Chop wood.
Carry packets.

If you work with code, wikis, and operational runbooks at the same time—especially with agents in the loop—you are not maintaining a single kind of document. You are maintaining a mixed knowledge base. Some pages are ...

Sometimes the work in front of you is not one long thought in a single chat. It is a set of independent tasks, each of which is large enough that you would happily give it its own CLI agent or automation session, but ...

A personal or team wiki does not stay healthy by accident. If you only add pages and never revisit them, you get the same failure mode as a repository full of unreviewed first drafts: the pile grows, trust erodes, and...

Just documenting current password strategy. Phasing out LastPass in favor of 1Password (I’ve already import into 1Password, but haven’t pulled the “delete” trigger yet). Both are set up with MFA at Authy (with cloud b...

It took me a while to get Connect server going with Kubernetes, here are my notes. I haven’t gone very deep on this, I’m just starting with 1Password in earnest (beyond the simple use cases).

Took me a while to figure out SSH keys (with passphrases) in CI. I do much of my work (in operations) with Ansible. Typically, secrets in CI are handled with environment variables. Suppose you need to SSH from within ...

My home is powered by Ubiquiti’s UniFi product line. I’ve been using the kit for, oh, probably 3 or 4 years now, and it’s been fine (there’s much to be said for things that just work). I don’t jump on the latest-and-g...

Over the last couple of days, I’ve been writing a custom Concourse resource, and I thought I’d take a few to walk through how I set up my local development environment. If you’re not familiar with Concourse CI, and yo...

The following article continues on the previous by introducing Patroni. The project source is located here. Patroni will add a layer on top of our Postgres cluster enabling high availability (automatic failover, failb...

The following article will walk through setting up PostgreSQL 10 on Ubuntu 18.04. We’ll set up three nodes, one leader and a pair of followers (replica). For the nodes, I’ll just spin up some Droplets on DigitalOcean....

Just a quick writeup on doing real TLS on a Ubiquiti UniFi Cloud Key with Let’s Encrypt and Namecheap. Last night, my Cloud Key was acting up, so I took the time to do what I’ve been putting off for years out of sheer...

Just dropping a quick entry about GitHub and deploy keys. In particular, working around the “you can’t reuse them” limitation:

I’m going to write about this, not because it’s overly complicated, but mostly because I always end up (re)Googling all of these things, regularly. The older you get, the less you tend to waste time with rote memoriza...

Just dropping a quick entry here to make mention of a couple of Prometheus exporters I’ve hacked together recently. Firstly, there’s a Speedtest exporter here. Next, there’s a Ambient Weather exporter here. They shoul...

I’m regularly finding myself working towards minimalism, in particular, when it comes to tooling. It’s quite a common problem nowadays to have many hundreds of secrets to use and manage (cough, rotate, cough!) on a re...