1 files changed, 4 insertions, 0 deletions
diff --git a/content/projects/stoic_productions.md b/content/projects/stoic_productions.md
index 9a231f5..a7e9a85 100644
--- a/content/projects/stoic_productions.md
+++ b/content/projects/stoic_productions.md
@@ -28,3 +28,7 @@ I'd like to lay out the current set of services we utilize to run Stoic Producti
  - OvenMediaEncoder: This is seldom used, but it is our service that allows us to host a live stream. Usually used when we are premiering a new film, we use this plus chat extensions within Discourse to provide end users a "Youtube like" stream experience
  - KeyCloak: Arguably one of the most important services being run, this is our Authentication and Identity Federation server. Most of our services (like Nextcloud and Discourse) use either SAML or OpenID to communicate with the Keycloak instance. For services that need access to the user accounts that may not be able to take advatntage of either technology, we fall back to the LDAP protocol. Most applications that need some sort of authentication will provide a mechanism to use LDAP. This is how we authenticate Postfix and Dovecot with our users. It allows me to make the users once and have them propogate everywhere. I also had to implement custom LDAP attributes to reflect whether a user was enabled in Keycloak or not to better control login access.
  - Main Site: for the main site, I used to use Wordpress to generate the site and all of its content. However, around January of 2021, I took two afternoons and converted the theme to a Hugo theme (essentially picked and chose items and rebuilt the HTML in a Hugo way) and converted the site to a statically generated site using Hugo. This closed a huge attack platform off, sped up our website, sped up my development, and decreased the load on the server. Instead of waiting for PHP to execute and make my way through half a dozen menus just to update a word or phrase, I can now just use Git to manage the website. Plus, I set-up a webhook from the Git Repo (hosted privately by me as well) to detect whenever I push a change and rebuild the site, allowing near instant changes to be made on the website.
+  ### Challenges
+  Creating and maintaining this set of services has been a very exhausing, yet very rewarding experience. For starters, I would not imagine I would be anywhere near the level I am in terms of Systems Administration Competency, Linux competency, and problem solving if I had never started this project. This project has thrown me neck deep in everything one would need to do to develop and maintain a simple infrastructure for services they were providing. Without this project, I probably never would have learned how to use Docker to it's fullest potential, never had been shown the great feeling of self-hosting all of the things you rely on, nor had been thrown so deep into Linux that I would consider myself a fairly proficient Sysadmin when it comes to Linux. Before this, I did use Linux as a daily driver, don't get me wrong, but it was limited to the normal desktop things; like playing games, browsing the web, or installing desktop applications. My problem solving skills had improved drastically from this as well. By developing and refining a set of systems that all work together over the course of three years, I became my own problem solver. Armed with only the internet and my intuition, I was able to combine many of these services in a way that make them greater than the sum of their parts. Not only that, but I've done lots of it in a way that isn't too far off than what you would see in big enterprises (Like using KeyCloak Identity Management with LDAP underneath to manage my users). Many bigger companies use services like Active Directory to do this, of which a protocol that can be used with AD *is* LDAP. Throughout the entire experience so far, I've learned things like proper networking, developing an infrastructure that fits my specific needs, and how to maintain these systems.

