systemctl daemon-reload and Puppet

I manage my machines at home (and at work) with Puppet, a configuration management tool. Sometimes one of my manifests needs to change a systemd service’s configuration – for example, if the upstream package didn’t ship with a unit file, or to override some settings in a .service.d directory. systemctl daemon-reload needs to be executed after changing configuration in the /etc/systemd directory, but Puppet doesn’t have built-in support for this.

Read more

Compressing X.509 certificates

I run a Certificate Transparency monitor which retains a copy of all the certificates it downloads. As CT logs are append-only, the monitor’s disk usage keeps creeping upwards. I’m always on the look out for ways to optimize disk usage to delay the need to buy bigger disks!

Read more

Linux tproxy server in Java

tproxy is a feature in Linux which allows an intermediate router to run a proxy server which can intercept and modify network traffic transparently (i.e. the end systems cannot tell that this has been done, as the source/destination IP addresses in the packets are not modified.) tproxy also works with IPv6 whereas non-transparent mechanisms such as the iptables REDIRECT target do not because of the lack of NAT support in the Linux IPv6 stack in older kernels.

Read more

Using IntelliJ IDEA's javac2 in Gradle

JetBrains’s IntelliJ IDEA uses a wrapper around the Java compiler, named javac2, to provide additional support for compiling .form files produced by the IDE, and for processing @Nullable and @NotNull annotations. It is naturally supported inside IDEA itself, and also by Apache Ant. However, other build systems like Gradle do not support it out of the box. Supporting it is useful - e.g. if you wanted to run a continuous integration server, which means you cannot use IDEA for building, and want it to compile your forms. Also, it could be useful if other developers on the same project used a different IDE.

Read more

Aggregated Javadoc with APIviz in Gradle

Gradle is a relatively new Java build system, which mixes some of the ideas from Maven and Ant: the well-defined structure, multi-module support and dependency management from Maven, but also the customizability from Ant.

Read more