Misc Errors and Solutions Flask & sqlalchemy (flask-tables-py3.10) user@host ../flask-tables> python create_fake_users.py 5 Traceback (most recent call last): File "/Users/stoege/git/mpr_2023Q1/flask-tables/create_fake_users.py", line 6, in <module> from bootstrap_table import User, db File "/Users/stoege/git/mpr_2023Q1/flask-tables/bootstrap_table.py", line 18, in <module> db.create_all() File "/Users/stoege/git/mpr_2023Q1/flask-tables/.venv/lib/python3.10/site-packages/flask_sqlalchemy/extension.py", line 868, in create_all self._call_for_binds(bind_key, "create_all") File "/Users/stoege/git/mpr_2023Q1/flask-tables/.venv/lib/python3.10/site-packages/flask_sqlalchemy/extension.py", line 839, in _call_for_binds engine = self.engines[key] File "/Users/stoege/git/mpr_2023Q1/flask-tables/.venv/lib/python3.10/site-packages/flask_sqlalchemy/extension.py", line 628, in engines app = current_app._get_current_object() # type: ignore[attr-defined] File "/Users/stoege/git/mpr_2023Q1/flask-tables/.venv/lib/python3.10/site-packages/werkzeug/local.py", line 513, in _get_current_object raise RuntimeError(unbound_message) from None RuntimeError: Working outside of application context.

some Bash snippets Change Working Directory Switch the Working Directory to the Base Path where the Scripts remains. Helpfull for Includes, Log Files, Relative Path and so on … #!/usr/bin/env bash script_path=$(dirname "$0") cd "$script_path" Check Return Code Run a Command, store the Return Code, and check if it was successfull or failed #!/usr/bin/env sh check_ret () { if [[ "$ret" == "0" ]]; then echo "Command terminated sucessfully" else echo "Command returned an Error: ${ret}" fi } which bash > /dev/null 2>&1 ret=$?

If you need multiple SSH keys with passphrases for educational purposes, you can generate them as follows. The passphrase is set in the comments of the corresponding public key. SSH Key Generator Script cat << 'EOF' > /tmp/ssh-key-generator.sh #!/usr/bin/env bash # File f=/tmp/id_ed25519 # Cleanup test -f $f && rm $f $f.pub # Gen Key ssh-keygen -o -a 100 -t ed25519 -N "" -f ${f} # Extact Password (last 8 Char from PubKey) pw=$(cat ${f}.

how to Install and run Hashicorp Vault on OpenBSD in addition to [https://blog.stoege.net/categories/vault/](this Blog Entry), here some instructions for OpenBSD. Requirements VM with OpenBSD 7.2 (or older …) and root/doas permission Domain, or at least a FQDN Name pointing to your VM HTTP/HTTPS allowed from Internet (for Certificate Generation) Nginx installed (pkg_add nginx) Source https://developer.hashicorp.com/vault/docs/get-started/developer-qs Install Vault all the Steps must be run as root (or with doas) pkg_add vault Vault Config Backup the prev.

Do you like Word Clouds ? I do …! following a litte Script which Parse a Website and build a appropriate Word Cloud Script mkdir ~/mywordcloud; cd ~/mywordcloud cat <<'EOF' > main.py import fire import matplotlib.pyplot as plt import pandas as pd import re import requests from bs4 import BeautifulSoup from wordcloud import STOPWORDS, WordCloud def gen_cloud_tag(url: str = "https://blog.stoege.net"): # add https if not url.startswith("https://"): url = "https://" + url # get Webpage response = requests.

Running YubiKey on OpenBSD buy a Key and give try … Source https://www.yubico.com/ Install Software pkg_add yubikey-manager-3.1.2p4 pkg_add yubikey-manager-3.1.2p4 quirks-6.42 signed on 2023-01-08T01:39:04Z yubikey-manager-3.1.2p4:py3-click-7.1.2: ok yubikey-manager-3.1.2p4:py3-pyusb-1.0.2p5: ok yubikey-manager-3.1.2p4:pcsc-lite-1.9.8: ok yubikey-manager-3.1.2p4:py3-cparser-2.19p2: ok yubikey-manager-3.1.2p4:py3-cffi-1.15.1: ok yubikey-manager-3.1.2p4:py3-cryptography-38.0.0p0: ok yubikey-manager-3.1.2p4:py3-pyscard-2.0.3: ok yubikey-manager-3.1.2p4:py3-openssl-22.0.0: ok yubikey-manager-3.1.2p4:libyubikey-1.13p4: ok yubikey-manager-3.1.2p4:json-c-0.16: ok yubikey-manager-3.1.2p4:ykpers-1.20.0p2: ok yubikey-manager-3.1.2p4: ok The following new rcscripts were installed: /etc/rc.d/pcscd See rcctl(8) for details. --- +yubikey-manager-3.1.2p4 ------------------- NOTE: yubikey-manager (ykman) is only partially functional on OpenBSD. Most of the "ykman fido xxx" commands (pin-setting and others) stall.

