Category Archives: personal

things that matter to me personally

Bruscetta

Posted on by

6 roma (plum) tomatoes, chopped
1/2 cup sun-dried tomatoes, packed in oil
3 cloves minced garlic
1/4 cup olive oil
2 tablespoons balsamic vinegar
1/4 cup fresh basil, stems removed
1/4 teaspoon salt
1/4 teaspoon ground black pepper
1 French baguette
2 cups shredded mozzarella cheese

Directions

Preheat the oven on broiler setting.
In a large bowl, combine the roma tomatoes, sun-dried tomatoes, garlic, olive oil, vinegar, basil, salt, and pepper. Allow the mixture to sit for 10 minutes.
Cut the baguette into 3/4-inch slices. On a baking sheet, arrange the baguette slices in a single layer. Broil for 1 to 2 minutes, until slightly brown.
Divide the tomato mixture evenly over the baguette slices. Top the slices with mozzarella cheese.
Broil for 5 minutes, or until the cheese is melted.

caring for your raspberry pi

Posted on by

if you have a raspberry that is colocated and on 24×7 you might want to perform regular maintenance on it.
Especially the SD card needs to be taken care of if you don’t want to have it die prematurely.
One thing to do is to upgrade the firmware to the latest version which is easy (when you are running raspian) using

‘sudo rpi-update’

followed by a reboot

then the usual apt-get update/upgrade
change pi’s password (or remove pi entirely) > make sure you add your new user to all the groups the “pi” user had!

now, how to extend the life of the sdcard?
UPDATE 2014: raspian does most of these things, see below for more ideas:

sudo dphys-swapfile swapoff
sudo dphys-swapfile uninstall
sudo update-rc.d dphys-swapfile remove

The next thing was to move /tmp to memory. Just issue:

sudo vi /etc/default/tmpfs

And then set this parameter:

RAMTMP=yes

Finally, I wanted the logfiles in memory too. Note that they quietly disappear every time you shutdown, so they are of very little use when your Raspi has crashed. Just issue:

sudo vi /etc/fstab

And make sure it looks like this:

proc /proc proc defaults 0 0
/dev/mmcblk0p1 /boot vfat defaults,noatime 0 2
/dev/mmcblk0p2 / ext4 defaults,noatime 0 1
logfs /var/log tmpfs size=10M,noatime 0 0

this is the old stuff: (2013)

everything that read/writes needs to be restricted.
think of things like:
– disable swap
– disable journaling
– the ‘noatime’ flag
– move often used directories to ram disk or external disk (off the sdcard)

another thing to consider is that modern sdcards spread the read/writes over the entire card to minimize wear of a single area – this works pretty well but the card will not let you know that it is breaking, like a PC harddrive will (sector errors, I/O errors, etc…)

so: leaving space over on the sdcard allows it to perform “wear leveling” more effectively – statistically calculated having a lot of space free on the card will allow it to live a lot longer as it can spread the reads/writes across a larger area
http://electronics.stackexchange.com/a/27626/3774
command to use; ‘df -h’ <-- shows free space on all partitions now on to my raspberry that crashes weekly and needs a reboot - noatime seems enabled: proc /proc proc defaults 0 0 /dev/mmcblk0p5 /boot vfat defaults 0 2 /dev/mmcblk0p6 / ext4 defaults,noatime 0 1 swap file is disabled already, too what else can I do?

“I can fix this”

Posted on by

just heard children scream and cry from the other room.. then one comes to the kitchen, fetches scissors and says “don’t worry, I can fix this” and goes back to the room…”

Just stay calm…breathe.. allow them to grow up alone and find their way

on marriage

Posted on by

(found on the internet)

While waiting to pick up a friend at the airport in Portland, Oregon, I had one of those life-changing experiences that you hear other people talk about the kind that sneaks up on you unexpectedly.

This one occurred a mere two feet away from me.

Straining to locate my friend among the passengers deplaning through the jetway, I noticed a man coming toward me carrying two light bags. He stopped right next to me to greet his family.

First he motioned to his youngest son (maybe six years old) as he laid down his bags. They gave each other a long, loving hug. As they separated enough to look in each other’s face, I heard the father say, “It’s so good to see you, son. I missed you so much!” His son smiled somewhat shyly, averted his eyes and replied softly, “Me, too, Dad!”

Then the man stood up, gazed in the eyes of his oldest son (maybe nine or ten) and while cupping his son’s face in his hands said, “You’re already quite the young man. I love you very much, Zach!” They too hugged a most loving, tender hug.

