I’m sure someone has developed a jQuery plugin that does exactly what I want (but I won’t understand a single bit of)

Commit strip

Yesterday opus of French webcomic Commit Strip was not the funniest ever, but certainly one of the most interesting. There’s a lot to say about those 2 guys, and the reactions I had after tweeting about the one I would hire were worth blogging about.

If I had to hire one of those guys, I’d took the one on the right. He’s a system administrator, which gives me a natural feeling of sympathy for him. And I love his “let’s code, release and share” state of mind to the “I’ll browse the Web and find someone who’s already done the job for me” one.

Things would be easier for me if one of these attitude were 100% good or evil. It’s easy to make first read assumptions when the most interesting part of the comic is what’s not written.

Does the guy on the left understand what he’s doing?

That’s the first question I asked myself when I read about the guy on the left. Or, to be honest, here’s what I thought: “this guy has no idea what he’s doing. He’s unable to code what he’s been asked to do, so he’s relying on someone else’s job. There’s a large chance he won’t understand how the script works, so he’s looking for an easy cut and paste tutorial”.

That may seem unfair from me. I got influenced by the wording used there: “I’m sure someone has developed a jQuery plugin that does exactly what I want”.

If this is the case, then he puts the whole project at risk. My sarcastically inclined mind and knowledge of the comic make me think “He’s working for a Web agency so he’s doing quick and disposable code”. I know that’s unfair. Some agencies do a great job with maintainable code, performance and accessibility.

But yet, his project is certainly going to be an insane salad bowl of redundant, incompatible, insecure Javascript plugins. It will work but with poor performances and low maintainability.

But what if he’s a lazy crack?

I tend to value lazy people, they make awesome computer engineers. They’re great at building automated reliable things so they never do the same job twice.

So let’s say this guy is a kazy crack. He knows what he’s doing. He’s already released tons of jQuery plugins. His plan is to integrate the plugin it in a whole, well documented, well maintained framework. In the end, he’ll send the author a pull request with new feature and refactored parts.

This guy is actually focused on releasing something without reinventing the wheel. He’s relying on the community knowledge to save time with solving a problem someone already worked on. That’s how open source works baby!

Unfortunately, I don’t think he is that kind of guy. Because he’s looking for a plugin that does exactly what he needs, I’m sure he will use it as is.

What about the Not Invented Here syndrome?

The beard guy has the right state of mind, hasn’t he? He wants to code something and release it as an open source library “if it comes out nicely”. I love it, but as Jean-Baptiste Barth said on Twitter, it can also hide the not invented here syndrome.

Not invented here

Quoting Wikipedia

Not invented here (NIH) is the philosophy of social, corporate, or institutional cultures that avoid using or buying already existing products, research, standards, or knowledge because of their external origins and costs.

We had no clue whether or not this guy had made prior research to find an existing library he can use or start from. Maybe he’s putting the whole project at risk because he has decided to start from scratch but did not evaluate the time it would take to do it.

That’s an important part of planning a project. A homemade solution has risks and costs that need to be planned before the whole project start, and you’re never sure how it turns out.

I’ll release it if it comes out nicely

Most companies I’ve been talking with about releasing open source code came with the same answer:

Releasing open source code is showing our knowledge. We can’t show uncommented, not perfect code to the world. Our image of technical excellence is at stake. Neither can we allocate time to fix bugs and maintain it for the community.

I don’t think it’s an acceptable answer. If Linus Torvalds had came with this state of mind, we’d still be using commercial UNIX all over the world. And the community is more about helping to fix things when they think it’s useful than asking for your time.

Chris Raethke settles the debate saying:

Not good enough for open source

If not good enough for open source v0.9, do you want it in your codebase?

I bet you don’t, but you’re probably too much in a hurry running the race for feature to think about it.

Chris, still him, comes with a pretty nice conclusion, suggesting to pitch both solutions to the team and see which one to pick up. As a realistic open source contributor, I guess the answer lies somewhere in between.

Pitch your team


Cet article a été publié par Frédéric de Villamil sur Le Rayon UX | Si vous l'avez lu ailleurs sans qu'un lien ait été fait vers l'article original, c'est qu'il a été reproduit illégalement.

Just released: Platypus theme for Oh My Zsh

Platypus shell

I’ve just release Platypus, a simple and convenient theme for Oh My Zsh I’m using on both my Mac and FreeBSD server along with iTerm2 Solarized theme.

