter. The portal installs as a vCenter plug-in within your existing vCenter environment. Once installed, it enables you to migrate VMware VMs to Amazon EC2 and manage AWS resources from within vCenter. The AWS resources that you create using the portal will be located in your AWS account, even though they have been created using vCenter. For experienced VMware administrators, AWS Management Portal for vCenter provides a familiar look-and-feel that will make it easy to start using AWS. For enterprises with existing VMware-based environments, the portal...…

Elasticsearch has a flaw in its default configuration which makes it possible for any webpage to execute arbitrary code on visitors with Elasticsearch installed. If you’re running Elasticsearch in development please read the instructions on how to secure your machine. Elasticsearch version 1.2 (which is unreleased as of writing) is not vulnerable to remote code execution, but still has some security concerns. …

I just had a little gotcha using Jenkins and trying to integrate it so that bitbucket can use git hooks to kick off builds on commits. So I thought I’d share how I managed to get it all working as to me it wasn’t that clear. Firstly I’ll assume you have a secured Jenkins instance setup and a repository on bitbucket. Once it’s working login to your jenkins instance as the user you wish to use to kick off builds and manually build a job you’ve configured. I’d suggest creating a user for functions like this. Lets call him ‘dodwmd_jenkins’...…

Turns out the kernel that’s currently shipping with trusty LTS causes most java applications to ‘bork’ when starting up. This is due to a kernel bug that was introduced in the Linux kernel around 3.12 and then fixed in 3.13.5. Unfortunately Ubuntu 14.04-LTS ships with kernel 3.13.0. I’d suggesting holding off on that upgrade for a little while longer. If you already took the plunge maybe the mainline kernel build might help you out. installation For 32-Bit Systems sudo dpkg -i http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.13.5-trusty/linux-headers-3.13.5-031305-generic_3.13.5-031305.201402221823_i386.deb http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.13.5-trusty/linux-headers-3.13.5-031305_3.13.5-031305.201402221823_all.deb http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.13.5-trusty/linux-image-3.13.5-031305-generic_3.13.5-031305.201402221823_i386.deb sudo reboot For 64-Bit Systems sudo dpkg -i http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.13.5-trusty/linux-headers-3.13.5-031305-generic_3.13.5-031305.201402221823_amd64.deb http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.13.5-trusty/linux-headers-3.13.5-031305_3.13.5-031305.201402221823_all.deb http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.13.5-trusty/linux-image-3.13.5-031305-generic_3.13.5-031305.201402221823_amd64.deb sudo reboot further reading https://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.13.5...…