cron.weekly issue #47: OpenSSL, ripgrep, httpstat, CouchDB, Latency & more!

cron.weekly is a newsletter about Linux, open source & webdevelopment. Want to get it in your inbox every Sunday? Subscribe below!

I respect your privacy and you won't get spam. Ever. Just a weekly-ish newsletter about Linux and open source.
Image of Mattias Geniar

Mattias Geniar, September 25, 2016

Follow me on Twitter as @mattiasgeniar

Welcome to _cron.weekly _issue #47 for Sunday, September 25th, 2016.

A bit later than usual, but I’m liking it better this way. From now on, cron.weekly is not going to have a fixed time for delivery. It’s still weekly and it’ll still be sent on Sunday, but it’s less formal from now on.

After all, it’s just a hobby and having a time constraint & deadline in the weekend is taking its toll on me. Having the ability to finish the newsletter later will give me more peace of mind.

So long 08:00 UTC+2, hello $RANDOM!


OpenSSL Security Advisory [22 Sep 2016]

A new high severity vulnerability has been patched in OpenSSL: a denial of service attack when using OCSP stapling.

The MIT license explained, line by line

This is one of the most popular open source licenses, and it’s broken down line-by-line by a lawyer, in clear language (heck, even I understood it). The MIT license is pretty short, but there are a lot of nuances in those words that can make a difference.

Introducing the GitHub Load Balancer

The GitHub team has introduced their custom load balancer setup which handles their HTTP/HTTPS/SSH traffic. A mix of layer4 (ECMP) and Layer7 (proxies) are used to handle all the requests. Looking forward to their follow-up posts!

What it costs to run Let’s Encrypt

I like how they open up their finances too: a total yearly cost of 2.9M USD of which 2.0M USD goes to staffing.

Blurred Lines

An interesting blogpost about what happens when you join the company behind an open source project you’ve been contributing to, what changes, who takes responsibility, …

Tools & Projects


A faster grep, beating the silver searcher, ack, egrep, … Quite a lot of benchmarks on this page proving the speed of ripgrep!


This one is going into my daily arsenal of HTTP tools: a wrapper around “curl -v” which offers a better view of the timings of a curl request. Nicely done! (make sure to check out the screenshot)


ClonOS is a free open-source FreeBSD-based platform for virtual environments creation and management. In the core: Xen, Jails, Puppet, bhyve hypervisor & ZFS.


Postgres partitioning as easy as pie. Works great for both new and existing tables, with zero downtime and minimal app changes.


This is a fast, secure and scalable websocket & tcp server for mobile, web & “internet of things”. Think if it like a pub/sub & messaging server you can self-host.

CouchDB 2.0

A new major release for the database engine: native support for clustering, new admin interface, easier queries & improved performance.


Built on Docker Swarm, Shipyard gives you the ability to manage Docker resources including containers, images, private registries and more.


Vossibility provides better visibility for your open source project. It can collect data from GitHub and visualise them, like commits, issues reported/solved, … In short, a fun dashboard for your OSS project.


TLSlayer is a FAST TLS/SSL reconnaisance tool written in Go. The primary aim is to provide a tool that has no dependencies on OpenSSL that can utilize multiple cores.


A fun web interface to play around with the Varnish VCL configs, without having to spin up your own instances.

Guides & Tutorials

You probably want to start using the -w option with iptables

Did you know iptables can be locked? If that’s the case, commands you send to iptables will happily be ignored. The -w option prevents that from happening. This post is a good write-up on where that might sting you.

Upgrade your SSH keys to ed25519

A good post with practical tips on using more secure ciphers for your SSH keys by moving to an ed25519 key.

Using Ansible’s command and shell modules properly

This post offers some good tips (at least for beginner Ansible users) on when to use the command and the shell options.


How not to measure latency

I liked this talk about common pitfalls when monitoring latency, or just monitoring in general. Offers some good and practical points on improving your metrics and drawing better conclusions.


LinuxDays Prague

On the 8th and 9th October 2016 in Prague, Czech. Quite the schedule if you happen to be around!

ContainerDays NYC

A different continent, ContainerDays is happening in New York on November 3-4. And if you’re looking for a discount, use promocode “CRON.TAINERDAYS”. That’s right, the first cron.weekly reader perk!

Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.