maelvls

#! /bin/bash

set -euo pipefail

CM_VERSION=v1.3.0
CLUSTER=
PROJECT=
DNS_ZONE=
INLETS_TEXT=

maelvls

[
  "Snippets",
  1615367745215,
  {
    "name": "/none",
    "body": "/release-note-none",
    "timestamp": 1618436050723
  },
  {
    "name": "close",

maelvls

My hundred struggles while using Linux as my desktop driver (Ubuntu 22.04)

Hi! On Thursday 25 April 2021, I entirely switched from macOS to Linux: https://maelvls.dev/evolution-of-my-home-office/. I took note of every adjustment I had to make along the way. I use Ubuntu "vanilla" (with Gnome as my desktop manager).

🔥 Update: I am abandoning "desktop" Linux! I can't bear having to work around everything all the time, not even counting the tons of problems that occur whenever I do a major version upgrade (e.g., when I upgraded from 21.10 to 22.04, my PPAs broken obviously, and also I lost all the hack I had made to the /etc to work around problems). I am officially back to macOS starting 26 June 2023. I'll still use my Linux workstation remotely over Mosh, but not as a desktop environment.

To smoothen the transition, I use the following hacks on macOS:

1. Linear Mouse since I can't stand macOS' mouse acceleration and also to fix my mouse wheel's direction.
2. Magnet to be able to move wi

maelvls

Setting up the Synology DS920+

Moved to https://hackmd.io/8bZlqm9sQh6b0HH7Jr2YzA

maelvls

To remove the vendor/ diffs in Go, add a bookmark in Firefox with:

javascript:(function(){ var q = prompt("Example filter: vendor/"); if (q != null) { $(".diff-file:contains(" + q + ")").detach() }}())

maelvls

"""
Enable the streaming mode [1] whenever a request contains the query
parameter ?watch=true. The watch=true parameter is passed by Kubernertes
clients (such as client-go) when they intend to be notified of object
updates.

Use with:

   mitmproxy -p 9090 -s watch-stream.py

maelvls

Dealing with secrets

GNOME comes with libsecret. You can use libsecret to store your git credentials:

sudo apt install libsecret-1-0 libsecret-1-dev libglib2.0-dev
sudo make --directory=/usr/share/doc/git/contrib/credential/libsecret
git config --global credential.helper /usr/share/doc/git/contrib/credential/libsecret/git-credential-libsecret

maelvls

I had a bug with golangci-lint that would time out on some Github Actions builds. In order to investigate the issue, I wrote this Deno script that would scrap all the logs and look for the memory used (we used golangci-lint with the -v flag which prints how much memory was being spent).

If you also use golangci-lint and have weird time out issues, turn on golangci-lint's -v mode and run this script.

brew install deno

Run it:

maelvls

kubectl run tcpd -it --rm --image=a --overrides='{"spec": {"hostNetwork": true, "containers": [{"name": "tcpd", "image": "corfr/tcpdump", "tty": true, "stdin": true, "stdinOnce": true, "securityContext": {"capabilities": {"add": ["NET_ADMIN"]}}, "args": ["-i", "any", "-U", "-w", "-"]}]}}'

Don't forget that only the DNS names with .local are forwarded by the sshuttle VPN. If you want e.g. example.com to be also forwarded to the cluster, you need to add --also-proxy example.com.

Example:

telepresence --namespace cert-manager --swap-deployment cert-manager --mount=false --run-shell --also-proxy 'example.com'

maelvls

"""
This custom pretty-printer for mitmproxy will decode the base64url-encoded
'payload' and 'protected' fields.

This pretty-printer is useful for understanding the POST requests made to
an ACME server, since these requests are made using JWS as JSON, which,
contrary to JWT tokens that are very easy to decode, aren't as common.

The whole JWS as JSON and application/jose+json are detailed in
https://tools.ietf.org/html/rfc8555.