Running Hardened Wordpress in Kubernetes

28 minute read Published

How to deploy a hardened WordPress site to Kubernetes using Ansible.

Previously I’ve discussed the basics of init containers and shown how to deploy WordPress locally. But if you’ve already got a domain handy and are ready to move your WordPress site to a staging or production environment please continue. I’ll use Digital Ocean but you could use any hosting provider you like so long as you can use them to deploy some VPS instances for yourself during the setup below. I’ve been using this method to host Chicago Gang History for over three years.

Guide assumes you are not using a "managed" K8s solution or cloud provider and want to create your own cloud using VPS instances you manage yourself.

When you are finished you will have a hardened WordPress site deployed to Kubernetes using Ansible capable of handling up to 80K users per month.

Gopass and Git Password Management

3 minute read Updated

Manage your passwords on the clearnet with gopass and git.

After adopting a variation of the Gentoo policy for managing OpenPGP (GnuPG) keys I now feel confident enough to use OpenPGP to save sensitive passwords in the cloud. Gentoo’s GLEP 63 policy takes the guesswork out of key management and provides some best practices valuable when encrypting sensitive information.

Although saving sensitive passwords in the cloud may seem a foolish endeavor the alternative is to keep passwords on the sneakernet and risk losing them. Given the abundance of thumb drives and their general multi-purpose use one might, for example, accidentally erase their only backup. Not to mention saving data on any physical medium carries the risk the physical media becomes corrupted.

Creating JSON Extracts in Supabase

8 minute read Published

How to upload and extract JSON using Postgres trigger functions in Supabase.

I loved my database courses in college. 20 years ago I could have written you a perfectly normalized relational database with a binder full of DB2 SQL queries that looked like magic. Since then much of that knowledge has begun to escape me as I haven’t had a strong desire to delve back into databases. Not because I don’t find them fascinating. But because getting them up correctly can be a pain.

Fast-forward a few years and DB2 has been superseded by Postgres and thanks to Supabase making relational databases super easy to set-up I find myself reaching back for that DB structures knowledge once again. Only now we’ll be working with something that didn’t exist back then: JSON.

In this post I’ll explain how to upload and extract JSON data into rows in a Postgres database using SvelteKit and Supabase. And though processing data this way seems like it would be a fairly common task, I wasn’t able to find a guide online describing how to do this. As a result, I thought it worthwhile to jot down how to do it.

Activate and Use Supabase GraphQL

4 minute read Updated

How to Activate and Use Supabase GraphQL. Just the basics.
For the uninitiated Supabase is a open source Firebase alternative. That’s a rather bold statement and it has caused some long-time fans of Firebase, a Google product, to raise an eyebrow. Yet despite who’s talking about it or not one thing is for certain: Supabase is moving quick. As of March 28th all new projects created within Supabase have access to GraphQL via an extension for Postgres. And projects that were created beforehand can install the extension themselves if desired.

Simple Hover Animations with Tailwind

3 minute read Published

Improve user experience using invisible animation with Tailwind CSS.

A little animation can make or break a design. If the animation is done well it becomes invisible, and oftentimes you won’t even notice it’s there. Invisible animation can have the opposite effect, and become noticeable when not present. This lack of animation becomes most obvious when shifting back and forth between websites with global navigation where one has a subtle animation and the other does not. In this case, it was my Svelte Headless UI Starter which lacked the animation and stook out like a sore thumb.

Taking some inspiration from my favorite WordPress theme I decided to tackle the addition of invisible animation to the global navigation in my starter. Here I’ll share the finished result and a simple pattern you can use to obtain the safe effect. And it’s easy to achieve with utils already available in Tailwind.

Recovering Files from a Kubernetes Persistent Volume

4 minute read Published

How to recover files from a Kubernetes Persistent Volume using rsync.

Learning Kubernetes is fun but it does come with its own unique challenges. For instance, last November I found myself in a situation where I had 21 gigabytes of WordPress upload content locked inside a Persistent Volume (PV) I needed to pull down to my machine otherwise I was going to lose it. Here’s how I did it.

T2 Linux Progress Report

5 minute read Published

10 weeks of T2 Linux on a 2019 MacBook Pro. So how's it going?

Last December I started dual-booting T2 Linux on my 2019 Mac. It’s been 10 weeks since I finished the tutorial on how to do it so I felt it was a good time to check in on what I like and what I don’t like about T2 Linux. Scroll to the very bottom of this page for the TL;DR.

Emojify Conventional Commits with Git

3 minute read Published

Reward yourself with an emoji anytime you make a conventional commit.

There’s got to be at least 1000 tutorials that’ll teach you how to add emojis to your conventional commits. Many of them will tell you to install 3rd party tools like Husky or Yorkie which can clutter up a repo with development cruft, or have you hacking up your package.json with stuff that isn’t in the spec.

For the longest time I was using npx git-cz aliased on my machine until I realized what I was doing was no safer than piping curling to shell. After looking around I found a better way to add commit emojis. And the method I’ll share is much more friendly for contributors to a project as it doesn’t force THEM to use YOUR specific approach to development.

Dockerize a SvelteKit App Using PNPM

7 minute read Published

Optimized development workflow using SvelteKit, PNPM and Docker.

Developers don’t just use pNPM because they hate NPM (that’s what Yarn is for). They use it because node_modules are the heaviest objects in the universe. But there are other things to love about PNpm besides its ability to shave gigabytes off your hard disk and saving you a considerable amount of time wasted mucking around with node_modules. Here I’ll show you how to use pnpm fetch to increase the speed of your Docker builds using an --offline install.

Deadsimple Lazyloaded Images in Svelte

2 minute read Published

Easy to implement lazyloading in Svelte perfect for image galleries.

Next to text compression image lazyloading is one of the best ways to improve performance on a website. And with Svelte its no different. So here I’m going to share a radically simple way to accomplish lazyloading with Svelte.

Firefox Browser Alternatives on Linux

3 minute read Published

Two alternatives to Firefox you should check out in 2022.

This is a quick reboot of a post I wrote two years ago called Alternatives to Firefox on Manjaro Linux. The original post was written when it was disclosed Firefox had suffered multiple zero-day vulnerabilities. And at the time I was running an Arch derivative called Manjaro Linux on my 2015 MacBook Pro.

Today I want to share my two favorite browsers for Linux, which I recently installed on my 2019 MacBook Pro running Arch Linux. Rather than getting my browsers from the AUR these days I’m now installing with Flatpack for speed and simplicity. If you’re not familiar with Flatpack I encourage you to visit their website and read up as it can save you a lot of time no matter what distro you’re running.

So here they are. My two favorite alternatives to Firefox for Linux.