podcast about evolution of mysql at booking.com
very interesting, content-heavy, interview with Kristian Köhntopp about his work at booking.com: 1, 2 [ alternatively on youtube: 1, 2 ].
.pQd
getting code signing certificate on own Yubikey and then using it to sign windows binaries in unattended way, on KVM VM
starting from June 2023 code signing certificates for MS Windows cannot be delivered as a file anymore. files are easy to steal. now certs must reside on security modules which don’t allow private key extraction, at least not for mere mortals. we’re using such a cert to sign exe and msi files on a build ... Read More
freecad – editing STL file
for 0.21.2 based on this yt video: https://www.youtube.com/watch?v=dr1qtaURrvI
parallel rsync
rsync remains my main tool for transferring backups or just moving data between servers. but it has some pain points – e.g. rsync’s checksum calculation or ssh over which data is piped can easily saturate single CPU core before i run out of storage I/O or network bandwidth. how to parallelize it – based on ... Read More
resources for learning SQL
SQL basics: indexes: https://use-the-index-luke.com/ ‘modern’ SQL: fiddles – web-based sandboxes:
bug in postgresql’s GIN index
it’s a story without happy end. i’m absolutely sure there’s an index-corruption bug in PostgreSQL 13; since i have not seen any mention of it being fixed – it’s likely in the following releases as well. i’ve tried to get attention to it on the pgsql-bugs mailing list but i failed. likely because i’ve never ... Read More
WSL installation fails with “A specified logon session does not exist. It may already have been terminated.”
i’ve tried to install wsl on Win 11 PRO PC and got this: solution: try again based on this comment.
Apache2: url-based exception for ProxyPass
i have apache2 reverse proxy which passes traffic to some application server. everything going to /server/ is handled by http://localhost:8000. i had to do one exception – serve content for /server/something.txt from a static file. here’s what i did:
rsync to exfat mount
exfat does not carry information about user/group ownership of files/directories, has less precise timestamps. to make rsync stop complaining about it i’m using:
userauth_pubkey: signature algorithm ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]
colleague reported that he cannot anymore log-in using putty, via ssh to server that was recently upgraded to Debian Bookworm. /var/log/auth.log showed: putty log it turned out that it was pretty old putty – 0.74, just upgrading it to the more recent one [ 0.78 at the time of writing ] solved it. alternatively i ... Read More
using vector to send JSON-formatted nginx logs to ClickHouse
for some particular case i need to log and later analyze POST bodies of HTTP requests sent via nginx reverse proxy. ClickHouse will store the logs and be useful in analysis.
using clickhouse-local to analyze archived log files
at work we’re hoarding log files. it’s a low-cost, low-tech solution: btrfs, some python script archiving /var/log/*.log, *.1 from hundreds of servers. we have a peace of mind that whatever it is – as long as it’s logging to that folder – we’ll have an archive of it. till now, whenever there was a need ... Read More
debian installer not detecting built-in nvme drive
i’m trying to set up debian 12 on a laptop [ dell latitude 7400 ]. pendrive ready but.. the installer detects only pendrive and no NVMe that holds Windows 11. why? it turns out bios had Raid mode configured for the intel storage controller – as described here. how to reconfigure it without ruining ability ... Read More
playing with min.io cluster
min.io is open source [ although AGPL-3 licensed ] object storage software providing s3-compatible interface and handling clustering for HA & data distribution. below – notes from setting it up on a tiny scale, without using Kubernetes. notes are based on RELEASE.2023-03-24T21-41-23Z i’ve fetched two binaries for the project: my cluster has 4 nodes, looks ... Read More
mental models and alike
https://fs.blog/tgmm https://perell.com/essay/50-ideas-that-changed-my-life https://en.wikipedia.org/wiki/List_of_cognitive_biases https://en.wikipedia.org/wiki/List_of_fallacies
restarting from cron users’s service with a random delay
sometimes things are not as stable and not-leaky as they should be.
temporarily speeding up IO performance for KVM VM
i have few VMs running on top of spinning rust. recently i’ve upgraded one of them to not-yet-stable debian bookworm. upgrade would be pretty slow but.. i’ve edited the VM definition and asked KVM to allow host server to cache any IO operations. speedup was great, bullseye->bookworm upgrade finished in less than 5 minutes. for ... Read More
using hardware tokens to secure SSH, MS365 logins
i’ve done a bit of research, below – my understanding of the current state of affairs [ 2023-03 ]. i’m writing this while testing YubiKey 5 NFC, but consider different alternatives. SSH why: i’m considering an attack vector where malicious actor has remote control of my PC – can lift up arbitrary files [ including ... Read More