Decent looking mailing list esque service, with a free plan but with paid plans as well, so presumably not AS likely to 'exit'. GH integration, etc. Also has a ton of shit I will never use but eh.
maintainership  email 
9 days ago
gravitational/teleport: Modern SSH server for clusters and teams.
Golang-based OpenSSH compat SSHd with audit logging, builtin 2FA, etc. Haven't actually scoped it out but sounds interesting at least.
ssh  sysadmin  security  logging  golang 
14 days ago
Yamanote Eki-Melo
Blog with all of the Yamanote line train jingles!
trains  japan  urbanism 
16 days ago
Subgraph OS
Debian-based super-secure desktop-oriented Linux distro. Pretty impressive-looking at a glance. Many components written in Golang?
linux  security  debian  golang 
22 days ago
The world under heaven, after a long period of division, tends to unite | MetaFilter
Short MeFi thread on an apparently great podcast series retelling the Romance of the Three Kingdoms in a more colorful manner to offset how straight translations to English tend to be very dry and hard to follow.
history  china  podcasts 
28 days ago
API Reference — more-itertools 3.0.0 documentation
Real nice looking set of common "stuff you do a lot with iterables not covered in stdlib.itertools". bucketing, 'make either a singleton or iterable into an iterable' (possibly much nicer than my usual 'is it a string' test), etc
python  programming 
28 days ago
letsencrypt/boulder: An ACME-based CA, written in Go.
I.e. if you want to run your own Let's Encrypt esque service in-house?
golang  letsencrypt  ssl  security  encryption 
5 weeks ago
lmacken/pyrasite: Inject code into running Python processes
Could see this being real useful for poking live worker daemons w/o having to bounce them, for example. Wonder how it compares to Graphite's old 'manhole' (or w/e it was called) approach.
debugging  python  programming  sysadmin 
5 weeks ago
Learning From A Year of Security Breaches – Starting Up Security – Medium
Great article on what an org can do to deal with security, from someone who spent 300+ hours participating in incident response in a single year.
6 weeks ago
Linux - xhyve-manager
Tutorial from the xhyve-manager project which seems to automate much of the manual tomfoolery from an earlier xhyve bookmark.
virtualization  mac  linux  sysadmin  xhyve 
7 weeks ago
Use xhyve for development on OSX · mfojtik blog
Excellent overview of how to use 'raw' xhyve on OS X to run a Linux vm.

Based on CentOS 7 but should be possible to apply to other OSes once one figures out the nitty gritty about kernel & its cmdline, initrd, etc.
virtualization  mac  sysadmin  linux  xhyve 
7 weeks ago
chaorace/cqui: Civilization 6 - Chao's Quick UI. Reduce clicks and manage your empire faster!
Goon-recommended UI that adds a ton of info back to the info screens and tooltips
civ  games 
8 weeks ago
Restart Button Mod 1.0.7 - Civ 6 Mods
Lets you reroll a game start w/o having to set everything back up every. single. time.
civ  games 
9 weeks ago
[Distutils] Announcement: TLSv1.2 will become mandatory in the future
tl;dr Python interpreters need to bind against an OpenSSL that includes TLSv1.2, meaning no more OS X bundled Pythons/OpenSSL - need eg pyenv + brew openssl.
python  ssl  maintainership  packaging  security 
9 weeks ago
wallix/awless: A Mighty CLI for AWS
Seen in a sysadmin newsletter. Might be good if it doesn't use golang stdlib's awful plan 9 style cli flags...
aws  cli  golang  tools  sysadmin 
9 weeks ago
ericchiang/pup: Parsing HTML at the command line
tl;dr it's like jq but for HTML instead of JSON. Neat.
cli  tools  http 
10 weeks ago
Coping with the TCP TIME-WAIT state on busy Linux servers | Vincent Bernat
Pretty great blog post explaining TIME_WAIT with detailed schematics etc.
networking  linux  sysadmin  unix 
10 weeks ago
1990年 - YouTube
Playlist of supercuts of camcorder walkthroughs of the streets/stations/etc of Tokyo in the 1990s. RAD, if slightly disorienting at times
japan  urbanism  video 
january 2017
Kyle Isom: "OpenSSH Keys: A Walkthrough"
Decent look at the low level basics of RSA SSH keys. Bit outdated though since it references EC as being "the future of public-key encryption" and OS X 10.8 as being current, LOL
ssh  security  encryption  essays 
january 2017
etsy/411: An Alert Management Web Application
tl;dr an etsy-driven app that generates alerts from ELK-stack ES databases

