Sébastien Pittet

Aller au contenu | Aller au menu | Aller à la recherche

Technology enthusiast, Casual developer, ICT Professional working at Exoscale

Spéléologue, membre du Spéléo-Secours Suisse.

Mot-clé - Computing

Fil des billets - Fil des commentaires

samedi, 15 avril 2017

I moved to LetsEncrypt

certbot.JPGIn December 2016, I wrote a post on this blog about StartCom SSL free certificates. StartCom (and WoSign) aren't trusted anymore.

If Internet Explorer and Edge are trusting StartSSL root certificates, this is not the case with Google Chrome. I had to move to another product. Letsencrypt is the Certificate Authority of choice : they are :

  • free
  • trusted by most internet browsers
  • providing even SAN certificates
  • supported by majors companies
  • but very short time limited! (by design)

This web server is running nginx on debian (Jessie) and is hosted at exoscale, a swiss cloud provider. I installed Certbot (an ACME client to request the certificate and to automotically renew it). It worked like a charm!

Here are some basic steps I needed to do, in order to have it running:

Add the following line in the file /etc/apt/sources.list

deb http://ftp.debian.org/debian jessie-backports main

Follow the instructions here (for nginx on debian Jessie). For other configurations, you will find the instructions here.

Then, don't forget to backup :

  1. your new nginx configuration file(s)
  2. Letsencrypt directory, under /etc/letsencrypt

Lastly, check the cron will run, as specified under:

/etc/cron.d/certbot

The log files are available in:

/var/log/letsencrypt/

My config is available in a github repository and the last qualys check gave the result A+.

qualys_rating.jpg

Some links:

mardi, 10 janvier 2017

Make sure your Python code is great

logo_1_.png

dimanche, 1 janvier 2017

Cavelink - how to export your data

Using some free time during the holidays, I created a component to extract Cavelink data, by parsing the webpage. It's written in Python and available on GitHub.

A cavelink station can be connected with a couple a sensors, to get information from the cave (i.e. temperature, water level). The upper station (surface) can also be connected to a GSM modem to transmit data to the conceptor server.

Felix Ziegler can provide a specific URL to get data, dumped to an HTML page.

The module is then able to parse the webpage and extract the data. You will then be able to store it on your own database.

This module is designed to be included in other application. More to come about this. Stay tuned !

Some Links:

jeudi, 8 décembre 2016

About StartCom SSL free certificates

This website has its trafic encrypted with a StartCom Free SSL Certificate. As I recently renewed a certificate, I got this information:

Notice: 
1. Mozilla and Google decided to distrust all 
StartCom root certificates as of 21st of October, 
this situation will have an impact in the upcoming 
release of Firefox and Chrome in January. 

Apple's decision announced on Nov 30th of 
distrusting all StartCom root certificates as 
of 1st of December will have an impact in their 
upcoming security update. 

2. Any subscribers that paid the validation fee 
after Oct. 21st can get full refund by request. 

3. StartCom will provide an interim solution soon 
and will replace all the issued certificates with 
issuance date on or after Oct 21st in case of 
requested. Meanwhile StartCom is updating all 
systems and will generate new root CAs as 
requested by Mozilla to regain the trust in 
these browsers.

I checked this on the Mozilla and Apple website. I couldn't find any information on the Microsoft website about this.

After some earches on Microsoft.com, I can link to :

I'm planning a move to Letsencrypt certificates...

More information to come.

samedi, 19 novembre 2016

Application Testing

Testing.jpg

mardi, 8 novembre 2016

Great Regex website

There are many website related to RegEx (= regular expressions). But this one helped me a lot because the test feature is not limited to Javascript capabilities (i.e. to test positive & negative lookaround expressions).

RegEx_website.JPG

If you need some great help in validating things, just go to regex101.com !

mercredi, 2 novembre 2016

Learning Linux

Linux and OpenSource software are driving the cloud technologies. A few examples can be found in this post, where I'm listing the products and technologies considered in the last training I attended.

