local

Stuff posted in this site by me.

Smartly helping you break the law

Straight from the horse’s mouth:

Insert smart chips & building blocks in your Google Doc
Insert smart chips in your Google Doc to include information about:

Other users with Gmail or Workspace email addresses
Other Google Docs, Sheets, or Slides files
Dates or Google Calendar events
Places and map directions

Where there’s a smart chip in your document, you and other users can hover or click on a chip to get more information.

If you are dealing with confidential information you should stop using Google Sheets immediately.

  • There is no way to disable them.
  • Google will insist on forwarding or sharing the resource with people within the organization even if do not need access to it.
  • The changes are not reversible via Undo functionality. You have to revert to a previous version of the file (File -> Version History -> See Version History). Good luck to you if you’ve been working on the file for hours/days and google shits all over your file.
  • What happens when google kills the feature because no one is using it? The original data that was kept in those cells is gone.

This is particularly important if you’re dealing with FERPA or HIPAA data. Switch to excel, which is what you should’ve done from the beginning.

Enduro

In the space of a month:

  • Found a new full-time job at helpdeskJerb.
  • Adjusted my schedule at bartendJerb.
  • Moved addresses.
  • Potentially finished my time working at sysadminJerb.

I’m fucken tired.

Tiktok may be the first electronic drug

Rather than see specificity and device limitations as an inconvenient hurdle to omnipresence, TikTok embeds itself within them—taking advantage of the fact that mobile technology limits how people engage with content and leaning into these constraints (e.g. the user only sees one video at a time and can only proceed linearly to the next video by swiping). This narrow focus enables a “flow state” to open up between the platform and spectator, as attention is entirely channeled to the content at hand.

Source: TikTok’s Greatest Asset Isn’t Its Algorithm—It’s Your Phone | WIRED

We’ve experienced this. Tiktok is extremely good at showing you things that will make your mind reach this “flow state” and then you’re just adrift in the current of swipes from one video to another, punctuated with brief stops to write a comment.

This can last for hours upon hours. We currently make it a point to check tiktok once or twice a day for fifteen, twenty minutes at a time. Catch up with the people we follow, check what drama is going on, what went viral, and then quit out of it.

Disabling notifications helps tremendously with this, as tiktok is a very pushy application when it comes to demanding your attention.

WordPress is **not** a documentation system though

Writing documentation is different from writing code.

Source: Markdown, Asciidoc, or reStructuredText – a tale of docs-as-code – Dewan’s Blog

I’m currently using commonmark in vim to write my own personal documentation for things and keep running into that small issue of having to embed HTML if I want to do anything “complicated”. I’m also trying out keeping it in git… although this might be a bit of overkill.

All in all a great article on what things you need to consider if you need to implement documentation for an entire organization and you want that documentation versioned and actionable.

Yeah, git sucks, but there are other version control systems out there. Gotta mix and match.

These people aren’t ready for what’s coming

When some proposed forming their own self-funded water provider, other residents revolted, saying the idea would foist an expensive, freedom-stealing new arm of government on them. The idea collapsed. Other solutions, like allowing a larger water utility to serve the area, could be years off.

Source: Skipped Showers, Paper Plates: An Arizona Suburb’s Water Is Cut Off – The New York Times

Well, those people are free to lose everything cos they decided to willingly entertain the notion they could live without running water. And in their pride everyone else loses.

If the drought in the Southwest continues for a couple more years we will enter water knife territory.

We can be predators. We have to.

I have some thoughts about the hockey-stick rise of “AI” (more like advanced machine learning) , it’s current iterations are bullshittiers (from On Bullshit by Harry Frankfurt

His book On Bullshit addresses his concern and makes a distinction between “bullshitters” and liars. He concludes that bullshitters are more insidious: they are more of a threat against the truth than are liars.

Whatever happens with AI— it’s a bullshitter. It doesn’t, it can’t, care about what is true or false. Whomever uses it also does not care, and they will use it to expand their underdeveloped thoughts and ideas to have it talk about nothing at all, in an effort to confuse and control; to influence you to buy some random widget you don’t need.

