gerdesj

gerdesj, 7 months ago

On a desktop/laptop system you soon notice when things like your touchpad loses multi touch support and USB sticks no longer work because your kernel mods no longer match the “old” kernel!

needrestart and co are really handy. When lsof first came out, I remember finding a recipe similar to the one posted and “mind blown”!

gerdesj, 8 months ago

I gave up about 5.5 years ago after 30 odd years of pretty heavy tabbing. Fags costed about £10.50 for 20 L&B back then and no doubt the beer accumulator model has raised that to at least £13 by now.

Price was not my primary reason for giving up but I can see how it will help. When I started I could buy 10 packs duty free for £5 and smoke on the plane. The UK old 10p (which was basically a two shilling coin rebadged as 10p) was about the same size as a German 1DM piece. DM - Deutsch Mark. Good enough to fool the removed dispensers in West Germany, back in the day. At the time (mid '80s) there was roughly 4DM to £1 and a pack was about DM2.50 from a street vending machine.

As well as price, we need to realise that nicotine is not the only addictive thing in a ciggie. If it was, then patches, gum etc would just work. They don’t really work very well on their own and you can’t shift the blame onto habit either. I don’t think that nicotine is particularly addictive at all.

Giving up is hard, really hard. It needs will power. When I started giving up I was wheezing rather badly and had a very persistent cough that lasted for about nine months to the point that even I realised I had to do something.

I stopped at around 17:00 one friday evening and had a very long lie in on sat morning. That got me half a day. I hung on until saturday evening and went to bed. I now had managed a day. Another long lie in on sunday. Hang on in there and get to monday. Now I have two days. Then I managed a week, then two weeks, then a month, then two months, three months, half a year, a year.

After a few days I realized I could perhaps do this. I don’t exactly know why I decided to come up with a “mantra” that I would say to myself whenever I craved a ciggie but it really helped. “I don’t want to smell and I don’t want to die” was what I settled on and it really worked for me. Even a smoker knows really how bad they smell and the other wish is a bit obvious!

After about a week my sense of smell and taste went berserk! I could smell people entering a room which was a bit disconcerting. I recall it being similar to when I finally caved in and got some specs sorted out for my eyes. It has calmed down since to “normal”.

If you want to give up then you will need a strategy. I was weak willed enough to need a near death like experience to kick me into some form of action. Giving up fags is a horribly complicated affair and the “treatments” on offer are probably bollocks. I tried a vape and soon realised that it won’t help at all - I’d just replace smoking with … something else that doesn’t really cut it.

I found that as soon as I said my mantra, the cravings really did vanish, for a few minutes, then hours, days. weeks etc. I also had some pretty odd dreams involving fags. Before I gave up, I never smoked in my dreams. I did have several dreams after giving up which involved smoking in some pretty bizarre ways!

Finally: I saved roughly £3,500 per year at 2018 prices by not tabbing. It’s probably more like £4000-4500 now.

Hmmm, this comment escalated somewhat 8)

gerdesj, 8 months ago

“beer accumulator” - this is the euphemistic name for how the UK govt raises the tax year on year for alcohol and I think it is the same for fags.

gerdesj, 8 months ago

I run an awful lot of MS email for a lot of customers. My own company (literally mine) uses Exchange on prem and I pass all access through HA Proxy. My customers mostly use M365 but one is still on GroupWise (I have known GroupWise for roughly 25 years)

I’ve seen browsers come and go. My first one was telnet on a VAX through a X.25 PAD and a string of connections via the US (I’m UK) to CERN. First graphical browser was Mosaic on Win 95. I think Mosaic became Internet Explorer - MS don’t really innovate - they buy it.

Edge is basically Chromium with knobs on. Chromium is Chrome with knobs removed (sort of!) I can exclusively reveal that Firefox works fine with all version of OWA and Exchange on-line, because that is what I personally use and so do many of my staff and customers.

If you have snags with your uni email then there is something specific there and not your browser choice. Edge doesn’t do anything special for OWA it’s just yet another Google browser.

gerdesj, 8 months ago

Try installing a User Agent switcher into your browsers and then fake your browser ID. FF works fine with Teams, Exchange and M365 - I have been an IT consultant installing or using all of that lot for over two decades.

