Threads for runejuhl

  1. 22

    Decent photo organizing software.

    Photos and LightRoom both fail on the “let me put thousands of photos on a remote share and let any number of laptops/phones/tablets poke around, tagging, organizing, making smart albums, etc.”. I don’t care about RAW, I don’t care about anything more than basic editing, and would like to keep all the face recognition/etc. that the basic Photos app can do. If I could have it generate a “feed” or something I could point a smart TV or smart picture frame to and have it cycle through a smart album or something that’d be amazing.

    This seems insane that Photos can’t do this. I tried something from Adobe too a while ago (can’t remember the name now) but it wasn’t up to the task either.

    1. 4

      Did you ever look into digiKam? I use it a lot, from what you’re describing, it looks like it matches a lot of your “requirements”.

      Some things that might fit your bill:

      • it can do face recognition for you (and learn and help you automate this stuff)
      • it doesn’t “import” your pics anywhere, it just works on wherever they are.
      • it has its database, but:
      • you can write most of the changes in the sidecar file, so that other programs can also use it.
      • the db is sqlite (by default) so you can even do something with tools like datasette e.g. query what’s the most frequent time of day or location your photos are taken, or - if you manage RAWs there as well - what focal lengths do you have the most or similar.
      • it can do some basic editing for you(for proper edits I still use external software)
      • you should be able to point it to a smart TV, I think, and even if not, there are many cool plugins for such stuff (as well as for e.g. backups to box, google, posts to twitter, facebook, regular html galleries and a lot of others.

      The part that I like the most about it is that it is focused on the library functions: searching, tagging, filtering etc. (I also combine it with rapid photo downloader to get pics off my cameras, and darktable and/or gimp to do actual editing but that’s just me).

      1. 1

        After using digiKam for a few years I only use it to import images from the camera. Persistent issues:

        • The DB is corrupted once in a while, and the application crashes on the regular.
        • The UI is 1990s. Why is the settings button not on the home screen? Why is there a splash screen (by default, you can turn this off but dammit, who actually wants that?)? Why is there no way to go from “WTF does this do?” to the actual documentation? Like, unless I spend every waking second editing photos, why would I know which “quality” setting to choose?

        Darktable uses sidecar files, and although they refuse to believe the filesystem is important (so I have to keep re-importing the entire catalogue and run a service to clean out missing files nightly), at least it isn’t actually corrupted. And it’s much faster than digiKam, making it barely usable on a reasonably modern desktop.

        1. 1

          Wow, we really have different experiences there. I don’t think I’ve ever seen the database get corrupt, for example, and with darktable I had that happen.

          And the UI, some of it might seem “1990s”, but for me it’s just fine, and far, far better then Darktable for managing a library (not editing, I still use dt for that).


          For importing, did you ever consider rapid photo downloader? For me this does noticeably better job then the other two.

      2. 2

        I think Photoprism should be able to handle thousands of photos. However I’ve tried to import around 100 000 photos and it was almost impossible to manage that much in it.

        So far I’ve settled with plex for building playlist + digikam for organizing collection + my own photoframe software: https://github.com/carbolymer/plex-photo-frame

        1. 1

          oh wow this looks very promising… thank you for the recommendation!

          1. 1

            Literally just set up my own PhotoPrism instance a week ago, and it currently has some 55k images and videos in it.

            There are a few things that could be improved, e.g. allowing renaming of persons tagged through face detection, easier labeling of multiple images and better face detection for kids. All of these improvements already have issues on GitHub BTW.

            One thing it doesn’t support is timeshifting of images with bad EXIF tags. For some reason I had a whole lot of photos that had GPS data but a wrong EXIF create date. Luckily exiftool was able to fix all bad timestamps. Here’s a oneliner that can fix the issue that I had:

            exiftool -progress -r \
              -if '$createdate eq "2002:12:08 12:00:00"' \
              -if '$gpsdatetime' '-createdate<$gpsdatetime' \
              -overwrite_original_in_place . |&
              tee -a log.txt
            

            All in all I’m pretty satisfied with PhotoPrism!

        2. 2

          Yea, I have a similar dream. For me, it would be an open source project with a single-binary self-hosting approach, which embeds a high performance web server for an interface and API similar to Google Photos. The storage is “just files” so the binary + photos can be backed up easily. Metadata stored in SQLite alongside the photos on the filesystem. Cool tricks like face recognition and autosizing, autocropping, etc. outsourced to other binaries with a scheme for storing “derived” images non-destructively, similar to what Picasa used to do. And then sync tooling that puts the same thing in a self-hosted cloud, with a VM + cache for 30 days of photos, with rest backed by Amazon S3, Google GCS, or Backblaze B2. Then maybe some tooling that can auto install this on a VM and secure it via Google Login, while supporting private photo sharing at stable URLs similar to Google Photos.

          This would be a big project because, to be good, there’d also have to be great open source mobile apps on iOS and Android.

          Some friends of mine prototyped the start of this project using redbean (Lua single binary web server) and got as far as the basics of photo serving from disk and having access to SQLite schema for metadata. It’s totally doable.

          For the time being, I have been using Android’s support for SD card readers to sync all my photos from phones, DSLR, and mirrorless cams into Google Photos, and then keeping RAW storage separate on my Mac Mini and backed up using standard 3-2-1 backup approach. But, it’s cumbersome (requires manual processes), lossy (I lose backup of edits in GPhotos), proprietary, and I’m afraid for Google’s track record with longevity of services. It also saddens me that Google Photos doesn’t give me any way to post public photo albums at my domain (https://amontalenti.com) with stable URLs that I know I can make last forever, regardless of photo serving tech.

          My theory for why something like this never got built is that Apple Photos and Google Photos are just so darn convenient, and non-phone photography relatively rare among consumers these days, so it just never fell into the indieweb and f/oss sweet spot of itch worth scratching. But I still have the itch and have for a long time.

          It also seems like a lot of the backend functionality could be done by somehow modularizing the GNOME Shotwell codebase. For example to handle image metadata, color correction, cropping, and so forth.

          1. 1

            I know it’s not software, but in case you didn’t know about this, if you have an Apple TV you can show slideshows on your TV.

          1. 2

            I really like the amount of stuff he shows that you can apply to a tower/hyper stack. I have been using actix-web for a very long time and some of his code really looks verbose (and pin-nightmarish) in comparison, but there is some real potential and libraries I could steal borrow.

