EC2 VPN connection informations (updated)

For a mysterious reason, EC2 VPN connection informations are stored in XML within the JSON data retrieved by either boto or the awscli command line tool. Here's a quick python snippet to convert those datas in a convenient, easily parsable dict: Combining this piece of code with jinja2 could help you generate racoon (or whatever IPSec software you use) on the fly. Update here‘s a complete example of an automatic generation for racoon / ipsec configuration files using the previous snippet, along with jinja2.

Latency based Alias DNS record in Route53

Yes, I know I write a lot about AWS these days, but you know, obsession is my thing. So as I wrote earlier, I generate my CloudFormation templates using troposphere, and the one thing I had to finish today was to register a latency based Alias record on Route53 for an ELB. While Route53 GUI is fairly easy to use, I've been stuck on its programmatic emanation for quite a while, so here's a troposphere definition of such a CloudFormation object:

Rock your CloudFormation with troposphere and boto

So you're using AWS CloudFormation in order to bring up complex infrastructures; haven't you already told yourself that instead of writing down all those JSON lines by hand, you could bring more fun to your architect life? I did, and I found a way to programmatically design a whole architecture using troposphere and boto3. Simply put, troposphere gives you bindings in order to generate CloudFormation‘s JSON template, but hey, it's python, meaning that you can create loops, use conditions and even dynamically build objects.

Github flavored markdown with python

I'm slowly migrating some parts of my personal Wiki to Github using their own markdown syntax. Before committing, I wanted to make sure the docs look like they should. Here's a small Flask snippet I wrote in order to achieve this: Python Markdown has an extension called fenced code blocks which supports Github‘s tidle (```) syntax, thus making this small program's output similar to what the doc will finally look like.

LDAP Flask-Login snippet

At ${DAYWORK}, I am writing a simple Flask web frontend for our new information system. I wanted to have a simple authentication method and so I found the Flask-Login extention for Flask which takes care of user validation, session remembrance , and has a callback method in order to plug the authentication on whatever backend you'd like. I came up with that little piece of code which makes Flask-Login check a user / password couple against a LDAP server, and validates a user regarding its user ID:

SaltStack: dynamic sls (updated for 0.15.3)

I've been learning and diving into SaltStack for about a month now, for both work and personal interest, that thing simply rocks. In the meantime, I've contributed a couple of modules, like bridging and Xen support, plus a couple of grains improvements for NetBSD. But most of all, I've been preparing my ${DAYJOB} infrastructure for Salt, and I must say this has been much easier than I thought, thanks to this beautifully designed piece of code.

GateOne, more than a web-based SSH

I've been searching for a Web-based SSH for quite a while, and I recently read about GateOne on the dedicated Wikipedia page. Not only GateOne does what I was searching for, but it also comes up with nice features like interpreting images on-the-fly. The remote server on which I intended to run this software is, of course, a NetBSD 6.0 domU, and as I anticipated, some work was needed in order to make GateOne work on this platform.


Au boulot, j'ai élu une solution de déploiement à haute teneur en convivialité qui m'a été suggérée par nico, j'ai nommé fabric. Ce soft à l'utilisation simplissime permet en un tournemain de réaliser des opérations complexes en masse sur une architecture distante en utilisant le protocole SSH. Si la documentation de la plupart des fonctions est clarissime, l'une d'entre elles, qui pourtant me semblait avoir un fort potentiel loutresque, n'était pas très clairement exposée: upload_template.