Blink security cameras are an affordable home security camera system. Although they lack a formal public API, inventive devs have reverse-engineered their private API to allow for better integration.

Here we'll use AWS IOT Core, Lambda and node-blink-security to arm and disarm Blink security cameras using an AWS IOT Button.

Activating Your IOT Button

The IOT Button must be configured to your account, which includes joining it to your wifi access point, and installing the client certificates.

The easiest way to perform activation is by using the AWS IOT Button App for Android or IOS. Complete instructions are found on …

Like me, you're probably more comfortable on a CLI. Here's a quick way to use docker to set up a Bitcoin Wallet and trade Bitcoin for free on Testnet with Electrum. You can use the same tools to manage your real Bitcoin wallet too.

Setup

Make sure you have Docker for your OS ( Mac, Windows, Linux)

Run the electrum-cli docker image

Electrum is a python-based Docker wallet with a both a gui and good cli. I've put together electrum-cli, a lightweight Alpine-linux Docker image with Electrum signed and installed with jq.

docker run -it tonymet/electrum-cli

Create a wallet

First …

Usually setting up the build dependencies is a major part of each build job. Thankfully, Atlassian's Bitbucket Pipelines, the new CI platform that integrates into Bitbucket, supports custom docker images.

To configure the build pipeline, you create bitbucket-pipeline.yml . This one uses our custom image (built below) and triggers builds whenever a releases-* tag is pushed.

image: tonymet/tonym.us:latest
pipelines:
  tags:
    release-*:
      - step:
          script:
            - make sync_down_images
            - make s3_upload

That first line is the magic part -- you can run ANY public docker image from dockerhub (and private ones as well with further setup).

Building a Static Blog Using Build …

A common migration pattern when moving to docker includes running some systems (e.g. dev, staging or a prod canary) on your docker image while the production app is still running your traditional tgz artifacts (e.g. your node app with node_modules)

Let's create a travis build that creates two artifacts: (1) your docker image and (2) a tgz from the docker container.

Let's assume you have a basic dockerfile with your app.js and a package.json. The key is that the app is built into /usr/src/app

FROM node:4

RUN mkdir -p /usr/src/app
WORKDIR …

Google App Script is a little-known, yet powerful development platform for enhancing and automating google services. I use it for administration and building custom tools. Here are some things I've used it for

• a web app that scans emails for certain patterns and puts the results in email
• index email into a sql db to build charts & reports (e.g. 7d volume, top senders)
• automate account settings changes & cleanup
• bulk migration of email between accounts or from shared accounts to groups
• various google spreadsheet formulas
• various google docs macros like timestamps

Sadly, the platform is a bit tricky to set …

2016 may be the year of free SSL, and AWS ACM (AWS Certificate Manager) is a great offering for Cloudfront & ELB users (most web apps).

Not only is it free, but it's also the simplest certificate management platform

• request a new certificate in minutes
• no server config needed
• no certificate , chain or private key management
• automatic certificate rotation

Here's how to create a certificate and then install it onto your cloudfront distribution.

Requesting a New Certificate

aws acm request-certificate --domain-name \*.mydomain.com --subject-alternative-names  mydomain.com
{
    "CertificateArn": "arn:aws:acm:us-east-1:OOOOOOOOOOOO:certificate/c3d15000-230c-4000-8000-a600000"
}

Activating the Certificate on Cloudfront

This part …

Varnish is an amazing platform -- it can easily help you handle 100x traffic and is easy to add to your existing frontend or API layer with little to no change to your app.

Here we'll go over some neat tricks leveraging chef, the AWS Opsworks API and the opsworks configure lifecycle event to create a lighting fast load balancer & reverse proxy that automatically updates itself.

Setup

1. Create a new varnish layer that installs the varnish and jq packages

2. Activate custom cookbooks. It's easiest to just use s3 deployments so you don't need a separate git repo.

The varnish::backends recipe …

AWS announced recently that it's EC2 Container Registry (ECR) is now available. ECR simplifies hosting private images. Previously, you had to manually push your docker.io credentials to each EC2 instance -- likely a deliberate pain-point encouraging you to use ECR. With ECR, EC2 container hosts can easily fetch private images using IAM authentication.

Here are some of the gotchyas and stumbling blocks to help you get your repository up quickly and painlessly.

Prerequisites

1. aws-cli should be 1.9.15 or greater.

# check Version
$ aws --version
aws-cli/1.9.15
# update via homebrew (osx) if needed
$ brew update
$ brew …

We all know that no ports should be open to the internet for development purposes, but for convenience it's common to find a security group with port 22 (SSH) open to 0.0.0.0/0 . Even narrower ingress rules can create backdoors.

Here we'll show you how to create an auto-updating security group that adds your active WAN IP address when you connect. This way, only your active IP is authorized.

Create the "development" security group with no ingress

aws ec2 create-security-group --group-name=development --group-description="ssh access for my dev machine"

Create a limited role …

It's hard to strike the right balance with admin rights--either the rights are too strict and people can't get work done or they're too lenient and you have security issues.

As a compromise, AWS provides the AssumeRole feature which lets admins temporarily escalate their role to perform a task.

It's important when setting this up that you alert the team when it's used. Here we'll talk about how to set up the roles, give teams access to the roles and create an alert system when the roles are assumed.

Create The Temporary Admin Role

Use the IAM console to create …