Shami's Blog

Sysadmin, Because Even Developers Need Heroes

Get A List of EC2 Instances And The AMIs Used to Launch Them

2021-06-12 by Mohammad H. Al-Shami

I was recently tasked with auditing the AMIs we are currently using for our AWS account. I could have just checked all machines but thought jq might be a better way to do it, and it actually is.


Using Dynamic DNS with pf, iptables, and gomplate

2021-06-06 by Mohammad H. Al-Shami

It is always better to tighten the firewall configuration on your servers. Limiting SSH connections from a defined list of IP addresses greatly reduces the attack surface as well as load; the firewall is much more efficient at blocking connections than sshd. The best approach is to have a static IP or connect through a bastion host which is protected via a VPN. But sometimes that is not feasible.


Why You Shouldn't Use the Windows 10 SSH Agent

2021-06-04 by Mohammad H. Al-Shami

I have recently switched to using Sublime Merge as my Git client. I know other clients have the same features but for me Sublime Merge is just a pleasure to use.


Simulate Pressing the Reset Button

2021-06-03 by Mohammad H. Al-Shami

We’ve all been there, something gets stuck and there is no way to fix it except for a reboot, but even rebooting through SSH isn’t working and you don’t have physical access to the server or an out-of-bound way to power cycle. This has mostly bit me while working on NFS but there has been other cases. Adding it here for reference.


Writing Reusable Terraform Code, Part 3

2021-06-02 by Mohammad H. Al-Shami

In part 1 and part 2 I briefly talked about modules and workspaces. This time I will take things a bit further.


Writing Reusable Terraform Code, Part 2

2021-05-20 by Mohammad H. Al-Shami

In part 1, I talked about modules and how they are the first step into reducing duplicate resources. Here I will talk about workspaces.


Writing Reusable Terraform Code, Part 1

2021-05-20 by Mohammad H. Al-Shami

I’m fairly new to Terraform, yes I have been using it for the past 2 or 3 years, but my use-case was quite simple; Create a few servers in DigitalOcean or Hetzner, install a web stack, and use the outputs to update the load balancer and the firewall.


Bettering Myself

2021-05-07 by Mohammad H. Al-Shami

It’s been a long time since I have added anything to my blog; I wanted to update my site to use the newer version of Hugo. I also wanted to update the theme to remove some of the older componets and disable Disqus. One of the things I wanted to do is to use Parcel to learn how it works. I got halfway through the HTML and then real life got in the way. For some reason I kept delaying adding new content because I thought updating the theme to the newest Hugo version would take a long time.


Adding a Form to Your Static Site

2018-03-09 by Mohammad H. Al-Shami

I’ve become a big fan of static site generators lately, especially Hugo. It’s true, static site generators are not for everybody, but most websites on the Internet can be easily implemented as static sites. Also, static sites are great for those websites that you can’t regularly maintain, they are secure, fast, and very easy to set up. Take this blog for example, I don’t have much time to maintain and apply security patches so having it set up as HTML is perfect for me.


Running Older PHP Versions on FreeBSD 11

2018-02-19 by Mohammad H. Al-Shami

Why? You might ask yourself. Isn’t it just better to upgrade the web application and save yourself the trouble of all the security issues? True, but sometimes it’s just not possible or feasible. The other day I helped a friend of mine migreate from a VPS he got in 2008 to a brand new FreeBSD 11 droplet on DigitalOcean. His customer has still not updated their site, and they were paying the same rate they’ve been paying since 2008. So it was better and cheaper to move them to a new VPS even though we kept the same code. At least the OS and all other components in the stack were updated.


About Me

Dev gone Ops gone DevOps. Any views expressed on this blog are mine alone and do not necessarily reflect the views of my employer.