Filip Chabik

DevOps Engineer, Husband & Dad.

Ansible 2.9.0 →

Ansible 2.9 “Immigrant Song” has just been released. Back in May I already mentioned how slowly but surely Ansible won my heart and I must admit that I’m constantly impressed with what can be done with this tool. It’s a huge release yet again, but there are no major changes – which is good. It means that the project focused on bug fixing and improving on things already present.

It also coincide with release of my new Ansible Role: Rsyslog. I’ve been working on it for past few days and found it good enough for shipping today. Should you look for something handling rsyslog on Ubuntu/Debian, give it a spin! 😊

Ni No Kuni Wrath of the White Witch →

I’ve been playing Ni no Kuni II: Revenant Kingdom for a while now and I still think it’s the best RPG I played in years. I’m also a big fan of Studio Ghibli and while NNKII wasn’t done in collaboration, the style and inspiration is clear.

Some time ago I received as a gift Ni No Kuni Wrath of the White Witch DS version. Reason is simple – as I have 3DS I can play old DS games just fine. The problem was with… Translation. First Ni No was published with PlayStation 3 in mind, but due to large popularity of DS system in Japan at that time, it was ported there as well. I have a wonderful deluxe edition, with book inside and what not, but everything is in… Japanese.

I’ve been following this fan translation attempt1 for quite some time, but recently I noticed that there is a new, remastered version of Ni No Kuni coming to the PC! And now it’s available on Steam, fully translated! 🎉

  1. Which was finally released by the end of last year and titled Ni No Kuni: The Jet Black Mage

Status (2)

18th September 2019

Photo by the amazing Jess @ My Family in Photos
Photo by the amazing Jess @ My Family in Photos.

OK, so it’s been a while since the last status update and I was going do these round-about every six months. No big deal, no big deal, but I do feel the need to communicate a thing or two. In slightly particular order:

Read More

Rolling out containers w/ Ansible

22nd August 2019

I’m not huge on containers, but I can see and appreciate their value in rolling things out fast for testing purposes. I have my own server(s) running here and there and I use Ansible for handling pretty much everything on them. Until not long ago, Docker containers were among notable exceptions from that rule. But then I finally discovered1 docker_container module. The only thing I was still missing was better handling of defining multiple containers.2

  1. Took me a while… 

  2. docker-compose style. Kind of. 

Read More

NGINX Extended Security Update →

There were three vulnerabilities discovered by Netflix in NGINX: CVE-2019-9511, CVE-2019-9513 and CVE-2019-9516. Both current stable1 and mainline2 were patched and point releases had been issued. As I mentioned in my NGINX Extended post I was not going to work on 1.14.x branch any more with the exception of security updates. Canonical backported patches to their nginx package3 with the following changelog:

  • SECURITY UPDATE: HTTP/2 Data Dribble issue
    debian/patches/CVE-2019-9511.patch: limited number of DATA frames in src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h, src/http/v2/ngx_http_v2_filter_module.c.
    CVE-2019-9511
  • SECURITY UPDATE: HTTP/2 Resource Loop / Priority Shuffling issue
    debian/patches/CVE-2019-9513.patch: limited number of PRIORITY frames in src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h.
    CVE-2019-9513
  • SECURITY UPDATE: HTTP/2 0-Length Headers Leak issue
    debian/patches/CVE-2019-9516.patch: reject zero length headers with PROTOCOL_ERROR in src/http/v2/ngx_http_v2.c.
    CVE-2019-9516

I also took these patches and rebuilt my NGINX Extended version.4

Having this opportunity I thought it’s worth mentioning that there’s also Docker container available with my NGINX version. Dockerfile is available on GitHub and image itself on Docker Hub. Internally it’s also using my PPA to provide the package so it has exactly the same version as the one provided there.

  1. 1.16.x. 

  2. 1.17.x. 

  3. 1.14.0-0ubuntu1.4. 

  4. 1.14.2-4xenial0 and 1.14.2-4bionic0.