guest@mukunda.com:/blog# ./index
* Message of the Day (9/10/22)
* Have you ever contemplated how much complexity there is
* behind nature?
* I'm a self-taught programmer and techops engineer. I work
* remotely and pretty much live online. Hope you find
* something useful.
* Twitter: twitter.com/_mukunda
* GitHub: github.com/mukunda-
* LinkedIn: linkedin.com/in/mukunda-johnson
* Email: mukunda@mukunda.com
* Browse articles: 2024, 2023, 2022, 2021, 2020
------------------------------------------------------------
Recent Articles
------------------------------------------------------------
************************************************************
* Name: Large Language Models and Humans
* Date: 2024-11-03
What kind of executive doesn't want to leverage the latest
technology to cut operational costs and drive their company
into the future lane?
I've spent a bit of time over the last year considering what
is and what is not great about LLMs. What is great is
assistance - letting the model help you find something,
where the input is arbitrary. That's a no-brainer, given the
massive popularity of ChatGPT for solving problems or
getting details about something.
...
************************************************************
* Name: Brittle CloudFormation Stacks
* Date: 2023-07-27
Sorry for the rant article, but this has been a major pain
recently.
Something that all SaaS workers can agree on: things will go
wrong. In addition to this, the things that go wrong
typically need to be fixed immediately. Minutes, not hours
or days.
This is where CloudFormation caught me offguard: it's not
flexible enough to align with that requirement.
...
************************************************************
* Name: Using CORS headers with NestJS
* Date: 2023-07-02
Happy weekend everyone. I've been writing a project with the
NestJS Framework recently. If you've come across this
article, you've probably already bumped into a handful of
other articles that tell you how to "enable cors", but
really nothing useful on how to set options for each
endpoint. I mean really, who would actually want to enable
a single set of CORS options for their entire site?
Here is an example of using guards to decorate a method with
CORS headers:
...
************************************************************
* Name: TypeScript package example
* Date: 2023-02-20
A lot of configuration can be stuffed in a package.json
these days. Here is an example package.json for TypeScript,
ESLint and Jest, for creating an npm package or such:
{
"name": "@mukunda/{{name}}",
"version": "1.0.0",
"description": "{{description}}",
"main": "lib/{{name}}.js",
"types": "lib/{{name}}.d.ts",
...
************************************************************
* Name: Jinja and YAML
* Date: 2023-02-06
You'd think that Jinja2 templates for Python would be a
little more friendly towards markup that enforces spaces,
e.g. YAML.
I was working with AWS CloudFormation templates today and
wanted to do some convenient things like this:
AWSTemplateFormatVersion: "2010-09-09"
Resources:
{% include "ec2-iam-profile.yml" %}
...
************************************************************
* Name: Getting Around Existing CSS for Overlays
* Date: 2023-01-22
Despite starting my CSS adventures probably two decades ago,
I'd never heard about "specificity" until now. I figured CSS
just did things top-down. That makes sense to me, and I
don't see why specificity was ever implemented to begin
with. What we get are side effects that make it hard to put
two separate components together. On top of that odd rule,
there is no easy way to undo element-level styles.
Say a site has this CSS:
...
************************************************************
* Name: DNS Resolution From Javascript
* Date: 2023-01-13
I had an interesting problem today - resolving an SRV record
from Javascript client-side. There's no native way for the
browser to query a DNS server, so you have to get a little
clever.
A usual approach is to delegate the DNS resolution to an API
endpoint on your webserver. However, in this case I'm
developing a browser extension, so there isn't one known web
server.
...
************************************************************
* Name: Refreshing Access Tokens
* Date: 2023-01-12
I've found myself with a short battle justifying the
complexity that is the Oauth2 refresh strategy. If you do a
quick search on it, you'll find a handful of controversy
discussing whether it is worth the added authentication
complexity at all.
One argument is application performance. For example, you
should not store a refresh token in the database in plain
text, since that might get compromised. Hashing takes time,
especially password hashing, which can consume a ton of
...
************************************************************
* Name: OpenVPN and certificates
* Date: 2022-09-25
So I wanted to set up a secure channel from my laptop to my
workstation. Little did I know just how much effort is
required to do it properly.
OpenSSL configuration and "proper" certificate signing is a
bit of a dark art, so let me help you navigate through some
of it.
OpenVPN comes with an "easy-rsa" program to help you build
and sign certificates for your VPN profiles, but the name
...
************************************************************
* Name: Certbot with DNS Challenge
* Date: 2022-07-23
Over time with my test environments I've slowly improved my
SSL certificate setup. It comes naturally when you face odd
problems during testing due to certificate validation
errors, especially when the product you're dealing with
keeps quiet about connection failure reasons.
At some point I wrote a few scripts to easily issue
certificates to test domains from a selfmade CA certificate,
but the problem with this approach is issues with revocation
lists (since the CA doesn't really exist) and getting the
...
************************************************************
* Name: Learn Perl
* Date: 2022-07-17
This weekend I sat down and learned Perl, or at least a
workable subset that I could pick up in a day.
Earlier, I was writing a script in bash, and, while writing
a particular tedious string of piped commands, I considered
briefly what alternatives there might be.
I mean, look at this thing:
db_dump_latest=$(aws --profile "$AWS_PROFILE" s3 ls s3://$binstore_bucket/$instance_id/ |
...
////////////////////////////////////////////////////////////