Cristian Livadaru's Blog

My personal view on things

Authentik Authorization Webhook

We have a custom application that needs to authenticate users against Authentik, but we also need to assign this user to a group in Paperless NGX. To accomplish this, we will use the Authentik Notification Webhook.

Posted by Cristian Livadaru on Wednesday, October 2, 2024

Sync UCS LDAP to Authentik

We decided to use Authentik as our SSO solution, but we need to sync the users from our UCS LDAP to Authentik. The LDAP sync is not that hard, but there are some pitfalls to look out for to getting the right values mapped from LDAP to Authentik.

Posted by Cristian Livadaru on Thursday, August 22, 2024

Database Backups in Docker with Tailscale

Running a Rails application in Docker, with a PostgreSQL is nothing new, the database however needs to be reachable from another site through where Tailscale comes in. This might make backups a bit more complicated, but it’s not impossible.

Posted by Cristian Livadaru on Friday, August 9, 2024

Postfix complains about Cannot start TLS: handshake failure

Ok, this was a huge waste of time going down this rabbit hole. Postfix complains about handshake failure when trying to send emails over TLS. Non TLS works fine, receiving mails via TLS works fine, what gives?

Posted by Cristian Livadaru on Wednesday, July 24, 2024

Backing up databases to Minio S3 with Docker

You have lots of databases and you want to back them up to a central location. You could use a cloud provider, but what if you want to keep the data on your own server? Minio S3 is a great solution for this and with Docker it’s easy to set up.

Posted by Cristian Livadaru on Friday, July 19, 2024

Generating let's encrypt wildcard SSL certificates with INWX and DNS challenge

Using INWX as a DNS provider for the DNS challenge with nginx-proxy-manager and Let’s Encrypt wildcard SSL certificates is easy, but what the hell is that shared secret?

Posted by Cristian Livadaru on Friday, July 19, 2024

Generating let's encrypt wildcard SSL certificates with ISPConfig and DNS challenge

Generating wildcard SSL certificates with Let’s Encrypt and DNS challenge is a bit tricky with ISPConfig. It could be very straight forward but there is a little bug in the ISPConfig API or the nginx-proxy-manager that calls the API. Here is how you can work around it.

Posted by Cristian Livadaru on Thursday, July 18, 2024

Fixing GitLab CI: dial tcp: lookup docker no such host

Another issue I keep encountering with project upgrades, which I tend to forget about, is that during the build phase on GitLab CI, the old dind (Docker in Docker) setup no longer works, resulting in a ’no such host’ error message.

Posted by Cristian Livadaru on Tuesday, December 19, 2023

Conferences with childcare

Childcare at conferences is something that I see way to little of but should be done much more often. While kids have fun and learn new things, parents can do the same. We are wasting future talent by not offering parents and children chances to learn new things.

Posted by Cristian Livadaru on Saturday, July 29, 2023

💥Solving max_grant_frames under XEN

Being hit with this problem a second time, I noticed that the initial fix was not enough. There are pieces of informations scattered around several mailinglists, forum posts, blogs and also a very detailed technical explenation on what is happening under the hood, but I couldn’t find a post describing the solution. So here goes my take on how to solve this.

Posted by Cristian Livadaru on Tuesday, April 18, 2023

avatar

Dad, Software Developer, Love open source and automating things

QUICK LINKS
FEATURED TAGS
authentik children quotes docker fusionpbx kids letsencrypt life linux nginx-proxy-manager phishing raid rant raspberry security ssl sysadmin voip webdev xen