diff options
Diffstat (limited to '_posts')
| -rw-r--r-- | _posts/2009-02-07-techtalk-einen-gameboy-auf-dem-pc.md | 18 | ||||
| -rw-r--r-- | _posts/2024-08-02-use-a-second-signal-account-kinda.md | 7 | ||||
| -rw-r--r-- | _posts/2025-02-02-dn42-put-it-in-a-box-linux-network-namespace.md | 15 | ||||
| -rw-r--r-- | _posts/2025-04-06-i-don-t-get-kubernetes.md | 38 | ||||
| -rw-r--r-- | _posts/2025-05-11-table-tennis.md | 14 | ||||
| -rw-r--r-- | _posts/2025-05-25-cpu-usage-problems-again.md | 16 | ||||
| -rw-r--r-- | _posts/2025-05-29-furdew-valley.md | 24 | ||||
| -rw-r--r-- | _posts/2025-06-16-oops-dn42-stops-working.md | 73 | ||||
| -rw-r--r-- | _posts/2025-06-22-blog-now-on-gemini-with-dn42.md | 39 |
9 files changed, 232 insertions, 12 deletions
diff --git a/_posts/2009-02-07-techtalk-einen-gameboy-auf-dem-pc.md b/_posts/2009-02-07-techtalk-einen-gameboy-auf-dem-pc.md index 2c556d6..f02d62a 100644 --- a/_posts/2009-02-07-techtalk-einen-gameboy-auf-dem-pc.md +++ b/_posts/2009-02-07-techtalk-einen-gameboy-auf-dem-pc.md @@ -103,19 +103,13 @@ UPDATE (30.4.2009): ### Emulatoren -- <a href="https://de.wikipedia.org/wiki/Emulator">Emulator</a> auf -Wikipedia -- <a href="https://emulator-zone.com/">Emulator Zone</a> Eine -Übersicht über Spielkonsolenemulatoren. -- _VisualBoyAdvance (toter Link entfernt)_ -Homepage des Emulators "VisualBoyAdvance" +- <a href="https://de.wikipedia.org/wiki/Emulator">Emulator</a> auf Wikipedia +- <a href="https://emulator-zone.com/">Emulator Zone</a> Eine Übersicht über Spielkonsolenemulatoren. +- _VisualBoyAdvance (toter Link entfernt)_ Homepage des Emulators "VisualBoyAdvance" - [SourceForge-Projektseite vom Emulator](https://sourceforge.net/projects/vba/) ### Spiele -- <a href="https://de.wikipedia.org/wiki/ROM_%28Spielmodul%29">ROM</a> -auf Wikipedia -- _PDRoms / Gameboy (toter Link entfernt)_ -Legale ROMs für den GameBoy -- _PDRoms / GameBoy Advance (toter Link entfernt)_ -Legale ROMs für den GameBoy Advance +- <a href="https://de.wikipedia.org/wiki/ROM_%28Spielmodul%29">ROM</a> auf Wikipedia +- _PDRoms / Gameboy (toter Link entfernt)_ Legale ROMs für den GameBoy +- _PDRoms / GameBoy Advance (toter Link entfernt)_ Legale ROMs für den GameBoy Advance diff --git a/_posts/2024-08-02-use-a-second-signal-account-kinda.md b/_posts/2024-08-02-use-a-second-signal-account-kinda.md index 90b7687..a9753ba 100644 --- a/_posts/2024-08-02-use-a-second-signal-account-kinda.md +++ b/_posts/2024-08-02-use-a-second-signal-account-kinda.md @@ -2,6 +2,7 @@ layout: post title: Use a second Signal account (kinda) date: 2024-08-02 18:48 +0200 +last_modified_at: 2025-05-29 16:50 +0200 lang: en categories: ["tech"] description: "How to use a second Signal account on your Smartphone" @@ -52,3 +53,9 @@ already, so not a huge disadvantage). But hey, maybe this is still useful for some people. +**Update 2025-05-29** + +Actually, you can also use multiple accounts on the Desktop client. +Since it's just an Electron app (?), you only need a second Launcher +with the executable and arguments being +`/opt/Signal/signal-desktop --user-data-dir=<whatever you want> %U`. diff --git a/_posts/2025-02-02-dn42-put-it-in-a-box-linux-network-namespace.md b/_posts/2025-02-02-dn42-put-it-in-a-box-linux-network-namespace.md index 0be4238..3a43f1a 100644 --- a/_posts/2025-02-02-dn42-put-it-in-a-box-linux-network-namespace.md +++ b/_posts/2025-02-02-dn42-put-it-in-a-box-linux-network-namespace.md @@ -2,6 +2,7 @@ layout: post title: 'DN42: Put it in a box (Linux network namespace)' date: 2025-02-02 17:10 +0100 +last_modified_at: 2025-06-18 19:12 +0200 lang: "en" categories: "tech" description: "I explain how I put my Autonomous System in a network namespace." @@ -59,6 +60,8 @@ Inside the namespace run: (from within a Wireguard net) - Nginx, which serves my DN42 website +**Update 2025-06-18**: