1. 6

    I hope that is not your password on that sticky note

    1. 40

      I doubt it is. It’s hunter2 base64 encoded.

      ➜ echo "aHVudGVyMgo=" | base64 --decode
      hunter2
      
      
      1. 27

        I only see *******, does lobste.rs hide passwords if you put them in posts? That’s a neat feature. Here’s mine to test: *******.

        1. 7

          <DavidDiamond> Here’s mine to test: *******.
          thats what I see

          1. 2

            hunter3

            1. 2

              OH NO!

    1. 10

      Well my company just got acquired. Which happened during a comically stressful move which happened on a comically stressful couple of months.

      So I’m going to go to the farmers market. Ask my partners family for a green light to marry her. & go for a long bike ride.

      I’ll fill the gaps with unpacking, and hacking on a side project or another.

      1. 3

        Your life seems very eventful at the moment!

        1. 2

          Sounds fun.. good luck!

        1. 4

          Just moved. Final days of overlap between the two leases, so going to deep clean the old place and take photos of my efforts. If my landlord tries to stiff me on my deposit, I will be able to push back.

          All other time (at new location) will be spent digging through boxes for a very specific item that I need in the moment. Along the way I will pass over twenty other items, until I later need one of those and think to myself “Ah crap I thought I just saw that?!” and go back to digging.

          I am very bad at moving.

          1. 2

            Just moved. Can confirm the ah hell, where was that thing I just had.

          1. 4

            Neat, but I still find firefox sync nicer to use. Being able to transfer URLs without having to touch your phone is what I like the most about it.

            1. 3

              Yeah, the ability to pass pages to your device without using both devices at the same time is really handy in Firefox, Chrome, and Safari. My use case for the QR code’s is when someone else is working with me and I can’t “cast” the link to them. It’s super handy to be able to just convert it to a QR code and let them scan it. Not something I use all the time but perfect when I need it. Plus the privacy aspect is nice too.

              1. 1

                I know your not implying this is the case but your individual use case does not invalidate the utility of this feature.

                I’d imagine this would be fairly trivial to implement this feature with Tridactyl’s native messenger.

                1. 1

                  I’d imagine this would be fairly trivial to implement this feature with Tridactyl’s native messenger.

                  If you’re talking about generating QR codes from URLs, there wouldn’t even be a need to use the native messenger, everything could be done in the content script. In comparison, firefox-sync integration would be near impossible to implement (that’s why most issues about it are closed :( ).

              1. 6

                Honestly, this entire thing soured me on pfSense. Macy’s code was weirdly poor in quality, and rather than actually addressing it Netgate turned everything political rather than addressing any issues.

                1. 23

                  Prometheus/Grafana ? Prometheus out of the box node exporter should have everything you need

                  1. 5

                    This is what I’m I’m using to monitor my two servers. I setup prometheus with static scrape targets for the node exporters on my two servers, as well as the application metrics on one of them. The config uses the Digitalocean private network IPs so it’s unencrypted. Then I setup Caddy as a reverse proxy with https. Finally I created a Grafana config that uses sqlite for storage, uses Gitlab Oauth to login, points at the local Prom interface, and has a slack auth token for notifications.

                    This all lives in the NixOS expression for my server, so it’s actually pretty easy to maintain. The part that took the longest was setting up the Gitlab auth. I can share the config if you’d like.

                    1. 5

                      please if you could that would be helpful. I’m always interested in how other people are setting up nixos

                      1. 7

                        Here’s what it looks like: https://gitlab.com/-/snippets/2102573

                        The network.nix is the config for morph to deploy the server. The configuration.nix contains all the config for the monitoring server. I just run nix-shell --run 'morph deploy network.nix switch --upload-secrets --on "monitoring*"' when I want to update the server.

                        1. 7

                          I followed https://christine.website/blog/prometheus-grafana-loki-nixos-2020-11-20 when setting it up on my infrastructure and it was really helpful

                      2. 3

                        I’d second this. It does require more moving parts than stuff like monit, et al, but it’s simple to set up and flexible enough that you can add in additional data as you want.