So, I'm learning Linux, in order to better compare, understand the differences between "Microsoft Cloud OS" suite of applications (including its Cloud service called Azure) and the stack of OpenSource softwares combined.

Today, I found a great picture of my learning curve. I'm (re-) publishing it below.

Linux_Learning_curve.jpg

I'm seriously thinking to open a new category in this blog to explain my findings et help each other to go faster. This new category could be called "Adventures on Debian Linux".

Stay tuned, some posts are already in preparation.

mardi, 5 juillet 2016

Achievement Unlocked : Cloud Infrastructure !

IntroCloudInfra.PNG

Les infrastructures orientées Cloud sont certainement un thème passionnant et très complexe. Par intérêt personnel, pour l'envie d'en savoir davantage et pour ne pas rester en arrière, j'ai suivi une formation d'introduction, qui traitait des sujets suivants :

  • Infrastructure as a Service
  • Platform as a Service
  • Containers
  • Micro OSes for Containers (CoreOS, RancherOS, Atomic Host, VMware Photon, etc)
  • Container Orchestration (Docker Swarm, Kubernetes, Mesos, Nomad, Amazon ECS, Google Container Engine, Azure Container Service)
  • Unikernels
  • Microservices thème renforcé par la présentation de M. Abarbanell
  • Container as a Service (CaaS) : Docker Universal Control Plane, OpenStack Magnum
  • Software Defined Network and Networking for Containers
  • Software Defined Storage and Storage Management for Containers (Ceph, Gluster, Docker Volumes)
  • DevOps and CI/CD
  • Configuration Management (Ansible, Puppet, Chef, Salt)
  • Tools for Build and release (Terraform, BOSH)
  • Tools for Key-Value Pair Store (etcd, Consul)
  • Tools for Image Building (Packer, Building Docker image)
  • Tools for Debugging, Logging and Monitoring (Sysdig, cAdvisor & Heapster, Fluentd, Datadog)

A l'issue des quelques semaines de formation, j'ai réussi la certification "Linux Foundation". Au delà du certificat, j'ai surtout été sensibilisé à de nouvelles façons de voir les infrastructures informatiques modernes, les outils associés et les méthodes appliquées. La résilience applicative et les concepts de scalability ont maintenant un autre sens pour moi !

Certificat - examen de fin de cours

Super intéressant ! Après cette introduction, il me reste désormais à approfondir le sujet !

Merci aux deux profs, qui ont parfaitement synthétisé cette matière difficile, parfois en comparant les services offerts chez les key-players (Amazon, Microsoft, Google et d'autres).

dimanche, 28 février 2016

Datacenter et cloud en Suisse

Reportage intéressant sur le thème du Cloud, produit par la RTS. On y voit quelques images du Datacenter de la société DELTALIS... qui héberge (une partie de) ce blog.

Lien :

mardi, 16 février 2016

LetsEncrypt : la sécurité pour tous !

LetsEncrypt LogoToujours grâce aux excellents collègues d'exoscale, j'ai récemment appris l'existence de LetsEncrypt, une nouvelle CA (=autorité de certification), gratuite et automatisée !

jeudi, 21 janvier 2016

Monowall is now frozen

monowall

Le projet monowall est désormais terminé. Je viens de prendre connaissance de l'annonce.

J'ai beaucoup utilisé Monowall, évidemment comme firewall mais également pour passer ma certification IPv6 et aussi comme émulateur WAN, à des fins de tests.

Ce firewall demandait un configuration hardware minimaliste (j'ai utilisé pcengines.ch) et m'a offert la possibilité de :

mardi, 22 décembre 2015

Moving to TLS and exoscale

It was certainly the time to secure this blog and turning to TLS. This is now effective.

But it's also the time to give some information about "what's that site running ?".

jeudi, 19 novembre 2015

Programmation pour les enfants

Si "savoir correctement utiliser un ordinateur" est devenu absolument nécessaire pour nos enfants, cela risque toutefois de ne plus être suffisant dans les années à venir. En effet, l'apprentissage de la programmation va probablement devenir indispensable, pour aller plus loin, concevoir leurs propres outils et interagir avec les services déjà disponibles.

mardi, 17 novembre 2015

The Phoenix Project

Phoenix Project BookDurant le mois de septembre, j'ai lu ce livre qui m'a été recommandé par l'un des fondateurs de Doodle, le site bien connu de planification en ligne.