Flask & JWT getting your hands dirty with Flask and JWT Source https://dev.to/grahammorby/jwt-auth-in-flask-python-18i4 with some modifications by myself … Environment Test under macOS & OpenBSD, Poetry installed and working Script build virtual env export app="app100" export FLASK_APP="${app}/app" poetry new ${app} cd ${app} set python 3.10 poetry env use $(which python3.10) gsed -i "s/python = \"^3.*$/python = \"^3.10\"/" pyproject.toml poetry lock add packages wget -4 -O requirements.txt https://raw.githubusercontent.com/GrahamMorbyDev/jwt-flask/master/requirements.txt echo "marshmallow-sqlalchemy" >> requirements.

Some Hands’on with MongoDB https://www.mongodb.com/docs/v4.4/introduction/ Run via Docker docker run -d mongo Install macOS brew install mongodb-community To start mongodb/brew/mongodb-community now and restart at login: brew services start mongodb/brew/mongodb-community Or, if you don’t want/need a background service you can just run: mongod --config /usr/local/etc/mongod.conf Install OpenBSD pkg_add mongodb--%44 mongo-tools-- Tune OpenFiles cat << EOF > /etc/login.conf mongod:\ :openfiles-cur=1024:\ :openfiles-max=2048:\ :tc=daemon: EOF cap_mkdb /etc/login.conf -> needs reboot … Start DB rcctl enable mongod rcctl start mongod connect mongo show dbs > show dbs admin 0.

Wireguard with Debian Grab a Fresh Debian which has Public Internet Access. Target is to build a WG Tunnel and assign a Public IP to the Server. Debian 11.6 apt-get install -y wireguard wireguard-tools Gen Key cd /etc/wireguard umask 077; wg genkey | tee privatekey | wg pubkey > publickey Set Vars myprivkey=$(cat privatekey) mypublicaddress="45.xx.xx.xx/28, 2a0e:xxxx:xxx::xxx/64" yourpubkey="3XK8xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=" yourpubip="45.xxx.xxx.xxx" yourpubport="443" Config cat << EOF > wg0.conf [Interface] PrivateKey = ${myprivkey} Address = PUBLIC_IP_V4/xx, PUBLIC_IP_V6/xx [Peer] PublicKey = ${yourpubkey} Endpoint = ${yourpubip}:${yourpubport} AllowedIPs = 0.

Intro Following a Working Example how to get Traefik and a few Dummy Containers running on Docker. If you wanna have a bit advanced Example and put some Variables in a “.env” File, you may wanna check this Post. Requirements Linux Host with Docker see here, Public IP Adress and rechable Port 80 & 443 two FQDN pointing to your IP: traefik.yourdomain.de whoami.yourdomain.de Docker Traefik Example cat << EOF > docker-compose.

Show Contexts kubectl config get-contexts CURRENT NAME CLUSTER AUTHINFO NAMESPACE * do-fra1-k8s-1-24-xxxxxxxxxxx do-fra1-k8s-1-24-xxxxxxxxxxx do-fra1-k8s-1-24-xxxxxxxxxxxxxxxxx do-fra1-k8s-1-25-xxxxxxxxxxx do-fra1-k8s-1-25-xxxxxxxxxxx do-fra1-k8s-1-25-xxxxxxxxxxxxxxxxx do-fra1-k8s-xxxxx do-fra1-k8s-xxxxx do-fra1-k8s-xxxxxxxxxxx Delete old Contexts kubectl config delete-context do-fra1-k8s-xxxxx sha256: f12aa09936d175b3e23f2eebc1c152675d68dce6096b9ec02d7f8429b954b4fe

Let’s give a Try with Kubernetes Mini, K3s Source https://k3s.io/ https://docs.k3s.io/ Overview TestSetup Booting a few VM’s on my ESX Host. All of them got 4 CPU’s, 32 GB RAM, 100G Disk 1 MasterNode Master 3 WorkerNodes Worker01 Worker02 Worker03 All Maschines are Running Debian Latest, that’s Version 11.6 at the Moment Setup Master curl -sfL https://get.k3s.io | sh - root@master:~/bin/test_kubernetes# curl -sfL https://get.k3s.io | sh - [INFO] Finding release for channel stable [INFO] Using v1.