Combine the output of AI writing tools with software to paraphrase and re-edit and everyone will have a really hard time telling what was written entirely by humans and what was fabricated from nothingness.

In time, media created with the assistance of AI will probably become the apex predator of your time and attention on the internet, where to attract attention is to attract predators:

Is our universe an empty forest or a dark one? If it’s a dark forest, then only Earth is foolish enough to ping the heavens and announce its presence. The rest of the universe already knows the real reason why the forest stays dark. It’s only a matter of time before the Earth learns as well.

This is also what the internet is becoming: a dark forest.

While it’s markedly safe to hide, it also means you give up your potential for change on the larger Internet, letting those predators bend the environment to their will permanently.

We’d do well to remember that on the Internet nobody cares you’re a dog.

HOWTO: WRITE BETTER DOCUMENTATION

So, call to action: if you are writing any kind of documentation, before explaining how to fix the problem, teach the user how to diagnose it.

Source: Why Linux Troubleshooting Advice Sucks

I’ve been writing documentation for myself for years, and been using Linux for 20 years and I still struggle with the basics cos most documentation for Linux fucken sucks.

  • Teach the user how to diagnose the issue so they can confirm the solution you have is indeed for their issue.
  • Explain why this is happening.
  • Provide the solution. Could be a bash one-liner they can copy-paste. Could be a script (explain how to run it). Could be a patch (explain how to apply it). Don’t just say “this is an exercise left to the reader.”

And no, “reading the source” doesn’t help. Neither does “read the man pages”; the only man page worth anything is the one for nmap.

If you’re one of those people that say that you can go fuck yourself, hard, in the ass, no lube.

It’s gentrification by any other name

Not every sector has benefited the same from the influx of digital nomads. Sarai Balderrama, the co-founder of Agencia de Arte, a digital platform that promotes up-and-coming Mexican artists to international clients, told Rest of World, “For over a year, I’ve been trying to tap into that market but they don’t seem interested in staying. You usually buy art when you start calling a place home.”

Source: Digital nomads now come first for Mexico City’s gig workers – Rest of World

The resident population of Mexico City has been screaming at these people to willingly integrate with the fabric of the city instead of just insulating themselves from it. Already thousands have been priced out by these digital nomads.

When Latin American people go to the US or Europe to work, Americans usually scream at them to integrate, and the vast majority of them do, even if they don’t speak the language. They pay taxes, they pay their bills, they spend discretionary income if they have any left after wiring money home.

But Americans and Europeans are not willing to return the favor.

Gonna be a hell of a rager, Thunderbird!

Over the past couple years I’ve been using Nextcloud as my file syncing solution with plenty of success— you just have to make sure to set it up properly. I’ve enabled a couple of extensions for it (they call them “apps”) but the one I truly rely on is Tasks, which enables a CalDAV compatible to-do list.

Now, over the past decade or so I’ve tried a myriad of to-do applications and a lot of them really fell down on their face:
– Google Tasks: They change their interface so often, at the whims of whomever is in charge of that bit of code over at google. It tries to be too smart for its own good. It’s a google application do you don’t actually know if it’ll stick around.
– Google Keep: Free-form management sure, but it gets extremely unwieldy once you try to have more than what can fit on your screen. It also tries to be smart. There also the potential for extinction.
todo.txt: This is meant for people who are on their desk computers all day every day. I’m not.
Remember the Milk. It’s a paid app. At this point I don’t even remember what the limitation was that turned me off it.
wiki.vim: Again, meant for desk use.
Notion: It’s just so slow.
– Evernote: They seem to care more about how your to-do list looks rather than crossing items off it. Also you have to pay for all the goodies.
Microsoft To Do: You need a Microsoft account and they push hard to get you to upgrade to full-on Office.
Org Mode: Emacs. Just… no.
– I’m not listing any apps on iOS cos Apple devices are toys. Yes iPhones take awesome pictures but that’s cos they’re toys for adults.
– Mozilla Thunderbird: No built-in sync with other Thunderbird instances. Given that Mozilla is putting all of its resources into Firefox…

