Virtual Private Networking in AWS

Been doing lots of VPN setup and configuration lately, especially inside of Amazon Web Service (AWS) Virtual Private Clouds (VPCs.)  They have a built-in VPN capability using IPSec but it generally seems specifically focused on device-to-device (D2D) configurations.  Depending on the need I have turned up StrongSwan and/or OpenVPN as a solution.

OpenVPN has an advantage of being able to do SSL VPN on 443 making it look exactly like HTTPS web traffic (effectively making it unbreakable by network administrators.)  Things like proxy-servers don’t even know you are creating a VPN tunnel.  However, on Windows OpenVPN client software has to be installed to use it.

StrongSwan is a IPSec VPN option that works well with existing P2P VPN systems.  The native Windows VPN tools work out of the box with a standard StrongSwan configuration (as long as your certs have been signed by a trusted CA.)  Performance is also very good.

So far, I really really like OpenVPN as once it is configured it works everywhere, regardless of network policy or ISP limitations.  Linux Network Manager has built in support for it making is very very easy to configure clients to use it as well.  That said, for IPSec configurations needing to connect to Windows Clients; StrongSwan has been my go-to solution.

Useful links follow:

Linux StrongSwan Server

Workstation StrongSwan Setup/Install Client

OpenVPN on Ubuntu

Looking for Trouble

My goal in life (and this blog) is not to become a gigantic link-bot but I never seem to finish all the articles I want to save and return to… until I do. So here is the most recent reading life I have for June of 2013.

Other Technology

  • Build Your Own Google TV using Linux, Nodejs, Socket.io, Linux, and a RaspberryPi
  • arkOS your own personnel home cloud (without the NSA) on a $35 RaspberryPi.
  • TTYtter a command line based twitter client for Unix.  Can be run in disconnected mode (for a stand alone twitter “bot”), has some initial support for libnotify, and can even be scripted.
  • Using Git to backup $HOME One developers experience using Git as a home directory backup, tracking, and versioning system.  I am working on the same idea right now.
  • Configuring Keyboard Layouts on a per keyboard basis.  Particularly useful when F*$*(#NG Apple decides to move the Alt and Cmd keys from their 30 year old locations… but all your USB keyboards use the default locations.

Start-ups and Business

  • Startup Advice 95 pieces of advice Sam Altman has heard about creating, managing, and developing a startup.

Software Development

  • Shortcut Training Interval Training for learning keyboard short-cuts.  Including Vim & Emacs
  • Github Pre-commit hooks StackOverflow topic discussing setting up and testing pre-commit hooks on Githubs JSON API.  Github actually has a pretty decent into into some of their other hooks as well, see Post-Receive Hooks and Testing webhooks
  • Complex Responsive webapps more of a personnel anecdote than a tutorial but has some really good information on building responsive websites… after the fact.
  • Introducing Foreman Start-up manager for multi executable webapps.  Specifically in Ruby

Debian Linux

  • mini-dinstall On-line man page for mini-dinstall.
  • dh_install StackOverflow explanation of setting up a simple direct copy install rule for deb packages.  Particularly useful for web deployment packages.
  • gem2deb Github project page for gem2deb software.  Helps in created deb packages from Ruby gems also check out the Debian Ruby Packaging Team Wiki.
  • deb package building Debian.net forum post covering package building.  Some useful tips from here.  Honestly, RPMs are still my preferred method for building software packages.
  • debchange manpage debchange is probably the simplest way to create changelog entries in Debian.  Changelog formatting (a requirement to build packages) is a seriously painful process without this.
  • Debian Maintenance Guide This is chapter 4 that specifically covers debian directory file requirements when building deb packages.  Chapter 6 covers building, the Mentors FAQ  and Package FAQ have some good information as well.
  • Debian Admin Handbook Particularly this chapter (15.3) covers setting up an APT package repository using mini-dinstall.
  • Using dput with mini-dinstall A quick tutorial on using these two systems together.
  • dpkg cheatsheet Because I didn’t know how to do rpm -qi and rpm -qa in dpkg.
  • Debian Ruby Packaging Team Info includes tools, tips, standards, and links to information about packaging Ruby gems on Debian.