While this was happening, a baby girl (perhaps one or one-and-a-half) was squirming excitedly in her mother’s arms, never once taking her little eyes off the wonderful sight of her returning father. The man said, “Hi, baby girl!” as he gently took the child from her mother. He quickly kissed her face all over and then held her close to his chest while rocking her from side to side. The little girl instantly relaxed and simply laid her head on his shoulder, motionless in pure contentment.

After several moments, he handed his daughter to his oldest son and declared, “I’ve saved the best for last!” and proceeded to give his wife the longest, most passionate kiss I ever remember seeing. He gazed into her eyes for several seconds and then silently mouthed. “I love you so much!” They stared at each other’s eyes, beaming big smiles at one another, while holding both hands.

For an instant they reminded me of newlyweds, but I knew by the age of their kids that they couldn’t possibly be. I puzzled about it for a moment then realized how totally engrossed I was in the wonderful display of unconditional love not more than an arm’s length away from me.

I suddenly felt uncomfortable, as if I was invading something sacred, but was amazed to hear my own voice nervously ask, “Wow! How long have you two been married?” “Been together fourteen years total, married twelve of those.” he replied, without breaking his gaze from his lovely wife’s face. “Well then, how long have you been away?” I asked the man finally turned and looked at me, still beaming his joyous smile.“Two whole days!” Two days? I was stunned.

By the intensity of the greeting, I had assumed he’d been gone for at least several weeks – if not months. I know my expression betrayed me, I said almost offhandedly, hoping to end my intrusion with some semblance of grace (and to get back to searching for my friend), “I hope my marriage is still that passionate after twelve years!” The man suddenly stopped smiling.

He looked me straight in the eye, and with forcefulness that burned right into my soul, he told me something that left me a different person. He told me: “Don’t hope, friend… decide!”

on depression

Posted on by

I decided to write a litle stuff together and find out if I can contribute to this community. I found my way out of a severe depression mostly because of my wife and my work, both giving me incredible stability and acting as an anchor to “pull myself” out” – but I couldn’t have done it without the help of medicine bringning my mental balance back to ‘normal’ levels

Experts agree that depression is caused by low serotonine levels but the experts bikeshed about what the best way is to keep these levels back to normal (preventing the body from absorbing them? substituting them? forcing another drug to synthesize them?) – besides that, most antidepressants have a long history of wicked side effects; loss of libido/sex drive being the worst (but then, thinking back, once you are clinically depressed, the last of your worries is sex…)

I have met people who show signs of depression (there are early warning signs but people mostly ignore them or – even worse – they never mention that they have problems because:
a) they fear it will make them susceptible to trolling and jokes
b) society doesn’t accept depression – you are just “too weak”

Jokes – like the all-too-common attack on ones pride in front of others (email/chat/in public) – mostly used by someone to improve his low self-esteem on the expense of anothers who’s self-esteem has to lower for that to work (‘what a loser/weakling, mietje, watje, etc…”)
and even “go kill yourself” is frequently expressed in pseudo-anonymous environments where people just too carelessly say things they would never say if they could see the impact of what they are saying in real life. (missing non-verbal component of a conversation)

Society – the way we live it at the moment – judges people by what they are but by what they achieve – this is expecially dominant in the finance world but also in germany where i come from – your school degree is so incredibly important there because it alone will open the
door to higher education or to a good job. You can just not apply for a job without the right papers, there. A thing the Dutch have solved at a better level (speaking of experience there)
Also look at the German stereotypical “my car has to be better than the neighbors car” – this also works for sales / consultants.
Would you buy a 500K Euro server cluster from a consultant that visits you in a Toyota Aygo? (no offense, Mattronix, just stating facts from sales pitches in our company…)
So, this society.. how does it react to you being depressed? Probably helpful and proactive but the problem is you, you grew up being competitive, being “better than the others” – your school, your
parents and your work all tell you that only achievements count (even video games these days focus on these instead of a good storyline or immersive experience…)

So what do you do when you feel the others all can party on, work harder and achieve more and you can’t even drag your body out of bed or to the social evening at the hackerspace where hugs are free and friends are happy to listen to you?
You are afraid. Afraid to be stigmatized as a “loser” and that is precisely what will happen.
Of course, not publicly, everyone will act helpful and try to comfort you (that dreaded line “everything will be okay” – if you want to see me in hate-rage just say this to me when I feel bad!)
But behind your back they will start to make plans to assign your work to someone else, someone more capable, afraid you will become another number on the ‘long term illness” list, check how they can get rid of you and find someone less of a loser.
Or do they? Maybe you just imagine this because you are depressed and everything is painted black anyway so it will turn out worse?
Once your self esteem suffers it gets worse

