Status update November 2020

A month has passed so it’s time for another status update.

Move from AWS to

I moved this blog out of AWS to a week ago. I’ve been perfectly happy with AWS: it’s cheap (less than 2 euros / month), reliable and with properly configured IAM role there were no problems using a potentially untrusted CI for deploying this web site. But AWS hides a lot behind clicketity click interfaces — all which could be venues for further learning. So AWS is out.

I used to run OpenBSD as my main development system years ago and I’ve wanted to come back ever since. With the possibility of having a hosted OpenBSD VM in Europe, supporting the OpenBSD project and the tools available in the base system, I decided to move my hosting away from AWS.

The setup is simple: relayd handles TLS termination and acts as a reverse proxy, httpd serves HTML and acme-client requests certificates from Let’s Encrypt. CI integration is done with a chrooted SFTP.

The site configuration is here:


Another project that has been on my mind for a while is a Dockerized version of Ndiff, the Nmap result difference tool. Idea is to have periodic scans of targets and report any differences to a baseline. I got the idea from Flan Scan, a project by Cloudflare, which takes advantage of Nmap’s vulnerability scanning features.

The repository is here:

Cute Chess

Finally, I improved the Docker build system of Cute Chess. While putting baseline-scan together I discovered Haskell Dockerfile Linter. It’s very similar to ShellCheck. Based on its recommendations, I fixed issues in the Dockerfile for building releases.