As the caption says…



I really want to know when these started to be used in a negative/derogatory way.. as if someone had the intention to keep people “low” in order to.. .well.. what?

  1. Blood is thicker than water.
    The full saying is actually “the blood of the covenant is thicker than the water of the womb.” Basically, it means exactly the opposite of what most people think. It refers to the idea that the bonds you choose to make can mean much more to you than the ones you were born into and don’t have much of a say in.
  2. Curiosity killed the cat.
    This phrase continues: “but satisfaction brought it back.” This makes sense, considering the whole idea that cats get nine lives. I often heard the first half when I was little and asking too many questions, but the full phrase suggest that there is no such thing as too many questions.
  3. A jack of all trades is a master of none.
    This saying got cut short as well and originally said “A jack of all trades is a master of none, but oftentimes better than a master of one.” Unlike what our version would lead you to believe, having multiple interests but not being an expert in anything could actually prove advantageous.
  4. Great minds think alike.
    “Small minds rarely differ” is the following line to this once reassuring quote. I would advise you try not to think about that too much the next time you and your classmates are on a roll with your group project, sometimes phrases get cut short for good reason.
  5. Money is the root of all evil.
    Again, the original version is a little longer. This biblical phrase originally reads “The love of money is the root of all sorts of evil.” There’s a difference in making more money than you could possibly spend and keeping it.
  6. My country, right or wrong.
    This is often used to justify supporting bad wars, the original actually says “My country, right or wrong; if right, to be kept right; and if wrong to be set right.” This puts the responsibility on the citizen to make sure their country is a good one, not the other way around.
  7. Starve a cold, feed a fever.
    I’ve only heard this a couple times and it could have multiple meanings just by reading it differently. Not only is it terrible advice, it’s poorly quoted. The original states “if you starve a cold, you’ll have to feed a fever.” Now, that’s advice I can take to heart.


Pi-Hole, FritzBox, and IPv6

it is the year 2019 and IPv6 still “almost works” – Today’s exhibit: The Pi-Hole

Long story short: Pi-Hole needs a couple checkboxes and command line options to properly do IPv6. Also most home routers still suck when it comes to IPv6.

I am also stubborn enough to identify and engineer ways around the issues that arise. Especially with an ISP like XS4ALL this just has to work.

The pi-hole is a nice project based on a raspberry Pi that adds a DNS resolver/cache combined with an ad-blocker in your network. That way you don’t need to use dubious browser plugins plus it also works for all mobile devices and appliances in your network.

Personally I even find it speeds up browsing as many requests are served from cache a lot better than from your typical home router. Also you can chose different DNS resolvers like OpenDNS and friends, which are not subjected to patriot act and/or corporate censorship. But more about that later.

The pi-hole does assign a IPv6 address and reacts to DNS requests on that address but now the fun begins. Every SoHo router has a way to assign static IP addresses or create static DHCP entries by mac address. IPv4 addresses… But try doing that in IPv6 and you will learn quickly that there is a difference between “works with IPv6” and “does IPv6 just like IPv4”

Also things like “global address” meaning the address should just be routed, not NAT-ted (typcial IPv4 home router has one IPv4 address that is used with PAT/overloading) – IPv6 should make that redundant. but its difficult to “draw the line” between net and host there. (also people seem to not understand that opening a port on a firewall is just as secure as hiding that host behind NAT/PAT. In fact, it should even be easier but hey..

so long story short: (needs more screenshots)

it used Google’s DNS as a forward target.

difference from default setup:
– IPv6 forwarding is enabled (settings > DNS)
– /etc/pihole/setupVars.conf needed editing > IPv6 address was changed after reboot
– I also edited /etc/pihole/pihole-FTL.conf, and added AAAA_QUERY_ANALYSIS=yes
– I restarted pihole-FTL with: systemctl restart pihole-FTL

check in the Fritz Box under advanced > network > IPv6 addresses and set up the new IPv6 address as advertised DNSv6 server (confirm with phone)

do the same for ipv4 (instead of itself, the box should advertise the pi-hole as DNS server/cache/resolver)

somehow I think I should use one of my remote machines to monitor availability for IPv4 and IPv6 – I don’t trust this setup just yet but I also need to read a lot on how IPv6 is “supposed” to be done (static seems weird. SLAAC seems a workaround. Three has to be a better way)




Zwift – or how I learned to enjoy working out

So I eat too much. Or my metabolism is too efficient. Either way, if I don’t work out I get fat. Slowly but steady. Also, I eat when I am stressed so it’s a spiral that I need to avoid. (not even thinking of the benefits of exercise on my mental health. yea.. Depression, I am talking about you!)

