Mukunda Johnson's Blog

guest@mukunda.com:/blog# ./index * Message of the Day (9/10/22) * Have you ever contemplated how much complexity there is * behind nature? * I'm a self-taught programmer and techops engineer. I work * remotely and pretty much live online. Hope you find * something useful. * Twitter: twitter.com/_mukunda * GitHub: github.com/mukunda- * LinkedIn: linkedin.com/in/mukunda-johnson * Email: mukunda@mukunda.com * Browse articles: 2024, 2023, 2022, 2021, 2020 ------------------------------------------------------------ Recent Articles ------------------------------------------------------------ ************************************************************ * Name: Large Language Models and Humans * Date: 2024-11-03 What kind of executive doesn't want to leverage the latest technology to cut operational costs and drive their company into the future lane? I've spent a bit of time over the last year considering what is and what is not great about LLMs. What is great is assistance - letting the model help you find something, where the input is arbitrary. That's a no-brainer, given the massive popularity of ChatGPT for solving problems or getting details about something. ... ************************************************************ * Name: Brittle CloudFormation Stacks * Date: 2023-07-27 Sorry for the rant article, but this has been a major pain recently. Something that all SaaS workers can agree on: things will go wrong. In addition to this, the things that go wrong typically need to be fixed immediately. Minutes, not hours or days. This is where CloudFormation caught me offguard: it's not flexible enough to align with that requirement. ... ************************************************************ * Name: Using CORS headers with NestJS * Date: 2023-07-02 Happy weekend everyone. I've been writing a project with the NestJS Framework recently. If you've come across this article, you've probably already bumped into a handful of other articles that tell you how to "enable cors", but really nothing useful on how to set options for each endpoint. I mean really, who would actually want to enable a single set of CORS options for their entire site? Here is an example of using guards to decorate a method with CORS headers: ... ************************************************************ * Name: TypeScript package example * Date: 2023-02-20 A lot of configuration can be stuffed in a package.json these days. Here is an example package.json for TypeScript, ESLint and Jest, for creating an npm package or such: { "name": "@mukunda/{{name}}", "version": "1.0.0", "description": "{{description}}", "main": "lib/{{name}}.js", "types": "lib/{{name}}.d.ts", ... ************************************************************ * Name: Jinja and YAML * Date: 2023-02-06 You'd think that Jinja2 templates for Python would be a little more friendly towards markup that enforces spaces, e.g. YAML. I was working with AWS CloudFormation templates today and wanted to do some convenient things like this: AWSTemplateFormatVersion: "2010-09-09" Resources: {% include "ec2-iam-profile.yml" %} ... ************************************************************ * Name: Getting Around Existing CSS for Overlays * Date: 2023-01-22 Despite starting my CSS adventures probably two decades ago, I'd never heard about "specificity" until now. I figured CSS just did things top-down. That makes sense to me, and I don't see why specificity was ever implemented to begin with. What we get are side effects that make it hard to put two separate components together. On top of that odd rule, there is no easy way to undo element-level styles. Say a site has this CSS: ... ************************************************************ * Name: DNS Resolution From Javascript * Date: 2023-01-13 I had an interesting problem today - resolving an SRV record from Javascript client-side. There's no native way for the browser to query a DNS server, so you have to get a little clever. A usual approach is to delegate the DNS resolution to an API endpoint on your webserver. However, in this case I'm developing a browser extension, so there isn't one known web server. ... ************************************************************ * Name: Refreshing Access Tokens * Date: 2023-01-12 I've found myself with a short battle justifying the complexity that is the Oauth2 refresh strategy. If you do a quick search on it, you'll find a handful of controversy discussing whether it is worth the added authentication complexity at all. One argument is application performance. For example, you should not store a refresh token in the database in plain text, since that might get compromised. Hashing takes time, especially password hashing, which can consume a ton of ... ************************************************************ * Name: OpenVPN and certificates * Date: 2022-09-25 So I wanted to set up a secure channel from my laptop to my workstation. Little did I know just how much effort is required to do it properly. OpenSSL configuration and "proper" certificate signing is a bit of a dark art, so let me help you navigate through some of it. OpenVPN comes with an "easy-rsa" program to help you build and sign certificates for your VPN profiles, but the name ... ************************************************************ * Name: Certbot with DNS Challenge * Date: 2022-07-23 Over time with my test environments I've slowly improved my SSL certificate setup. It comes naturally when you face odd problems during testing due to certificate validation errors, especially when the product you're dealing with keeps quiet about connection failure reasons. At some point I wrote a few scripts to easily issue certificates to test domains from a selfmade CA certificate, but the problem with this approach is issues with revocation lists (since the CA doesn't really exist) and getting the ... ************************************************************ * Name: Learn Perl * Date: 2022-07-17 This weekend I sat down and learned Perl, or at least a workable subset that I could pick up in a day. Earlier, I was writing a script in bash, and, while writing a particular tedious string of piped commands, I considered briefly what alternatives there might be. I mean, look at this thing: db_dump_latest=$(aws --profile "$AWS_PROFILE" s3 ls s3://$binstore_bucket/$instance_id/ | ... ////////////////////////////////////////////////////////////