I’ve probably tried using a myriad others but decided against them for one reason or another, be it compatibility with my operating systems of choice, UI/UX decisions made by the part of the developers, lack of sane defaults forcing me to change al of the configuration settings, etc etc. At some point you just give up. Now, the Tasks app on Nextcloud is plenty capable and so far it has been the only one that I’ve been able to stick with longer than two weeks cos it covers all the features I want, which I found quite surprising:
– Web-based interface for availability pretty much everywhere you have a browser and Internet access.
– Hierarchical tasks! (aka subtasks) with notes attached to everything so you can document what you did and how you did it.
– Compatibility with pretty much everything out there via CalDAV. It’s a bit of a pain depending on what you’re using (looking at you, DAVx and tasks.org.

This last point is what I have to poke fun at Thunderbird. For an application that is trying extremely hard to run your life, they don’t fully support CalDAV, namely, hierarchical tasks. Found this on their Bugzilla

\Thunderbird Bugzilla: Bug 194863: Subtask nesting and event triggers (hierarchical to-do): Opened 20 years ago This bug grew up into quite the young adult[/caption]
This bug has been open since February 25, 2003. I’m typing this in January 3, 2023. In less than two months this bug will be able to drink in the United States.

I like you Thunderbird but what the fuck lol.

Cocinando en tu cuarto? Dale

Whitehorn’s book rescued me as it did thousands, probably millions of others. She knew just what people like me wanted: “Cooking to Stay Alive,” the first part, and “Cooking to Impress,” the second. No escaping cooking to stay alive because restaurants were few and far between in the 60s and too expensive for anything but a very special occasion.

Source: Cooking in a Bedsitter – Rachel Laudan

Ojalá hubiese tenido este libro durante mis años rebotando en Mexico.

Fuck Kanye West

This is being one hell of a ride

Well, now he’s truly done it. The melon husk bought twitter.

The writings were quick to arrive, particularly after the husk fired the A-levels first thing, and then dissolving the board of directors. Pretty sure all of that will result in lawsuits. Rich people don’t like not getting their golden parachutes.

The Verge posted:

What I mean is that you are now the King of Twitter, and people think that you, personally, are responsible for everything that happens on Twitter now. It also turns out that absolute monarchs usually get murdered when shit goes sideways.

Welcome to hell, Elon

The Intercept wrote:

This could have been the mission statement of pre-Musk Twitter. But now there’s one big difference: When the content moderation of Twitter remains largely the same, the sense of betrayal among Musk’s super-fans will explode with the force of a supernova. And they will scream at Musk about it nonstop — on Twitter.

By Buying Twitter, Elon Musk Has Created His Own Hilarious Nightmare.

The chaos started immediately, with the husk firing a lot of people willy-nilly all over the company, and the world. Then it started asking people to come back. The company is now also on the hook for breaking California labor laws, with a looming lawsuit and employment attorneys commenting on this.

Nine days on from the purchase, the chaos continues:

Scoop: all of Musk’s companies use MS Teams for comms, where new channels are private by default.

When software engineers from Tesla, Boring and SpaceX came in to Twitter a week ago, they created Slack channels to communicate amongst themselves.

Several channels were public

@GergelyOrosz

Twitter Co also has zero potential advertisement income coming in, due to the husk’s erratic management style and general assholery. Also, someone please tell @Jack to shut the hell up.

Ourselves don’t plan on switching platforms until they shut the servers off… but then again we came from IRC, which has greatly reduced in size and influence; we keep a foothold on a couple networks but we don’t see any kind of substitute for the glorious chaos of an open timeline. But we’ll see.

Dril predicted all this, by the way. A true prophet of our age.

Trust google at your peril

It really is that simple: No one trusts Google. It has exhibited such poor understanding of what people want, need and will pay for that at this point, people are wary of investing in even its more popular products.

