Canadian software engineer living in Europe.

  • 4 Posts
  • 107 Comments
Joined 1 year ago
cake
Cake day: June 7th, 2023

help-circle


  • There it is! Thank you! It’s a process owned by root called kworker/0:0+kacpid. Any idea what that is?

    [Edit 1] Interestingly, I can’t even kill -9 it.

    [Edit 2] With kworker kacpid to work with, I did a quick search and found this SO page that has some interesting information that I only partially understand, but the following worked like a charm:

    # grep -Ev "^[ ]*0" /sys/firmware/acpi/interrupts/gpe?? | sort --field-separator=: --key=2 --numeric --reverse | head -1
    /sys/firmware/acpi/interrupts/gpe09:11131050     STS enabled      unmasked
    # echo disable > /sys/firmware/acpi/interrupts/gpe09
    

    It’s not clear to me what an interrupt is or whether this gpe09 value is meant to be persistent across reboots, or why this only seems to be happening in the last couple months, but if I can make it go away by running the above from time to time, I guess it’s alright?



  • Generally, I agree. I think what I meant by the above is “how would you tell someone how to use the thing”. My favourite example is email vs email-with-PGP.

    How do you send an email?

    1. Open client
    2. Click “send new email”
    3. Type your email
    4. Click send

    How do you send a PGP-encrypted email

    Let’s first talk about this thing called a “keyserver”. Once you know what that is, you’ll have to go out and find some keys to add to it. We’re not going to talk about styling your message 'cause that’s not something you should be able to do… etc. etc.


  • This is a common problem with Free software, and honestly I think it’s our biggest one: we build stuff for ourselves and stop there. If we want our stuff to be adopted (which, for things that rely on network effects, we do) then we need to pay more attention to usability.

    Here’s a suggestion for anyone starting a project they think they might share. Before you start writing any code, write the documentation. Then rewrite it from the perspective of the least tech-literate person you know who you’d still want to use the project. Only after you’ve worked out how easy it should be for this person to get started, then you can start writing the thing.


  • I’ve been self-hosting my blog for 21years if you can believe it, much of it has been done on a server in my house. I’ve hosted it on everything from a dusty old Pentium 200Mhz with 16MB of RAM (that’s MB, not GB!) to a shared web host (Webfaction), to a proper VPS (Hetzner), to a Raspberry Pi Kubernetes cluster, which is where it is now.

    The site is currently running Python/Django on a few Kubernetes pods on a few Raspberry Pi 4’s, so the total power consumption is tiny, and since they’re fanless, it’s all very quiet in my office upstairs.

    In terms of safety, there’s always a risk since you’re opening a port to the world for someone to talk directly to software running in your home. You can mitigate that by (a) keeping your software up to date, and (b) ensuring that if you’re maintaining the software yourself (like I am) keeping on top of any dependencies that may have known exploits. Like, don’t just stand up an instance of Wordpress and forget about it. That shit’s going to get compromised :-). You should also isolate the network from the rest of your LAN if you can. Docker sort of does this for you (though I hear it can be broken out of), but a proper demarcation between your laptop and a server on the Open web is a good idea.

    The safest option is probably to use a static site generator like Hugo, since then your attack surface is limited to whatever you’re using to serve the static sites (probably Nginx), while if you’re running a full-blown application that does publishing etc., then that’s a lot of stuff that could have holes you don’t know about. You may also want to setup something like Cloudflare in front of your site to prevent a DOS attack or something from crippling your home internet, though that may be overkill.

    But yeah, the bandwidth requirements to running a blog are negligible, and the experience of running your own stuff on your own hardware in your own house is pretty great. I recommend it :-)






  • Daniel Quinn@lemmy.catoSelfhosted@lemmy.worldPort Forwarding/Redirecting
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    1
    ·
    2 months ago

    At the firewall level, port forwarding forwards traffic bound for one port to another machine on your network on an arbitrary port, but the UI built on top of it in your router may not include this.

    If it’s not an option in your Fritzbox, your options are:

    • Make the service running on your internal network listen on one of those high-number ports instead.
    • Introduce another machine on the network that also performs NAT between your router and your machine
    • Try to access the underlying firewall in your router to tweak the rules manually. Some routers have an admin console accessible via telnet or SSH that may allow this.
    • Get a new router.

    The first and last options on this list are probably the best.


  • Daniel Quinn@lemmy.catoLinux@lemmy.mlIs Linux As Good As We Think It Is?
    link
    fedilink
    English
    arrow-up
    47
    arrow-down
    2
    ·
    edit-2
    29 days ago

    You make an excellent point. I have a lot more patience for something I can understand, control, and most importantly, modify to my needs. Compared to an iThing (when it’s interacting with other iThings anyway) Linux is typically embarrassingly user hostile.

    Of course, if you want your iThing to do something Apple hasn’t decided you shouldn’t want to do, it’s a Total Fucking Nightmare to get working, so you use the OS that supports your priorities.

    Still, I really appreciate the Free software that goes out of its way to make things easy, and it’s something I prioritise in my own Free software offerings.



  • Daniel Quinn@lemmy.catoLinux@lemmy.mlCompanies that use desktop Linux
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    1
    ·
    edit-2
    2 months ago

    In my experience, the larger the company, the more likely they are to force you to use Windows. The smaller companies will be more relaxed about the whole thing.

    The largest company I’ve worked for that allows Linux had a staff count of hundreds of engineers and hundreds more non-nerds. In their case though, the laptops were crippled with Crowdstrike and Kollide and while the tech team was working hard to support us, we were always aware that we made up around 1% of the machines they manage and represented a big chunk of their headaches.

    The response to this you usually hear (from me even) is that “I don’t need support, I know what I’m doing”. Which is probably true, but the vast majority of problems is in dealing with access to proprietary systems, failures from Crowdstrike or complaints about kernel versions etc.

    TL;DR: work at a small company (<100 staff) and they’ll probably leave you alone. Go bigger and you’ll be stuck fighting IT in one way or another.


  • It would be absolutely bizarre if you couldn’t connect with WireGuard port and Wireguard obfuscation set to Automatic. Things to try first:

    1. Connect without your VPN and try to access a single website like the theguardian.com
    2. Once that’s working, enable your VPN and that should do it.
    3. If you still can’t get connected, try switching out different countries. Each country listed corresponds to an IP to which your machine will try to connect over a benign port like 443 – so blocking that sort of traffic would be mad unless the IP is explicitly blocked. Therefore, driving to different country targets offers a different IP every time. They’d have to know Mulvad’s whole list and block them all.

    If the above somehow doesn’t work, Mulvad offers support through which you can get a temporary Server IP override. You can enter that in the bottom portion of your app’s settings.



  • Because Ubuntu is the worst of both worlds. Its packages are both old and unstable, offering zero benefit over always-up-to-date distros like Arch or the standard Debian.

    Especially when you’re running a containerised environment, there’s just no reason to opt for anything other than a stable, boring base OS while your containers can be as bleeding edge, crazy, or even Ubuntu-based as you like.




  • I’ve been using Arch for about 15 years or so, and yes, I build up cruft… in my home directory ;-). The system itself is remarkably good at keeping tidy. The one spot to keep an eye on is /var/cache/pacman, as that’s where it stores every package you download before installation and it won’t delete it without you asking it to.

    Any new config file will be saved with a .pacsave extension, so you’ll want to keep an eye out for those, but that’s basically it