diff options
| author | Paul Buetow <paul@buetow.org> | 2025-12-31 15:52:45 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2025-12-31 15:52:45 +0200 |
| commit | 87fb917a6f575fff36ad1614d754ebc161b62f4b (patch) | |
| tree | 493e7bfecd53cedb3defe03b2bf645d8cb8e0f37 /gemfeed/atom.xml | |
| parent | d58286a7e52885785b9bfba53888de2b037090fb (diff) | |
Update content for gemtext
Diffstat (limited to 'gemfeed/atom.xml')
| -rw-r--r-- | gemfeed/atom.xml | 1299 |
1 files changed, 1 insertions, 1298 deletions
diff --git a/gemfeed/atom.xml b/gemfeed/atom.xml index d87a3523..a3f0a08d 100644 --- a/gemfeed/atom.xml +++ b/gemfeed/atom.xml @@ -1,1309 +1,12 @@ <?xml version="1.0" encoding="utf-8"?> <feed xmlns="http://www.w3.org/2005/Atom"> - <updated>2025-12-31T15:49:49+02:00</updated> + <updated>2025-12-31T15:51:17+02:00</updated> <title>foo.zone feed</title> <subtitle>To be in the .zone!</subtitle> <link href="gemini://foo.zone/gemfeed/atom.xml" rel="self" /> <link href="gemini://foo.zone/" /> <id>gemini://foo.zone/</id> <entry> - <title>Terminal multiplexing with `tmux` - Z-Shell edition</title> - <link href="gemini://foo.zone/gemfeed/2024-06-23-terminal-multiplexing-with-tmux.gmi" /> - <id>gemini://foo.zone/gemfeed/2024-06-23-terminal-multiplexing-with-tmux.gmi</id> - <updated>2024-06-23T22:41:59+03:00</updated> - <author> - <name>Paul Buetow aka snonux</name> - <email>paul@dev.buetow.org</email> - </author> - <summary>This is the Z-Shell version. There is also a Fish version:</summary> - <content type="xhtml"> - <div xmlns="http://www.w3.org/1999/xhtml"> - <h1 style='display: inline' id='terminal-multiplexing-with-tmux---z-shell-edition'>Terminal multiplexing with <span class='inlinecode'>tmux</span> - Z-Shell edition</h1><br /> -<br /> -<span class='quote'>Published at 2024-06-23T22:41:59+03:00; Last updated 2025-05-02</span><br /> -<br /> -<span>This is the Z-Shell version. There is also a Fish version:</span><br /> -<br /> -<a class='textlink' href='./2025-05-02-terminal-multiplexing-with-tmux-fish-edition.html'>./2025-05-02-terminal-multiplexing-with-tmux-fish-edition.html</a><br /> -<br /> -<span>Tmux (Terminal Multiplexer) is a powerful, terminal-based tool that manages multiple terminal sessions within a single window. Here are some of its primary features and functionalities:</span><br /> -<br /> -<ul> -<li>Session management</li> -<li>Window and Pane management</li> -<li>Persistent Workspace</li> -<li>Customization</li> -</ul><br /> -<a class='textlink' href='https://github.com/tmux/tmux/wiki'>https://github.com/tmux/tmux/wiki</a><br /> -<br /> -<pre> - _______ - |.-----.| - || Tmux|| - ||_.-._|| - `--)-(--` - __[=== o]___ - |:::::::::::|\ -jgs `-=========-`() - mod. by Paul B. -</pre> -<br /> -<h2 style='display: inline' id='table-of-contents'>Table of Contents</h2><br /> -<br /> -<ul> -<li><a href='#terminal-multiplexing-with-tmux---z-shell-edition'>Terminal multiplexing with <span class='inlinecode'>tmux</span> - Z-Shell edition</a></li> -<li>⇢ <a href='#before-continuing'>Before continuing...</a></li> -<li>⇢ <a href='#shell-aliases'>Shell aliases</a></li> -<li>⇢ <a href='#the-tn-alias---creating-a-new-session'>The <span class='inlinecode'>tn</span> alias - Creating a new session</a></li> -<li>⇢ ⇢ <a href='#cleaning-up-default-sessions-automatically'>Cleaning up default sessions automatically</a></li> -<li>⇢ ⇢ <a href='#renaming-sessions'>Renaming sessions</a></li> -<li>⇢ <a href='#the-ta-alias---attaching-to-a-session'>The <span class='inlinecode'>ta</span> alias - Attaching to a session</a></li> -<li>⇢ <a href='#the-tr-alias---for-a-nested-remote-session'>The <span class='inlinecode'>tr</span> alias - For a nested remote session</a></li> -<li>⇢ ⇢ <a href='#change-of-the-tmux-prefix-for-better-nesting'>Change of the Tmux prefix for better nesting</a></li> -<li>⇢ <a href='#the-ts-alias---searching-sessions-with-fuzzy-finder'>The <span class='inlinecode'>ts</span> alias - Searching sessions with fuzzy finder</a></li> -<li>⇢ <a href='#the-tssh-alias---cluster-ssh-replacement'>The <span class='inlinecode'>tssh</span> alias - Cluster SSH replacement</a></li> -<li>⇢ ⇢ <a href='#the-tmuxtsshfromargument-helper'>The <span class='inlinecode'>tmux::tssh_from_argument</span> helper</a></li> -<li>⇢ ⇢ <a href='#the-tmuxtsshfromfile-helper'>The <span class='inlinecode'>tmux::tssh_from_file</span> helper</a></li> -<li>⇢ ⇢ <a href='#tssh-examples'><span class='inlinecode'>tssh</span> examples</a></li> -<li>⇢ ⇢ <a href='#common-tmux-commands-i-use-in-tssh'>Common Tmux commands I use in <span class='inlinecode'>tssh</span></a></li> -<li>⇢ <a href='#copy-and-paste-workflow'>Copy and paste workflow</a></li> -<li>⇢ <a href='#tmux-configurations'>Tmux configurations</a></li> -</ul><br /> -<h2 style='display: inline' id='before-continuing'>Before continuing...</h2><br /> -<br /> -<span>Before continuing to read this post, I encourage you to get familiar with Tmux first (unless you already know the basics). You can go through the official getting started guide:</span><br /> -<br /> -<a class='textlink' href='https://github.com/tmux/tmux/wiki/Getting-Started'>https://github.com/tmux/tmux/wiki/Getting-Started</a><br /> -<br /> -<span>I can also recommend this book (this is the book I got started with with Tmux):</span><br /> -<br /> -<a class='textlink' href='https://pragprog.com/titles/bhtmux2/tmux-2/'>https://pragprog.com/titles/bhtmux2/tmux-2/</a><br /> -<br /> -<span>Over the years, I have built a couple of shell helper functions to optimize my workflows. Tmux is extensively integrated into my daily workflows (personal and work). I had colleagues asking me about my Tmux config and helper scripts for Tmux several times. It would be neat to blog about it so that everyone interested in it can make a copy of my configuration and scripts.</span><br /> -<br /> -<span>The configuration and scripts in this blog post are only the non-work-specific parts. There are more helper scripts, which I only use for work (and aren't really useful outside of work due to the way servers and clusters are structured there).</span><br /> -<br /> -<span>Tmux is highly configurable, and I think I am only scratching the surface of what is possible with it. Nevertheless, it may still be useful for you. I also love that Tmux is part of the OpenBSD base system!</span><br /> -<br /> -<h2 style='display: inline' id='shell-aliases'>Shell aliases</h2><br /> -<br /> -<span>I am a user of the Z-Shell (<span class='inlinecode'>zsh</span>), but I believe all the snippets mentioned in this blog post also work with Bash. </span><br /> -<br /> -<a class='textlink' href='https://www.zsh.org'>https://www.zsh.org</a><br /> -<br /> -<span>For the most common Tmux commands I use, I have created the following shell aliases:</span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre><b><u><font color="#000000">alias</font></u></b> tm=tmux -<b><u><font color="#000000">alias</font></u></b> tl=<font color="#808080">'tmux list-sessions'</font> -<b><u><font color="#000000">alias</font></u></b> tn=tmux::new -<b><u><font color="#000000">alias</font></u></b> ta=tmux::attach -<b><u><font color="#000000">alias</font></u></b> tx=tmux::remote -<b><u><font color="#000000">alias</font></u></b> ts=tmux::search -<b><u><font color="#000000">alias</font></u></b> tssh=tmux::cluster_ssh -</pre> -<br /> -<span>Note all <span class='inlinecode'>tmux::...</span>; those are custom shell functions doing certain things, and they aren't part of the Tmux distribution. But let's run through every aliases one by one. </span><br /> -<br /> -<span>The first two are pretty straightforward. <span class='inlinecode'>tm</span> is simply a shorthand for <span class='inlinecode'>tmux</span>, so I have to type less, and <span class='inlinecode'>tl</span> lists all Tmux sessions that are currently open. No magic here.</span><br /> -<br /> -<h2 style='display: inline' id='the-tn-alias---creating-a-new-session'>The <span class='inlinecode'>tn</span> alias - Creating a new session</h2><br /> -<br /> -<span>The <span class='inlinecode'>tn</span> alias is referencing this function:</span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre><i><font color="silver"># Create new session and if alread exists attach to it</font></i> -tmux::new () { - <b><u><font color="#000000">readonly</font></u></b> session=$1 - <b><u><font color="#000000">local</font></u></b> date=date - <b><u><font color="#000000">if</font></u></b> where gdate &>/dev/null; <b><u><font color="#000000">then</font></u></b> - date=gdate - <b><u><font color="#000000">fi</font></u></b> - - tmux::cleanup_default - <b><u><font color="#000000">if</font></u></b> [ -z <font color="#808080">"$session"</font> ]; <b><u><font color="#000000">then</font></u></b> - tmux::new T$($date +%s) - <b><u><font color="#000000">else</font></u></b> - tmux new-session -d -s $session - tmux -<font color="#000000">2</font> attach-session -t $session || tmux -<font color="#000000">2</font> switch-client -t $session - <b><u><font color="#000000">fi</font></u></b> -} -<b><u><font color="#000000">alias</font></u></b> tn=tmux::new -</pre> -<br /> -<span>There is a lot going on here. Let's have a detailed look at what it is doing. As a note, the function relies on GNU Date, so MacOS is looking for the <span class='inlinecode'>gdate</span> commands to be available. Otherwise, it will fall back to <span class='inlinecode'>date</span>. You need to install GNU Date for Mac, as it isn't installed by default there. As I use Fedora Linux on my personal Laptop and a MacBook for work, I have to make it work for both.</span><br /> -<br /> -<span>First, a Tmux session name can be passed to the function as a first argument. That session name is only optional. Without it, Tmux will select a session named <span class='inlinecode'>T$($date +%s)</span> as a default. Which is T followed by the UNIX epoch, e.g. <span class='inlinecode'>T1717133796</span>.</span><br /> -<br /> -<h3 style='display: inline' id='cleaning-up-default-sessions-automatically'>Cleaning up default sessions automatically</h3><br /> -<br /> -<span>Note also the call to <span class='inlinecode'>tmux::cleanup_default</span>; it would clean up all already opened default sessions if they aren't attached. Those sessions were only temporary, and I had too many flying around after a while. So, I decided to auto-delete the sessions if they weren't attached. If I want to keep sessions around, I will rename them with the Tmux command <span class='inlinecode'>prefix-key $</span>. This is the cleanup function:</span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre>tmux::cleanup_default () { - <b><u><font color="#000000">local</font></u></b> s - tmux list-sessions | grep <font color="#808080">'^T.*: '</font> | grep -F -v attached | - cut -d: -f<font color="#000000">1</font> | <b><u><font color="#000000">while</font></u></b> <b><u><font color="#000000">read</font></u></b> -r s; <b><u><font color="#000000">do</font></u></b> - echo <font color="#808080">"Killing $s"</font> - tmux kill-session -t <font color="#808080">"$s"</font> - <b><u><font color="#000000">done</font></u></b> -} -</pre> -<br /> -<span>The cleanup function kills all open Tmux sessions that haven't been renamed properly yet—but only if they aren't attached (e.g., don't run in the foreground in any terminal). Cleaning them up automatically keeps my Tmux sessions as neat and tidy as possible. </span><br /> -<br /> -<h3 style='display: inline' id='renaming-sessions'>Renaming sessions</h3><br /> -<br /> -<span>Whenever I am in a temporary session (named <span class='inlinecode'>T....</span>), I may decide that I want to keep this session around. I have to rename the session to prevent the cleanup function from doing its thing. That's, as mentioned already, easily accomplished with the standard <span class='inlinecode'>prefix-key $</span> Tmux command.</span><br /> -<br /> -<h2 style='display: inline' id='the-ta-alias---attaching-to-a-session'>The <span class='inlinecode'>ta</span> alias - Attaching to a session</h2><br /> -<br /> -<span>This alias refers to the following function, which tries to attach to an already-running Tmux session.</span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre>tmux::attach () { - <b><u><font color="#000000">readonly</font></u></b> session=$1 - - <b><u><font color="#000000">if</font></u></b> [ -z <font color="#808080">"$session"</font> ]; <b><u><font color="#000000">then</font></u></b> - tmux attach-session || tmux::new - <b><u><font color="#000000">else</font></u></b> - tmux attach-session -t $session || tmux::new $session - <b><u><font color="#000000">fi</font></u></b> -} -<b><u><font color="#000000">alias</font></u></b> ta=tmux::attach -</pre> -<br /> -<span>If no session is specified (as the argument of the function), it will try to attach to the first open session. If no Tmux server is running, it will create a new one with <span class='inlinecode'>tmux::new</span>. Otherwise, with a session name given as the argument, it will attach to it. If unsuccessful (e.g., the session doesn't exist), it will be created and attached to.