@nogweii@nogweii.net avatar

nogweii

@nogweii@nogweii.net

I love to automate computers. And play video games. Anyone seen a 🐧 around here?
Staff DevOps Engineer, aka an computer ArchWizard.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

nogweii, to random
@nogweii@nogweii.net avatar

Good day of Magic the Gathering. Did a Modern Horizons 3 prerelease with friends, met a couple more new friends. Then we played a commander game where everyone got to do a big turn and pop off.

1-2 overall in the prerelease. Died 2nd in the commander game. Had a shit ton of fun!

nogweii, to random
@nogweii@nogweii.net avatar

Ah, getting my Talos Kubernetes cluster to work is proving more difficult than I realized... Thought it was all working, but I didn't test if two pods on two different nodes can talk.

Nope! Wait, what?!

What did I miss...

foone, to random
@foone@digipres.club avatar

One again the lack of USB-C floppy drives has stymied one of my projects

nogweii,
@nogweii@nogweii.net avatar

@foone I read that too fast and thought are you were looking for USB-C equipped floppy disk. 😆

nogweii, to rust
@nogweii@nogweii.net avatar

Supporting LTO in Rust seems really complicated. Reading pacman discussions, and issues in the ring crate. Weird things that different compiler toolchains do, and they all do slightly different things.

daniel, to random
@daniel@gultsch.social avatar

We are finally going to upgrade our running on conversations.im, tomorrow, Saturday May 25th.

Unfortunately we won’t be able to do this without some down times throughout the day.

You can visit https://status.conversations.im/ for a simple up/down check or follow this thread for the occasional status update / progress report.

nogweii,
@nogweii@nogweii.net avatar

@daniel curious, do y'all have a cluster set up? Any public documentation on these sorts of details?

nogweii, to random
@nogweii@nogweii.net avatar

@pid_eins if I were to try to "backup systemd", what would that look like? Most of my stuff on servers is managed through Ansible, but I'd like to be sure.

Does that mean basically everything in /etc/systemd/?

rtyler, to random
@rtyler@hacky.town avatar

if terraform didn't exist, would you invent it? 🤔

nogweii,
@nogweii@nogweii.net avatar

@rtyler I would, but it'd be very different. HCL and the rest of the design decisions that result wouldn't exist. Instead, lots of...TOML? YAML? Ugh.

nogweii, to pokemon
@nogweii@nogweii.net avatar

https://www.youtube.com/watch?v=Qil4OpfOufU is such an awesome video, highlighting the surprising-to-me connections between Gold & Silver's Johto and Japan's history. Phenomenal!

nogweii, to Dogs
@nogweii@nogweii.net avatar

Random midnight thought - are puppies in the same litter technically fraternal twins? 🐕

Turns out, yes and no.

are superfecund, that is, a single mother can have multiple eggs fertilized by different fathers.

So its possible that a litter might have a few half-siblings and/or a few fraternal twins. If there's only 1 father? All fraternal twins.

Thanks for joining me on this random research rabbit hole.

pid_eins, (edited ) to random
@pid_eins@mastodon.social avatar

4️⃣ Here's the 4th installment of my series of posts highlighting key new features of the upcoming v256 release of systemd.

You might be aware of systemd's per-service setting "ProtectSystem=". When used it ensures the service lives in its own mount namespace, detached from the host's and various key directories become read-only to the service, in particular /usr/. This reflects the fact there's very little code that should ever be able to to write to /usr/.

nogweii,
@nogweii@nogweii.net avatar

@pid_eins Any thoughts on making an option in the system.conf to apply ProtectSystem by default in all services spawned by the system manager (basically, flipping the default) without changing how /usr/ is mounted? Or does that not really change things whilst still causing compatibility issues?

bitprophet, to NixOS
@bitprophet@social.coop avatar

Getting really sick of painstakingly migrating to some Cool New Technical Thing With Superpowers and then whoops, It's All Ethics Violations after a while.

First - CEO is a white dude who can't read the room when a bunch of users raise serious concerns re: suicide warnings, .ru indexes, Brave collab, etc.

Now / - BDFL is a white dude who can't read the room when a bunch of users raise serious concerns re: toxic members, shitty governance, MIC sponsorship, etc.

nogweii,
@nogweii@nogweii.net avatar

@danderson @bitprophet I don't know if it's really better, but Arch has mostly done well for me. And it has a large community - they've gone through the growing pains & maturation involved.

danderson, to random
@danderson@hachyderm.io avatar

If I had to concisely sum up the status of the Nix ecosystem after today:

woop woop
TERRAIN! TERRAIN!
woop woop
PULL UP! PULL UP!

I continue to hope against hope, for now. But also, a migration planning doc also exists now, when it didn't last week.

nogweii,
@nogweii@nogweii.net avatar

@danderson woah, what happened? (Is happening?) What keywords should I use to find out more? I'm just an outside passive observer, but a fan of the ideas.

nogweii,
@nogweii@nogweii.net avatar

@danderson oh, moderation & community struggles? Oof, not fun.

simontatham, to random
@simontatham@hachyderm.io avatar

In bash, writing ${var?} instead of just ${var} or $var means if var isn't defined then bash will throw an error and not execute your command, instead of expanding it to "" and carrying on.

mv file1 file2 $subdir # oops, I overwrote file2
mv file1 file2 ${subdir?} # error message instead of disaster

My favourite use of this is for example commands in documentation, with placeholders for the user to fill in. Then it's OK if a user accidentally copy-pastes it without filling them in!

nogweii,
@nogweii@nogweii.net avatar

@simontatham @muvlon @Rob_Russell @hendric if y'all didn't know, set -o pipefail is also very handy - it means that earlier command's exit codes won't be overridden by later commands that have been piped. That is $? is non-zero if any command in the pipeline is.