I’ve been things and seen places

Link dump for May 2012. Some of these have been sitting on a browser tab for months and simply needed to be moved for posterity.

Time Management & Business Development

  • Momentum is a hell of a drug An amazing article by Zack Shapiro that points to the fact that success builds on success.
  • 26 Time Management Hacks Time management is one of the other major subjects I have been studying as I grow my own business. There are a couple good ideas in this slideshow, and a bunch of retread.
  • Spending Time Efficiently Ideas about how to better spend the time you are wasting. However, already remember that the time you ENJOY wasting is NOT wasting time!
  • Rainy Day Ideas for Growing Your Business Some suggestions on things to help grow your business when you find some extra time on your hands.
  • The $5 Guerrilla User Test Hallway usability tests are the basis for much design methodology for new tech startups. This is an improvement on that idea when you are needing to bring your testing to the next “level.”
  • Productivity Hacks for Startup Dads Some nice tips on being productive, a father, and a business founder… all at the same time.
  • The Power of Habit Adding to my already unfinishable reading list. Change your habits to change your life.
  • The Rands Test Evaluate how well your company communicates between management and their creators.

Technology

  • Building Handbrake on Fedora 18 I was going to write this tutorial myself, but then I found somebody already had. If you backup your DVD collection, Handbrake is the easiest of all the tools you can use.
  • The Fish Shell An interesting replacement for the Bourne Again Shell.
  • GitLab.org The software that I am in the process of replacing my old Git repository manamgement with.
  • Linux Web Media Players Quick overview on setting up Netflix, Hulu, and Amazon to use on a Linux Media Player (for example XMBC or LinuxMCE.)
  • Video Screencasting with Vokoscreen Screencasting tool for Linux. Currently in Beta.
  • Building a SIP/Raspberry Pi Phone Using Twilio, Asterisk, FreePBX, and the Obihai OBi100. The extendability options are endless (how many thousands of businesses run Linux based FreePBX/Asterisk without even knowing it.)
  • Shell Helpers Copy and paste from your command line directly to Klipper on KDE!

Application Development

  • ownCloud OpenSource Dropbox replacement that can be hosted on your own hardware. Includes a plugin interface that dramatically extends the functionality.
  • Big O Complexity A cheat sheet for search algorithm time complexity.
  • Statistical Formulas for Programmers Because to many developers think Excel SUM is sufficient for data reporting.
  • The RESTful CookBook It is scary how much of my development time is mixed between REST and JSON. This is a pretty good “Cookbook” style web document on REST implementation recipes.
  • GruntJS Task Stager Setup your build staging pipeline with a Node.js task runner. Helps with things like minifying, compiling CoffeeScript, and unit testing.
  • Pure, Responsive CSS Fairly new CSS framework for responsive web design.
  • Git Tips Git tips that can keep you from getting fired. Things like setting up git hooks and file level ignore. CHECK OUT THE COMMENTS, some of the tips are even better than the article.

Other Stuff

  • The Perfect Mojito I have never been a fan of Mojitos but we had the mint and decided to try one from scratch. WOW… Just WOW! They are amazing when you don’t use one of the store bought mixes… and good rum!

If the line is good

Found a couple links to articles that discuss Linux usage across a number of different markets.  Just citing the authors:

All of the above noted, Linux desktop usage still hovers around 1-3%

more than you can afford to lose

I honestly don’t know why some links seem more appropriate in a blog; as compared to my freakishly huge bookmark list.

  • Getting Started with NoSQL – I tell my students that much of the support development they do in the future will be on MySQL and much of the new development they do themselves will be with NoSQL.  Good into to CouchDB, my current favorite.
  • Fedora Packing Guidelines for cpanspec – I started writing a script like cpanspec almost 8 years ago, but never finished because the complexity of figuring out CPAN dependencies was taking too much time away from actual development.  This thing is an absolute MUST for Perl developers using RPM based systems.
  • Renaming a Git repository stored in gitolite – You know a technology is a game changer when it not only solves problems you have but solves problems you didn’t even realize were problems.  Git is like that and gitolite is how I manage my git repositories.  After having to do a Google search on this… twice, I figure I better save the link.
  • Moving files from one git repository to another while preserving history – Title says it all.  The only thing to add is that this post includes a link to Linus’ “greatest git merge ever” post, which was not only a cool post (if you a total nut-job computer geek) but started a pretty amazing thread about “cool” git merges.
  • Using git archive – I use something like  git archive –prefix=proname-1.1/ 1.1 |bzip2 > proname-1.1.tar.bz2 to create my deployment packages on Linux. This is a nice document listing examples and use cases for git archive.  This only works if 1.1 is a branch or has been tagged via something like git tag -a 1.1 -m ‘Message about tag.’
  • Telling Linux to ignore a bad part of memory – Is memtest freaking out about some bad memory?  How about simply telling the Linux kernel not to use that chuck?  This modifies the grub options so the Linux kernel knows which part of memory not to use before it actually loads itself up.