Of's PHP. Meh.
monitoring  search  sysadmin  alerts 
january 2017
NY Train Project
Neat line-by-line 'exploration' of the mosaic/tile signage for almost every station in the system.
nyc  subway  art 
january 2017
Pixie | Welcome
Neat early-stage LISP written in RPython. "Clojure w/o the startup time" YES PLZ
lisp  programming  python  clojure 
january 2017
dgsh — directed graph shell
Seriously cool new shell that has native async/multipipe capabilities, so you can do stuff like "md5sum and wc -c the same input, simultaneously, then print the output of both in a given format". Includes a number of coreutils rebuilt to take advantage of its features.

Sadly not in Homebrew yet?
shells  sysadmin  tools 
january 2017
Construct — Construct 2.8 documentation
Neat looking binary-oriented Python parsing lib. Could be fun if I need to do any lower level tomfoolery.
python  parsing  binary  sysadmin  tools  networking  security 
december 2016
Using Pipelines to Manage Environments with Infrastructure as Code – Medium
Decent article going over a method of managing infrastructure changes in a two-repo-with-CI (or, I assume, a single-repo-with-tags) setup, with tests, etc.
sysadmin  building 
december 2016
Cerberus: Secure property store for cloud applications
Nike OSS project; coderangers says it looks "a more complete/opinionated version of Vault for AWS"
security  sysadmin  secretsmanagement 
december 2016
Silicon Valley Rising
Name is unfortunately suggestive of typical head-up-ass Silicon Valley crap, _but_ it is not, it's about helping all the folks who keep the region running despite _not_ being middle class white techbros from Stanford.
december 2016
Natural Resources Defense Council
december 2016
aker-gateway/Aker: SSH bastion/jump host
Python (Paramiko!) based bastion/jump host software for auditability, etc etc. Young but looks promising.
ssh  python  sysadmin  security 
december 2016
Joyent | TCP Puzzlers
Decent enough overview of basic TCP connections and how they can correctly and, more importantly, incorrectly terminate. Explains some of why stuff hangs out in CLOSE_WAIT etc.
networking  sysadmin 
december 2016
Summaries, Books I - V : TheExpanse
Well executed summaries of the earlier Expanse novels.
books  theexpanse 
december 2016
hyperhq/runv: Hypervisor-based Runtime for OCI
tl;dr run containers (actually OCI, not Docker, but w/e) inside real hypervisor instances for when you need those extra isolation guarantees or whatnot
docker  containers  virtualization  sysadmin 
december 2016
Canonical Log Lines — Brandur Leach
Semi interesting look at formatting log lines for easier filter/search by splunk/etc tools, in a 'halfway' format that is both semi human readable and semi computer friendly (logfmt).

