lmacken/pyrasite: Inject code into running Python processes
Could see this being real useful for poking live worker daemons w/o having to bounce them, for example. Wonder how it compares to Graphite's old 'manhole' (or w/e it was called) approach.
debugging  python  programming  sysadmin 
5 days ago
Learning From A Year of Security Breaches – Starting Up Security – Medium
Great article on what an org can do to deal with security, from someone who spent 300+ hours participating in incident response in a single year.
10 days ago
Linux - xhyve-manager
Tutorial from the xhyve-manager project which seems to automate much of the manual tomfoolery from an earlier xhyve bookmark.
virtualization  mac  linux  sysadmin  xhyve 
14 days ago
Use xhyve for development on OSX · mfojtik blog
Excellent overview of how to use 'raw' xhyve on OS X to run a Linux vm.

Based on CentOS 7 but should be possible to apply to other OSes once one figures out the nitty gritty about kernel & its cmdline, initrd, etc.
virtualization  mac  sysadmin  linux  xhyve 
14 days ago
chaorace/cqui: Civilization 6 - Chao's Quick UI. Reduce clicks and manage your empire faster!
Goon-recommended UI that adds a ton of info back to the info screens and tooltips
civ  games 
21 days ago
Restart Button Mod 1.0.7 - Civ 6 Mods
Lets you reroll a game start w/o having to set everything back up every. single. time.
civ  games 
27 days ago
[Distutils] Announcement: TLSv1.2 will become mandatory in the future
tl;dr Python interpreters need to bind against an OpenSSL that includes TLSv1.2, meaning no more OS X bundled Pythons/OpenSSL - need eg pyenv + brew openssl.
python  ssl  maintainership  packaging  security 
4 weeks ago
wallix/awless: A Mighty CLI for AWS
Seen in a sysadmin newsletter. Might be good if it doesn't use golang stdlib's awful plan 9 style cli flags...
aws  cli  golang  tools  sysadmin 
4 weeks ago
ericchiang/pup: Parsing HTML at the command line
tl;dr it's like jq but for HTML instead of JSON. Neat.
cli  tools  http 
4 weeks ago
Coping with the TCP TIME-WAIT state on busy Linux servers | Vincent Bernat
Pretty great blog post explaining TIME_WAIT with detailed schematics etc.
networking  linux  sysadmin  unix 
5 weeks ago
1990年 - YouTube
Playlist of supercuts of camcorder walkthroughs of the streets/stations/etc of Tokyo in the 1990s. RAD, if slightly disorienting at times
japan  urbanism  video 
7 weeks ago
etsy/411: An Alert Management Web Application
tl;dr an etsy-driven app that generates alerts from ELK-stack ES databases

Of course...it's PHP. Meh.
monitoring  search  sysadmin  alerts 
8 weeks ago
NY Train Project
Neat line-by-line 'exploration' of the mosaic/tile signage for almost every station in the system.
nyc  subway  art 
9 weeks ago
Pixie | Welcome
Neat early-stage LISP written in RPython. "Clojure w/o the startup time" YES PLZ
lisp  programming  python  clojure 
9 weeks ago
dgsh — directed graph shell
Seriously cool new shell that has native async/multipipe capabilities, so you can do stuff like "md5sum and wc -c the same input, simultaneously, then print the output of both in a given format". Includes a number of coreutils rebuilt to take advantage of its features.