I’ve been using the same ZSH configuration since 2001 and as my favorite shell was evolving, large parts got broken. It also had many stuff dedicated to my school machines which was not useful anymore, obviously.

Last night, I was about to drop everything I needed, fixed what we meant to be fixed. I finally decided I did not want to spend hours on it, considering I did not have them anymore. When I was 18, I used to spend my nights compiling the whole KDE stack and tuning my workstation until I got pleased from the kernel to the window manager shortcuts. I now prefer spending my time exploring more exotic things and use what works out of the box, hence Oh My Zsh.

Why Platypus?

A platypus

Platypuses are cute. Platypuses are cool. Platypuses make great secret agents. Platypuses are awesome killing machines. And platypuses are the final proof God has a sense of humor.

What does Platypus do?

I was playing with the theme, but most of them are too fancy / information overloaded (or simply ugly), so I started to do something that would only display what you really need:

  • your machine short hostname
  • when you’re logged as root
  • your git branch and state
  • return codes when they’re != 0

Platypus is released under the MIT license, feel free to fork and adapt.


Cet article a été publié par Frédéric de Villamil sur Le Rayon UX | Si vous l'avez lu ailleurs sans qu'un lien ait été fait vers l'article original, c'est qu'il a été reproduit illégalement.

10 ans

C’est difficile à décrire la naissance d’un site, ce qu’on voulait faire, ce que l’on a finalement fait, les doutes, les satisfactions, l’incompréhension de certains, les encouragement d’autres, parfois les mêmes d’ailleurs (normal c’était une surprise). Et le résultat est là, sous vos yeux ébahis : merci à vous, visiteur !

Ouverture de rideau, 30 septembre 2004

Dix années de présence, plus ou moins régulière, plus ou moins pérenne. C’est passé par de la bio-informatique, la création d’ubuntu-fr, la découverte de Python, des réflexions sur la liberté, des essais en CSS, des billets personnels, de l’énergie avec django-fr, des coups de gueule, le grand saut en freelance, quelques photos, un peu de sport, du web sémantique, le montage d’événements, une année au Japon, la co-création de scopyleft, de la philo de comptoir et enfin la paternité. Plein de projets avortés, pas mal de discussions stériles, des rencontres toujours un peu spéciales, des rides numériques partagées. Dix années à tisser ma propre toile. Des liens sans intentions, par affinités au hasard des rencontres. Une audience suffisamment limitée pour ne pas prendre la grosse tête ou être dérangé dans mon intimité.

Cet espace de publication m’aura tout appris de mon métier : l’importance des données et de leurs liens. Je l’ai appris dans la douleur : le design a changé 6 fois, les URLs 5 fois, les données 4 fois, le nom de domaine 1 fois. Ce lieu m’a permis d’expérimenter et de prendre du plaisir à ça, d’être corrigé et de capitaliser itérativement. J’ai offert un cadeau à mes écrits dernièrement en utilisant les polices Fira Sans et Equity afin de vous préserver des mouchards d’Adobe/Typekit (et le gain niveau performances est impressionnant). J’ai d’ailleurs rafraichit un peu tout ça, en utilisant TinyTypo et LESS. Je voulais notamment mettre en avant les citations qui débutent les billets, ça reste très minimaliste pour l’instant et il reste les finitions.

Et pour ces 10 prochaines années ? Peut-être du son, peut-être de la vidéo, peut-être du papier, peut-être la page blanche. J’espère avoir toujours de l’énergie pour explorer et partager de nouveaux centres d’intérêts. Avec vous ?

The curse of the grouped email and the bloody reply all button

The postmaster

Despite about 191 billion messages sent each day, 95% being spammy, I consider email being an incredible failure, the biggest one being it’s the most used way to communicate on the Web.

Email is insecure per se, unless you rely on multiple third party technologies. Email is unreliable in a business, built to last context since data preservation depends on the last sender being in the company. And no one knows how to properly reply to an email.

In other word, I hate email, and the six years I spent working for an enterprise social software company did not fix what I thought about it. I hate email, but the worst is group emails and that bloody reply all button.

When I gave my elder son the keys to his email account, I told him 2 things.

The first one was about filters.

Avoid subscribing to stupid services, but if you do so, always add +the-service between your first name and the @. You don’t understand why yet, but you’ll thank me when you discover Mail filters.

The second one was even more important.

Never ever put more than 1 person in the To: field. And avoid using CC: as much as you can.

