Setting up Prometheus Alertmanager

I have a pretty standard Prometheus, bunch of exporters and Grafana setup at home. This is mostly used to monitor different aspects of my house, like the exporter I have for power usage. However, while trying to figure out the cause of a node exporter crash I found myself in need of an alerting system, so that it could tell me when the node exporter crashed instead of me just checking on a daily basis to see if it had.

»
Author's profile picture Daniele Sluijters on monitoring, prometheus, and alerting

Arch Linux and firmware/BIOS updates

One area Linux has made quite a lot of progress in is the ability for people to get firmware and BIOS updates for their devices. This used to be a massive PITA but thanks largely to the Linux Vendor Firmware Service and its associated tooling (fwupd, fwupdmgr) this has become a lot simpler. Quite a few vendors support this nowadays and deliver firmware and BIOS updates through LVFS. Most of this is thanks to @hughsie so if you run into him, say thank you or offer him a drink!

»
Author's profile picture Daniele Sluijters on linux, firmware, and fwupd

Thunderbolt security modes and Linux

With my XPS 13 up and running I ran into some issues with the Dell WD15 (USB 3) dock. It mainly caused my display manager to crash whenever I would plug it in with (with my external screen attached), except after a fresh boot. This is of course wildely unhelpful but a colleague told me many folks had issues with the USB 3 version of the dock and to get a TB16 (thunderbolt) instead.

»
Author's profile picture Daniele Sluijters on linux

Arch Linux and the XPS 13 9360

After about 3 years it was time to refresh my hardware. Though I’ve long used MacBook Pro’s as my daily drivers the new MBP with touchbar wasn’t getting me excited and the new keyboard feels downright awful to me. So, I decided this was going to be the year of the Linux Desktop and I’ve switched to a Dell XPS 13 (9360, Kaby Lake) Developer Edition (comes pre-loaded with Ubuntu).

»
Author's profile picture Daniele Sluijters on linux

Go's zero values and (de)serialising

As you might’ve noticed from other blog post entries I’m suddenly all into directory services. This happens b/c that’s what I’m currently working on. As such I find myself needing to manipulate data in a DIT quite a bit and writing ldif’s by hand is not my idea of fun. Instead I set out to create a small library that would essentially allow me to parse the result of LDAP search result entries into a Go struct and transform those back into add or modify operations.

»
Author's profile picture Daniele Sluijters on go

Directory Services 101: the basics

This post is part of a series on directory services. Current available installments are:

»
Author's profile picture Daniele Sluijters on tech

Directory Services 101: terminology

This post is part of a series on directory services. Current available installments are:

»
Author's profile picture Daniele Sluijters on tech

Directory Services 101: introduction

In this series of posts I want to talk about directory services. The directory allow you to model things like people, computers, groups and their relationships in a central database. This service can then be used for authenticating users, managing group memberships and a whole lot more.

»
Author's profile picture Daniele Sluijters on tech

Monitoring my WiFi access point with Prometheus

My home WiFi router is an ASUS RT-AC66U. It’s a great device with a tolerable manufacturer provided UI and quite a lot of advanced features. Though it’s marketed as a WiFi router I use it as a WiFi access point and switch, it doesn’t route. I have a Linux box that does that.

»
Author's profile picture Daniele Sluijters on monitoring, golang, and prometheus

GeoIP based filtering with iptables

One of the issues I run into when running a server, at home or anywhere else, is the crazy amount of random attempts at SSH logins. My SSH configuration is strict enough that most of these attempts just die on the key exchange, they never even get past the handshake. Then there’s fail2ban ensuring you get temporarily blocked if you’re obviously trying to brute force anything.

»
Author's profile picture Daniele Sluijters on security, iptables, and geoip