Variable SSL certificate directives in Nginx

When I left WSU, we had hundreds of server blocks defined for hundreds of domains that pointed to a single WordPress multisite installation. I wrote this up previously, but each of these blocks was effectively the same:

server {
    include common-listen.conf;

    server_name ohlookadomain.com;
    root /var/www/wordpress;

    ssl_certificate /etc/nginx/ssl/ohlookadomain.com.cer;
    ssl_certificate_key /etc/nginx/ssl/ohlookadomain.com/key;

    include common-ssl-config.conf;
    include common-location-block.conf;
}

The only reason different server blocks were required was the directives for ssl_certificate and ssl_certificate_key. As we were getting prepped to launch our first sites, I wrote about my disappointment that variables were not supported.

Fast-forward to Tuesday. I no longer support hundreds of unique domains, but I still think it’s cool to see that Nginx 1.15.9 added support for variables to the to the ssl_certificate and ssl_certificate_key directives.

I upgraded this evening on my personal server and then did a brief test with a multi-tenant WordPress configuration that I manage and everything worked exactly as expected.

This is the server block that I used: (It now works with 4 domains)

server {
    listen 443 ssl http2;
    server_name _;
    root         /var/www/wordpress;

    ssl_certificate.    /etc/letsencrypt/live/$server_name/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/$server_name/privkey.pem;

    include /etc/nginx/ssl-common.conf;
    include /etc/nginx/wp-shared-location-common.conf;
    include /etc/nginx/php-location-common.conf;
}

I haven’t really explored the consequences of using _ as the server name, but with this configuration—just one server block—I can support as many different domains as I want as long as they have matching Let’s Encrypt generated certs.

Pretty cool!

Using Firefox (3 Weeks)

I’ve been using Firefox as my primary browser for 3 weeks now. Here’s a status update.

Things were really sluggish and slow at first compared to Chrome. After poking around at a handful of combinations, I’ve settled on some adjustments.

  1. Changed my “Content processes” setting from 4 to 8, which is the max allowed in the drop-down. I have 16GB of memory on this laptop, which should be plenty. This made an immediate difference, so I may try hacking it to -1 at some point.
  2. Went back to using Google Chrome for all Google products. At the risk of being overdramatic, Google products are almost unusable in Firefox.
  3. Went back to using Google Chrome for development. The developer console in Chrome is just too good and fast.
  4. Removed my userChrome.css. This seems to have improved performance, and I’m starting to get used to the look and feel of default Firefox.
  5. Disabled Privacy Badger. It seems that having uBlock Origin enabled is enough to block the many annoying scripts of the internet.

There are a few things that I’m still getting used to or haven’t figured a way around yet.

A screenshot of Feedly with a black box where the list of subscriptions should normally be.

This weird blackout effect happens pretty frequently in Feedly. If I restart the browser, it goes back to normal. I’m not able to fix it any other way. I thought this was due to my userChrome.css changes, but it has persisted. Every once in a while the blackout effect happens elsewhere—I’ve seen it in Github and just now it happened in some hover modal thing in Gutenberg. I dunno. 🤷🏼‍♂️

Firefox’s auto-complete in the address bar is not as good as Chrome’s. In Chrome, if I start typing “j”, I’m immediately shown the most common URL starting with “j” that I visit, which is this site’s admin dashboard. In Firefox, I get the domain – jeremyfelt.com – but not the wp-admin part. The dashboard requires a down arrow key press, where in Chrome I could rely on “j + Enter”. Small annoyance, but still an annoyance! 🙂

Every so often my screen locks up for 10 seconds or so. I think it’s happened most frequently when switching from Slack to Firefox, though I noted once that it happened when switching from iTerm to Firefox. Nothing has actually crashed, it just takes a break for a bit and then goes back to normal.

All small annoyances, but they’re starting to add up. I’ve thought once or twice a week about switching back to Chrome, but I’ve gotten more and more used to things, so I may be able to stick it out.

The balance between the Google internet and the open internet is a fine one!

Highdive, 1999

Well this is a blast from the past.

I was stumbling through one playlist or another on Spotify today, trying to find a good listen while I worked. One song—I forget which—reminded me a bit of Hum, so I started playing You’d Prefer An Astronaut. That only lasted a few seconds because it was much slower than I needed.

All of a sudden the name Sarge, another Champaign–Urbana band from the late 90s, popped into my head and I went to go find them. Because Spotify now seems to have everything ever recorded, I had a lot of fun listening to The Glass Intact and Charcoal for the first time in years.

The "Dear Josie, Love Robyn" 7" album cover.

For some reason this made me start poking around at my archives, trying to find out which 7″ vinyl I had of theirs from way back when. I never found the exact answer, though I’m fairly confident it’s Dear Josie, Love Robyn (pictured above).

While searching pictures on Google Drive, I ran into a couple ticket stubs that brought back more memories and I decided to write this all here so that they’re easier to remember in the future. 🙂

A ticket stub for a Local H, Sarge, and Dismemberment Plan show at the High Dive in Urbana, IL on November 12, 1999.

On November 12, 1999, we saw Sarge play with Local H at the Highdive in Champaign, IL. I believe I was somewhat familiar with Sarge, but only barely with Local H at the time. Local H’s setlist is available, but I can’t find anything for Sarge.

I don’t remember Dismemberment Plan at all, though I’ve now enjoyed a handful of tracks and I’m happy to have stumbled upon the name for future listening.

The discovery of that first ticket stub was great because I hadn’t thought of that show in a long, long time. I had only ever remembered seeing Veruca Salt at the Highdive with The Cupcakes, which apparently was just a few weeks later.

A ticket stub for a Veruca Salt and The Cupcakes show at the High Dive in Urbana, IL on December 2, 1999.

This show was memorable because it was the first show for Veruca Salt after Nina Gordon left. We were also geeking out on The Cupcakes because their drummer was Matt Walker, who had recently left as Jimmy Chamberlin’s replacement in the Smashing Pumpkins.

What times. The things you could see for $8 in 1999!

P.S. I wrote this while listening to Smoking Popes songs. I’ll save that one for another time.