I too have a favourite browser. It used to be FF up to about 15 years ago (v2 or so) then Google were cool and I went all in on Chrome. I then went Chromium. I actually started out with telnet but that’s another story.

A couple of months ago I finally dumped Chromium and co and went back to FF. Biggest win for me was a slightly less opinionated SSL experience. That needs some explaining:

I run a lot of IT and that means a lot of SSL certs. Mostly I use Lets Encrypt if I can as well as the usual suspects. Sometimes a site does not need SSL at all. Googles browsers are very VERY opinionated about this: “Thou shall not use thy browser password manager with self signed SSL certs”. FF has a slightly less opinionated “Thou canst TOFU and thy password manager will work”. I spend a lot of time pissing around with uploading CA certs to group policy objects and copying them to /usr/local/share/ca-certificates and getting the machines to trust them. On Arch we use /etc/ca-certifictes etc and so on and so forth. I also have to deal with Teams - FF works better now than Cr browsers

I’ve returned to FF after a very long time and I don’t regret it at all. I run Arch actually!

gerdesj, 8 months ago

I only use Reolinks these days. RLC-410 - some dome and some bullet. Cheap and easy to setup. I’m a long term Zoneminder user which I get to watch the low res stream and record on the high res stream. My ZM is a VM on VMware with a cheap Nvidia GPU passed through for CUDA. This still works: wiki.zoneminder.com/GPU_passthrough_in_VMWare but I should probably bring the wiki page up to date.

I have a Reolink door bell too - I went for the PoE one. It’s a lot better than my old Doorbird but not as sturdy. The door bird could drive a chime too which was nice. The Reo can’t but it is a PoE powered unit with a UPS backing the switch. That’s pretty resilient.

They never get to see the internet. I fiddle DNS so that pool.ntp.com points at my ntp daemons but I run an IT company so that might be a bit excessive for most! I have three Pis with GPS hats and antennae.

As you say, they are well supported by HA too. If you have a Coral and Frigate then you have lots of options. Just keep them away from the internet if you are concerned about who is looking through them apart from you.

gerdesj, 8 months ago

Never used Flatpak or Snap in nearly 30 years of using Linux. I might one day but not yet.

I don’t use Fedora these days but your package manager will probably have some hooks. Add one to update your Flatpaks when it has finished its main job.

gerdesj, 8 months ago

Did anyone actually read the article:

“The ban - which covers all spaces in North Somerset open to the public”.

I live in South Somerset (Yeovil) but since the county went even more bizarre and decided to amalgamate into some mad centralised Somerset County thingie instead of the old Somerset regions. who knows what this ruling even means?

@mex - fix the title to note coverage only applies to North Somerset (whatever that is). It’s shitty to imply something that doesn’t apply to the vast majority of a county, let alone the country.

gerdesj, 9 months ago

I once named a load of servers for a helicopter company in the UK with elements. The cluster nodes were copper, silicon, etc. The cluster itself was called iron. The volumes were labelled fe_function.

It worked - it was easy to read and the bits that implied “cluster” were grouped appropriately. All the other servers had random elemental names unless they were associated in some way, in which case the group would be used. The engineers (real engineers with oil or distressingly nasty lubricants in their veins) loved it - it made sense, without being too quirky. It was very legible.

When those systems were hoicked out and replaced, the usual nonsense was applied: 2 char country code + 2 char site code etc etc ad nauseam. Followed by my absolute pet hate: 01. Oh so you might need 99 domain controllers? Yes you might, but not on one site.

