I wanted to get rid of AWS secrets manager - both because it was eating 7% of my hosting costs (2.42$ per month, but still :) and I wanted to get a bit more independent of AWS.

The number one alternative is Hashicorp Vault. From the same company who built Terraform, Consul and Vagrant.

The learning curve is not steep - I followed their excellent getting started guide. But if you want to have it even quicker, then use this guide.

For this how-to I chose:

• Amazon linux ec2 instance
• S3 as storage backend for
• Nginx for ssl proxy
• Python client

Exchanging any of those is a piece of cake really… but in order to keep this document brief I’ll stick to this choice.

Over the past 2 weeks I struggled quite a bit to come up with a setup to make my flutter app work together with my flask web app. There’s not much documentation online, I’m wondering if I’m the only one with that setup. I doubt that, as Flutters web capabilities are still somehow limited and you’d normally want to have a “full blown” flask web app alongside your flutter app.

What I wanted is to have a login possibility with social login providers (Google, Facebook, Apple ID, via Oauth) both on Flutter and on my Flask app and when a user uses both web and app they would use the same profile and settings.

Where I was mentally stuck was this: How do I guarantee that the OAuth identity which the flutter app would send to my flask api backend can be trusted? Every app can be decompiled, you can put a proxy in front of it or whatever other hacks the internet provides. So flask needs a mechanism to double-check what flutter just sent.

Using Firebase auth in Flask is currently under-documented on the web. I spent hours scraping together the relevant information which, I hope, I can present here in a good form - in order to improve the world and achieve world peace!

For a Flask app I’m running nginx on an Amazon Linux 2. To install letsencrypt (auto renewing SSL certificate):

This howto…

• installs postgres13
• creates a first database
• sets postgres password
• makes postgres reachable from outside

This howto assumes that you

• created your ec2 already with Amazon Linux on it (I personally use lightsail as have great prices and IMO are a bit cheaper than ec2 instances, but there’s no difference on OS level)
• opened port 80 (http) and 22 (ssh)

I’ve rooted many smartphones before. Probably about 6. But I never had so much problems as with Samsung A50. To spare you the frustrations I went through, I did a little writeup.

The exact phone model I have is SM-A505FN but I guess it work with any A50 model.

What works: basically everything, including fingerprint scanner
What doesn’t: Family Link

I’m trying to get text extraction from pdfs working on lambda for a little fun project of mine.

Now. There are a lot of possibilities how to extract text from pdfs using python but nothing really worked for me:

• pypdf2 just returned newlines for my test pdfs
• tika (which calls apache tika) was too slow (needs to start a java server first on localhost)

Finally I ended up using xpdfs pdftotext. Sadly I couldn’t install xpdf on AWS EC2 (Amazon Linux), so I needed to compile it, but turned out it is quite straigtforward:

I just started playing around with cloud9, particularly because it looks like the ideal IDE to develop lambda functions.

One thing which bothered me from the start: Emacs keybindings such as ctrl-n for next line won’t work because this makes the browser (in my case firefox) open a new window. Similarly, ctrl-tab would cycle through the browser tabs instead of cycling through cloud9 tabs. I’d like to have all shortcuts available for cloud9, so ideally cloud9 would run in some minimalistic browser window.

Because Firefox and also Chrome don’t support removing shortcuts I found this nice solution:

I have long dreamed for a setup which lets me just press the scan button on my scanner and — without any further input — uploads it as a searchable PDF onto some cloud drive. Thanks to the good support of scanners by SANE and the ease of use of AWS lambda it’s actually quite easy (judging to the length of this post it looks like quite a task, but in the end it is straightforwards and is — surprisingly — quite free of hacks).

In this solution you:

• set up SANE on your raspberry pi 3 so it scans your document
• set up scanbd to detect the scan button
• set up a S3 bucket for uploading
• set up a lambda function which uses tesseract to create a searchable PDF
• (optionally) set up google api to store the PDF to google drive

What you need:

• Raspberry Pi 3 (I guess the other models serve equally well)
• Paper scanner with a “scan” button which is supported by saned
• an AWS account

Personally I’m using Raspbian Stretch Lite as OS on my Raspberry and a Fujitsu S1300i.

Before you start: you might just want to wipe your pi and start fresh. Takes you about 15 minutes extra, you can follow my howto so you can do that headless (without attaching monitor/keyboard to the pi).