            Also, is there anything like honeycomb for selfhosting ? jaeger feels limited in contrast.

            1. 2

              Was just looking at that earlier today, perhaps https://signoz.io/ is worth a look? It looks very much as a work in progress though.

              1. 1

                that looks promising

            1. 7

              Tvix and Guix in the same tag?

              1. 10

                Linux gets tagged unix despite technically not being one, so I guess it is close enough for anyone to care.

                1. 8

                  sure, we can call it “nix-family” or something I guess

                  1. 13

                    Maybe too cute: nix-ish

                    1. 5

                      Maybe nix-y?

                      1. 3

                        ix

                        1. 2

                          ix is *nix-y but not nix-y. IMO “nix” was a poor choice of name that was bound to cause confusion eventually.

                    2. 4

                      In that case why not make it more general and call it e.g. “package-management”? That would encompass not only nix, but also guix, tvix, dpkg, yum, portage, chocolatey etc.

                      It’s a lot more broad than just “nix”, but so are most of the other tags on Lobsters, with the exception being programming language tags. Maybe it could be combined with a new tag “operating-system” for NixOS/GuixSD.

                      1. 22

                        I think that nix is so different that it should not be lumped together with other package managers

                        1. 13

                          I agree. While nix is technically a package manager, it has a vastly different approach to it. I’d go ahead and call the tag nix and post nix and nix-related things under it, and only if and when the GUIX people consistently take over that tag, at that point we can consider creating a tag for them too, but not before. because premature optimisation is the root of all evil.

                        2. 19

                          Every time a nix tag gets suggested, consensus seems to fizzle out as we discuss what the best name for an inclusive tag would be.

                          At this point, I’m willing to stick with nix and not let perfect be the enemy of the good. We should have had a nix tag years ago!

                      2. 2

                        I don’t see many Guix stories so it should be a non-issue.

                      1. 1

                        How does Magisk work with LineageOS/microG OTA updates? Does it “Just Work”, or do you have to recreate the boot.img?

                        I haven’t used Magisk for a while, but I’ll probably need to do so when I get around to upgrading to LineageOS 18.1.

                        1. 2

                          OTA updates seem to boot loop with Magisk. So yea, you sadly have to repatch boot for updates :(

                          1. 1

                            Alright, thanks.

                        1. 35

                          Unlike say, VMs, containers have a minimal performance hit and overhead

                          Ugh. I really hate it when people say things like that because it’s both wrong and a domain error:

                          A container is a packaging format, a VM is an isolation mechanism. Containers can be deployed on VMs or they can be deployed with shared-kernel isolation mechanisms (such as FreeBSD Jails, Solaris Zones, Linux cgroups, namespaces seccomp-bpf and wishful thinking), , or with hybrids such as gVisor.

                          Whether a VM or a shared-kernel system has more performance overhead is debatable. For example, FreeBSD Jails now support having per-jail copies of the entire network stack because using RSS in the hardware to route packets to a completely independent instance of the network stack gives better performance and scalability than sharing state owned by different jails in the same kernel data structures. Modern container-focused VM systems do aggressive page sharing and so have very little memory overhead and even without that the kernel is pretty tiny in comparison to the rest of a typical container-deployed software stack.

                          Running everything as root. We never let your code run as root before, why is it now suddenly a good idea?

                          This depends entirely on your threat model. We don’t run things as root because we have multiple security contexts and we want to respect the principle of least privilege. With containerised deployments, each container is a separate security context and already runs with lower privileges than the rest of the system. If your isolation mechanism works properly then the only reason to run as a non-root user in a container is if you’re running different programs in different security contexts within the container. If everything in your container is allowed to modify all state owned by the container then there’s no reason to not run it all as root. If you do have multiple security contexts inside a container then you need to think about why they’re not separate containers because now you’re in a world where you’re managing two different mechanisms for isolating different security contexts.

                          1. 22

                            I think you mean an image is a packaging format, whereas a container is an instance of a jail made up of various shared-kernel isolation mechanisims (including the wishful thinking) as you mentioned.

                            Yes, the terminology is unfortunate. My reimplementation of Docker calls it an “instance” rather than “container”.

                            1. 3

                              yeah, the “’never run as root in your container” thing kills me

                              1. 9

                                IIUC that’s all because the way Linux isolates users (with the whole UID remapping into a flat range thing) is weird and there’s way too many security bugs related to that.

                                1. 1

                                  I don’t know if this is still true, but part of where this advice comes from is that it used to be that running as root meant running as root on the host (i.e. the mechanism you’re talking about was not used by Docker). In theory this was “fine” because you could only get at stuff on the container environment, but it meant that if there was a container breakout exploit you were unconfined root on the host. So running as non-root in the container meant that you’d have to pair a container breakout with a privilege escalation bug to get that kind of access.

                                  In other words: the isolation mechanism did not work properly.

                              2. 1

                                That’s interesting. I haven’t actually bench tested the two in years. I’ll have to revisit it.

                                1. 1

                                  You might want to have a look at NVIDIA’s enroot or Singularity for some lower-overhead alternatives. I’ve briefly looked at enroot after I saw the talk about Distributed HPC Applications with Unprivileged Containers at FOSDEM 2020, but sadly haven’t gotten a chance to use them at work yet.

                                  1. 2

                                    Have you tried https://github.com/weaveworks/ignite to just run a docker image in a VM instead of a container?

                                    1. 1

                                      No, haven’t stumbled across that before. Thanks, that looks very interesting!

                                      1. 1

                                        That seems interesting. I wonder what benefit it provides compared to the shared-kernel isolation mechanism used by docker run <container>. Do I get stronger isolation, performance boost, or something else?

                                        1. 2

                                          I think there are always tradeoffs, but a VM may be easier to reason about than a container still. It’s a level of abstraction that you can apply thinking about a single computer to.

                                          I do think that you get stronger isolation guarantees too. You can also more easily upgrade things, so if you have a kernel vulnerability that affects one of the containers, you can reload just that one. There are many issues that affect hypervisors only or guests only.

                                          At launch we used per-customer EC2 instances to provide strong security and isolation between customers. As Lambda grew, we saw the need for technology to provide a highly secure, flexible, and efficient runtime environment for services like Lambda and Fargate. Using our experience building isolated EC2 instances with hardware virtualization technology, we started an effort to build a VMM that was tailored to run serverless functions and integrate with container ecosystems.

