Feuerfest

Just the private blog of a Linux sysadmin

Linkdump July 2024

Photo by Element5 Digital: https://www.pexels.com/photo/person-holding-book-from-shelf-1370298/

The last Linkdump was in January 2024? How time flies..

https://www.simplermachines.com/why-you-need-a-wtf-notebook/: A nice method to collect things were you think "WTF?" when being in a new team/at a new customer. Just collect first, learn, list, take notes. Then after sometime start crossing points off the list for various reasons and work on the "real WTF ones".

https://www.spacebar.news/stop-using-brave-browser/: A text about what is wrong about everything around the Brave Browser.

https://privacytests.org/: A side run by a Brave employee listing/comparing the various browser privacy features.

https://github.com/fork-maintainers/iceraven-browser: A fork of Firefox for Android giving you more options. Most notably: about:config support!

https://developer.chrome.com/blog/resuming-the-transition-to-mv3: Yep, google really pushes on with it's Manifest v3 which will considerably limit the technical capabilities of AdBlocking addons in Chrome. The main reason why I switched back to Firefox.

https://github.com/ratatui-org/ratatui: "Ratatui is a crate for cooking up terminal user interfaces in Rust. It is a lightweight library that provides a set of widgets and utilities to build complex Rust TUIs. Ratatui was forked from the tui-rs crate in 2023 in order to continue its development." Just bookmarked that one in case I need it in the future.

https://anytype.io/: The Everything App. Haven't used it, but someone said he is looking forward to replacing Microsoft Teams with that App in his company.

https://jamesg.blog/advent-of-technical-writing/: Lots and lots of articles from a technical writer who shares what he has learned of the years.
From the same author there is also a book "Software Technical Writing: A Guidebook" available as PDF from his site: https://jamesg.blog/book.pdf

https://www.netways.de/blog/2024/01/19/check-system-basics/: One Icinga CheckPlugin to rule them all! This plugin bundles the checks for Memory, Filesystem, PSI, Load, Sensors, Netdev

https://www.kernel.org/doc/html/latest/accounting/psi.html: Documentation for the Pressure Stall Information (PSI) interface. If enabled in your kernel, reachable via /proc/pressure/. Apparently I didn't know about this and just learned of this throught the Netways check_system_basics plugin.

https://docs.cwtch.im/docs/intro/: "Cwtch (/kʊtʃ/ - a Welsh word roughly translating to “a hug that creates a safe place”) is a decentralized, privacy-preserving, metadata resistant messaging app." I don't use it yet, but bookmarked it to see how the project develops. I would really love to uninstall Whatsapp and Telegram from my mobile...

https://bios-pw.org/: Forget your BIOS password? This generator will tell you the Master password of your BIOS if your provide the manufacturer and shown hash.

https://archief.ntr.nl/tuinderlusten/en.html: Ever wanted to explore Jheronimus Bosch's painting "The Garden of Earthly Delights"? Now you can in detail with audio explanations. Really impressive.

https://www.wheresyoured.at/the-men-who-killed-google/: An article about Googles shift from better search results to more revenue and user engagement and how that came to be.

https://medium.com/@maciej.pocwierz/how-an-empty-s3-bucket-can-make-your-aws-bill-explode-934a383cb8b1: Imagine your S3 bucket gets hit with 100.000 of requests each hour, as your bucket name is listed as default config in some OpenSource tool. Imagine then that the tool actually makes requests to your S3 bucket.
Now imagine the surprised face of the person from that text, when he found out he has to pay for all the denied traffic which resulted in HTTP-4xx errors.
Hot takeaway from this: 1. Include some random chars into your bucket name. 2. If your are evil, you can increase the bill for every S3 bucket..

