Recent Blogs
Krishna Sticker from New Mayapura
So there used to be these little Hare Krishna stickers in New Mayapura during the 1980s. My mum still has a couple of rolls of them and occasionally sends me a present with one on. They’re very precious to me, so I’ve scanned them at a reasonable resolution, but these 160x160 ones are usable for icons and and the web.
read more
Kubernetes OpenBao Secrets Operator
Build k8s cluster Out of scope 🙃
Build OpenBao Easy Mode: https://github.com/thejambavan/openbao-compose Ouroboros Mode: https://openbao.org/docs/platform/k8s/
Add BSO to k8s cluster Install the secrets operator helm chart:
helm install vault-secrets-operator hashicorp/vault-secrets-operator --namespace openbao-secrets-operator --create-namespace Unfortunately you can’t yet do this because the openbao version hasn’t been uploaded to the helm repo:
helm install openbao-secrets-operator openbao/openbao-secrets-operator --namespace openbao-secrets-operator --create-namespace k8s configuration Create an appropriate namespace and connect k8s ↔️ openbao kubectl create namespace openbao export K8S_TO_VAULT=bao.
read more
ISC dhcpd and bind9 interactions in Debian <12
tl;dr AppArmor can break DDNS on Debian
Also posted as a comment on ISC’s gitlab. The real solution, of course, is to stop using the now-EOL ISC dhcpd and migrate to Kea, but Kea’s architecture is obviously different from dhcpd’s, so migration of a complex configuration will take time.
If anyone else finds it useful, I’ve discovered that this error is due to incomplete AppArmor profiles in Debian < 12:
read more