                                          It also seems like a compromise between the user interface for a developer and an operations deep expertise. If you have invested 15 years in virtualization expertise, maybe you stick with that with ops and present a container user interface to devs?

                                          For me, one of the big things about containers was not requiring special hardware to virtualize at full speed and automatic memory allocation. You’re never stuck with an 8GB VM you have to shut down to prevent your web browser from being swapped out when you’re trying to open stack overflow. You know 8gb was suggested, but you also see that only 512MB is actually being used.

                                          Most hardware these days has hardware acceleration for virtualization and firecracker supports the virtio memory ballooning driver as of Dec 2020, so many of the reasons I would have used containers in 2013 are moot.

                                          As an ops person myself, I find containers to often have an impedance mismatch with software defaults. Why show a container that is limited to two cores that it has 64 cores? Haproxy will deadlock itself waiting for all 64 connection threads to get scheduled on those two cores. You look in there and you’re like ‘oh, how do I hardcode the number of threads in haproxy now to two…’. It’s trivial with haproxy, but it’s not default. How many other things do you know of that use nproc+1 and will get tripped up in a container? How many different ways do you have to configure this for different runtimes and languages?

                                  2. 1

                                    Containers can be deployed on VMs

                                    OT because I agree with everything you said, but I have yet to find a satisfying non-enterprise (i.e. requiring a million other network services and solutions).

                                    Once upon a time, I was sure VMware was going to add “deploy container as VM instance” to ESXi but then they instead released Photon and made it clear containers would never be first-class residents on ESXi but would rather require a (non-invisible) host VM in a one-to-many mapping.

                                      1. 1

                                        We use this at my work (Sourcegraph) for running semi-arbitrary code (language indexers, etc.), it works really well.

                                  1. 4

                                    Why doesn’t ls work?

                                    I think that isn’t intentional ?

                                    1. 6

                                      l̗oͯo̐̔k̖̗s ͉̹̊̚f̫̂i̱̳̅ͯne ̱͓̖toͨ͆ͧ ͎̟̈̈m̜͇͚̒ͨͦe̜̭ͣ̓ ;)

                                      1. 5

                                        Looks like the entire HTML header is missing, so it’ll use whatever codepage your browser defaults to. In Firefox there’s an option under “View” called “Repair Text Encoding”. Never seen that option before, but it worked for me :)

                                        1. 4

                                          Literally all they need is

                                          <meta charset="UTF-8">
                                          
                                      1. 35

                                        I’m so glad we’ve moved past trying to do all of this with shell scripts.

                                        1. 11

                                          This can’t be stated strong enough. I recently had to fix a vendor provided (not from the particular software in question) init script that spawned a daemon that inherited file descriptors it shouldn’t have. There are simply too many ways to just pile on spaghetti that can have strange effects. There were other maintenance tasks that required rewrites of most of these scripts just because critical software changes: going from udevd to eudev.

                                          I cannot stand init scripts.

                                          1. 9

                                            I recently took a look at some software a customer wanted installed on all their Linux servers. It had an undocumented upgrade function that fetched and installed software without any checksums and without verifying HTTPS certificates, the upgrade function was not disabled even when explicitly using the somewhat documented flag to disallow upgrades. It dropped lines in /etc/rc.d/rc.local, it spawned itself during postinst scripts outside of the init system, and trying to upgrade the package resulted in the software deleting itself. The postinst script also looks for a line in /etc/rc.d/rc.local that suggests that they previously modified /etc/ssh/sshd_config on install…

                                            Best part: that particular piece of software has some huge partners. To name a few: AWS, Capgemini, Microsoft Azure, Google Cloud, Infosys, Tata. Apparently none of the partners ever took a look at the package…

                                        1. 1

                                          Sorry if I’m daft, but if you generated the code what’s to prevent antivaxxers from doing the same? The signing keys are right there. https://dgc.a-sit.at/ehn/

                                          1. 2

                                            You sign it using a private key, and you verify using a public key, derived from the private key. Anyone can fetch the public key and verify a signed message, but only those with access to the private key can sign messages.

                                            1. 2

                                              the site you linked is just a demo tool for developers. the real codes are signed by a different private key (the one from your health ministry). try scanning the code from my post with https://greencheck.gv.at – “Signaturprüfung ungültig” means “signature verification failed”.

                                            1. 4

                                              NeXTMail^H^H^H^HMail.app

                                              1. 5

                                                Moving from Mac to Windows, Apple’s mail client and OmniGraffle are about the only things that I miss. There’s a really nice .NET framework for talking IMAP / SMTP and it’s almost enough to tempt me to write a new mail client. Windows Mail doesn’t work well if you have server-side filtering into different folders: it doesn’t monitor all of your IMAP folders so you don’t get notifications for all of your mail. Outlook really wants to talk to Exchange and isn’t really happy with IMAP. Thunderbird freezes in the UI for extended periods (this is a lot better if you switch to Maildir for the local storage format, but this comes with big ‘this is not ready for prime time yet’ warnings) and periodically decides that the main window should be one pixel big and off the screen and a recent version broke the plugin that integrates with the OS-wide notification system.

                                                1. 1

                                                  OmniGraffle

                                                  I always liked Visio on Windows, but annoyingly, MS never included it with Office. The fact it’s a separate sub from 365 is a travesty.

                                                  1. 3

                                                    I work at Microsoft, so we have Visio on our default install. I still find it clunky compared to OmniGraffle, particularly when you try to create arrows between boxes (and 95% of computer science is boxes with arrows between them). The magnet UI in OmniGraffle is worse in the latest versions but in OmniGraffle 3 / 4 was the best I’ve seen for this kind of thing. OmniGraffle falls down in a few places (creating complex shapes can be tricky and it can’t [couldn’t?] preserve layers when exporting to SVG. The latter was annoying because if it could then OmniGraffle + Sozi would be my favourite presentation tool.

                                                    1. 4

                                                      I wish Usenet was still a thing so I could put this is in my .sig.

                                                      95% of computer science is boxes with arrows between them
                                                      – David Chisnall 2021

                                                      1. 2

                                                        It’s not as busy as it used to be, but you can still access it for free.

                                                        1. 2

                                                          Nice, thanks for the pointer.

                                                          I did jump onto Usenet maybe 5 years back but it was shell of its former self then (I looked at photography-related topics).

                                                          Didn’t we discuss a NNTP-frontend to lobste.rs once?

