1. 15

Feel free to tell what you plan on doing this weekend and even ask for help or feedback.

Please keep in mind it’s more than OK to do nothing at all too!

  1.  

  2. 12

    I’ve been inspired by a site I stumbled across called Tiny Projects (https://tinyprojects.dev/projects), and I’ve also been listening to a lot of the podcast A History Of Rome, so I want to build a silly thing I always thought would be fun: a site to tell you which emperor you should vote for. Do you think there should be free grain allotments? Should provinces be given a pathway to Roman citizenship? Find out here who your guy is!

    Sure it’s silly and probably won’t be historically accurate, but I think it would be a fun way to learn about and explore the various policies of Rome over the years.

    1. 5

      This sounds very cool, please share when you can 😀

    2. 10

      Continuing work on my Elixir/Phoenix clone of Lobsters side-project. Working under the incredibly creative name ‘oysters’ for now.

      1. 2

        Do you have an example site running anywhere?

        1. 1

          Nothing to show yet. First I had to translate the ActiveRecord data model to Ecto. Then I got logging in/out working with phx_gen_auth, and now working on the user pages/controllers. I am getting all the pages working before I move onto the more meaty logic like RSS feeds, mailing list, karma, voting etc.

        2. 2

          Was thinking about something similar as a showcase of my “perfect deployment” of Elixir application. Maybe later though.

          But when you will have something to share, then feel free to ping me for some review.

          1. 2

            Thank you for the kind offer. I will reach out.

        3. 7

          Create the landing page for https://game.ci/ a community building a free and open source solution to game operations relying on existing CI/CD tools.

          I want to make it easier for new users to get started and understand the benefits of using CI/CD for game development.

          1. 2

            Dunno if it’s just me but I get stuck on that page on ios safari and can’t go back to the previous page. Something to do with the drawer opening?

            1. 1

              Hey thanks for the feedback, I’ll create an issue and see if I can fix that too. :D We use Ant design and it probably has something to do with this indeed. Right now, it’s just pointing to the docs, but I’d like to have a page that explain what it is instead.

            2. 1

              For me the big missing thing here is access to a bunch of runners with different consumer hardware and driver versions. Basically, I want one ci runner for each of the most popular nvidia and and cards, and a a few hybrid GPU laptops. Each with a choice of driver version, and windows version. I’ve never seen anything like this available unfortunately.

              1. 2

                That si quite specific, but it sounds interesting and I definitely see the use case for game development, especially for big studios where they want to confirm things are working smoothly for what people use. Sounds like you’re looking for a service similar to Browserstack, but for access to “gamers devices”. Cool thing about the way we built things with GameCI is we rely on existing CI solutions as github-actions and gitlab-ci which allows you to run the runners on your own hardware. It’s quite of a setup, but if you do have access to this kind of hardware, it’s just a matter of tagging the runners correctly and creating build matrixes (aka writing some yaml). But it sure sounds much easier than it really is.

            3. 7

              I finished the first chunk of Crafting Interpreters “A Tree-Walk Interpreter”. I used Python (rather than the Java example code) and learned a ton. I’m currently extending the language I built so I can use it for small projects.

              I’m adding things like import/library support, an event loop, web stuff (client/server), etc. I’m taking inspiration from JavaScript, Python, Ink.

              1. 5

                I’ll be swapping on summer wheels, cleaning, clay barring, and ceramic coating my car in preparation for the automotive enthusiast season. Probably going to the local car meetup on Sunday (depending on weather) and then chilling at home or with my girlfriend.

                1. 2

                  Cool. I love reading these kinds of updates which aren’t tech-related

                2. 4

                  I’m continuing my FORTH/Joy inspired toy language. I’ve decided to drop the incomprehensible FORTH word declaration syntax (: WORD <BODY> ;) for a more readable (word <WORD> { <BODY> }). This has required me to drop the hand-rolled parser I’d been using until now, so I’m finally getting acquainted with parser generators and PEG.

                  1. 3

                    Playing around with Alsa and writing a small synthesizer, to learn more how they work.

                    1. 3

                      Moving my home Perforce, Gitea and Jenkins services to a new updated box. I’ve never done this sort of stuff before, so hopefully the docs are clear and my backups are good.

                      1. 3

                        Installing drives in my new Synology DS220+ :-)

                        My old was a 212j so this should be a real upgrade. Looking forward to have a stable base to run docker containers for learning (me and the kids) and home automation etc.

                        Tidy up upstairs: I ’ve built a multipurpose “gaming couch” earlier this year - the real purpose of which is to hide spare mattresses and storage boxes :-)

                        If I get enough time: Build a L-shaped standalone wall in front of the couch. The side facing the couch is for Playstation 4 as soon as they hopefully become cheap soon.

