1. 5

    I swear by org-mode. https://orgmode.org

    1. 2

      What do you do when you’re not at a computer?

      1. 2

        I’m new to the emacs crowd, but just today I’ve installed Orgzly on my Android phone, syncing is a little bit odd though. I’m not sure though if I prefer the built-in calendar/reminders system or rather go with some emacs <=> CalDav integration (if such a thing exists).

        1. 1

          That post seems a bit like an overkill to me. I personally prefer to use the built-in sync with Dropbox (disclaimer: only built in in the Google Play version, not the F-Droid one), but people that keep it clean from closed code recommend Syncthing to do it

          1. 1

            You can call it overkill, but right now it’s the only way of syncing with this tool - I don’t have Play Store and I also don’t have Dropbox. I think Dropbox is acting in bad faith.

            1. 5

              Have you considered using Syncthing? It’s a peer to peer file synchronization utility that doesn’t rely on Google, and doesn’t store your data anywhere but your devices.

              1. 1

                Syncthing is mentioned in the thread I’ve linked to in my initial comment. I’ll still give it a try, since I haven’t considered it at all. Note: I haven’t used Syncthing in the past two years, maybe it has improved.

                1. 1

                  Syncthing is pretty terrible on Android, regularly was out of sync, and took my battery from ~28 hours to ~4. Wondering if there are specific setups that use less cpu for syncthing.

                  1. 1

                    I must have randomly stumbled into a working configuration, since my Keepass database stays pretty well-synced and my phone will usually last a day without needing charging. Sorry it doesn’t work for you, though.

                2. 1

                  I keep my org-mode files in my Nextcloud instance, and in the Android app mark all the files to be kept in sync. Orgzly auto-syncs them now, no need for Tasker or anything.

        1. 2

          Lots of things can already be done with portable sh code. typeset for example is quite powerful but mentioned nowhere in the repo:

          $ var=VaL; typeset -l lvar=$var; typeset -u uvar=$var
          $ echo $lvar $uvar
          val VAL
          

          In fact, this builtin is often wrapped by the shell itself, at least in OpenBSD’s ksh:

          $ alias | fgrep typeset
          autoload='typeset -fu'
          functions='typeset -f'
          integer='typeset -i'
          local=typeset
          
          1. 2

            typeset is not posix

            • posix sh has no way to do what typeset -f does
            • bash has no way to do what typeset -fu does in your ksh
            • typeset -i doesn’t really have the same effect in bash and ksh
            • the posix way to convert a string to lowercase/uppercase involves tr or awk
            • most popular shells support local, but it’s not posix either

            “portable sh code” != “it works on my openbsd”

            1. 1

              Note how I did not speak of POSIX; you mistake the ksh example as general assumption. My reply to pl’s comment tells you what I meant with “portable” (admittedly, wording was a bit misleading).

              1. 1

                what’s your definition of portable?

            2. 1

              What do you mean with portable sh code? I just tried it with dash and it has no typeset built in.

              1. 2

                At least available in Bourne and Korn shell derivatives; (Debian’s) Almquist Shell does not implement that particular builtin.

            1. 3

              Does it work properly with stdin and EOFs sent with ^D?

              1. 6

                Yes.

                1. 1

                  I didn’t know this was an issue. :-) tail -f - hitting ctrl+d does not quit the program, but cat - does.

                1. 1

                  Can someone maybe explain when one should use an API framework and when something like a micro framework such as flask or django?

                  1. 6

                    I wouldn’t call Django a micro framework. It is more a full featured web frameworks which works well for building web applications. However, it is not intentionally designed for building small footprint APIs (although it is perfectly possible, e.g. together with django-rest-framework). Flask is a general purpose framework but with a smaller footprint. This is a real micro framework imho. Molten looks much like flask but it adds some interesting aspects like type hinting, dependency injection and is primarily designed for building APIs.

                    So, in general the more your use case leans towards a full blown (multi page) web app, the more likely Django might be a good candidate to look at, the more you’re just building APIs, the more something like Molten could be a thing to look at. Flask is somewhere in between.

                    However, as all three of those frameworks would certainly be able to fit nearly more or less any web based use case, remember there are some other things to consider when choosing a framework, such as developer’s knowledge or preference, availability of third party libs, popularity/community etc.