https://www.youtube.com/watch?v=OQoqlBog7UI: Cooking content! I'd searched for a new anti-sticking cooking pan and came around Hexclad. However as they claim to have develop a new anti-sticking material - not using polytetrafluoroethylene (PTFE) or in short: Teflon - I was sceptical. After all there is a reason why Teflon is used since decades. Turns out:The pans work, but only for 2 years. Heavily depending on usage. After 2 years you will have to send your pan in and get a free replacement because of the lifetime guarantee. Ok, good customerservice on one hand, but terrible for the environment on the other hand. Also.. I don't consider pans with a lifespan of just 2 years just to be of high quality.. And I found many Youtubers who made videos such as this one. Therefore this isn't a single incident, no, it's a flow in the material/product itself. There is also a nice text from someone (which I forgot to bookmark..) who wrote about how these pans were used in a series of Gordon Ramsay's "Hells Kitchen" and there the pans really showed that the new material is not that durable after all. There was a nice scene were one could see how Gordon Ramsay quarrels with himself as a dish couldn't be prepared properly because evidently the pan lost its anti-sticking capability in some region of the surface. Yep.. I bought a Teflon pan. 😅

https://jan.wildeboer.net/2023/02/Jekyll-Mastodon-Comments/: "Client-side comments with Mastodon on a static Jekyll website" Jan Wildeboer did that and I found the implementation interesting.

https://slate.com/technology/2024/05/deviantart-what-happened-ai-decline-lawsuit-stability.html: DeviantArt was one of the many sites of the relatively early Internet which got a lot of attention. Providing a community for artists to share their pictures. Over the years DeviantArt took a big hit. Instagram, Facebook.. Many sites gnawed at their userbase. In the last years they made a small revival. Adding long sought-after features, etc.
And now they throw everything in the trash bin by jumping right onto the AI hypetrain and not doing much to combat the growing army of bots using the original art of it's users to create hundreds of fake profiles with AI generated art, then circle-boosting themself - all to make the original artist vanish in the search results.
Seems like that was it for DeviantArt if they don't do anything against it. After all.. Which artist would join such a site?
(But to be fair: That problem exists everywhere, Youtube, Tiktok, etc.)

https://mpv.io/: An OpenSource video player for the command-line.

https://www.udm14.com/: You want a Google search result free of AI generated content? Add the search parameter "&udm=14". Which is now lovingly called "the disenshittification Konami code".

https://tedium.co/2024/05/17/google-web-search-make-default/: A text about the "disenshittification Konami code".

https://endoflife.date/: A nice website listing all of those EOL dates for software. Handy!

https://12factor.net/: This one was listed in a job-ad as a "nice to have/know" point. As "The Twelve-Factor App" didn't rign a bell, I searched for it and found the website. Basically 12 design principles about how to structure your build environment, design your software architecture and other processes.
And yes, I know some projects who would be benefit from following these.

Comments

Linkdump January 2024

Photo by Element5 Digital: https://www.pexels.com/photo/person-holding-book-from-shelf-1370298/

As some links accumulated over the last weeks it's time for another Linkdump.

https://cubecoders.com/AMP: I searched for a self-hostable game server manager. Previously I used LGSM (Linux Game Server Managers) which is a framework/compilation of bash-scripts utilizing SteamCMD to download the necessary files. But for my LAN I wanted something with a nice WebUI. Just quick and easy setup of a game server. Cubecoders AMP (Application Management Panel) is exactly this. I also liked their installer as I literally had to configure nothing. (Granted, I installed it in a separate VM on my Proxmox host. So there was nothing which whom AMP could have interfered..) As I also tried Pterodactyl (https://pterodactyl.io/) but didn't even make it through the installation process as, at that point, I simply didn't want to invest so much time into getting a game server manager running.
Yes, you need to buy a license. But for just 9,50€ you get a lifetime license which allows 5 app instances (simultaneously running game servers) and 3 panel users.

https://github.com/awesome-selfhosted/awesome-selfhosted: A list of software which is installable on a server for self-hosting. Sorted into categories.

https://github.com/awesome-foss/awesome-sysadmin: Same as above, but specifically for sysadmins.

https://www.reddit.com/r/gamedev/comments/qeqn3b/despite_having_just_58_sales_over_38_of_bug/: A reddit thread from a game developer who wrote that Linux only counted for 5,8% of sold game copies but yet those 5,8% are responsible for 38% of all bug reports. He then elaborates a bit further. Interesting read, the comments also hold some interesting bits from other people.

