Fail2ban and Web Services

One of the problems of running my own servers and hosting my own sites is that for some reason people like to hack them and try to guess passwords with SSH. Fail2ban solves this problem by allowing only a few failed login attempts before banning the offending server for a specified duration of time. This…

Drone Secrets

I was really happy to see the Drone Secret’s page describe how to put secrets in a .drone.yml file.  Checking passwords into repositories is a big no-no. Still, there were some clarity in the docs I would have liked.  Here’s step by step. 1. Install drone Yep. This is the mac client.  I did the…

Secrets with Ansible: Ansible Vault and GPG

I was blown away last night at our Ansible PDX meetup by a great presentation by Andrew Lorente about how to track secrets with your applications.  Andrew gave a method of how to do this that I wanted to write down so I know how to do it.  Andrew has his own blog here where…

Blocking IP addresses from your server

My friend Shadd gave me a list of URLs that I should try to block so that I could allow comments back on this blog.  Back in November, my site was down because I was getting spammed like crazy.  I’m not sure this is the best approach, because I don’t want to alienate half the…