                        1. 1

                          Third vote for this! Use it at Afterburst (~20 nodes and at work with >1k nodes) cannot recommend the combination enough.

                          1. 7

                            Some more on macos, open to replace having to use finder and say to make audible alerts when make is done >.<. I also have this script to make notifications easy on the command line I call it notify and use it like notify “message” “title” (why title last? so I can just do notify message)

                            #!/bin/sh
                            message=${1:-""}
                            shift
                            title=${1:-""}
                            notification="display notification \"${message}\""
                            [ "${title}" != "" ] && notification="${notification} with title \"${title}\""
                            
                            osascript -e "${notification}"
                            

                            I also got sick of using the gui to close macos apps and made a “close” command too:

                            #!/bin/sh
                            
                            if [ -z "${1}" ]; then
                              printf "usage: close app_name\n  no application to close provided\n"
                              exit 1
                            fi
                            
                            osascript <<END
                            tell application "${1}"
                                quit
                            end tell
                            END
                            

                            None of these is particularly interesting, just useful to have around to know when something finished or to close say firefox from the command line. But it lets you then script the gui a bit easier. I suppose I could create a repo with these random macos scripts.

                            I also have an old af perl script named ts that simply timestamps output you pipe to it. I think something similar is in moreutils but I’ve had this thing for years before moreutils existed and its just a part of my dotfile setup so simpler to shunt around to any unix system.

                            1. 1

                              After just missing the audiobells from printf '\a' enough. I wrote a simple shell script to use Pushover’s api send these types of notifications.

                              I get a notification on my personal laptop (linux),work laptop (osx) and phone. I can run locally or on remote machines, OS doesn’t really matter, and the notifications are pretty much instantaneous.

                              script in question

                              Oh also pushover can be used with lobste.rs for replies and notifications

                              1. 1

                                I just want an alert on my laptop when make finishes, not get alerts on my phone heh. I just use it like make && notify “make finished”, long as i see the notification i’m happy. No need to involve a web api in things IMO.

                                1. 1

                                  I meant to reply to this, but never actually got around to it. Might as well do it now. You know, 5 months late.

                                  The reason for resorting to curl call is because these commands are often being run on a remote machine. e.g. manually kicking off a build, dumping/restoring a QA database, migrations, etc.

                                  I suppose I could loop though a reserve ssh tunnel, but that just kind of seems like a pain.

                            2. 3

                              For wayland users there is wl-clipboard which provides wl-copy and wl-paste.

                              1. 1

                                I like the pbcopy default behavior well enough that I port it for use on X11, and handle Wayland too, so I just stick with the pbcopy command; this then works better for communicating with macOS-using colleagues.

                                #!/bin/sh -eu
                                if [ -n "${WAYLAND_DISPLAY:-}" ]; then
                                	exec wl-copy "$@"
                                elif [ -n "${DISPLAY:-}" ]; then
                                	xclip -selection primary </dev/null
                                	exec xclip -selection clipboard "$@"
                                else
                                	printf >&2 '%s: %s\n' "$(basename "$0" .sh)" 'no clipboard tool found'
                                	exit 1
                                fi
                                
                            1. 1

                              My current project is an application that lets you upload audiobooks, and create a private podcast feed that you can download and stream from.

                              The basics works fairly well. There are a couple of features that I’m currently working on.

                              • Split on chapter markers.
                              • Split on time if no chapters exist.
                              • Large file upload.
                              1. 3

                                I bought a HHKB last year, and it’s been ok. A lot of people seem to over-hype it, and it might be a bit too expensive. There is a difference though, even if you only conciously realize it when using a cheaper keyboard. The default layout (control, backspace, tilde) is also something I miss on other keyboards…

                                There is something about ergonomic keyboards that I find “visually” unappealing. I can’t put my finger on it, it might be that they seem to use more space, or that the concept of a split keyboard is just foreign to me.