nginx now runs inside the namespace as well. + It took me a while and some internet searches to come up with the firewall rules. On my VPS itself I use ufw, for the network namespace, I *could probably* make this work as well, but I decided to use "iptables", or rather, the wrapper @@ -89,6 +92,18 @@ With an additional forward rule, everything is happy again: -A FORWARD -s fcee::1/128 -d fd00::/8 -j ACCEPT ``` +**Update 2025-06-18**: I modified this several times since then. +Since I also need to take care of actual routing/forwarding within DN42, +I now ended up with + +``` +-A FORWARD -s fd00::/8 -d fd00::/8 -j ACCEPT +-A FORWARD -i eth0 -d fd00::/8 -j ACCEPT +-A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT +``` + +i.e. I don't rely on the source address being fcee::1 anymore. + Also, I also feel pretty clever for making sure I can access DN42 from my clearnet: diff --git a/_posts/2025-04-06-i-don-t-get-kubernetes.md b/_posts/2025-04-06-i-don-t-get-kubernetes.md new file mode 100644 index 0000000..28224b4 --- /dev/null +++ b/_posts/2025-04-06-i-don-t-get-kubernetes.md @@ -0,0 +1,38 @@ +--- +layout: post +title: I don't get Kubernetes +date: 2025-04-06 15:59 +0200 +categories: tech +lang: en +--- + +No real content, just me ranting. + +There are [some ;)](https://xeiaso.net/talks/2025/surreal-joy-homelab/) who take +great joy in Kubernetes. I never really understood how I could use it. + +Okay, so, very simplified, K8s let's you say "I wanna run these services (Docker +containers) on my cluster (various computers/servers), optionally with +redundancy"? Well, I only have one "server" in my "homelab", and then 3 VPS or +so. Only one of them runs something in Docker/Podman. + +I *can't imagine*/don't understand how I would run, say, Nextcloud in K8s. I +*want* to know which server is currently running it, and where the data is +stored. Especially with something like Nextcloud, I want to have the Nextcloud +application, the database, and the data store on **one** VPS, without any +indirections, without any communication over the internet or a VPN, via some +proxy software. From what little I've heard about K8s (forgive me my ignorance), +I had more questions that I could answer. K8s seems really complex, because it +~~has~~ can have so many moving parts (yes, you can probably run a very basic +setup, most of the components seem optional). I don't want my database suddenly +moved around to somewhere else. + +That is to say: I never had a use case of trying out K8s. No *actual, real* one. +I could probably construct one if I tried really hard. But, eh. "My current +setup works". + +My attempt to run K8s on my Proxmox via LXC all failed, even if they're +privileged containers, probably because I need to mount Linux Namespaces, or +load specific kernel modules on Proxmox itself so they can be loaded in the LXC +containers as well (???). + diff --git a/_posts/2025-05-11-table-tennis.md b/_posts/2025-05-11-table-tennis.md new file mode 100644 index 0000000..8d9ce82 --- /dev/null +++ b/_posts/2025-05-11-table-tennis.md @@ -0,0 +1,14 @@ +--- +layout: post +title: Table Tennis! +date: 2025-05-11 08:16 +0200 +lang: en +categories: life +--- + +Recently, I was at a seminar. I learned a lot. It was an exquisite group of inquisitive people. +But we also had some free time in which we played some table tennis. +I have no idea how to play it besides "hit the ball with the racket". +Actually makes me want to join the local sports club for once, which does have a +table tennis department. + diff --git a/_posts/2025-05-25-cpu-usage-problems-again.md b/_posts/2025-05-25-cpu-usage-problems-again.md new file mode 100644 index 0000000..beb905a --- /dev/null +++ b/_posts/2025-05-25-cpu-usage-problems-again.md @@ -0,0 +1,16 @@ +--- +layout: post +title: CPU usage problems on my VPS again +date: 