to create a space for them

OK, first I have a new favorite quote:

Concentrated power is not rendered harmless by the good intentions of those who create it.
–Milton Friedman

And second… Well, this was a topic I had not expected to be posting about again but the last couple weeks I have found myself spending more and more time building RPM packages for Fedora.  Thankfully the development stack (and documentation) for Fedora is noticeably better than it was for Redhat 9.  So, in my usual fashon, I am listing some of the more useful information I have RECENTLY come across for building RPM packages on Fedora 16.

  • Recommended Method for adding Users & Groups — A Fedora wiki page that discusses the best way to add new users to a system during the rpm install process.  There is no recommendation for REMOVING users during uninstall.  Additionally, rpmlint will scream about un-registered users if you don’t provide reference users for rpmlint.  This bugzilla report discusses how to best alleviate that problem.
  • Packaging Tricks — A stupidly useful Fedora wiki article discussing common issues/fixes for doing package builds.  Some of them are simply look-up problems (like knowing group package groups are available.)   Some of the information is much more advanced package configuration tips (like converting badly encoded files to UTF-8.)  All are really helpful.
  • Frequently Made Mistakes — In the same vein as the Packaging Tricks but specifically focused on problematic RPM methodology.  One correction on this page.  The correct location for checking SPEC files from other Fedora packages is not correctly listed (Fedora doesn’t use CVS anymore.)  The correct location is in their git repository.
  • Creating Sub-packages — Is a very early stage draft document on the Fedora Documentation website that discusses how to best create multiple sub-packages from a given SPEC file.  I had been needing good documentation on this process and this seems to be the start of it.
  • RPM Groups — Raw list of valid RPM package groups.
  • How to Make RPM Packages — Exactly what the name implies.  Probably the best starting point for Fedora Linux software packagers.
  • rpm –showrc — This command will list all the current Macros defined for the rpm build environment.  It even includes your custom local setup.  It is a great place to grep for path information and to verify directory locations for installation.  It has probably been around forever but I honestly didn’t know about it until a couple days ago.
  • rpmdev-setuptree is one of several tools available in the rpmdevtools package (yum install rpmdevtools.)   Running this command will setup a local build directory in THAT USERS home directory (as you should NEVER build packages as root using the system wide build directory.) Additionally it will create a stock .rpmmacros config file.  You will still want to define your own %packager and %vendor macros.
  • Package Guidelines – The definitive guide from Redhat on creating Fedora/Redhat rpm files for distribution.
  • RPM Dev Tools – Web listing of some of the new automated packing tools for RPM based distributions.  Things like creating your default build environment and spec file format checker.
  • CPAN2RPM – A tool for building rpm files from the Comprehensive Perl Archiving Network.  While tools like cpanplus work well for package installation, I prefer the flexibility and consistency of rpm packages and this is a nice way to be able to use rpm files for CPAN modules.
  • cpanspec – Another tool for building spec files (and therefore rpm packages) from cpan repository information.  Generally I use cpan2rpm to create a basic package and then modify the spec file to work anyway, so this might be a better option.

to understand the simplicity

Quick links to some Fedora repositories that I have been using on multiple machines.  For the last four years I have been using OpenSuse on my primary systems, but dumb decision after dumb decision has made it too frustrating for server use.  I don’t know how Windows users do it but I find it amazingly frustrating having to use one system for my desktop and another for my servers, so it is Fedora 16 all around.