Not sure the article couldn't have just been "tl;dr emit extra log lines formatted especially for use in log search tools" tho...
logging  sysadmin 
december 2016
Crypto 101
Intro to crypto ebook by lvh. Looks good!
encryption  python  programming  security 
december 2016
Removing and purging files from git history - Stephen Ostermiller
Good concrete tips for examining and purging select bits of Git history.
november 2016
drduh/macOS-Security-and-Privacy-Guide: A practical guide to securing macOS.
Super in-depth (and with TONS of links to both tools and background info / papers / etc) guide to securing the Mac.
mac  security  sysadmin  networking  tools  encryption 
november 2016
ECS & Vault: Shhhhh... I have a secret... — Kickstarter
tl;dr use AppRole and/or Envconsul (which supports Vault too) to grant secrets to containers
containers  docker  security  secretsmanagement  linux  sysadmin 
november 2016
Red October: CloudFlare’s Open Source Implementation of the Two-Man Rule
Not a full secrets management solution (?) but a tool that could be used to build or augment one
secretsmanagement  security 
november 2016
Conjur Secrets Management Vault
Hosted / commercial secrets management (& more) service
secretsmanagement  security 
november 2016
Vault by HashiCorp
One of the newer & higher-visibility secrets management tools. HashiCorp!
secretsmanagement  security  sysadmin 
november 2016
Confidant: Your secret keeper
Another KMS/IAM based secrets management system, implemented in Angular, developed at Lyft.
security  secretsmanagement  aws  sysadmin 
november 2016
Key Management Service - Amazon Web Services (AWS)
Amazon-specific (though...presumably usable from elsewhere if one has initial credentials?) secrets management. A few other systems (like Confidant) are built on top of this as well.
secretsmanagement  security  aws  sysadmin 
november 2016
Java-based distributed key management system from Square.
secretsmanagement  security  sysadmin 
november 2016
Service discovery at Stripe
Good post about adding new production technology gracefully (generally) and service discovery + related mechanisms, with Consul (specifically).
distsys  microservices  sysadmin 
november 2016
Docker in Production: A History of Failure – The HFT Guy
Very axe-grindy but still interesting even when you factor that in.
docker  microservices  distsys  containers  sysadmin 
november 2016
Github org of container image conversion utilities, e.g. docker to rocket/oci and back, also a few other and/or older formats
containers  docker  sysadmin  distsys 
november 2016
okTurtles/dnschain: A blockchain-based DNS + HTTP server that fixes HTTPS security, and more!
tl;dr use blockchain and other modern ideas to make DNS and thus everything dependent on it (like HTTPS) more secure.

Neat idea, though seems to have stagnated already, no activity since Mar '16.
dns  http  security 
october 2016
Really cool visualization of how the Raft distributed consensus protocol works
visualization  distsys  networking  sysadmin 
october 2016
Secure Your Containers with this One Weird Trick – Red Hat Enterprise Linux Blog
Decent article about Linux process capabilities, what containers include by default, what they all do, and reccos on which to drop (surprise: almost all of them).
linux  security  docker  containers 
october 2016
Introduction · Linux Inside
Decent looking OSS book about the details of how Linux works
books  linux  os 
october 2016
« earlier      
43f advice alcohol alerts anime ansible apache apps architecture arm art ascii askme assembly astronomy async audio automation awk aws backgrounds backups bash bayarea benchmarking bg2 bigdata biking binary biology bookmarks books bots browser brutalism bsd buddhism building c c++ car cartography cassandra cat cellphones chef china chrome civ cli clojure cocoa color colorizing colorschemes communities compsci concurrency configmanagement containers coroutines courses css d'ni databases debian debugging deploy design diagrams distsys django dns docker documentation donations editors elasticsearch electronica ello emacs email encoding encryption erlang essays extensions fabric fantasy film finance firefly firefox flask flickr focus fonts food forms games gba gems git github gmail golang good_design google gpg graffiti graphing graphite gui hacking hadoop handwriting haproxy hardware health history homebrew hosting http humor images interactivefiction iphone irc itunes japan java javascript jenkins json kafka knowledge kubernetes learning letsencrypt life linux lisp loadtesting logging lucasarts mac maintainership maps markdown martial_arts math mefi memes metrics microservices minecraft mod_wsgi moleskine mongo-in-postgres mongodb mongodb-problems monitoring moo moving mtg muds mush music mutt nagios names networking newsblur nginx nihongo nodejs nosql nyc objective-c oldware openbsd ops os packaging pagerduty parsing photography photos photoshop php pizza podcasts poetry postgresql ppc preseed presentations privacy productivity programming puppet python rabbit rails redis redmine reference regex religion repl roleplaying rpg ruby rust safety salt scala science scifi search secretsmanagement security sensu shells simulation sjw sleep slides space spotify sql ssh ssl starwars style subprocess subway sync sysadmin tablature tcg techtalks terrabattle testing text textmate theexpanse threading time timemachine tmux to_file to_listen to_read to_visit to_watch tools trains troubleshooting tutorials twisted twitter typography ubuntu unicode unix urbanism utc vagrant video vim virtualenv virtualization visualization wallpapers webdev wiki wine wow writing xhyve zsh

Copy this bookmark: