A month has passed so it’s time for another status update.
Move from AWS to OpenBSD.amsterdam
I moved this blog out of AWS to OpenBSD.amsterdam a week ago. I’ve been perfectly happy with AWS: it’s cheap (less than 2 euros / month), reliable and with properly configured IAM role there were no problems using a potentially untrusted CI for deploying this web site. But AWS hides a lot behind clicketity click interfaces — all which could be venues for further learning. So AWS is out.
I used to run OpenBSD as my main development system years ago and I’ve wanted to come back ever since. With the possibility of having a hosted OpenBSD VM in Europe, supporting the OpenBSD project and the tools available in the base system, I decided to move my hosting away from AWS.
The setup is simple:
relayd handles TLS termination and acts as a reverse
httpd serves HTML and
acme-client requests certificates from Let’s
Encrypt. CI integration is done with a chrooted SFTP.
The site configuration is here: https://git.sr.ht/~artoj/artojonsson.com.site
Another project that has been on my mind for a while is a Dockerized version of Ndiff, the Nmap result difference tool. Idea is to have periodic scans of targets and report any differences to a baseline. I got the idea from Flan Scan, a project by Cloudflare, which takes advantage of Nmap’s vulnerability scanning features.
The repository is here: https://git.sr.ht/~artoj/baseline-scan
Finally, I improved the Docker build system of Cute Chess. While putting baseline-scan together I discovered Haskell Dockerfile Linter. It’s very similar to ShellCheck. Based on its recommendations, I fixed issues in the Dockerfile for building releases.