  • Adobe Flash Repo — Hosted Fedora rpm’s for Adobe Flash.  Because we all need to to watch YouTube clips of the evolution of dance.
  • Fedora Project Third Party Repository List — Fedora keeps a list of approved third party repos.  The list is basically required for a truly complete Linux distribution.
  • RpmFusion — A uber useful repository made from the combined efforts of three of the best RPM repositories Fedora ever had; Dribble, FreshRPMS, and Livna.
  • Livna — Yes, yes, I know I just said that RpmFusion combined the efforts of Livna; but for legal reason there was a single package that could not be included in RpmFusion.  Livna has stayed in existence for distribution of this single package and maintains compatibility with both the RpmFusion repos and the primary Fedora repos.
  • nodejs — Fedora repository linking to primary node.js and Google V8 packages.  Node.js is a JavaScript platform built on Google’s Chrome JavaScript runtime.  This allows you to build JavaScript files as locally executable applications the same way you would Python or Perl.
  • Google Apps — There are actually links to popular Google applications (Map, Chrome, etc.) The rpm packages, when installed, actually add their remote repositories to your yum list for future updates.

One Notebook to Rule them all

One of the rules of my organizational methodology is that everything that I write on paper goes into a single notebook. I keep a single notebook and each and every page is titled, numbered, and dated. Each notebook is numbered and range dated when finally filled. This means that I carry a notebook with me most of the time and, therefore, the quality of the notebook means a great deal to me.

Now I can already hear people screaming “MOLESKIN” to me; but the problem with Moleskin is that they are pretty darn expensive (remember everything I don’t type on the computer goes into this notebook… it can fill up VERY quickly) and they are generally quality overkill for something that basically holds todo lists and diagrams. Finally, Moleskins are really more about brand than need.

So my notebooks need to stand-up to punishment, not be too expensive, and have a useful layout that doesn’t make me feel like a third grader. The Foray Project Planner Notebook is EASILY my favorite. So for future reference (like when I need to order new ones:)

Where to buy: Office Depot

Description: These refillable notebooks feature smooth, white, premium bond paper and distinctive foil-stamped linen covers with high-quality double-wire binding. Each notebook contains perforated pages for easy removal as well as a date box on every page to keep you on track. There are 80 faint-ruled pages of 18-lb paper in each refillable notebook.

Item # 766134
Manufacturer # 99326FY
sheet size 8 3/5″ x 11″
number of pages per book 160
binding type wirebound
cover color Black
cover material 22 pt. linen 924 grain embossed
opening position right side
number of holes punched 0
paper ruling faint ruled
paper color white
paper weight 18 lb
acid free no
brand name Foray

Bookshelf Investing: A Drew Yates Re-post

Here is a repost of a Drew Yates article I found EXTREMELY useful. Unfortunately most of his old posts seem to be forever lost. It is an unfortunate fact that the great blog post I have read are hidden jems that must be dug for. I need to make a habit of copying them on occasion because, all to often, they disappear when their author looses interest and moves on. This is one of the useful top-10 lists I have read and I hope (that by saving it here) it will be useful for a long time to come.

On Books, Top 10 Rules For Investing In Bookshelves

Your bookshelf is like your knowledge portfolio. By investing in yourself, you can become a more interesting, intelligent, creative, and happier person while education improving your judgement and learning new skills. Here are my top ten points for managing your education by investing in your bookself.

1. Buy books for who you’d like to be, not who you are.

Why only buy books about what you already know? Don’t feel guilty about books you own that you haven’t read yet, don’t quite understand, or don’t quite fit your persona. Surround yourself with what you want to know. Achieve by osmosis.

2. You can’t know what you don’t know. Diversify!

Never underestimate the value of learning what you don’t know. Buy books in topics that have “no interest in.” Maybe you are wrong. Inject some randomness in your life.

Excercise: Minute Compass

Try this: stand in the center of the bookstore with your back to the door and check your watch. Turn and face the direction your minute hand points. Buy and read one book in that direction.

3. Understand your investment profile

A book you bought but didn’t read is $20 lost. A book you read but didn’t like or learn from is $20 and maybe a few hours lost. A book you read and learned from is priceless. So: a calculated risk of $20, or never learning anything new? You can’t even begin to understand what you’re missing when you don’t know what you don’t know.

