Our Blog

Ansible tutorial with AWS EC2

By Jeffry Johar
August 11, 2022

Photo by David Buchi

Ansible is a tool to manage multiple remote systems from a single command center. In Ansible, the single command center is known as the control node and the remote systems to be managed are known as managed nodes. The following describes the 2 nodes:

1. Control node:

   • The command center where Ansible is installed.
   • Supported systems are Unix and Unix-like (Linux, BSD, macOS).
   • Python and sshd are required.
   • Remote systems to be managed are listed in a YAML or INI file called an inventory.
   • Tasks to be executed are defined in a YAML file called a playbook.

2. Managed node:

   • The remote systems to be managed.
   • Supported systems are Unix/Unix-like, Windows, and Appliances (eg: Cisco, NetApp).
   • Python and sshd are required for Unix/Unix-like.
   • PowerShell and WinRM are required for Windows.

In this tutorial we will use Ansible to manage multiple EC2 instances. For simplicity, we are going to provision EC2 instances in the AWS web console. Then we will configure one EC2 as the control node that will be managing multiple EC2 instances as managed nodes.

Prerequisites

For this tutorial we will need the following from AWS:

• An active AWS account.
• EC2 instances with Amazon …

Implementing Backend Tasks in ASP.NET Core

By Kevin Campusano
August 8, 2022

As we’ve already established, Ruby on Rails is great. The amount and quality of tools that Rails puts at our disposal when it comes to developing web applications is truly outstanding. One aspect of web application development that Rails makes particularly easy is that of creating backend tasks.

These tasks can be anything from database maintenance, file system cleanup, overnight heavy computations, bulk email dispatch, etc. In general, functionality that is typically initiated by a sysadmin in the backend, or scheduled in a cron job, which has no GUI, but rather, is invoked via command line.

By integrating with Rake, Rails allows us to very easily write such tasks as plain old Ruby scrips. These scripts have access to all the domain logic and data that the full-fledged Rails app has access to. The cherry on top is that the command-line interface to invoke such tasks is very straightforward. It looks something like this: bin/rails fulfillment:process_new_orders.

All this is included right out of the box for new Rails projects.

ASP.NET Core, which is also great, doesn’t support this out of the box like Rails does.

However, I think we should be able to implement our own …

SSH Key Auth using KeeAgent with Git Bash and Windows CLI OpenSSH

By Ron Phipps
August 8, 2022

In a previous blog post we showed how to configure KeePass and KeeAgent on Windows to provide SSH key agent forwarding with confirmation while using PuTTY and other PuTTY agent compatible programs. In this post we’ll expand on that by showing how to use the same key agent to provide SSH key auth when using Git Bash and the Windows command line OpenSSH.

Git Bash support

Open KeePass, click on Tools → Options, select the KeeAgent tab.

Create C:\Temp if it does not exist.

Check the two boxes in the Cygwin/MSYS Integration section.

Directly after each box, fill in the path: C:\Temp\cygwin-ssh.socket for the Cygwin compatible socket file, and C:\Temp\msys-ssh.socket for the msysGit compatible socket file.

Click OK.

Open Git Bash.

Create the file ~/.bash_profile with the contents:

test -f ~/.profile && . ~/.profile
test -f ~/.bashrc && . ~/.bashrc

Create the file ~/.bashrc with the contents:

export SSH_AUTH_SOCK="C:\Temp\cygwin-ssh.socket"

Close and reopen Git Bash.

You should now be able to SSH with Git Bash using your loaded SSH key and a dialog box should appear to approve the use of the key.

Windows command line OpenSSH support

Open KeePass, click on Tools …

Auburn University and VisionPort: How the World Gets Its Water

By Samuel Stern
July 28, 2022

The IBT Water Project at Auburn University, headed by Associate Professor P.L. Chaney, has done outstanding work illustrating in a GIS format how cities around the world get their water. The Geoscience department has mapped how water is captured and distributed in Australia, Egypt, India, Mexico, Kazakhstan, and the western USA.

The department chose the Central Arizona Project to turn into an interactive presentation on the VisionPort platform.

Starting at the Mark Wilmer Pumping Plant, water is pumped from the Colorado River towards over a dozen plants and lifted up over 2,000 feet in elevation across a series of “stair-steps” before it reaches its final destination near Tucson, where it is then distributed across the state to where it is most needed.

