Niels K.

TIL: Backup-cronjobs shouldn’t run between 2 and 3 am. In March they don’t run one night at all and in October they run in one night twice.

Even though tonight’s Mutants and Masterminds-session stuttered a bit, it was fun. The heroes defeated the super villain and the first number found an end.

Green Ronin has in Mutants and Masterminds a black supervillain whose name is „Nega-Watt“ (from negative since he can nullify electricity). Even in English I cannot think of a PC-version of the names pronounciation.

Ich suche für mein Team an Linux-Sysadmins Verstärkung (BSD wird derzeit auch an einigen Stellen genutzt). Muss nichts senioriges sein. Remote ist möglich. Bei Fragen gern PM.…

I am getting soon an M1-Mac. Apparently VirtualBox does not work on those machines.

What are my options besides Parallels and VMware Fusion? I need it to run Linux-VMs for VirtManager or setting up simple test-setups with interconnected machines to test HA-setups for example.

Installed Goodreads, rated books. First recommendation: Battlefield Earth by L. Ron Hubbard.

Maybe I should uninstall it again…

Also wenn am 1. April in Berlin die Schutzmaßnahmen fallen, fallen auch die kostenlosen Tests weg. Weil wenn es keine Schutzmaßnahmen mehr gibt, infiziert sich ja auch keiner mehr. Oder wie ist da die Logik?

Why isn’t ゆず yet on Apple Music Germany :(

The Fortis-theme by Chris Hannah from looks awesome. I love the colors -

MySQL is great. You do an upgrade to try to fix one problem - it doesn’t but after the upgrade you run into a new one.

Downgrades are not supported of course and will break the database.

I think more and more turning to magic as a potential career-path. 🤬

The bane of having played too many TTRPGs: I am reading an urban fantasy-novel and I am thinking: how could the magic be put into rules, would it make an interesting setting?

Better than the time when I was really into the WoD and each movie-character got put into a clan…

The Zettelkasten-method seems to be useful for research-notes but I don’t see how I should file my technical notes (how do I speak imap manually for example) with it

On iOS there is PlainOrg and BeOrg as apps for OrgMode. Both are quite nice but more focused on the todo-side of OrgMode. Is there an app that is more on the notes-site of OrgMode and even has a web clipper maybe (that is hopefully as nice as the one from Bear).

You still can’t use Notion offline? When I am offline I might need my notes the most urgent…

My kids and their friend play a tabletop RPG which they just call “Question” (or Sci-Fi Question). They just talked about what the characters can do, the GM start telling the story in short bits and always ends with “What do you do?”

Rather interesting to watch. No dice.

TIL: If you never looked at the About-screen of PCalc or Dice by PCalc, you are missing out.

So Russia recognizes Taiwan now. That’s an interesting turn of events.

“Diener des Volkes” ist überraschend gut.

In the Super Nintendo- and NES-apps from Nintendo Online on the Switch they released Mother 1 as „Earthbound Beginnings“ and Earthbound (Mother 2).


Ich muss bei einem selbst-gehostetem Bitwarden auch Geld einwerfen für Gruppen? Na toll…

Thoughts about the 1Password-crypto-announcement - justifying convenience over principals

Thinking again about the 1password-crypto-thing. And I hope I am not trying here to justify convenience over principals after failing to set up Bitwarden on one of my servers next to other service while using nftables instead of iptables ;)

In the end AgileBits only added a new password-item with a couple of new fields, didn’t they? Actually Phantom could add those custom fields by themself.

And this phantom-wallet-thing just added a button that jumps into your 1password and adds a new item and uses that item instead of its own storage? And they are just using the 1Password Connect API?

Reading this article on Cointelegraph it looks mainly like marketing-BS from AgileBits to be honest.

So, how does AgileBits gets into the cryptocurrency/NFT-space? They don’t do anything actually, do they? They created a blog post that some wallet-provider added 1Password Connect API-usage in their browser extension. And then AgileBits-marketing thought “hey, all the craze is about crypto-whatever these days, let’s speak with them and make a blog post about it because those Solana-people might be new market to cater to”. For some reason they didn’t see the controversy Blockchain-related things have nowadays embedded - especially NFTs. I don’t see them retract this “partnership” because what could they do? Withdraw API-access? Write “yeah, Crypto-things are stupid, we think so, too, sorry.” and then Phantom can still use 1Password.

In the end I think it is more or less just a marketing-thing - an imho very stupid marketing-thing, but a marketing-thing. Or does AgileBits started to push money or other major resources into this thing? Maybe I just overreacted becaues cryptocurrency-related things are kind of triggering because they should imho be forbidden since they do nothing useful besides being a means of exchange for criminal activities, being a speculative tool and being a ponzi-scheme and while being that they are destroying the environment - be it through sheer use of power consumption or using up other resources that could be used far more productively (like hard disks and their base resources). Would they partner up with Nestle or the Coca Cola-company, I would react kind of irritated but not the same way I reacted to the Phantom-announcement. And those two companies are even worse than any cryptocurreny.

