This past weekend, I was experimenting with MultiBoard, a 3D printed wall organizer system. Starting there, it's an interesting and useful product. I downloaded the starter kit and printed it. It's well-designed and flexible. As I was playing with the output, I was wondering how to appropraitely (and not necessarily …

Starting with a problem When looking through some recent updates to the Cartographica dependencies, I noticed that some of the updates were not being automatically merged, despite having passed all the tests. All told, not really a big deal, since all I would need to do is maually merge the …

As part of my recent work for automation VyOS, I've been working with Parallels in order to run versions fo the router locally for testing. My initial attempts were entirely manual: Look up the lastest rolling release on GitHub Download the ISO image from the VyOS website Create a new …

This past week, I upgraded my primary PostgreSQL servers from version 13 to version 16. The process was relatively straightforward, but there were a few glitches that I wanted to document here. My intention is to do this upgrade annually and usually stay a year behind the current release (mostly …

After the recent death of one of my long-running Juniper EX-2200Cs, I needed to find a replacement. I decided to go with a Ruckus ICX 7150-C12P-2X10GR, which is a 12-port PoE switch with 2 10G SPF+ uplinks. It's basically a rebranded Brocade switch. I'd been happy with the Juniper, right …

Given a bit of downtime waiting for my AC repair, I decided to take a look at the login and startup items on my Mac. I've not been having issues, but it seems like good hygeine to know what these are. Unfortunately, although the Open at Login section of the …

With Apple having now announced and made available for devlopers the next release of macOS (Sequoia), I wanted to put together a quick post (to be updated) on what I've found so far with macOS 15.0 beta and Xcode 16.0 beta. Automated tests were failing when I referenced …

As part of our move to more havily using VyOS, we've needed to update the vyos collections from ansible, due to some changes in some of the syntax for 1.4+ of VyOS. There are some pitfalls to setting up and editing ansible collections, especially ones that are for network …

Google Search is interesting. Over the past 2 months, over 2000 of my posts on this blog have been removed from the index. Not shockingly, it’s hard to tell why. Some of the stuff that got removed were original articles with analysis or opinion, and some of the ones …

I've been describing our Hashicorp Vault journey here at ClueTrust in a number of posts. Chief among the reasons to use Vault is its ability to generate and rotate credentials with specific systems and services. I've written before about PostgreSQL credential management using Vault, which has been quite successful. This …

I regularly use poetry in order to isolate development environments as I'm putting applications together. I've been happy with it, and there are a number of methods that I've developed for using poetry in various environments. For production, there are a number of different mechanisms used by people in the …

I've been very happy using Renovate (the free version) for use on my personal projects. I've previously discussed running it on one of my k8s clusters. Today, I was trying to deal with a very specific problem: I needed to track a dependency via git tags, instead of tracking the …

After upgrading to Sonoma, I started occasionally (and then repeatedly) noticing warning messages and errors related to cloud files in my laptop and desktop machines in the area that is for iCloud. The specific files aren't important, although they seem to be related to applications (mostly on the phone) that …

The first time I did this I didn't document it very well, causing the next time to be more time consuming, so her'es the rundown. It's not a secret that we use some older Dell hardware as servers in our datacenter. We've been pretty happy with it since switching away …

Distroless images are all the rage in the container space these days due to the reduced attack surface. This is great and also results in much thinner images. But, when an image isn't behaving it can cause some additional trouble as you try to figure out what may be missing …

When using dynamic database credentials with Flask, we need to make sure that the flask instance picks up the right credentials, renews them when necessary, and uses the right roles. My flask code is pretty embedded with the database changes here, so pardon the dust, but I think it's relatively …

When I was confirming the configurations for my vault management of database credentials, I used a local postgresql and vault server. This may also be useful for development (especially testing code that may exercise the vault and database interactions). This can make it relatively easy to watch all of the …

This is part of a multi-part series on using postgres databases, vault, and a variety of other tools to effect short-lived database credentials for real use. As postgres uses user and role interchangably, so will I, although I'll generally try to use user to refer to a role with login …

When using dynamic database credentials with Django, we need to make sure that the django instance picks up the right credentials, renews them when necessary, and uses the right roles. This post includes the background and the necessary code. Migration and creation Migration and creation provide special problems because of …

This morning I had the need to change the IP address configuration for the load balancer in our k8s cluster. The basics of changing the main pool in metallb were straightforward enough, but when I applied my changes, I didn't get what I needed. So, what happened? Originally, I wasn't …