                                                          1. 1

                                                            NNTP-like frontends build be so awesome for a host of things. It would probably need some improvements that people have come to expect, like a more advanced scoring system and per-site customization (for e.g. poster flair or Reddit style awards), but it’d be great to have major discussion forums, comment sections etc. all be client-agnostic.

                                                            Someone should totally create site-to-NNTP gateways to facilitate this :)

                                                            1. 2

                                                              I did make a Lobsters NNTP gateway! nntp.scrollwheel.ca (It needs some rework for schema changes. And the fact it might have went down.).

                                                              The problem is NNTP is a terrible protocol, and I learned this implementing it. I also learned that most NNTP clients actually suck - Outlook Express was better than most of the “hardcore” NNTP clients I tried, in terms of behaviour and how it handled the protocol.

                                                              1. 1

                                                                Right, I think I remember seeing that. Never got around to trying it out myself, but I can easily imagine NNTP being terrible. Piggy-backing on a more modern protocol would probably make sense – perhaps JMAP would be better for this purpose.

                                              1. 21

                                                Notmuch in emacs, along with org-msg to produce HTML emails from org markup, complete with all the usual org stuff – tables, syntax highlighting, example/quote blocks.

                                                I’ve used it since November 2017 and by now have a fairly extensive tag file that auto-tags almost all of my incoming email. It tags stuff like track&trace emails from shipping providers, mail related to the apartment building board, tags job-related mail by customer etc.

                                                I currently have almost 123k emails in notmuch, and full-text searching is still incredibly fast:

                                                $ time notmuch count -- '"hello there rune"'
                                                9
                                                0.00user 0.02system 0:00.06elapsed 42%CPU (0avgtext+0avgdata 7256maxresident)k
                                                12490inputs+0outputs (0major+590minor)pagefaults 0swaps
                                                

                                                It takes a bit of scripting to get everything working, but I feel that is a small price to pay for the flexibility I get.

                                                1. 4
                                                  1. 6

                                                    Well, they’re not entirely truthful either – Clojure for instance has solved this issue:

                                                    (+ 1/10 2/10) ;; => 3/10
                                                    (+ 0.1M 0.2M);; => 0.3M
                                                    

                                                    I get the point of the post, but it seems a tad awkward to point of the failings of languages that have solved this and doesn’t need a custom implementation of ratios…

                                                    1. 10

                                                      And Clojure solves it because it tries to follow in the tradition of older schemes/Lisps. I’ve ranted more than once to my colleagues that numbers in mainstream “app-level” (anything that’s not C/C++/Zig/Rust/etc) programming languages are utterly insane.

                                                      <soap-box>

                                                      Look, yeah- if you’re writing a system binary in C, or developing a physics simulation, or running some scientific number crunching- then you probably want to know how many bytes of memory your numbers will take up. And you should know if/when to use floats and the foot-guns they come with. (Even, then, though- why the HELL do most languages silently overflow on arithmetic instead of exploding?! I don’t want my simulation data to be silently corrupted.)

                                                      But for just about everything else, the programmer just wants the numbers to do actual number things. I shouldn’t have to guess that the number of files in a directory will never go above some arbitrary number that happens to fit in 4 bytes. I shouldn’t have to remember that you can’t compare floats because I had the audacity to try to compute the average of something.

                                                      We have this mantra for the last decade or so that “performance doesn’t matter”, “memory is cheap”, “storage is cheap”, “computers are fast”, etc, etc, yet our programming languages still ask us to commit to a number variable taking up an exact number of bytes? Meanwhile, it’s running a garbage collector thread, heap allocates everything, fragments memory, etc. Does anyone else think this is insane? You’re gonna heap allocate and pointer-chase all day, but you can’t grow my variable’s memory footprint when it gets too large for 2,4,8 bytes? You’re gonna lose precision for my third-grade arithmetic operations because you really need that extra performance? I don’t know about that…

                                                      </soap-box>

                                                      1. 3

                                                        Even, then, though- why the HELL do most languages silently overflow on arithmetic instead of exploding?! I don’t want my simulation data to be silently corrupted.

                                                        Oh man you just dredged up some bad memories. I was working on modifying another grad student’s C++ simulation code, and the performance we were seeing was shocking. Too good, way too good.

                                                        Turns out that they’d made some very specific assumptions that weren’t met by the changes I made so some numbers overflowed and triggered the stopping condition far too early.

                                                        1. 1

                                                          (Even, then, though- why the HELL do most languages silently overflow on arithmetic instead of exploding?! I don’t want my simulation data to be silently corrupted.)

                                                          In an alternate universe:

                                                          (Even, then, though- why the HELL do most languages insert all these bounds checks on arithmetic that slow everything down?! I know my simulation isn’t going to get anywhere near the limits of floating point.)

                                                          1. 1

                                                            Sure. But isn’t the obvious solution for this to be a compiler flag?

                                                            Less obvious is what the default should be, but I’d still advocate for safety as the default. Sure, you’re not likely to wrap around a Double or whatever, but I’m thinking more about integer-like types like Shorts (“Well, when I wrote it, there was no way to have that many widgets at a time!”).

                                                        2. 4

                                                          same thing with Ruby

                                                          $ irb
                                                          irb(main):001:0> 0.1 + 0.2
                                                          => 0.30000000000000004
                                                          irb(main):002:0> 0.1r + 0.2r
                                                          => (3/10)
                                                          

                                                          and i’m pretty sure that’s the case with Haskell too

                                                          it might be a fair criticism to question why the simplest and most obvious syntax (i.e., no suffix) doesn’t default to arbitrary-precision rationals, as is the case with integers in languages like Ruby, Haskell, etc.

                                                      1. 12

                                                        using declarative unit files similar to systemd,

                                                        I’m not a huge systemd opponent, but the reason I dislike it enough to have an opinion are the unit files. The language is neither flexible nor intuitive enough to be guessed, nor do I use it often enough to memorize it. That means whenever I want to create a new service or timer or whatever, I have to deal with onscure documentation or copy-paste-tweak some code from arch wiki or stack overflow. A system like runit is attractive (though not technically superior) because all I need is to write my command in a file named “run”.

                                                        I hope that Alpine’s alternative will make improvments on this front, be it by providing better tooling or by improving the language. Ideally it should be able to parse systemd unit files but allow these to be degenerated as much as possible, allowing lazy users to only write as much as neccesary.

