Hi everyone! 👋

Welcome to cron.weekly issue #129.

I’ve been exploring HTTP/3 some more last week, so you’ll find a couple of HTTP/3 references lower in here. Interesting stuff, of course!

This is a nice and varied issue, lots of tools and guides this time, I’m pretty sure you won’t be bored.

Grab a ☕️, enjoy the read & stay safe.

News & general 🗞

The team at Docker as started a new initiative to make docker compose an industry standard: it will be run with open governance with input from all interested parties allowing them together to create a new standard for defining multi-container apps.

[…] in light of the extraordinary global circumstances due to COVID-19, we are temporarily rolling back the enforcement of SameSite cookie labeling.

The Chrome browser was on its way to phase out 3rd party cookies, but that plan is currently on hold to allow everyone to focus on the current events.

An interesting read about Linux’s conntrack, its limits (and how to test them) and what happens when you reach them.

Due to COVID -19 situation, RedHat is providing free courses for 30 days. These all usually pretty expensive, so if you have the time - I suggest you check them out!

Managing aliases can be tedious and difficult to set up. nostromo makes this process easy and reliable. The tool adds shortcuts to your .bashrc / .zshrc that call into the nostromo binary. It reads and manages all aliases within its manifest.

zz is a “smart and efficient directory changer” for zsh , implemented in pure awk & unix tooling.

Get deeper insights into your PHP services with Datadog. With over 400 turn-key integrations, you can quickly monitor every layer of your PHP applications alongside the rest of your environment. Start a free trial today, create one dashboard, and Datadog will send you a free t-shirt!

Braid is an experimental team chat application with a novel UI: instead of chatrooms, it’s based on many short conversations. You can think of Braid as an email/mailing-list/web-forum/chatroom hybrid, but without the constant interruptions and FOMO of Slack. It’s particularly good for remote-first companies, developer teams and online communities.

Some bureaucratic agencies require a hand-written signature instead of a digital one. This script makes it look like a PDF was printed, signed and scanned - just for your convenience.

A Docker Compose yml file charting visualizer via Desktop application available for Mac, Windows, Linux. This looks especially useful if you want to showcase your environment or write visual documentation.

Foreman is a complete lifecycle management tool for physical and virtual servers. Giving system administrators the power to easily automate repetitive tasks, quickly deploy applications, and proactively manage servers, on-premise or in the cloud.

Make sure your DNS isn’t a bottleneck by using HostDNS’s worldwide anycast network, intuitive web DNS editor, DDoS protection and 24/7 e-mail support. Don’t blame DNS, trust HostDNS to manage it for you.

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Enjoy the freedom of using your software wherever you want, the way you want it, in a world where interoperability can finally liberate your computing experience.

A desktop application for Jitsi Meet built with Electron.

This is a bit of a parody site, but has some merit to it: a set of Linux kernel parameters that enable all flags to speed up your machine (including disabling Spectre/Meltdown mitigations).

Pagure is an Open Source software code hosting system, an alternative to GitLab. For more context, listen to this podcast recording with Neal Gompa for more insights.

Brim is an open source desktop application for security and network engineers. Brim is especially useful if you need to handle large packet captures, especially those that are cumbersome for Wireshark, tshark, or other packet analyzers.

Rclone (“rsync for cloud storage”) is a command line program to sync files and directories to and from different cloud storage providers.

Pipx allows you to install and run Python applications in isolated environments.

Guides & Tutorials 🎓

A treasure trove of security considerations to make when implementing & running Kubernetes. It touches privilege escalation, persistence, defense evasion, discovery, …

Last week I had fun upgrading to the latest Caddy build to run HTTP3 on my own servers. This post shows how you can enable and test HTTP/3 together with Caddy 2.

This post looks at how you can enable HTTP/3 in all major browsers. It isn’t enabled by default (yet), so you’ll have to explicitly opt-in for now.

While diving more into HTTP/3 last week, I came across this brilliant write-up by Daniel Stenberg that explains all the changes and does a deep-dive into the new protocol.

This guide looks at using python to build your own “virtual background” creator, pretty interesting as it gets rather complex quickly.

An interesting read on how Slack does deploys at their scale. There are about 12 deploys each day. What originally started as an rsync -deploy has now grown into a nice flow with lots of structure to it.

In this new (free) book, experts from Google share best practices to help your organization design scalable and reliable systems that are fundamentally secure.

This post looks at the benefits of using the mosh shell in everyday life, as its session-resumption is quite a powerful feature.

This research paper looks at the use of TCP on the internet. Does everyone follow the standards? Is everyone in agreement? tl;dr: no, not even close. A good reminder that most of the internet is held together by duct tape.

Where does the name postfix come from? Or apache ? Or apt ? This page has the general collective wisdom stored!

This is the guide I wish I wrote: step-by-step intructions on running WireGuard on your own servers.

A useful git alias to show the branches with the most recent activity.

In this guide you’ll see basic examples of how to set up mounts using systemd instead of just /etc/fstab . The advantage is you can set dependencies and have more control of the order in which they get mounted.

Last week featured an article about the great things of PostgreSQL, this one gives you some opposing views.