The Dutch have a word for this: “piekeren”
– I have yet to find an English and a German word for it but this is the worst of it, this constant thinking, grinding, questioning, judging, asking, rejecting and never having a silent moment for yourself. You can overload yourself with projects and work to make sure you never have a moment for yourself so you don’t start to think in spirals but that works only as long as your energy reserves last – at one point you will fall – and the longer you have postponed it the deeper you will fall.

It is a downward spiral and it feels great to feed it more negative things, something your brain excels at when you are depressed – you perceive everyone who tries to help you as an intruder, an enemy, withdrawing yourself from people even more – eliminating the only thing that can help you get out of it – your friends.
And in the end you are alone with your thoughts… and then the thoughts about suicide start… and they seem like a very good solution the more you think about it…

IT MUST NOT COME TO THIS

“suck it up” doesn’t work once you are in there – you have to ask for help, probably take meds for a couple of weeks and – most importantly: Work actively on a plan how to prevent this from happening again
Accept that you are depressed, analyze your life, the last years of your life, what you did, what moved you, what motivated you, what frustrated you – talking to a psychologist helps tremendously to untie this knot that has formed in your brain and changing your lifestyle somewhat is absolutely neccessary – just eating pills won’t get you out of it.
I have started searching for institutions who deal with depression and expecially depression in young people who associate with a tribe, with the internet community, for example hackers and gamers – these people don’t have a social network as someone has who goes dancing every weekend – they have peers all over the world but they might not be able to ask for help because the normal rules of society don’t apply to them. Let’s find them a safe harbor, show them that there is a way out.

No more hacker suicides!

Please contact me if you want to take this further, have other ideas, want a hug or know of someone who had other experiences – please, I would do everything I can to prevent someone from becoming clinically depressed.

http://technoccult.net/archives/2011/07/20/the-neuroscience-of-depression-and-what-to-do-about-it/
http://www.theverge.com/2013/8/14/4618718/hacker-depression-def-con
https://www.youtube.com/watch?v=QnfOOoTOrDE
http://s.ai/suicide
http://bluehackers.org/

and last but not least:
http://www.aaronsw.com/weblog/verysick

Quote: “I don’t talk about it much, for a variety of reasons. I feel ashamed to have an illness. (It sounds absurd, but there still is an enormous stigma around being sick.) I don’t want to use being ill as an excuse.”

debian startup script skeleton

Posted on by

#! /bin/sh
# /etc/init.d/blah
#

# Some things that run always
touch /var/lock/blah

# Carry out specific functions when asked to by the system
case “$1” in
start)
echo “Starting script blah ”
echo “Could do more here”
;;
stop)
echo “Stopping script blah”
echo “Could do more here”
;;
*)
echo “Usage: /etc/init.d/blah {start|stop}”
exit 1
;;
esac

exit 0

You should ensure it is runnable and owned by root.

sudo chmod 755 /etc/init.d/blah
sudo chown root:root /etc/init.d/blah

Then you need to register it to run at startup.

sudo update-rc.d blah defaults

References

http://www.debian-administration.org/articles/28

!# linux (chrunchbang)

Posted on by

trying out this debian-based distro as ubuntu is getting a bit boring
I expect to learn more using a “proper” debian I thing – openbox is a bit tricky as a window manager (opposed to a desktop manager / environment)

note: apt-get dist-upgrade apparently replaced upgrade

problems/solutions/more nifty ideas:
https://debianhelp.wordpress.com/2012/10/02/crunchbang-11-waldorf-debian-wheezy-os/

http://crunchbanglinux.org/wiki/howto_pages

some thoughts on laptop / sensors:
lm-sensors
sensors-detect

stuff to add:

apt-get install unace rar unrar p7zip zip unzip p7zip-full p7zip-rar sharutils uudeview mpack arj cabextract file-roller audacious

apt-get install w64codecs libdvdcss2 gstreamer0.10-fluendo-mp3 ffmpeg sox twolame vorbis-tools lame faad gstreamer0.10-ffmpeg gstreamer0.10-plugins-bad