https://steamdb.info/calendar/: I didn't know a "Steam Release Calendar" existed but found it useful during the christmas holidays.

https://www.vidarholen.net/contents/blog/?p=1035: "What exactly was the point of [ “x$var” = “xval” ]?" - When fixing shellcheck errors on some bash scripts I forked from GitHub I repeatedly encountered this idiom and grew curious why it was used "back then". This blog post explains that.

https://stackoverflow.com/questions/76425351/how-to-replace-ps1-variable-in-etc-skel-bashrc-or-bashrc-file-using-sed-awk: Yep, a StackOverflow question. :-) When I wrote my seed-script for my FAI images I struggeled to get the PS1 variable modified as I wanted to. No escaping method I knew worked. No workaround I came up with worked. Turns out escaping the single ticks with \x27 did the trick. As can be seen in my script: https://github.com/ChrLau/scripts/blob/master/fai-prepare-user-env.sh#L96

https://www.debian.org/releases/stable/example-preseed.txt: When playing around with FAI I grew curious what the Debian way is. https://www.debian.org/releases/stable/amd64/apbs03.en.html had the answer in the form of the chapter on how to create a preconfiguration file and https://www.debian.org/releases/stable/amd64/ch05s03.en.html#preseed-args explains how to set some parameters to avoid having a dialog pop up during package install.

https://serverless.industries/2020/05/07/debconf-unattended-package-install.html (german): Turns out, installing some packages on Debian in an unattended way is somewhat complicated. So I searched for the correct way to do it via debconf.

https://austinsnerdythings.com/2021/08/30/how-to-create-a-proxmox-ubuntu-cloud-init-image/: As I currently try to find my preferred way to set up VMs automatically there is of course cloud-init. This article explains how to build a cloud-init image yourself.

https://austinsnerdythings.com/2021/09/01/how-to-deploy-vms-in-proxmox-with-terraform/: Same blog as above. This time about how to deploy VMs in Proxmox with Terraform. Well, nowadays you might want to use OpenTOFU instead of Terraform.

https://pve.proxmox.com/wiki/Cloud-Init_Support: Proxmox documentation about Cloud-Init.

https://github.com/cobbler/cobbler: From the project Readme: "Cobbler is a Linux installation server that allows for rapid setup of network installation environments. It glues together and automates many associated Linux tasks so you do not have to hop between lots of various commands and applications when rolling out new systems, and, in some cases, changing existing ones. It can help with installation, DNS, DHCP, package updates, power management, configuration management orchestration, and much more." Still want to play around with that.

http://www.infrastructures.org/papers/bootstrap/bootstrap.html: Very interesting article about how to bootstrap an infrastructure. Which tools/parts must come first, etc.

http://download.proxmox.com/images/system/: As I discovered, Proxmox hosts some ready to use images for the most popular Linux distributions. Didn't use them, so can't saying anything about the quality but wanted to share it nonetheless.

https://lookscanned.io/: That one is funny. Take a PDF, upload it and you can modify it in such ways that it looks like it had been scanned from a sheet of paper. Maybe useful for our archaic german bureaucracy!?

https://www.reddit.com/r/selfhosted/comments/180maoe/plex_crossed_a_line_with_your_week_in_review/: That one made me laugh too. But rather in disbelief than in a humoristic way. Plex decided to nuke it's entire user base by introducing a feature which shows your friends what shows you've watched and recommends stuff to you. And, of course, it also shows them what kind of "educational adult movie content" you've consumed. I'm just glad I never used Plex. Many users stated they are moving to Jellyfin (https://jellyfin.org/).

https://github.com/workadventure/workadventure: A virtual meeting software. You can move around with your avatar, seeing other users doing the same and either interact with them (also via voice and video) or move to designated zones which represents an open meeting channel. Nice idea!

https://github.com/tmux/tmux/issues/213#issuecomment-159678122: This comment finally explained to me why a horizontal split in Tmux uses the split-window -v command and a vertical split uses split-windows -h when, as I thought, it did exactly the opposite. Well yeah, if you know that the -v and -h is in reference to the Axis, then all makes a lot more sense. Thanks for the enlightenment!

