Meetups/Infra/2025-09-15

From Noisebridge
Jump to navigation Jump to search
Noisebridge | About | Visit | 272 | Manual | Contact | Guilds | Resources | Events | Projects | WGs | 5MoF | Meetings | Donate V · T · E
Events | Hosting | Streaming | Meetup | Upcoming Events | Anniversaries | Hackathons | External Events | Past Events V · T · E
Meetups / Infra: 2025 | Template | Pad (live notes) | Jitsi (video call/screen sharing) | (M | lu.ma | discord events | chat) V · T · E

Discussion of good practices, personal security tools. Password managers, ssh keys with agent (and confirm), EFF raycatcher for IMEI stingrays.

Introductions[edit | edit source]

  • [name] - [background]. [goals for meetup, or interests to explore]
  • Smitty -- live in Toronto, here for a conference, run my own email server want to not anymore
  • Elan -- interest in cluster computing, this week looking into stress testing, bottleneck-finding, >Gbps ethernet
  • Frank -- interested in homelabbing, clusters, cluster here
  • (here)
  • Alex -- like computers, they may or may not like me, no topic requests
  • Greg -- home-labber, no topics, a few monitoring
  • Loren -- Does some scraping stuff and fights scrapers for Noisebridge. Wants to do some practical stuff for NB infrastructure.
  • Erik -- interested in more ci/cd topics, hole in my knowledge (warning, often involves a lot of yaml)
  • Kevin -- like to develop software -- if you're like me you may have a lot of itentites you use -- there's a global git config with [if config] based on remote url.
  • John -- work for UCSF, systems analyst. Have a project, colo, 50+ PB storage for researchers.
  • Mike -- software engineer, a bunch of stuff right now, building a website, installing gitlab locally, need for a firewall, firewalld
  • Cynthia -- resident retired physicial, like to help people with, Stan Osbourne, more of a consumer, want to hire to do projects. Find information for people.


Lesson or Demo[edit | edit source]

  • Read aloud: clarify for meetup. We are taking notes in a riseup pad (or I am--help appreciated, and links). We have meeting notes posted to the wiki. noisebridge.net, search Infra, or Meetups/Infra. (the Infrastructure page has a disambiguation link.)
  • Shell, web services, self-hosting, networking!
  • best pratices sales pitch
    • password managers
Bitwarden: a frustrating experience esp with reset.
Bitwarden vs 1Password: 1P really has a much better UI/UX.
Running Vaultwarden at home, it really feels like a site-install.

USB-based pw mgrs?
KeePass / KeePassX -- but syncing is a pain

For teams, SOPS (from mozilla). Only the passwords themselves are encrypted
 concerns about yaml -- not a good format, nicl, "we have better language technology, we 

gitops
recommended netplan to someone today. 
 Elan -- branching out to a heterogenous cluster -- different pis, orange, raspberry, etc.  Nice to define what you want whether you're using NetworkManager or networkd
 Erik -- concern -- if you have many interfaces on a computer, not as good.  -> Elan: I may subscribe to the philosophy more than the implementation.
 Loren -- netplan blows away other configurations, tailscale with any connection out is helpful for find a way back in

git ops, sold on infra as code. like the blowing it away, re-running as code.
sops -- https://getsops.io/
 git-tracked secrets
 can always see the structure, just the values are encrypted
 can commit the public key, allowing other people to add encrypted values
 
gitolite - https://github.com/sitaramc/gitolite -- accessing over ssh. self-hosted.


  • time to implement
annoying yaml
but whyyy, as proved in Oracle v Google, you can't copyright APIs.
gitea & forgejo -- fairly compatible actions. (gitlab -- big rails app, lots of ram usage, gitea & fork forgejo)


  • ssh / ssh-agent + git, git ssh-signing
  • ssh: keys? agent?
  • passord manager: ever? personally? with team? currently & recommend?
  • backups -- yes, in last 3 mo, last mo, last 1 wk. cronjob, backblaze,
mobile backups? (iCloud)  adb / remote-adb, rsync over adb
  • email self-hosting -- moving away / costs/challenges
  • RBO spamhaus, checking SPF -- re: spam on self-hosted email server
  • leader.com -- mysqif.com -- $20k bug bounty -- #cybersecurity discord


Secure Enclave -- apple produce for this 

TPM? TEE?
similar base functionality -- 

SoC -- system on chip

Takewaways[edit | edit source]

  • check out ssh-agent
have noticed people disabling services with ssh-agent before walking away for lunch
  • check out SOPS
  • some eff project love -- rayhunter --


https://github.com/nektos/act -- docker containers -- useful for testing github actions, developing or debugging


Questions, Discussion, or Coworking[edit | edit source]

  • [Issue]

For next time[edit | edit source]

Questions[edit | edit source]

Readings & Exercises[edit | edit source]

  • Readings
  • Exercises

Join online[edit | edit source]

  • Try it yourself!
    • Join libera.chat #nb-meetup-infra

https://www.noisebridge.net/wiki/Meetups/Infra

Retrieved from "https://www.noisebridge.net/index.php?title=Meetups/Infra/2025-09-15&oldid=86078"