                                1. 2

                                  I’m a big fan of the HHKB but did apply some mods, mainly the Yang ble controller & bke redux domes (ultra light).

                                  A controller with firmware customizability made a big difference in my usage. The domes make it slightly more tactile but the difference isn’t that noticeable IMO.

                                  1. 2

                                    That’s my general thoughts as well. It’s way too expensive for what it is… But if you have one and you use the command line a lot, it is really quite ergonomic for the situation.

                                    1. 2

                                      I luckily got mine for about 100 euros less than it is currently being sold for (at least on Amazon), but even then it is a lot.

                                      1. 2

                                        How do you get around the lack of CTRL and ~ in the command prompt?

                                        1. 1

                                          CTRL is located where caps lock usually is.

                                          1. 1

                                            What do you mean by lack of CTRL?

                                        2. 2

                                          I really enjoyed my HHKB, but yes, definitely expensive. Now I’m on a much cheaper OLKB and I can’t even use my HHKB. I may have to sell it finally.

                                          1. 1

                                            I have this as well and I am quite disappointed… the keys get stuck every couple days and forces me to restart (I’ve cleaned it a number of times). Rather disruptive…

                                          1. 3

                                            I’m going to have a super long weekend. Like taking off all of next week long weekend. My girlfriend and I realized that we haven’t taken time off since Christmas of 2019.

                                            There’s a fair bit I want to get done, but thus far we are intentionally not planning anything until we had some time to rest. Buuuuuuut prospective things to do include

                                            • Finishing work on a workbench
                                            • Mapping out garden for warmer weather.
                                            • Worrying I have turned into my parents.
                                            • Working on an audiobook to podcast project I started a while back.
                                            • I’ve been kicking around the idea of writing a blog post detailing simple step by step example of various cryptography algorithms. did this as a freshman in college for a discrete mathematics class and am thinking that level of understanding is kind the ideal target for it. Soatok’s Crackpot Cryptography and Security Theater, which I recommend, was an impromptus bringing this to front of mind. a few very simple step by step examples of how various cryptography algorithms work. I
                                            • Reflashing the sonoff zigbee bridge and making zigbee devices addressable from mqtt server.
                                            • Reading. Not sure what. Likely Rhythm of War
                                            1. 11

                                              I wonder how this would compare with zfs send and encrypted snapshots.

                                              1. 6

                                                I’d also like to see zstd swapped in for gzip.

                                                1. 2

                                                  I’m not convinced the performance tradeoffs make ZFS’ zstd implementation a worthy replacement for the good speed/performance balance of lz4, FWIW. Definitely a replacement for gzip though.

                                                2. 2

                                                  My guess is using raw sends would be better in almost all categories except maybe compression.

                                                  1. 6

                                                    This reminds me of an interview questions I heard about a while back.

                                                    Is it better to encrypt then compress or compress then encrypt?

                                                    The incorrect “correct” answer is that is to compress then encrypt, as a encrypted blob should be relatively indistinguishable from random noise so compressing an encrypted blob will do very little. So you should always compress and encrypt.

                                                    The correct response is that compressing and encrypt can leak information about the data being encrypted. There is the BEAST & CRIME as to obvious examples of this, but in the example of an compress and encrypted audio stream you can actually use variation in packet size to approximate what is being said.

                                                    So the answer is, as always, it depends, but generally for security just encrypt it and send it. Compressing it is largely useless, or potentially harmful.

                                                    1. 3

                                                      I think that’s more for client-server protocols, though? In practice, the threat model for ZFS encryption is someone with physical access to your disk or someone who can intercept the send stream. The manpage warns about using encryption and compression (as well as encryption and deduplication, but that one is obvious to me, dedup weakens the encryption in a really obvious way) - but I’m struggling to see how someone could mount a CRIME attack against the same disk. Maybe multitenant environments?

                                                      Since compression is applied before encryption datasets may be vulnerable to a CRIME-like attack if applications accessing the data allow for it. Deduplication with encryption will leak information about which blocks are equivalent in a dataset and will incur an extra CPU cost per block written.

