goroot Blog

Cloud. Architecture. IoT.

Monitor the pH of your reef tank with Tasmota

Monitoring water values of your fish tank is essential. To keep your reef-ecosystem alive, several dozens of water values need to be measured. This can be quite annoying to do that manually all the time. So I just started automating the measurement of them via Tasmota. One of the leading indicators for a fish tank is the pH level of the water. Measuring the pH level gives you a good indication for several other water values as well. Continue reading

Network segregation: IoT vs NoT

IoT devices became quite popular throughout the last years. Everything is connected, anytime. What sounds like a good idea, might actually result in a security hole in your network. As only the vendor knows what a device is actually doing, your IoT devices might bring some features with them that you don’t like. What is the problem with my IoT device? The short answer is: you own it, but you don’t control it. Continue reading

Unattended docker container updates

To keep your container infrastructure up to date and therefore secure, there are two primary objectives that you need to achieve: Keep the host‘s operating system up to date Keep the content of your containers up to date Update the operating system Updating your operating system is quite straight forward. Just use the well known package managers to do the job for you. E.g. for Debian this would be as easy as running apt-get update && apt-get upgrade on a regular basis. Continue reading

Using the cloud as panic room

2018-02-03 macos linux Michael Kolb

Time to do something about it, and also about all other scenarios that threaten your digital heritage. Can the cloud be the safe place to backup all your data? But doesn’t uploading backups to the cloud also mean that others might be able to access it? In this article we will show a disaster recovery concept that you can use to backup infinite data amounts: It is free, easy to set up, and bullet prove.

Continue reading

Docker Image Review: jwilder/nginx-proxy

2018-01-29 docker Michael Kolb

Ever wondered wether there is a good alternative for scenarios, where a full featured ingress proxy would be overkill? Here it comes: jwilder/nginx-proxy. The image can especially be useful when setting up an ingress concept for the first time. Nginx is well known in the world of classic server administration and web hosting. So why not use your familiar web server also in your containerised environment?

Continue reading

Docker containers are insecure

2018-01-14 linux Michael Kolb

Everybody knows how to keep a linux box updated. It is also common sense that running things in docker containers is more secure by definition. After all they isolate services from each other. So if you are running containers on a fully patched host, there should be no security holes at all. Not even close! Keeping containers up to date is a total different thing. That brings up the questions how to keep your containers up to date, and how to decide wether containerising is really worth it in your scenario.

Continue reading

Starting on a blank page

2018-01-11 meta Michael Kolb
A little bit of History The blog initially started in 2014 and was online till late 2016. I primarily focused on Ham Radio and IoT content these days. These topics were appreciated by many readers. Nevertheless, the old blog had to come to an end as my interests also changed over time. I was simply not able (nor willing :-)) to invest the time necessary to write high quality articles on topics that are no longer my primary focus. Continue reading