</span><br /> -<br /> -<h2 style='display: inline' id='the-tr-alias---for-a-nested-remote-session'>The <span class='inlinecode'>tr</span> alias - For a nested remote session</h2><br /> -<br /> -<span>This SSHs into the remote server specified and then, remotely on the server itself, starts a nested Tmux session. So we have one Tmux session on the local computer and, inside of it, an SSH connection to a remote server with a Tmux session running again. The benefit of this is that, in case my network connection breaks down, the next time I connect, I can continue my work on the remote server exactly where I left off. The session name is the name of the server being SSHed into. If a session like this already exists, it simply attaches to it.</span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre>tmux::remote () { - <b><u><font color="#000000">readonly</font></u></b> server=$1 - tmux new -s $server <font color="#808080">"ssh -t $server 'tmux attach-session || tmux'"</font> || \ - tmux attach-session -d -t $server -} -<b><u><font color="#000000">alias</font></u></b> tr=tmux::remote -</pre> -<br /> -<h3 style='display: inline' id='change-of-the-tmux-prefix-for-better-nesting'>Change of the Tmux prefix for better nesting</h3><br /> -<br /> -<span>To make nested Tmux sessions work smoothly, one must change the Tmux prefix key locally or remotely. By default, the Tmux prefix key is <span class='inlinecode'>Ctrl-b</span>, so <span class='inlinecode'>Ctrl-b $</span>, for example, renames the current session. To change the prefix key from the standard <span class='inlinecode'>Ctrl-b</span> to, for example, <span class='inlinecode'>Ctrl-g</span>, you must add this to the <span class='inlinecode'>tmux.conf</span>:</span><br /> -<br /> -<pre> -set-option -g prefix C-g -</pre> -<br /> -<span>This way, when I want to rename the remote Tmux session, I have to use <span class='inlinecode'>Ctrl-g $</span>, and when I want to rename the local Tmux session, I still have to use <span class='inlinecode'>Ctrl-b $</span>. In my case, I have this deployed to all remote servers through a configuration management system (out of scope for this blog post).</span><br /> -<br /> -<span>There might also be another way around this (without reconfiguring the prefix key), but that is cumbersome to use, as far as I remember. </span><br /> -<br /> -<h2 style='display: inline' id='the-ts-alias---searching-sessions-with-fuzzy-finder'>The <span class='inlinecode'>ts</span> alias - Searching sessions with fuzzy finder</h2><br /> -<br /> -<span>Despite the fact that with <span class='inlinecode'>tmux::cleanup_default</span>, I don't leave a huge mess with trillions of Tmux sessions flying around all the time, at times, it can become challenging to find exactly the session I am currently interested in. After a busy workday, I often end up with around twenty sessions on my laptop. This is where fuzzy searching for session names comes in handy, as I often don't remember the exact session names.</span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre>tmux::search () { - <b><u><font color="#000000">local</font></u></b> -r session=$(tmux list-sessions | fzf | cut -d: -f<font color="#000000">1</font>) - <b><u><font color="#000000">if</font></u></b> [ -z <font color="#808080">"$TMUX"</font> ]; <b><u><font color="#000000">then</font></u></b> - tmux attach-session -t $session - <b><u><font color="#000000">else</font></u></b> - tmux switch -t $session - <b><u><font color="#000000">fi</font></u></b> -} -<b><u><font color="#000000">alias</font></u></b> ts=tmux::search -</pre> -<br /> -<span>All it does is list all currently open sessions in <span class='inlinecode'>fzf</span>, where one of them can be searched and selected through fuzzy find, and then either switch (if already inside a session) to the other session or attach to the other session (if not yet in Tmux).</span><br /> -<br /> -<span>You must install the <span class='inlinecode'>fzf</span> command on your computer for this to work. This is how it looks like:</span><br /> -<br /> -<a href='./terminal-multiplexing-with-tmux/tmux-session-fzf.png'><img alt='Tmux session fuzzy finder' title='Tmux session fuzzy finder' src='./terminal-multiplexing-with-tmux/tmux-session-fzf.png' /></a><br /> -<br /> -<h2 style='display: inline' id='the-tssh-alias---cluster-ssh-replacement'>The <span class='inlinecode'>tssh</span> alias - Cluster SSH replacement</h2><br /> -<br /> -<span>Before I used Tmux, I was a heavy user of ClusterSSH, which allowed me to log in to multiple servers at once in a single terminal window and type and run commands on all of them in parallel.</span><br /> -<br /> -<a class='textlink' href='https://github.com/duncs/clusterssh'>https://github.com/duncs/clusterssh</a><br /> -<br /> -<span>However, since I started using Tmux, I retired ClusterSSH, as it came with the benefit that Tmux only needs to be run in the terminal, whereas ClusterSSH spawned terminal windows, which aren't easily portable (e.g., from a Linux desktop to macOS). The <span class='inlinecode'>tmux::cluster_ssh</span> function can have N arguments, where:</span><br /> -<br /> -<ul> -<li>...the first argument will be the session name (see <span class='inlinecode'>tmux::tssh_from_argument</span> helper function), and all remaining arguments will be server hostnames/FQDNs to connect to simultaneously.</li> -<li>...or, the first argument is a file name, and the file contains a list of hostnames/FQDNs (see <span class='inlinecode'>tmux::ssh_from_file</span> helper function)</li> -</ul><br /> -<span>This is the function definition behind the <span class='inlinecode'>tssh</span> alias:</span><br /> -<span> </span><br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre>tmux::cluster_ssh () { - <b><u><font color="#000000">if</font></u></b> [ -f <font color="#808080">"$1"</font> ]; <b><u><font color="#000000">then</font></u></b> - tmux::tssh_from_file $1 - <b><u><font color="#000000">return</font></u></b> - <b><u><font color="#000000">fi</font></u></b> - - tmux::tssh_from_argument $@ -} -<b><u><font color="#000000">alias</font></u></b> tssh=tmux::cluster_ssh -</pre> -<br /> -<span>This function is just a wrapper around the more complex <span class='inlinecode'>tmux::tssh_from_file</span> and <span class='inlinecode'>tmux::tssh_from_argument</span> functions, as you have learned already. Most of the magic happens there.</span><br /> -<br /> -<h3 style='display: inline' id='the-tmuxtsshfromargument-helper'>The <span class='inlinecode'>tmux::tssh_from_argument</span> helper</h3><br /> -<br /> -<span>This is the most magic helper function we will cover in this post. It looks like this:</span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre>tmux::tssh_from_argument () { - <b><u><font color="#000000">local</font></u></b> -r session=$1; <b><u><font color="#000000">shift</font></u></b> - <b><u><font color="#000000">local</font></u></b> first_server=$1; <b><u><font color="#000000">shift</font></u></b> - - tmux new-session -d -s $session <font color="#808080">"ssh -t $first_server"</font> - <b><u><font color="#000000">if</font></u></b> ! tmux list-session | grep <font color="#808080">"^$session:"</font>; <b><u><font color="#000000">then</font></u></b> - echo <font color="#808080">"Could not create session $session"</font> - <b><u><font color="#000000">return</font></u></b> <font color="#000000">2</font> - <b><u><font color="#000000">fi</font></u></b> - - <b><u><font color="#000000">for</font></u></b> server <b><u><font color="#000000">in</font></u></b> <font color="#808080">"${@[@]}"</font>; <b><u><font color="#000000">do</font></u></b> - tmux split-window -t $session <font color="#808080">"tmux select-layout tiled; ssh -t $server"</font> - <b><u><font color="#000000">done</font></u></b> - - tmux setw -t $session synchronize-panes on - tmux -<font color="#000000">2</font> attach-session -t $session | tmux -<font color="#000000">2</font> switch-client -t $session -} -</pre> -<br /> -<span>It expects at least two arguments. The first argument is the session name to create for the clustered SSH session. All other arguments are server hostnames or FQDNs to which to connect. The first one is used to make the initial session. All remaining ones are added to that session with <span class='inlinecode'>tmux split-window -t $session...</span>. At the end, we enable synchronized panes by default, so whenever you type, the commands will be sent to every SSH connection, thus allowing the neat ClusterSSH feature to run commands on multiple servers simultaneously. Once done, we attach (or switch, if already in Tmux) to it.</span><br /> -<br /> -<span>Sometimes, I don't want the synchronized panes behavior and want to switch it off temporarily. I can do that with <span class='inlinecode'>prefix-key p</span> and <span class='inlinecode'>prefix-key P</span> after adding the following to my local <span class='inlinecode'>tmux.conf</span>:</span><br /> -<br /> -<pre> -bind-key p setw synchronize-panes off -bind-key P setw synchronize-panes on -</pre> -<br /> -<h3 style='display: inline' id='the-tmuxtsshfromfile-helper'>The <span class='inlinecode'>tmux::tssh_from_file</span> helper</h3><br /> -<br /> -<span>This one sets the session name to the file name and then reads a list of servers from that file, passing the list of servers to <span class='inlinecode'>tmux::tssh_from_argument</span> as the arguments. So, this is a neat little wrapper that also enables me to open clustered SSH sessions from an input file.</span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre>tmux::tssh_from_file () { - <b><u><font color="#000000">local</font></u></b> -r serverlist=$1; <b><u><font color="#000000">shift</font></u></b> - <b><u><font color="#000000">local</font></u></b> -r session=$(basename $serverlist | cut -d. -f<font color="#000000">1</font>) - - tmux::tssh_from_argument $session $(awk <font color="#808080">'{ print $1} '</font> $serverlist | sed <font color="#808080">'s/.lan./.lan/g'</font>) -} -</pre> -<br /> -<h3 style='display: inline' id='tssh-examples'><span class='inlinecode'>tssh</span> examples</h3><br /> -<br /> -<span>To open a new session named <span class='inlinecode'>fish</span> and log in to 4 remote hosts, run this command (Note that it is also possible to specify the remote user):</span><br /> -<br /> -<pre> -$ tssh fish blowfish.buetow.org fishfinger.buetow.org \ - fishbone.buetow.org user@octopus.buetow.org -</pre> -<br /> -<span>To open a new session named <span class='inlinecode'>manyservers</span>, put many servers (one FQDN per line) into a file called <span class='inlinecode'>manyservers.txt</span> and simply run:</span><br /> -<br /> -<pre> -$ tssh manyservers.txt -</pre> -<br /> -<h3 style='display: inline' id='common-tmux-commands-i-use-in-tssh'>Common Tmux commands I use in <span class='inlinecode'>tssh</span></h3><br /> -<br /> -<span>These are default Tmux commands that I make heavy use of in a <span class='inlinecode'>tssh</span> session:</span><br /> -<br /> -<ul> -<li>Press <span class='inlinecode'>prefix-key DIRECTION</span> to switch panes. DIRECTION is by default any of the arrow keys, but I also configured Vi keybindings.</li> -<li>Press <span class='inlinecode'>prefix-key <space></span> to change the pane layout (can be pressed multiple times to cycle through them).</li> -<li>Press <span class='inlinecode'>prefix-key z</span> to zoom in and out of the current active pane.</li> -</ul><br /> -<h2 style='display: inline' id='copy-and-paste-workflow'>Copy and paste workflow</h2><br /> -<br /> -<span>As you will see later in this blog post, I have configured a history limit of 1 million items in Tmux so that I can scroll back quite far. One main workflow of mine is to search for text in the Tmux history, select and copy it, and then switch to another window or session and paste it there (e.g., into my text editor to do something with it).</span><br /> -<br /> -<span>This works by pressing <span class='inlinecode'>prefix-key [</span> to enter Tmux copy mode. From there, I can browse the Tmux history of the current window using either the arrow keys or vi-like navigation (see vi configuration later in this blog post) and the Pg-Dn and Pg-Up keys.