Source: Stadia died because no one trusts Google | TechCrunch

The wake-up call was when google killed google reader, but it was ignored by a lot of people cos it was a free service.

Then there was G Suite (Legacy Free). They got a lot of people to rely on google services and then proceeded to straight up betray them. People still didn’t care cos it was also “free service”.

But now with Stadia people will care cos the cost of this cancellation won’t be paid by google— they already wrote off the money. The cost will be borne by developers who trusted google with their games.

I’m somewhat safe as I do pay for some google services but I am looking for alternatives now. Microsoft is not a particularly viable option.

There’s gotta be something better than markdown for notes, though

We keep switching back and forth between vim + wiki.vim and Obsidian. Vim is a text editor, the bloody fastest there is at it, made better now that we’re more or less efficient with a bunch of commands and keyboard combinations. And now that we actually have a somewhat decent implementation of our dotfiles being kept in our git server (aka not github) we can keep my vimrc file the same pretty much everywhere.

But Obsidian is just so convenient… Looks and runs exactly the same on Windows, Linux, and Android! You just run the application and open the vault. Their iOS version will not open my notes vault which is kept on my Nextcloud instance.

I’m sticking to Obsidian for now mostly because it does let me see images in it’s preview mode and on that it does have vim beat. If you need to edit text table nothing beats vim-table-mode.

Most streamers would rather suffer shitty wifi

This is a bit of a rant— mostly cos in the past few weeks we’ve seen some of the streamers we follow get hit with Internet issues and they’ll usually blame their ISP. Yeah comcast and charter/spectrum fucken suck but the vast majority of the time they’re not going to be the entity at fault. If you are a “professional” streamer, i.e. you have income from your streams, you owe it to yourself to ensure your Internet connection is actually functional at all times. So this here is for you. Why? Cos all the time we see people spend thousands of dollars on computer hardware (their gaming/streaming rig plus accessories, monitors, lighting, camera, microphone/headset, etc etc) and yet… they still connect their computer to the Internet via wifi.

Then they wonder why they’re lagging in fucken fortnite or why the audio is running half a second behind video on twitch. Bitch pls.

Particularly egregious when it’s people who know better but they just choose not to do it for whatever reason, chief among them that “landlord won’t allow it”. Run that Ethernet cable with command hooks if your have to, gawdamn, but do something.

We’re not a streamer but we do work in IT. A proper, trouble-free setup would replicate what we have right now here at home.

  1. Get a power-efficient computer. Doesn’t have to be expensive, we’re using one of these we bought for $30 USD.
  2. Install an extra network card on that computer (another $10 USD). If you get something like this it already has an extra LAN interface and they even throw in one year of tech support. If you’re cheap just go download pfsense and install it yourself, it’s free.
  3. Get a decent switch like this one with built-in PoE and gigabit ports all around.
  4. Get one or two wifi access points like these to handle phones, tablets and streaming boxes.

You plug the wifi access points into the switch (they get power via Ethernet), then the switch into the “router”. Turn everything on, then follow the instructions for setting up pfsense. If you’ve ever installed Windows on a computer this all works at the same level of tech skill.

With everything set up (and it isn’t that hard if you’re even somewhat technically inclined and you follow a youtube tutorial like this one) you now have a better network setup that most small businesses out there. Speaking of business… most places do know they need constant Internet connectivity to actually stay open and yet they still choose to have a $25 USD wifi router that reached end-of-life back in 2016 run their stuff, and then they wonder why their Internet fucken sucks.

Feeling fancy and want to take it easy? Go with a Ubiquiti Unifi setup. It’s nice and slick and they also have decent tech support if you have no idea what you’re fucken doing. It will cost you a pretty penny… but their setup is basically flawless and will last you a long time without having issues. If and when you have issues the system itself will tell you what’s wrong. Slick, like we said.

