Encryption Redux

In yet another exciting move for my blog, I’ve switched SSL providers from my previous provider to Let’s Encrypt. I’ve done so using a set of Docker containers, which also helped me move this WordPress blog to Docker as well. Now my blog is faster, encrypted for free, and easier to backup and maintain. I’ll probably post a brief article soon about how I set this up in more detail (including some docker-compose.yml snippets) soon.

Distributing CLI Tools via Docker

Throughout my career, I’ve seen a couple recurring patterns related to the tools I write: I write a lot of small CLI tools and I like to share them with my coworkers (and whenever possible, the rest of the world).

This has led to several iterations of solving the problem How do I make this tool easy to run? since I don’t want to burden people with understanding the intricacies of all my tools’ dependencies. These tend to be Ruby, some number of gems, and possibly some other common unix utilities. The solutions I’ve come up with have included a lengthy README with detailed instructions, Bundler with Rake tasks to do all the heavy lifting for non-Ruby things, fpm, and even “curl bash piping” (yes, I’m horrible).

Recently I decided to use Docker to solve this problem, since I’m using it so much anyway. Using Docker has some huge benefits for sharing applications of all types: the dependencies list gets whittled down to just Docker, things work on more platforms, testing gets simpler, and it is the new hotness which makes people say “whoa” and that’s fun. That said, the downsides can be frustrating: working with files on your machine gets messy, more typing with the extra Docker-related preamble, things are less straightforward and clear, simple mistakes can lead to lots of images and containers to clean up, and the executable gets significantly larger (since the Docker image is a whole, albeit lightweight, OS userland to run the app). After weighing these pros and cons, I’ve found that telling a coworker to docker pull registry.url/my/app and run it with --help is so much more convenient than the alternatives.

Continue reading Distributing CLI Tools via Docker

An Open Letter to President-Elect Trump

Dear Mr. Trump,

Let me start out this letter by admitting a few things. First, it would be a tremendous understatement to claim that I am not your strongest supporter. While I have disagreed with much of what you have said and what you and your soon-to-be Vice President claim to stand for, I still feel this letter needs to be written with sincerity and tact. That said, the second thing I will admit is that I am under no illusion that you will ever read this letter, or even be aware of its existence. I am not an important political figure, an aristocrat, rich, or famous; I am simply a concerned citizen and a member of the human race. I also understand if, from your point of view, my pleas seem unnecessary or even insulting, but please let me assure you that this is not my intention. I may be left-leaning, but this letter comes from the heart and out of a concern for my fellow man, not based on any political alignment.

This letter is not intended as a plea for you to reverse your stance on anything, or to retract anything you have said. Continue to stand by what you believe in, though I certainly hope in the future you are open to critically analyzing those beliefs and reevaluating your stances. That said, what I am asking you to do here is understand that there is a very large population in your country that are scared for their future, partly because there is also a disturbingly large population of people that firmly believe your election provides a license for racism, homophobia, sexism, and other forms of hatred. My hope is that you recognize this, and that while you may feel it is not necessary to acknowledge this hatred for what it is, I implore you to consider the impact such animosity will have both on our own people and on the world’s perception of our nation.

Please consider making an unambiguous statement about something I hope you feel is obvious, but I can assure you is not for many people: that hatred, abuse, and violence inspired by racism, sexism, sexual preference, religion, or country of origin will be no more tolerated or acceptable during your presidency than it has in previous presidencies. Assure the American people — and the rest of the world — that the rule of law, the rights and safety of our citizens, and the freedom to prosper for all kinds of people, are paramount and will continue to be upheld at least as well during your time in office as they have in the past.

Such a simple proclamation will go a very long way in unifying our country, curbing hatred, and showing the world the kind of leader you intend to be.


Jonathan Gnagy

Check for locked out Active Directory user via Ruby

At work, I’ve been working on a lot of automation lately and I ran into a seemingly simple problem that ended up being a bit more complicated than I had first imagined. I have been collaborating on a project that we’re using for auditing Active Directory users and groups and tracking changes to those groups via some simple automation. While that project is interesting in its own right, my boss and I agreed that tackling another helpful automation problem would help our entire IT team: determining if user accounts are locked. I’ve been pushing #ChatOps hard at work through Lita, so adding a plugin for our bot to work with Active Directory seemed only logical.