</span><br /> -<br /> -<span>I often search the history backwards with <span class='inlinecode'>prefix-key [</span> followed by a <span class='inlinecode'>?</span>, which opens the Tmux history search prompt.</span><br /> -<br /> -<span>Once I have identified the terminal text to be copied, I enter visual select mode with <span class='inlinecode'>v</span>, highlight all the text to be copied (using arrow keys or Vi motions), and press <span class='inlinecode'>y</span> to yank it (sorry if this all sounds a bit complicated, but Vim/NeoVim users will know this, as it is pretty much how you do it there as well).</span><br /> -<br /> -<span>For <span class='inlinecode'>v</span> and <span class='inlinecode'>y</span> to work, the following has to be added to the Tmux configuration file: </span><br /> -<br /> -<pre> -bind-key -T copy-mode-vi 'v' send -X begin-selection -bind-key -T copy-mode-vi 'y' send -X copy-selection-and-cancel -</pre> -<br /> -<span>Once the text is yanked, I switch to another Tmux window or session where, for example, a text editor is running and paste the yanked text from Tmux into the editor with <span class='inlinecode'>prefix-key ]</span>. Note that when pasting into a modal text editor like Vi or Helix, you would first need to enter insert mode before <span class='inlinecode'>prefix-key ]</span> would paste anything.</span><br /> -<br /> -<h2 style='display: inline' id='tmux-configurations'>Tmux configurations</h2><br /> -<br /> -<span>Some features I have configured directly in Tmux don't require an external shell alias to function correctly. Let's walk line by line through my local <span class='inlinecode'>~/.config/tmux/tmux.conf</span>:</span><br /> -<br /> -<pre> -source ~/.config/tmux/tmux.local.conf - -set-option -g allow-rename off -set-option -g history-limit 100000 -set-option -g status-bg '#444444' -set-option -g status-fg '#ffa500' -set-option -s escape-time 0 -</pre> -<br /> -<span>There's yet to be much magic happening here. I source a <span class='inlinecode'>tmux.local.conf</span>, which I sometimes use to override the default configuration that comes from the configuration management system. But it is mostly just an empty file, so it doesn't throw any errors on Tmux startup when I don't use it.</span><br /> -<br /> -<span>I work with many terminal outputs, which I also like to search within Tmux. So, I added a large enough <span class='inlinecode'>history-limit</span>, enabling me to search backwards in Tmux for any output up to a million lines of text.</span><br /> -<br /> -<span>Besides changing some colours (personal taste), I also set <span class='inlinecode'>escape-time</span> to <span class='inlinecode'>0</span>, which is just a workaround. Otherwise, my Helix text editor's <span class='inlinecode'>ESC</span> key would take ages to trigger within Tmux. I am trying to remember the gory details. You can leave it out; if everything works fine for you, leave it out.</span><br /> -<br /> -<span>The next lines in the configuration file are:</span><br /> -<br /> -<pre> -set-window-option -g mode-keys vi -bind-key -T copy-mode-vi 'v' send -X begin-selection -bind-key -T copy-mode-vi 'y' send -X copy-selection-and-cancel -</pre> -<br /> -<span>I navigate within Tmux using Vi keybindings, so the <span class='inlinecode'>mode-keys</span> is set to <span class='inlinecode'>vi</span>. I use the Helix modal text editor, which is close enough to Vi bindings for simple navigation to feel "native" to me. (By the way, I have been a long-time Vim and NeoVim user, but I eventually switched to Helix. It's off-topic here, but it may be worth another blog post once.)</span><br /> -<br /> -<span>The two <span class='inlinecode'>bind-key</span> commands make it so that I can use <span class='inlinecode'>v</span> and <span class='inlinecode'>y</span> in copy mode, which feels more Vi-like (as already discussed earlier in this post).</span><br /> -<br /> -<span>The next set of lines in the configuration file are:</span><br /> -<br /> -<pre> -bind-key h select-pane -L -bind-key j select-pane -D -bind-key k select-pane -U -bind-key l select-pane -R - -bind-key H resize-pane -L 5 -bind-key J resize-pane -D 5 -bind-key K resize-pane -U 5 -bind-key L resize-pane -R 5 -</pre> -<br /> -<span>These allow me to use <span class='inlinecode'>prefix-key h</span>, <span class='inlinecode'>prefix-key j</span>, <span class='inlinecode'>prefix-key k</span>, and <span class='inlinecode'>prefix-key l</span> for switching panes and <span class='inlinecode'>prefix-key H</span>, <span class='inlinecode'>prefix-key J</span>, <span class='inlinecode'>prefix-key K</span>, and <span class='inlinecode'>prefix-key L</span> for resizing the panes. If you don't know Vi/Vim/NeoVim, the letters <span class='inlinecode'>hjkl</span> are commonly used there for left, down, up, and right, which is also the same for Helix, by the way.</span><br /> -<br /> -<span>The next set of lines in the configuration file are:</span><br /> -<br /> -<pre> -bind-key c new-window -c '#{pane_current_path}' -bind-key F new-window -n "session-switcher" "tmux list-sessions | fzf | cut -d: -f1 | xargs tmux switch-client -t" -bind-key T choose-tree -</pre> -<br /> -<span>The first one is that any new window starts in the current directory. The second one is more interesting. I list all open sessions in the fuzzy finder. I rely heavily on this during my daily workflow to switch between various sessions depending on the task. E.g. from a remote cluster SSH session to a local code editor. </span><br /> -<br /> -<span>The third one, <span class='inlinecode'>choose-tree</span>, opens a tree view in Tmux listing all sessions and windows. This one is handy to get a better overview of what is currently running in any local Tmux session. It looks like this (it also allows me to press a hotkey to switch to a particular Tmux window):</span><br /> -<br /> -<a href='./terminal-multiplexing-with-tmux/tmux-tree-view.png'><img alt='Tmux sessiont tree view' title='Tmux sessiont tree view' src='./terminal-multiplexing-with-tmux/tmux-tree-view.png' /></a><br /> -<br /> -<br /> -<span>The last remaining lines in my configuration file are:</span><br /> -<span> </span><br /> -<pre> -bind-key p setw synchronize-panes off -bind-key P setw synchronize-panes on -bind-key r source-file ~/.config/tmux/tmux.conf \; display-message "tmux.conf reloaded" -</pre> -<br /> -<span>We discussed <span class='inlinecode'>synchronized panes</span> earlier. I use it all the time in clustered SSH sessions. When enabled, all panes (remote SSH sessions) receive the same keystrokes. This is very useful when you want to run the same commands on many servers at once, such as navigating to a common directory, restarting a couple of services at once, or running tools like <span class='inlinecode'>htop</span> to quickly monitor system resources.</span><br /> -<br /> -<span>The last one reloads my Tmux configuration on the fly.</span><br /> -<br /> -<span>E-Mail your comments to <span class='inlinecode'>paul@nospam.buetow.org</span> :-)</span><br /> -<br /> -<a class='textlink' href='../'>Back to the main site</a><br /> - </div> - </content> - </entry> - <entry> - <title>Projects I currently don't have time for</title> - <link href="gemini://foo.zone/gemfeed/2024-05-03-projects-i-currently-dont-have-time-for.gmi" /> - <id>gemini://foo.zone/gemfeed/2024-05-03-projects-i-currently-dont-have-time-for.gmi</id> - <updated>2024-05-03T16:23:03+03:00</updated> - <author> - <name>Paul Buetow aka snonux</name> - <email>paul@dev.buetow.org</email> - </author> - <summary>Over the years, I have collected many ideas for my personal projects and noted them down. I am currently in the process of cleaning up all my notes and reviewing those ideas. I don’t have time for the ones listed here and won’t have any soon due to other commitments and personal projects. So, in order to 'get rid of them' from my notes folder, I decided to simply put them in this blog post so that those ideas don't get lost. Maybe I will pick up one or another idea someday in the future, but for now, they are all put on ice in favor of other personal projects or family time.</summary> - <content type="xhtml"> - <div xmlns="http://www.w3.org/1999/xhtml"> - <h1 style='display: inline' id='projects-i-currently-don-t-have-time-for'>Projects I currently don't have time for</h1><br /> -<br /> -<span class='quote'>Published at 2024-05-03T16:23:03+03:00</span><br /> -<br /> -<span>Over the years, I have collected many ideas for my personal projects and noted them down. I am currently in the process of cleaning up all my notes and reviewing those ideas. I don’t have time for the ones listed here and won’t have any soon due to other commitments and personal projects. So, in order to "get rid of them" from my notes folder, I decided to simply put them in this blog post so that those ideas don't get lost. Maybe I will pick up one or another idea someday in the future, but for now, they are all put on ice in favor of other personal projects or family time.</span><br /> -<br /> -<pre> -Art by Laura Brown - -.'`~~~~~~~~~~~`'. -( .'11 12 1'. ) -| :10 \ 2: | -| :9 @-> 3: | -| :8 4; | -'. '..7 6 5..' .' - ~-------------~ ldb - -</pre> -<br /> -<h2 style='display: inline' id='table-of-contents'>Table of Contents</h2><br /> -<br /> -<ul> -<li><a href='#projects-i-currently-don-t-have-time-for'>Projects I currently don't have time for</a></li> -<li>⇢ <a href='#hardware-projects-i-don-t-have-time-for'>Hardware projects I don't have time for</a></li> -<li>⇢ ⇢ <a href='#i-use-arch-btw'>I use Arch, btw!</a></li> -<li>⇢ ⇢ <a href='#openbsd-home-router'>OpenBSD home router</a></li> -<li>⇢ ⇢ <a href='#pi-hole-server'>Pi-Hole server</a></li> -<li>⇢ ⇢ <a href='#infodash'>Infodash</a></li> -<li>⇢ ⇢ <a href='#reading-station'>Reading station</a></li> -<li>⇢ ⇢ <a href='#retro-station'>Retro station</a></li> -<li>⇢ ⇢ <a href='#sound-server'>Sound server</a></li> -<li>⇢ ⇢ <a href='#project-freekat'>Project Freekat</a></li> -<li>⇢ <a href='#programming-projects-i-don-t-have-time-for'>Programming projects I don't have time for</a></li> -<li>⇢ ⇢ <a href='#cli-hive'>CLI-HIVE</a></li> -<li>⇢ ⇢ <a href='#enhanced-kiss-home-photo-albums'>Enhanced KISS home photo albums</a></li> -<li>⇢ ⇢ <a href='#kiss-file-sync-server-with-end-to-end-encryption'>KISS file sync server with end-to-end encryption</a></li> -<li>⇢ ⇢ <a href='#a-language-that-compiles-to-bash'>A language that compiles to <span class='inlinecode'>bash</span></a></li> -<li>⇢ ⇢ <a href='#a-language-that-compiles-to-sed'>A language that compiles to <span class='inlinecode'>sed</span></a></li> -<li>⇢ ⇢ <a href='#renovate-vs-sim'>Renovate VS-Sim</a></li> -<li>⇢ ⇢ <a href='#kiss-ticketing-system'>KISS ticketing system</a></li> -<li>⇢ ⇢ <a href='#a-domain-specific-language-dsl-for-work'>A domain-specific language (DSL) for work</a></li> -<li>⇢ <a href='#self-hosting-projects-i-don-t-have-time-for'>Self-hosting projects I don't have time for</a></li> -<li>⇢ ⇢ <a href='#my-own-matrix-server'>My own Matrix server</a></li> -<li>⇢ ⇢ <a href='#ampache-music-server'>Ampache music server</a></li> -<li>⇢ ⇢ <a href='#librum-ebook-reader'>Librum eBook reader</a></li> -<li>⇢ ⇢ <a href='#memos---note-taking-service'>Memos - Note-taking service</a></li> -<li>⇢ ⇢ <a href='#bepasty-server'>Bepasty server</a></li> -<li>⇢ <a href='#books-i-don-t-have-time-to-read'>Books I don't have time to read</a></li> -<li>⇢ ⇢ <a href='#fluent-python'>Fluent Python</a></li> -<li>⇢ ⇢ <a href='#programming-ruby'>Programming Ruby</a></li> -<li>⇢ ⇢ <a href='#peter-f-hamilton-science-fiction-books'>Peter F. Hamilton science fiction books</a></li> -<li>⇢ <a href='#new-websites-i-don-t-have-time-for'>New websites I don't have time for</a></li> -<li>⇢ ⇢ <a href='#create-a-why-raku-rox-site'>Create a "Why Raku Rox" site</a></li> -<li>⇢ <a href='#research-projects-i-don-t-have-time-for'>Research projects I don't have time for</a></li> -<li>⇢ ⇢ <a href='#project-secure'>Project secure</a></li> -<li>⇢ ⇢ <a href='#cpu-utilisation-is-all-wrong'>CPU utilisation is all wrong</a></li> -</ul><br /> -<h2 style='display: inline' id='hardware-projects-i-don-t-have-time-for'>Hardware projects I don't have time for</h2><br /> -<br /> -<h3 style='display: inline' id='i-use-arch-btw'>I use Arch, btw!</h3><br /> -<br /> -<span>The idea was to build the ultimate Arch Linux setup on an old ThinkPad X200 booting with the open-source LibreBoot firmware, complete with a tiling window manager, dmenu, and all the elite tools. This is mainly for fun, as I am pretty happy (and productive) with my Fedora Linux setup. I ran EndeavourOS (close enough to Arch) on an old ThinkPad for a while, but then I switched back to Fedora because the rolling releases were annoying (there were too many updates).