Running Ghost on Tor

Recently I've had the opportunity to play with some new and existing technologies as a mechanism of both upskilling and trying something new. I decided to spend some of that time learning how to create a hidden service, and make my own blog available over the Tor network. Although this…

Integrating Nginx and Keycloak without OpenResty

Extending on my previous post about creating a custom CA and using client certificates through Cloudflare, I wanted to write about how I integrated Keycloak with Nginx without OpenResty. As we had a handful of different websites and applications running on the server, I wanted to simplify everything with the…

How I got into technology

Whether I'm making new friends and industry relationships, or even just participating in casual conversation, I often get asked how someone with my educational background ended up in the technology sector. The simple answer is equal parts passion and procrastination with a sprinkling of subversion and a pinch of counter-culture.…

Build, test, and deploy PHP applications with GitHub Actions

I learned about GitHub Actions when it was released last year, although didn't investigate further as I'd already configured my hobby project CI/CD pipelines using Travis CI to a satisfactory standard. While everything generally worked really well, I found myself running up against some obscure issue with Travis that…

Delivering with empathy

I remember learning about the difference between sympathy and empathy in middle school. Sympathy: feelings of pity and sorrow for someone else's misfortune. Empathy: the ability to understand and share the feelings of another.Pretty damn simple to understand the difference when you read each of the above definitions, but…

Cache purging with Ghost and Cloudflare Workers

As I have moved my blog platform over to Ghost, I've realised that there will be other parts of my technical ecosystem that will keep me busy tinkering. One such part of that is how to cache every page on this site (effectively) permanently whilst also allowing new posts and…

Personal Resets

I find it's highly beneficial to do a personal reset every so often. While I can't speak for others, for me personal resets come in a number of different forms although usually over the course of at least a weekend. They take me out of my comfort zone and allow…

New year, new blog

It's been quite literally years that I've been putting off updating my blog, both in the underlying technology as well as the content that resides within. While August is probably eight months too late to invoke the new year in a blog title, it's a theme that I can work…

IP Restrictions behind Cloudflare and Varnish

I've recently been working with a client using Drupal, Varnish, and Cloudflare as part of their digital transformation journey. The client had requirements to ensure that requests coming in through Cloudflare, which should be all requests, would include a check to ensure only their internal IP ranges and ours would…

Using Toran Proxy to speed up Drupal builds

Over the last couple of days an internal thread has been making the rounds at Acquia about speeding up Composer for Drupal builds. With Drupal 8, Lightning and the BLT project making heavy use of Composer to manage its dependencies, users frequently rebuilding from source, or those in remote regions…

Installing an Origin CA cert in Pound

Recently I was approached by one of the Cloudflare channel team as they advised all customers about Google's announcement about distrusting SSL certificates from two certificate authorities ("CAs"): WoSign and StartCom. Google's announcement joins Mozilla and Apple and now represents the majority of human-driven browsers. As I was using a…

Migrating into multisite

Quite often in my role as a Solutions Architect at Acquia, I'll see customers looking to bring sites under the multisite banner in order to enact a more controlled code governance model. Amalgamating codebases allows for a more controlled site development experience where 50 different sites can be thought of…

Verifying SSL certificates with drupal_http_request

Recently I was posed with the question about verifying self-signed SSL certificates with drupal_http_request(). The usecase here would be to use private APIs to surface information, secured with SSL, yet using an internally created certificate. By default, drupal_http_request() does not verify the SSL certificate of sites…

Making Nagios check OpenVPN

I've been slowly expanding the amount of automation that runs on the servers I personally maintain. With Puppet as my configuration management system I'm able to deploy changes to however many of my servers quickly and easily. Similarly, if any server dies a fiery death a new one can be…