it’s still the weekend, right? It was a lazy sofa sunday spent mostly on automation research (Ansible and Foreman) and time ran away before sending out the newsletter. But since I had planned this issue as a “special command line edition” and non cli links are adding up as well I thought “lets finish this issue, before the next weekend arrives!”
Like already written, this issue will focus on handy cli tools and tools that help you navigate your server. Both aspects that are not directly self-hosted related, but skills that tremendously help avieving the state of self-hosting.
Sampler. Visualization for any shell command. Link to heading
A few issues back I had the topic of self-hosted start pages, but these kind of portals are not restricted to the browser. Sampler is a tool to present the output of locally running commands (like weather, docker status, etc) in your terminal window.
Using VS Code/Codium as your main terminal/ssh client Link to heading
Anthony has published a nice blog titled Visual Studio Code is now my Default SSH Client and Linux file Editor! outlining how he uses Visual Studio Code to interact with his linux boxes. My workflow is actually quite similar: I am using my Chromebook or my work laptop to connect to connect to headless linux boxes where I my actual data is stored. Being able to use the
code command within the VS Code terminal is also convinient as it easily spins up additional editor tabs or windows for more
serious in-depth text editing, than vi & co allow for.
Migrating from Docker to Podman Link to heading
There is a lot of uncertainty around Docker (as a company) and one alternative for running containers is Podman. In the blog Migrating from Docker to Podman a full scenario is explained for moving containers to it. For me personally
docker-compose is an invaluable tool and while Podman can be an serious alternative for Docker, podman-compose is not as far, yet.
Docker Swarm is here to stay Link to heading
Speaking of uncertainty around Docker. One of the components that were on the edge after the aquisition of the Docker Enterprise business was Docker Swarm. Swarm can be an alternative for small scale deployments, wher Kubernetes would add too much overhead. Luckily Mirantis, the company buying the Enterprise business off Docker Inc. and itelf an advocate for Kubernetes, has now changed it’s course and has fully commited to Swarm. Read more at Mirantis will continue to support and develop Docker Swarm.
Introduction to testing Ansible roles with Molecule leveraging Docker inside Docker and Goss. Link to heading
Easy management of local git checkouts Link to heading
myrepos is kind of an old-school tool already, but can be valuable if you are regulary starting over with your workstation or simply follow a lot of git repositories.
mr can parralise checking out repos, adding remotes and pulling in changes.
In addition to this github2mr is an interesting add-on to easily pull your existing repositories from Github.
Buy maybe I’ll (ab-)use Ansible for that in the future?
Collection of small utilities Link to heading
sysadmin-util is a collection that has been around for years as well already, some files last touched seven years ago. Some of its tools I use one a regular bases, like
when-up that executes a command once a remote target responds. Definitely worth having a look at.
Create local mirrors for apt repositories Link to heading
Having control over your environment is one of the key motivators for going self-hosted. aptly is a handy tool to pull in external repositories, take snapshots of their state and then publish them back to the local network.
Tools for easy container registry interaction Link to heading
(apt) package repositories are not the only way to retrieve applications nowadays. In addition to this container registries hold many of the pieces required to run ones infrastructure. reg is a nice and small tool to not only explore a given registry, but can also be used to generate a HTML representation of your own registry.
And while its always more secure to build your own containers (for audition purposes) at some times you may want to reuse an existing container image, but store it locally. This is (among other things) easily possible with skopeo.
The manual way to the above would be to pull an image, re-tag and then publush it to the local registry. So this is definitely something that can be made easier.
Use Tmux to preserve & resume remote connections Link to heading
This is maybe also something that not everyone is totally aware of, yet. The usage of terminal multiplexers (screen in the past, nowadays mostly tmux) can help in resuming remote connections in case a connection is lost.
In the blog Autostart Tmux Session On Remote System When Logging In Via SSH the author shows how to automatically start and resume a session in tmux upon logging into a remote system.
But similar to rome. there more than one way to achieve this. I am using the following snippet in my sshrc script when connecting to other systems:
# -S Share a socket in a fixed directory so that sessions for me are retained and reused local TMUX_COMMAND="/usr/bin/tmux -S $TMUXDIR/tmuxserver" if $TMUX_COMMAND has-session; then SSHHOME=$TMUXDIR SHELL=$TMUXDIR/bashsshrc exec $TMUX_COMMAND attach $@ else SSHHOME=$TMUXDIR SHELL=$TMUXDIR/bashsshrc exec $TMUX_COMMAND $@ fi
The one main difference here is that sshrc copies the bashrc file to the remote host on connection, hence it will always be there, even when you connect for the first time. But as it seems the original repo, formerly located at https://github.com/Russell91/sshrc does not seem to exist anymore.
Managing Kanban boards on the cli Link to heading
There is hardly anything that cannot be done on the command line. Even kanban board can be managed through it. What is particularly interesting in taskell is that it acutally stores it’s data in markdown files, which makes it easy to version control it through git.
Secure remote backup storage with Restic Link to heading
Restic is my backup program of choice for a few years already. It runs on your local system and is capable of connecting to a remote instance, which could again be restic, rclone or a S3 compatible storage. For the latter I am making use of Minio together with a little help from restic-tools.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems Link to heading
And last, but not least my most recent discovery. Lynix can be used as a local scanner to discover potentially insecure configuration of a given system.
Updates Link to heading
- Commander v2.0 - Commander is a tool to test script execution. In it’s latest release it has received native support to test script within Docker containers for local isolation.
Do you know of a project that should be featured here? Link to heading
I am always looking for new projects to try out! Just send an email to firstname.lastname@example.org.
Have a nice
weekend rest of the week!