2025-05-25 19:29 +0200 +lang: en +categories: tech +--- + +<a href="{% post_url 2025-02-02-dn42-put-it-in-a-box-linux-network-namespace +%}">As reported previously</a>, I had problems with the CPU usage on my VPS +again, even after namespace isolation. This time, it was dnsmasq causing the +loadavg to rise. "This is a problem for future me to solve properly", is the +motto. For the time being, I simply added a service restart when I detect a high +loadavg. Works well enough. I'll keep monitoring it to see if this occurs more +than once a week or so. + diff --git a/_posts/2025-05-29-furdew-valley.md b/_posts/2025-05-29-furdew-valley.md new file mode 100644 index 0000000..cbdf420 --- /dev/null +++ b/_posts/2025-05-29-furdew-valley.md @@ -0,0 +1,24 @@ +--- +layout: post +title: Furdew Valley +date: 2025-05-29 15:21 +0200 +lang: en +categories: gaming +--- + +[In my last blog post]({% post_url 2025-03-18-games-i-play_ed %}) about gaming, +I think I already mentioned I played Stardew Valley. Back then, on an Android +tablet. Due to [Pan on Mastodon](https://woof.tech/@Pan_H_Shiroi@toot.cat) +streaming that game recently, I picked it up again. + +I found it can even be modded! The mod in question is +[Animals and Myths Pack](https://www.moddrop.com/stardew-valley/mods/1119098-fs-shs-animals-and-myths-pack). + +{% image + img="https://pics.uvokchee.de/upload/2025/05/29/20250529132445-6dbbe14d.jpg" + alt="Screenshot of modded Stardew Valley, showing the player character with anthro legs + and a fox tail" +%} + +That adds to the fun. I might even get a mod that adds NPC lines. The build-in +ones can get monotonous after some time. diff --git a/_posts/2025-06-16-oops-dn42-stops-working.md b/_posts/2025-06-16-oops-dn42-stops-working.md new file mode 100644 index 0000000..26d4ed7 --- /dev/null +++ b/_posts/2025-06-16-oops-dn42-stops-working.md @@ -0,0 +1,73 @@ +--- +layout: post +title: Oops, DN42 stopped working +date: 2025-06-16 20:39 +0200 +last_modified_at: 2025-06-17 18:12 +0200 +lang: en +categories: tech +--- + +As you might know, I participate in [DN42]({% link dn42.md %}). +I have a somewhat peculiar setup, in +which some VPS run the routing daemons, and my home router simply has a VPN +connection to them and statically routes everything `fd00::/8` to them. The router +runs OpenWRT, and has dnsmasq setup to resolve DN42 domains via the DN42 anycast +servers. I set this up *months ago*, it worked, I was happy, and didn't need it +since. + +Cue last weekend. "Suddenly" the resolution didn't work anymore. It simply timed +out. So I connected to my VPS (which is running DN42 +[in a namespace]({%post_url 2025-02-02-dn42-put-it-in-a-box-linux-network-namespace %})) +and took a look at tcpdump. Inside the namespace, I saw the strange lines + +``` +18:49:05.296629 eth0 In IP6 fd7a:115c:a1e0::xxx > fd42:d42:d42:53::1.53: 42631+ [1au] AAAA? wiki.dn42. (50) +18:49:05.296679 kioubit Out IP6 fd3e:bc05:2d6::80.50255 > fd42:d42:d42:53::1.53: 42631+ [1au] AAAA? wiki.dn42. (50) +18:49:05.302946 tinc_dn42 In IP6 fd42:d42:d42:53::1.53 > fd3e:bc05:2d6::80.50255: 42631 1/0/1 AAAA fd42:d42:d42:80::1 (66) +18:49:05.302990 kioubit Out IP6 fd3e:bc05:2d6::80 > fd42:d42:d42:53::1: ICMP6, destination unreachable, unreachable route fd3e:bc05:2d6::80, length 122 +``` + +And all the time I was thinking… "huh??? Why is `fd3e:bc05:2d6::80` unreachable??? +It is **clearly** in the `ip -6 a` output!!!". I looked through all the +iptables statistics and couldn't find the culprit. + +A join in the DN42 IRC and some back and forth later, someone suggested +"Hey, what's with the `fd7a:…` address? Is there a route for *that*?". + +And of course, no, it wasn't! I was so focused on the ICMP6 message that I +didn't notice the incoming line. As you can read in my other article linked +above, I perform NAT. Of course in that case it probably wouldn't make sense for the +ICMP6 message to tell someone that there's no route for the original IP (before NAT). + +**So, but… where does the `fd7a:…` address come from?