Sometime last week, an attempted automated GitLab via Docker upgrade failed catastrophically, and left that Docker image in a pretty botched state. Kudos to the GitLab team for making it so many years without this being a problem. It was a real surprise to see it broken!
(more…)-
Self Hosted
It’s taken about-a-million tiny steps, but as of this moment (2 May, 2024 07:42 UTC-6) this WordPress blog (jjj.blog) and a bunch of other blogs for friends & family are all
(more…)calling from inside the houserunning on a cluster of Raspberry Pi 4’s in a server rack in my basement. -
Fresh Docker
sudo nano /usr/bin/docker_fresh#!/usr/bin/env bash # # Obliterates containers, images, networks, volumes, and cache. # [ $(docker ps | wc -l) -ne 1 ] && echo "Stopping containers..." && docker stop $(docker ps | sed -n '1d;p' | awk -F" " '{print $1}') [ $(docker ps -a | wc -l) -ne 1 ] && echo "Deleting containers..." && docker rm $(docker ps -a | sed -n '1d;p' | awk -F" " '{print $1}') [ $(docker images | wc -l) -ne 1 ] && echo "Deleting images..." && docker image rm $(docker images | sed -n '1d;p' | awk -F" " '{print $3}') echo "Pruning networks, volumes, and cache..." && docker system prune -a -f --volumes echo "Docker is fresh again."sudo chmod +x /usr/bin/docker_fresh -
J3’s 3V’s
Value. Validation. Victory.
Writing & releasing strong, resilient, fault-tolerant, production-quality software (for the entire world to use) – with dynamic teams of contributors over many months & years – is all about banking trust, typically through an unlimited number of positive interactions.
(more…) -
Persistent Touch ID for sudo on macOS
Did you know you can activate Touch ID (or some other biometric) support to authenticate
sudocommands on your command line, in a way that survives operating system updates?All you need to do is copy & modify a single file:
cd /etc/pam.d sudo cp sudo_local.template sudo_local sudo nano sudo_localAnd it should look like this when you are done:
# sudo_local: local config file which survives system update and is included for sudo # uncomment following line to enable Touch ID for sudo auth sufficient pam_tid.soThe way I see it, manually typing passwords isn’t just annoying; it’s an error-prone attack vector for key-logging and yet-another-barrier to productivity. To make software more secure, the best security stuff needs to be the most convenient option by default; this is one-of-many small steps towards that.
-
Netbeans crashing on macOS
For the past few years & months, Netbeans (now version 20) has been really struggling to keep up with the type of work that I most frequently use it for (helping to maintain & improve WordPress and a few hundred plugins here or there) and it has really been a bummer because no matter how hard I’ve tried I have not felt any joy when writing PHP in VSCode – only frustration.
Whenever I would launch Netbeans, it would open fine, and open projects & directories mostly OK, but then some other days & times it just felt far-far-far more sluggish than it used to (and than it should, given the relatively monster machine I am running it on).
Like one does, I wasted a lot of time trying a bunch of things I found on The Internet that did nothing measurable; switched JDK versions, hard-coded a reserved amount of memory for the JVM, reinstalled, safe-mode, ask nicely, yada yada yada…
The magic bullet, though, for me, harkens back to an old blog post of mine about not allowing macOS to index your
node_modulesdirectories.By adding
|node_modulesto Netbeans’ regular expression of “Files ignored by the IDE” it not only stopped crashing, but I am certain that I reduced the volume of indexing work it was doing by several ga’thousand percent, as every WordPress plugin is likely to have several megabytes of “modules” that are only used for tooling during its development and basically useless when it comes to day-to-day coding.Netbeans is the best hammer I never paid for. As soon as I stopped asking my hammer to write a bunch of notes for me that I’d never read anyways, I was able to pound nails again.
Moral of the story? If there is one, I guess it must be: “John you are handsome & wise & always right and you should stop doubting yourself” 🙌
-
Silence Ubuntu Pro security update nag
If you see this:
The following security updates require Ubuntu Pro with 'esm-infra' enabled:In short, it is telling you that the Ubuntu Core team has:
- patched versions of packages with known vulnerabilities
- made those improvements available for their Pro users/customers
If your Ubuntu machines are critical infrastructure for you, you should consider signing up for Ubuntu Pro.