</span><br /> -<br /> -<h3 style='display: inline' id='openbsd-home-router'>OpenBSD home router</h3><br /> -<br /> -<span>In my student days, I operated a 486DX PC with OpenBSD as my home DSL internet router. I bought the setup from my brother back then. The router's hostname was <span class='inlinecode'>fishbone</span>, and it performed very well until it became too slow for larger broadband bandwidth after a few years of use.</span><br /> -<br /> -<span>I had the idea to revive this concept, implement <span class='inlinecode'>fishbone2</span>, and place it in front of my proprietary ISP router to add an extra layer of security and control in my home LAN. It would serve as the default gateway for all of my devices, including a Wi-Fi access point, would run a DNS server, Pi-hole proxy, VPN client, and DynDNS client. I would also implement high availability using OpenBSD's CARP protocol.</span><br /> -<br /> -<a class='textlink' href='https://openbsdrouterguide.net'>https://openbsdrouterguide.net</a><br /> -<a class='textlink' href='https://pi-hole.net/'>https://pi-hole.net/</a><br /> -<a class='textlink' href='https://www.OpenBSD.org'>https://www.OpenBSD.org</a><br /> -<a class='textlink' href='https://www.OpenBSD.org/faq/pf/carp.html'>https://www.OpenBSD.org/faq/pf/carp.html</a><br /> -<br /> -<span>However, I am putting this on hold as I have opted for an OpenWRT-based solution, which was much quicker to set up and runs well enough.</span><br /> -<br /> -<a class='textlink' href='https://OpenWRT.org/'>https://OpenWRT.org/</a><br /> -<br /> -<h3 style='display: inline' id='pi-hole-server'>Pi-Hole server</h3><br /> -<br /> -<span>Install Pi-hole on one of my Pis or run it in a container on Freekat. For now, I am putting this on hold as the primary use for this would be ad-blocking, and I am avoiding surfing ad-heavy sites anyway. So there's no significant use for me personally at the moment.</span><br /> -<br /> -<a class='textlink' href='https://pi-hole.net/'>https://pi-hole.net/</a><br /> -<br /> -<h3 style='display: inline' id='infodash'>Infodash</h3><br /> -<br /> -<span>The idea was to implement my smart info screen using purely open-source software. It would display information such as the health status of my personal infrastructure, my current work tracker balance (I track how much I work to prevent overworking), and my sports balance (I track my workouts to stay within my quotas for general health). The information would be displayed on a small screen in my home office, on my Pine watch, or remotely from any terminal window.</span><br /> -<br /> -<span>I don't have this, and I haven't missed having it, so I guess it would have been nice to have it but not provide any value other than the "fun of tinkering."</span><br /> -<br /> -<h3 style='display: inline' id='reading-station'>Reading station</h3><br /> -<br /> -<span>I wanted to create the most comfortable setup possible for reading digital notes, articles, and books. This would include a comfy armchair, a silent barebone PC or Raspberry Pi computer running either Linux or *BSD, and an e-Ink display mounted on a flexible arm/stand. There would also be a small table for my paper journal for occasional note-taking. There are a bunch of open-source software available for PDF and ePub reading. It would have been neat, but I am currently using the most straightforward solution: a Kobo Elipsa 2E, which I can use on my sofa.</span><br /> -<br /> -<h3 style='display: inline' id='retro-station'>Retro station</h3><br /> -<br /> -<span>I had an idea to build a computer infused with retro elements. It wouldn't use actual retro hardware but would look and feel like a retro machine. I would call this machine HAL or Retron.</span><br /> -<br /> -<span>I would use an old ThinkPad laptop placed on a horizontal stand, running NetBSD, and attaching a keyboard from ModelFkeyboards. I use WindowMaker as a window manager and run terminal applications through Retro Term. For the monitor, I would use an older (black) EIZO model with large bezels.</span><br /> -<br /> -<a class='textlink' href='https://www.NetBSD.org'>https://www.NetBSD.org</a><br /> -<a class='textlink' href='https://www.modelfkeyboards.com'>https://www.modelfkeyboards.com</a><br /> -<a class='textlink' href='https://github.com/Swordfish90/cool-retro-term)'>https://github.com/Swordfish90/cool-retro-term)</a><br /> -<br /> -<span>The computer would occasionally be used to surf the Gemini space, take notes, blog, or do light coding. However, I have abandoned the project for now because there isn't enough space in my apartment, as my daughter will have a room for herself.</span><br /> -<br /> -<h3 style='display: inline' id='sound-server'>Sound server</h3><br /> -<br /> -<span>My idea involved using a barebone mini PC running FreeBSD with the Navidrome sound server software. I could remotely connect to it from my phone, workstation/laptop to listen to my music collection. The storage would be based on ZFS with at least two drives for redundancy. The app would run in a Linux Docker container under FreeBSD via Bhyve.</span><br /> -<br /> -<a class='textlink' href='https://github.com/navidrome/navidrome'>https://github.com/navidrome/navidrome</a><br /> -<a class='textlink' href='https://wiki.freebsd.org/bhyve'>https://wiki.freebsd.org/bhyve</a><br /> -<br /> -<h3 style='display: inline' id='project-freekat'>Project Freekat</h3><br /> -<br /> -<span>My idea involved purchasing the Meerkat mini PC from System76 and installing FreeBSD. Like the sound-server idea (see previous idea), it would run Linux Docker through Bhyve. I would self-host a bunch of applications on it:</span><br /> -<br /> -<ul> -<li>Wallabag</li> -<li>Ankidroid</li> -<li>Miniflux & Postgres</li> -<li>Audiobookshelf</li> -<li>...</li> -</ul><br /> -<span>All of this would be within my LAN, but the services would also be accessible from the internet through either Wireguard or SSH reverse tunnels to one of my OpenBSD VMs, for example:</span><br /> -<br /> -<ul> -<li><span class='inlinecode'>wallabag.awesome.buetow.org</span></li> -<li><span class='inlinecode'>ankidroid.awesome.buetow.org</span></li> -<li><span class='inlinecode'>miniflux.awesome.buetow.org</span></li> -<li><span class='inlinecode'>audiobookshelf.awesome.buetow.org</span></li> -<li>...</li> -</ul><br /> -<span>I am abandoning this project for now, as I am currently hosting my apps on AWS ECS Fargate under <span class='inlinecode'>*.cool.buetow.org</span>, which is "good enough" for the time being and also offers the benefit of learning to use AWS and Terraform, knowledge that can be applied at work.</span><br /> -<br /> -<a class='textlink' href='./2024-02-04-from-babylon5.buetow.org-to-.cloud.html'>My personal AWS setup</a><br /> -<br /> -<h2 style='display: inline' id='programming-projects-i-don-t-have-time-for'>Programming projects I don't have time for</h2><br /> -<br /> -<h3 style='display: inline' id='cli-hive'>CLI-HIVE</h3><br /> -<br /> -<span>This was a pet project idea that my brother and I had. The concept was to collect all shell history of all servers at work in a central place, apply ML/AI, and return suggestions for commands to type or allow a fuzzy search on all the commands in the history. The recommendations for the commands on a server could be context-based (e.g., past occurrences on the same server type). </span><br /> -<br /> -<span>You could decide whether to share your command history with others so they would receive better suggestions depending on which server they are on, or you could keep all the history private and secure. The plan was to add hooks into zsh and bash shells so that all commands typed would be pushed to the central location for data mining.</span><br /> -<br /> -<h3 style='display: inline' id='enhanced-kiss-home-photo-albums'>Enhanced KISS home photo albums</h3><br /> -<br /> -<span>I don't use third-party cloud providers such as Google Photos to store/archive my photos. Instead, they are all on a ZFS volume on my home NAS, with regular offsite backups taken. Thus, my project would involve implementing the features I miss most or finding a solution simple enough to host on my LAN:</span><br /> -<br /> -<ul> -<li>A feature I miss presents me with a random day from the past and some photos from that day. This project would randomly select a day and generate a photo album for me to view and reminisce about memories.</li> -<li>Another feature I miss is the ability to automatically deduplicate all the photos, as I am sure there are tons of duplicates on my NAS.</li> -<li>Auto-enhancing the photos (perhaps using ImageMagick?)</li> -<li>I already have a simple <span class='inlinecode'>photoalbum.sh</span> script that generates an album based on an input directory. However, it would be great also to have a timeline feature to enable browsing through different dates.</li> -</ul><br /> -<a class='textlink' href='./2023-10-29-kiss-static-web-photo-albums-with-photoalbum.sh.html'>KISS static web photo albums with <span class='inlinecode'>photoalbum.sh</span></a><br /> -<br /> -<h3 style='display: inline' id='kiss-file-sync-server-with-end-to-end-encryption'>KISS file sync server with end-to-end encryption</h3><br /> -<br /> -<span>I aimed to have a simple server to which I could sync notes and other documents, ensuring that the data is fully end-to-end encrypted. This way, only the clients could decrypt the data, while an encrypted copy of all the data would be stored on the server side. There are a few solutions (e.g., NextCloud), but they are bloated or complex to set up. </span><br /> -<br /> -<span>I currently use Syncthing for encrypted file sync across all my devices; however, the data is not end-to-end encrypted. It's a good-enough setup, though, as my Syncthing server is in my home LAN on an encrypted file system.</span><br /> -<br /> -<a class='textlink' href='https://syncthing.net'>https://syncthing.net</a><br /> -<br /> -<span>I also had the idea of using this as a pet project for work and naming it <span class='inlinecode'>Cryptolake</span>, utilizing post-quantum-safe encryption algorithms and a distributed data store.</span><br /> -<br /> -<h3 style='display: inline' id='a-language-that-compiles-to-bash'>A language that compiles to <span class='inlinecode'>bash</span></h3><br /> -<br /> -<span>I had an idea to implement a higher-level language with strong typing that could be compiled into native Bash code. This would make all resulting Bash scripts more robust and secure by default. The project would involve developing a parser, lexer, and a Bash code generator. I planned to implement this in Go.</span><br /> -<br /> -<span>I had previously implemented a tiny scripting language called Fype (For Your Program Execution), which could have served as inspiration.</span><br /> -<br /> -<a class='textlink' href='./2010-05-09-the-fype-programming-language.html'>The Fype Programming Language</a><br /> -<br /> -<h3 style='display: inline' id='a-language-that-compiles-to-sed'>A language that compiles to <span class='inlinecode'>sed</span></h3><br /> -<br /> -<span>This is similar to the previous idea, but the difference is that the language would compile into a sed script. Sed has many features, but the brief syntax makes scripts challenging to read. The higher-level language would mimic sed but in a form that is easier for humans to read.</span><br /> -<br /> -<h3 style='display: inline' id='renovate-vs-sim'>Renovate VS-Sim</h3><br /> -<br /> -<span>VS-Sim is an open-source simulator programmed in Java for distributed systems. VS-Sim stands for "Verteilte Systeme Simulator," the German translation for "Distributed Systems Simulator." The VS-Sim project was my diploma thesis at Aachen University of Applied Sciences.</span><br /> -<br /> -<a class='textlink' href='https://codeberg.org/snonux/vs-sim'>https://codeberg.org/snonux/vs-sim</a><br /> -<br /> -<span>The ideas I had was:</span><br /> -<br /> -<ul> -<li>Translate the project into English.</li> -<li>Modernise the Java codebase to be compatible with the latest JDK.</li> -<li>Make it compile to native binaries using GraalVM.</li> -<li>Distribute the project using AppImages.</li> -</ul><br /> -<span>I have put this project on hold for now, as I want to do more things in Go and fewer in Java in my personal time.