Let’s face it, it is mostly AD admins who don’t get hostnames. I blame MS - their docs and blogs strive to be … authoritative or at least look so. An entire generation (possibly two) of sysadmins have been sold up the river by MS and their wankery.

gerdesj, 9 months ago

I tend to use other people’s cast-offs at work. Win 10 slow? JG gets an upgrade! I whip the SSD or M.2 or whatever I’m using out of the old one and pop it in the “new” one.

gerdesj, 9 months ago

Great job. The Arch layer is missing the word “actually” 😜

gerdesj, 9 months ago

I’ve been a happy customer since 1.2. I even stuck with it through 4.0 which was a little traumatic 8) I like choice - lots of it and KDE delivers that in spades.

gerdesj, 9 months ago

You can easily schedule it yourself but I wouldn’t. I have used sfc /scannow about 10 times. It did fix an issue once - a VM repeatedly locking up doing Windows updates.

gerdesj, 9 months ago

I’ve spent over 25 years with Linux. With multiple distros and a lot of that with Gentoo and Arch. At work I specify Ubuntu or Debian, for simplicity and stability. I always used to use the minimal Ubuntu, because it was tiny with no frills. For quite a few years I managed a fleet of Gentoo systems across multiple customers - with Puppet. Those have quietly gone away. I’ve dallied with SuSE (all varieties), Mandrake, Mandriva, RedHat, Slackware, Yggdrassil and more.

Arch is surprisingly stable and being a rolling job there are no big jumps. When I replace one of our laptops, I simply clone the old one to it and crack on. I used to do the same with Gentoo - my Gentoo laptops went from an OpenRC job with dual Nokia N95 ppp connections around 2007 to through to around 2018 with systemd and decent wifi when I switched to Arch to allow the burns on my lap to heal. I still have a Gentoo VM running (amongst friends) on the esxi in my attic.

It was installed in 2006 according to some of the kernel config files. I left it for way too long and had to use git to make Portage advance forwards in time and fix around a decade of neglect. It would have been too easy to wipe and start again. It took about a fortnight to sort out. At one point I even fixed an issue following a forum post I made myself years ago.

Anyway, Arch is pretty stable.

gerdesj, 9 months ago

USE please.

Each to their own.

gerdesj, 9 months ago

Mmmm … RedHat with KDE = Mandrake. I still mostly exclusively use KDE.

gerdesj, 9 months ago

Define stable! Both are non rolling distros so that means that you have the upgrade jolt every few years. I have several VMs that started off life as Ubuntu LTS around 16 so from 2016 and are still running but now on 2022.04. Those are servers so relatively simple - web, PHP, Samba, DBs, etc. PHP is a pain to fix up. Ubuntu doesn’t have the rather neat slotting feature that Gentoo has so you get to do quite a lot of detective work to put it back together again. Debian is similar - again I have several systems that I manage that have gone through at least three or four Toy Story names.

Arch is rolling so there is no break and continue point. There have been some packages that have broken or been broken but not the entire system and that suits me. The QA is surprisingly good from the devs. Arch really isn’t the bugbear, nightmare super ricer thingie that it is sometimes painted out to be. I find it a very thoughtfully put together distro with an awful lot of moving parts that are well integrated and a great toolset. Choice is paramount and delivered in spades without the micro management that Gentoo requires.

It also helps that I have been doing this stuff for well over two decades so some challenges are no longer the challenge they once were.

gerdesj, 9 months ago

It is great to have choice. I remember buying a CD with OpenBSD (the one with a yellow pufferfish logo) back in the late 90s/00s and giving it a whirl. I broke my work PC somewhat with it but at the time I worked on a help desk and we used VT200 emulators to access “RMS”. I still had a term but graphics was out of the question! I could never get the modes right. I worked like that for six months. Everyone else had DOS and Win 3.114WG and they thought I was being deliberately edgy. I had a hell of a time working out how to map PF1-4 (DEC Vax) to local keys.

I now run around 30 odd pfSense boxes across the UK. They run FreeBSD, with a frisson of PHP n that on top. My office cluster has six internets - two at 1Gbs-1. The two boxes are Dell servers with a lot of NICs (12 each) I will shortly be swapping out a few for 10Gb NICs. They are rock solid and just crack on and do the job. There are several packages that make life so easy: ACME - SSL certs; HA Proxy - proxy lots of sites with one IP; OpenVPN - we run a lot of them.

However, pppd on BSD is single threaded which means that on an APU2 you max out at around 300MBs-1. Linux pppd is multi-threaded and does better (about 400Mbs-1 on the same hardware. Not exactly the end of the world. The real problem was sticking to APU2!