**<br/> +The answer is [Tailscale]({% post_url 2024-12-08-trying-out-tailscale %}). +Unfortunately, they decided to use the `fd00::/8` IP range, which collides with DN42. +I didn't do any DN42 stuff since installing it, so I didn't notice that.<br/> +**But… why is that address used at all for the DNS request?**<br/> +Weeeeell… I found out as well. It comes from OpenWRT. I simply set up +a static route there, and Linux does its best to determine the source address for the +DNS request. And it seems the Tailscale one was a closer match than +the address from my own DN42 prefix.<br/> +**So, how to fix that?**<br/> +[It's not as easy as you think!](https://github.com/openwrt/openwrt/issues/13720). +Merely using the "source" option in the config file would work for IPv4, but +for IPv6 it has a different meaning!<br/> +**But why does it say "no route to host" instead of using a default route?**<br/> +Because I configured bird to insert an "unreachable" route for the `fd::/8` prefix +to avoid leaking traffic. +``` +# ip -6 route show fd00::/8 table dn42 +unreachable fd00::/8 dev lo proto bird src fd3e:bc05:2d6::1 metric 500 pref medium +``` + +At this point, it's Monday evening. Unnerved, I threw my hands in the air and +simply put a line of +``` +ip -6 route replace fd00::/8 ... src <my-openwrt-dn42-address> +``` +in `/etc/rc.local` and called it a day. My setup +works again, and I learned something again. Don't just look at the last line, +look at the whole picture. A lesson I actually already learned in the +ubuntuusers forums when asking for help compiling a package and only posted the +last few make output lines, which of course didn't contain the actual +compilation error… diff --git a/_posts/2025-06-22-blog-now-on-gemini-with-dn42.md b/_posts/2025-06-22-blog-now-on-gemini-with-dn42.md new file mode 100644 index 0000000..fa46a58 --- /dev/null +++ b/_posts/2025-06-22-blog-now-on-gemini-with-dn42.md @@ -0,0 +1,39 @@ +--- +layout: post +title: Blog now on Gemini - with DN42 +date: 2025-06-22 17:42 +0200 +--- + +The Gemini protocol is a minimal protocol to serve content, and is +the "spiritual successor" to the Gopher protocol. +(Do not confuse with Google's AI Gemini. I hate naming collissions), + +It took some tinkering, especially because Gemini's markup language +("Gemtext") +is deliberately +minimal, and Jekyll can't output/convert Markdown to Gemini, so I had to +take "the ugly route" to convert the "finished" Jekyll HTML page to Gemtext +via the below-mentioned tool, which basically does +HTML > Markdown > Gemtext. +I can't directly use the raw Markdown files of my blog, since I use +Liquid tags. + +Anyway, my blog is now accessible in "Geminispace", alas, only within DN42, +because I'm too lazy right now to do it properly. (With the DN42 namespace +isolation and all). And also, it's a really "nerdy" protocol, with I don't +know how many users. + +`gemini://uvok.dn42/` + +Addendum: What I really like is the "feed" specification, which basically consists +of separate lines of <br/> `=> $link $date $heading`, <br/> and browsers like +Lagrange can subscribe +to these (like RSS feeds, but the format is much simpler!). + +- [Gemini Protocol on Wikipedia](https://en.wikipedia.org/wiki/Gemini_(protocol)) +- [Gopher Protocol on Wikipedia](https://en.wikipedia.org/wiki/Gopher_(protocol)) +- [Gemini Protocol homepage](https://geminiprotocol.net/) +- [Gemini "Quickstart"](https://geminiquickst.art/) +- [Gemtext intro](https://gemini.flounder.online/docs/gemtext.gmi) +- [Html2Gemini](https://github.com/Aarontheissueguy/Html2GeminiPy) +- [Lagrange browser](https://git.skyjake.fi/gemini/lagrange) |