n

nullable.type

👨‍💻 Shropshire based technical problem solver ⌨ C# Specialist, agile coach, deployment wiz, and bearded warrior 🧔 In my spare time, I'm currently working on an open-source project called Octoplus. It extends upon OctoPus Deploy's command-line tools to provide methods for managing multi-project setups.

Auto OpenVPN killswitch and reconnect for dynamic IPs

The Problem

If you’re like me and run a home Linux server, you may wish to add some extra security in the form of a VPN connection to ensure traffic is encrypted. In my case, I use a Raspberry Pi to backup things like RAW images from my camera to an off-site location. The extra security gives me a little peace of mind, especially as the server generally uses a cellular connection.

I’ve been using UFW to work as a killswitch and only allow traffic via the VPN connection, but one issue I've had is with my trusted VPN provider is that they regularly rotate IP addresses. UFW uses iptables under the hood, meaning it can only be configured to use IP addresses explicitly and not a domain name. This has left my backup machine without an internet connection fairly frequently.

The Solution

Just to set this straight from the start, I’m no UNIX genius. I spend most of my time working with Windows machines and use Linux more as a hobbyist. That been said, I’ve written my fair share of code/scripts.

My solution is pretty simple; when disconnects happen:

  1. fetch a fresh list of IP’s from my internal DNS server.
  2. Update UFW .
  3. Update the OpenVPNconnection file and reconnect.

I thought I’d share my approach, as I failed finding any other solution online so this may be of help to others.

The first part is fetching the list of domains. To do this, I use dig.

ipoutput=$(dig $1 +short)

if [ -z$ipoutput]; then  
  echo “No ips found for $1exit 1  
fi

echo “Found ips $ipoutput”

readarray -t ips <<<$ipoutput

This gives me a nice list of IP address for the specified domain.

Now I know the correct ip addresses, I need to make use of them. The first job is to update UFW. I decided to use a template file so I can set it up as I want for each machine. This may not be the most elegant solution, but its pretty flexible.

ufwoutput=’’

for i in${ips[@]}do  
  :  
  ufwoutput+=$”### tuple ### allow udp any $i any 0.0.0.0\\/0 out\\n”  
  ufwoutput+=$”-A ufw-user-output -p udp -d $i -j ACCEPT\\n\\n”  
done

if test -f$dir_path/user.rules.tmp”; then  
  echo “Deleting tmp file…”  
  rm$dir_path/user.rules.tmp”  
fi

cp$dir_path/user.rules.template” “$dir_path/user.rules.tmp”

sed -i -e “s/\[content\]/${ufwoutput}/g” “$dir_path/user.rules.tmp” “$dir_path/user.rules.tmp”

mv$dir_path/user.rules.tmp” /etc/ufw/user.rules

echo “Reloading ufw”  
ufw reload

The script builds up a string containing the correct formatted lines for the user.rules file for UFW, creates a new copy of the template, replaces [content] in the file using sed then moves the file into the correct place (for ubuntu). The final thing to do is ufw reload to reload the user.rules file.

That’s UFW taken care of, time for OpenVPN using a similar method

openvpnoutput=’’

for i in${ips[@]}do  
:  
  openvpnoutput+=$”remote $i 1198\\n”  
done

if test -f$dir_path/openvpn.ovpn.tmp”; then  
  echo “Deleting tmp file…”  
  rm$dir_path/openvpn.ovpn.tmp”  
fi

cp$dir_path/openvpn.ovpn.template” “$dir_path/openvpn.ovpn.tmp”

sed -i -e “s/\[content\]/${openvpnoutput}/g” “$dir_path/openvpn.ovpn.tmp” “$dir_path/openvpn.ovpn.tmp”

mv$dir_path/openvpn.ovpn.tmp” “openvpn.ovpn”

This works in a similar way to the UFW code, replacing a [content] placeholder in the .opvn template file.