I’ll give a try running an Application on Google Cloud. Not with great sucess :( Source https://codelabs.developers.google.com/codelabs/cloud-run-django?hl=en#0 https://codelabs.developers.google.com/codelabs/cloud-run-hello-python3#1 Get Cloud List, Active Account gcloud auth list gcloud config set account 'username@gmail.com' List Projects gcloud config list project [core] project = cloud-run-372113 Your active configuration is: [cloudshell-6045] username@cloudshell:~ (cloud-run-372113)$ Set Project ID gcloud config set project cloud-run-372113 username@cloudshell:~ (cloud-run-372113)$ gcloud config set project cloud-run-372113 Updated property [core/project]. Enable API gcloud services enable \ artifactregistry.

Fireup FreeBSD 14 Instance on AWS ?!? Install Packages pkg install gmake go git vim Install Lima git clone https://github.com/lima-vm/lima /opt/lima Patch File cat << EOF > /opt/lima/pkg/sshutil/sshutil_others.go //go:build !darwin && !linux // +build !darwin,!linux package sshutil import ( "runtime" "github.com/sirupsen/logrus" ) func detectAESAcceleration() bool { var err error const fallback = runtime.GOARCH == "amd64" logrus.WithError(err).Warnf("cannot detect whether AES accelerator is available, assuming %v", fallback) return fallback } EOF Build gmake Copy Binaries cp /opt/lima/_output/bin/* /usr/local/bin/ mkdir -p /usr/local/share/doc/lima && cp -r /opt/lima/_output/share/doc/lima/* /usr/local/share/doc/lima/ cp -r /opt/lima/_output/share/lima /usr/local/share/lima Install QEMU pkg install qemu-nox11 Get CPU root@freebsd:/opt/lima # qemu-system-x86_64 -cpu help | grep -i cascadelake x86 Cascadelake-Server (alias configured by machine type) x86 Cascadelake-Server-noTSX (alias of Cascadelake-Server-v3) x86 Cascadelake-Server-v1 Intel Xeon Processor (Cascadelake) x86 Cascadelake-Server-v2 Intel Xeon Processor (Cascadelake) [ARCH_CAPABILITIES] x86 Cascadelake-Server-v3 Intel Xeon Processor (Cascadelake) [ARCH_CAPABILITIES, no TSX] x86 Cascadelake-Server-v4 Intel Xeon Processor (Cascadelake) [ARCH_CAPABILITIES, no TSX] x86 Cascadelake-Server-v5 Intel Xeon Processor (Cascadelake) [ARCH_CAPABILITIES, EPT switching, XSAVES, no TSX] Export CPU export QEMU_SYSTEM_X86_64="qemu-system-x86_64 -cpu Cascadelake-Server" Start Lima switch to user

some Hands’on with Hashicorp Vault Source https://developer.hashicorp.com/vault/docs/get-started/developer-qs Install on macos brew tap hashicorp/tap brew install hashicorp/tap/vault Run on Docker in Background, you have to kill it later docker run -d -p 8200:8200 -e 'VAULT_DEV_ROOT_TOKEN_ID=dev-only-token' vault Unseal Key: 2KTIMp0Md52V2xTb0txxxxxxxxxxxxxxxxxxxxxxxxx= Root Token: dev-only-token this is a dev instance only and has no persistent data. don’t worry. Open Browser http://localhost:8200 -> root token Export in Terminal export VAULT_ADDR='http://0.0.0.0:8200' export VAULT_TOKEN="dev-only-token" Set Key curl --header "X-Vault-Token: $VAULT_TOKEN" \ --header "Content-Type: application/json" \ --request POST \ --data '{"data": {"password": "Hashi123"}}' \ -s http://127.