It’s much easier to start reading a book you have than a book you don’t have.

Unless you have urgent expenses, invest generously. This is true for all investments.

4. Give your favorite books away.

Ideas are like currency. They only have value when shared.

Real power today lies at society’s “information hubs.” What better to demonstrate your informational worth than to give books? You can alway rebuy books if you need them. Don’t bother asking people to return your books. That’s tacky. Let them keep it as a token of your thoughtfulness, advice, and generosity. Maybe they will pass that book along to their friends with a shining review, too! That’s the ulitmate compliment.

Not: Used books are NOT GIFTS. Gifting something you are “done with” as is fantastically tacky and cheap. Besides, traditional gifts are more tokens of sacrifice and obligation than tokens of good-will and thoughtfulness. How else could you explain all those $10 gift certificates from your extended family and coworkers?

5. Buy books cheap, but don’t be cheap.

Investing in books are one of those rare opportunities where it pays to be a spontanious shopper. If you suddenly have the motivation to learn, don’t squander it to save five dollars! Naturally, don’t spend more than you have to. But like the morons who drive around town for the cheapest gas, it doesn’t pay to waste time to save a couple dollars. Well, actually it pays a couple dollars. Unless you’re 11, you probably could spend your time better.

Also, most good technical books can usually only be found new. Good technical books are kept as references, and people resell back books they don’t think they’ll use again. Also, most technical books have a shelf-life of only a few years. The only technical books at a value book store will probably be outdated and mediocre.

Cheap, readily available books, like classical literature, are usually at the library or internet for free, anyways.

6. Be Wary of Textbooks. Many Textbooks Suck.

Be suspecious of any book that marketed to undergraduates. If the publisher doesn’t take pride in their work and churns frivolous editions, why should you take pride in owning a copy? In my experience, most required engineering books are terrible. If you’re a computer science student, forget buying the textbook, just use the Internet.

Note: this varies per university. If you are savvy enough to judge books, you can often judge the quality of a university department by the quality of the required reading. Andrew in the comments also noted that many very specialized texts can only be found at universities.

7. Ask Bookstore Employees for Advice

Most bookstore employees like books. Unfortunately, they are usually stuck playing the Warehouse Index game for impatient customers. Make your bookstore employees happy. Ask for their advice. They will know which books are well-liked and which are trash, and they might know which publishers print the best quality books. Ask employees which books they like. And then buy what they like. You might even make some interesting friends this way.

Side note: never harass retail employees. Be nice. Really, whatever your problem is, it’s almost guarunteed not be the fault of anyone around you can talk to. Worse, have you ever known an employee to make exceptions for a jerk? Rarely. If you have a problem with a store, complain with your wallet (or your blog ;) ), never to employees.

8. Throw away bad books.

You probably own some books that were disappointing or technical books that are outdated. Throw them away. There’s nothing to be learned by hording trash knowledge. In fact, make trashing books symbolic of your intellectual health. You can’t fill a full cup.

9. Non-fiction is usually a better investment

Non-fiction has an obligation (you hope) to be true. Most fiction, like movies, only mean to be entertaining, not to make you think. If you want to read fiction, avoid books you would expect to find at your grocery store. Also, most science fiction and fantasy books are rarely good “investments.” Watch Star Wars, read Lord of the Rings, and be done with it.

10. If somebody recommends a book, STOP, note the title, and buy it immediately

Your investment will stagnate if you don’t do this. Make this a habit. Don’t try and rationalize this away. Shut up and do it. Somebody you respect has chosen to share very valuable knowledge with you and you have an obligation to due diligance. Even if you don’t like their recommendation, you have learned something important about the person who recommended it. To not do this, I think, is crude and insulting.

In fact, you should take notes whenever anyone is describing something they care about, whether it’s people they think you should know, books that they enjoy, or places they enjoy visiting. Not only is this flattering, but it’s honest and smart. What better way to prove your legitimate interest in somebody’s opinion than writing them down… and then backing your word with your wallet? Not even $20 in beer could be as well spent.

Note: don’t be obnoxious about taking notes. Just write down the author and title. People don’t want to feel like professors in casual conversation.