Identity, shame, stigma, and intolerance

I have seen a great number of people in the past few years disavow being a part of a culture or community that they once enjoyed or identified with due to an influx of sexism, nationalism, or other intolerance. I feel like this is a mistake and will only serve to strengthen intolerance amongst the… Continue reading Identity, shame, stigma, and intolerance

Configuring a more secure password hash for OpenLDAP

While working on the Galapagos infrastructure, we ran in to an interesting issue: using passwd(1) as an LDAP user would cause it to add another password instead of modifying it. Setting up the slapo-ppolicy(5) overlay then caused passwd(1) to then fail with: password change failed: Password policy only allows one password value passwd: Authentication token… Continue reading Configuring a more secure password hash for OpenLDAP

Configuring Apache 2.4 to serve GitLab over TLS / HTTPS

As part of my work assisting in the set up of the infrastructure for Galapagos Linux, I volunteered to install and configure GitLab. My colleagues had attempted to use the Debian Omnibus package, but that failed in spectacular ways, including references to directories in the configuration that did not exist after package installation. The most… Continue reading Configuring Apache 2.4 to serve GitLab over TLS / HTTPS

Configuring OpenLDAP to authenticate using X.509 client certificates

This is not meant to be a comprehensive guide by any means, but information on the Web for configuring OpenLDAP to authenticate using X.509 client certificates is lacking. And in some cases, over a decade old! It took me hours to find the documentation I needed, but only minutes to see it working once I… Continue reading Configuring OpenLDAP to authenticate using X.509 client certificates