                                                      1. 4

                                                        My understanding is a lot of these attacks depend on the attacker being able to induce the client to encrypt attacker controlled data and also be able to see the encrypted result. This seems extremely difficult (though not totally impossible) with tools such as bupstash, this is because backups are largely one way transmissions and offline interactions often at some point far in the future.

                                                  2. 2

                                                    I also experimented with btrfs send into a bupstash repository, which seems to work quite well, though is not totally incremental like what you suggest. The bupstash send log at least cuts down on network traffic, though in that case it still requires we read the whole snapshot from disk.

                                                    https://bupstash.io/doc/guides/Filesystem%20Backups.html#Btrfs-send-snapshots.

                                                  1. 2
                                                    Work
                                                    • Rebuilt the servers configurations. Need to feature out how to stage them without breaking QA testing. May just put in pin it in for the time being.
                                                    Personal
                                                    • I’ve been working on a hugo theme, that I’ve started too look back at and think, wait did I create a monstrosity? Sure these features exist in Hugo, but the fact that I’m using them may be a good indication that something has gone wrong.
                                                    • There’s a blog series I’ve been wanting to write called “stories to misuse in technical arguments”. Current topics include lifeboats on cruise ships, the electric dynamo, and cassava root. Though I’ve been waiting to write a bit on Galileo’s principal for a long time
                                                    1. 4

                                                      Starting a new job in a week and it requires knowing my way around a Java codebase. Thus, I’m going through Learning Java (not that I think I’ll learn Java in a week…). It will be a good refresh / intro, I hope. I’m actually excited to use Java (a language I’ve always avoided) on a day-to-day basis. Otherwise, brushing up on whatever is new in Rails and Ruby. Alsoplus reading The Iron Heel.

                                                      1. 2

                                                        As someone who works in javaland, it might be worth understanding which version of java your employer is using. Less because the language has fundamentally changed, more that there is a large cultural diff between java shops that run java 6 and java 14.

                                                        Congratulations on the new job. I hope its great.

                                                      1. 4
                                                        • Waiting on Covid test results

                                                        My partner works at the local Domestic Violence shelter, which is the perfect combination of small confined coliving space for strangers and their kids in a locked door building that requires 24 hour supervision (e.g intakes). Thus far 1 board member & 2 staff members have tested positive, with 2 more symptomatic. Fortunately no one in the residency looks like they’ve gotten it yet.

                                                        • Fixing middleware rules in treafik
                                                        • Got a Kobo ereader. I’m going to work on getting calibri-web & Wallabako running on it. I might even read something on it.
                                                        • reflashing my sonoff zigbee bridge
                                                        • pet projects 2,3,4
                                                        1. 2

                                                          Were you in the second batch? The third is suppose to start shipping between October 23 and ~Nov 6th but I haven’t heard anything yet.

                                                          1. 2

                                                            I was very early in the third batch, my keyboard shipped on the 21st. Order number 24xx.

                                                            1. 2

                                                              Mine shipped 21st and I was late in the second batch - but I got an email a few weeks ago telling me that they had to delay my order due to QC rejects on case molds. Might be worth scouring your emails for that if you’re in the second batch and haven’t seen yours yet.

                                                            1. 21

                                                              Two things.

                                                              1. An Emacs for the web – browser primitives, but with hooks and definitions that allow full user control over the entire experience, integrated with a good extension language, to allow for exploratory development. Bonus points if it can be integrated into Emacs;

                                                              2. a full stack language development environment from hardware initialization to user interface that derives its principles (user transparency, hackability) from Smalltalk or LISP machines, instead of from the legacy of Unix.

                                                              1. 5

                                                                Nyxt maybe what you are looking for. More info here & here.

                                                                1. 1

                                                                  Oooh, indeed. That is significantly closer to what I want.

