Automagically deploy & run containerized WordPress (PHP7 FPM, Nginx, MariaDB) using Ansible + Docker on AWS

May 21, 2017 – 18:28 by Adnan Hodzic


In this blog post, I've described what started as simple migration of WordPress blog to AWS, ended up as automation project consisting of publishing multiple Ansible roles deploying and running multiple Docker images. If you're not interested in reading about my entire journey, cognition gains and how this process came to be, please skim down to "Birth of: containerized-wordpress-project (TL;DR)" section. Migrating WordPress blog to AWS (EC2, Lightsail?) Since I've been sold on Amazon's AWS idea of cloud computing "services" for couple of years now. I've wanted, and been trying to migrate this (WordPress) blog to AWS, but somehow it never worked out. Moving it to EC2 instance, with its own ELB volumes, AMI, EIP, Security Group … it just seemed as an overkill. When AWS Lightsail was first released, it seemed that was an answer to all my problems. But it wasn’t, disregarding its bit restrictive/dumbed down versions of original features. Living in Amsterdam, my main problem with ...

Secure (HTTPS) public access to Synology NAS using Let’s Encrypt (free) SSL certificate

February 17, 2017 – 17:00 by Adnan Hodzic


Secure public access to your Synology? Every time I'm outside of my home network, and I need to get something from my Synology NAS, I'm facing the same dillema. Who's sniffing the network I'm on, and who will I hand over my credentials in plain text using HTTP. Of course, you can add extra security to your Synology account by using 2 step authentication, or first establishing connection to (preferably private) VPN connection. But even then ... footprint of sensitive data you're leaving behind you is just not worth it. To resolve this problem, you could get a self-signed SSL certificate, but whole process will cost you time and money. But thanks to good people at Let's Encrypt, this whole process now takes 15 minutes process and is free! Secure (HTTPS) access to Synology NAS using Let's Encrypt (free) SSL certificate There are couple of tutorials which cover this same topic, however reason why I ...

anon-hotspot: On demand Debian Linux (Tor) Hotspot setup tool

September 18, 2016 – 19:17 by Adnan Hodzic


Today it's not easy to anonymize internet traffic and protect our online privacy. From advertisers to various other parties, everyone seems to be interested in what we're doing online, and it's our traffic that allows them to track our behaviour and interests. To make our internet traffic anonymous we could turn to various VPN/Proxy solutions, but in the end need you still need to have ultimately trust that your traffic on other side of the tunnel won't end up in wrong hands. That's why if I want anonymity I'll always turn to Tor (anonymity network). Turn Raspberry Pi 3/or any other Debian Linux based device into a (Tor) WiFi Hotspot You need two things: Clone anon-hotspot git repo Raspberry PI 3 or any other Debian Linux based device with ethernet port and wifi card RPI3 or any other device you want to run this on needs to be connected to internet via ethernet port, while WiFi interface will be turned into an ...

Kernel agnostic, DisplayLink Debian GNU/Linux driver installer (Debian/Ubuntu/Elementary)

November 29, 2015 – 12:42 by Adnan Hodzic


I use DisplayLink at work for multi display setup/Ethernet/etc, all by connecting to a single USB port. Although it's a nifty little device, its software support isn't that great. Only Linux driver they have is for Ubuntu. Which is only optimized to work with 14.04, and latest kernel they support is 3.19! Their installer script can be modified to work with Debian and Systemd, but even so if you're using any Linux kernel version other then >=3.14 && <=3.19 you're not going to have a good time. displaylink-debian (github) That's why I decided to take things in my own hands, and created displaylink-debian. Tool which allows you to seamlessly install and uninstall DisplayLink drivers on Debian/Ubuntu based Linux distributions.. Supported platforms are: Debian: Jessie 8.0/Stretch 9.0/Sid (unstable) Ubuntu: 14.04 Trusty/15.04 Vivid/15.10 Wily/16.04 Xenial/16.10 Yakkety elementary OS: O.3 Freya/0.4 Loki Mint: 15 Olivia/16 Petra/17.3 Rosa/18 Sarah Kali: 2016.2/kali-rolling Regardless of which kernel version you're using. displaylink-debian licence is GPLv3 and ...

Juniper/Pulse Secure VPN on Linux (2015 edition)

September 21, 2015 – 20:52 by Adnan Hodzic


Prelude Some time ago, Juniper Networks sold their beloved Junos Pulse SSL VPN, and thus new company called Pulse Secure was created. Which resulted in Pulse Secure client, which is used to establish secure authentication to the (VPN) tunnel. Since Juniper never supported Linux, it comes as no surprise that successor company client supports every other platform except Linux. Setting Juniper VPN/Secure Pulse on Linux is pain. Basically, it comes down to using Java applet in web browser or using 3rd party hacks and scripts. Something I refused to accept. Getting it to work in a web browser Although, it can be bit confusing on 64 bit architecture, getting VPN access via web browser is simple. You just need to install right packages: sudo apt-get install icedtea-7-plugin openjdk-7-jre:i386 libstdc++6:i386 lib32z1 lib32ncurses5 libxext6:i386 libxrender1:i386 libxtst6:i386 libxi6:i386 I've tested this on with OpenJDK 7/8 and Oracle Java 7/8 on Debian Jessie (8.x). It works just fine. Same solution will also ...