Assuming you are using the [GitLab Terraform state feature][gitlab-terraform-doc] in your self managed instance and you are using the embded [backup utility provided by GitLab][gitlab-backup-doc].

The Terraform state files are encrypted before they are stored. This means that you cannot retreiv the content at rest. For this purpose, GitLab use [application secrets][gitlab-application-secrets-doc] (and derive new secrets from thoses keys when needed) to encrypt sensitive content.

You want to retreiv the content of a state file from a GitLab backup. Like explained in [this issue][gitlab-terraform-state-offline-issue], it's not possible to easily retreiv a decrypted content is the instance is offline.

Any developper use or will use [Git][git-website] at a point in is career. Most of the time they will have to work with other people on the same [Git][git-website] repository. To avoid it to be branch and commit battlefield here is a simple guide on how to contribute properly on a [Git][git-website] repository.

Using [OpenSource][opensource-wikipedia] software written by unkown people sometimes can be a little scary. Even more when I deploy them I a production environment in my company. On my case, I have created a brand new [Kubernetes][kubernetes-website] cluster to host some private services on my local network and I wanted to be sure that they don't do anything malicious on my network.

Now that every web service encourage you, more and more, to use [MFA][mfa-wikipedia] to secure your account, one of them is used most than others : [Time-based one-time password or TOTP][totp-wikipedia] generate a unique code of 6 or more numbers to enter just after typing your password.

The server or web app allowing to setup [TOTP][totp-wikipedia] give a [QRCode][qrcode-wikipedia] to scan (or a [Base32][rfc-4648] string) to configure in a [TOTP][totp-wikipedia] generator app like [Microsoft Authenticator][ms-authenticator-site], [Google Authenticator][google-authenticator-site], [Bitwarden][bitwarden-site] or more.

We all use it, but how does it work ? Is it secure ? Is my account secure when using third-party [TOTP][totp-wikipedia] generator ??

What are x509 certificates ?​

[According to Wikipedia][x509-wikipedia], [x509][x509-rfc] is a standard defining the format of public key certificates. They are used in many Internet protocols, including [TLS/SSL][tls-rfc], which is the basis for [HTTPS][https-rfc] (the secure protocol for browsing the web).

What is DNS ?​

The [Domain Name System (DNS)][dns-rfc] is a system that provided human readable names for computers, services and other resources connected to the internet. Basic records allow to translate a [Domain Name][domain-name-wikipedia] (that humans can understand) into an [IP Address][ip-address-wikipedia] (that computer understand for routing).

If you have been using [pylint][pylint-website] tool to check the format of your Python code you may have encounterd the rule W1203: logging-fstring-interpolation but you didn't really understand why it's important.

The warning looks like :

path/to/my/file.py:37:4: W1203: Use lazy % formatting in logging functions (logging-fstring-interpolation)

It appears when you are using the [Python logging library][python-logging-doc]. On the [pylint][pylint-website] documentation about this rule it is said that you shouldn't use f-string formated strings.

I'm currently hosting some private web services accessible from internet. In order to protect those apps, I needed a very secure way to protect the access to them.

As you may already know, there are tons of bots that continuously scan all public internet IPs for potential vulnerabilities. From open ports, insecure web services or security breach. There are private organizations that allow to discover those vulnerabilities like [Shodan][shodan-website]. In my particular case, this is the only information that they could collect from my IP gateway :

First of all I'm not a web engineer and I hate web development. There are too many framework to work with ([ReactJS][reactjs-website], [Angular][angular-website], [jquery][jquery-website], ...). [Javascript][javascript-website] asynchronous system is a pain to manage at large scale. And dependencies maintainability is too much for me (yes, I'm talking about you npm). I'm not a web designer either so [HTML][html-rfc]/[CSS][css-rfc] are the enemy (mostly because I don't know how to use them at their full potentials).

This is pretty much why I quit web development in the first place and became a SysOps engineer.