boyvinall

Renew GPG key

Given that your key has expired.

$ gpg --list-keys
$ gpg --edit-key KEYID

Use the expire command to set a new expire date:

boyvinall

Nginx TLS SNI routing, based on subdomain pattern

Nginx can be configured to route to a backend, based on the server's domain name, which is included in the SSL/TLS handshake (Server Name Indication, SNI).
This works for http upstream servers, but also for other protocols, that can be secured with TLS.

prerequisites

• at least nginx 1.15.9 to use variables in ssl_certificate and ssl_certificate_key.
• check nginx -V for the following:

  ...
  TLS SNI support enabled

boyvinall

Every so often I have to restore my gpg keys and I'm never sure how best to do it. So, I've spent some time playing around with the various ways to export/import (backup/restore) keys.

Method 1

Backup the public and secret keyrings and trust database

cp ~/.gnupg/pubring.gpg /path/to/backups/
cp ~/.gnupg/secring.gpg /path/to/backups/
cp ~/.gnupg/trustdb.gpg /path/to/backups/

or, instead of backing up trustdb...

boyvinall

Keybase proof

I hereby claim:

• I am boyvinall on github.
• I am boyvinall (https://keybase.io/boyvinall) on keybase.
• I have a public key whose fingerprint is 000F C97B 7DCC B6AE BD26 A563 4B7B E54A 6A59 78B3

To claim this, I am signing this object:

boyvinall

import logging
logging.basicConfig(level=logging.DEBUG,
                    format='[%(created)s] p%(process)s {%(pathname)s:%(lineno)d} %(levelname)s - %(message)s',
                    datefmt='%H:%M:%S',
                    filename='/path/to/foo-' + time.strftime("%Y%m%d-%H%M") + '.log',
                    filemode='w')

console = logging.StreamHandler()
console.setLevel(logging.INFO)
formatter = logging.Formatter('%(levelname)s %(message)s')