Topics

Solutions

Easy solutions and ideas found after long googling or hard coding

Ansible Golang Service

Ansible Golang Service

Ansible role for deploying and running a Golang binary as a systemd service

  • Copy the files into your playbook and set the service_name and base_path to your application.
  • The service uses rsyslog to create error.log and access.log.
  • Logrotate config included.
  • Handles Beego framework logging.

Golang send mail without authentication using localhost sendmail or postfix

This is an alternative to native SendMail() function that requires authentication in Golang. The function is part of Go Helpers library available on github.

Varnish 5.1 always online

Recently I posted about Varnish with secure AWS S3 bucket as backend and I wanted to have the “always online” enabled, meaning you can take the backend offline while serving from Varnish cache.

Install Solr as systemd with restart on failure

Using https://github.com/geerlingguy/ansible-role-solr will install solr with a init.d file which will work well as a service but will not restart on crash. So this ansible script should install solr as a service using systemd:

tasks/service.yml

Varnish with secure AWS S3 bucket as backend

Serving static contents from S3 is common, but using Varnish in front is a bit tricky. Especially if you want to keep the bucket secure and only serve from Varnish, here is a simple Varnish file to solve this problem.

First secure your bucket via IP policy:

{
  "Version": "2012-10-17",
  "Id": "S3PolicyId1",
  "Statement": [
    {
      "Sid": "IPAllow",
      "Effect": "Allow",
      "Principal": "*",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::example.bucket/*",
      "Condition": {
        "IpAddress": {
          "aws:SourceIp": [
            "5.6.7.8/32"  //varnish ip
          ]
        }
      }
    },
    {
      "Sid": "Explicit deny to ensure requests are allowed only from specific referer.",
      "Effect": "Deny",
      "Principal": "*",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::example.bucket/*",
      "Condition": {
        "StringNotLike": {
          "aws:Referer": [
            "https://example.com/*"
          ]
        }
      }
    }
  ]
}