A few years ago, one of my kids teacher who obviously lacked email mastery sent a message to all the class family, writing the email addresses in the TO: field. As this message was informative only, she did not expect half a dozen people to click reply all and send « OK thank you » to 25 persons. Neither did she expect an unhappy family to start bitching about the school and the teacher.

Most parents being happy with the school, the teacher had lots of supportive messages, still using reply all and the whole story should have stopped there.

Unfortunately, it didn’t.

The teacher sent an email to all the class explaining that the school had issues with then, this leading to both families (the fathers are 2 brothers) to withdraw all their kids. No bitching there, but a huge mistake: clicking once more on the reply all and sending the message to the complainers.

Things quickly got ouf to control.

Rumors started to spread that the teacher was not really good and the kids ended their year without the basic knowledge, or that she used to hit the kids. Indeed it was false but the principal had to throw himself in the battle to stop the dogfight.


Cet article a été publié par Frédéric de Villamil sur Le Rayon UX | Si vous l'avez lu ailleurs sans qu'un lien ait été fait vers l'article original, c'est qu'il a été reproduit illégalement.

If you haven’t dropped Feedburner yet, this mind blowing reason will convince you to do it

RSS funerals

I know I should stop using Buzzfeed like titles, but they’re so lame they’re funny.

I’ve just ditched Feedburner after using it for almost 9 years.

Back when blogging was cool and RSS was something, Feedburner was the must have service for every blogger who wanted to deliver more than plain XML. Feedburner could do almost everything with your RSS feed, from adding sharing buttons to turning it into an email newsletter. But most people were actually using it as an online penis enlargement tool, displaying the subscriber counter button on their Web site.

The service decay started not long after it was acquired by Google, following the long and certain agony of RSS, and more generally speaking XML as a technology. When Google closed Reader in 2013, many people worried that they would discontinue Feedburner which was still serving millions of feeds each day.

But nothing happened.

Nothing happened except Google decided to make HTTPS a ranking signal. I won’t debate whether or not it’s a good or bad idea for I think it’s both. But a few days ago, after moving my blog to HTTPS, I realized my feed was not updated anymore.

After updating my configuration to have it use my https URL – in case it was unable to follow a 301 redirect – I was surprised to notice Feedburner was throwing a 400 Bad Request error. Despite Google guidelines promoting the use of HTTPS, Feedburner, a Google service is unable to handle it.

That’s a bad news for the millions RSS feed still served by Feedburner, isn’t it?

Well, not really. That’s pretty much the opposite. It’s been years since nothing has changed on Feedburner except Adsense support being discontinued, and the redirect for deleted feed that was raised from 1 month to permanent. And for years, Feedburner has been serving feeds to people who were still using RSS. And now, Feedburner being unable to serve RSS using HTTPS is an awesome opportunity for site owners to take their feed back.

If you’re familiar with this blog, you know I’m part of the Indie Web movement that promotes taking back the Web to you. I’ve been publishing a lot about POSSE, Publish on your Own Site, Syndicate Elsewhere. POSSE is a way to take back your data ownership while still using the silos like Facebook or Twitter as broadcasting hubs.

Taking back your RSS feed ownership is as important as owning your published data. I know it may sound funny in late 2014, but still. Do you find normal that people subscribe to an agonizing third party service to access your content? Probably not, and you’ll probably want to take it back.

Here’s how you can do it.

If you’re still using it, move the email newsletter to somewhere else. Mailchimp provides an awesome RSS to email service. It’s free below 12,000 emails a day, you can import your Feedburner subscribers, and export them when you want to leave Mailchimp.

Second, ensure you remove that redirect from your blog RSS feed to Feedburner. If you’re using Apache and Wordpress, you’ll probably have to delete a few rewrite rules from your .htaccess file.

Log into your Feedburner account. I’m pretty sure you haven’t done it for years have you? Select the feed you want to delete.

Select the feed you want to delete

Click on the delete feed link, and check With permanent redirection.

Delete your feed

Submit. You’ve set your feed free.

There’s one more thing you need to do. In the past, you’ve probably setup many forgotten service to transform and serve your feed. If you still remember some of them, login and ensure you move the address to your own feed, just in case the permanent redirect is not that permanent.


Cet article a été publié par Frédéric de Villamil sur Le Rayon UX | Si vous l'avez lu ailleurs sans qu'un lien ait été fait vers l'article original, c'est qu'il a été reproduit illégalement.