If not, I think that makes it the perfect type of package update to “divert”:
File diversions are a way of forcing dpkg(1) not to install a file into its location, but to a diverted location. Diversions can be used through the Debian package scripts to move a file away when it causes a conflict. System administrators can also use it to override some package’s configuration file, or whenever some files (which aren’t marked as “conffiles”) need to be preserved by dpkg, when installing a newer version of a package which contains those files.
https://www.man7.org/linux/man-pages/man1/dpkg-divert.1.htmlThere are different ways to accomplish this, but I did it like this:
sudo dpkg-divert --divert /etc/apt/apt.conf.d/20apt-esm-hook.conf.bak --rename --local /etc/apt/apt.conf.d/20apt-esm-hook.confThis ultimately results in not receiving the most-fast security update benefits from Ubuntu Pro, but you aren’t any less secure than you would’ve normally been before Ubuntu Pro existed – we all still qualify for & receive the same old updates from the same old original package maintainers like before.
-
Install Java & Netbeans on macOS via Homebrew
brew install java sudo ln -sfn /opt/homebrew/opt/openjdk/libexec/openjdk.jdk /Library/Java/JavaVirtualMachines/openjdk.jdk echo 'export PATH="/opt/homebrew/opt/openjdk/bin:$PATH"' >> ~/.zshrc echo 'export CPPFLAGS="-I/opt/homebrew/opt/openjdk/include"' >> ~/.zshrc brew install netbeans -
Basic HomeKit troubleshooting
In general… weird things happen to Apple devices when the network services they depend on (to quickly communicate between each other on your network) are disabled, out-of-date, or in any kind of corrupt or malformed state (which it almost always is).
You want to sign in to your routers Admin GUI, and look for the following:
- Something like: “Multicast”, “mDNS”, “Multicast DNS” or equivalent.
Make sure this is not off or disabled.
The intended purpose of mDNS is for your router to act as a “zero-configuration” resolver for the hostnames & IP addresses on your network, and its what Apple/AirPlay/AirPrint/AirDrop/HomeKit/etc… use to route their many-to-many device relationships – I.E. every iPhone to any other iPhone/HomePod/TV/etc…
You may only be able to toggle in on/off, or you may have a select/radio-button option to pick some specific thing. Use your best judgement, or reply here if unsure. - Something like: “IGMP Snooping” or equivalent.
Make sure this is not disabled.
The intended purpose of IGMP is to have your router monitor your LAN traffic and route mDNS streams & requests directly between registered clients, rather than have those clients chatter back & forth on the entire network.
Probably on/off, and should not give you multiple options. Reply if unsure. - Somehow confirm nothing is reserving or using “.local” for their own routing on your network.
mDNS uses “.local” exclusively to alias the names of devices on your network that have advertised that they prefer to communicate that way. If you’ve reserved it manually, or some development environment (Valet, MAMP, etc…) has, this is a problem that needs fixing. - Make sure all wireless TVs & HomePods have excellent wifi signals. Not just good or acceptable; excellent. For every 1db lost from “full” signal strength, expect 2x data packets to be retried exponentially.
Give them a clear line-of-sight – no obstructions, walls, plants, chairs, tables, etc… Everything between them will cause attenuation & signal degradation, resulting in dropped data packets & weird behaviors. - Restart everything, doing the router last.
DHCP reservations (IP reassignments) rotate unless they are pinned or assigned manually. Usually, restarting a device will force it to reconcile its network assignments, including IP addresses, hostnames, and mDNS by association. - Sometimes (and this is my experience) if you have multiple “home hubs” like you do (TVs, HomePods, etc…) one of them has a tendency to work better than the others. For me, when one specific Apple TV is the “active” HomeKit hub, everything is fine, but any other hub causes all of my automations to never fully finish. I am convinced this is an Apple bug with their own on-device mDNS caches, but haven’t dug into it.
- Something like: “Multicast”, “mDNS”, “Multicast DNS” or equivalent.
-
Prevent empty new-line with Starship prompt
From this GitHub issue: https://github.com/starship/starship/issues/560
Enter this to modify Starship’s configuration:
starship config
Put this near the very top:
# Tuck "new line" inside the ($all) variable format = """($all )$character""" # No new line between shell prompts add_newline = false # No line-break between shell prompts [line_break] disabled = true
This works because anything inside of
($var)is skipped if$varis empty, and luckily this includes (or does not explicitly exclude/trim) a trailing new-line.