Once all of the things are connected and working, then you connect your computers and phones and streaming boxes and tables to that new network equipment. If you’re a streamer it is very likely there are one or two technically-inclined people who watch your streams and would help out if you ask. But that’s the thing, you have to ask.

If you’re making more than $1000 USD a month from streaming you can certainly afford to pay someone to do this for you. Hire someone, get them on retainer, and now when somethin breaks right before an important stream they’ll be able to help you figure out what the fuck is going on.

We’ve been avoiding thinking about work for the past two weeks. Why? Cos we had a jerb interview! Codename hrJerb.

Glorified receptionist but gets us out of the IT sector. We’d be able to get some actual experience working outside of the crypt.

IT Crowd - Hello IT

This would be a full time job. That’s in addition to sysadminJerb, itself a full-time job; and hostJerb, which is a part-time job. We’d have no time for ourselves other than basic system (human) maintenance. We’d be working an average of 85 hours per week— I checked. But we’ll take it if we have to. There is no path forward but pain.

It all came about cos when we got off work today I hit up Inbound Brewing, chatted with a couple friends, and on the way to Nightingale two songs came on just as a decision erupted from my subconscious.

This first one hit hard:

It played just as I was thinking about all the effort I’ve put into hostJerb only to be told “we don’t need your help” when management are clearly underequipped, underprepared, and clearly overtaken by the job.

We’ve tried chasing this kind of thing in the past and it never ends well. We learned.

And just as we were about to feel sorry for ourselves for… Coming up short for people that don’t appreciate us, this song played.

Sure it’s a love song but right there and then it felt like a balm. Like… “oh wow, other workplaces can actually be nice? I don’t have to chase people around?” and “huh we do love ourselves” and “we love this one beer and it’s not her fault the people who make her suck at their jobs”.

It’s Celia Cruz too so that helps.

All we need do is wait. Play capilalists off against one another; one set know what they can do but they don’t want to own up to it, the other coming in blind with cash and benefits. And extra seasoning! Cos all the people at hostJerb who can challenge what hrJerb might offer are out of town, and they are competing with people who are known to not care about their employees. In a competition like this everyone loses.


Then there’s also the fact we’re addicted to this fucken industry.

♪ fonts fonts fonts

Honestly it’s probably more like 90% of the work! Am I right! I am joking! (Am i????) this is a design humor account #fonts #fontstudio #design

Source: Honestly it’s probably more like 90% of the work! Am I right! I am joking! (Am i????) this is a design humor account #fonts #fontstudio #design

It’d be awesome if social media platforms allowed some form of searching text people put up on their video, like subtitle metadata or something. It’ll never happen cos they depend on this kind of thing to keep you there.

But in this case, she’s talking about

For shame! For shame!

Well guess what, here’s an actual blog post. For the past few years we’ve been putting stuff on twitter cos it’s easier to get stuff off the cuff, y’know? But we’ve realize that for a lot of things we want to do a bit more thought. Hence the following.


We’d noticed over the past couple weeks a coworker was downright hostile to us. Earlier we finally got the chance to ask her:

“Hey, is there anything we did to make you angry or annoyed?”

Yes

You don’t listen to anyone
You do whatever you feel like
And you drink too much at work

Which, fair.

  1. We listen to people who can actually impinge on our tasks, i.e. management or shift leads. If you want me to go clean tables cos you’d rather get hit on by the hot guy at the bar then no.
  2. We do whatever needs doing right then and there. Food needs doing and you’re busy getting hit on? We’ll run food. Guests in line and you’re busy chatting up a table of men? We’ll ring those guests right up. I’m not at your beck and call. I’m at the business’ beck and call. We’ve told the GM to fuck off cos we’re busy doing things they’d rather not do. We’ve told the fucken CEO off. You’re a mere peon just like me.
  3. This one actually threw us for a loop. We’re currently averaging .9 beers per hour, while the KM is doing about 2 beers/hour, the sous chef is doing 1 weed joint/hour. We believe the issue you have with our drinking is that we start making conversation with the men hitting on you, which means you then have to go and do actual work.