How much time do you spend blogging each day?

Writing a blog post

Benoit Laurent asked me how much time I spent writing my blog posts each day. Since August the 15th, I’m back into blogging once a day six times a week, about 600 words a day. Add the fact I write in English, which is not natural to me, and you’ll imagine how time consuming it can be.

My short – 600 to 800 words – posts take me less than 1 hour to write, mostly because I’ve been thinking about them for a while, split into 4 parts.

Finding a topic: 10 minutes

That part happens during my daily commute. I scan my nightly Twitter timeline and what I’ve sent into Pocket, looking for subtopics I can write about. Then I send myself an email with 2-3 ideas worth thinking about during the day. Many people say I should be using Evernote instead, but I really don’t like Evernote client even though it syncs everywhere.

Most of the time, I won’t write about what I’ve picked up that day because there’s already something I’ve been willing to publish before. It can be an answer to someone on Twitter, a blog post, or something related to the latest breaking startup news.

Writing the post: 25/30 minutes

That’s the longest part, and I usually do it during my commute back home, or after my supper. It used to take 45 minutes to 1 hour, but after 1 month and half I’m working much faster.

Indeed, it means I don’t have the writer block anymore, but it seems to have disappeared since I stopped writing in French.

I have a mental canvas to write my posts, but no real structure. That’s something I’ve been thinking about for a while now. It would give my posts consistency over time, and would help me write faster, but I fear it triggers the writer’s block.

Editing the post: 10/15 minutes

Editing is as important as writing. That’s where I realize how perfectible my English is, and how hard it must be to read for native English speakers.

I usually take a 1 hour break before I edit my post, and I use a different editor to have a real context change. I write my posts using Ulysses III on my Mac, and edit on Hemingway Editor. Hemingway is incredibly buggy, but it provides great editing feature like showing hard to read sentences, abuse of adverbs or passive voice.

Finding an illustration: 5 minutes

After I’m done with editing, I browse Flickr a bit looking for a nice Creative Commons illustration I can use. I have a precise idea of how I want my article to look like, and never takes long to find something.

When I find my illustration, I publish the post for the day after, 3AM so I can keep my blogging pace.

Pushing on the social networks: 2 minutes

During the morning, I push my post on the various social networks I have an account on.

  • Indeed, Twitter, which is the one I use the most.
  • Facebook, where this blog has a page you can like if you want.
  • Google+ where I usually get a few comments.
  • Linkedin, but it seems using https breaks it.

I sometimes write longer posts that needs much more documentation, HOWTOs. I also used to translate some English post that worth it in French. Those post can take up to 4-5 hours so I don’t write them often.


Cet article a été publié par Frédéric de Villamil sur Le Rayon UX | Si vous l'avez lu ailleurs sans qu'un lien ait été fait vers l'article original, c'est qu'il a été reproduit illégalement.

In the open source world, there’s no little contribution

Open source world

I’m going to tell you a long hidden secret about open source projects. It’s something no one think about when watching the glorious list of any a major project contributor. It’s something so critical but so simple you’ll probably stop reading here saying: « good teasing job Captain Obvious ».

There is no little contribution.

Fixing typos in the documentation is as important as fixing a critical bug: both of them prevents the users from running the project and affect its overall credibility.

Adding small UX improvement is as important as adding major feature because details are the difference between a good project and a great one.

Maintaining translation is as important as anything else, because it allows to broaden the users base, makes the project easier to use, and lowers the technological barrier.

Consequence: anyone can contribute to the « big » open source projects, because there’s always something to do.

I’ve done 4 Python scripts in my life. Three of them were patches for Ansible EC2 modules, and they’re all in stable 1.8. That’s something I’m proud of. At 36, after 18 years of open source contributions, Ansible is the biggest project I’ve ever pushed code to.

For years, I have watched many projects, thinking how I could contribute, to conclude « I’m not good enough ». I was wrong, you don’t need to be a Jedi to contribute to a major open source project, but it’s better to need it.

Having a problem is the most common way to start a company. It’s also the best way to start contributing to an open source project. It’s usually a bug, or a missing or unfinished feature.

Before sending code or any contribution, there’s a few steps to take.

The first one is to look for a contributing to XXX document. It’s usually in the project doc directory, and it give the various guidelines you need to know.

Most of them are more or less the same:

  • If you want to fix a bug, check if there’s an issue, if not, open one (makes release management easier, really).
  • If you want to add an important feature, join a mailing list to see how it fits the roadmap.
  • Provide tests when appropriate, ensure the build won’t break.
  • Document what you do, ensure your commits atomicity.