                                                        1. 8

                                                          I find the systemd documentation pretty straight-forward and very well written, so I’m surprised that you find it obscure :)

                                                          The man pages are my go to for anything related to systemd, and examples of all kinds of systemd units, including timers, are plentiful and already installed on my laptop:

                                                          $ systemctl list-units --type timer 
                                                            UNIT                           LOAD   ACTIVE SUB     DESCRIPTION                                                    
                                                            anacron.timer                  loaded active waiting Trigger anacron every hour                                     
                                                            apt-daily-upgrade.timer        loaded active waiting Daily apt upgrade and clean activities                         
                                                            apt-daily.timer                loaded active waiting Daily apt download activities                                  
                                                            e2scrub_all.timer              loaded active waiting Periodic ext4 Online Metadata Check for All Filesystems        
                                                            fstrim.timer                   loaded active waiting Discard unused blocks once a week                              
                                                            fwupd-refresh.timer            loaded active waiting Refresh fwupd metadata regularly                               
                                                            logrotate.timer                loaded active waiting Daily rotation of log files                                    
                                                            man-db.timer                   loaded active waiting Daily man-db regeneration                                      
                                                            motd-news.timer                loaded active waiting Message of the Day                                             
                                                            systemd-tmpfiles-clean.timer   loaded active waiting Daily Cleanup of Temporary Directories                         
                                                            update-notifier-download.timer loaded active waiting Download data for packages that failed at package install time 
                                                            update-notifier-motd.timer     loaded active waiting Check to see whether there is a new version of Ubuntu available
                                                            zsys-gc.timer                  loaded active waiting Clean up old snapshots to free space                           
                                                          
                                                          LOAD   = Reflects whether the unit definition was properly loaded.
                                                          ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
                                                          SUB    = The low-level unit activation state, values depend on unit type.
                                                          
                                                          13 loaded units listed. Pass --all to see loaded but inactive units, too.
                                                          To show all installed unit files use 'systemctl list-unit-files'.
                                                          $ systemctl cat apt-daily.timer 
                                                          # /lib/systemd/system/apt-daily.timer
                                                          [Unit]
                                                          Description=Daily apt download activities
                                                          
                                                          [Timer]
                                                          OnCalendar=*-*-* 6,18:00
                                                          RandomizedDelaySec=12h
                                                          Persistent=true
                                                          
                                                          [Install]
                                                          WantedBy=timers.target
                                                          

                                                          Once in a while I find a systemd keyword used in units that I can’t find the documentation for, but luckily man can be used for this purpose too:

                                                          $ man -wK defaultdependencies
                                                          /usr/share/man/man8/systemd-run-generator.8.gz
                                                          /usr/share/man/man5/org.freedesktop.systemd1.5.gz
                                                          /usr/share/man/man5/systemd.automount.5.gz
                                                          /usr/share/man/man5/systemd.mount.5.gz
                                                          /usr/share/man/man5/systemd.path.5.gz
                                                          /usr/share/man/man5/systemd.resource-control.5.gz
                                                          /usr/share/man/man5/systemd.scope.5.gz
                                                          /usr/share/man/man5/systemd.service.5.gz
                                                          /usr/share/man/man5/systemd.slice.5.gz
                                                          /usr/share/man/man5/systemd.socket.5.gz
                                                          /usr/share/man/man5/systemd.swap.5.gz
                                                          /usr/share/man/man5/systemd.target.5.gz
                                                          /usr/share/man/man5/systemd.timer.5.gz
                                                          /usr/share/man/man5/systemd.unit.5.gz
                                                          /usr/share/man/man7/systemd.directives.7.gz
                                                          /usr/share/man/man7/systemd.offline-updates.7.gz
                                                          /usr/share/man/man7/systemd.special.7.gz
                                                          /usr/share/man/man7/daemon.7.gz
                                                          

                                                          I remember the #systemd channel on Freenode as pretty active, so if you’re stuck consider asking there.

                                                          1. 4

                                                            Maybe obscure it the wrong word, but as I say, as someone who only deals with systemd directly once or twice a year,

                                                            $ man -k systemd | wc -l
                                                            205
                                                            

                                                            is a first step I have to make every time.

                                                            Just a few months ago I wanted to create a timer, to replace a user cron job, but the number of concepts I have to read up on before I write anything seems like it’s not worth it.

                                                            Maybe this is just a mindset thing, *nix is certainly not obvious when you first start, but you gain an intuition over time and can start guessing how to do things. Systemd doesn’t play into this intuition.

                                                            1. 3

                                                              Completely understand what you mean – the increasing complexity of computers and the layers upon layers of abstraction is definitely an issue. I deal with systemd unit files fairly often, so I’ve internalized much of the knowledge and feel that systemd units behave pretty much like I expect them to.

                                                              Much of it probably comes down to systemd simply being different from what we’ve used in the past – sysv style init, cron daemons etc. However even though I’ve used Linux for almost two decades and I’ve written plenty of cron jobs I still find myself looking at the man page to decipher the cron timer values. In that regard I do find systemd a lot more sane – the unit files themselves are much more readable than both cron jobs and sysv style init scripts, not at least because they’re more verbose, and the documentation is really good.

                                                              1. 1

                                                                However even though I’ve used Linux for almost two decades and I’ve written plenty of cron jobs I still find myself looking at the man page to decipher the cron timer values. In that regard I do find systemd a lot more sane

                                                                Yes, but the difference I was implying is that (at least on my systems), crontabs start with a comment reminding you of the syntax with a few examples. That kind of approach is missing in systemd. Maybe a simple interactive create-service shell script could fix this issue.

                                                          2. 3

                                                            Agree that the unit file language is not terribly good. In terms of strings and paths and stuff it’s just enough like bash to trip you up, and then you say “fuckit” and write a bash script that gets called by the unit file and now it’s no longer declarative. Its reading of environment variable files is similarly not-quite-what-you-expect. The combinations of options, dependencies and pre/post/during choices for units is not exactly the most elegant or intuitive, by a long shot. It works, but only once you understand every single option in isolation and can pick and choose the right ones. It is the exact opposite of the delight you feel when you say “okay, option X must exist, and it’s probably called X…” and discover you are correct.

                                                            1. 2

                                                              I’m sort of neutral about systemd, but I do like the unit files. I have some of the same problems as you do when writing a unit file from scratch. Systemd is well-documented, but there are so many knobs that it can be hard to find exactly what you want. I think it is a tooling problem.

