Archival Policies With CloudFormation

Draft of this has been untouched for 6 months, posting in case anyone needs a snippet for a CF template.

"S3BackupBucket": {
    "Type" : "AWS::S3::Bucket",
    "Properties" : {
        "BucketName" : "my-unique-s3-bucket"},
        "LifecycleConfiguration": {
            "Rules": [
                "Id": "GlacierRuleDBData",
                "Status": "Enabled",
                "ExpirationInDays": "460",
                "Prefix" : "backup/database",
                "Transitions": [
                    "TransitionInDays": "35",
                    "StorageClass": "GLACIER"
                    "Id": "IARuleAppData",
                    "Status": "Enabled",
                    "Prefix" : "backup/appdata",
                    "Transitions": [
                            "TransitionInDays": "30",
                            "StorageClass": "STANDARD_IA"

Jenkins Job DSL

I’ve wanted to post for some time a couple of thoughts and templates for good DSL job scripts for Jenkins(Hudson) but haven’t been able to pull enough details together to make it cohesive. Nothing’s changed in that regard but I’m fed up with looking at the draft…

Assuming you have all the pre-reqs for running DSL scripts (possibly a boot strap job [check this example job] as well) you’re biggest hurdle is going to be making sense of the DSL script. Below is a basic example that includes some of the preliminary needs for my application of this.

def gitBaseUrl = ''
def shortCode = 'ACME'
def phpGitName = shortCode.toLowerCase() + '-appstatic'
def groupID = 'im.scriobha'

//------------ View --------------------------------------------------------------------------------------------------//
    description('All jobs for ACME')
    jobs {
        regex(shortCode + '_.+')
    columns {

//------------ [NAME] Jobs -------------------------------------------------------------------------------------------//

mavenJob (shortCode + '_DEV_AppStatic'){
    logRotator(daysToKeepInt = -1, numToKeepInt = 5, artifactDaysToKeepInt = 30, artifactNumToKeepInt = -1)
    concurrentBuild(allowConcurrentBuild = true)
    triggers {
    scm {
            configure { git ->
                git / 'extensions' / 'hudson.plugins.git.extensions.impl.SparseCheckoutPaths' / 'sparseCheckoutPaths' {
                    'hudson.plugins.git.extensions.impl.SparseCheckoutPath' {
    goals('clean package -Dmaven.test.failure.ignore=false')
        shell('# Fail on first error: \n' +
            'set -e\n' +
            '\n' +
            'scp target/phpstatic-*.zip '+ shortCode.toLowerCase() + '-dev-app1:/tmp/.\n' +
            'ssh '+ shortCode.toLowerCase() + '-dev-app1 \'sudo unzip -d /mnt/app-www/ -o /tmp/drupal-*.zip\'\n' +
            'ssh '+ shortCode.toLowerCase() + '-dev-app1 \'sudo chown -R www-data:www-data /mnt/app-www\'\n' +
            'ssh '+ shortCode.toLowerCase() + '-dev-app1 \'sudo rm /tmp/phpstatic-*.zip\'')
    publishers {
        mailer('', false, true)

Well that explains the low cost

A co-worker recommended Vizio as a top notch TV a while back and the price was ridiculously cheap when I shopped around to price one out. It was only for an occasionally used room and I figured even if it went bad after a couple of years it was worth the cost. Now I understand why the price tag is so low despite appearing to be a quality TV and I’ve turned as much of the default settings as I could find off since it’s used with an external device.

Its watching you (ArsTechnica)

Shell Script for Apt-Get Security Based Updates

I’ve been slowly working this script into a cheap method of notifying me of updates available for Linux instances (Ubuntu specific) instead of purchased product or managed solution. It’s not fancy, flashy, API driven, cloud hosted, OAuth authenticating, or any other buzzwords. It does work though…


#- Name....:
#- Notes...:

# create fresh securities file each run
grep "-security" /etc/apt/sources.list | sudo grep -v "#" > /etc/apt/security.sources.list
echo "created security specific source list"

# Create the security file list
echo 'n' | apt-get upgrade -o Dir::Etc::SourceList=/etc/apt/security.sources.list >> /root/securities-to-update.txt
echo "created list of security updates"

# What's the mimetype
  # warning: assumes that the passed file exists
  file --mime-type "$1" | sed 's/.*: //'

# some variables

body="Please see attached"
declare -a attachments
attachments=( "securities-to-update.txt" )

# Build headers

printf '%s\n' "From: $from
To: $to
Subject: $subject
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=\"$boundary\"

Content-Type: text/plain; charset=\"US-ASCII\"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline


# now loop over the attachments, guess the type
# and produce the corresponding part, encoded base64
for file in "${attachments[@]}"; do

  [ ! -f "$file" ] && echo "Warning: attachment $file not found, skipping" >&2 && continue

  mimetype=$(get_mimetype "$file")

  printf '%s\n' "--${boundary}
Content-Type: $mimetype
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=\"$file\"

  base64 "$file"

# print last boundary with closing --
printf '%s\n' "--${boundary}--"

} | sendmail -t -oi   
echo "sent security updates list"

# cleanup security files
rm /etc/apt/security.sources.list
rm /root/securities-to-update.txt Technics SL1200M3D Turntable (Discontinued by Manufacturer): Electronics

This iconic and extremely popular Tech12. I have one, I love mine and I’ve known about this for some time but there’s still the finality of seeing it in black and white on Amazon that a product has been discontinued….


Oracle Java Chef Recipe

There are a number of Java recipes out there that are quite good but I really had a need for a lightweight one with minimal fuss and for Ubuntu only. I would wrap this up as a solo cookbook but there really isn’t a point since it’s a grand total of 45 lines and requires 1 attribute defined. Check it out and see what you think.

# Cookbook Name:: opsworks
# Recipe:: jdk-install
# Author:: John Lawson
# Email::

log "...::: opsworks::jdk-install :::..."

# Install JDK repo
execute "apt-get install -y software-properties-common; add-apt-repository -y ppa:webupd8team/java;" do
    user "root"
    action :run
    not_if { ::File.exists?("/tmp/configured.jdk") }

# Update apt-get now that we have the JDK repo added
execute "apt-get update;" do
    user "root"
    action :run
    not_if { ::File.exists?("/tmp/configured.jdk") }

# Set our debconf settings for oracle license
execute "echo debconf shared/accepted-oracle-license-v1-1 select true | debconf-set-selections; echo debconf shared/accepted-oracle-license-v1-1 seen true | debconf-set-selections;" do
    user "root"
    action :run
    not_if { ::File.exists?("/tmp/configured.jdk") }

#- Install JDK version based on the jdk_version attribute from attributes/default.rb
if ! node['java']['jdk_version'].nil?
    execute "apt-get install -y oracle-java#{node['java']['jdk_version']}-installer;" do
        user "root"
        action :run
        not_if { ::File.exists?("/tmp/configured.jdk") }
    log "!!!! No JDK Version set in attributes !!!!";

#- A Guard to ensure we only execute this once
file '/tmp/configured.jdk'