Paul E. Sevinç, Co-founder & former CTO, présentait alors l'impact de la méthode DevOps sur les réalisations informatiques. Durant sa présentation, il invitait alors à la lecture de ce livre.

lundi, 24 août 2015

JSON online parser

I'm currently working on a project related to web development technologies (IoT, REST API, Python and some open source packages). You will learn more on that in a few months, I hope. As I'm fighting with the list comprehension techniques, I was looking for a good JSON parser to better display the data I get back.

This website helped me a lot with this : http://jsoneditoronline.org .

Should you have find another website, I let you drop me a comment about this topic.

And if you need some data to understand what I'm dealing with, you can paste this in the left column:

[{'measures': {'02:00:00:05:c2:96': {'res': {'1440400568': [14.5, 88]}, 
'type': ['temperature', 'humidity']},'70:ee:50:05:cc:ac': {'res': 
{'1440400617': [1002.9]}, 'type': ['pressure']}, '05:00:00:00:e5:6a':
{'rain_24h': 4.343, 'rain_timeutc': 1440400613, 'rain_60min': 0, 
'rain_live': 0}}, 'place': {'location': [6.2341437521148, 46.610756701907], 
'timezone': 'Europe/Zurich', 'altitude': 1023}, 'modules': 
['02:00:00:05:c2:96', '05:00:00:00:e5:6a'], '_id': '70:ee:50:05:cc:ac'}, 
{'measures': {'05:00:00:00:26:1e': {'rain_24h': 5.454, 'rain_timeutc': 
1440400759, 'rain_60min': 0.606, 'rain_live': 0.101}, '70:ee:50:00:6b:18': 
{'res': {'1440400767': [1008.3]}, 'type': ['pressure']}, '02:00:00:00:68:70': 
{'res': {'1440400746': [14.7, 88]}, 'type': ['temperature', 'humidity']}}, 
'place': {'location': [6.225976, 46.471649], 'timezone': 'Europe/Zurich', 
'altitude': 827}, 'modules': ['02:00:00:00:68:70', '05:00:00:00:26:1e'], 
'_id': '70:ee:50:00:6b:18'}, {'measures': {'05:00:00:00:1f:64': 
{'rain_24h': 2.424, 'rain_timeutc': 1440401067, 'rain_60min': 0.303, 'rain_live': 0}, 
'02:00:00:02:2a:3a': {'res': {'1440401035': [14.6, 93]}, 'type': ['temperature', 
'humidity']}, '70:ee:50:02:1b:1c': {'res': {'1440401078': [1012.3]}, 
'type': ['pressure']}}, 'place': {'location': [6.25851, 46.51401], 
'timezone': 'Europe/Zurich', 'altitude': 960}, 'modules': 
['02:00:00:02:2a:3a', '05:00:00:00:1f:64'], '_id': '70:ee:50:02:1b:1c'}, 
{'measures': {'05:00:00:00:91:ae': {'rain_24h': 11.009, 
'rain_timeutc': 1440400767, 'rain_60min': 1.212, 'rain_live': 0.101}, 
'02:00:00:03:7c:7c': {'res': {'1440400735': [13.5, 91]}, 
'type': ['temperature', 'humidity']}, '70:ee:50:03:84:d6': 
{'res': {'1440400771': [1011.3]}, 'type': ['pressure']}}, 'place': 
{'location': [6.2734680175781, 46.515434265137], 'timezone': 'Europe/Zurich', 
'altitude': 983}, 'modules': ['02:00:00:03:7c:7c', '05:00:00:00:91:ae'], 
'_id': '70:ee:50:03:84:d6'}, {'measures': {'70:ee:50:03:ae:f0': 
{'res': {'1440400670': [1009.1]}, 'type': ['pressure']}, '05:00:00:00:8f:dc': 
{'rain_24h': 9.999, 'rain_timeutc': 1440400669, 'rain_60min': 2.929, 
'rain_live': 0}, '02:00:00:03:de:3c': {'res': {'1440400662': [15, 92]}, 
'type': ['temperature', 'humidity']}}, 'place': {'location': [6.3098338, 46.5119656], 
'timezone': 'Europe/Zurich', 'altitude': 734}, 
'modules': ['02:00:00:03:de:3c', '05:00:00:00:8f:dc'], 
'_id': '70:ee:50:03:ae:f0'}, 
{'measures': {'02:00:00:13:22:7c': {'res': 
{'1440400771': [14.7, 90]}, 'type': ['temperature', 'humidity']}, 
'05:00:00:01:77:94': {'rain_24h': 6.363, 'rain_timeutc': 1440400771, 
'rain_60min': 0, 'rain_live': 0}, '70:ee:50:12:f7:98': {'res': {'1440400778': 
[1012.4]}, 'type': ['pressure']}}, 'place': {'location': [6.0618059999999, 46.48434], 
'timezone': 'Europe/Paris', 'altitude': 1124}, 'modules': ['02:00:00:13:22:7c', 
'05:00:00:01:77:94'], '_id': '70:ee:50:12:f7:98'}]