                                                              If I were working with systemd on a daily basis, I’d probably try my hand at writing a small unit file generator. I’ve used ansible to generate .service files from a Jinja template. That takes care of a lot of rote, boiler-plate stuff. My point is there are 90% solutions that would make things more pleasant.

                                                              1. 1

                                                                Taking the same language and providing better infrastructure around creating them would suffice in 99% of cases. After all, runit would be enough for most people most of the time anyway.

                                                              1. 13

                                                                Unreadable without FF reader view.

                                                                Keep your cool h4ck3r aesthetics if you wish, but maybe consider the consequences on how your content is read and perceived. Since most of the content is <pre> rendered text, making the entire thing available as a zip would be better.

                                                                Accessibility matters.

                                                                1. 21

                                                                  Not sure what you mean, it renders perfectly fine for me in Firefox, without reader view. eww in emacs handles it perfectly as well.

                                                                  Complaining about readability seems a bit silly when all content is contained within a single pre tag. I don’t see how a zip file would make it any easier to read; to me a zip file would make it harder, not easier.

                                                                  1. 11

                                                                    They mention on the page that all the pages are available as txt files.

                                                                    They also have a zip download: https://tmpout.sh/1/tmp.0ut.1.txt.zip

                                                                    If you used a fraction of a second actually viewing the website, you would maybe have noticed these facts.

                                                                    1. 1
                                                                      1. 2

                                                                        I’m not sure why you think this person made a mistake. Neither posters made a mistake, the website just changed in the interrim.

                                                                        1. 2

                                                                          I think the mistake @L-P refers to was of @opfez assuming that, if @L-P had used a fraction of a second more, they would’ve noticed something that was not in fact there at the time they viewed the website.

                                                                          1. 1

                                                                            That’s not a mistake – it’s a lack of knowledge. It would have been kinder, rather than to call it a mistake, to instead say “It has changed to add those since then”, or some other factual response that does not pass judgement.

                                                                            1. 1

                                                                              I don’t disagree. They were responding to some pretty intensely accusatory language, so I can understand using less kind language in response.

                                                                        2. 1

                                                                          Ah I see. I apologize, please excuse my ignorance.

                                                                      2. 4

                                                                        I can read it just fine, though the font is a tad small

                                                                        1. 2

                                                                          Best Viewed With Lynx!

                                                                          1. 2

                                                                            Maybe you jest, but it’s actually perfectly fine with lynx.

                                                                        1. 10

                                                                          “maybe IBS maybe who knows” gang reporting in. I feel you, I’m in the same shit (pun intended). The article is nice but, as any good software engineer, I feel you’re overcomplicating the matter.

                                                                          Recipes in the way you treat them are a modern invention, even when they are traditionalized. Recipes make up for lack of food knowledge in the industrialized world. They are the “no-code” revolution of food. They work until they don’t work anymore, like in your case.

                                                                          My suggestion is to throw them out of the window and learn real cooking. Cooking is a system, with rules, principles and sinergies. It’s not just about flavor but it’s about logistics, availability and health. Recipes are prepackaged solutions but they don’t hold any ultimate truth: make your own recipes, learn to design and compose meals according to foundational rules. Go back to the “barebone” cooking to achieve the flexibility recipes cannot give you. Substitutes will appear, because many of them are contextual and probably now you’re limiting yourself to absolute substitutes (like assafetida for garlic or soy cream for normal cream). I hope this will help you explore food from a different perspective and find your okay spot.

                                                                          1. 1

                                                                            So, I completely agree.

                                                                            Regarding cooking as a system, what do you recommend as reading material? I mean, I’ve had trouble finding books that start from nothing and build up from nothing. What’s a good starting point?

                                                                            (Is there like a SICP for cooking, or similar?)

                                                                            1. 2

                                                                              Depending on your cooking skills you might want to look at something like molecular gastronomy and the chemistry behind cooking or at least outside of regular recipe books. I’m a decent chef myself and usually have no trouble coming up with my own recipes based on what’s on sale, in season, in the fridge or found hiding in the back of the cupboard, and all that comes down to hard earned experience, especially flavor pairing.

                                                                              Understanding the processes taking place in the kitchen (or at least having in idea of what is going on) is something I find can help me to make my cooking better, more interesting or simpler. Things like understanding how an emulsion works (good when making a dressing or mayonnaise), using acid and base (e.g. vinegar/lemon juice and baking soda/powder) to make vegetables have more or less bite (adding a dash of vinegar when boiling potatoes makes them never disintegrate/become soggy), the relationships between temperature, surface area oil and salt e.g. for all of those nice Maillard reactions.

                                                                              I’m blessed with having no food allergies, but I imagine that something like consistency and mouth feel can be hard to handle when having a much restrained choice of ingredients. Martin Lersch has a blog at https://khymos.org/ and has a free book, Texture, which has a collection of recipes using different hydrocolloids, i.e. substances that gels in contact with water which can be used to thicken, gel, foam, emulsify etc.: https://khymos.org/recipe-collection/

                                                                              I see that he’s recently restarted his blog, definitely worth a read with lots of interesting observations and recipes. Check out Maximizing Food Flavor by Speeding Up the Maillard Reaction or Ten tips for practical molecular gastronomy.

                                                                              I can’t really recommend any paper books, all of my reading has been online (with the sole exception being Cooking for Geeks by Jeff Potter, bought at FOSDEM with their usual O’Reilly discount), but for something gawk-worthy (and expensive) have a look at Modernist Cuisine by Nathan Myhrvold.

                                                                              Hope this helps!

                                                                          1. 12

                                                                            A while back I bought two of these USB Thinkpad keyboards, using the old (good) keyboard layout: https://www.newegg.com/lenovo-thinkpad-usb-wired/p/N82E16823218006

                                                                            I have used the crap out of them. They are the absolute best.

                                                                            Internally it’s just a USB controller attached to the same keyboard that shipped in older Thinkpads, so I’ve already fixed up at least one keyboard with parts from eBay.

                                                                            Despite things like Vimium or i3 or other ways to reduce mouse usage, most folks still need a mouse from time to time. Reducing the travel time from your keyboard to your mouse seems really high value to me, and I’m lost why most of these custom or fancy keyboard people don’t focus on having a nearby mouse of some kind?? I’m not the OP of this thread, but I highly empathize: https://www.reddit.com/r/MechanicalKeyboards/comments/626sga/how_about_trackpoints/

                                                                            These Thinkpad trackpoint keyboards are perfect. The mouse is right there.