                                                                2. 4

                                                                  Re 2: Sounds like Mezzano https://github.com/froggey/mezzano apparently. Actually running on arbitrary hardware is even harder, of course, because all the hardware is always lying…

                                                                  1. 1

                                                                    That seems interesting!

                                                                    Really, you’d bootstrap on QEMU or something, and then slowly slowly expand h/w support. If you did this, you could “publish” a hardened image as a unikernel, which would be the basis of a deployment story that is closer to modern.

                                                                    ETA: I’m not sure I’d use Common Lisp as the language, but it’s certainly a worthwhile effort. The whole dream is something entirely bespoke that worked exactly as I want.

                                                                    1. 3

                                                                      Well, Mezzano does publish a Qemu image, judging from discussions in #lisp it is quite nice to inspect from within, and judging from the code it has drivers for some speicifc live hardware… A cautionary tale, of course, is that in Linux kernel most of the code is drivers…

                                                                      1. 4

                                                                        Not something that Mezzano is currently trying to do afaik but there was a project, Vacietis to compile C to CL with the idea idea to be able to re-use BSD drivers that use the bus_dma API. From http://lisp-univ-etc.blogspot.com/2013/03/lisp-hackers-vladimir-sedach.html :

                                                                        Vacietis is actually the first step in the Common Lisp operating system project. I’d like to have a C runtime onto which I can port hardware drivers from OpenBSD with the minimal amount of hand coding

                                                                  2. 3

                                                                    #1 emacs forever.

                                                                    1. 1

                                                                      Would something like w3.el be a starting point for this, or are you envisioning something that doesn’t really fit with any existing elisp package?

                                                                      1. 2

                                                                        Like, I’ve used w3 in the past, but I’m thinking more like xwidgets-webkit, which embeds a webkit instance in Emacs. I should start hacking on it in my copious free time.

                                                                        1. 1

                                                                          That makes a lot of sense. This makes me think of XEmacs of old, ISTR it had some of those widget integrations built in and accessible from elisp.

                                                                          Come to think of it, didn’t most of that functionality get folded into main line emacs?

                                                                          I love emacs, a little TOO much, which is why I went cold turkey 4-5 years back and re-embraced vi. That was the right choice for me, having nothing at all to do with emacs, and everything to do with the fact that it represents an infinitely deep bright shiny rabbit hole for me to be distracted by :)

                                                                          “If I can JUST get this helm-mode customization to work the way I want!” and then it’s 3 AM and I see that I’ve missed 3 text messages from my wife saying WHEN ARE YOU COMING TO BED ARE YOU INSANE? :)

                                                                          1. 2

                                                                            I feel seen. Yeah, I basically live in Emacs; it informs both of my answers above; basically, I want the explorability of Emacs writ large across the entirely of my computing.

                                                                    1. 41

                                                                      An independent web browser that isn’t based on Google-funded code and has full keyboard control.

                                                                      1. 6

                                                                        While its not a single platform, you might interested in tridactyl. Its a firefox extension, some of its greatest hits:

                                                                        • Vim style keybinds (link navigation. element selection, scrolling, tab/buffer switching)
                                                                        • Allows integration with the underlying system using a native messenger. You can send a youtube video to mpv, or pass in a region of text to an text to speach engine.
                                                                        • Keybinds are user definable and can be composed. E.g. do x then y pipe that to z.
                                                                        • Ever want to edit a text block (like this) in the editor of your choice? Just hit ctrl + i
                                                                        • custom color themes
                                                                        • Has a scriptable way to define new functions, albeit a little messy. e.g.
                                                                          alias tabsort jsb browser.tabs.query({}).then(tabs => tabs.sort((t1, t2) => t1.url.localeCompare(t2.url)).forEach((tab, index) => browser.tabs.move(tab.id, {index})))
                                                                          will define an alias for tabsort that, well sorts tabs by domain name.

                                                                        I’m not related to the project, but I do sing its praised every change I get.

                                                                        1. 1

                                                                          Thanks; I’ve heard of this but A) I don’t use vim or want to learn it and B) it runs on a browser whose rendering engine just had its entire team get fired and C) it’s also a google-funded browser.

