Securing your server’s SSH configuration

Are your SSH log files flooding with failing login attempts? I’ve seen many questions on websites such as Stackoverflow and Stackexchange from worried people that someone is actively targeting their servers with brute-force password logins attempts. Let me get one thing straight first: you are not special! It’s part of internet life: many botnets constantly attempt to login to servers. These can be random IP addresses or known ranges such as Amazon AWS EC2 instances or DigitalOcean droplets. There’s nothing much you can do about this except for making sure that your server is securely set up.

• • •

Get insight into your server with Datadog

I have been running my blog for a few months now on a DigitalOcean droplet. Apart from the few metrics DigitalOcean provides, I never really had any insight into how my server is performing. This includes metrics like CPU and Memory, but also metrics from the applications I run to host my blog, in particular Nginx, php-fpm and MySQL.

• • •

Integration tests with Travis CI

Do you write integration tests? What about unit tests? I believe that more people say “Yes” to the second question than to the first. Which is kinda weird – for many applications, it really isn’t that hard to write integration tests. It might not even be necessary to setup your own infrastructure to run these tests. Many CI tools these days allow you to install databases, queues and such on their build agents. With your external dependencies available on your build server, a complementary sets of tests can be run next to your unit tests.

• • •

Using Let’s Encrypt for free automated SSL certificates

If you maintain your own server or servers with SSL certicates, you might know how annoying it can be to keep those certificates up to date. Especially when you have a multitude of servers, some possibly even serving the same certificates, this is a hassle to manage. Luckily, there is a solution, and its called Let’s Encrypt.

• • •

Multi-datacenter container orchestration with Nomad and Consul

Nomad is a distributed, multi-datacenter scheduler for containers, virtual machines and more. It’s a tool from Hashicorp, the company that also brings us Consul, a service-discovery tool that allows you to register and discover services. With the latest big release of Nomad (version 0.4), integration with Consul is improved which promises to significantly simplify the creation of a (multi-datacenter) Nomad cluster. You can read more about this release on Hashicorp’s blog.

• • •