If you’re not familiar with Apache’s Guacamole project, it is a clientless remote desktop gateway that allows you to access your desktop from any web browser. It’s actually pretty cool software that I’ve been using quite a bit lately. As a Firefox user, however, one little annoyance has been that direct copy and paste has been a problem. The Guacamole docs have a brief section that explains how to copy and paste using the Guacamole menu bar, but that is combersome and not very user friendly.
Use cloud-init to build LXD/LXC containers Over the last few months I’ve been reading and writing a lot about containers using podman on this site. I even went so far as to move this site onto the podman container platform, though I’ve recently de-containerized this site. Managing each container image was getting exhausting and in the long run I really didn’t see the point in all the extra work, so I carefully backed out my container changes, and my workload on the web server has gone way down.
Trust but verify This post is about the audit daemon (auditd) that is available for most Linux systems. Recently I’ve been looking at alternative ways to monitor sudo users on the servers I manage. Generally speaking it’s a good practice to keep an audit trail on managed systems. From a purely security perspective the more auditing you have on a system the easier any incident response should become when you need it.
Time to hang the mission accomplished banners! This site is 100% powered by Podman containers! It’s been a long, hard road but we made it! Around 2 months ago, way back at the end of May, I said that I was going to migrate this site, along with the others I host into containers using the Podman container engine. As of now (2 weeks ago really) that work is done. Every part of this site has been shoehorned into containers.
Because apparently I can’t leave well enough alone. In this post, I’ll dive into how I went about setting up an Nginx reverse proxy for this WordPress site, and some of the challenges I ran into along the way. This was a task that proved to be more challenging than I anticipated, and there were moments that I questioned my ability to get it working. - It’s also got me wondering if my next project should be migrating to a static site generator.
If you’ve been following along with my attempt to migrate this Wordpress site into container services with Podman then you will be happy to know that I’ve achieved the first milestone. The database for this site now resides pleasantly in a rootless Podman container. One of the major reasons I wanted to try Podman was that, outside of installing the package itself, everything I wanted to run could be achieved as a non-root, non-privileged account.