Sadly not in Homebrew yet?
shells  sysadmin  tools 
9 weeks ago
Construct — Construct 2.8 documentation
Neat looking binary-oriented Python parsing lib. Could be fun if I need to do any lower level tomfoolery.
python  parsing  binary  sysadmin  tools  networking  security 
december 2016
Using Pipelines to Manage Environments with Infrastructure as Code – Medium
Decent article going over a method of managing infrastructure changes in a two-repo-with-CI (or, I assume, a single-repo-with-tags) setup, with tests, etc.
sysadmin  building 
december 2016
Cerberus: Secure property store for cloud applications
Nike OSS project; coderangers says it looks "a more complete/opinionated version of Vault for AWS"
security  sysadmin  secretsmanagement 
december 2016
Silicon Valley Rising
Name is unfortunately suggestive of typical head-up-ass Silicon Valley crap, _but_ it is not, it's about helping all the folks who keep the region running despite _not_ being middle class white techbros from Stanford.
december 2016
Natural Resources Defense Council
december 2016
aker-gateway/Aker: SSH bastion/jump host
Python (Paramiko!) based bastion/jump host software for auditability, etc etc. Young but looks promising.
ssh  python  sysadmin  security 
december 2016
Joyent | TCP Puzzlers
Decent enough overview of basic TCP connections and how they can correctly and, more importantly, incorrectly terminate. Explains some of why stuff hangs out in CLOSE_WAIT etc.
networking  sysadmin 
december 2016
Summaries, Books I - V : TheExpanse
Well executed summaries of the earlier Expanse novels.
books  theexpanse 
december 2016
hyperhq/runv: Hypervisor-based Runtime for OCI
tl;dr run containers (actually OCI, not Docker, but w/e) inside real hypervisor instances for when you need those extra isolation guarantees or whatnot
docker  containers  virtualization  sysadmin 
december 2016
Canonical Log Lines — Brandur Leach
Semi interesting look at formatting log lines for easier filter/search by splunk/etc tools, in a 'halfway' format that is both semi human readable and semi computer friendly (logfmt).

Not sure the article couldn't have just been "tl;dr emit extra log lines formatted especially for use in log search tools" tho...
logging  sysadmin 
december 2016
Crypto 101
Intro to crypto ebook by lvh. Looks good!
encryption  python  programming  security 
december 2016
Removing and purging files from git history - Stephen Ostermiller
Good concrete tips for examining and purging select bits of Git history.
november 2016
drduh/macOS-Security-and-Privacy-Guide: A practical guide to securing macOS.
Super in-depth (and with TONS of links to both tools and background info / papers / etc) guide to securing the Mac.
mac  security  sysadmin  networking  tools  encryption 
november 2016
ECS & Vault: Shhhhh... I have a secret... — Kickstarter
tl;dr use AppRole and/or Envconsul (which supports Vault too) to grant secrets to containers
containers  docker  security  secretsmanagement  linux  sysadmin 
november 2016
Red October: CloudFlare’s Open Source Implementation of the Two-Man Rule
Not a full secrets management solution (?) but a tool that could be used to build or augment one
secretsmanagement  security 
november 2016
Conjur Secrets Management Vault
Hosted / commercial secrets management (& more) service
secretsmanagement  security 
november 2016
Vault by HashiCorp
One of the newer & higher-visibility secrets management tools. HashiCorp!
secretsmanagement  security  sysadmin 
november 2016
Confidant: Your secret keeper
Another KMS/IAM based secrets management system, implemented in Angular, developed at Lyft.
security  secretsmanagement  aws  sysadmin 
november 2016
Key Management Service - Amazon Web Services (AWS)
Amazon-specific (though...presumably usable from elsewhere if one has initial credentials?) secrets management. A few other systems (like Confidant) are built on top of this as well.
secretsmanagement  security  aws  sysadmin 
november 2016
Java-based distributed key management system from Square.
secretsmanagement  security  sysadmin 
november 2016
Service discovery at Stripe
Good post about adding new production technology gracefully (generally) and service discovery + related mechanisms, with Consul (specifically).
distsys  microservices  sysadmin 
november 2016
Docker in Production: A History of Failure – The HFT Guy
Very axe-grindy but still interesting even when you factor that in.
docker  microservices  distsys  containers  sysadmin 
november 2016
Github org of container image conversion utilities, e.g. docker to rocket/oci and back, also a few other and/or older formats
containers  docker  sysadmin  distsys 
november 2016
okTurtles/dnschain: A blockchain-based DNS + HTTP server that fixes HTTPS security, and more!
tl;dr use blockchain and other modern ideas to make DNS and thus everything dependent on it (like HTTPS) more secure.

