Grant an IAM user access to a specific S3 bucket and folder

In Amazon Web Services there’s a product called IAM (Identity and Access Management) which allows you to create users and groups and attach policies to both. In this how to we look at an IAM policy which allows a specific user to only have access to a specific S3 bucket and folder.

Ghost on Debian with Nginx as a reverse proxy

I finally came around to trying out Ghost and I’m loving it. So much that I switched my old Jekyll website over to Ghost. I used a small Ruby script to convert my Markdown files to a JSON file that Ghost can use to import my posts. Here’s a quick tutorial how to install NodeJS and Ghost and use Nginx as a reverse proxy.

Require MFA for AWS API and Console access

Sometimes you want to require your users to enable MFA (multi-factor authentication) before being able to do anything with the Amazon Web Services (AWS) account you gave them access to. There’s a small conditional you have to add to your IAM policy in order to do so. But you’ll also want to enable all users to add, delete and resync their MFA devices.

Using Docker to run WordPress behind an Nginx reverse proxy

Docker really seems to be taking off as a viable solution for development workflows. If you’re working with WordPress there’s already a lot of good tools besides Docker to bootstrap a new WordPress website. But here’s how to do it with Docker.

Getting A+ on SSLLabs with Nginx and StartSSL

Qualys offers an SSL Test where you can check your SSL setup. They make recommendations on what to tweak to get the highest score possible. I want to share how I achieved A+ using Nginx and StartSSL.

Quickly switch between AWS accounts using aws-cli

The AWS CLI tools are really great for quick tasks on your AWS infrastructure, like looking which instances are currently running. You can also using aws-cli for automation of course. One thing I found annoying while working with multiple accounts was having to add –profile to my command each time I wanted to do something with aws-cli.

Impressions of the LG G3 and the Quick Circle case

Some quick things I want to share about the LG G3 and the Quick Circle case.

Having used my Nexus 4 for about 18 months the LG G3 feels HUGE at first. The thin bezels are amazing and it's really the eye catcher of this phone. I've now been using the LG G3 for about a month and I can honestly say, this is the best phone I've ever had.

Fix a CPU consuming logrotate process

This week I noticed something strange about the disk IO of a server running Postfix. As soon as I logged in to the server I saw logrotate consuming 99% CPU and about 50% memory. Here’s how I diagnosed and fixed the problem.

Orchastrator: Arithmetic operation resulted in an overflow

If you, by chance, want to use Microsoft System Center Orchastrator 2012 to create user accounts in your Active Directory, you might run into a problem with the Get User activity. There’s a weird bug persisting in Orchestrator caused by the Maximum Password Age in your Group Policy Object (GPO). If this value is set to 0, the Runbook will fail stating the “Arithmetic operation resulted in an overflow”.

Serve 503 maintenance pages with Lighttpd

Every website needs some maintenance every now and then. Maybe you’re pushing some major updates or your database server needs an upgrade. In any case, it’s nice to have a maintenance page to let your visitors know service will be restored soon. This maintenance page could be a simple HTML file but by default there isn’t really a way to push a 503 status code. I created a small LUA wrapper script to fix this issue.