So fail | grep blah still results in $? being 1 (or whatever else)

nogweii,
@nogweii@nogweii.net avatar

@simontatham @muvlon @Rob_Russell @hendric The combination of the three are so handy that I have an editor snippet called "strict" that I use in scripts to add set -euo pipefail. Makes bash a lot more sane!

pid_eins, (edited ) to random
@pid_eins@mastodon.social avatar

1️⃣ So let's try something new. As we are closing in on tagging systemd v256-rc1, let's see if I manage to post a brief mastodon item about major new features of the upcoming release, every few days until the final release of v256. I figure not everyone reads NEWS files, even if curious. Hence let's start today with the 1st post: the new .v/ directories. You know those .d/ directories that are quite popular in low-level Linux packages these days? While .d/ dirs never have been formalized properly…

nogweii,
@nogweii@nogweii.net avatar

@pid_eins any particular version syntax / semantics? Or just lexicographic sort?

nogweii,
@nogweii@nogweii.net avatar

@bluca @pid_eins ah, thanks!

simon, to random
@simon@simonwillison.net avatar
nogweii,
@nogweii@nogweii.net avatar

@simon how much RAM does it grow to after interacting for a while? Is the 37GB pretty much the top end?

Also, how's the speed?

mjg59, to random
@mjg59@nondeterministic.computer avatar

Amazingly, https://github.com/mjg59/linux/tree/restrict_path_traversal actually seems to roughly work as expected do I attempt to upstream or not

nogweii,
@nogweii@nogweii.net avatar

@mjg59 I'm surprised that it wasn't a thing already! Seems like an obvious win for a bunch of situations. I'd love to turn that on for a bunch of daemons, seems very reasonable to me.

evan, (edited ) to random
@evan@cosocial.ca avatar

Tattooed people: do you like it when people ask about your tattoos?

nogweii,
@nogweii@nogweii.net avatar

@evan and if people don't ask about my Tux 🐧 tattoo I'll probably bring it up anyways. 😆

evan, to random
@evan@cosocial.ca avatar

Friends, I need your help. What songs should I add to my eclipse-watching playlist?

nogweii,
@nogweii@nogweii.net avatar

@evan how about some EDM? https://youtu.be/lcg6wekmCRA 📻

Foxboron, to random
@Foxboron@chaos.social avatar

It's weird going from the weekend discourse of xz backdoors to work and dependabot MRs.

Idk, yolo/which-files-changed-watch update 43 to 44 with an autogenerated conventional commits changelog, are you backdoored or are you fine?

Hits approve

nogweii,
@nogweii@nogweii.net avatar

@Foxboron even better when your CI pipeline runs through the incomplete test suite, passes, and auto-merges the update.

Everything's green, so it's fine right? 😆

Edent, to github
@Edent@mastodon.social avatar

Hmmm. I have an SSH key which I use for both and .

GitLab has just warned me it will expire in 7 days (but no notification from GitHub!).

So, my wizard friends:

Is there a way to update my key? (I assume no and I need to create a new one.)

Should I have different keys for Hub/Lab?

What's the real danger to my personal repos of having never-expiring keys?

THANKS CLEVER PEOPLE WHO ALMOST CERTAINLY KNOW MORE THAN AN LLM!

nogweii,
@nogweii@nogweii.net avatar

@Edent as others mentioned, this is a Gitlab specific "feature". Classic SSH keys don't have any date information. There's a thing called "SSH Certificates" that use X509 certs to if you want that pain. (Useful in other ways though.)

re: Same keys - its fine, IMO. Better to have different keys per computer. Also better to have different keys per security domain. (Personal servers vs corporate servers vs external companies.) But 'better' is relative and marginal.

whack, to random
@whack@hachyderm.io avatar

Finally finished a Destiny 2 mission that took me and @jubei almost 3 hours in one sitting (after many prior failures)… and the reward is a reveal that this mission was part 1 of a 7-part quest. (The Grasp of Avarice)

A+++++ trolling by Bungie. I’m speechless. 🫡

nogweii,
@nogweii@nogweii.net avatar

@whack @jubei if y'all can power through it, the dungeon is great! But yeah, Bungie does some shit as part of the quest line.

pushover, to random

Can anyone else on T-Mobile Home Internet confirm this?

https://www.reddit.com/r/pushover/comments/1bgp9c0/tmobile_5g_isp_blocking_pushovernet/

nogweii,
@nogweii@nogweii.net avatar

@pushover I'm on a TMobile phone and its not working for me either. Hm.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • khanakhh
  • mdbf
  • ethstaker
  • magazineikmin
  • GTA5RPClips
  • rosin
  • thenastyranch
  • Youngstown
  • InstantRegret
  • slotface
  • osvaldo12
  • kavyap
  • DreamBathrooms
  • JUstTest
  • Durango
  • everett
  • cisconetworking
  • normalnudes
  • tester
  • ngwrru68w68
  • cubers
  • modclub
  • tacticalgear
  • provamag3
  • Leos
  • anitta
  • lostlight
  • All magazines