Posts on ZachFi

Brew Log: Hard Cider

Tue, 04 Nov 2025 01:00:01 +0000

11/2/2025

Press 300 lbs apples of mixed variety into 17.2 gallons of juice
- Gala
- Golden Supreme
- Jonathan
Pasteurize to 60C

11/3/2025

Measure 1.073 SG at 69F
Measure 3.34 g/L of malic acid
- Titrate using wine kit with 0.1 normalcy
  - 3ml sample
  - 4 drops phenolphthalein indicator
  - 1.5ml NaOH
  - 0.25 kit multiplier
  - 0.89 tartaric to malic converstion multiplier
  - 1.5ml * 0.25 = 0.375 percent tartaric
  - 3.75 g/L = 0.375 * 10
  - 3.34 g/L malic = 3.75 * 0.89

Brew Log: Lemon Hard Seltzer

Thu, 09 Oct 2025 01:28:23 +0000

9/20/2025

Sanitize everything
Boil 2.5 gallons filtered water
Dissolve 4 lbs corn sugar
Raise water to 5 gallons
Cool to 78F
Measure 1.057 SG
Pitch Lalvin EC-118 and nutrient

9/28/2025

Finished
Re-fill airlock
Wait.

10/6/2025

Mix 5/8 cup cane sugar with 2 cups water and boil
Add ~2 tbsp lemon salt and 1/2 tiny vile lime oil
Prime keg and drain fermenter
Bottle several
Force carbonate to 30 PSI
Wait.

10/9/2025

Reduce pressure to 15 PSI
Pour. Splash. Drink. Delicious.
Reduce pressure to 12 PSI

Pulling Cables

Tue, 14 Mar 2023 03:14:04 +0000

The homelab has started to sprawl out of the tidy little closet it started in, and I began wondering if I could relocate parts of it to a less visible part of the house. The trouble is, that the ethernet connections all converged at this one tiny closet, and the drywall was all buttoned-up and I had no intention of drilling holes to run new cables.

The angle was somewhat tricky, where I could fish a cable up the wall, but could not get to it from across the ceiling. At the same time, I could get to that same area through the ceiling, but not down the wall.

Rotating Domains

Sun, 05 Mar 2023 04:22:58 +0000

This last year has certainly been busy, both professionally, and personally. I’ve not much made the time to reflect, but I expect to change that. As the new year began, I was thinking of the future and wondering about the digital footprint that I’ve left behind. With a meager couple decades of internet connectivity, I give thanks for the alley behind my parents old house where I could ride my bicycle, and the drainage ditch nearby that I was able to explore when I was young. Instead of socializing online, I grew up interacting with the area around me, and avoided much of what young people online today might learn to regret.

Kubernetes for a New Year, or the Next Ten

Fri, 31 Dec 2021 14:03:46 -0700

After reading one book, taking a class, and a couple false starts, Kubernetes was very much in front of me as something I needed to learn. As a long time home-lab herder, often a great way for me to learn is to get hands-on. So I decided to build a new lab and start migrating some services to it.

With just a little bit of research and talking to some knowledgeable folks, I landed on using K3s on a three node cluster on fan-less hardware backed with a PostgreSQL database somewhere off-cluster.

Database Schema Generation with Protobuf

Sat, 10 Apr 2021 10:53:57 -0600

As I look to reduce the number of touch points that are required to make a change to my personal system, I’m always thinking about how to reduce complexity and leverage existing tooling. In this way, we can continue to leverage an existing foundation to build out further abstractions. One such lever I have worked on over the last year was using my gRPC protobuf definitions to generate LDAP schema files that could be loaded into the server to match the objects that I’d be working with in Go.

Operational Overhead

Fri, 11 Oct 2019 16:45:14 -0700

On the path to improving the reliability of a given system, the oscillation between two modes of work is often necessary. The first mode here is that which is directly affecting the change on a system, and the second describes that which is improving the method by which change is made on a given system.

These are references for a mental model that could be applied to a system as simple as a lever, or as complicated as an automobile manufacturing plant. The systems I tend to work most closely with are computer and network systems, but this is likely applicable for other sorts of system operations where humans are concerned.

Graphing with Environment Sensors

Sun, 08 Sep 2019 21:04:37 -0700

A few years ago, I started dabbling with the ESP chips that have become so popular. For me, the ease of WiFi, and the Arduino compatibility meant that I was able to get up and running much faster. Not having a background in electrical engineering, the simple things like having a good base with the PCB, a couple sensors built-in and easy expansion makes all the difference.

Before the ESP chips, I’d tried several other wireless communication chips that were each challenging in their own way. Since my ultimate goal is to report the sensor data to a monitoring service, getting up the stack so that I could use IP communication was a big win, and the ESP chips are perfect for this.

