Recently I've had the opportunity to play with some new and existing technologies as a mechanism of both upskilling and trying something new. I decided to spend some of that time learning how to create a hidden service, and make my own blog available over the Tor network. Although this…
Extending on my previous post about creating a custom CA and using client certificates through Cloudflare, I wanted to write about how I integrated Keycloak with Nginx without OpenResty. As we had a handful of different websites and applications running on the server, I wanted to simplify everything with the…
Over the last week, I've been building a new server for some friends and I to host our own NextCloud instance. Part of this is to keep our technical eyes up-to-date and relevant, with the other being to reduce some of our reliance on Google and to own our own…
Whether I'm making new friends and industry relationships, or even just participating in casual conversation, I often get asked how someone with my educational background ended up in the technology sector. The simple answer is equal parts passion and procrastination with a sprinkling of subversion and a pinch of counter-culture.…
I learned about GitHub Actions when it was released last year, although didn't investigate further as I'd already configured my hobby project CI/CD pipelines using Travis CI to a satisfactory standard. While everything generally worked really well, I found myself running up against some obscure issue with Travis that…
I remember learning about the difference between sympathy and empathy in middle school. Sympathy: feelings of pity and sorrow for someone else's misfortune. Empathy: the ability to understand and share the feelings of another.Pretty damn simple to understand the difference when you read each of the above definitions, but…
As I have moved my blog platform over to Ghost, I've realised that there will be other parts of my technical ecosystem that will keep me busy tinkering. One such part of that is how to cache every page on this site (effectively) permanently whilst also allowing new posts and…
I find it's highly beneficial to do a personal reset every so often. While I can't speak for others, for me personal resets come in a number of different forms although usually over the course of at least a weekend. They take me out of my comfort zone and allow…
It's been quite literally years that I've been putting off updating my blog, both in the underlying technology as well as the content that resides within. While August is probably eight months too late to invoke the new year in a blog title, it's a theme that I can work…
I've recently been working with a client using Drupal, Varnish, and Cloudflare as part of their digital transformation journey. The client had requirements to ensure that requests coming in through Cloudflare, which should be all requests, would include a check to ensure only their internal IP ranges and ours would…
Over the last couple of days an internal thread has been making the rounds at Acquia about speeding up Composer for Drupal builds. With Drupal 8, Lightning and the BLT project making heavy use of Composer to manage its dependencies, users frequently rebuilding from source, or those in remote regions…
Recently I was approached by one of the Cloudflare channel team as they advised all customers about Google's announcement about distrusting SSL certificates from two certificate authorities ("CAs"): WoSign and StartCom. Google's announcement joins Mozilla and Apple and now represents the majority of human-driven browsers. As I was using a…
Quite often in my role as a Solutions Architect at Acquia, I'll see customers looking to bring sites under the multisite banner in order to enact a more controlled code governance model. Amalgamating codebases allows for a more controlled site development experience where 50 different sites can be thought of…
Recently I was posed with the question about verifying self-signed SSL certificates with drupal_http_request(). The usecase here would be to use private APIs to surface information, secured with SSL, yet using an internally created certificate. By default, drupal_http_request() does not verify the SSL certificate of sites…
I've been slowly expanding the amount of automation that runs on the servers I personally maintain. With Puppet as my configuration management system I'm able to deploy changes to however many of my servers quickly and easily. Similarly, if any server dies a fiery death a new one can be…