Announcing fc-userscan

NixOS manages dependencies in a very strict way—sometimes too strict? Here at Flying Circus, many users prefer to compile custom applications in home directories. They link them against libraries they have installed before by nix-env. This works well… until something is updated! On the next change anywhere down the dependency chain, libraries get new hashes in the Nix store, the garbage collector removes old versions, and user applications break until recompiled.

In this blog post, I would like to introduce fc-userscan. This little tool scans (home) directories recursively for Nix store references and registers them as per-user roots with the garbage collector. This way, dependencies will be protected even if they cease to be referenced from “official” Nix roots like the current-system profile or a user’s local Nix profile. After registering formerly unmanaged references with fc-userscan, one can fearlessly run updates and garbage collection.

Continue reading Announcing fc-userscan

How to renew Puppet CA and server certificates in place

It used to run fine for years… but now the (deprecated) Puppet infrastructure at the Flying Circus is showing signs of aging. It’s not about server hardware or something like this (fully virtualized anyway) – it’s about SSL certificates of Puppet’s own SSL infrastructure. Time for a face lift.

In the following, I will describe what we did to renew both CA and Puppet server certificates. Despite that this problem should occur on every Puppet server running for a prolonged amount of time, I found remarkably few resources on the net (that did not involve completely replacing the CA) – so I’m going to share our findings.

Continue reading How to renew Puppet CA and server certificates in place

Release 2017_010 with many security updates

During the last weeks we have prepared a larger update for our Gentoo based VMs. It will include many basic libraries as well as added support for Python 3.5 and 3.6. A detailed list of affected packages and changes can be found as usual in our ChangeLog. Please review the list of updated packages for libraries and tools that may have compiled into your applications. While we have tried to avoid link-level compatibility issues, a small chance remains that applications will not start afterwards due to dynamic linkage problems. Recompiling usually  solves this kind a problem.

As the update is a bit bulky, we opted for a staged roll out during the week. Each VM will get an individual scheduled maintenance slot according to the agreed pre-announcement period. Development and staging VMs will already receive updates during this weekend.

Please feel free to contact our support if you need assistance.

DevOps Sprint — Save the Date: 13th – 15th September

Let’s sprint together! Our traditional Autumn DevOps Sprint is coming up on 13th September – 15th September 2017 and we’d love to meet you in Halle!

Whether you’re interested in improving your applications‘ deployments, hack on DevOps tools, exchange ideas, learn new things: you’re welcome to join us. Sign up on MeetUp and get a chance to meet the Flying Circus Crew as well as people from NixOS, Python, our friends from gocept and other open source communities. 

Support during Ascension and Pentecost 2017

In Germany we have a few further public holidays coming up next time resulting in shorter-than-usual work weeks. Here’s an overview of our support availability. The highlighted days are national holidays and only covered for SLA customers:

  • 2017-05-22 (Monday): regular support
  • 2017-05-23 (Tuesday): regular support
  • 2017-05-24 (Wednesday): regular support
  • 2017-05-25 (Thursday): Ascension: SLA-covered emergency support only
  • 2017-05-26 (Friday): regular support
  • 2017-05-27 (Saturday): SLA-covered emergency support only
  • 2017-05-28 (Sunday): SLA-covered emergency support only
  • 2017-05-29 (Monday): regular support
  • 2017-05-30 (Tuesday): regular support
  • 2017-05-31 (Wednesday): regular support
  • 2017-06-01 (Thursday): regular support
  • 2017-06-02 (Friday): regular support
  • 2017-06-03 (Saturday): SLA-covered emergency support only
  • 2017-06-04 (Sunday): SLA-covered emergency support only
  • 2017-06-05 (Monday) Pentecost: SLA-covered emergency support only
  • 2017-06-06 (Tuesday): regular support

To ensure that all your applications in the Flying Circus are running smoothly we will monitor all regular support during business hours: Monday to Friday , 8-16 CE(S)T and SLA-covered emergency support as usual.

Have a good time, a safely flight – and don’t forget your towel this Thursday!