Skip to content

Instantly share code, notes, and snippets.

@yorickdowne
yorickdowne / README.md
Last active Jul 26, 2021
Netcup initial setup for RocketPool or solo staking
View README.md

Overview

Running on netcup is not much different from running on any other Linux host. The main difference is that the host is directly exposed to the Internet, and that it is provisioned with Debian, not Ubuntu, to begin with.

Install Ubuntu

In netcup's customer control panel, Overview, click on "SCP Auto-Login". This gets you into their Server Control Panel.

In netcup's server control panel, choose Media on the left, and the Images tab. Select the Ubuntu 20.04 image and install it, partitioning

@yorickdowne
yorickdowne / GethBEHAVE.md
Last active Aug 25, 2021
Pruning Geth 1.10.x
View GethBEHAVE.md

Overview

Geth (Go-Ethereum) as of March 2021 takes about 350 GiB of space on a fast/snap sync, and then grows by ~ 10 GiB/week. This will fill a 1TB SSD in ~6 months, to the point where space usage should be brought down again with an offline prune.

Happily, Geth 1.10.x introduces "snapshot offline prune", which brings it back down to about its original size. It takes roughly 4 hours to prune the Geth database, and this has to be done while Geth is not running.

Caveat that while several folx have used offline pruning successfully, there is risk associated with it. The two failure modes we have seen already are:

  • There is 25 GiB or less of free disk space
View keybase.md

Keybase proof

I hereby claim:

  • I am yorickdowne on github.
  • I am yorickdowne (https://keybase.io/yorickdowne) on keybase.
  • I have a public key ASAMH3gm5u914DMwcR4DXVgPeCKqlPdP9Tdurg-LiKUzVQo

To claim this, I am signing this object:

@yorickdowne
yorickdowne / README.md
Last active May 10, 2021
How to resize a netcup VPS disk after contract upgrade
View README.md

Resizing a netcup VPS disk after upgrading the contract to a bigger one

From Server Control Panel

  • Change boot order to network first: Settings -> Boot Order, Save
  • Power off: Control
  • Boot into rescue system: Media, Rescue System, Enable Rescue System. Take note of root pw
  • Power on: Control
  • Connect to console: Screen, or from General, click on pic of it
  • Press Enter to get into shell
@yorickdowne
yorickdowne / README.md
Last active Mar 11, 2021
Verify a public GPG signature - example Lighthouse
View README.md

Eh?

So a FOSS project might have signed releases with a GPG sig. How do you verify it on a Linux machine?

Example sigp/lighthouse, but same idea for any project.

Install gpg: sudo apt install gpg

Grab their PGP key ID from their download page and gpg --keyserver pgp.mit.edu --recv THEIRKEYID and wait

@yorickdowne
yorickdowne / README.md
Last active Jul 11, 2021
Take over BloxStaking KeyVault instance
View README.md

/u/settleddown posted some excellent instructions on how to create your own BloxStaking KeyVault instance in AWS and keep it updated yourself.

I've adjusted these instructions to "take over" the existing instance, without needing to spin up an entirely new one. The Python script now prompts the user for the password.

NB: pip3 is very slow on WSL2. This can be resolved by running pip3 install -U keyring, and then mkdir -p ~/.config/python_keyring/ and edit vi ~/.config/python_keyring/keyringrc.cfg and paste into it:

[backend]
default-keyring=keyring.backends.null.Keyring
@yorickdowne
yorickdowne / README.md
Last active Sep 16, 2021
Ubuntu Desktop 20.04 with mirrored ZFS boot drive
View README.md

Overview

Ubuntu Desktop 20.04 supports a single ZFS boot drive out of the box. I wanted a ZFS mirror, without going through an entirely manual setup of Ubuntu as described by OpenZFS

This adds a mirror to an existing Ubuntu ZFS boot drive after the fact.

ZFS requires native encryption to be added at pool / dataset creation. Ubuntu 21.04 supports this during installation. Whether these instructions are suitable for mirroring such a setup has not been tested. For Ubuntu 20.04, these instructions are not suitable for creating an encrypted ZFS boot disk, please use the full instructions linked above for that. You can, however, add an encrypted dataset after the fact: You could encrypt just the portion of your file system that holds secrets.

Note: If your use case is running docker instances, and not a full-fledged Ubuntu install, then take a look at TrueNAS SCALE

@yorickdowne
yorickdowne / README.md
Last active Aug 9, 2021
UFW and docker iptables via DOCKER-USER
View README.md

Use ufw for some, but not all, Docker traffic

This is a slight tweak to https://github.com/chaifeng/ufw-docker by way of https://p1ngouin.com/posts/how-to-manage-iptables-rules-with-ufw-and-docker

For an automated way of handling ufw rules via docker-compose, see https://github.com/shinebayar-g/ufw-docker-automated

Use case

I wanted Docker to keep managing its own iptables rules, including automatically opening port forwards, with the option of stepping in and restricting a port that I did not want open to "world". Container-to-container traffic should flow unimpeded,

View MEDALLA-FUN.md

Medalla non-finality mid October

What is happening with the Medalla eth2 testnet currently, Oct 17th 2020? Here's an ELI5. (Not exactly 5. Maybe 10. You get the idea.)

  1. A bunch of validators turned off (maybe zinken, maybe bored, who knows)
  2. We entered non-finality. This means we don't have enough validators online to agree to what the state of the network is. We need 2/3rds.
  3. Some sync bugs reared their heads, in Prysm and Nimbus. We lost more validators to the bugs, not everyone has updated since
  4. Non-finality increases memory and CPU requirements, we likely lost more validators because their nodes couldn't handle it
  5. Either people come back in and we regain finality or
  6. They don't and offline validators lose eth faster and faster, until we regain finality. Some may be ejected if their balance falls too low.
@yorickdowne
yorickdowne / README.md
Last active Dec 3, 2020
Switch Rocketpool to newer client version
View README.md

Emergency procedure

Only do this in emergencies, such as when eth2 is not syncing or RAM/CPU use is spiking. This procedure can be used for Prysm or Lighthouse.

The specific client versions mentioned here are for RocketPool 0.0.8. They will not work in prior versions of RP.

Edit config.yml:

cd ~/.rocketpool