apt-get install ttf-mscorefonts-installer

apt-get install gstreamer0.10-ffmpeg gstreamer0.10-fluendo-mp3 gstreamer0.10-gnonlin gstreamer0.10-plugins-bad gstreamer-tools

apt-get install libxine1-ffmpeg gxine mencoder mpeg2dec vorbis-tools id3v2 mpg321 mpg123 libflac++6 ffmpeg libmp4v2-2 totem-mozilla icedax tagtool easytag id3tool lame libmad0 libjpeg-progs libquicktime2 flac faac faad sox ffmpeg2theora libmpeg2-4 uudeview flac libmpeg3-1 mpeg3-utils mpegdemux liba52-0.7.4-dev

use these repositories for xv (gxine wants it)
deb http://debian.physik.hu-berlin.de/addons wheezy /
#deb-src http://debian.physik.hu-berlin.de/addons wheezy /

now let’s save some power

create /etc/pm/power.d/powersave
thanks to:

#!/bin/sh
# A script to enable laptop power saving features for #! & Debian GNU+linux.
# http://crunchbanglinux.org/forums/topic/11954

# List of modules to unload, space seperated. Edit depending on your hardware and preferences.
modlist="uvcvideo"
# Bus list for runtime pm. Probably shouldn't touch this.
buslist="pci spi i2c"

case "$1" in
true)
# Enable some power saving settings while on battery
# Enable laptop mode
echo 5 > /proc/sys/vm/laptop_mode
# Less VM disk activity. Suggested by powertop
echo 1500 > /proc/sys/vm/dirty_writeback_centisecs
# Intel power saving
echo Y > /sys/module/snd_hda_intel/parameters/power_save_controller
echo 1 > /sys/module/snd_hda_intel/parameters/power_save
# Set backlight brightness to 50%
echo 5 > /sys/devices/virtual/backlight/acpi_video0/brightness
# USB powersaving
for i in /sys/bus/usb/devices/*/power/autosuspend; do
echo 1 > $i
done
# SATA power saving
for i in /sys/class/scsi_host/host*/link_power_management_policy; do
echo min_power > $i
done
# Disable hardware modules to save power
for mod in $modlist; do
grep $mod /proc/modules >/dev/null || continue
modprobe -r $mod 2>/dev/null
done
# Enable runtime power management. Suggested by powertop.
for bus in $buslist; do
for i in /sys/bus/$bus/devices/*/power/control; do
echo auto > $i
done
done
;;
false)
#Return settings to default on AC power
echo 0 > /proc/sys/vm/laptop_mode
echo 500 > /proc/sys/vm/dirty_writeback_centisecs
echo N > /sys/module/snd_hda_intel/parameters/power_save_controller
echo 0 > /sys/module/snd_hda_intel/parameters/power_save
echo 10 > /sys/devices/virtual/backlight/acpi_video0/brightness
for i in /sys/bus/usb/devices/*/power/autosuspend; do
echo 2 > $i
done
for i in /sys/class/scsi_host/host*/link_power_management_policy
do echo max_performance > $i
done
for mod in $modlist; do
if ! lsmod | grep $mod; then
modprobe $mod 2>/dev/null
fi
done
for bus in $buslist; do
for i in /sys/bus/$bus/devices/*/power/control; do
echo on > $i
done
done
;;
esac

exit 0

dont forget to make it executable!

more info on powersaving on linux:

Replace ice weasel with Firefox
install from ubuntuzilla repo
add to sources.list: deb http://downloads.sourceforge.net/project/ubuntuzilla/mozilla/apt all main
apt-key adv –recv-keys –keyserver keyserver.ubuntu.com C1289A29
apt-get install firefox, thunderbird, seamonkey
change / create symlink in /usr/bin
ln -s /opt/firefox/firefox /usr/bin/firefox
ln -s /usr/lib/mozilla/plugins /opt/firefox/plugins
(use -f to overwrite if exists in /opt)
update-alternatives –install /usr/bin/x-www-browser x-www-browser /opt/firefox/firefox 100

install adblockplus, java, flash?
apt-get install default-jre
# apt-cache search sun-java (find oracle-something)

what else… ? see chrunchbang thread for ideas :)

http://techpatterns.com/forums/about1435.html
http://crunchbang.org/forums/viewtopic.php?pid=271769

install keyring, GPG keys, SSH keys
.ssh/ needs to be 700, the actual key 600
don’t forget to add it to the system using ‘ssh-add’ – see below for more tips

easier: install ‘keychain’ and tie it to the terminal to unlock ssh key

update your $HOME/.bash_profile file
$ vi $HOME/.bash_profile
Append the following code:

