Patrick Kerwood | LinuxBlog.xyz

Running a Terraform Workflow in GitHub with Slack Notifications

March 11, 2025 - Patrick Kerwood

Automating infrastructure deployments using Terraform and GitHub Actions is a common practice. In this post, we’ll walk through setting up a Terraform workflow in GitHub that runs a Terraform Plan and sends a Slack notification with the diff whenever there are changes detected.

Traefik v3 Configuration with Let's Encrypt

March 5, 2025 - Patrick Kerwood

In this post, we’ll walk through setting up Traefik as an application proxy with Docker Compose, including automatic provisioning of Let's Encrypt TLS certificates via HTTP and DNS validation.

Confluence Updater

February 2, 2025 - Patrick Kerwood

If you prefer keeping your documentation in Git, love writing in Markdown, but need to publish it in Confluence, Confluence Updater is the perfect solution. This tool allows you to set up a CI/CD pipeline that automatically converts Markdown to HTML and uploads it to Confluence Cloud whenever changes are made.

Using multiple SSH keys for Github

December 26, 2024 - Patrick Kerwood

If you use GitHub, you likely rely on an SSH key to clone repositories and sign commits. However, when working with a GitHub Enterprise-managed account, you must set up a separate SSH key because the same key cannot be shared across different accounts. This guide will show you how to create and configure a new SSH key for a second account. Additionally, you'll learn how to configure Git to automatically apply specific settings for repositories that match certain URL patterns.

Setting up Workload Identity Federation in Google Cloud for Github pipelines

June 6, 2024 - Patrick Kerwood

Setting up authentication for pushing images to Google Artifact Registry from a Github pipeline is usually done by creating a static, forever valid, credential file for at service account, which will probably never be rotated. An alternative to that is to use Workload Identity Federation to exchange a Github issued JWT token with a Google token and use that for authentication.

Creating a bash script with commandline arguments

May 5, 2024 - Patrick Kerwood

When creating a good bash script for others to use, it's important to create a good user experience. Creating good usage arguments makes all the differnce and really makes your script look proffesional instead of just a list of commands bunced together in a file.

Local Development With Mirrord

November 30, 2023 - Patrick Kerwood

With Mirrord you can intercept traffic for your pods in your Kubernetes cluster, which allows you to develop your application locally as if it was deployed in your cluster. Utilizing the pods network, environment or even the filesystem. In this post I will be writing some examples that I personally use.

Creating Kubernetes CRDs with Rust

June 19, 2023 - Patrick Kerwood

You can extend Kubernetes with your own custom objects, but before you can do that you will need create a Custom Resource Definition so that Kubernetes knows what the object is allowed to look like. In this post I will create a very simple Kubernetes CRD for a Book kind using Rust and kube-rs.

Setup Google Cloud Workload Identity in GKE

June 6, 2023 - Patrick Kerwood

Using a Google service account in your GKE cluster is easy, just create the credential file, apply it as a secret and it's ready for use. But now you have a long lived credential that, if compromised, can be used from anywhere any time. Instead you can use a Kubernetes service account and Google Workload Identity to authenticate to Google Cloud. No need for credential files anymore.

Signing a Certificate with a CA

April 14, 2023 - Patrick Kerwood

In this post I will use OpenSSL to create a Certificate Authority key pair, a certificate private key with a Certificate Signing Request with Subject Alternate Names and lastly I will sign the CSR with the CA.

Previous 1 2 3 4 5 6 Next

Running a Terraform Workflow in GitHub with Slack Notifications

Traefik v3 Configuration with Let's Encrypt

Confluence Updater

Using multiple SSH keys for Github

Setting up Workload Identity Federation in Google Cloud for Github pipelines

Creating a bash script with commandline arguments

Local Development With Mirrord

Creating Kubernetes CRDs with Rust

Setup Google Cloud Workload Identity in GKE

Signing a Certificate with a CA

Creating Azure App Registrations with Terraform

Setting up i3 on Fedora

Setting up Netbox with Pomerium

Setting up a UniFi Controller

Power cycling a HP server from Discord

Setting up Minio

Install global NPM packages locally

Creating a Flexget container

Setting up AdGuard Home

Automate public DNS entries with External DNS for Kubernetes

Pinniped, Kubernetes Single Sign-on with OpenID Connect

Pomerium, Kubernetes Single Sign-on with OpenID Connect

Bare Metal Kubernetes install with Kubespray and Cilium

TMUX Configuration

Configuring subinterfaces on CentOS

Ansible Container

Managing Snapshots with PowerCLI

Installing NGINX Ingress with Helm on Digital Ocean

Installing NGINX Ingress with Helm on AKS

Creating a WireGuard VPN exit node

Creating a Kubernetes service account

Installing Cert Manager with Helm 3

OS Query Launcher

VPN mesh with Nebula

Fedora Workstation Setup

Setting up the Kube Prometheus Stack

Grafana Auth Proxy Authentication

Pomerium, Single Sign-on with OpenID Connect

Collecting Docker logs with Grafana Loki

Converting and adding certificates to Kubernetes

Setup Azure Kubernetes Service with Terraform

Dump SQL DB from a container

Kolide Fleet + OS Query

Local Container Registry

PXE booting with Netboot

Traefik v2 Configuration with Let's Encrypt

Ubiquiti UAP commands

Deploying Seafile with Docker

Traefik v1.7 Configuration with Let's Encrypt

Creating a Droplet with Terraform

Keycloak Gatekeeper - OpenID Connect