When no one knows you, it’s often easier to provide targeted pieces of code, like bugs, small planned feature or refactoring. Introduce yourself to the community, even more if it’s a big one. The community is a great place to get help on contributing, having your pull requests reviewed or get advice on improving your patches (yeah even in the documentation effort).

So join us, RTFM and share the software under BSD or MIT license indeed, they got cookies*.

* It’s Friday and Friday is also called Trollday.


Cet article a été publié par Frédéric de Villamil sur Le Rayon UX | Si vous l'avez lu ailleurs sans qu'un lien ait été fait vers l'article original, c'est qu'il a été reproduit illégalement.

Building a productive routine from your boring daily tasks

Sunrise over Pudong

As a devops doing lots of R&D, the daily usual ops stuff can seem a little bit boring. Manually looking at each nightly alert, digging through the log files looking for an unusual pattern, checking your collectd graph are things you’d easily forget about to work on the latest trending technologies.

When part of your job is made of repeating, not that interesting task, there are 2 things to do.

First, build tools that take care of those things for you as much as possible. Fine tuning Nagios thresholds to reflect usual productivity peaks helps to get rid of false positives. Using stream processors like Rieman makes finding unusual patterns and generating alerts easy. Until you only have the real uncommon patterns left to check.

Now you’re done with automation, turn the remaining boring part of the job into a motivating way to start your day.

I believe in routines a lot as a way to increase productivity. Preparing the kids breakfast when I get up, having an outdoor break at 4PM, writing down what I just learnt are a very important part of my day. They give it a rhythm, a frame I can fill with everything else, starting with all the unexpected ops things.

Because routines are important, you need to pick them up carefully. Some of them are useless, the Monday morning 10:00 AM meeting is toxic. Stack your routines and you won’t let anything left for the unexpected anymore.

Since I’ve stopped working 24/7, I have setup a routine to start my workday. Starting your workday means switching your brains and thoughts from your personal, daily self to you professional self. You evacuate home related problems to focus on work related ones, collect information, and prioritize tasks.

This is where the daily checks – and fixes – go. They are a very subtle, data driven way to start my workday.

Data driven because after a night off, there are lots of questions I need to get answers to. What’s the state of my platform? Of my weekly planning? What nightly batch did fail (this happens too)? Why?

Subtle because the data collection turns into actions. As I get the best possible picture of what the night looked like, and therefor what I can expect my day to be, things get fixed, issues get open, a report mail leave, tasks get prioritize… Like the dawn turns the night into day rises a new productive workday.


Cet article a été publié par Frédéric de Villamil sur Le Rayon UX | Si vous l'avez lu ailleurs sans qu'un lien ait été fait vers l'article original, c'est qu'il a été reproduit illégalement.

Internet is dangerous, it’s not reliable and it needs to be strongly regulated

Big brother is watching you

Last Sunday, I got stuck in a one of those conversation you’d only imagine happening in a late cheap TV show. I would have probably smiled if what was stated did not reflect the opinion of both a majority of the French population and our political class.

We were discussing about giving kids access to the Internet, how, and when when the troll started.

Anyway, Internet is dangerous, it’s not reliable and it needs to be strongly regulated.

I was so surprised I almost puked my chicken. I had a quick look around me. I was not at the elderly division of a right wing party, but talking with a 31 years old educated upper class working woman.

Yeah, indeed. Internet should be shut down. It’s full of nazi pedophile who trade illegally downloaded celebs porn. Or maybe not. Maybe people who behave stupidly online should have their access terminated because they’re dangerous for other and for themselves.

There’s one thing I tell my kids when they use the Web: never do online something you would not do in the street or at school.

Let’s put it this way.

I’m sure you never forget to lock the door when you leave home. So why do you leave your computer, your tablet or your smartphone unlocked? They’re your door to the Internet, and leaving them opened can have the same consequence as leaving the house door unlocked.

When someone calls you and pretend they’re your bank, there’s no way you give them your credit card information or any sensitive data. The same thing happens online. Don’t trust someone or something unless you’re sure they’re what they say they are.

And to end on this point, I’m sure your parents told you not to trust strangers in the street when you were a kid, and you probably won’t do it as an adult. So why would you do it online? Once again, that’s exactly the same thing.

