The Curious Dev

Various programming sidetracks, devops detours and other shiny objects

Jul 30, 2016 - 3 minute read -

Installing MoinMoin on Nginx and uWSGI

MoinMoin is a great wiki having used it on and off over the years. This post demonstrates how to get MoinMoin up and running with Nginx and uWSGI. Install nginx Simply install via package: yum install nginx -y Then configure /etc/nginx/nginx.conf with a section similar to this before the existing default section: server { server_name wiki.easyas.info; access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; location / { include uwsgi_params; uwsgi_pass unix:///usr/local/local/share/moin/moin.sock; uwsgi_modifier1 30; } } I’m using wiki.

Jul 2, 2016 - 7 minute read -

Static Hosting with AWS

This site is hosted from an AWS S3 bucket and fronted by the AWS CloudFront CDN service. Continuing a recent theme about security, I figured I’d provide an updated guide to configuring S3 and CloudFront hosting with the additional angle of securing with TLS. I briefly covered CDNs and CloudFront in easy wins for website performance. Essentially a CDN is a vast collection of servers distributed throughout the world in a way that they’re “close” to the consumers of the assets served.

Nov 7, 2015 - 4 minute read - SSL TLS Certificates Security Keystore

TLS Certificate Basics

Over the last few years we’ve seen a series of high profile SSL fails with names like Heartbleed, BEAST and POODLE which are based on various flaws in SSL and its various algorithm/cipher implementations. SSL (otherwise formerly known as SSLv3) is dead and has now all but been abandoned as essentially “not fixable”. TLS is now the only show in town with three active versions TLSv1, TLSv1.1 and TLSv1.2 (and TLSv1.

Oct 8, 2015 - 2 minute read - SSH PuTTY

SSH Tunnels with PuTTY

In a previous post I covered how I’ve been using PuTTY to get through the day, I decided to expand on it a little further and document a couple steps to bring a particular server’s ports closer to you … even if they’re firewalled away. An ssh tunnel can be explained quite simply as: an encrypted connection that is used to transport another protocol Single Server sshing into a server is one thing, but what if port 22 is the only practical accessible port due to firewall restrictions?