Anyway. Run what you like - you have choice and choice is good.

gerdesj, 9 months ago

I run Debian on all of my Home Assistant boxes, apart from one where I am trying out HassOS. I also have a test Proxmox two node cluster at work with multiple SAN volumes. Proxmox is Debian based. Sadly, it isn’t very iSCSI friendly - you can’t do snapshots. I’m looking at possible VMware replacement options here.

Am I threatening Debbie and Ian’s distro? I personally consider Ian to be a bit of a hero. He created Debian, and the world + dog has used it everywhere.

Everywhere.

Them Raspberry Pi thingies are certified (well bits are) for space. It used to be called Raspbian but the OS on a RPi is still Debian with knobs on.

gerdesj, 9 months ago

One of my staff runs Tumbleweed. I will get around to evaluating it one day.

gerdesj, 9 months ago

I can see that you have bound nginx to port 80 on both IPv4 and 6 - the two Listen directives.

• Can you get to it locally via IPv6 as well as IPv4?
• Can you get to it via IPv4 externally?

Let’s get right down to basics:

• ping -6 google.com - from the web server, does it work?
• ping -6 google.com - from your PC/laptop.phone, does it work?
• test-ipv6.com

I’m on GMT+1/BST/UTC+1 so its a bit late now. I’ll pick up tomorrow pm

gerdesj, 9 months ago

As well as a link local address you should also have one or more globally routeable ones too. Hopefully you have at least one of those set up in DNS with a AAAA address. Therefore you should be able to put the address of your web server into your browser and off it goes. In theory IPv6 should be preferred by your browser, so even if both an A record and a AAAA record resolve for the name, IPv6 should kick in.

A quick check would be:

<span style="color:#323232;">$ host mywebserver.example.co.uk
</span>

That should return an IPv4 and an IPv6 address. The IPv6 address is the same for internal and external - there is no distinction, which can be surprising if you are used to IPv4 and NAT. The final bit of the equation is that your internet router needs to allow access “from all to globally routeable ipv6 address of the web server”.

gerdesj, 9 months ago

You don’t need to put the IPv6 address into your browser. The host command shows that you have got DNS sorted - try:

$ dig @9.9.9.9 myserver.now-dns.net AAAA

That should return an IPv6 address and the @9.9.9.9 means: use the Quad9 DNS server - 1.1.1.1 or 8.8.8.8 will also try external DNS servers - CloudFlare and Google. Hopefully that’s naming sorted out.

Now to actual access. Your router will (probably), by default, block all inbound connections. I’ve just had a look at your screenshot and it has a menu entry: “Port forwarding IPv6”. IPv6 doesn’t need port forwarding really but I suspect that is how you allow access. I am now guessing. There is such a thing as IPv6 NAT and something called NPT (Network Prefix Translation) which is not for the faint of heart!

Have a look around in that menu a screen shot might help.

It might help if you tell us where you are (very roughly - country and perhaps city), your ISP and router model. I can get you to the point of all of this working but there are rather a lot of unknowns. I can see that your router offers Dutch or English so I will guess you are from the Netherlands.

gerdesj, 9 months ago

That is for ping. ICMP v6 REQ: REQ means request and is a NAT type of terminology. A firewall rule allows some form of inbound traffic - here ICMP ping inbound (REQ), and then creates a state entry which allows the corresponding return traffic (RESP or response) - pong!

ping can be useful to determine connectivity and that rule will not open you up to anything nasty.

Your router seems to have been designed by someone who gives a shit about security, which is a good sign.

gerdesj, 9 months ago

That IPv6 forwarding page is strange. IPv6 does not need forwarding.

Anyway, I am trying to find a manual for your router. A Google search shows that it is probably NL localized and probably Asian manufactured for NL ISPs. Are you able to get a manual from your ISP? Their website looks just like one of ours - no help at all. I have also tried searching on the model and not much comes back.

I’m off on holidays for a few days. I’ll be back on dinsdag/tuesday (08/08/2023).