https://jamielinux.com/docs/openssl-certificate-authority/certificate-revocation-lists.html: I needed to research how to create a CRL using OpenSSL. This taught me how to do it.

https://gtfobins.github.io/: "GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems." If you need a small reminder what tool you can use to escape that chroot..

https://messwithdns.net/: A tool to "Mess with DNS". It allows you to set up DNS entries and display what happens in the background if the entry is being queried. Nice to teach people how DNS works.

https://pandoc.org/: A colleague recommended me Pandoc as it can convert between many document formats like Markdown to DokuWiki markup or even Markdown to Word. Still need to install and test it.

Comments

Linkdump - Calendar Week 44

Photo by Element5 Digital: https://www.pexels.com/photo/person-holding-book-from-shelf-1370298/

From time to time I stumble across interesting links which I think are worth sharing. So I just make a "Link Dump"-Post when I have enough.

Enjoy!

Link Dump:

https://kagi.com/: Kagi is a Ad-free search engine with many customization features (see: https://blog.kagi.com/kagi-features). You can create a free account which is limited to 100 searches. 300search are 5$/month. Unlimited searches are 10$/month. Currently I'm trying the free tier and I'm loving the possibility to boost/block certain domains! (Bye bye SEO sites with no value that just copy-paste from StackOverflow and the like..)

https://sadservers.com/: You know online hacking challenges (Capture the flag)? Sadservers goes into another interesting direction. You get your own system and have a time limit to solve a certain problem. These are typical day-to-day problems at first, but with later challenges the problems get more complex. Definitely a good page for people that want to learn Linux.
Here is the article how it works: https://github.com/fduran/sadservers#replay-system

https://webvm.io/: This page is older, but I recommended it recently to a client for an internal training. Just open the webpage and you get a Debian VM to test your stuff.
They even offer a version called Mini.WebVM which you can host yourself! Details here: https://labs.leaningtech.com/blog/mini-webvm-your-linux-box-from-dockerfile-via-wasm

https://www.wired.com/story/tiktok-platforms-cory-doctorow/: Do you notice how platforms constantly get worse over time and even more so if they dominate or even have a monopoly? How they add features which add no real value for their users - but rather their advertisers... How settings are removed or stripped down? Useful features are cut just to release new ones which are no replacement and not really interesting? Or in the words of Cory Doctorow: Here is how platforms die: First, they are good to their users; then they abuse their users to make things better for their business customers; finally, they abuse those business customers to claw back all the value for themselves. Then, they die.
Cory Doctorow coined the term "Enshittyfication" in this article which I do read more and more on the web.

https://dmitry.khlebnikov.net/2015/07/18/should-we-use-sudo-for-day-to-day-activities/: A blog article from 2015 but still an interesting read which raises some interesting questions. It outlines how you can build and use systems that don't have sudo installed.

https://wejn.org/2023/09/running-ones-own-root-certificate-authority-in-2023/: How to run your own Root-CA for your personal certificates. Useful for my homelab which, of course, uses a domain which isn't publically reachable. So Let's Encrypt is not an option.

https://forum.proxmox.com/threads/shell-_-screen-text-are-broken-distortion-scramble.121947/: After switching to Firefox the WebUI-Shell in my Proxmox instances wasn't usable. Turns out: This is a side effect if you don't allow Browser Fingerprinting.

https://garrit.xyz/posts/2023-10-13-organizing-multiple-git-identities: Short read on how to organize multiple Git identities.

https://cockpit-project.org/: Web-based interface for the administration of your Linux server. Yes, there exist dozens of these like Webmin, Froxlor, Plesk.. But it looks like a nice alternative and it's also Open-Source.

https://austinsnerdythings.com/2021/04/19/microsecond-accurate-ntp-with-a-raspberry-pi-and-pps-gps/: Ever wanted to have our own NTP-Server? This article describes how to do it with a Raspberry Pi and a GPS module.

https://pboyd.io/posts/at-company-we-are-family/: This text tries to straighten the "We are a family!" claim by putting it in a somewhat bitchy way. ;-)

Comments