Sync time for FreeIPA hosts

Recently, I upgraded the FreeIPA server for my network to the latest version (4.8.10). Some strange things related to authentication started to happen with some services on my network.

For our Web site, netlify gotrue is used to enable users to login using SAML Single Sign-On. This started …

more ...



ZGC garbage collector and Clojure applications

The main product of my startup is written in Clojure, a language that puts enormous pressure on the memory garbage collector due to the pervasive use of immutable data structures. The new Z garbage collector on JVM has been a blessing for us, as it has largely solved our memory …

more ...


LDAP Authentication Module for Nginx on Debian

To control access to various internal Web sites of a company, a simple method is to enable LDAP authentication on the Web server, so that the company directory can be brought to bear and there is no need to create individual accounts for employees on different systems.

Nginx is one …

more ...

How to Add a Preview Link to Self-hosted Netlify CMS

If you are using a self-hosted Netlify CMS as the online editor for your SSG powered Website and you are using the editorial workflow (you have publish_mode: editorial_workflow in your config.yml), a pain point is that you do not see a preview of the live page when …

more ...


Migrate this blog from Drupal to a static site generator

This blog has undergone a few migrations over its 15 years life span.

It started out as a Blogger account in 2005. The purpose was to record some system administration details when I was an assistant professor at university, setting up my laboratry for students.

Then Yunyao joined in after …

more ...

Migrate DokuWiki to another server

DokuWiki is one of the most easy-to-use open source Wiki software. It is a very good internal documentation tool for small or medium sized organizations.

Comparing with using Google Docs for the same purpose, one advantage of using a Wiki is that it is more searchable and navigable. In addition …

more ...

Backup Discourse with External PostgreSQL Server

Discourse is a modern forum software that is quite popular in the technology circle. One can install a Discourse server easily with the recommended method of using docker. All the services needed by the Discourse server, e.g. Postgresql and Redis, will be running inside a docker container, which is …

more ...


Configure Jenkins to use FreeIPA LDAP Security Realm

The point of setting up freeIPA for an intranet is to enable single-sign-on (SSO) for all the internal services that requires authentication and authorization. LDAP, originated from my alma mater University of Michigan, is one of the most widely accepted solutions to the problem. freeIPA can serve as a LDAP …

more ...

FreeIPA in AWS EC2

FreeIPA is the open source version of RedHat's identity management solution, which nicely integrates several open sources services that are important for managing an intranet: 389 LDAP Directory Server, MIT Kerboros, NTP, DNS, SSSD and others. 

Most of my servers are virtual machines in AWS EC2. To manage such a …

more ...



Pursue of the Perfect Solution for Cat Hair (1) --- Vacuum

If you have one or more long hair cats at home, like our Mayori and Tom, you probably share the same dream as us --- a house without cat hair, at least a house without having cat hair everywhere.

Towards this dream, we have tried out various products. Here is a …

more ...

High Resolution Image for Pdflatex

While preparing the camera-ready version for our CIKM demo, my colleagues and I found that the screenshot included in our paper appeared to be fairly blurry in the pdf version, even though the original .jpg file looks fine.

I searched online to try to find the solutions. After a few …

more ...

Screen Saver Option Disabled on Windows 7/XP

For unknown reason, my machines would suddenly disable their screen saver options (e.g. with the "on resume, display log on screen" check box grayed out). Whenever this happens, it would trigger the security alert and I will get a warning from the IT department to fix the issue.

I …

more ...