Hi there !!

Welcome to my tech blog! This is where I jot down useful findings, tips, and solutions I’ve discovered along the way. While these notes primarily serve as my personal reference, I believe they might help others facing similar challenges. I hope you’ll find something valuable here.

Rabbitmq Container - SSL

Create a container (SSL) First, create a new working directory and prepare your certificate files: mkdir gcs-rabbit-ssl cd gcs-secure-rabbit mkdir certs # Copy your certificates to gcs-secure-rabbit/certs: # - ca.crt # - mid-ca.crt # - server-001.crt # - server-001.key Set 644 to these certificate chmod 644 certs/* Create a rabbitmq.conf file with SSL configurations: # RabbitMQ Configuration File # Disable non-SSL listeners listeners.tcp = none listeners.ssl.default = 5671 # SSL configuration ssl_options.cacertfile = /etc/rabbitmq/ssl/ca-bundle.crt ssl_options.certfile = /etc/rabbitmq/ssl/server.crt ssl_options.keyfile = /etc/rabbitmq/ssl/server.key ssl_options.verify = verify_peer ssl_options.depth = 2 ssl_options.fail_if_no_peer_cert = true # Management SSL configuration management.ssl.port = 15671 management.ssl.cacertfile = /etc/rabbitmq/ssl/ca-bundle.crt management.ssl.certfile = /etc/rabbitmq/ssl/server.crt management.ssl.keyfile = /etc/rabbitmq/ssl/server.key Create a Dockerfile: FROM rabbitmq:3.11.10-management # Create SSL directory RUN mkdir -p /etc/rabbitmq/ssl # Copy certificates COPY ca.crt mid-ca.crt /etc/rabbitmq/ssl/ COPY server-001.crt /etc/rabbitmq/ssl/server.crt COPY server-001.key /etc/rabbitmq/ssl/server.key # Create bundle certificate RUN cat /etc/rabbitmq/ssl/mid-ca.crt /etc/rabbitmq/ssl/ca.crt > /etc/rabbitmq/ssl/ca-bundle.crt # Copy config file COPY rabbitmq.conf /etc/rabbitmq/rabbitmq.conf # Expose SSL ports EXPOSE 5671 15671 CMD ["rabbitmq-server"] Build and run the container: # Build the image sudo docker build -t gcs-secure-rabbit:latest . # Run the container sudo docker run -d --hostname secure-rabbit --name secure-rabbit \ -p 15671:15671 \ -p 5671:5671 \ --restart always \ gcs-secure-rabbit:latest Check the container logs after running it: sudo docker logs secure-rabbit See also: RabbitMQ Container - HTTP ...

March 30, 2025

Upload Docker Image to ECR

Configure in AWS management console Stay in the working directory where Dockerfile is located (e.g., ~/gcs-rabbit) Open Repository page in Amazon ECR Create a repository by the code below aws ecr create-repository --repository-name gcs-normal-rabbit --region ap-southeast-2 Click “View push command” and follow the instruction with sudo command See also: RabbitMQ Container - HTTP RabbitMQ Container - SSL

March 29, 2025

RabbitMQ Container - HTTP

Create a container (HTTP) Install Docker sudo yum install docker -y sudo systemctl start docker sudo systemctl enable docker docker --version sudo docker info Create a workiing directory mkdir gcs-rabbit cd gcs-rabbit Create “Dockerfile” # Use the official RabbitMQ image from the Docker Hub FROM rabbitmq:3.11.10-management # Set the default RabbitMQ environment variables ENV RABBITMQ_DEFAULT_USER=guest ENV RABBITMQ_DEFAULT_PASS=guest # Expose ports for RabbitMQ and the management UI EXPOSE 5672 15672 # Copy rabbitmq.conf if you have additional configurations COPY rabbitmq.conf /etc/rabbitmq/rabbitmq.conf # Start RabbitMQ server CMD ["rabbitmq-server"] Create “rabbitmq.conf” # RabbitMQ Configuration File # Listeners for AMQP (5672) and HTTP management (15672) listeners.tcp.default = 5672 management.tcp.port = 15672 # Optional: Define a specific IP address to bind to # (Uncomment the next line to specify a specific IP) # listeners.tcp.default = 0.0.0.0 # Disable SSL (since you're focusing on HTTP only) ssl_options.verify = verify_none ssl_options.fail_if_no_peer_cert = false Build a Docker Image sudo docker build -t gcs-normal-rabbit:latest . sudo docker images Test the Docker Image locall sudo docker run -d --name brown -p 5672:5672 -p 15672:15672 gcs-normal-rabbit sudo docker logs brown See also: RabbitMQ Container - SSL ...

March 28, 2025

Conigure Image Builder in AWS

Select the right image to be updated Configure Image Builder Configure Network Review Confirmation

March 27, 2025

SQL Server - Check Secure Connnection

sqlcmd -S d11-sql-db001.gcs.cloud -U sa -P Password123 1 > 2 > 3 < exit sqlcmd -S d11-sql-db001.gcs.cloud -U sa -P Password123 -Q "SELECT session_id, encrypt_option FROM sys.dm_exec_connections WHERE session_id = @@SPID;" session_id encrypt_option 53 FALSE

March 27, 2025

sysprep in AWS

Delete all the items controlled by Group Policy (e.g., Certificates, Firewall Settings) Open “Amazon EC2Launch Settings” and click ”Shutdown with Sysprep”

March 27, 2025

OpenSSL Initial Setup

OpenSSL Initial Setup Create a folder structure mkdir -p certs/{ca,mid-ca,server}/{private,certs,newcerts,crl,csr} Change the permissions chmod -v 700 certs/{ca,mid-ca,server}/private Create index files touch certs/{ca,mid-ca}/index Set a serial number openssl rand -hex 16 > certs/ca/serial openssl rand -hex 16 > certs/mid-ca/serial Copy and place the configuration files ca.conf - mid-ca.conf

March 10, 2025

Managing AWS Accounts in Terminal

Register AWS Accounts to the Terminal Set AWS Credential The command to check the Current AWS Credentials aws sts get-caller-identity The command to clear the AWS Account from the terminal unset AWS_ACCESS_KEY_ID unset AWS_SECRET_ACCESS_KEY unset AWS_SESSION_TOKEN

February 27, 2025

Deploy a Amazon Linux 2023

Deploy a Linux machine Update OS sudo yum update -y . Update Hostname and check it sudo hostnamectl set-hostname DEV-VAR-OIDC2.apj.cloud hostnamectl Update TimeZone and check it sudo timedatectl set-timezone Australia/Sydney timedatectl DNS Settings - Make sure all the DNS servers are registered sudo vi /etc/resolv.conf Install some components for any Linux OS sudo yum install sssd-ad sssd-tools realmd adcli Install some components for Amazon Linux 2023. sudo yum install oddjob oddjob-mkhomedir Check the status of Active Directory realm discover apj.cloud ...

February 25, 2025

Ignore Settings in GitHub

How to Ignore Uploading Folders and Files to GitHub For example .venv folder Open your project folder in VS Code. Open .gitignore file in the root of the project Add the following line to .gitignore: .venv/ Save the file. then Git will ignore the .venv folder, and it won’t be tracked in your repository. If .venv was already committed before, you’ll need to remove it from Git history using: git rm -r --cached .venv git commit -m "Removed .venv from repository" git push origin main # or your current branch You can check if .venv is ignored by Git using the following command ...

February 25, 2025