</span><br /> -<br /> -<h3 style='display: inline' id='kiss-ticketing-system'>KISS ticketing system</h3><br /> -<br /> -<span>My idea was to program a KISS (Keep It Simple, Stupid) ticketing system for my personal use. However, I am abandoning this project because I now use the excellent Taskwarrior software. You can learn more about it at:</span><br /> -<br /> -<a class='textlink' href='https://taskwarrior.org/'>https://taskwarrior.org/</a><br /> -<br /> -<h3 style='display: inline' id='a-domain-specific-language-dsl-for-work'>A domain-specific language (DSL) for work</h3><br /> -<br /> -<span>At work, an internal service allocates storage space for our customers on our storage clusters. It automates many tasks, but many tweaks are accessible through APIs. I had the idea to implement a Ruby-based DSL that would make using all those APIs for ad-hoc changes effortless, e.g.:</span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre>Cluster :UK, :uk01 <b><u><font color="#000000">do</font></u></b> - Customer.C1A1.segments.volumes.each <b><u><font color="#000000">do</font></u></b> |volume| - puts volume.usage_stats - volume.move_off! <b><u><font color="#000000">if</font></u></b> volume.over_subscribed? - <b><u><font color="#000000">end</font></u></b> -<b><u><font color="#000000">end</font></u></b> -</pre> -<br /> -<span>I am abandoning this project because my workplace has stopped the annual pet project competition, and I have other more important projects to work on at the moment.</span><br /> -<br /> -<a class='textlink' href='./2022-04-10-creative-universe.html'>Creative universe (Work pet project contests)</a><br /> -<br /> -<h2 style='display: inline' id='self-hosting-projects-i-don-t-have-time-for'>Self-hosting projects I don't have time for</h2><br /> -<br /> -<h3 style='display: inline' id='my-own-matrix-server'>My own Matrix server</h3><br /> -<br /> -<span>I value privacy. It would be great to run my own Matrix server for communication within my family. I have yet to have time to look into this more closely.</span><br /> -<br /> -<a class='textlink' href='https://matrix.org'>https://matrix.org</a><br /> -<br /> -<h3 style='display: inline' id='ampache-music-server'>Ampache music server</h3><br /> -<br /> -<span>Ampache is an open-source music streaming server that allows you to host and manage your music collection online, accessible via a web interface. Setting it up involves configuring a web server, installing Ampache, and organising your music files, which can be time-consuming. </span><br /> -<br /> -<h3 style='display: inline' id='librum-ebook-reader'>Librum eBook reader</h3><br /> -<br /> -<span>Librum is a self-hostable e-book reader that allows users to manage and read their e-book collection from a web interface. Designed to be a self-contained platform where users can upload, organise, and access their e-books, Librum emphasises privacy and control over one's digital library.</span><br /> -<br /> -<a class='textlink' href='https://github.com/Librum-Reader/Librum'>https://github.com/Librum-Reader/Librum</a><br /> -<br /> -<span>I am using my Kobo devices or my laptop to read these kinds of things for now.</span><br /> -<br /> -<h3 style='display: inline' id='memos---note-taking-service'>Memos - Note-taking service</h3><br /> -<br /> -<span>Memos is a note-taking service that simplifies and streamlines information capture and organisation. It focuses on providing users with a minimalistic and intuitive interface, aiming to enhance productivity without the clutter commonly associated with more complex note-taking apps.</span><br /> -<br /> -<a class='textlink' href='https://www.usememos.com'>https://www.usememos.com</a><br /> -<br /> -<span>I am abandoning this idea for now, as I am currently using plain Markdown files for notes and syncing them with Syncthing across my devices.</span><br /> -<br /> -<h3 style='display: inline' id='bepasty-server'>Bepasty server</h3><br /> -<br /> -<span>Bepasty is like a Pastebin for all kinds of files (text, image, audio, video, documents, binary, etc.). It seems very neat, but I only share a little nowadays. When I do, I upload files via SCP to one of my OpenBSD VMs and serve them via vanilla httpd there, keeping it KISS.</span><br /> -<br /> -<a class='textlink' href='https://github.com/bepasty/bepasty-server'>https://github.com/bepasty/bepasty-server</a><br /> -<br /> -<h2 style='display: inline' id='books-i-don-t-have-time-to-read'>Books I don't have time to read</h2><br /> -<br /> -<h3 style='display: inline' id='fluent-python'>Fluent Python</h3><br /> -<br /> -<span>I consider myself an advanced programmer in Ruby, Bash, and Perl. However, Python seems to be ubiquitous nowadays, and most of my colleagues prefer Python over any other languages. Thus, it makes sense for me to also learn and use Python. After conducting some research, "Fluent Python" appears to be the best book for this purpose.</span><br /> -<br /> -<span>I don't have time to read this book at the moment, as I am focusing more on Go (Golang) and I know just enough Python to get by (e.g., for code reviews). Additionally, there are still enough colleagues around who can review my Ruby or Bash code.</span><br /> -<br /> -<h3 style='display: inline' id='programming-ruby'>Programming Ruby</h3><br /> -<br /> -<span>I've read a couple of Ruby books already, but "Programming Ruby," which covers up to Ruby 3.2, was just recently released. I would like to read this to deepen my Ruby knowledge further and to revisit some concepts that I may have forgotten.</span><br /> -<br /> -<span>As stated in this blog post, I am currently more eager to focus on Go, so I've put the Ruby book on hold. Additionally, there wouldn't be enough colleagues who could "understand" my advanced Ruby skills anyway, as most of them are either Java developers or SREs who don't code a lot.</span><br /> -<br /> -<h3 style='display: inline' id='peter-f-hamilton-science-fiction-books'>Peter F. Hamilton science fiction books</h3><br /> -<br /> -<span>I am a big fan of science fiction, but my reading list is currently too long anyway. So, I've put the Hamilton books on the back burner for now. You can see all the novels I've read here:</span><br /> -<br /> -<a class='textlink' href='https://paul.buetow.org/novels.html'>https://paul.buetow.org/novels.html</a><br /> -<a class='textlink' href='gemini://paul.buetow.org/novels.gmi'>gemini://paul.buetow.org/novels.gmi</a><br /> -<br /> -<br /> -<h2 style='display: inline' id='new-websites-i-don-t-have-time-for'>New websites I don't have time for</h2><br /> -<br /> -<h3 style='display: inline' id='create-a-why-raku-rox-site'>Create a "Why Raku Rox" site</h3><br /> -<br /> -<span>The website "Why Raku Rox" would showcase the unique features and benefits of the Raku programming language and highlight why it is an exceptional choice for developers. Raku, originally known as Perl 6, is a dynamic, expressive language designed for flexible and powerful software development.</span><br /> -<br /> -<span>This would be similar to the "Why OpenBSD rocks" site:</span><br /> -<br /> -<a class='textlink' href='https://why-openbsd.rocks'>https://why-openbsd.rocks</a><br /> -<a class='textlink' href='https://raku.org'>https://raku.org</a><br /> -<br /> -<span>I am not working on this for now, as I currently don’t even have time to program in Raku.</span><br /> -<br /> -<h2 style='display: inline' id='research-projects-i-don-t-have-time-for'>Research projects I don't have time for</h2><br /> -<br /> -<h3 style='display: inline' id='project-secure'>Project secure</h3><br /> -<br /> -<span>For work: Implement a PoC that dumps Java heaps to extract secrets from memory. Based on the findings, write a Java program that encrypts secrets in the kernel using the <span class='inlinecode'>memfd_secret()</span> syscall to make it even more secure.</span><br /> -<br /> -<a class='textlink' href='https://lwn.net/Articles/865256/'>https://lwn.net/Articles/865256/</a><br /> -<br /> -<span>Due to other priorities, I am putting this on hold for now. The software we have built is pretty damn secure already!</span><br /> -<br /> -<h3 style='display: inline' id='cpu-utilisation-is-all-wrong'>CPU utilisation is all wrong</h3><br /> -<br /> -<span>This research project, based on Brendan Gregg's blog post, could potentially significantly impact my work.</span><br /> -<br /> -<a class='textlink' href='https://brendangregg.com/blog/2017-05-09/cpu-utilization-is-wrong.html'>https://brendangregg.com/blog/2017-05-09/cpu-utilization-is-wrong.html</a><br /> -<br /> -<span>The research project would involve setting up dashboards that display actual CPU usage and the cycles versus waiting time for memory access.</span><br /> -<br /> -<span>E-Mail your comments to <span class='inlinecode'>paul@nospam.buetow.org</span> :-)</span><br /> -<br /> -<span>Related and maybe interesting:</span><br /> -<br /> -<a class='textlink' href='./2022-06-15-sweating-the-small-stuff.html'>Sweating the small stuff - Tiny projects of mine</a><br /> -<br /> -<a class='textlink' href='../'>Back to the main site</a><br /> - </div> - </content> - </entry> - <entry> - <title>'Slow Productivity' book notes</title> - <link href="gemini://foo.zone/gemfeed/2024-05-01-slow-productivity-book-notes.gmi" /> - <id>gemini://foo.zone/gemfeed/2024-05-01-slow-productivity-book-notes.gmi</id> - <updated>2024-04-27T14:18:51+03:00</updated> - <author> - <name>Paul Buetow aka snonux</name> - <email>paul@dev.buetow.org</email> - </author> - <summary>These are my personal takeaways after reading 'Slow Productivity - The lost Art of Accomplishment Without Burnout' by Cal Newport.</summary> - <content type="xhtml"> - <div xmlns="http://www.w3.org/1999/xhtml"> - <h1 style='display: inline' id='slow-productivity-book-notes'>"Slow Productivity" book notes</h1><br /> -<br /> -<span class='quote'>Published at 2024-04-27T14:18:51+03:00</span><br /> -<br /> -<span>These are my personal takeaways after reading "Slow Productivity - The lost Art of Accomplishment Without Burnout" by Cal Newport.</span><br /> -<br /> -<span>The case studies in this book were a bit long, but they appeared to be well-researched. I will only highlight the interesting, actionable items in the book notes.</span><br /> -<br /> -<span>These notes are mainly for my own use, but you may find them helpful.</span><br /> -<br /> -<pre> - ,.......... .........., - ,..,' '.' ',.., - ,' ,' : ', ', - ,' ,' : ', ', - ,' ,' : ', ', - ,' ,'............., : ,.............', ', -,' '............ '.' ............' ', - '''''''''''''''''';''';'''''''''''''''''' - ''' -</pre> -<br /> -<h2 style='display: inline' id='table-of-contents'>Table of Contents</h2><br /> -<br /> -<ul> -<li><a href='#slow-productivity-book-notes'>"Slow Productivity" book notes</a></li> -<li>⇢ <a href='#it-s-not-slow-productivity'>It's not "slow productivity"</a></li> -<li>⇢ <a href='#pseudo-productivity-and-shallow-work'>Pseudo-productivity and Shallow work</a></li> -<li>⇢ <a href='#accomplishments-without-burnout'>Accomplishments without burnout</a></li> -<li>⇢ <a href='#do-fewer-things'>Do fewer things</a></li> -<li>⇢ <a href='#work-at-a-natural-pace'>Work at a natural pace</a></li> -<li>⇢ <a href='#obsess-over-quality-'>Obsess over quality </a></li> -</ul><br /> -<h2 style='display: inline' id='it-s-not-slow-productivity'>It's not "slow productivity"</h2><br /> -<br /> -<span>"Slow productivity" does not mean being less productive. Cal Newport wants to point out that you can be much more productive with "slow productivity" than you would be without it. It is a different way of working than most of us are used to in the modern workplace, which is hyper-connected and always online.</span><br /> -<br /> -<h2 style='display: inline' id='pseudo-productivity-and-shallow-work'>Pseudo-productivity and Shallow work</h2><br /> -<br /> -<span>People use visible activity instead of real productivity because it's easier to measure. This is called pseudo-productivity.</span><br /> -<span>Pseudo-productivity is used as a proxy for real productivity. If you don't look busy, you are dismissed as lazy or lacking a work ethic.</span><br /> -<br /> -<span>There is a tendency to perform shallow work because people will otherwise dismiss you as lazy. A lot of shallow work can cause burnout, as multiple things are often being worked on in parallel. The more you have on your plate, the more stressed you will be.</span><br /> -<br /> -<span>Shallow work usually doesn't help you to accomplish big things. Always have the big picture in mind. Shallow work can't be entirely eliminated, but it can be managed—for example, plan dedicated time slots for certain types of shallow work.