diff --git a/content/projects/stoic_productions.md b/content/projects/stoic_productions.md index 9a231f5..a7e9a85 100644 --- a/content/projects/stoic_productions.md +++ b/content/projects/stoic_productions.md
@@ -28,3 +28,7 @@ I'd like to lay out the current set of services we utilize to run Stoic Producti
28	- OvenMediaEncoder: This is seldom used, but it is our service that allows us to host a live stream. Usually used when we are premiering a new film, we use this plus chat extensions within Discourse to provide end users a "Youtube like" stream experience	28	- OvenMediaEncoder: This is seldom used, but it is our service that allows us to host a live stream. Usually used when we are premiering a new film, we use this plus chat extensions within Discourse to provide end users a "Youtube like" stream experience
29	- KeyCloak: Arguably one of the most important services being run, this is our Authentication and Identity Federation server. Most of our services (like Nextcloud and Discourse) use either SAML or OpenID to communicate with the Keycloak instance. For services that need access to the user accounts that may not be able to take advatntage of either technology, we fall back to the LDAP protocol. Most applications that need some sort of authentication will provide a mechanism to use LDAP. This is how we authenticate Postfix and Dovecot with our users. It allows me to make the users once and have them propogate everywhere. I also had to implement custom LDAP attributes to reflect whether a user was enabled in Keycloak or not to better control login access.	29	- KeyCloak: Arguably one of the most important services being run, this is our Authentication and Identity Federation server. Most of our services (like Nextcloud and Discourse) use either SAML or OpenID to communicate with the Keycloak instance. For services that need access to the user accounts that may not be able to take advatntage of either technology, we fall back to the LDAP protocol. Most applications that need some sort of authentication will provide a mechanism to use LDAP. This is how we authenticate Postfix and Dovecot with our users. It allows me to make the users once and have them propogate everywhere. I also had to implement custom LDAP attributes to reflect whether a user was enabled in Keycloak or not to better control login access.
30	- Main Site: for the main site, I used to use Wordpress to generate the site and all of its content. However, around January of 2021, I took two afternoons and converted the theme to a Hugo theme (essentially picked and chose items and rebuilt the HTML in a Hugo way) and converted the site to a statically generated site using Hugo. This closed a huge attack platform off, sped up our website, sped up my development, and decreased the load on the server. Instead of waiting for PHP to execute and make my way through half a dozen menus just to update a word or phrase, I can now just use Git to manage the website. Plus, I set-up a webhook from the Git Repo (hosted privately by me as well) to detect whenever I push a change and rebuild the site, allowing near instant changes to be made on the website.	30	- Main Site: for the main site, I used to use Wordpress to generate the site and all of its content. However, around January of 2021, I took two afternoons and converted the theme to a Hugo theme (essentially picked and chose items and rebuilt the HTML in a Hugo way) and converted the site to a statically generated site using Hugo. This closed a huge attack platform off, sped up our website, sped up my development, and decreased the load on the server. Instead of waiting for PHP to execute and make my way through half a dozen menus just to update a word or phrase, I can now just use Git to manage the website. Plus, I set-up a webhook from the Git Repo (hosted privately by me as well) to detect whenever I push a change and rebuild the site, allowing near instant changes to be made on the website.
		31
		32	### Challenges
		33
		34	Creating and maintaining this set of services has been a very exhausing, yet very rewarding experience. For starters, I would not imagine I would be anywhere near the level I am in terms of Systems Administration Competency, Linux competency, and problem solving if I had never started this project. This project has thrown me neck deep in everything one would need to do to develop and maintain a simple infrastructure for services they were providing. Without this project, I probably never would have learned how to use Docker to it's fullest potential, never had been shown the great feeling of self-hosting all of the things you rely on, nor had been thrown so deep into Linux that I would consider myself a fairly proficient Sysadmin when it comes to Linux. Before this, I did use Linux as a daily driver, don't get me wrong, but it was limited to the normal desktop things; like playing games, browsing the web, or installing desktop applications. My problem solving skills had improved drastically from this as well. By developing and refining a set of systems that all work together over the course of three years, I became my own problem solver. Armed with only the internet and my intuition, I was able to combine many of these services in a way that make them greater than the sum of their parts. Not only that, but I've done lots of it in a way that isn't too far off than what you would see in big enterprises (Like using KeyCloak Identity Management with LDAP underneath to manage my users). Many bigger companies use services like Active Directory to do this, of which a protocol that can be used with AD is LDAP. Throughout the entire experience so far, I've learned things like proper networking, developing an infrastructure that fits my specific needs, and how to maintain these systems.