                                                                            1. 10

                                                                              I love my shinobi tex, a mechanical homage to the thinkpad design: https://tex.com.tw/products/shinobi

                                                                              1. 4

                                                                                Just got yesterday mine. Such a pleasure to have again some key travel, and feeling the fingers match the keys. Really nice to alternate with the laptop keyboard (X1E Gen1) and is an incentive to work more at the desk with a big screen. For me the trackpoint on the shinobi work much more precise and easy. I was expecting a little more pressure resistance from the keys, but in the end I think it is quite comfortable. It’s really nice too that there is a deeper mold in the keycaps. Was expensive, but I’m definitely happy about this purchase.

                                                                                1. 4

                                                                                  oh my gosh i’ve never seen this before, this is amazing!

                                                                                  1. 4

                                                                                    Woah! This is the first keyboard I’ve seen in years that tempts me…

                                                                                    1. 3

                                                                                      How are the key symbol printings holding up? I got mine a week ago and I’m already noticing L-Ctl, Esc, and frequent letters fading. It’s not a big deal since I don’t really look but I’m surprised.

                                                                                      1. 3

                                                                                        I’ve been using mine for ~9 months daily, and while it’s true that some letters started fading very quickly, they seem to have reached a “plateau”. Definitely the discolouring has slowed its pace or the keycaps would be blank by now.

                                                                                        1. 2

                                                                                          Same here. Fading on frequent used keys. Been using it since last november.

                                                                                      2. 5

                                                                                        Thank you for your comment. I feel the same way about trackpoints, and your comment made me order a ThinkPad USB keyboard :)

                                                                                        I really like the newer chiclet design, so I’ve picked a more recent model. Luckily they seem to be designed with a similar concept; reuse of the existing laptop keyboard design (see https://dontai.com/wp/2018/09/06/thinkpad-wired-usb-keyboard-with-trackpoint-0b47190-disassembly-and-cleaning/ for disassembly). The number of key rows don’t really bother me, and for all I’ve tried I don’t feel comfortable on keyboards with mechanical switches. Too many hours on a ThinkPad, I think.

                                                                                        1. 4

                                                                                          i am very happy lenovo is still making these keyboards, even if it’s the new layout

                                                                                        2. 4

                                                                                          I have one of these and I love it! I’m a sucker for the trackpoint and I love the pre-chiclet key design. It’s super portable too - I can easily throw it in my backpack with my laptop if I’m going to be out of the (home) office all day.

                                                                                          It’s a little sad that these version seem to be so unavailable these days :(

                                                                                          1. 4

                                                                                            I’d recommend ThinkPad TrackPoint Keyboard II because it is wireless - via Bluetooth or Wireless Nano USB Dongle.

                                                                                            1. 5

                                                                                              I own the first generation as wired version and the micro USB socket is absolute garbage. Two out of three keyboards lose USB connection when the cable is moved slightly. But, this problem can be fixed pretty easily by disassembling the keyboard, bending the socket back to normal shape and then adding a large solder blob to the socket case such that it can’t bend that easily anymore. I fixed both keyboards reliably with this procedure.

                                                                                          1. 1

                                                                                            I get the point of the article, but “fixing” code by using a broken regex doesn’t really seem like a solution…

                                                                                            port[rait]+ matches a lot more than it should:

                                                                                            (re-find #"port[rait]+" "landscapesportrrrrrrrrratatatatatt")
                                                                                            ;; => "portrrrrrrrrratatatatatt"
                                                                                            

                                                                                            It helps a bit if the regex is anchored to beginning and end of string, but still not a very nice solution…

                                                                                            1. 9

                                                                                              Stuff like this makes me miss the time before walled gardens and siloed and closed ecosystems. I used to hang out on IRC (and still do), but now I also have Signal, Mattermost and Teams.

                                                                                              Instead of the mess of incompatible chat clients I want something like IRC, just with a refreshed protocol that can handle modern needs. Of course, it’s a lot harder to monetize that, and here we are.

                                                                                              1. 9

                                                                                                https://xmpp.org/ gives the open protocol a shot. It’s was the basis for WhatsApp and apparently Zoom, before they switched.

                                                                                                However, the biggest engineering challenge in messaging is no longer about scaling, reliably moving messages around or adding multimedia to them. The protocol is fairly superficial to these three anyway. The big platforms invest heavily in spam protection and in organising against antisocial behaviour. If IRC became magically as popular as the walled gardens (and the scaling challenges were addressed) then think how painful the abuse problem would be.

                                                                                                1. 5

                                                                                                  The lack of efficient abuse mitigation on IRC was one of the reasons cited for Mozilla to move their developer’s chats off the platform.

                                                                                                  1. 1

                                                                                                    The big platforms invest heavily in spam protection and in organising against antisocial behaviour.

                                                                                                    Can’t you just not invite people you don’t like to your chat channel??

                                                                                                    1. 1

                                                                                                      Lobsters doesn’t work that way, for instance, and it’s presumably still worthwhile to you.

                                                                                                      The moderators here invest substantial time in community management and spam prevention.

                                                                                                      1. 1

                                                                                                        Lobsters doesn’t work that way, for instance, and it’s presumably still worthwhile to you.

                                                                                                        But lobsters works like that. You invite people you like and kick/ban people you don’t.

                                                                                                        1. 1

                                                                                                          You can’t kick people you dislike from the instance you are using. Neither can you stop me inviting them to it.

                                                                                                          You can run your own instance of the code, like barnacles, but that’s not lobste.rs, it just shares the code.

                                                                                                          1. 1

                                                                                                            You can’t kick people you dislike from the instance you are using. Neither can you stop me inviting them to it.

                                                                                                            the mods can. If I don’t like how the site is run, I can just leave.

                                                                                                            Can random users kick people on any of those big platforms?

                                                                                                  2. 1

                                                                                                    Instead of the mess of incompatible chat clients I want something like IRC, just with a refreshed protocol that can handle modern needs.

                                                                                                    I think you’ll still have to deal with a mess of incompatible clients if we went back to IRC, unless all the IRC clients in the world were magically updated to support IRCv3 and all its extensions. I’m just envisioning a future where you send a message to your friend’s channel and they ask you what you sent, because it looks broken on their client because it only supports the draft version of the V3 FooBar extension, etc.