But maybe, just maybe I am trying to justify convenience over principals. And that’s why we we have all the plastic trash in the oceans…

I started though looking for alternatives for me and my family. I could go back to pass, for other members of my familys things like the iCloud Keychain could be enough. Or I spin up a new machine and get Bitwarden up and running. Or start using Keepass with decent apps and sync it with webdav and have some shared files with other family members. Or have a look at secrets. Or whatever…

It gave me at least a push to look into alternatives again. One step at a time AgileBits is loosing me again as a customer.

Ranting about Ansible…just some venting

So recently I had long discussions about Saltstack and Ansible. I like Salt, use it for years but realize the shortcomings when it comes to local development of states and formulas, especially when using gitfs.

But some people try to convince me that Ansible is so much better because you can locally develop, its error messages are better and it is easier to write.

Since I wanted to have an informed opinion, I started trying to use it. For my personal dot files it should be better usable than setting up salt-ssh and for my couple of servers it should be easy to use with some roles from the net.

But to be honest I am not convinced. Yes, developing locally and pushing only when something finished is nice but I had so many problems.

I needed only a couple of hours to get into my first hard to understand error-messages (yes, experience will make that easier). I also tried multiple roles and currently I ended up using two. One from someone who seems to be doing a decent job and one I had to fork because it wasn’t so flexible. The others, well. I saw dependencies to roles from other people, deprecation-warnings, missing flexibility and bad/incomplete documentation.

Speed was another issue, it is soooo slow. I have a copy-state with 92 files and a couple of directories which I run locally, since it copies over a base of Neovim-configuration-files and it is soooo slow. And apparently it doesn’t even know what changes, for that I need apparently with_filetree. But that made it unusable slow. Finding out about async, helped a bit - it is still slow, but other stuff can run. Using “strategy: free” for my servers helped as well in terms of speed, but that meant that the output became more or less useless because everything is mixed up. I already use MasterControl with ssh, so I only had to add pipelining to improve it a bit further. But still, I don’t see me rolling out playbooks over a couple of dozens servers, even with more forks.

I also seem to need a plethora of playbooks, or have to work heavily with tags, which I have to document? somewhere, since they are hard to discover because they are in files in a convoluted file structure of roles when I do not want always to run all tasks, since that slows things down because Ansible seems to be slow. With saltstack I just run a single state against a freely chosen set of targets. I know that a decent top.sls and just a high state would be better but in my experience it can be very useful to run just a single state. Especially when testing. With ansible I have to set up multiple groups or inventories with lots of copy and pasting stuff and then I can run it additionally against a subset of servers in a group. Targeting and running a single play/role against one or some servers seems to be a mess, or I do something fundamentally wrong.

Writing roles, even ones with some dynamics was ok-ish. I still figured out though how to use optional vars - only by adding a lot of “{% if somevar is defined %}”. And in the role I forked I have to dig deeper how I could correctly use it because I couldn’t figure out yet how the templating of the final file is done with asserts.

But in saltstack I do not necessarily need formulas, since I can use Jinja in state-files and in templates which makes life pretty easy.

And I always have to use a password…so annoying, either a become-password, or a vault-password. On my saltmasters I just have sudo with a timeout and/or use publisher-acls.

I am also not convinced that agentless in terms of bootstrapping is better. Yes with salt I have to bootstrap a minion. But with Ansible I need to have access to a server. But I know the case where people set something up or got sick, forgot to document access to the server and then nobody had access or needed to do some magic with single-user boot and usually trying out some defaults and searching the documentation if there is something somewhere. And then I would have needed to reach out. With salt I just roll out my user as long as the minion is connected (yes, and running). But using ssh-certificates makes life easier…when people set it up which might not have happened in the case mentioned above because it was just a “fire and forget”-thing and then it got somehow important enough that breakage was noticeable.

So yes, saltstack has some problems. I’d like to see the usually better readable error-messages from Ansible and I’d like to have a bit better development workflow. But the slow speed of Ansible makes up a lot to the slow speed of “salt-run fileserver.update”. But in the end Ansible isn’t really better and besides my use of dotfiles, I don’t see me running it in production or maybe I am doing something fundamentally wrong. Who knows. My experience was less than stellar though.

Update: Using synchronize instead of copy helps a lot with my neovim-role

In todays episode of a superheroes-tabletop game: two rival gangs want start a fight about a stolen truck. The heroes arrive and one of them destroys with a missile the loaded goods in the truck. Fight defused. All participants speechless.

Why is a recursive copy in Ansible so damn slow in comparison to SaltStack? And if I understand it correctly it won’t even detect changes. Only when using „with_filetree“ which makes it unusable slow. I copy less than 100 files locally.

The preparation of the Mutants and Masterminds-session took far longer than expected. And Roll20 is really bad in comparison to Foundry. I didn’t expect that. Please Green Ronin publish a Mutants and Masterminds-addon soon for Foundry.