When working with Azure, Blob Storage is frequently used. This article documents several common approaches for accessing Blob Storage from applications running in production environments:

一、Accessing Blob Storage via a Microsoft Entra ID Application Account

Advantages:

• Works outside Azure environments (e.g., on-premises servers, AWS EC2)
• Supports cross-subscription and cross-tenant access

Disadvantages:

• Secrets must be securely stored (e.g., in Azure Key Vault)
• Manual secret rotation is required upon expiration; otherwise, the application will break
• Risk of credential leakage, especially if secrets are hardcoded in CI/CD pipelines

The specific configuration is as follows:

Introduction to WireGuard

WireGuard is a modern, fast, simple, and secure Virtual Private Network (VPN) protocol designed to replace traditional VPN technologies like IPsec and OpenVPN. It is faster, simpler, leaner, and more practical than IPsec, while avoiding massive amounts of trouble. It offers higher performance compared to OpenVPN. Originally released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. Although currently under active development, it is likely already considered the most secure, easiest to use, and simplest VPN solution in the industry.

What is Github Action?

GitHub Actions is a continuous integration and continuous delivery (CI/CD) platform that lets you automate your build, test, and deployment processes. You can create workflows to build and test every pull request to your repository, or deploy merged pull requests to production.

GitHub Actions is more than just DevOps; it lets you run workflows when other events happen in your repository. For example, you can run a workflow to automatically add appropriate labels when someone creates a new issue in your repository.

Previously, we used GitHub Actions to configure automated deployment for Hugo. Today, I’ll mainly document how to set up deployment to Tencent Cloud via SSH using GitHub Actions.

Since wnote.com uses DNS-based intelligent routing—serving GitHub Pages for overseas users and a containerized environment on a Tencent Cloud host for users in mainland China—it’s necessary to integrate GitHub Actions with Tencent Cloud.

Preface

I recently planned to upgrade the theme of my blog. Since I was playing around with Github Actions, I planned to use it to implement CICD. After writing and submitting the article, the static files generated by hugo will be automatically deployed to Github pages, Netlify, Vercel, Cloud flare Pages and other third-party platforms. Today, I will record the automatic deployment process of Github pages, which will save a lot of trouble.

I’ve long wanted to obtain a cloud-native & k8s related certification, and the sooner the better. Due to work, I kept postponing it until this year, and I watched its price increase twice (which is a bit painful to mention).

Recently, I finally had a week free to fully prepare for the exam. Since I have been using Kubernetes in my production environment at work, my plan was to absorb more exam points and do a lot of practice questions before the exam.

Recently, after adding a CDN to the website, there have been a lot of junk requests in the early morning, some are scans, some have large model UserAgents, and some are black spiders.

To save on CDN costs and prevent various injection attacks, I started researching open-source WAF solutions (which is sufficient for my small site). For enterprise use, it is still recommended to use commercial versions, such as Alibaba Cloud’s DCDN, Tencent’s EdgeOne, or overseas options like Cloudflare (preferred for overseas business).

I have been using large models for over a year now, starting from the initial ChatGPT 3.5/4 to the current domestic and open-source models, which are becoming increasingly powerful, such as Llama and SD. Today, I will introduce two tools that I have been using for a long time: Ollama and Open-WebUI.

Ollama

Ollama is an open-source deep learning framework designed for convenient deployment and running of large language models (LLMs) on local machines. It provides a complete deep learning toolchain, including data preprocessing, model building, training, evaluation, and deployment functions.