So that’s all the code to update UFW and OpenVPN. The next thing to do is to manage the connection. I do this via a simple script called from a cron job.

function getStatus () {  
  echo “Attempting to get device status…”  
  ip address show | grep $1 && return 1  
  return 0  
}

This is a pretty straightforward function. grep the output from ip address show to see if the OpenVPN connection is live. Return either 1for success or 0for failure.

The last thing to do is to check the result and connect if required.

getStatus $device  
if [[ $? == 0 ]]; then  
  echo “openvpn is not connected!”  
  echo “Reconnecting!”

  #Update config  
  updateIps $domain &> $dir_path/renew.out &disown

  openvpn — config “$dir_path/openvpn.ovpn” &>$dir_path/out.out &disown  
else  
  echo “openvpn is connected!”  
fi

If the output from getStatus is 0, then it will call to update the IP addresses and trigger a new OpenVPN connection with &disown to not wait for the connection to exit.

Now that’s all in place, all that’s needed to run the script automatically is a cron job to check as frequently as you wish.

*/1 * * * * cd /home/account/openvpn && ./auto-connect.sh “my.vpn.domain” “tun0” > out.out

If this is useful to you, rather than having to copy & paste the code I’ve wrapped all this up into a single script available on GitHub.

Wrap Up

As I say, I’m no Linux sysadmin but this script solves a problem for me and has been working well for the last few months. If anyone has any suggestions for improvements or comments I’d love to hear them. Even better, fork the repo on GitHub and pop in a merge request ❤

The Imposter in the room...

I still remember back in 2006 when I joined my first job in the tech industry after achieving my University degree. I was only the second C# developer at the company, lacking experience other than dabbling a few times in and out of modules. The other developer was our now Chief Technical Officer. He had single-handedly architected a C# system already in use at Universities across the UK. On top of that, he was the sys ops engineer at the time, provisioning and looking after hardware for hosting, amongst other things.

The feeling of pressure was real, not only to do a good job in the eyes of our CEO's who were in the same room at this point but also to my new role model and mentor. There were many times when I would pester him for help, at least that's how it felt. He'd often reply with a clear concise answer mentioning a term or idea I wasn't fully familiar with. Feeling the pressure and anxiety I'd nod, smile and agree as I was too afraid to ask for clarification. "He'll think I'm stupid, not good enough... I'll lose my job". The next 10 minutes would be spent researching the advice he'd given before it left my mind and then trying to implement it.

At some point in our careers, I think we've probably all felt something similar. It could be when joining a new position, or when a new peer joins the team doing a similar role. Maybe you've had a pull request rejected, or an idea shot down by a peer. The anxiety might kick in, feeling you don't belong or that you're not good enough to do your job. You'll be found out, and dragged into a 121 or worse. You'll be an imposter.

One of our developers was brave enough to bring up this subject during one of our weekly "tech time" development team meetings; an open forum to discuss tech ideas, team processes or show and tell around something you're proud of. He'd only been with us for maybe 6 months, and although we hadn't worked closely together it came as a bit of a shock. It was a brilliant place to bring it up though, as so many of our peers shared stories of the same feelings in the past when it happened to him and offered reassurance that it was normal to feel that way occasionally. As a team, I feel we've since been more focused on praising and giving a healthy dose of good feedback to peers where possible, such as on code reviews and in team meetings.

On several other occasions since then, I've had members of our development team mention that they get the impression I have everything figured out the same way I believed our CTO had when I first started my career. That was a little surprising to me, as from time to time I still get moments of self-doubt. I'm human, I sometimes make mistakes that make me question if I'm good enough. We've also had new, brilliant highly skilled people join our team doing a similar part of my role which has caused me to make a comparison between myself and them, often leading to similar feelings of self-doubt.

I think what's changed for me is how I try to approach this now. You made a mistake, this is the perfect time to reflect and analyse the root cause. Once you have the root cause, make a plan to avoid it happening again and learn. This might be a team activity or something you do yourself. Mistakes are excellent opportunities to develop and grow, don't waste them. Something generally caused that mistake such as a process that's not quite right that can be adjusted.