                                                                                                  1. 2

                                                                                                    @aphyr: the link to the previous entry in the series, Debugging, is broken

                                                                                                    1. 2

                                                                                                      I use SSH and TRAMP quite a lot to access a GPU cluster at the university. The cluster is managed by the IT-admins, and for some reason they’ve decided to disallow ~/.ssh/authorized_keys to work properly. Frustrated by having to input my randomly generated 20 character long password dozens of times per day, I recently found out about auth-source.el, which let’s you hard-code the password for a given host so that you don’t need to input it through TRAMP all the time.

                                                                                                      Now, I have the following in ~/.emacs.d/authinfo:

                                                                                                      machine remote_server_name login my_username password my_password port ssh
                                                                                                      

                                                                                                      and a simple addition to my .emacs:

                                                                                                      (setq auth-sources '("/home/munksgaard/.emacs.d/authinfo"))
                                                                                                      

                                                                                                      Of course, this is horribly insecure, and really quite silly, but in this case convenience wins over security.

                                                                                                      I have yet to find a similar solution for regular ssh in the terminal. sshpass seems quite finicky for some reason.

                                                                                                      1. 5

                                                                                                        Emacs has built in encryption support for all files, including its authinfo files. C-x C-w your authinfo to /home/munksgaard/.emacs.d/authinfo.gpg and source that instead, and when you try to access something Emacs should ask you for the decryption password.

                                                                                                        I’ve only used this for email information so ymmv, but I don’t see why it shouldn’t work.

                                                                                                        1. 1

                                                                                                          That’s very helpful indeed, thank you!

                                                                                                          1. 2

                                                                                                            Nææh, en DIKUfant?

                                                                                                            Get a hold of a hardware key like Yubikey and this solution gets even more awesome. With one of those you can store your GPG key in hardware, and set up the Yubikey so that decryption/signing requires you to touch a button on the fob.

                                                                                                            You can derive an SSH key from your GPG key, drop that into ~/.ssh/authorized_keys and now all SSH access will require a touch. This way you can avoid the security issues with having your SSH private key in an unlocked keyring/ssh-agent, as an attacker will need to have physical access to your computer to be able to decrypt files/SSH. It also works with gpg-agent/ssh-agent forwarding.

                                                                                                            1. 1

                                                                                                              I’ve been considering it for a while, but I’m confused about which model to choose, and how to know if it interacts well with my Linux install. But I guess I’ll have to investigate more.

                                                                                                              1. 2

                                                                                                                I’ve used it on Linux for some 3-4 years now, works great. I’m currently using a YubiKey 4 series (full size USB A) and a YubiKey 5 (small size, USB A; permanently occupying a port in my laptop).

                                                                                                                1. 1

                                                                                                                  Any idea if it works with fully-free distros? I’ve been looking into them as a better way to manage my keys, but don’t want to spend the money if it’s not definitely going to work. Also if you know of any blog posts about people’s experience please slide them my way; I’ve struggled to find many from Linux-y individuals (as opposed to mainstream Windows-oriented tech sites).

                                                                                                                  1. 1

                                                                                                                    Yes, everything is free as in libre. Works just fine on Debian. The Yubikey implements a smartcard and also works as a USB HID (for HOTP/U2F).

                                                                                                      1. 8

                                                                                                        If you find yourself writing (or debugging) bash (or sh) you should use shellcheck as well https://www.shellcheck.net/

                                                                                                        1. 3

                                                                                                          Great advice, shellcheck is awesome.

                                                                                                          I always use shellcheck, and all of my bash scripts start with

                                                                                                          #!/bin/bash
                                                                                                          
                                                                                                          set -euo pipefail
                                                                                                          

                                                                                                          Together those two things save me from so much frustration!

                                                                                                          1. 4

                                                                                                            I can’t help but point out that should be #!/usr/bin/env bash. But good work on the set statement. Sorry ;)

                                                                                                            1. 3

                                                                                                              Well, I guess it depends. I mostly write shell scripts for my job as sysadmin, and I prefer to use /bin/bash for those. Not all systems are fully under my control, and /usr/bin/env bash would mean that I’d be at mercy of the PATH variable. Since I know that I have system bash available in /bin/bash I prefer to hardcode that.

                                                                                                              For more portable scripts, or for scripts in other languages, yes, then I’d use /usr/bin/env.

                                                                                                              1. 3

                                                                                                                Another thing I like to do is to fail fast; avoid trying to do error handling unless there’s a good reason to do so. It’s often just as good to just fail hard and log what went wrong.

                                                                                                                I sometimes add a trap for the ERR signal, which causes bash to call the trap function upon exit:

                                                                                                                A trap on ERR, if set, is executed before the shell exits.

                                                                                                                Something like this:

                                                                                                                declare -ri             \
                                                                                                                        EXIT_SUCCESS=0  \
                                                                                                                        EXIT_WARNING=1  \
                                                                                                                        EXIT_CRITICAL=2 \
                                                                                                                        EXIT_UNKNOWN=3
                                                                                                                
                                                                                                                declare -i EXIT=$EXIT_UNKNOWN
                                                                                                                declare STATUS='UNKNOWN - Exit before logic'
                                                                                                                
                                                                                                                function _exit() {
                                                                                                                  # Status and quit
                                                                                                                  echo "${STATUS}"
                                                                                                                  exit $EXIT
                                                                                                                }
                                                                                                                
                                                                                                                trap _exit ERR
                                                                                                                

                                                                                                                This ensures that no matter how the script exits my exit handler function will always get called. The particular snippet above is from an Icinga check I’m writing right now :)

                                                                                                                1. 1

                                                                                                                  From my live NixOS system:

                                                                                                                  bb010g ~ % file /{,usr/}bin/bash
                                                                                                                  /bin/bash:     cannot open `/bin/bash' (No such file or directory)
                                                                                                                  /usr/bin/bash: cannot open `/usr/bin/bash' (No such file or directory)
                                                                                                                  
                                                                                                                  1. 2

                                                                                                                    Yes, which is why I wrote that for more portable scripts I’d use /usr/bin/env ;)

                                                                                                                    (…that does exist, doesn’t it?)

                                                                                                                    I’ve played around with Guix a bit, same thing there. But the systems I manage are neither GuixSD nor NixOS, so my approach works just fine for my purposes.