I have been to the Gym, I have had a personal trainer, had the evening walks scheduled and I found out I have gotten really good at finding excuses not to go to sports – even to the point of creating escalations at work so I can not make it home in time for the sports class.

Also I love biking so a friend pointed me to zwift. It is basically a MMO sports “game” – I will come to the point of game later but I must say, this eliminates all but one of the possible reasons for me not to exercise. Rain, cars, darkness, time, etc.. all do not apply anymore. And it is either recreational or follows a strict schedule. I can decide on the workout.

the “view” in 1st person. Obviously I need that. I am not a console gamer, FPV FTW!

I chose for the “budget” setup, re-purposing a cheap racebike – there are also solutions out there that work directly with zwift (and other setups) and are a lot more powerful, like the Tacx Neo 2 Smart but that’s something for when the bike and/or the trainer dies.

Right now I used the following components, most of them I had in house already, I only had to buy the actual trainer and the ANT+ sensor (I learned later that you can even save on that by routing the heart and cadence/rpm/wattage signal via your phone and bluetooth using the companion app)

  • Tacx Flow Smart trainer (Decathlon exclusive) – 250,- euro
  • A mat to absorb vibration / protect against sweat (you will sweat!) – 20 euro
  • ANT+ sensor for USB – 15 – 40 euro (amazon vs. branded)
  • pulse meter – bluetooth and/or ANT – 35 euros
  • two fans for cooling/airflow – honeywell – 25 euro each
  • A Zwift subscription (15/month. that one hurts. There is free software out there, like bkool and rouvy but I like the ‘data porn’ approach of Zwift and I dig the massive multiplayer aspect.

the rest of the things I already owned / they accumulate and some things were donated by friends.

  • an old bike (second hand, 100 euro)
  • an old TV / large monitor used as a monitor (free as I had it over)
  • a computer that can run 3d software (anything above Intel 4000 GMA will do)
  • an old soundbar and subwofer. Motivation comes at 140-160 bpm
  • a table / stand to get the TV higher

Been doing this for a year now.. so far it works and I am neither bored, nor annoyed, nor do I get embarrassed or otherwise distracted. Also no excuses. That thing stands in front of me and I can not ignore it. No matter the time or mood or weather.

It’s only me, music and Rule 5 ;)

My next home will have a dedicated training room. That much I know.

update: new home 2020 :)


a life hack for men…?

Someone on the internet pointed out that there are two things that men should understand in order to evolve beyond neandertal/patriarcy mindset.

  • being nice does not entitle you to sex, it is the bare minimum (on which you can (and should) build up from) – you can always improve!
  • sexism is not ok. never.

But I also found out (by talking to people and observing people) that many men are not even aware they are being sexist. This may have multiple reasons (I blame the parents but it could also be something hard-wired.. or hormones.. or a combination of the three…)

Anyway: it’s called “The Rock Test” 
Source: Medium

it basically comes down to:

before you open your mouth and make that comment, replace the visual image of the woman with The Rock. Would you still make that comment?

or. as the author said herself:

It’s as clear cut as this: Treat all women like you would treat Dwayne “The Rock” Johnson.


Fedora 27 install log

installing Fedora 27 on my laptop, some notes on qemu/libvirt and rpmfusion

rpmfusion is still needed for vlc and other goodies although it gets less important

qemu/virt-manager can now nicely run windows 10, just keep a few things in mind:


To obtain a good level of performance, we will install the Windows VirtIO Drivers during the Windows installation.

Create a new VM, select “Microsoft Windows 8/2012” continue and mount your Windows 10 ISO in the CDROM drive
For your virtual hard disk select “VirtIO” as bus and “Write back” as cache option for best performance (the No cache default is safer, but slower)
Configure your memory settings as needed, continue and set “VirtIO (paravirtualized)” as network device, finish your VM creation.
For the VirtIO drivers, upload the driver ISO (use the stable VirtIO ISO, get it from here) to your storage, create a new CDROM drive (use “Add -> CD/DVD drive” in the hardware tab), and load the Virtio Drivers ISO in the new virtual CDROM drive
Now your ready to start the VM, just follow the Windows installer.