Now, we only found out cos we asked. She wasn’t going to let us know she had a problem, and she sure as hell wasn’t going to let management know there was a problem cos then they’ll look at her work performance.

(Management loves us, by the way. They can find no fault with our work, which is how we like it.)

But it is annoying. When they say that it’s hard to make friends in Minnesota they didn’t say anything about people who can’t deal with their own emotions in a healthy way.

And fuck your cow too

Dear Spotify. I tried to search for podcasts on your Desktop app. I know you’re into fancy cross-platform Electron framework. I’ve come to terms with it. It’s fine. It’ll do. But, your understanding of interface design seems like it needs a bit of a history lesson. Back in iTunes Good

Source: Dear Spotify. Can we just get a table of songs?

Honestly if you’re using the Electron framework for anything you’re not a software developer. You’re a piece of shit who writes shit code and is out to make the world a shittier place.

A week of self-discovery

  • We went from three jobs down to two jobs back in March and somehow… our schedule got worse? Perhaps the kitchen job at hostJerb should be counted as a third job, honestly. We’ve been telling people we work like an elemental demon to live like a mortal peasant. No one gets it :(

  • It’s becoming almost impossible to sleep at home. All the neighbors are working on their yards, their cars, their houses. There’s a bit more traffic than at the old apartment. The landlord company are working on the house. The light is bad enough, but the uneven noise is really messing our already chaotic sleep schedule even more.

  • Purchased a Nintendo Switch. I’m not buying any video games until I’ve exhausted Link’s Awakening. Love this game. Trying to figure out how to get an online membership for it without giving Nintendo any more personal data— or our credit card number.

    Screen capture from The Legend of Zelda: Link's Awakening

  • Decided to schedule gym sessions. It’s easier than just going there on a lark. It helps with keeping full awareness of our schedule too. We need to find a good resource for guided gym workouts.

  • The biggest change of the summer? Definitely our biking around. We decided calories are cheap and that’s really helped in getting us out of bed as long as we can get 6 hours or more of sleep between jobs. I’m not going out to party or mingle, sleep is far more important! But we’re making more of an effort to bike around instead of using rideshares or the bus, particularly at night.

    Gotta take advantage of the weather while we can. Once winter is here getting around is going to be that much harder.

Now, to find something to eat…

Garbage

In a single week, the Supreme Court of the United States has gutted gun control, weakened the separation of church and state, gave more fuel to the police state, and to top it off, struck down Roe v. Wade entirely.

The worst week for civil rights in the country in decades.

And the court signals they will take more away. Rights to contraception and same-sex marriage are next.

Blast from the ActiveX past by way of iDRAC6

Recently we acquired a Dell PowerEdge R610. It’s got the goodies and we plan on running a bunch of VMs on there for shits and giggles.

But beware if you’re trying to use iDRAC6. It’s a nifty technology for sure but it has left behind by the Internet moving forward. Now, there are plenty of guides out there on how to get it to work in “modern” settings i.e. Windows 10, Linux ≥ 2020:

But it was this comment that turned us on to the real solution for this:

First we need to obtain and configure a VM for our purposes:
1. Go to Virtual Machines – Microsoft Edge Developer and download the VM for your platform of choice. Since iDRAC6 is from 2008 we went with a Windows 7, IE8 32-bit VM; as we want the ability to manage this from a local workstation we went with a VirtualBox VM.
2. Import it into VirtualBox. You may want to adjust the hardware settings and give it a bit more RAM.
3. Turn it on. You may want to adjust the graphical settings.
4. Open IE and go to the iDRAC IP address or URL. We’ll use https://idrac6.lan. Click Continue to this Website (not recommended).
5. Once the site loads, on the top right go to Tools → Internet Options → Security tab → Trusted Sites. Click the Sites button.
6. In the “Add this website to the zone” enter the iDRAC URL, e.g. https://idrac6.lan. Click Add.
7. Make sure to remove the checkmark from Require server verification (https:) for all sites in this zone.
8. Click Close, then click OK to close the Internet Options window.