                    1. 2

                      Yeah Django is optimized for making it incredibly easy to create server side database driven applications. It’s also great for creating APIs, but it’s still optimized for the use case of “define your data model and we’ll take care of the rest”.

                      For some people like myself who are web dev newbies, that can be a huge bonus, but lots of folks want more flexibility and less overhead, so packages like this come in.

                  1. 3

                    So cool!

                    When reading articles such this, main questions I’m asking myself are “Why didn’t I want to figure this earlier? and “What else am I missing out”?

                    I mean, I’ve read this Wikipedia section and a page by ~mascheck at some point - but this posting puts #! in executable files into a much better perspective.

                    1. 5

                      Looks really cool, there are way too little alternatives to Discourse and I hope most developers/admins will agree - that mailman or hyperkitty never managed to become a decent web-application (with, or without JavaScript).

                      A link to forum.nim-lang.org in the git repo would be nice, though. :-)

                      The rst-syntax example page is interesting, as we’ve learned on 1st April on @lobsters, you want to scrape/mirror/resize/convert foreign image embeddings.

                      1. 5

                        Thanks for the feedback, I added a little link below the image to forum.nim-lang.org.

                        Indeed, this issue regarding foreign image embeddings didn’t even pop into my head. I shall make a note of it and hope nobody embeds a huge image in the meantime :)

                        1. 3

                          Sure! :-)

                          Ah, completely missed that the image is a link to the forum, but now it’s better - might become a longer list, once more projects are using NimForum :-).

                          PS: Maybe one could get you a lobsters “nim-hat”.

                      1. 6

                        Main home server:

                        Jukebox:

                        Tiny virtual servers:

                        • DNS (bind9)
                        1. 3

                          Thank’s for the pointer to weeWX, I’ve more thought of using Grafana to display weather data. Are you able to create alerts (something is moving in your flat) with motion?

                          1. 3

                            Yes, you can tell Motion to run a command when motions starts, when motion ends etc. I don’t use that functionality at home, but at work I use it to send an XMPP message e.g. when somebody enters the serverroom and when the video is completed (including a link to the video), so I can keep track of who enters and what they do.

                            I have had to fiddle a little with ignoring part of the image that constantly flickers in the server room; I can recomment Motion, it works well.

                            weewx does enough that I haven’t bothered doing something with the data myself - I’ve only changed the display (colours and such) to integrate it into my website.

                        1. 4

                          Self-hosting is for me a long term project and I’m working on it infrequently… I should probably write a blog-posting at some point. I really need to start using some provisioning/automation tool… I can’t decide which ‘container’ technology I’d like to use.

                          Already hosting:

                          • Monitoring
                          • Music Player Daemon
                          • NFS (I’ve a dedicated storage, which is physically seperated from the application hosting hardware)
                          • WireGuard as transport-layer encryption and authentication for the seperate nfs-exports
                          • WireGuard VPN
                          • nginx

                          Planned:

                          • mail (not decided which setup)
                          • radicale
                          • a web photo view, hopefully with rich metadata
                          • git-annex (I still haven’t figured out how I can have a git-annex non-bare-metal repo, which let non annex-aware application access the data)
                          • some self hosted ‘dropbox’ alternative (not decided which tool)
                          • some issue tracker
                          • Firefox Sync Server
                          • XMPP/Matrix
                          • DNS
                          • Offsite and/or cloud backup (I ‘only’ got 2.5 Megabyte/s upload, so 4TB to upload will take at least three weeks)

                          The whole setup (three computers) are using constantly about 60W (I’ve an energy meter installed).

                          The setup costs me about 30 Euro for the Internet, ~12 Euro for electricity and 5 Euros for some server in a datacenter.

                          If I’d store backups on backblaze ‘B2’, it’d cost me at least 20 Euros per month to have cloud-backups. (0.005 Cent per GB for storing uploaded data) and 0.01 Cent per GB if I need to retrieve the data. I should probably not mention this in public, but another possibility would be running the Backblaze Personal Backup in Wine (which I’ve tried out in 2014) - but this would be clearly a violation of the terms, and you’d have to hack something together, that ‘transparently’ encrypts all files infront of the backblaze wine client, and still is able to support delta uploads.

                          1. 5

                            Beautifully-done illustrations on top of the good info.

