Chris Farris

AWS API Keys are powerful things that you don’t want to leave lying around. Amazon’s suggestion is to keep them in ~/.aws/config. I’m not a fan of that. OSX has KeyChain, which is a secure repository for credentials and what most OSX Apps use for caching your login to various websites. This might not be the ideal solution, but it’s better than an unencrypted file in your home directory.

I’ve built a set of three scripts that will use OSX Keychain to store your AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY, and retrieve them into environment variables when needed to use the AWS API or any script that honors those environment variables.

We’re getting ready to deploy our first production workload in AWS, and our AWS account team recommended we enable a bunch of auditing on our accounts in each region. That is a lot of clicking for 9 regions across three accounts. This script will configure AWS CloudTrail and AWS Config Service in all regions, configure the logging bucket, and establish a reasonable password policy. Amazon is about to release 3 (or four) more regions in Ohio, England, Korea and India.

I’ve created an account on github. You can find my work (and mock me for it) here: https://github.com/jchrisfarris/via XKCD

… are not that exaggerated. I have a three year old, I have a job that discourages political blogging. I’m not doing that much that is interesting. Except that I am doing cool shit at work and I should be more willing to talk about it. So I will start posting here more. The first bit of news is that I’ve stuck a stake in the heart of Prime Harbor, and I’m no redirecting that site here.

So OpsCode (or now GetChef) doesn’t have an omnibus installer for the ARM/Raspberry Pi, but it’s pretty easy to get it setup. Start with the base default Raspbian (stretch) and get it where you can ssh. Run the following on the Pi: sudo apt-get install ruby bundler sudo gem install chef —verbose Then on your workstation this to bootstrap: knife bootstrap -N NODENAME -x pi -P raspberry –sudo IP_of_rPi You need to set the nodename explicitly as the hostname under raspbian is “raspberrypi” and you probably want something else.

Apple doesn’t let you use a shared folder as a time machine destination in regular OSX (you can buy server and get that functionality), only a full volume or Time Capsule. But you can use this command line trick: This assumes your Folder exported is called TimeMachine AFP mount your TimeMachine share via Command-K on the Mac you want to back up. Try this. It will probably fail with an error about locking: sudo tmutil setdestination /Volumes/TimeMachine On the server you want to back up to, run defaults write /private/var/db/dslocal/nodes/Default/sharepoints/TimeMachine.

So I come home yesterday to a very, very dejected child. Apparently she somehow deleted all the slides for a school project due when she gets back from vacation. First off – iOS doesn’t have .Trash. Second, she hadn’t synced to iTunes in several months. Third, iCloud backup wasn’t turned on. Not expecting too much, I took her iPad and scoured the Internet to see what I could find that would act as an undelete tool for iOS.

The Federal Reserve Bank of Atlanta did an analysis of how much annual benefit the average american get from their PC. $1700. $1,700: The annual benefit the average American derives from personal computers Despite all the wrenching change the computer age has brought, humanity is probably better off than it would have been if the PC had never been invented. Now, economists at the Federal Reserve Bank of Atlanta have taken a stab at figuring out exactly how much better off we are.

Kid’s Mac’s TimeMachine backups were broken. “Time Machine completed a verification of your backups. To improve reliability, Time Machine must create a new backup for you.” Rather than starting from scratch, I found this: Fix Time Machine Sparsebundle NAS Based Backup Errors

If you’re reading this, you know I rarely visit my blogs. That presents a problem, as I never get the nag from WordPress that my version is so out of date, my site has been taken over by Russian Yakuza using it to spy against the Chinese on behalf of Syria or something. Below is a simple little script that can be thrown in cron and will bug you when WordPress releases a new version and you’ve not updated.