SaltStack, DNS and TLSA

Lately I blogged about how am I managing my DNS entries via SaltStack. So far it was about being a great time saver, but nothing that you couldn’t do manually with considerably more effort. This time, let’s take a look at something that would be in some setups almost impossible manually - adding TLSA records for your webs. What is TLSA TLSA records specify SSL certificate used by specified service.

SaltStack, DNS and ssh

In my last post, I showed how we can combine SaltStack and Knot to have some basic records filled your zone. As I was introducing the concept, I picked the most obvious and basic entries. But since we have a hammer now, everything starts to look like a nail. And there is much more that can be stored in DNS apart from IP addresses. Let’s take a look at some other examples and how to get them automatically filled in by SaltStack.

Managing DNS via SaltStack

Running services online without domain is hard. More services you run, more DNS entries you need to manage. More services you run, more servers you need to manage. And when you manage several servers, it’s time to use some orchestration. But what about all those domains associated with those servers and services? Can’t that be also part of the orchestration? Somehow automated? Of-course it can. Let me tell you how am I handling it for my domains and servers.

Orchestration via SaltStack

This post will be about my approach to something that is almost obsolete. It is about orchestration. Back in the old days, people used to have a real computers or virtual machines and used to install and configure software. And also maintain it for years to come. I know that nowadays, you just create a bunch of pods, each one consisting from multiple containers you downloaded from DockerHub and whenever you need to reconfigure or update something, you just throw them away.

Joining the fediverse

Some time ago, I joined the Fediverse. Why and why now? I actually gave it a try few times already I tried it many years ago with Friendica. I actually run it for a while and posted there but I can’t find any traces of it anywhere so it was a really really long time ago (sometime before 2015). It was nice, but social network by myself is kinda boring so it eventually died out.

Using Password Store with Saltstack

I’m using Password store for a long time and I love it. It is simple, intuitive and it just works. Recently I started adding some more formulas into my Saltstack and I started searching for a way how to store some password that are going to be set via Salt. It stand to reason to check whether I can use Password Store with Salt somehow. I found that there is pass renderer already part of Salt itself. I checked it out, but in the end, I ended up forking it. Continue reading to find out how, why and what is the result and what is my final setup.

Baofeng BF-T1 review

Recently I decided that my family needs walkie-talkies. My daughter started riding a bike and I needed to stay in contact with her when she ventures too far. Ideally without shouting my lungs out. For my use case I don’t need really big range, I need something cheap that works and supports some kind of filtering so we wouldn’t be disturbed by people using the same frequency. For the future use, VOX functionality and headset would be a plus.