tobru.guru Newsletter #16
3 min read

tobru.guru Newsletter #16

Threema goes Open Source and Docker registries everywhere. Plus a fresh Commodore release.

News

Software releases, news articles and other new stuff

Release v0.2.3 · projectsyn/commodore · GitHub
#projectsyn, #commodore, #release

A new maintenance release of the Project Syn tool Commodore, which is the configuration generator based on Kapitan. I can recommend to have a look at the Tutorial: Writing your First Commodore Component.

Threema Goes Open Source, Welcomes New Partner
#threema, #opensource

Within the next months, the Threema apps will become fully open source, supporting reproducible builds.

This is very good news and I was looking forward to such an announcement since the inception of Threema. Now waiting for the server part to be Open Sourced as well.

Download rate limit | Docker Documentation
#docker, #hub

Docker has enabled download rate limits for pull requests on Docker Hub. Limits are determined based on the account type.

Docker Hub gets limitations everywhere. Of course it is (was) great to have a free offering with very few limitations, but I guess these new restrictions will strengthen the competitors offerings, like Quay.io and:

Introducing GitHub Container Registry - The GitHub Blog
#github, #container, #registry

GitHub Container Registry introduces easy sharing across organizations, fine-grained permissions, and free, anonymous access for public container images.

I predict that many (Open Source) projects will switch over from Docker Hub to the GitHub Container Registry over time. Of course, Docker Hub still feels like "the default" registry, but with more and more limitations coming up, this will change.

NUM Namespace Utility Modules  
#dns, #database

Today we're announcing NUM, a new DNS-based protocol to store and retrieve structured data

Yeah, why not. Put all the things in DNS.


Articles

Interesting articles and blog posts

How to clean Arch Linux | Average Linux User
#arch, #cleanup, #linux

Although Arch Linux takes little of disk space right after the installation, as the time passes it grows quite a lot. So, if you do not have any free space left on your computer or you just would like to keep your Arch Linux system clean, this post is all you need.

The other day my disk ran full...

A Technical Deep Dive: Securing the Automation of ACME DNS Challenge Validation
#acme, #letsencrypt, #dns

During research for the future of Let's Encrypt at VSHN we came across this article which inspired us how we'll provide Let's Encrypt to our customers in the future.

Scaling Kubernetes Networking With EndpointSlices | Kubernetes
#kubernetes, #network, #api

EndpointSlices are an exciting new API that provides a scalable and extensible alternative to the Endpoints API. EndpointSlices track IP addresses, ports, readiness, and topology information for Pods backing a Service.

It's always great to read deep-dive articles like this.


Tools

Open Source tools newly discovered

GitHub - stevenpack/asroute: Interpret traceroute output to show names of ASN traversed
#ip, #router, #asn, #tracing

asroute is a CLI tool for parsing traceroute output to summarize AS's traversed.

GitHub - nektos/act: Run your GitHub Actions locally 🚀
#github, #pipeline, #cicd

When you run act it reads in your GitHub Actions from .github/workflows/ and determines the set of actions that need to be run. It uses the Docker API to either pull or build the necessary images, as defined in your workflow files and finally determines the execution path based on the dependencies that were defined.

GitHub - TwinProduction/gatus: Automated service health dashboard
#statuspage, #monitoring

A service health dashboard in Go that is meant to be used as a docker image with a custom configuration file.

EditorConfig
#editor, #style, #cicd

EditorConfig is a file format and collection of text editor plugins for maintaining consistent coding styles between different editors and IDEs.

GitHub - prashantgupta24/firewalld-rest: A rest application to dynamically update firewalld rules on a linux server
#firewall, #linux, #ssh, #api

The simple idea behind this is to have a completely isolated system, a system running Firewalld that does not permit SSH access to any IP address by default so there are no brute-force attacks. The only way to access the system is by communicating with a REST application running on the server through a valid request containing your public IP address.

GitHub - omrikiei/ktunnel: A cli that exposes your local resources to kubernetes
#tunnel, #kubernetes

Ktunnel is a CLI tool that establishes a reverse tunnel between a kubernetes cluster and your local machine. It lets you expose your machine as a service in the cluster or expose it to a specific deployment. You can also use the client and server without the orchestration part. Although ktunnel is identified with kubernetes, it can also be used as a reverse tunnel on any other remote system

GitHub - poseidon/fleetlock: Reboot coordinator for Fedora CoreOS nodes using the Zincati FleetLock protocol
#kubernetes, #maintenance, #reboot, #coreos

fleetlock is a reboot coordinator for Fedora CoreOS nodes in Kubernetes clusters. It implements the FleetLock protocol for use as a Zincati lock strategy backend.

GitHub - germainlefebvre4/ns-killer: NS Killer is a Kubernetes project to kill all namespaces living over X times
#kubernetes, #namespaces, #cicd, #cleanup

A Kubernetes project to kill all namespace living over X times. Quite useful when auto-generated development environments on the fly and give them a lifecycle out-of-the-box from Kubernetes or even Helm.

Enjoying these posts? Subscribe for more