</span><br /> -<br /> -<h2 style='display: inline' id='accomplishments-without-burnout'>Accomplishments without burnout</h2><br /> -<br /> -<span>The overall perception is that if you want to accomplish something, you must put yourself on the verge of burnout. Cal Newport writes about "The lost Art of Accomplishments without Burnouts", where you can accomplish big things without all the stress usually involved.</span><br /> -<br /> -<span>There are three principles for the maintenance of a sustainable work life:</span><br /> -<br /> -<ul> -<li>Do fewer things</li> -<li>Work at a natural pace</li> -<li>Obsess over quality</li> -</ul><br /> -<h2 style='display: inline' id='do-fewer-things'>Do fewer things</h2><br /> -<br /> -<span>There will always be more work. The faster you finish it, the quicker you will have something new on your plate.</span><br /> -<br /> -<span>Reduce the overhead tax. The overhead tax is all the administrative work to be done. With every additional project, there will also be more administrative stuff to be done on your work plate. So, doing fewer things leads to more and better output and better quality for the projects you are working on.</span><br /> -<br /> -<span>Limit the things on your plate. Limit your missions (personal goals, professional goals). Reduce your main objectives in life. More than five missions are usually not sustainable very easily, so you have to really prioritise what is important to you and your professional life.</span><br /> -<br /> -<span>A mission is an overall objective/goal that can have multiple projects. Limit the projects as well. Some projects need clear endings (e.g., work in support of a never-ending flow of incoming requests). In this case, set limits (e.g., time box your support hours). You can also plan "office hours" for collaborative work with colleagues to avoid ad hoc distractions.</span><br /> -<br /> -<span>The key point is that after making these commitments, you really deliver on them. This builds trust, and people will leave you alone and not ask for progress all the time.</span><br /> -<br /> -<span>Doing fever things is essential for modern knowledge workers. Breathing space in your work also makes you more creative and happier overall.</span><br /> -<br /> -<span>Pushing workers more work can make them less productive, so the better approach is the pull model, where workers pull in new work when the previous task is finished.</span><br /> -<br /> -<span>If you can quantify how busy you are or how many other projects you already work on, then it is easier to say no to new things. For example, show what you are doing, what's in the roadmap, etc. Transparency is the key here. </span><br /> -<br /> -<span>You can have your own simulated pull system if the company doesn't agree to a global one: </span><br /> -<br /> -<ul> -<li>State which additional information you would need.</li> -<li>Create a rough estimate of when you will be able to work on it</li> -<li>Estimate how long the project would take. Double that estimate, as humans are very bad estimators.</li> -<li>Respond to the requester and state that you will let him know when the estimates change.</li> -</ul><br /> -<span>Sometimes, a little friction is all that is needed to combat incoming work, e.g., when your manager starts seeing the reality of your work plate, and you also request additional information for the task. If you already have too much on your plate, then decline the new project or make room for it in your calendar. If you present a large task list, others will struggle to assign more to you.</span><br /> -<br /> -<span>Limit your daily goals. A good measure is to focus on one goal per day. You can time block time for deep work on your daily goal. During that time, you won't be easily available to others.</span><br /> -<br /> -<span>The battle against distractions must be fought to be the master of your time. Nobody will fight this war for you. You have to do it for yourself. (Also, have a look at Cal Newport's "time block planning" method).</span><br /> -<br /> -<span>Put tasks on autopilot (regular recurring tasks).</span><br /> -<br /> -<h2 style='display: inline' id='work-at-a-natural-pace'>Work at a natural pace</h2><br /> -<br /> -<span>We suffer from overambitious timelines, task lists, and business. Focus on what matters. Don't rush your most important work to achieve better results.</span><br /> -<br /> -<span>Don't rush. If you rush or are under pressure, you will be less effective and eventually burn out. Our brains work better then not rushy. The stress heuristic usually indicates too much work, and it is generally too late to reduce workload. That's why we all typically have dangerously too much to do.</span><br /> -<br /> -<span>Have the courage to take longer to do things that are important. For example, plan on a yearly and larger scale, like 2 to 5 years.</span><br /> -<br /> -<span>Find a reasonable time for a project and then double the project timeline against overconfident optimism. Humans are not great at estimating. They gravitate towards best-case estimates. If you have planned more than enough time for your project, then you will fall into a natural work pace. Otherwise, you will struggle with rushing and stress.</span><br /> -<br /> -<span>Some days will still be intense and stressful, but those are exceptional cases. After those exceptions (e.g., finalizing that thing, etc.), calmer periods will follow again.</span><br /> -<br /> -<span>Pace yourself over modest results over time. Simplify and reduce the daily task lists. Meetings: Certain hours are protected for work. For each meeting, add a protected block to your calendar, so you attend meetings only half a day max.</span><br /> -<br /> -<span>Schedule slow seasons (e.g., when on vacation). Disconnect in the slow season. Doing nothing will not satisfy your mind, though. You could read a book on your subject matter to counteract that.</span><br /> -<br /> -<h2 style='display: inline' id='obsess-over-quality-'>Obsess over quality </h2><br /> -<br /> -<span>Obsess over quality even if you lose short-term opportunities by rejecting other projects. Quality demands you slow down. The two previous two principles (do fewer things and work at a natural pace) are mandatory for this principle to work:</span><br /> -<br /> -<ul> -<li>Focus on the core activities of your work for your obsession - you will only have the time to obsess over some things.</li> -<li>Deliver solid work with good quality.</li> -<li>Sharpen the focus to do the best work possible.</li> -</ul><br /> -<span>Go pro to save time, and don't squeeze everything out that you can from freemium services. Professional software services eliminate administrative work:</span><br /> -<br /> -<ul> -<li>Pay people who know what they are doing and focus on your stuff. </li> -<li>For example, don't repair that car if you know the mechanic can do that much better than you. </li> -<li>Or don't use the free version of the music streaming service if it interrupts you with commercials, hindering your ability to concentrate on your work.</li> -<li>Hire an accountant for your yearly tax returns. He knows much more about that stuff than you do. And in the end, he will even be cheaper as he knows all the tax laws.</li> -<li>...</li> -</ul><br /> -<span>Adjust your workplace to what you want to accomplish. You could have dedicated places in your home for different things, e.g., a place where you read and think (armchair) and a place where you collaborate (your desk or whiteboard). Surround yourself with things that inspire you (e.g., your favourite books on your shelf next to you, etc.).</span><br /> -<br /> -<span>There is the concept of quiet quitting. It doesn't mean quitting your job, but it means that you don't go beyond and above the expectations people have of you. Quiet quitting became popular with modern work, which is often meaningless and full of shallow tasks. If you obsess over quality, you enjoy your craft and want to go beyond and above.</span><br /> -<br /> -<span>Implement rituals and routines which shift you towards your goals:</span><br /> -<br /> -<ul> -<li>For example, if you want to be a good Software Engineer, you also have to put in the work regularly. For instance, progress a bit every day in your project at hand, even if it is only one hour daily. Also, a little quality daily work will be more satisfying over time than many shallow tasks.</li> -<li>Do you want to be lean and/or healthy? Schedule your daily walks and workouts. They will become habits over time.</li> -<li>There's the compounding effect where every small effort made every day will yield significant results in the long run</li> -</ul><br /> -<span>Deciding what not to do is as important as deciding what to do. </span><br /> -<br /> -<span>It appears to be money thrown out of the window, but you get a $50 expensive paper notebook (and also a good pen). Unconsciously, it will make you take notes more seriously. You will think about what to put into the notebooks more profoundly and have thought through the ideas more intensively. If you used very cheap notebooks, you would scribble a lot of rubbish and wouldn't even recognise your handwriting after a while anymore. So choosing a high-quality notebook will help you to take higher-quality notes, too.</span><br /> -<br /> -<span>Slow productivity is actionable and can be applied immediately.</span><br /> -<br /> -<span>E-Mail your comments to <span class='inlinecode'>paul@nospam.buetow.org</span> :-)</span><br /> -<br /> -<span>Other book notes of mine are:</span><br /> -<br /> -<a class='textlink' href='./2025-11-02-the-courage-to-be-disliked-book-notes.html'>2025-11-02 "The Courage To Be Disliked" book notes</a><br /> -<a class='textlink' href='./2025-06-07-a-monks-guide-to-happiness-book-notes.html'>2025-06-07 "A Monk's Guide to Happiness" book notes</a><br /> -<a class='textlink' href='./2025-04-19-when-book-notes.html'>2025-04-19 "When: The Scientific Secrets of Perfect Timing" book notes</a><br /> -<a class='textlink' href='./2024-10-24-staff-engineer-book-notes.html'>2024-10-24 "Staff Engineer" book notes</a><br /> -<a class='textlink' href='./2024-07-07-the-stoic-challenge-book-notes.html'>2024-07-07 "The Stoic Challenge" book notes</a><br /> -<a class='textlink' href='./2024-05-01-slow-productivity-book-notes.html'>2024-05-01 "Slow Productivity" book notes (You are currently reading this)</a><br /> -<a class='textlink' href='./2023-11-11-mind-management-book-notes.html'>2023-11-11 "Mind Management" book notes</a><br /> -<a class='textlink' href='./2023-07-17-career-guide-and-soft-skills-book-notes.html'>2023-07-17 "Software Developmers Career Guide and Soft Skills" book notes</a><br /> -<a class='textlink' href='./2023-05-06-the-obstacle-is-the-way-book-notes.html'>2023-05-06 "The Obstacle is the Way" book notes</a><br /> -<a class='textlink' href='./2023-04-01-never-split-the-difference-book-notes.html'>2023-04-01 "Never split the difference" book notes</a><br /> -<a class='textlink' href='./2023-03-16-the-pragmatic-programmer-book-notes.html'>2023-03-16 "The Pragmatic Programmer" book notes</a><br /> -<br /> -<a class='textlink' href='../'>Back to the main site</a><br /> - </div> - </content> - </entry> - <entry> - <title>KISS high-availability with OpenBSD</title> - <link href="gemini://foo.zone/gemfeed/2024-04-01-KISS-high-availability-with-OpenBSD.gmi" /> - <id>gemini://foo.zone/gemfeed/2024-04-01-KISS-high-availability-with-OpenBSD.gmi</id> - <updated>2024-03-30T22:12:56+02:00</updated> - <author> - <name>Paul Buetow aka snonux</name> - <email>paul@dev.buetow.org</email> - </author> - <summary>I have always wanted a highly available setup for my personal websites. I could have used off-the-shelf hosting solutions or hosted my sites in an AWS S3 bucket. I have used technologies like (in unsorted and slightly unrelated order) BGP, LVS/IPVS, ldirectord, Pacemaker, STONITH, scripted VIP failover via ARP, heartbeat, heartbeat2, Corosync, keepalived, DRBD, and commercial F5 Load Balancers for high availability at work. </summary> - <content type="xhtml"> - <div xmlns="http://www.w3.org/1999/xhtml"> - <h1 style='display: inline' id='kiss-high-availability-with-openbsd'>KISS high-availability with OpenBSD</h1><br /> -<br /> -<span class='quote'>Published at 2024-03-30T22:12:56+02:00</span><br /> -<br /> -<span>I have always wanted a highly available setup for my personal websites. I could have used off-the-shelf hosting solutions or hosted my sites in an AWS S3 bucket. I have used technologies like (in unsorted and slightly unrelated order) BGP, LVS/IPVS, ldirectord, Pacemaker, STONITH, scripted VIP failover via ARP, heartbeat, heartbeat2, Corosync, keepalived, DRBD, and commercial F5 Load Balancers for high availability at work. </span><br /> -<br /> -<span>But still, my personal sites were never highly available. All those technologies are great for professional use, but I was looking for something much more straightforward for my personal space - something as KISS (keep it simple and stupid) as possible.