About

About Me

I met computers at the end of 80s. I studied computer & electronics engineering at the end of 90s.

When I wonder how something works, I have to study it throughly. This blog is the result of this hobby, or obsession.

If you need to reach me, please send an email to name+surname+at+gmail or use Keybase.

My Twitter handle is also my name, @metebalci.

A more formal about me page is on LinkedIn.

About This Site

I pay special attention to reach top scores in Lighthouse Audits.

Thinking it may help someone, below I write all the infrastructure behind this site.

This site is generated statically using Hugo. I am using a theme I forked and modified, and it is called Criollo.

I keep the site under Git version control locally (9e10ab5), and keeping the folder in Dropbox. This provides a simple solution to version control, shared repo and backup.

I have a Firebase Hosting project, and after I generate the site using Hugo, I deploy it to Firebase and it is served from there. I use the apex domain (metebalci.com), and www subdomain (www.metebalci.com) redirects to apex.

The HTTPS certificate is generated and maintained automatically by Firebase. Thanks to awesome Let’s Encrypt.

$ curl -v https://metebalci.com -o /dev/null
...
*  subjectAltName: host "metebalci.com" matched cert's "metebalci.com"
*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
...

Firebase supports HTTP Strict Transport Security (HSTS) (see response header Strict-Transport-Security), meaning it can only be served over HTTPS. I aim to add it to HSTS preload list also, but Firebase Hosting does not support this yet.

$ curl -v https://metebalci.com -o /dev/null
...
< strict-transport-security: max-age=31556926
...

Firebase also supports HTTP/2.

$ curl -v https://metebalci.com -o /dev/null
...
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
} [5 bytes data]
* Using Stream ID: 1 (easy handle 0x556a4ee428e0)
} [5 bytes data]
> GET / HTTP/2
> Host: metebalci.com
> User-Agent: curl/7.58.0
> Accept: */*
>
{ [5 bytes data]
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
} [5 bytes data]
< HTTP/2 200
...

I use Hover as my domain registrar and Google Cloud Platform for DNS.

Google Cloud Platform supports DNSSEC, and DNSSEC is enabled for this zone (metebalci.com) as well.

$ dig +dnssec metebalci.com A
...
;; ANSWER SECTION:
metebalci.com.		300	IN	A	151.101.1.195
metebalci.com.		300	IN	A	151.101.65.195
metebalci.com.		300	IN	RRSIG	A 8 2 300 20181215142107 20181123142107 59764 metebalci.com. OjkHOYN34wvGCdOemD2ZTUQAwH5o04ebXMq4/3EdvR84SVAkTg69M1t+ 2yM9CxfA18tfiqqL5RN44tp+3l5MMz93DpTr9WHyrcZOqnJfaBL8VPpo kbk3+gX5xO4+CkDqDEWd3W/4vupmSbnD1MhbbTPtrwFYi3aDIrwNj6pv 2cs=
...

Here is a nice visualization of DNSSEC Authentication Chain generated with http://dnsviz.net.

DNSSEC Authentication Chain (http://dnsviz.net/d/metebalci.com/dnssec/)

DNSSEC Authentication Chain (http://dnsviz.net/d/metebalci.com/dnssec/)

I am also using:

  • Google Analytics for web traffic monitoring.
  • iubenda for proper and incredibly easy to maintain Privacy and Cookie Policies.
  • likebtn for the like buttons on the blog posts.
  • SurveyHero for the surveys on the pages.