William Blankenship
DNS over HTTPS using Pi-hole

Locking Down DNS

This guide walks you through getting PiHole setup with DNS over HTTPS on a Raspberry Pi.

PiHole is like an ad-blocker for your entire network! It works by intercepting DNS requests (the thing that takes human readable domain names like www.google.com and turns them into ip addresses 172.217.164.110) and refuses to "resolve them" (tell your computer the ip address) when the domain name is for an advertiser.

On top of this awesomeness, this guide will also ensure all of your DNS requests are encrypted. DNS was never really designed to have privacy by default. Because of this, anybody looking at your network traffic (i.e. Comcast, AT&T, your neighbor who figured out your wifi password, etc.) can see what websites you visit! What we are going to do is, instead of doing a real DNS request when the computers on your network try to resolve DNS values, we are going to instead do an HTTPS request (the thing websites use) to fetch the values instead. This encrypts al

...truncated...

Dynamic Middleware in Node.js

A.K.A.: Creating Knobs and Levers for Operating Node.js Services at Runtime

Context

If you came for a tutorial, skip ahead to the next section!

What do I mean when I say “making middleware dynamic?”

Many Node.js web frameworks use middleware. These have access to the request and response objects at specific points during the request-response cycle. Often times, middleware are created using constructor functions that take a configuration object. When I say I want to make middleware dynamic, I mean I want to change a middleware configuration (changing it’s behavior) after it’s been created, and I want to have those changes take effect immediately, all without having to cut a release and do a deploy.

The example I are going to use for this post: I have a middleware handler bodyParser that buffers a request payload into memory and deserializes it. One of the configuration

...truncated...

Making GitHub Repos Content Addressable

What do I mean by "content addressable"?

When you make a commit with git, and then type git log, you see something like this:

commit 2b399aa97fb9b0b713ba48a2423fb8dfc51589c8
Author: retrohacker <code@blankenship.io>
Date:   Sun Jun 16 14:44:30 2019 -0700

    add rss feed

...

That string of random-looking nubmers and characters after the word commit is the SHA-1 hash of the commit's metadata - such as the date, message, author, previous commit's hash (blockchain!), etc. - and the file contents of the commit. This means that SHA-1 is derived from the content of the commit. We want to use this SHA-1 as the "address" of the commit on GitHub so we can ask for it directly.

Newer versions of git allow you to fetch the SHA-1 directly, but GitHub doesn't appear to support this. What we can do instead is create a temporary [git ref](https://git-scm.com/

...truncated...

Creative Commons License This work by William Blankenship is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.