</span><br /> -<br /> -<span>It would be fine if my personal website wasn't highly available, but the geek in me wants it anyway.</span><br /> -<br /> -<span class='quote'>PS: ASCII-art below reflects an OpenBSD under-water world with all the tools available in the base system.</span><br /> -<br /> -<pre> -Art by Michael J. Penick (mod. by Paul B.) - ACME-sky - __________ - / nsd tower\ ( - /____________\ (\) awk-ward - |:_:_:_:_:_| )) plant - |_:_,--.:_:| dig-bubble (\// ) - |:_:|__|_:_| relayd-castle _ ) )) (( - _ |_ _ :_:| _ _ _ (_) (((( /)\` - | |_| |_| | _| | |_| |_| | o \\)) (( ( - \_:_:_:_:/|_|_|_|\:_:_:_:_/ . (( )))) - |_,-._:_:_:_:_:_:_:_.-,_| )) ((// - |:|_|:_:_:,---,:_:_:|_|:| ,-. )/ - |_:_:_:_,'puffy `,_:_:_:_| _ o ,;'))(( - |:_:_:_/ _ | _ \_:_:_:| (_O (( )) -_____|_:_:_| (o)-(o) |_:_:_|--'`-. ,--. ksh under-water (((\'/ - ', ;|:_:_:| -( .-. )- |:_:_:| ', ; `--._\ /,---.~ goat \`)) -. ` |_:_:_| \`-'/ |_:_:_|. ` . ` /()\.__( ) .,-----'`-\(( sed-root - ', ;|:_:_:| `-' |:_:_:| ', ; ', ; `--'| \ ', ; ', ; ',')).,-- -. ` MJP ` . ` . ` . ` . httpd-soil ` . . ` . ` . ` . ` . ` - ', ; ', ; ', ; ', ; ', ; ', ; ', ; ', ; ', ; ', ; ', ; ', ; ', ; ', ; - -</pre> -<br /> -<h2 style='display: inline' id='table-of-contents'>Table of Contents</h2><br /> -<br /> -<ul> -<li><a href='#kiss-high-availability-with-openbsd'>KISS high-availability with OpenBSD</a></li> -<li>⇢ <a href='#my-auto-failover-requirements'>My auto-failover requirements</a></li> -<li>⇢ <a href='#my-ha-solution'>My HA solution</a></li> -<li>⇢ ⇢ <a href='#only-openbsd-base-installation-required'>Only OpenBSD base installation required</a></li> -<li>⇢ ⇢ <a href='#fairly-cheap-and-geo-redundant'>Fairly cheap and geo-redundant</a></li> -<li>⇢ ⇢ <a href='#failover-time-and-split-brain'>Failover time and split-brain</a></li> -<li>⇢ ⇢ <a href='#failover-support-for-multiple-protocols'>Failover support for multiple protocols</a></li> -<li>⇢ ⇢ <a href='#let-s-encrypt-tls-certificates'>Let's encrypt TLS certificates</a></li> -<li>⇢ ⇢ <a href='#monitoring'>Monitoring</a></li> -<li>⇢ ⇢ <a href='#rex-automation'>Rex automation</a></li> -<li>⇢ <a href='#more-ha'>More HA</a></li> -</ul><br /> -<h2 style='display: inline' id='my-auto-failover-requirements'>My auto-failover requirements</h2><br /> -<br /> -<ul> -<li>Be OpenBSD-based (I prefer OpenBSD because of the cleanliness and good documentation) and rely on as few external packages as possible. </li> -<li>Don't rely on the hottest and newest tech (don't want to migrate everything to a new and fancier technology next month already!).</li> -<li>It should be reasonably cheap. I want to avoid paying a premium for floating IPs or fancy Elastic Load Balancers.</li> -<li>It should be geo-redundant. </li> -<li>It's fine if my sites aren't reachable for five or ten minutes every other month. Due to their static nature, I don't care if there's a split-brain scenario where some requests reach one server and other requests reach another server.</li> -<li>Failover should work for both HTTP/HTTPS and Gemini protocols. My self-hosted MTAs and DNS servers should also be highly available.</li> -<li>Let's Encrypt TLS certificates should always work (before and after a failover).</li> -<li>Have good monitoring in place so I know when a failover was performed and when something went wrong with the failover.</li> -<li>Don't configure everything manually. The configuration should be automated and reproducible.</li> -</ul><br /> -<h2 style='display: inline' id='my-ha-solution'>My HA solution</h2><br /> -<br /> -<h3 style='display: inline' id='only-openbsd-base-installation-required'>Only OpenBSD base installation required</h3><br /> -<br /> -<span>My HA solution for Web and Gemini is based on DNS (OpenBSD's <span class='inlinecode'>nsd</span>) and a simple shell script (OpenBSD's <span class='inlinecode'>ksh</span> and some little <span class='inlinecode'>sed</span> and <span class='inlinecode'>awk</span> and <span class='inlinecode'>grep</span>). All software used here is part of the OpenBSD base system and no external package needs to be installed - OpenBSD is a complete operating system.</span><br /> -<br /> -<a class='textlink' href='https://man.OpenBSD.org/nsd.8'>https://man.OpenBSD.org/nsd.8</a><br /> -<a class='textlink' href='https://man.OpenBSD.org/ksh'>https://man.OpenBSD.org/ksh</a><br /> -<a class='textlink' href='https://man.OpenBSD.org/awk'>https://man.OpenBSD.org/awk</a><br /> -<a class='textlink' href='https://man.OpenBSD.org/sed'>https://man.OpenBSD.org/sed</a><br /> -<a class='textlink' href='https://man.OpenBSD.org/dig'>https://man.OpenBSD.org/dig</a><br /> -<a class='textlink' href='https://man.OpenBSD.org/ftp'>https://man.OpenBSD.org/ftp</a><br /> -<a class='textlink' href='https://man.OpenBSD.org/cron'>https://man.OpenBSD.org/cron</a><br /> -<br /> -<span>I also used the <span class='inlinecode'>dig</span> (for DNS checks) and <span class='inlinecode'>ftp</span> (for HTTP/HTTPS checks) programs. </span><br /> -<br /> -<span>The DNS failover is performed automatically between the two OpenBSD VMs involved (my setup doesn't require any quorum for a failover, so there isn't a need for a 3rd VM). The <span class='inlinecode'>ksh</span> script, executed once per minute via CRON (on both VMs), performs a health check to determine whether the current master node is available. If the current master isn't available (no HTTP response as expected), a failover is performed to the standby VM: </span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre><i><font color="silver">#!/bin/ksh</font></i> - -ZONES_DIR=/var/nsd/zones/master/ -DEFAULT_MASTER=fishfinger.buetow.org -DEFAULT_STANDBY=blowfish.buetow.org - -determine_master_and_standby () { - <b><u><font color="#000000">local</font></u></b> master=$DEFAULT_MASTER - <b><u><font color="#000000">local</font></u></b> standby=$DEFAULT_STANDBY - - . - . - . - - <b><u><font color="#000000">local</font></u></b> -i health_ok=<font color="#000000">1</font> - <b><u><font color="#000000">if</font></u></b> ! ftp -<font color="#000000">4</font> -o - https://$master/index.txt | grep -q <font color="#808080">"Welcome to $master"</font>; <b><u><font color="#000000">then</font></u></b> - echo <font color="#808080">"https://$master/index.txt IPv4 health check failed"</font> - health_ok=<font color="#000000">0</font> - <b><u><font color="#000000">elif</font></u></b> ! ftp -<font color="#000000">6</font> -o - https://$master/index.txt | grep -q <font color="#808080">"Welcome to $master"</font>; <b><u><font color="#000000">then</font></u></b> - echo <font color="#808080">"https://$master/index.txt IPv6 health check failed"</font> - health_ok=<font color="#000000">0</font> - <b><u><font color="#000000">fi</font></u></b> - <b><u><font color="#000000">if</font></u></b> [ $health_ok -eq <font color="#000000">0</font> ]; <b><u><font color="#000000">then</font></u></b> - <b><u><font color="#000000">local</font></u></b> tmp=$master - master=$standby - standby=$tmp - <b><u><font color="#000000">fi</font></u></b> - - . - . - . -} -</pre> -<br /> -<span>The failover scripts looks for the <span class='inlinecode'> ; Enable failover</span> string in the DNS zone files and swaps the <span class='inlinecode'>A</span> and <span class='inlinecode'>AAAA</span> records of the DNS entries accordingly:</span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre>fishfinger$ grep failover /var/nsd/zones/master/foo.zone.zone - <font color="#000000">300</font> IN A <font color="#000000">46.23</font>.<font color="#000000">94.99</font> ; Enable failover - <font color="#000000">300</font> IN AAAA 2a03:<font color="#000000">6000</font>:6f67:<font color="#000000">624</font>::<font color="#000000">99</font> ; Enable failover -www <font color="#000000">300</font> IN A <font color="#000000">46.23</font>.<font color="#000000">94.99</font> ; Enable failover -www <font color="#000000">300</font> IN AAAA 2a03:<font color="#000000">6000</font>:6f67:<font color="#000000">624</font>::<font color="#000000">99</font> ; Enable failover -standby <font color="#000000">300</font> IN A <font color="#000000">23.88</font>.<font color="#000000">35.144</font> ; Enable failover -standby <font color="#000000">300</font> IN AAAA 2a01:4f8:c17:20f1::<font color="#000000">42</font> ; Enable failover -</pre> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre>transform () { - sed -E <font color="#808080">'</font> -<font color="#808080"> /IN A .*; Enable failover/ {</font> -<font color="#808080"> /^standby/! {</font> -<font color="#808080"> s/^(.*) 300 IN A (.*) ; (.*)/</font>\1<font color="#808080"> 300 IN A '</font>$(cat /var/nsd/run/master_a)<font color="#808080">' ; </font>\3<font color="#808080">/;</font> -<font color="#808080"> }</font> -<font color="#808080"> /^standby/ {</font> -<font color="#808080"> s/^(.*) 300 IN A (.*) ; (.*)/</font>\1<font color="#808080"> 300 IN A '</font>$(cat /var/nsd/run/standby_a)<font color="#808080">' ; </font>\3<font color="#808080">/;</font> -<font color="#808080"> }</font> -<font color="#808080"> }</font> -<font color="#808080"> /IN AAAA .*; Enable failover/ {</font> -<font color="#808080"> /^standby/! {</font> -<font color="#808080"> s/^(.*) 300 IN AAAA (.*) ; (.*)/</font>\1<font color="#808080"> 300 IN AAAA '</font>$(cat /var/nsd/run/master_aaaa)<font color="#808080">' ; </font>\3<font color="#808080">/;</font> -<font color="#808080"> }</font> -<font color="#808080"> /^standby/ {</font> -<font color="#808080"> s/^(.*) 300 IN AAAA (.*) ; (.*)/</font>\1<font color="#808080"> 300 IN AAAA '</font>$(cat /var/nsd/run/standby_aaaa)<font color="#808080">' ; </font>\3<font color="#808080">/;</font> -<font color="#808080"> }</font> -<font color="#808080"> }</font> -<font color="#808080"> / ; serial/ {</font> -<font color="#808080"> s/^( +) ([0-9]+) .*; (.*)/</font>\1<font color="#808080"> '</font>$(date +%s)<font color="#808080">' ; </font>\3<font color="#808080">/;</font> -<font color="#808080"> }</font> -<font color="#808080"> '</font> -} -</pre> -<br /> -<span>After the failover, the script reloads <span class='inlinecode'>nsd</span> and performs a sanity check to see if DNS still works. If not, a rollback will be performed:</span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre><i><font color="silver">#! Race condition !#</font></i> - -<b><u><font color="#000000">if</font></u></b> [ -f $zone_file.bak ]; <b><u><font color="#000000">then</font></u></b> - mv $zone_file.bak $zone_file -<b><u><font color="#000000">fi</font></u></b> - -cat $zone_file | transform > $zone_file.new.tmp - -grep -v <font color="#808080">' ; serial'</font> $zone_file.new.tmp > $zone_file.new.noserial.tmp -grep -v <font color="#808080">' ; serial'</font> $zone_file > $zone_file.old.noserial.tmp - -echo <font color="#808080">"Has zone $zone_file changed?"</font> -<b><u><font color="#000000">if</font></u></b> diff -u $zone_file.old.noserial.tmp $zone_file.new.noserial.tmp; <b><u><font color="#000000">then</font></u></b> - echo <font color="#808080">"The zone $zone_file hasn't changed"</font> - rm $zone_file.*.tmp - <b><u><font color="#000000">return</font></u></b> <font color="#000000">0</font> -<b><u><font color="#000000">fi</font></u></b> - -cp $zone_file $zone_file.bak -mv $zone_file.new.tmp $zone_file -rm $zone_file.*.tmp -echo <font color="#808080">"Reloading nsd"</font> -nsd-control reload - -<b><u><font color="#000000">if</font></u></b> ! zone_is_ok $zone; <b><u><font color="#000000">then</font></u></b> - echo <font color="#808080">"Rolling back $zone_file changes"</font> - cp $zone_file $zone_file.invalid - mv $zone_file.bak $zone_file - echo <font color="#808080">"Reloading nsd"</font> - nsd-control reload - zone_is_ok $zone - <b><u><font color="#000000">return</font></u></b> <font color="#000000">3</font> -<b><u><font color="#000000">fi</font></u></b> - -<b><u><font color="#000000">for</font></u></b> cleanup <b><u><font color="#000000">in</font></u></b> invalid bak; <b><u><font color="#000000">do</font></u></b> - <b><u><font color="#000000">if</font></u></b> [ -f $zone_file.$cleanup ]; <b><u><font color="#000000">then</font></u></b> - rm $zone_file.