Terraform state management — best practices I follow religiously

State is Terraform’s Achilles heel and nobody really talks about it until something goes wrong. I’ve been using S3 backend with DynamoDB locking from day one — I’ve seen enough horror stories from teams that didn’t. Here’s what I do and why.

GitHub Actions replacing Jenkins — what actually got better

I finally killed my Jenkins server last month. It had been running on a tiny VPS for three years, eating 512MB of RAM just to exist, and breaking every time I forgot to update a plugin. GitHub Actions has been around long enough now that I gave it a real shot — not just for toy projects, but for the stuff Jenkins was actually doing.

Mirkotik router backup with SSH and SFTP

Everybody knows how important it is to backup. I use Mikrotik Routers in my home network and have quite complex configuration which I would not want to write again from scratch. Prior to this day I have used scheduled script on Mikrotik to create backups locally, transferring it out of router itself into another location is great way to increase backup durability.

Sentry 9 - fix for PagerDuty legacy integration.

Recently I’ve been involved in investigating why PagerDuty integration with sentry 9.1.1 doesn’t work. Same thing was happening to 9.1.2 version. The problem was not visible in UI but in logs such error message was repeating:

19:13:04 [INFO] sentry.plugins.pagerduty: notification-plugin.notify-failed. (plugin=u’pagerduty’ error=u’Error Communicating with PagerDuty (HTTP 400): Event object is invalid’)

No incoming event on PagerDuty side assured me that this problem is real.

Migration to Google Cloud Dns from different provider.

Decision to pick DNS provider should be, in my opinion, based on currently used cloud environment. If you use AWS then Route53, GCP then Cloud Dns, etc. It’s easier to manage it and audit then. Not the case for multicloud usage but most of the companies I worked for were using single cloud.

If DNS domain was registered before cloud adoption then your task might be to migrate DNS. Such migration is not uncommon and in this blog post I will write about changing NS records from godaddy to google Cloud Dns.

Mass file renaming containing nonASCII characters to ASCII

Recently I found a problem with playing samba resources with VLC. Polish characters were breaking playback because file could not be found. Strangely enough this happened only for files with lowercase Polish letters like ąśżźćłóęń.
Removing those letters helped to fix playback on test file but I had more than one file to fix.

I tried to find a way to do rename all files quickly and easy and get rid of nonASCII characters and in this post I’m providing easiest, quickest and robust way to this.

Infrastructure continuous deployment with terraform and atlantis

Atlantis is a self-hosted golang application that listens for Terraform pull request events via webhooks. I’ve incorporated it in my recent engagement in CriticalStart but also I use it in my private infrastructure.

I think the idea is great for making terraform workflow more easy for infrastructure teams. With atlantis every terraform change need to go through review process. When PR is created it automatically run plan displaying its output as a comment. Applying is also done by adding a comment. It’s highly configurable.

Using atlantis allows to closing whole terraform workflow on PR page! I always had the feeling that checking out branch and running terraform locally is a waste of time. Now you can just look at plan in PR, do the review and continue with other work.
Sounds good? Let’s dig it!

Free git repository for private projects - GitHub vs GitLab vs BitBucket

Choosing provider for private git repositories back in the day was though.

GitHub is most known and I’d even say iconic. They started to offer unlimited private repos for paid plans in 2016.
GitLab and BitBucket at that time offered unlimited private repositories. Wow! They got me.
Currently also GitHub provides unlimited private repositories and with recent introduction of GitHub actions I think it’s good time to do the comparison between them and see who provide best services in free plan.

Note:
In this post I’m focusing on free plans but you are free to explore paid option.

Fighting Google Analytics bounce rate

More and more updates on my blog made me look into another aspect of internet blog which is monitoring web traffic. I have google analytics enabled since the beginning but recently I have also added bing and yandex. Duckduckgo which is my main search engine don’t have webmaster tools. To be fair probably just google cover over 90% of search traffic so any additionals have small impact.

When I looked into google analytics I saw bounce rate 100% on some acquisition types and time spent 0 seconds.
After some investigation I have both answer and way to improve that.

Jekyll upgrade to version 4.0.0 with theme change

Recently I’ve written a post about updating my blog. As I have a lot of ideas for new posts, it’s natural that I wanted to be sure jekyll is correct technology for me. I did some checkups and yeah! jekyll is the best technology for me right now.
Github support, development, git push to deploy changes without any additional configuration or component is making it pointless to migrate away from it.

This post will be short but for me it touches important topic of supporting and maintaing technology used to render this blog.