                            1. 4

                              I’m thankful for the rich “metadata” structure of svg’s. Some 1, 2 are done in Visio:

                              <!-- Generated by Microsoft Visio, SVG Export StringTable.svg Page-12 -->

                              Others in Inkscape:

                              <!-- Created with Inkscape (http://www.inkscape.org/) -->

                              I’ve been experimenting https://draw.io in order to avoid Visio, their FOSS model is a little bit weird (I’m not sure how open it’s actually). At least you can use file-system export (compressed base64 encoded xml structure) from their web interface. html “export” is an embedded svg and svg’s might need additional manual rework, in case you want to publish them.

                              1. 2

                                Yeah I’d really like to know how he made the illustrations! They are great.

                              1. 3

                                I’ve managed to check it out last night, and it appears to be working as advertised.

                                Key generation is super awesome, built in QRcode reader to transfer configuration/public-keys between a desktop would be a great feature for semi-automated setups.

                                The error reporting is still a little bit weird, for example I can’t configure 10.0.0.1/24 as Allowed IPs for a Peer with the error message: “Bad address”. 10.0.0.0/24 works though, so maybe just a user error.


                                With the Wireguard(WG) Android connectivity I can/could now:

                                • Stream music to my phone from my mpd-server with httpd/lame as output configured (MPDroid), or just configuring my mpd-server at home (works already)
                                • Accessing my phone via. Termux/sshd (works already), sshfs via LTE works unexpectedly well OR adb via. VPN.
                                • Do backups with Syncopoli and rsync:// instead of ssh (Keyfile management in Syncopoli is confusing)
                                • Sync with radicale calendar server (probably contacts/notes too?)
                                • Access read-only monitoring web-interface, getting alerts via. self hosted Matrix instance?
                                • Report back the location of my phone (couldn’t find a tool for that yet, Termux API examples can report the location, though - might be done with a python script then)

                                None of this requires root, I’m using CopperheadOS, which has root-access disabled.

                                I need to figure out how to properly protect random apps to access those services. rsync:// supports secret-based-authentication, so that might be good enough.

                                Basically I’d like to avoid having each service to do it’s own authentication/key management, but to have one ‘global instance’ (WG) to do deal with encryption instead.

                                I’ve seen Orbot supports setting tunneling per app basis, so might be possible to implement for WG too.

                                I’m still not sure if this all makes sense, but it feels rewarding to setup, so I’m trying to push forward what is possible. Especially backups are a huge painpoint in Android, I hope I’ll solve that for myself soon.

                                Everything could be replaced by $VPN-technology, but WG, besides tor, is the first tool that kept me exited for long enough.

                                1. 3

                                  Report back the location of my phone

                                  I’ve found OwnTracks works well for this use case. Reports back location and battery info. Downside is that MQTT brokers are a bit fiddly to configure and use.

                                  1. 1

                                    Thank you for the pointer, unfortunately they won’t provide a Google services free version (ticket.

                                    1. 1

                                      That’s certainly a bummer. Skimming the thread, seems to be a result of there being no free replacements for the geofencing APIs.

                                  2. 1

                                    Key generation is super awesome, built in QRcode reader to transfer configuration/public-keys between a desktop would be a great feature for semi-automated setups.

                                    The TODO list actually has this on it. Hopefully we’ll get that implemented soon. You’re welcome to contribute too, if you’re into Android development.

                                    The error reporting is still a little bit weird, for example I can’t configure 10.0.0.1/24 as Allowed IPs for a Peer with the error message: “Bad address”. 10.0.0.0/24 works though, so maybe just a user error.

                                    The error reporting is very sub-par right now indeed. We probably should have more informative error messages, rather than just bubbling up the exception message text.

                                    That “bad address” is coming from Android’s VPN API – 10.0.0.1/24 is not “reduced” as a route; you might have meant to type 10.0.0.1/32. Probably the app could reduce this for you, I suppose. But observe that normal Linux command line tools also don’t like unreduced routes:

                                    thinkpad ~ # ip r a 10.0.0.1/24 dev wlan0
                                    Error: Invalid prefix for given prefix length.
                                    thinkpad ~ # ip r a 10.0.0.0/24 dev wlan0
                                    thinkpad ~ # ip r a 10.0.0.1/32 dev wlan0
                                    
                                  1. 1

                                    Cool. I wasn’t aware of PRoot, rootless and the rootless-container project in general. Since there is no mention of fakeroot and fakechroot, do you know how this compares?