Next we need to configure iDRAC:
1. Login to iDRAC.
2. On the left menu make sure you’re in the System menu item.
3. On the top of the main pane go to Console/Media → Configuration.
4. Configure the Virtual Console:
– Enabled: Checked
– Max Sessions: 4
– Remote Presence Port: 5900
– Video Encryption Enabled: Remove this checkmark
– Local Server Video Enabled: Checked
– Plug-in Type: Native. This is the specific setting that makes iDRAC6 choose between ActiveX or Java.
5. Leave Virtual Media on teir defaults.
6. Click Apply
7. Log out of iDRAC, close IE.

At this point you should be able to connect to the virtual console:
1. Open IE and log back into iDRAC.
2. Go to the System left menu, then on the top tab menu go back to Console/Media.
3. Click Launch Virtual Console. IE will freeze for a few moments while it talks to iDRAC and then it will request permission to install the ActiveX control. It will freeze again while it’s installing. Once everything is done the Virtual Console should start it. If it doesn’t or it’s too slow (like moving at >5 FPS), close IE, log back into iDRAC, and restart the virtual console.

Now you have a functioning VM that can give you longer term access to iDRAC6 servers without having to deal with Java bullshit… at least until the iDRAC6 default certificate expires in June of 2024

iDRAC6 - Configuration page, with CA Root Certification Information for the website showing an expiration date of 2024/June/03

When you reboot the VM Windows 7 will download a whole bunch of updates but you should be able to keep using the virtual console. Just make sure to take a snapshot of the VM and you should be good to go.

A fair warning is also necessary:


DO NOT USE THIS VM TO ACCESS THE INTERNET. YOU WILL GET HACKED


We also tried to use the virtual console with Video Encryption enabled but we couldn’t get it to work.

Running thunderbolts through crystallized rock to make it think is already magical enough

At the heart of the problem is that the SELinux policies themselves are sort of magical. The policies have probably been provided by the maintainers of your Linux distribution, e.g., Fedora Linux. There’s nowhere on the system where you can view the policies and look up why something might or might not work. The policies also change over time, without any warning.

Source: SELinux is unmanageable; just turn it off if it gets in your way

Red Hat has made it clear the best way to manage SELinux is for you to outsource it to someone, preferably them. I get it, security of this sort is complex, but having to trust random internet postings for instructions on how to do a small task is how we ended up with github readmes saying “just curl this into bash as root”.

Oh, Photoprism

mariadb_1 | 2022-04-11 18:17:42 0 [ERROR] InnoDB: preallocating 507904 bytes for file ./photoprism/faces.ibd failed with error 28 mariadb_1 | 2022-04-11 18:17:42 0 [ERROR] [FATAL] InnoDB: Error (Out of disk space) in rollback. mariadb_1 | Fatal signal 6 while backtracing photoprism_mariadb_1 exited with code 139

We recently got our hands on some enterprise hardware and we’re now using it to run some VMs and whatnot. One of the projects I’ve had for a long time is trying to figure out a way to have a web gallery. After looking around at the available options we decided to give a shot to Photoprism.

Requirements aren’t complicated:
– Display pictures and associated metadata quickly, as a gallery.
– Have wide compatibility for various filetypes, including RAW and video files.
– Mobile app helps but it’s not a hard requirement. Web first, preferably with minimum javascript thrown in.

We have about 46 thousand files including pictures and videos, consuming 265 GB of storage. A bit more than what most people would have sure, but any cloud picture solution would definitely charge a good chunk of money to store all of them.

Now, on to PhotoPrims itself. It does Docker Compose but… fine, whatever, you want me to do the devops shit, fine. It’s easy to install, after all:

# mkdir -p /opt/photoprism
# wget https://dl.photoprism.app/docker/docker-compose.yml
# vi docker-compose.yml

You just edit docker-compose.yml with the bits and pieces you need specific to your installation and you’re good to go. Being lazy I mounted pictures storage via CIFS from the storage server. Tried to get it to work directly in Docker but it kept telling me to kick rocks.