$cleanup - <b><u><font color="#000000">fi</font></u></b> -<b><u><font color="#000000">done</font></u></b> - -echo <font color="#808080">"Failover of zone $zone to $MASTER completed"</font> -<b><u><font color="#000000">return</font></u></b> <font color="#000000">1</font> -</pre> -<br /> -<span>A non-zero return code (here, 3 when a rollback and 1 when a DNS failover was performed) will cause CRON to send an E-Mail with the whole script output.</span><br /> -<br /> -<span>The authorative nameserver for my domains runs on both VMs, and both are configured to be a "master" DNS server so that they have their own individual zone files, which can be changed independently. Otherwise, my setup wouldn't work. The side effect is that under a split-brain scenario (both VMs cannot see each other), both would promote themselves to master via their local DNS entries. More about that later, but that's fine in my use case.</span><br /> -<br /> -<span>Check out the whole script here:</span><br /> -<br /> -<a class='textlink' href='https://codeberg.org/snonux/conf/src/branch/master/frontends/scripts/dns-failover.ksh'>dns-failover.ksh</a><br /> -<br /> -<h3 style='display: inline' id='fairly-cheap-and-geo-redundant'>Fairly cheap and geo-redundant</h3><br /> -<br /> -<span>I am renting two small OpenBSD VMs: One at OpenBSD Amsterdam and the other at Hetzner Cloud. So, both VMs are hosted at another provider, in different IP subnets, and in different countries (the Netherlands and Germany).</span><br /> -<br /> -<a class='textlink' href='https://OpenBSD.Amsterdam'>https://OpenBSD.Amsterdam</a><br /> -<a class='textlink' href='https://www.Hetzner.cloud'>https://www.Hetzner.cloud</a><br /> -<br /> -<span>I only have a little traffic on my sites. I could always upload the static content to AWS S3 if I suddenly had to. But this will never be required.</span><br /> -<br /> -<span>A DNS-based failover is cheap, as there isn't any BGP or fancy load balancer to pay for. Small VMs also cost less than millions.</span><br /> -<br /> -<h3 style='display: inline' id='failover-time-and-split-brain'>Failover time and split-brain</h3><br /> -<br /> -<span>A DNS failover doesn't happen immediately. I've configured a DNS TTL of <span class='inlinecode'>300</span> seconds, and the failover script checks once per minute whether to perform a failover or not. So, in total, a failover can take six minutes (not including other DNS caching servers somewhere in the interweb, but that's fine - eventually, all requests will resolve to the new master after a failover).</span><br /> -<br /> -<span>A split-brain scenario between the old master and the new master might happen. That's OK, as my sites are static, and there's no database to synchronise other than HTML, CSS, and images when the site is updated.</span><br /> -<br /> -<h3 style='display: inline' id='failover-support-for-multiple-protocols'>Failover support for multiple protocols</h3><br /> -<br /> -<span>With the DNS failover, HTTP, HTTPS, and Gemini protocols are failovered. This works because all domain virtual hosts are configured on either VM's <span class='inlinecode'>httpd</span> (OpenBSD's HTTP server) and <span class='inlinecode'>relayd</span> (it's also part of OpenBSD and I use it to TLS offload the Gemini protocol). So, both VMs accept requests for all the hosts. It's just a matter of the DNS entries, which VM receives the requests.</span><br /> -<br /> -<a class='textlink' href='https://man.OpenBSD.org/httpd.8'>https://man.OpenBSD.org/httpd.8</a><br /> -<a class='textlink' href='https://man.OpenBSD.org/relayd.8'>https://man.OpenBSD.org/relayd.8</a><br /> -<br /> -<span>For example, the master is responsible for the <span class='inlinecode'>https://www.foo.zone</span> and <span class='inlinecode'>https://foo.zone</span> hosts, whereas the standby can be reached via <span class='inlinecode'>https://standby.foo.zone</span> (port 80 for plain HTTP works as well). The same principle is followed with all the other hosts, e.g. <span class='inlinecode'>irregular.ninja</span>, <span class='inlinecode'>paul.buetow.org</span> and so on. The same applies to my Gemini capsules for <span class='inlinecode'>gemini://foo.zone</span>, <span class='inlinecode'>gemini://standby.foo.zone</span>, <span class='inlinecode'>gemini://paul.buetow.org</span> and <span class='inlinecode'>gemini://standby.paul.buetow.org</span>.</span><br /> -<br /> -<span>On DNS failover, master and standby swap roles without config changes other than the DNS entries. That's KISS (keep it simple and stupid)!</span><br /> -<br /> -<h3 style='display: inline' id='let-s-encrypt-tls-certificates'>Let's encrypt TLS certificates</h3><br /> -<br /> -<span>All my hosts use TLS certificates from Let's Encrypt. The ACME automation for requesting and keeping the certificates valid (up to date) requires that the host requesting a certificate from Let's Encrypt is also the host using that certificate.</span><br /> -<br /> -<span>If the master always serves <span class='inlinecode'>foo.zone</span> and the standby always <span class='inlinecode'>standby.foo.zone</span>, then there would be a problem after the failover, as the new master wouldn't have a valid certificate for <span class='inlinecode'>foo.zone</span> and the new standby wouldn't have a valid certificate for <span class='inlinecode'>standby.foo.zone</span> which would lead to TLS errors on the clients.</span><br /> -<br /> -<span>As a solution, the CRON job responsible for the DNS failover also checks for the current week number of the year so that:</span><br /> -<br /> -<ul> -<li>In an odd week number, the first server is the default master</li> -<li>In an even week number, the second server is the default master.</li> -</ul><br /> -<span>Which translates to:</span><br /> -<br /> -<!-- Generator: GNU source-highlight 3.1.9 -by Lorenzo Bettini -http://www.lorenzobettini.it -http://www.gnu.org/software/src-highlite --> -<pre><i><font color="silver"># Weekly auto-failover for Let's Encrypt automation</font></i> -<b><u><font color="#000000">local</font></u></b> -i -r week_of_the_year=$(date +%U) -<b><u><font color="#000000">if</font></u></b> [ $(( week_of_the_year % <font color="#000000">2</font> )) -eq <font color="#000000">0</font> ]; <b><u><font color="#000000">then</font></u></b> - <b><u><font color="#000000">local</font></u></b> tmp=$master - master=$standby - standby=$tmp -<b><u><font color="#000000">fi</font></u></b> -</pre> -<br /> -<span>This way, a DNS failover is performed weekly so that the ACME automation can update the Let's Encrypt certificates (for master and standby) before they expire on each VM.</span><br /> -<br /> -<span>The ACME automation is yet another daily CRON script <span class='inlinecode'>/usr/local/bin/acme.sh</span>. It iterates over all of my Let's Encrypt hosts, checks whether they resolve to the same IP address as the current VM, and only then invokes the ACME client to request or renew the TLS certificates. So, there are always correct requests made to Let's Encrypt. </span><br /> -<br /> -<span>Let's encrypt certificates usually expire after 3 months, so a weekly failover of my VMs is plenty.</span><br /> -<br /> -<a class='textlink' href='https://codeberg.org/snonux/conf/src/branch/master/frontends/scripts/acme.sh.tpl'><span class='inlinecode'>acme.sh.tpl</span> - Rex template for the <span class='inlinecode'>acme.sh</span> script of mine.</a><br /> -<a class='textlink' href='https://man.OpenBSD.org/acme-client.1'>https://man.OpenBSD.org/acme-client.1</a><br /> -<a class='textlink' href='./2022-07-30-lets-encrypt-with-openbsd-and-rex.html'>Let's Encrypt with OpenBSD and Rex</a><br /> -<br /> -<h3 style='display: inline' id='monitoring'>Monitoring</h3><br /> -<br /> -<span>CRON is sending me an E-Mail whenever a failover is performed (or whenever a failover failed). Furthermore, I am monitoring my DNS servers and hosts through Gogios, the monitoring system I have developed. </span><br /> -<br /> -<a class='textlink' href='https://codeberg.org/snonux/gogios'>https://codeberg.org/snonux/gogios</a><br /> -<a class='textlink' href='./2023-06-01-kiss-server-monitoring-with-gogios.html'>KISS server monitoring with Gogios</a><br /> -<br /> -<span>Gogios, as I developed it by myself, isn't part of the OpenBSD base system. </span><br /> -<br /> -<h3 style='display: inline' id='rex-automation'>Rex automation</h3><br /> -<br /> -<span>I use Rexify, a friendly configuration management system that allows automatic deployment and configuration.</span><br /> -<br /> -<a class='textlink' href='https://www.rexify.org'>https://www.rexify.org</a><br /> -<a class='textlink' href='https://codeberg.org/snonux/conf/src/branch/master/frontends'>codeberg.org/snonux/rexfiles/frontends</a><br /> -<br /> -<span>Rex isn't part of the OpenBSD base system, but I didn't need to install any external software on OpenBSD either as Rex is invoked from my Laptop!</span><br /> -<br /> -<h2 style='display: inline' id='more-ha'>More HA</h2><br /> -<br /> -<span>Other high-available services running on my OpenBSD VMs are my MTAs for mail forwarding (OpenSMTPD - also part of the OpenBSD base system) and the authoritative DNS servers (<span class='inlinecode'>nsd</span>) for all my domains. No particular HA setup is required, though, as the protocols (SMTP and DNS) already take care of the failover to the next available host! </span><br /> -<br /> -<a class='textlink' href='https://www.OpenSMTPD.org/'>https://www.OpenSMTPD.org/</a><br /> -<br /> -<span>As a password manager, I use <span class='inlinecode'>geheim</span>, a command-line tool I wrote in Ruby with encrypted files in a git repository (I even have it installed in Termux on my Phone). For HA reasons, I simply updated the client code so that it always synchronises the database with both servers when I run the <span class='inlinecode'>sync</span> command there. </span><br /> -<br /> -<a class='textlink' href='https://codeberg.org/snonux/geheim'>https://codeberg.org/snonux/geheim</a><br /> -<br /> -<span>E-Mail your comments to <span class='inlinecode'>paul@nospam.buetow.org</span> :-)</span><br /> -<br /> -<span>Other *BSD and KISS related posts are:</span><br /> -<br /> -<a class='textlink' href='./2025-12-07-f3s-kubernetes-with-freebsd-part-8.html'>2025-12-07 f3s: Kubernetes with FreeBSD - Part 8: Observability</a><br /> -<a class='textlink' href='./2025-10-02-f3s-kubernetes-with-freebsd-part-7.html'>2025-10-02 f3s: Kubernetes with FreeBSD - Part 7: k3s and first pod deployments</a><br /> -<a class='textlink' href='./2025-07-14-f3s-kubernetes-with-freebsd-part-6.html'>2025-07-14 f3s: Kubernetes with FreeBSD - Part 6: Storage</a><br /> -<a class='textlink' href='./2025-05-11-f3s-kubernetes-with-freebsd-part-5.html'>2025-05-11 f3s: Kubernetes with FreeBSD - Part 5: WireGuard mesh network</a><br /> -<a class='textlink' href='./2025-04-05-f3s-kubernetes-with-freebsd-part-4.html'>2025-04-05 f3s: Kubernetes with FreeBSD - Part 4: Rocky Linux Bhyve VMs</a><br /> -<a class='textlink' href='./2025-02-01-f3s-kubernetes-with-freebsd-part-3.html'>2025-02-01 f3s: Kubernetes with FreeBSD - Part 3: Protecting from power cuts</a><br /> -<a class='textlink' href='./2024-12-03-f3s-kubernetes-with-freebsd-part-2.html'>2024-12-03 f3s: Kubernetes with FreeBSD - Part 2: Hardware and base installation</a><br /> -<a class='textlink' href='./2024-11-17-f3s-kubernetes-with-freebsd-part-1.html'>2024-11-17 f3s: Kubernetes with FreeBSD - Part 1: Setting the stage</a><br /> -<a class='textlink' href='./2024-04-01-KISS-high-availability-with-OpenBSD.html'>2024-04-01 KISS high-availability with OpenBSD (You are currently reading this)</a><br /> -<a class='textlink' href='./2024-01-13-one-reason-why-i-love-openbsd.html'>2024-01-13 One reason why I love OpenBSD</a><br /> -<a class='textlink' href='./2023-10-29-kiss-static-web-photo-albums-with-photoalbum.sh.html'>2023-10-29 KISS static web photo albums with <span class='inlinecode'>photoalbum.sh</span></a><br /> -<a class='textlink' href='./2023-06-01-kiss-server-monitoring-with-gogios.html'>2023-06-01 KISS server monitoring with Gogios</a><br /> -<a class='textlink' href='./2022-10-30-installing-dtail-on-openbsd.html'>2022-10-30 Installing DTail on OpenBSD</a><br /> -<a class='textlink' href='./2022-07-30-lets-encrypt-with-openbsd-and-rex.html'>2022-07-30 Let's Encrypt with OpenBSD and Rex</a><br /> -<a class='textlink' href='./2016-04-09-jails-and-zfs-on-freebsd-with-puppet.html'>2016-04-09 Jails and ZFS with Puppet on FreeBSD</a><br /> -<br /> -<a class='textlink' href='../'>Back to the main site</a><br /> - </div> - </content> - </entry> - <entry> <title>Posts from July to December 2025</title> <link href="gemini://foo.zone/gemfeed/2026-01-01-posts-from-july-to-december-2025.gmi" /> <id>gemini://foo.zone/gemfeed/2026-01-01-posts-from-july-to-december-2025.gmi</id> |