                        The other side should have a desk for schoolwork.

                        1. 3

                          Making a load of maps for gather.town, as we’re having a secret work event on it (if you work with me, ignore that previous sentence)

                          1. 3

                            Hoping to draft a static ~thing (not quite sure if it’s a tool, glue around some existing tools, just a feature) that can distinguish between executables that will not (or are unlikely to) execute user-specified executables from their arguments, and executables which “might” do this.

                            (’“might” do this’ here means: I want to distinguish these to flag them for user triage, so I can tolerate many false positives if it is fairly quick and there are no/few false negatives. I’m concerned with “normal” executables that do this as a feature–things like sudo, find, and xargs–not with bugs/exploits/injections.)

                            I’m focused on binary executables first, though the logistics of also handling a few scripting languages may shape the solution. I spent the last week+ sifting existing tools and trying to understand what’s possible with static analysis here. I don’t have much background in compilation or binary analysis and need this to work somewhat cross-platform; I’ve found it hard to find material that is the right mix of generic/global and specific.

                            I imagine the first draft will start with something like: it uses a syscall or library function known to execute other programs. From there, I hope to reduce the number of false positives with heuristics (ignore if the appropriate argument isn’t a variable? ignore programs that don’t use an argv index >=1?) without trying to recover the full call graph.

                            A little background/motivation: for the past year I’ve been picking at a tool (resholve) that resolves bare command invocations in shell scripts to absolute paths. I’ve skated surprisingly far on only sub-resolving for a hard-coded list of builtins/externals that can run other executables, but I’d like a backstop that can handle the long tail.

                            1. 2

                              Hmm, sounds interesting.

                              Just in case this is helpful, and not something you’ve long since considered and rejected: as a first pass, you could try objdump -R <executable> | grep -e exec -e system ...? That would get you every dynamically-linked binary that references the named symbols (in libc or in another library.)

                              Notably, that approach will error out for statically-linked programs, and may give false positives for programs that hardcode syscalls. (I know Go programs on Linux hardcode syscalls, and at least Ubuntu’s /usr/bin/go is a dynamically linked program, so… expect false positives?)

                              Of course, actual static analysis can be a lot more precise, and it’s certainly more fun!

                              1. 2

                                No suggestion too obvious here–I’m mostly fumbling around in the dark and not at all above doing something horrifyingly crude for a first draft :)

                                If I get the false negatives hammered out and it isn’t churning out a painful number of false positives, I’m happy to leave it there for a while and hope someone who has their sea legs happens along. I’m somewhat resigned to any solution being subject to a parade of, “but this misses X” discoveries.

                                I see what objdump -R does on linux and I’ve considered some takes along these lines with tools like objdump and nm. It seems like on macOS the corresponding flag may be --dynamic-reloc, but it didn’t do anything by itself (I assume I need to pair it with some other).

                                I still have some tools/options to run to ground, but some things I’m considering are:

                                • https://github.com/etke/ief can search all of the binaries in a directory for those that import or export a given symbol, so I’ve thought about forking and adding the ability to match any of a list of symbols.
                                • Trying to match these with YARA rules + the magic (libmagic) module. My interest here is mostly because it seems to be able to batch-scan a lot of executables quickly and could handle at least a first-pass for multiple scripting languages as well (i.e., match python scripts into a rule that does a naive string check for relevant imports and symbol names, but maybe actually parse matches into an AST to disambiguate). It seems like it’s feasible to spot the calls on Linux like this, but I’m getting the impression it isn’t this simple on macOS (or any BSD?).
                                1. 2

                                  Looks like I can do this in Python via LIEF, though I’m not sure if it’ll fit in to the big picture or not. Checking a single binary for two symbols appears to take a little over 50ms on my system; tolerable for small numbers but less than ideal for a bulk check. Also, I’d have to jump some hoops to use it from python27.

                                  1. 2

                                    That… may be acceptable, especially if you can fork() and cache etc.? objdump is definitely faster, but…

                                    That said, on second thought, are you sure a tool that unpredictably detects whether a binary calls user-provided programs is preferable to a tool that simply hardcodes a list (and allows the user to add to that list)? The latter, at least, fails in simple ways. (In particular, when developing on a system that has fewer/different binaries than the deployment target.)

                                    1. 2

                                      Not really. :)

                                      I’m in a minor pickle, and I don’t think there’s a compromise-free out. It’ll come down to how un/reliable it is.