                                    1. 2

                                      fake{root,chroot} is based on an LD_PRELOAD-like syscall interception. It has the advantage of not depending on the kernels namespace implementation, but the disadvantage of having a performance penalty.

                                      proot is an frontend for linux namespaces.

                                      1. 1

                                        Thank you for your response, I see. So it’s not possible to run it inside a cointainer then? fakeroot with ldpreload is a pain, you basically can’t debootstrap Jessie on Stretch because of this.

                                        1. 1

                                          I thought one of them did LD_PRELOAD interception, which was fast enough that you don’t notice the performance penalty, but doesn’t work for things (e.g. Go binaries?) that make syscalls directly rather than going through libc’s wrappers. and the other did ptrace() interception, which works on everything, but makes syscalls much slower (though compilers spend a large proportion of their time doing things which aren’t syscalls, so it’s like a 20% perf hit for random C programs last time I tried).

                                          1. 2

                                            Both are using LD_PRELOAD. What you are thinking of is fakeroot-ng(1), which is ptrace(2)-based.

                                            1. 1

                                              Thank you.

                                      1. 2

                                        wkhtmltopdf might be enough for many usecases, it’s based on QtWebKit.

                                        • Performance perspective isn’t perfect, but ok - I guess LaTeX isn’t rendering super fast either
                                        • Security perspective - probably not adviceable to render foreign content + you should read the documentation properly (example: you need to disable JavaScript execution specifically, not other way round)

                                        I’m wondering if there is a way to get Firefox headless to render PDF, that would be a good case.

                                        Update: Sorry, I’ve accidentally overlooked @stephenr’s comment.

                                        1. 2

                                          I hope I’m not commenting too late, but your posting inspired me writing a script that automates setting up a new onion service and configuring a sshd-daemon that only listens on the .onion address.

                                          https://github.com/norpol/opensshd-tor-easy-setup/tree/master

                                          Not super important when you are running behind a NAT, but if you want to have an anonymous onion service for a host that also listens on a public interface, something like this is highly recommended.

                                          1. 2

                                            I hope in addition of encrypting DNS traffic, there will be HTTPS connections without SNI field - but some cryptographic non fingerprintable handshake which is also expensive to bruteforce.

                                            1. 2

                                              That was originally planned for TLSv1.3, but dropped later on.

                                              So for now even if you use DNS over HTTPS, your ISP will see what sites you visit anyway, and for verification DNSSEC exists already.

                                              At least until encrypted SNI becomes available, DNS over HTTPS has no advantage over classical DNS yet.

                                            1. 3

                                              I’ve recently stumbled upon this animated spectogram video of a dialup sequence. Also I’m using the dialup sound as a ringtone for a while now (my phone rarely rings), but when my phone rings - people are mostly super confused about what is going on with me.


                                              Edit: The video is also referenced in the 2015 thread.

                                              1. 11

                                                Finally a proper use of the caps lock key:

                                                Press caps lock to switch to a command line interface; here’s the debug screen.

                                                1. 8

                                                  Well, I’d rather use it for Control. But maybe if keyboards would put Control where it belongs, next to Space (it should go Super Alt Control Space Control Alt Super), then it wouldn’t be necessary to have Control where most keyboards have Caps Lock.

                                                  1. 5

                                                    I always map Caps Locks to Ctrl, so whenever I’m on someone else’s laptop I keep flipping into caps when I mean to copy/paste/break/etc.

                                                    1. 3

                                                      it should go Super Alt Control Space Control Alt Super

                                                      What’s the premise for “should” here?

                                                      1. 1

                                                        Because of the frequency of use. Control is used almost all the time, in Windows, Linux & emacs. As such, it should go into the easiest-to-strike location, right next to the spacebar where the thumb can strike it in conjunction with other keys.

                                                        Alt/Meta is used less often, so it should receive the less-convenient spot. Alt should be used for less-frequently used functionality, and to modify Control (e.g. C-f moves forward one character; C-M-f moves forward one word).

                                                        Super should be used least of the three, and ideally would be reserved for OS-, desktop-environment– or window-manager–specific tasks, e.g. for switching windows are accessing an app chooser. Since it’s used less than either Alt or Control, it belongs in the least-convenient spot, far from the spacebar.