                                                                        2. 5

                                                                          Your wording allows currently Apple-funded WebKit (and I think there are some WebKit wrappers that qualify already), is it intentional or not?

                                                                          1. 2

                                                                            Given that webkit was the original rendering engine for Chrome I would not count it as being independent, no.

                                                                            I mean, I still use it, but I would prefer to have a healthy selection of engines rather than just a bunch of Chrome descendants.

                                                                            1. 9

                                                                              Technically, Google did not do any work on WebKit, it just added V8, then later forked the thing. So it’s all descendants of KHTML → WebKit, with Google being of no use for WebKit proper. And Gecko, which I guess can also plausibly be called Google-funded…

                                                                              [the problem, of course, that with people saying «Living Standard» without noticing it is an oxymoron, any browser will either have large compatibility issues, even if the good side of the Web is viewable even in Links2, or be a horrible mess because it chases a moving target that moves too fast to have reflection on consistent design]

                                                                          2. 4

                                                                            qutebrowser

                                                                            It was about a 3-day learning curve for me, but I’ve loved it ever since.

                                                                            Full keyboard control, but some things you can’t do with the mouse :)

                                                                            1. 4

                                                                              Qt WebEngine, which is what Qutebrowser runs on, is essentially just Chrome’s layout engine. Nearly everything is Chome nowadays.

                                                                              1. 1

                                                                                You’re right about the layout engine, but it’s much better than Chrome all-around. No phoning home, built-in adblock, respect for keyboard user.

                                                                                1. 1

                                                                                  It can also run on QtWebKit, but I think they’re going to phase that out, as it’s quite outdated.

                                                                                  https://github.com/qutebrowser/qutebrowser/issues/4039

                                                                                  1. 2

                                                                                    I’m still not sure what to do about QtWebKit support - right now, I’m still waiting for something to happen (ideally a new QtWebKit release rebased on a newer upstream WebKit) given that it’s still in active (even though slow) development: https://github.com/qtwebkit/qtwebkit/commits/qtwebkit-dev

                                                                            1. 9

                                                                              I’ve been running sway since February of 2019, when it was still pretty rough around the edges.

                                                                              I was migrating away from OSX and decided to clear a week and test the waters with Sway. First thing I realized is how few things on a computer I actually use: a browser, a terminal, and editor. Since then I’ve started filling out the missing parts.

                                                                              Most x11-compatable applications work out of the box. Some require some argument to be set. Some things don’t care (e.g. mu/mbsync), some things use a standard messaging system (SchubsiGo), and something primary function is not the window element (nextcloud).

                                                                              There isn’t really the lack of tooling anymore.

                                                                              1. 2

                                                                                this is a late reply. thanks for the list – I learned a couple of things.

                                                                                Two things I miss from my work macos are text expansion and remapping capslock to hyper (super + ctrl + alt).

                                                                              1. 3

                                                                                Nice breakdown of your desktop. I used rofi for a long time but it bugged me that my launcher was running under XWayland, so switched to bemenu. I find this to be better suited to my needs (I don’t need all the features of rofi), more aesthetically pleasing, and best of all, it’s Wayland native :-)

                                                                                1. 3

                                                                                  There is a pull request that adds wayland support to rofi, but its unlike to get merged. That being said you can either compile it yourself or if you have access to the AUR install it from there.

                                                                                  1. 2
                                                                                    1. 2

                                                                                      I use wofi too, but it launches multiple instances if I press the same keycombo multple times. I wish it didn’t

                                                                                      1. 2

                                                                                        You can probably fix this by preceding the command to run the launcher with a killall command in your config.

                                                                                  1. 3

                                                                                    It’s father days in the US Sunday. I’m going to spend a couple ours playing a game he loves with him. It’s not really my speed, but I he lives on the other side of the planet, and I miss him.

                                                                                    Aside from that. Go for a short 20 mile bike ride, and work on a work bench.