                                      One of resholve’s goals is not letting undeclared dependencies slip through unless the user explicitly exempts them. This enables it to block a build/packaging process if anything is missing.

                                      • If an executable with this behavior isn’t in resholve’s hardcoded list, it’ll miss any dependencies passed as arguments. (Unless they happen to be used elsewhere in the script. I’m less-worried about these because it’s at least possible to brute-force search for words that match already-found commands).
                                      • At least wrt to this goal, one fix is to flip it around: treat all non-whitelisted executables as potential sub-executors and make the user triage their arguments for potential executables. But I think this will scale really poorly for everyone involved.
                                        • Whitelisting commands centrally seems like a labor-intensive treadmill.
                                        • It isn’t really “safe” for the user’s main lever to be whitelisting the whole command. For example, the user might whitelist the find command after running into a few benign instances without realizing the -exec option exists and is used elsewhere in the script.
                                        • Making the user exempt every invocation of a non-whitelisted command (or at least, every distinct argument?) is probably OK for short scripts, but it’s going to be a real slog for long ones (and the masochists who stick with it probably stop thinking carefully about the choices they’re making after a bit).

                                      In any case, last night before bed I decided to refocus today on starting to pull together a testing process for taking a kitchen-sink of commands (currently looks like 602 on macOS and 640 on Linux) and comparing different approaches. So far I have: a direct grep on the binary, the ief command mentioned previously, nm ... | grep, and yara. Here’s a test run if you’re curious.

                            2. 2

                              Gonna finish the first part of my VM implementation in Nand2Tetris and work through the 2nd chapter of the reasoned schemer with some friends.

                              1. 2

                                I really want to figure out how to get multiple static IPs on my Ubiquity UDM Pro WAN connections. A friend at work told me the 1.9 beta firmware support this.

                                I’m keen to expose a proxmox machine to the internet from my business connection.

                                I also need to build some raised garden planter boxes and mount some curtain rods on the walls.

                                1. 1

                                  Update: static ip fail. The UDM Pro cannot have a pppoe WAN and multiple static IPs. Wah wah.

                                2. 2

                                  I was gonna write something for the blog but I think I just won’t this weekend. I’ve had an experience that I just want to recover from.

                                  1. 2

                                    Continuing retooling of my network.

                                    I rebuilt my two local DNS resolver machines with OpenBSD and FreeBSD. The one with FreeBSD will run a couple Jails as well. The one with OpenBSD hosts my wireguard server. Both are unbound forwarders to NextDNS.io.

                                    Next is provisioning and setting up a VPS - either on vultr or prgmr. It’ll run OpenBSD and have a wireguard peer connection to my local network for easy access.

                                    Last is migrating my site over to the VPS from its current Digital Ocean droplet.

                                    All of this is in an effort to transition from Ubuntu LTS to either FreeBSD or OpenBSD. I have tended to use BSD for my laptops but not my servers and I’m getting annoyed with the differences.

                                    1. 2

                                      I plan on building a clone of task/time-warrior that integrates time tracking as well as makes it possible to pull tasks from a remote Redmine(s) and then keep the local copies in sync. Maybe not the most efficient use of my time, but I am getting rusty since neither of my $dayjobs involves programming currently. I am using Haskell because I want to get better at it.

                                      1. 2
                                        • Finally managed to update my Perl one-liners ebook
                                        • Started looking into a suitable theme for starting a book review blog. Currently trying out DeepThought theme(zola)
                                        • Currently reading Exodus of Gnomes and enjoying it. Was looking for a fun read without having to pay too much attention to the story and this is well suited
                                        1. 2

                                          Setting myself a singular goal with the homelab of getting my radiator temperatures stored into Prometheus. Currently don’t have any infrastructure running to achieve this, so there’s layers of stuff needed. Instead of getting lost in the weeds of what to build where, I just have the first thing to achieve. Written it on my whiteboard and everything. (Yes, this is me trying to brain-hack my way out of homelab procrastination.)

                                          Got some books from work to read, currently partway through SQL Antipatterns and so far it’s been an enjoyable refresher on why some things are usually a bad tradeoff. Should be able to finish it this weekend.

                                          Also need to break the mower out and service it. Fresh petrol, oil, etc. Then cut the lawn.

                                          1. 1

                                            I’m playing with Temporal (https://temporal.io/) and re-implementing my personal data backup process as workflows. If anything, it means I can get rid of my homespun UI to report on job histories with the an existing one.

                                            1. 1

                                              Check out (again) the PureScript ecosystem. GHCJS is fun and all, but its future is uncertain.

                                              1. 1

                                                Getting Apple’s SPI input devices to work on FreeBSD!