The second thing is embracing the opportunity to learn from others. Don't be afraid to ask questions or learn from your peer's wins. An example of this is we've recently had some brilliant agile coaches come to join us. It was amazing to arrange a chat and explain our current process, seek advice from a once outside perspective and develop tangible improvements. These meetings are a regular part of the process where we share the good and the bad helping us all improve.

So next time you suffer from feeling like an imposter, remember some of the peers you're working with have probably felt that way before. They may even be feeling it right now and their reaction to something you suggested is part of a way to defend themselves. Try to focus on learning from your mistakes and soak up the knowledge of your peers, they're both great opportunities to develop. Don't be afraid to ask questions for clarity and don't be afraid to ask for feedback from your peers or line manager. One of our colleagues recently sought feedback from several members of the team as part of their onboarding. This helped completely change their perspective on their progress in a positive way.

For me, as aforementioned, I still get moments of self-doubt from time to time... especially when speaking to our brilliant CTO. The difference is now I'm not afraid to ask questions however stupid I think they might be. Over a decade later and we still work closely together, looking after a team of brilliant, bright, dedicated peers.

Thoughts on fine tuning your tech CV

It's almost cruel that your first step into a potential new role often falls to a few A4 sides attempting to summarise yourself; your skills, your drive, your goals. You're more than that can cover. The person reviewing your CV knows that, but they face a difficult decision on whether to invest the time to get to know you based on this first introduction.

I've been responsible for hiring into multiple technical positions over the years across different skill areas including developers, testers and sys ops engineers. Some of these have been recent graduates, others looking for senior positions after decades in the industry.

In fact, we're always on the lookout for awesome people to join our team. Be sure to get in touch if you're interested in knowing more 😀

I've seen a wide array of CV styles, some that have delighted me and some that have been difficult to navigate. I thought it may be useful to someone out there, or maybe just myself, to list out some of the suggestions I can think of to help make your tech CV easier to digest. These are all based on real examples I've seen more than once.

Consider your audience

This isn't just for your CV's, this is for everything. Whether you're applying for a new position, putting in a merge request to your peers or writing a best man's speech... it's important to put yourself in the shoes of the person you're writing for. What do they want to know?

Regarding CV's, imagine you're in the position of hiring for the job you want. What would you want to know, what information matters and just as importantly what information doesn't?

The opener

Although it is unlikely to be the first section that is read, a personal statement is an opportunity to impress and set a clear indication about what you're looking for and have achieved. If well written, it can easily help you stand out from other candidates.

One of the biggest traps I've seen people fall into is to state the basic cliches. I'm talking about things like "hard-working" or "dedicated", they're really expected traits and don't need to be said. Space on your CV is precious, and I'm sure there are things that you're proud of you want to tell the reader about over basic statements.

The second thing I often see is an overuse of vocabulary. You don't need to impress with fancy words, do so by saying what you've achieved in a clear and easy to read manner.

Pick out the key accomplishments and skills you want the reader to know about you, what the position you're looking for is and the direction of your career. Be honest, you don't want to lie and get an interview for a position you don't want, but feel free to tailor it to the position you're applying to. Keep the fancy words to a minimum, but don't be afraid to be confident about what you're good at.

Here's an example of what I'd consider a good personal statement.

An ISTQB certified software developer in test with 8 years' experience testing enterprise level web applications. Designed, written and maintained frameworks that ensure a high level of quality and resilience, including testing web API's and applications for functionality and performance that have reduced required testing time by 50%. Thrives on the opportunity to mentor other testers, work collaboratively in a team and has a keen eye for spotting opportunities for improvement. Now looking for the next challenge to use the skills gained to make a difference and continue professional growth.

Size matters

If your CV is jam-packed with information covering 10+ pages, then it's going to be difficult to digest and pick out the relevant information you want the reader to see.

Similarly, if your CV is a page or less, you're likely omitting really useful information about yourself and your skills.

The best CV's I've personally seen are generally around 1-3 pages long. Any longer than that then you may benefit from having a tidy.

