Luis Muñoz

A space of my own

NFS Mounts Fail at Boot

Recently I encountered a problem with mounting NFS filesystems at boot. In my case – and that of a few people who have asked related questions at various fora – the issue had to do with boot dependencies and race conditions. In this post I am explaining my issue and how I resolved it.

Notes on Running Standalone Redash – Updated for Python3

Redash is an excellent tool to quickly build stunning dashboards to present your data. I use it to visualize data from my PostgreSQL databases for various projects, with the reliance in containers being a bit of a letdown for me. This post collects some notes on deploying redash as a group of standalone processes governed by systemd on my Linux servers. I can even run multiple instances on a single box, which is useful for testing new code versions or providing fully separate dashboards to different projects.

Notes on Database Design

This is the beginning of a series of posts where I’ll explore various lessons — choices — that can be made to better leverage PostgreSQL for your own projects. In this series I’ll go over some loose principles that I always keep present and that hopefully, will be of help.

Postgres and TLS Certificates

The PostgreSQL that ships with most linux distributions is setup with Snakeoil TLS certificates by default. Managing these certificates is not any different to any other service, yet for some reason this is an often neglected task that leaves your database connections exposed to certain types of attack. This post discusses the — very few — steps required to use Let’s Encrypt certificates to secure your PostgreSQL sessions as well as an easy way to monitor your servers.

Let's Encrypt Proxy DNS Authentication

Certain use cases preclude DNS dynamic updates to a zone for technical, policy or other reasons. This post explains a simple way to enable automatic DNS-based authorization for Let’s Encrypt certificates – and perhaps for other vendors’ – by way of delegating the authorization challenge to a trusted DNS zone.

DNS with Dynamic Updates

I manage my own DNS servers for my personal projects and some of the causes I support. This gives me absolute control over the operation. Recently I decided to return to a 100% dynamically updated setup – where records can be added securely and in real time from anywhere. This post includes some notes on how to do this easily.

Handling Database Schema Changes

Most of the applications I work with involve storing, transforming and querying data from relational databases. Over the years I’ve developed a pattern to manage those changes that has proven to be helpful, involving a minimum of universally available tools. This post introduces this pattern in the hopes that it becomes useful for others.