Neat idea, though seems to have stagnated already, no activity since Mar '16.
dns  http  security 
october 2016
Really cool visualization of how the Raft distributed consensus protocol works
visualization  distsys  networking  sysadmin 
october 2016
Secure Your Containers with this One Weird Trick – Red Hat Enterprise Linux Blog
Decent article about Linux process capabilities, what containers include by default, what they all do, and reccos on which to drop (surprise: almost all of them).
linux  security  docker  containers 
october 2016
Introduction · Linux Inside
Decent looking OSS book about the details of how Linux works
books  linux  os 
october 2016
attic-labs/noms: The versioned, forkable, syncable database
Looks neat. Might be fun for toy projects at the very least.
databases  git  golang 
october 2016
Torus - Simple, secure credential management.
Startup that <current boss> etc have chatted with, seems at least kinda legit.
sysadmin  tools  security  secretsmanagement 
october 2016
Unwritten: the D'Ni tabletop RPG
Licensed but unofficial D'Ni/Myst RPG based on the 'Fate' system. Paperback or ebook.
rpg  games  d'ni 
october 2016
Transit Authority Figures — Northampton/Amherst Subway Map
Fake subway map for Noho; shop page has a bunch more for other places that similarly don't need subways
maps  art 
october 2016
Jsonnet - The Data Templating Language
Neat super-language on top of JSON with optional key quotes, trailing commas, comments, etc, as well as a lot of powerful-looking ways to reference other data within one's JSON, functions, etc. C++/C with JS impl available, and various bindings for Python and many more.
json  text  programming  tools 
october 2016
« earlier      
43f advice alcohol alerts anime ansible apache apps architecture arm art ascii askme assembly astronomy async audio automation awk aws backgrounds backups bash bayarea benchmarking bg2 bigdata biking binary biology bookmarks books bots browser brutalism bsd buddhism building c c++ car cartography cassandra cat cellphones chef china chrome civ cli clojure cocoa color colorizing colorschemes communities compsci concurrency configmanagement containers coroutines courses css d'ni databases debian debugging deploy design diagrams distsys django dns docker documentation donations editors elasticsearch electronica ello emacs email encoding encryption erlang essays extensions fabric fantasy film finance firefly firefox flask flickr focus fonts food forms games gba gems git github gmail golang good_design google gpg graffiti graphing graphite gui hacking hadoop handwriting haproxy hardware health history homebrew hosting http humor images interactivefiction iphone irc itunes japan java javascript jenkins json kafka knowledge kubernetes learning letsencrypt life linux lisp loadtesting logging lucasarts mac maintainership maps markdown martial_arts math mefi memes metrics microservices minecraft mod_wsgi moleskine mongo-in-postgres mongodb mongodb-problems monitoring moo moving mtg muds mush music mutt nagios names networking newsblur nginx nihongo nodejs nosql nyc objective-c oldware openbsd ops os packaging pagerduty parsing photography photos photoshop php pizza poetry postgresql ppc preseed presentations privacy productivity programming puppet python rabbit rails redis redmine reference regex religion repl roleplaying rpg ruby rust safety salt scala science scifi search secretsmanagement security sensu shells simulation sjw sleep slides space spotify sql ssh ssl starwars style subprocess subway sync sysadmin tablature tcg techtalks terrabattle testing text textmate theexpanse threading time timemachine tmux to_file to_listen to_read to_visit to_watch tools troubleshooting tutorials twisted twitter typography ubuntu unicode unix urbanism utc vagrant video vim virtualenv virtualization visualization wallpapers webdev wiki wine wow writing xhyve zsh

Copy this bookmark: