Hi there 👋

I have a major problem - I use too many git services. I have projects on github, gitlab, an internally hosted gitea instance and just the other day I thought about checking out forgejo. For the most part this is “ok” in that as a serial side-project abandoner I’m not dealing with all these at the same time… however I’ve decided to get my life together and make a decision The Decision Moving forward, github will be my primary service. ...

Falling out of love I work on a mostly legacy codebase, this means there’s more cruft and weirdness than you can shake a large stick at. Oh and it’s Java, so that’s enterprise cruft and weirdness. You want to add a parameter to some config? You fool! That’s 16 classes each with 3 overloaded constructors you need to edit… Now as it turns out I don’t feel like I actually do that much development these days but if anything that’s part of the problem. In the not too distant past I used to run home or, during The Event, remain at home and spend another few hours messing around in code or other code adjasent activity. I’ve always enjoyed learning new languages. I enjoy seeing the same problems solved in different ways and trying new ways of doing things. You wouldn’t believe how many dead side-projects I have… double the number you’re thinking of. Don’t get me wrong, I’m not blaming work for my situation. I enjoy my job ( that’s what I keep telling myself anyway ) and I find it mostly rewarding. Ultimately I think I’m bored and Iv’e been struggling to get back on the horse. There’s one thing I’ve noticed though, of all the dead side-projects and toys I’ve written, I keep coming back to one and that’s the SSH CA Server I started a while back in Go. ...

I recently decided to move this site from https://blog.st2projects.com to https://st2projects.com but I still wanted the blog url to redirect to the new location. This was easier than I thought seeing as this site is hosted on Gitlab Pages. Updating Gitlab Pages First of all, I needed to re-configure my site on Gitlab to be served from the new URL. Part of this process is adding the DNS records shown so at the same time I deleted the blog.st2projects.com record as it’s not needed any more. ...

Working in teams is hard, people are hard, but there are things that can make it easier. The morale in my team is pretty low at the moment because I don’t think we’re doing those things. Side note: I’m a code monkey not a team lead or any or management. When I say “my team” I mean the team I’m a member of Side note 2: I wrote the original version of this after a particularly bad week… If it could fall apart it did. I stand by what I say but you’ll notice that the post loses energy after the first section. I’ll update it eventually and flesh out the remaining bits ...

Working with me This post is inspired by David Bauer’s. The goal is to provide a “user manual” for myself so that others can get an idea of what I value and how I work. It appears that David and I are very similar people… Naturally my ideals will change over time, and I may not always live up to them. I will update this page if I feel it’s important ( assuming I remember! ). ...

Nothing else to say really. Stop The War. SLAVA UKRAINI

Doomsday Recovery This page serves as a dumping ground for ideas on preserving access to online ( and offline ) accounts in the event of disaster General Principles All passwords are stored in a password safe ( KeePass ) Password safe lives on the NAS and is backed up once per day to a spare nas primary NAS is backed up once per week to B2 Storage TODOs Consider a way to ensure access with TOTP codes Ensure duplicate yubikeys are used Automate as much as possible Document Practice TOTP and 2FA It’s good practice to enable and use 2FA whenever the platform you’re using offers it ( if they don’t then ask them why! ). Any 2FA is better than no 2FA, but it’s a good idea to avoid SMS based tokens, there have been a few high profile victims of sim-jacking and it’s not that hard to do… That’s not to say that other 2FA methods are foolproof… you can still phish for hardware tokens after all. ...

Internal Let’s Encrypt Certificates Here are some thoughts and ideas on how I have lets encrypt certificates deployed to home infrastructure … At a high level , my setup assigns a hostname based subdomain for each internal host. E.G. If my registered domain is example.com and my host is host1 then I will generate a cert for host1.example.com. Let’s encrypt supports wildcards, you could use a wildcard if you wanted to. I didn’t like the idea of every internal host using the same keypair. ...

Hello World! Welcome to my dumping ground of thoughts. have fun!