mardi, 14 juillet 2015

Turning a Raspberry Pi as a UniFi Controller

This blog post provides a step-by-step guide that works worry free :

http://erikvanpaassen.tweakblogs.net/blog/12480/turning-a-raspberry-pi-into-a-unifi-controller-appliance-%28unifi-4-raspbian-jessie-oracle-java-8%29

Thanks to the author !

As the versions are regularly upgraded, I would suggest you to parse the file : /etc/init.d/unifi and update the path (java home and controller application, if needed). Then, run the commands :

update-rc.d unifi defaults

Then, test the startup script with :

/etc/init.d/unifi restart

This man-page gives you instructions about managing services at startup : http://manpages.ubuntu.com/manpages/hardy/man8/update-rc.d.8.html

vendredi, 13 mars 2015

Office 365 - notes & links

I'm currently involved in a migration of an Exchange Server 2003 to Office 365 system. That's quite a big jump (!) as these two systems are separated by more than 10 years of great technical innovations.

We selected the way of a staged migration to mitigate the risks and better manage the end user devices. As you probably know, a single Office 365 licence can be installed on up to 5 devices and we want that our customer can really get value of this benefit.

This project is really interesting and really focussed on customer'strategy for the upcoming years.

The aim of this post is to provide a list of links we found useful during the project.

lundi, 9 mars 2015

Passwords ...

passwords.png

lundi, 30 juin 2014

Histoire des Codes Secrets

couverture.jpg Durant les vacances d'été, j'ai pris le temps de terminer un livre très intéressant : L'Histoire des Codes Secrets, de Simon Singh.

Cet ouvrage considère les chiffreurs/créateurs de codes et les oppose aux casseurs de codes. Finalement, depuis l'Empereur César, on a cherché à dissimuler des messages, pendant que d'autres cherchaient à les déchiffrer.

Les plus grandes avancées ont été crées (puis cassées) durant les grands conflits de l'histoire. Et cet aspect est parfaitement expliqué dans ce livre, qui se lit comme un bon roman. On en ressort grandi, puisque on comprend l'ingéniosité des codes et l'intelligence des déchiffreurs, au fil du temps.

lundi, 3 mars 2014

Argument de poids

Merci à Fabrice B. qui me donne l'occasion de créer ce nouveau billet. En faisant un peu d'ordre dans de (très) vieux papiers, il tombe sur une publicité du laptop acheté à l'époque. Notez l'argument de vente ! Y'a rien à dire, c'est Muy Bien tip-top nickel !

L'Ultraportable qui vous suivra partout ! Léger comme l'air, lignes racées !

WP_20140301_10_46_58_Pro.jpg WP_20140301_10_47_08_Pro.jpg

- page 2 de 4 -