JWT implementation details

I recently implemented JWT (JSON Web Token) based auth on an embedded device using nginx with embedded Lua. Following are implementation details. refresh and access token are created as JWT (signed with variable JWT_SECRET) refresh token is delivered as cookie and stored on the client. It is valid for 24hrs only for path /jwt/refresh. access …

Tricks for ProxMox VE

Free repo for testing servers To get updates for your testing servers running ProxMox VE you can use following repo which is not meant for production use but works well for testing purposes. Just add the following lines to /etc/apt/sources.list: Uncomment the enterprise repo in /etc/apt/sources.list.d/pve-enterprise.list and run apt-get update afterwards. You can now run …

Upgrading an application on Elastic Beanstalk from Amazon Linux 1 to 2

These days i have the pleasure to upgrade an application running on AWS Elastic Beanstalk from platform Multi-container Docker to new platform Docker. The former is based on Amazon Linux 1 (AL1) while the latter runs on Amazon Linux 2 (AL2). I follow this guide. I have encountered the following advantages so far: links between …

Magento and timezones

Today i had the issue that after dumping and importing a Magento Database from one instance of MySQL into another one the order dates got transported 2 hours into the future. How come?!? Investigation and testing showed that the source database was running with timezone „GMT“ aka „UTC“ aka +00. The target database was running …

Today i corrupted MySQL…here’s how

If you want to change MySQL setting innodb_log_file_size to improve performance the top answer on stack overflow says you have to delete the redo log in /var/lib/mysql/ib_logfile* so that MySQL creates it with the new size. Before deleting you obviously shutdown mysql. But a normal shutdown of MySQL is a fast shutdown which might leave …

Docker in production

Use option userland-proxy=false to avoid having a separate docker-proxy process per mapped port from a container to host. Somehow this option survived with default true into Docker 18.09. It even isn’t documented anymore: Docs for Docker 17.09 still had a section about option userland-proxy and a good explanation how it works. This page even mentions …