This data displayed on their VisionPort, installed in a custom wood case in their library, allows students to see the entire journey in a 3D environment spanning seven 65-inch displays. The presenter can take them to each stop and explain the functions of the many plants, check gates, and turnouts along the way.

Numerous departments at Auburn University have had success turning their presentations into engaging experiences on the …

Running PostgreSQL on Docker

By Jeffry Johar
July 27, 2022

Introduction

PostgreSQL, or Postgres, is an open-source relational database. It is officially supported on all the major operating systems: Windows, Linux, BSD, MacOS, and others.

Besides running as an executable binary in an operating system, Postgres is able to run as a containerized application on Docker! In this article we are going to walk through the Postgres implementation on Docker.

Prerequisites

• Docker or Docker Desktop. Please refer to my previous article for help with Docker installation.
• Internet access is required to pull or download the Postgres container image from the Docker Hub.
• A decent text editor, such as Vim or Notepad++, to create the configuration YAML files.

Get to know the official Postgres Image

Go to Docker Hub and search for “postgres”.

There are a lot of images for PostgreSQL at Docker Hub. If you don’t have any special requirements, it is best to select the official image. This is the image maintained by the Docker PostgreSQL Community.

The page that search result links to describes the Postgres image, how it was made and how to use it. From this page we know the image name and the required parameters. This is essential …

VisionPort at University of Tokyo, New York office: An Exhibition for Peace on August 6th and 7th

By Samuel Stern
July 26, 2022

Ground Zero, Hiroshima, Japan – August 6th, 1945. Visualized by the lab of Professor Hidenori Watanave.

Technology and education go hand in hand, and the VisionPort platform is being used every day to make that connection.

We are extremely honored to be able to contribute to the first exhibition at the University of Tokyo’s New York office, “Convergence of Peace Activities: Connecting and Integrating by Technologies”.

It is said that those who do not learn from history are condemned to repeat it, and in that vein, the exhibition, drawing from the work of Professor Hidenori Watanave, will be using the VisionPort platform to educate viewers on the realities of the bombings of Hiroshima and Nagasaki, on the date of the 77th anniversary of the first nuclear weapon used in war.

The team has been collecting and colorizing photographic material from the aftermath of the bombings for over 10 years. The exhibition will combine that work with interviews and writings from survivors on a GIS canvas to allow attendees to see what it looked like and to hear from those who were there.

The lab will also be presenting the work they have been doing covering the ongoing conflict in Ukraine. Day by …

Windows SSH key agent forwarding confirmation

By Ron Phipps
July 26, 2022

At End Point we use SSH keys extensively, primarily for authentication with servers for remote shell access as well as with Git services including GitHub, GitLab, and Bitbucket. Most of the time the servers we are attempting to reach are blocked from direct access and require that we go through an intermediate “jump server”.

Because of this need to jump from server to server we utilize SSH key forwarding that allows us to use the private key stored on our local system to authenticate with each of the servers in the chain. When we reach our destination server we can use the same private key to authenticate with the Git hosting service and perform git commands without having to enter a password.

One of the best practices when using SSH key forwarding is to use an option called key confirmation. When key confirmation is turned on, each time a request is made to use the private key that is loaded in the SSH agent a prompt will appear on your local machine to approve the use of the key. This reduces the ability for an attacker to use your private key without approval.

For the longest time SSH key confirmation was not available on Windows. One of the most popular SSH clients on Windows …

CSTE Conference EpiTrax retrospective

By Steve Yoman
June 29, 2022

Last week we were in Louisville, Kentucky for the CSTE Conference. End Point staffed a conference booth to represent the EpiTrax public health surveillance system to a wonderful group of public health experts.

You can read some background about the conference and CSTE in our earlier blog post announcing our plans.

We really enjoyed meeting new friends in person after two years of canceled events due to the pandemic. We spoke with staff from health departments and disease surveillance teams from several state and local jurisdictions, as well as with experts from the CDC and other software and service vendors.

One of the highlights was going around to meet other people staffing booths at the conference. It charged us up to see and hear about all of the interesting and innovative things going on in the public health space at a time when there is so much that needs to be done. We were particularly struck by the efforts being made in onboarding and distributing ELRs and eCRs, areas where the Electronic Message Staging Area (EMSA, which we deploy and support) can complement and enrich those activities.

The open-source disease surveillance and reporting software EMSA and EpiTrax both …