Launch Windows install using DVD .iso

After starting your VM launch the console
Follow the installer steps until you reach the installation type selection where you need to select “Custom (advanced)”
Now click “Load driver” to install the VirtIO drivers for hard disk and the network. (successfully tested with “virtio-win-0.1.118.iso”)
hard disk: Browse to the CD drive where you mounted the VirtIO driver and select folder “viostor\w10\amd64” and confirm. Select the “Red Hat VirtIO SCSI controller” and click next to install it. Now you should see your drive.
Network: Repeat the steps from above (click again “Load driver”, etc.) and select the folder “NetKVM\w10\amd64”, confirm it and select “Redhat VirtIO Ethernet Adapter” and click next.
Memory Ballooning: Again, repeat the steps but this time select the “Balloon\w10\amd64” folder, then the “VirtIO Balloon Driver” and install it by clicking next. With these three drivers you should be good covered to run a fast virtualized Windows 10 system.
Choose the drive and continue the Windows installer steps.

Now, Cortana will chat, mute her or talk to her, this installs windows 10.

Once the install is done, make sure to check device manager for missing drivers, use the ISO to install them.

4 GB RAM and 2 CPUs work reasonably fine for me. 3D acceleration is.. I didn’t get SPICE to work properly with my intel integrated graphics.

The normal display driver however works quite well when installing the qxldod driver
from the CD: viostor\w10\amd64\ right-click the .inf file and install

also, install the 64 bit version of the guest-agent.


cloud-to-butt browser plugin reloaded

I have found my old cloud-to-butt plugin for Firefox and changed “Trump” and “Donald Trump” to “Beeblebrox” and “Zaphod Beeblebrox”
the results are pleasing me!


change is good

I forgot how good it feels to change, to be active.

Life is changing and I am part of it. I am not afraid anymore.

I must not fear.
Fear is the mind-killer.
Fear is the little-death that brings total obliteration.
I will face my fear.
I will permit it to pass over me and through me.
And when it has gone past I will turn the inner eye to see its path.
Where the fear has gone there will be nothing.
Only I will remain.


Fedora 23 TRIM SSDs

running fedora 23 with full-disk encryption on an SSD – no TRIM support?

fstrim: /home: the discard operation is not supported

now.. it is not in fstab because we run crypto so let’s do this the right way: (I think)

1) in /etc/crypttab add “discard” to your crypto partition

luks UUID=4aa302cb-4b9a-413b-a862-9856ed5ddbba none discard

2) in /etc/lvm/lvm.conf, at the end of the ‘devices’ section, set “issue_discards = 1

3) rebuild initramfs and reboot
grubby --update-kernel=ALL --args=rd.luks.options=discard
dracut -f

now it should work, check with fstrim –verbose –all

# fstrim –verbose –all
/home: 53,9 GiB (57874288640 bytes) trimmed
/boot: 324,6 MiB (340356096 bytes) trimmed
/: 21,9 GiB (23504187392 bytes) trimmed

4) use systemctl to run a weekly job for that
systemctl ebable fstrim.timer
systemctl start fstrim.timer
systemctl status fstrim.timer


# systemctl status fstrim.timer
● fstrim.timer – Discard unused blocks once a week
Loaded: loaded (/usr/lib/systemd/system/fstrim.timer; enabled; vendor preset: disabled)
Active: active (waiting) since Do 2016-06-16 07:27:27 CEST; 15min ago
Docs: man:fstrim

Jun 16 07:27:27 anakin systemd[1]: Started Discard unused blocks once a week.
Jun 16 07:27:27 anakin systemd[1]: Starting Discard unused blocks once a week.

UPDATE: Seems Fedora 24 understands the kernel boot argument so:
edit /etc/default/grub and add rd.luks.options=discard to the end

GRUB_DISTRIBUTOR=”$(sed ‘s, release .*$,,g’ /etc/system-release)”
GRUB_CMDLINE_LINUX=” rd.luks.uuid=luks-4aa302cb-4b9a-413b-a862-9856ed5ddbba r
hgb quiet rd.luks.options=discard

now just rebuild grub and the initramfs step should not be neccessary, anymore… (you do need the lvm part and the systemd timer)
grub2-mkconfig -o /boot/grub2/grub.cfg


owncloud ubuntu 16.04 and logwatch

log of installing owncloud on ubuntu server 16.04 with logwatch

following the default install manual

decide for root webserver or subdomain
(cloud.[domain].[tld]) or just my homeserver

moving data dir elsewhere and setting permissions

set up letsencrypt

open firewall for https

adding logwatch scripts