Context out of the way, making Ruby work with LDAP is a solved problem, many times over. Thankfully, Active Directory exposes most everything you’d want via LDAP, so with a few helper methods, building a few objects tailored to this task was easy work. We quickly discovered that each Active Directory user has a handy attribute called lockoutTime, and even some helpful hints via the interwebs that we just need to check if that value is 0 (meaning the user isn’t locked out) or any other value (indicating, naturally, that they are locked out). Well, this would be a pretty crappy blog post if that was the end, but it wasn’t.
Continue reading Check for locked out Active Directory user via Ruby

Quadratic Confusion

I have a horrible memory. I don’t mean just that I misplace things or forget names; it takes a lot of effort to commit arbitrary facts, figures, dates, etc., to my long-term memory. So throughout my school years, most of my studying was for things like History, trying hard to remember dates and statistics that I would quickly eject from my mind after my next exam. I seldom had to study for Math or Science though, because I figured out something that worked for me there: learning how and why things work rather than just memorizing formulas. This worked well for those subjects, but I do remember stumbling in algebra when I was not able to factor quadratic functions. There was a handy Swiss army knife of sorts for this, of course, in the Quadratic Formula.

I avoided this formula as much as possible, usually by spending way too much time trying to guess the factors myself, or by converting from “standard form” to “vertex form”, or guessing, or skipping that question. This was almost entirely because I could not bring myself to memorize the formula. Call it laziness, or foolishness, or whatever you’d like.

Well, recently I decided to brush up on my math skills. After yet again encountering the need for this equation, I decided enough is enough. Since I can’t memorize the equation, I will instead learn where it comes from by deriving it from the standard form of a quadratic function. This is my attempt to do so.
Continue reading Quadratic Confusion

Transport Layer Security FTW!

Thanks to the good people at SSls.com, my blog is now more secure than ever! And for only about $15… for a three-year cert! I’m not sure how they’re doing it, but I encourage anyone looking for an SSL certificate to check them out. Note that I am in no way affiliated with (and sadly not being paid to advertise for) SSLs.com. Along with this move to SSL, I have relocated this blog to an LXC container running on Ubuntu since the FreeBSD jail I was using couldn’t quite keep up with the demand (to be fair, I’m pretty sure that machine is plenty busy even without my tiny blog).

Checking In

I started a new job last week in San Diego! I’ve been really busy coordinating the move, learning what’s necessary to do my job, and struggling to keep up with my crazy life. I certainly haven’t forgotten about my blog, and I’m working on a few (hopefully interesting) posts little by little. I’ll be updating LinkedIn with my new job’s details soon, so check there for more details.

Reusable CloudFormation Snippets with ERB

Amazon’s CloudFormation is a wonderful and flexible tool for provisioning and managing resources in an EC2 VPC. It really takes the concept of infrastructure-as-code and helps make it a reality. For all its flexibility though, it sacrifices intuitiveness and ease. It is also limited by the rigidity of JSON, which isn’t a full-fledged language so it doesn’t support variables (although Parameters, Mappings, and References to them are a long-winded and difficult to parse approach that comes close) or easily referencing reusable external libraries. It also isn’t possible to define arbitrary functions, iterate over lists, or define anything but the most rudimentary conditional sections. This is by no means a criticism of CloudFormation, as it has certainly done a lot to turn a serialization format into a pseudo scripting language, but these are my observations that might frustrate other people when using it.

That’s where ERB comes in. As a big advocate of Ruby, whenever I think of templating the first thing that comes to mind is ERB. A while back, I put together a super simple script that generates templates from JSON “layouts” and “snippets” (think views and partials from Rails), both of which fully support ERB and all of its Ruby goodness.
Continue reading Reusable CloudFormation Snippets with ERB

Our Solar System

My five-year-old daughter is such a science nerd — I wonder where she gets it. She surprised me with a drawing she made for me, along with her ability to describe it with such fascination and detail. She informed me that she didn’t color the planets correctly but, and to paraphrase, she wanted to express some artistic freedom. I begrudgingly informed her that pluto is no longer considered a planet. I’m particularly happy that she managed to correctly draw rings on the four outer planets, though I couldn’t figure out if she did that because she knew that they all have rings. I mostly blame Bill Nye and the makers of the Magic School Bus for her knowing so much about space (maybe I’m a little to blame too). I only hope her passion for space and science continues. I’m so proud of my little girl. Our Solar System


While I was watching a video from one of my favorite YouTube channels, I decided I wanted to try the math(s) that Professor Merrifield was describing to explain Gamma / the Lorentz factor. I’m very excited that my new blog supports \LaTeX and MathJax so the formulas actually turn out looking the way they should.

While this math might look difficult at first, it is really easy. It is essentially just using the Pythagorean theorem to isolate the relationship between t and \tau, which is the factor by which time (and length, and mass) changes for a moving object.

Continue reading Gamma