We then had a debate about the celebs whose photos were leaked on the Internet. We had a totally opposite point there.

She said the problem was people who took nude picture of them and upload them on the internet. So it was their fault if the picture leaked. I strongly disagree, this was not the problem.

Imagine you rent a safe at your bank. Before leaving for a trip, you leave your precious engagement ring there. What’s in your safe is your business only and no one but you should access it. If someone access it and steal your stuff, that’s your bank fault, not yours. You’ll probably sue your bank and win.

That’s exactly what happened to the celebrities whose pictures were leaked. Whatever you save on your cellphone (and in any cloud storage service) is your business, and your privacy.

In the end, the problem is not the Internet. The problem is people. And stupidity.


Cet article a été publié par Frédéric de Villamil sur Le Rayon UX | Si vous l'avez lu ailleurs sans qu'un lien ait été fait vers l'article original, c'est qu'il a été reproduit illégalement.

DNSSEC inline signing HOWTO with Bind9: the end of expired zones as we know them

Poney

DNSSEC (RFC 4033, 6014 and 6840) is a great step towards global security on the Internet. Unfortunately, it has a huge practical drawback: you need to renew your zones signature every month or your domain won’t resolve anymore (it used to happen to me every month).

Even though the best practice advices to sign your zone manually, Bind 9.9 brings the awesome inline signing, which allows to load or transfer an unsigned zone and create a signed version of it which answers all queries and transfer requests, without altering the original unsigned version. In other words, this means you won’t have to worry about your zone signature expiring anymore. As good news always come by pair, FreeBSD 10 now provides Bind 9.9, which means nothing prevents you from implementing DNSSEC anymore.

If you’re not using FreeBSD yet, please switch. It’s cool and you won’t have to fear systemd, journald, pulseaudio or anything coming from Lennart twisted mind anymore.

First, install Bind 9.9. As you’re running FreeBSD 10, I assume you’re also using the wonderful pkg. If not, do so, or God will kill a unicorn. The fact most people still use ports or pkg_add is the main reason why there are so few unicorns left today.

$ sudo pkg install dns/bind99

Bind configuration is installed in /usr/local/etc/namedb/, which is where we’re going to work from.

Create a master zone file for your domain name. Let’s say we’ve just acquired pon.ey from the Ekraysia Internet Information Centre and want to configure it. Create a master/pon.ey.db file:

$TTL    3600
@       IN      SOA     ns1.pon.ey. root.pon.ey. (
                        2014072202; Serial
                        3600            ; Refresh
                        86400           ; Retry
                        2419200         ; Expire
                        604800 )        ; Negative Cache TTL
;
@       IN      NS      ns1.pon.ey.
@       IN      NS      ns6.gandi.net.
@       IN      A       62.210.113.68
@       IN      AAAA    2001:bc8:3342::1
        IN      MX  10  we.eat.pon.ey.
        IN      MX  20  new.dagobah.fv.gs.
ns1     IN      A       62.210.113.68
ns1     IN      AAAA    2001:bc8:3342::1
we.eat  IN      A       62.210.113.68
we.eat  IN      AAAA    2001:bc8:3342::1

Edit named.conf and activate DNSSEC inside the section options { }.

dnssec-enable yes;

Create a /usr/local/etc/namedb/keys directory to store all your keys. Go into the keys directory, and generate 2 keys:

The first one is a Zone Signing Key(ZSK):

dnssec-keygen -a NSEC3RSASHA1 -b 4096 -n ZONE pon.ey

The second one is a Key Signing Key(KSK):

dnssec-keygen -f KSK -a NSEC3RSASHA1 -b 4096 -n ZONE pon.ey

Append your newly generated keys to your zone configuration file:

for file in $(ls Kpon.ey*.key); do
  echo "\$INCLUDE /usr/local/etc/namedb/keys/${file}" >> ../master/pon.ey.db
done

Go back to Bind configuration directory, and edit the named.conf file to add your new zone:

zone "pon.ey" {
  type master;
  file "/usr/local/etc/namedb/master/pon.ey.db";
  allow-transfer { 217.70.177.40; };
  auto-dnssec maintain;
  inline-signing yes;
};

That’s where the magic happens. Reload your Bind configuration, and hurray, auto maintained signed zones for the win.


Cet article a été publié par Frédéric de Villamil sur Le Rayon UX | Si vous l'avez lu ailleurs sans qu'un lien ait été fait vers l'article original, c'est qu'il a été reproduit illégalement.