Gratitude and Forgiveness

Fri, 30 Aug 2019 13:33:45 -0700

I give thanks to all those in my life who have forgiven me for my humanity, for my inability to act in the most dignified and uprightly manner at all times. I give thanks for the opportunity to remember my blunders, and improve my behavior and the manner in which I seek to conduct myself, without loosing the relationships that that have grown with others, the forgiveness from whom I work to either repay, or pay forward.

Action Required

Tue, 27 Aug 2019 21:05:59 -0700

I’m a planner, and whether I want to be or not, my mind just starts to push out and extrapolate on the present to derive the future. Lately I’ve been finding that its quite difficult to plan in multiple areas of my life at the same time. Each tendril of a plan tends to have its own agenda, calling on my attention to meet its own conclusions, but attention is an increasingly limited resource.

New Terminal

Sat, 22 Jun 2019 22:08:36 -0700

For years I had it in my head that urxvt was the best terminal emulator one could find. I ignored all those little areas of Unix management where I’d have to set my TERM variable to something like xterm-256color before some remote shell would recognize my terminal correctly, or where F keys had to be configured before they would be passed to the running application. Those little moments when I’d load a new color scheme for mutt, or vim, and I could tell that I wasn’t quite getting the same experience that everyone else who installed the plug-in had. Its been a good number of years this way, and I’d just gotten used to it.

Junos Configuration Management

Sun, 13 Jan 2019 16:20:52 -0800

Its been a year since my last post, and I’m thinking its time to make another.

Lately I’ve been trying to work through some network management solutions to try and define the problem more clearly. This is an interesting problem primary because I’m unable to rely on my previous tool sets to get this done. Namely, Puppet running on the host.

There are a couple interesting Python tools for this purpose that I’d given a spin, but the more I was working in them, the more I was wishing I was writing in Go. Most of my actively maintained code these days is Go, and working in two languages for personal infrastructure tooling means I can’t leverage the libraries of one tool in another.

Fuck Couscous

Sat, 09 Jun 2018 10:00:50 -0700

So you’re at a conference in a foreign country, and its lunch time. The menu at the head of the table is in a language you don’t read. Now to judge the food by looks. All the food looks impossible. Even the vegetables are on the same tray as the sandwiches, all mingling with a bit too much friendliness. One dish looks like potatoes covered in a gravy dressing. Skipping over all the sandwiches, the next, dish looks like Quinoa salad, so let’s try some of that.

Hugo

Sat, 13 Jan 2018 14:01:52 -0800

For the last few months I’ve been learning the Go programming language while working on various work related projects, and as I do, I reflect on the older tools and patterns that I’ve used and developed over the years and wonder if there is a better approach.

Each time I pick up a new language, every few years, I start this evaluation process. In this case, a friend from work pointed out a new static website generation tool. It turns out, I’ve been neglecting a couple static sites that could use some updating!

Puppet Providers and Unit Testing

Fri, 24 Feb 2017 00:00:00 +0000

Sometimes Puppet providers execute their logic based on the contents of a @property_hash, which is just a representation of a resource’s actual state. Its easy enough to test a provider for the basics, but populating the @property_hash for a unit test has always been something of a chore, and often gets skipped, leaving large portions of provider code untested. I wish I’d understood this years ago, but now that I’ve got my head round it, its pretty simple.

LetsEncrypt Validation on Private Networks

Fri, 28 Oct 2016 00:00:00 +0000

Using DNS to validate LetsEncrypt certificates for use on private networks

User Management Patterns

Sat, 26 Mar 2016 00:00:00 +0000

User management can be a bit of a sore subject for some admins, but I’ve found it can really pay off when done correctly, though its not always clear what that means. I’ve been on both sides of that line in the past, sometimes when the line moves, and sometimes not.

I’m a believer that managing the users and groups in your organization proficiently and with low overhead is important. It should be done well, if for no other reason, than to be able to state authoritatively who should have access to what and why, ideally requiring as little administrative time as possible once the system is in place.

Using LDAP for Puppet classification

Mon, 23 Nov 2015 00:00:00 +0000

Over the last year, I’ve been slowly moving some of my private Puppet code to use LDAP as a data source. Through this process, a bit of strategy, some tool and some schema has emerged I’ll share here.

It’s worth noting that Puppet has had an LDAP Node Classifier for quite some time, probably longer than I’ve been using Puppet. Though looking over the documentation, you wouldn’t know it, but the most useful bit of this whole work is that fact that Puppet supports the configuration variables necessary to make a connection to an LDAP server, and those variables are available for reference.