Then you run the actual service:

# docker-compose up -d

Starts up a server accesible on the local network at http://server:2342. The documentation does state securing the connection is an exercise left to the reader, but as I only plan to run this on my LAN and accessible only via VPN, it’s fine.

This is where we started running into issues. The first VM created for it had 2 vCPUs, 8GB RAM, 16GB HDD VM. It ran out of drive space after thrashing CPU for a bit. We upgraded the VM to 8 vCPU, 32BM RAM, 32GB HDD. It ran out of disk space after thrashing the CPU cores for a bit longer.

Mmmkay, now we have a bad time going here. Upgraded VM to 16 vCPU, 64GB RAM, 64 GB HDD. It ran out of disk space again after thrashing the CPU cores for a solid 20 hours. We get it, it’s using TensorFlow for AI stuff but as a comparison Digikam is able to do the same things but doesn’t consume nearly as many resources, for as long.

We suppose it really wants you to be using modern hardware of the sort that is incredibly expensive and to find given the current supply chain issues worldwide.

Seriously Google, what the fuck

They are altering the agreement, pray they don’t alter it further.

Source: Google to free G Suite users: Pay up or lose your account | Ars Technica

Darth Vader: I am altering the deal. Pray I don't alter it any further

A few years ago I needed to add another domain to my Gsuite account, which led me to start paying for services there. Over time we started using it for more things but we remained leery of purchasing things from Google through Gsuite accounts or free Gmail accounts.

At some point we migrated our Google Voice number from our gmail account to the Gsuite account, and it remained there. When this migration was done Google moved everything through: contacts, text messages, call history, voicemails. Everything happened without issues or difficulties; all you had to do was unlink your carrier number from one account, migrate the GV number from Gmail to Gsuite, and re-link your carrier number.

But starting a couple of years ago Google disabled the ability to migrate from Gsuite to Gmail. Not without losing everything. We’ve been looking to migrate off Google’s infrastructure for email/calendar and everything else and it’s a non-started as long as they hold my main phone number hostage. And now Google is forcing people and companies who made the mistake of choosing Google for their services to pay up or lose everything:

oh fuck

I’ve been using this for my family since Google first introduced it as a way for Families to use vanity domains together. I have over a decade (almost 2?) of purchases tied to this account and the cost to migrate to their enterprise offering for my family is bonkers.

I don’t know what I’m going to do here as I can’t migrate my purchases out of this account and into a normal gmail account. uuuuuuuugh.

While self-hosting files and email and photos is doable, self-hosting your own mobile phone number is still complicated, and on top of that the available services still cannot compete with the simplicity of GV even as Google leaves the service to wither for years at a time. We’ve been looking at using services like https://jmp.chat/ but again, they are non-trivial:

  1. You must port your number from GV to their service.
  2. You lose everything: Contacts, text messages, call history, voicemails.
  3. You have to figure out what XMPP client to use on your devices depending on operating system, as most XMPP clients don’t support them all.
  4. You have to learn the quirks of texting people who aren’t in your contacts already.
  5. Jmp.chat itself is still marketed as Beta, and some features are still in alpha, like group messaging.

Google should offer the option to convert a Gworkspace (nee Gsuite) account to a free Gmail account, or to migrate the data from a Gworkspace account to a Gmail account. They can do it, they just choose not to because nobody can force them to do the right thing.

The current state of things is absolute bullshit.

“Burn the witch!”, they yell

This is written in Rust because I personally believe that writing security critical components that we would ship with the operating system in C is a massive disservice to our users. Go also doesn’t really have a good story to do interoperability with core C system components like this (the Go runtime is massive and as of writing this post the entire PAM module I’ve written is smaller than the Go runtime, even with a statically compiled copy of libcurl).

Source: The Surreal Horror of PAM – Xe

You can already see C fanbois off in the distance carrying pitchforks and torches