                                                        If we were really going to do things right, there’d be a pair of Hyper keys outboard of super, reserved for individual user assignment. But we don’t live in a perfect world.

                                                    2. 4

                                                      as a vi user, i would have said “use escape” but then remembered my caps-lock key is remapped to escape.

                                                    1. 6

                                                      Maybe I should add, that I’ve came to this link via. a @CopperheadOS posting. The twitter thread also shares some little more details about gcc/clang and Android in general.

                                                      1. 6

                                                        I like the strace output…

                                                        $ strace  -f -e execve git git git git git git git git status 2>&1 | grep bin\/sh
                                                        [pid 27778] execve("/bin/sh", ["/bin/sh", "-c", "exec git \"$@\"", "exec git", "git", "git", "git", "git", "git", "git", "status"], [/* 55 vars */]) = 0
                                                        [pid 27780] execve("/bin/sh", ["/bin/sh", "-c", "exec git \"$@\"", "exec git", "git", "git", "git", "git", "git", "status"], [/* 55 vars */]) = 0
                                                        [pid 27782] execve("/bin/sh", ["/bin/sh", "-c", "exec git \"$@\"", "exec git", "git", "git", "git", "git", "status"], [/* 55 vars */]) = 0
                                                        [pid 27784] execve("/bin/sh", ["/bin/sh", "-c", "exec git \"$@\"", "exec git", "git", "git", "git", "status"], [/* 55 vars */]) = 0
                                                        [pid 27786] execve("/bin/sh", ["/bin/sh", "-c", "exec git \"$@\"", "exec git", "git", "git", "status"], [/* 55 vars */]) = 0
                                                        [pid 27788] execve("/bin/sh", ["/bin/sh", "-c", "exec git \"$@\"", "exec git", "git", "status"], [/* 55 vars */]) = 0
                                                        [pid 27790] execve("/bin/sh", ["/bin/sh", "-c", "exec git \"$@\"", "exec git", "status"], [/* 55 vars */]) = 0
                                                        
                                                        1. 1

                                                          I’m glad someone else had the same thought, it pleased me no end to see it laid out in system calls!

                                                        1. 11

                                                          Which points again out how important projects such as me_cleaner or libreboot are. It’s also impressive how little me_cleaner.py needs.

                                                          1. 3

                                                            Somewhat random aside: turning on disqus comments for your docs site is a terrible idea. If you make it possible for people to abuse random pages as a support forum… it’s going to happen.

                                                            1. 2

                                                              I agree, having issues/support questions fragmented, can be a huge big deal breaker. Just imagine you’re running into an issue so you:

                                                              search via. web search engines, check out the project’s issue tracker, look for recent tweets mentioning the project, skimm through comment sections of the blog, link aggregators, reddit, mailinglist archives, IRC logs, …

                                                              So it’s in reality not only a comment section only issue, but a problem of information spreading across multiple sources. And how could you mitigate this? Create a “Support Statement”. Link to this support statement in all of your communication channels, kindly point out the statement if ignored and start moderating in worst case.

                                                              Why I don’t want to have comment sections removed?

                                                              Projects often provide some outdated information on their blogs. Including a comment section can encourage others to contribute with more up to date details. This then can help people on a lost track to figure out where to continue searching, reducing their effort and used time for each problem. Other side, if I run into an issue, thing something can done be differently or want to add something helpful - I comment and hope, someone will find my informations usable.

                                                              In general, comment sections often provide helpful additional details. The scope of a single blogposting is always limited. Comments are a way of expanding such scope and this without having many trade offs.

                                                              Side note: Gitlab is also having a comment section below their release notes and before upgrading I, more than once, found some helpful informations in there.

                                                              Final thoughts

                                                              I think as long as you stay with this ‘specific traditional way’ of providing informations, a comment section can be a good thing and should not just be shut down. It’s hard to come up with a different solutions that other people will actually use. I’d really like to see different approaches, but I don’t think you’ll suddenly figure out different ones, just by reducing the quality of status quo.

                                                              Maybe it would be cool to have an auto-generated list of issues, summarizing all issues introduced with each release. Thank’s for reading.

                                                              Edit: Rephrasing Gitlb sentence a bit (still not perfect).