Storing Jail data in LDAP

Sun, 14 Jun 2015 20:17:14 +0000

For the past several years, I’ve been running the majority of my lab services out of FreeBSD jails. I don’t have but a handful of services to run and some underpowered hardware to put them on, but jails have grown to become a staple in how I deploy my private infrastructure. One such service that I run is LDAP. I got a wild hare yesterday and though I’d glue the two of them together with a bit of Puppet.

Moving My Puppet Master to OpenBSD

Wed, 11 Feb 2015 00:00:00 +0000

I recently had some network trouble that isolated a system I use to host FreeBSD jails to be without network. The bummer of it is, that I used this particular system for hosting most of my primary working system. Things like CI and Puppet and such all lived in neat little jails, and while all the little jails and all the little services are still on disk I have no access. I suspect the hand-me-down Cisco switch is the culprit, but after years of service, meh.

Backups with Exported Resources

Fri, 19 Sep 2014 00:00:00 +0000

Failure happens. Its a part of working in technology, and as a techno worker bee, my job is to ensure that those failures have as little impact on my team and my company as can be summoned. Part of this (as the business peeps say) “risk mitigation strategy”, is backups. Its a part of working in technology that I want to give as little attention as possible, so its important its low touch and that its done correctly and is available when I need it.

Using Puppet with Fabric

Fri, 15 Aug 2014 00:00:00 +0000

Fabric describes itself as a “library and command-line tool for streamlining the use of SSH for application deployment or systems administration tasks”. To get this work done, Fabric uses what are called “fabfiles’, which is just some python stored in a file called fabfile.py. In terms of execution, it works a lot like Rake from the Ruby world. You have a base command, in this case fab and each task is read from the fabfile.py and executed on request. Nothing too earth shattering.

First Ceph Cluster

Thu, 29 May 2014 21:13:20 +0000

Storage clustering systems have been an interest of mine for many years. The idea that you can put a bunch of similarly shaped systems together and make them behave as a unit is fascinating. One could think of systems biological terms; the kernel being analogous to the nucleus in a cell, bringing individual cells together to serve a higher purpose of the organ or nerve ending.

I’ve never really needed a high performance cluster, and when I studied the technologies in the area of HPC, I didn’t have data that needed processing. Though I did thirst for storage, and with it and, data redundancy.

A New Start

Fri, 23 May 2014 23:00:33 +0000

It struck me the other day, that this is probably as good a year as any to try again at keeping a website online. There have been others before this, but like a moth to the flame, I ended up spending more time hacking on the site than I did writing entries, completely defeating the initial intention. As such, I thought I would give Jekyll a try. Looks simple, well documented, customizable and looks to have a pretty strong community. All good signs.

PkgNG on FreeBSD with Puppet

Sat, 30 Jun 2012 00:00:00 +0000

I’ve recently discovered FreeBSD’s new package manager and it looks poised to become the default package manager soon in FreeBSD 10.

After watching the video from BSDCAN I realized that there was some pretty serious effort going into the project, but still a bit rough around the edges. Some wiki reading later, I was ready to dive in.

More sources of information seem to be springing up about this new package manager, and though it does not solve all of the issues surrounding package management in FreeBSD such as custom options on your ports, it sure is a vast improvement from previous tools that are available for FreeBSD for my use cases.

Generate Permutations of Puppet Resources

Tue, 01 May 2012 00:00:00 +0000

Here is a Puppet module that is a bit of a meta-module. Its only purpose is to create other resources by computing the permutations of parameters and generating new resources. The reason this is useful, is that it allows you to create lots of similar resources that might have some common and some unique parameters.

Consider the following PXE example:

permute { "Debian Installers":
  resource => 'pxe::installer',
  unique   => {
    arch => ["amd64","i386"],
    ver  => ["squeeze","wheezy"],
    os   => "debian"
  },
  common   => {
    file   => "os_<%= os %>",
    kernel => "images/<%= os %>/<%= ver %>/<%= arch %>/linux",
    append => "initrd=images/<%= os %>/<%= ver %>/<%= arch %>/initrd.gz text",
  },
}

For every key in the unique parameter hash, a resource will be created for every combination of things. The keys in the common parameter hash will get passed through ERB before the resource is created. This allows you to do interesting things like the above that allow you to determine the values of the parameters before the resource is generated.

Mon, 01 Jan 0001 00:00:00 +0000

Its time to update TLS ciphers.

ssl::ciphers: 'ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384'

Mon, 01 Jan 0001 00:00:00 +0000

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256

I’ve created a new GnuPG key that, over the next few months, I will be transitioning to use as my primary key for daily use. My old key has not been compromised and will continue to be valid for while during the transition. I’ve begun signing mail with the new key and would prefer that all future correspondence use the new key.

The new key is signed by the old key, and would appreciated new signatures against the new key. The details are as follows.