### START-Keychain ###
# Let re-use ssh-agent and/or gpg-agent between logins
/usr/bin/keychain $HOME/.ssh/id_rsa
source $HOME/.keychain/$HOSTNAME-sh
### End-Keychain ###

this will work for shell – add it for “terminator” aswell, the default for !#

next, install mosh,
Apt-get install mosh
open a port on the remote server between 60000 and 61000 and apply it to the raspi as server
take over a screen session using mosh:
$ mosh remotebox — screen -dr

raspberry installation

Posted on by

so I got this raspberry with free transit and hosting so I thought I’d turn it into a chat server, VPN/proxy server and a remote nagios probe

log:
after setting up hostnames and hosts file and manipulating my DNS settings

A-record, AAAA-record set up
/etc/hostname replaced with FQDN (matching DNS)
/etc/hosts amended with:
ip.ad.dr.ess fully.qualified.domain.name fully
[IPv6 address] fully.qualified.domain.name fully
reboot and test ssh to it, etc..

then:
apt-get install nagios-nrpe-server irssi irssi-scripts

consider:
iptables
logrotation

set up irssi with screen:
very nice website: http://quadpoint.org/articles/irssi
split-screen notify is nice
the hilight script makes it even better:

To do this, first load the script. The script I use is a modified version of cras’s hilightwin.pl that logs timestamps as well. It is available here: http://static.quadpoint.org/irssi/hilightwin.pl

Put the script in ~/.irssi/scripts/autorun/ and type /run autorun/hilightwin.pl in irssi.

Next, create the split window. This is done with the /window command. See /help window for details on how this works.

/window new split
/window name hilight
/window size 6

another nice idea: auto-away inside screen:

/set screen_away_active ON
/set screen_away_message
/set screen_away_nick <-- optional.. Annoys people Download: scripts.irssi.org/scripts/screen_away.pl Install mosh http://mosh.mit.edu/#getting

RIPE NCC 25/09/2013 IPv6 for LIRs course

Posted on by

compress IPv6 addresses with double colons from the left to the right

also don’t compress a single quad of 4 zeroes

(read RFCs if wanted)

Status “ASSIGNED PA” becomes “ASSIGNED”

AGGREGATED-BY-LIR is new: put all your /56’s that you assign to customers there
use “assignment-size” switch to show how big the assignments are

sub-allocated-pa becomes “allocated-by-lir”
see: http://www.ripe.net/lir-services/resource-management/faq/sub-allocation

INFRASTRUCTURE is a

getting PI IPv6 space:

minimum /48
NO SUB-ASSIGNMENTS!!! Never.

example Fridge6:
4000 fridges – each with internet, security, alerting and wifi router

transition mechanisms
6in4?
6to4 uses anycast!
6RD > relay operations!
NAT64!
DNS64
464xlat > fixes the problems NAT64/DNS64 causes
DS-lite – tunnel ipv4 over ipv6

conclusion: DUAL-STACK while you can
it is still possible!

use /64’s for Loopbacks!

network design: Take the router with the most interfaces and prepare for a /64 per interface
STANDARDIZE!
don’t assign different sizes for routers
imagine: Nexus 7000 – maximum port density?
256 interfaces per router is assumed so /56 per router
or /52 per router, 4096 x /64 per port
/40 per router/switch that can handle customers > 256 x /48 possible

the number of hosts in a /64 is irrelevant!

SLAAC

flip the bit and use EUI-64
listen to RA’s
a router’s response will contain:
– address of router
– prefixes allowed on link
– SLAAC allowed?
– MTU

problem: Privacy! – same MAC address
solution: Privacy extensions (random ID)

“managed” flag forces DHCPv6

security:
use RA guard
disable RA’s (cisco)
human error!!!

colo checklist:

set ACLs
set SNMP (and protect)
have DNS working

SLAAC can assign you a subnet “unexpectedly”
not all firewalls support ipv6
be careful with “ipv6 ready”

DSL provider:
/48 per pop
/56 per router
/64 per interface

servers:
don’t use EUI-64!
no autoconfig
port number for services > IPv6 addresses!
set gateway manually

in the CORE: USe /64 per link – ::1 and ::2 stuff
easy to remember

RIPE tools:
download RIPE 554 and “what to do with IPv6”

> stars get t-shirt