So how do I make the best use of the space?

Keep it relevant

The IT sector runs at a super-fast pace. Your most recent positions are always likely to be the most relevant on your career path. Take a look at your previous employment. That job you did 5+ years ago using some obscure or out of favour tech... ask yourself, do I want to even do that thing again? Is it relevant to this position or where I want my career to go?

The further back your experience the less specific you probably need to be. Don't omit previous positions altogether, but you can afford more brevity the further back you go. One size doesn't fit all, just use the space wisely.

Summary of tech skills

We use so many tools, so many processes and workflows... you want the person reviewing your CV to see all the wonderful things you know and have used. This can quickly turn into 1/4 of a page of your CV or a giant list of unsorted tools and skills.

The problem is if you're not careful you can really hurt its usefulness. Take a look at the following example:

C#, Visual studio, MVC, WebApi, Postgresql, MongoDB, T-SQL, Flask, SQLite, LiteDB, Entity Framework, PostgreSQL, SQL Server, AWS, Python, Microsoft Word, Fiddler, Postman...

The first issue is that there are quite a few things that are not relevant and just distract from what you're actually good at. Things like listing Visual studio along with C# when that's pretty much implied or listing office tools which is an expectation for any IT job. There may also be things you have no real interest in doing again, so think if it's worth listing them. Some may just be completely irrelevant for the position you're applying for.

The second issue is that it doesn't really give any idea of your experience. I've seen lots of CV tip sites that recommend a list of years of experience but that doesn't always help. Take for example C#. Is that building desktop apps, or web APIs? Maybe it's all in windows services or WCF.

My current suggestion would be something like the following, but I'd love to hear/see your ideas 🙂

Type Technologies
Core Languages C# 7+, Asp.Net 4+ (WebApi & MVC), Entity framework
Core Databases PostgreSQL, MongoDB, T-SQL
Core Tooling OctopusDeploy, TeamCity, Fiddler, Postman
Other Python, Flask, Ms SQL Server, SQLite, LiteDB, AWS (EC2, X-Ray S3)

It's always a good idea to link any experience you mention in the summary with your job roles and include context, like:

In this role, I was a key architect in developing large scale C# (8.0, .net 4.7.2) apps with PostgreSQL and entity framework.

The design

This doesn't apply to all roles as it may be useful for a graphic designer position for example but if you're applying for a developer/tester/sys ops type role don't focus too much on the design. Stand out by your clear and obvious thought when preparing your CV by keeping the content clear and easy to read. You don't need colours, graphics or charts to sell yourself, they're just a distraction. I'm not saying make it ugly, just don't overthink it.

The bonus

You're in this industry (hopefully) because you love tech. You probably have personal projects you work on outside of your normal job. It's always a real bonus to get to see what candidates have worked on in their spare time, throw that GitHub or personal website link in there or in your covering letter.

So that's it, I hope you found some of it useful. Some of the points may seem a little obvious, but they're all based on things I've seen frequently.

I'd love to know if you agree with any of these thoughts, or maybe you have some of your own tips and tricks you'd like to share? ♥

Serif Affinity Photo/Designer/Publisher

I'm by no means a graphic designer or professional photographer, but I've spent a lot of time dabbling in both raster and vector editing in my spare time. Be it from amateur photography projects or designing icons for apps/websites. I've given it all a go.

One of the big barriers for doing so smoothly has been the tools. There are some fantastic professional tools out there but often they prove very costly for inconsistent personal use.

Back in 2016, a colleague recommended Affinity Photo/Designer to me. I couldn't believe such a reasonably priced series of tools could seriously be an alternative. After a small time trying them out, it was clear I was wrong. Since then, I've used both Photo and Designer for so many personal projects and have found them brilliant and reliable.

I'm in no way affiliated with Serif, other than being a long-term user of their software and want to share a recommendation.

They currently have a 50% off sale, an absolute bargain. If you like photo editing or vector design, go check them out 😎.