Skip to content

Puppet 4 on Debian 9 Stretch with nginx (with Puppet 3 agents if needed)

As part of upgrading my machines from Jessie to Stretch, I finally had to pick up Puppet 4. My hosts running testing were trying to do so for a while already, but since Puppet requires the master to be newer than the agents, I've always just had a pinning rule in place to stick all machines to Puppet 3.x.

It's been quite the operation and I'm not done yet, but let me write down some of my findings for others to maybe use. As always, there are many different ways to achieve this goal, there are existing docs, but they're all outdated in one way or another. (As surely this one will be in a year.)

Continue reading "Puppet 4 on Debian 9 Stretch with nginx (with Puppet 3 agents if needed)"

Dear /dev/null,

That's what weblogs are these days, it seems. :-( And I've just lost way too much time getting this quality PHP software to run on my new webserver.

All it is for me at this point is a place to post random small projects I've worked on. Something fun (ADS-B-related) will hopefully appear soon...

selphy.go - Linux client for Canon Selphy CP-900 photo printer

Last month I ran into a Canon Selphy CP-900 photo printer. It's a pretty neat device, prints pictures with pretty good quality. It even worked out of the box in Linux, but only via USB, and by it pretending to be an ordinary printer. This can have pretty ugly results.

The CP-900, as the first one in the Selphy series, can also take print jobs over WiFi. The nice thing is, other than it being wireless, that the WiFi protocol is just a pretty simple JPEG file transfer mechanism. Just giving the printer a JPEG and have it figure out layout/crop/etc seems to give somewhat nicer results. But of course, only Windows/OSX/smartphone clients are available. Fortunately, after some staring at wireshark, I managed to create a new client for it.

For extra fun, it's written in Go. My first time using the language, and I quite like it. It means the tool is very easy to build, and there are no special dependencies at all, as the Go base libraries already have everything I need.

To try it:
bzr branch
And yes, I'm still using bzr. Deal with it. :-)

uhat, using your joystick's hat switch in Linux flight simulators

So I have this fun hobby for a while already, flying.. I have around 50 hours logged by now in the US + Ireland, which means I can more or less land safely now, on my own. In fact I had my first solo in October last year which was an absolutely amazing experience. But sometimes weather just doesn't work with me here in Ireland (either too windy or too cloudy) and instead I go "flying" with X-Plane on my machine at home.

Now X-Plane is a pretty neat simulator, and as long as you use it with a real yoke/stick and not keyboard/mouse, it seems like a useful way to practice. But there's one way in which a flight simulation projected on a single screen, no matter its size, just doesn't beat sitting in a cockpit: the inability to look around in any direction by, you know, just turning your head. Instead, joysticks often have this hat switch on the top to look around. Unfortunately in Linux, the joystick driver gets told that the hat switch is a mini-joystick that the user can move up/down, left/right. Instead of just representing it as four separate buttons (which is what they really are anyway, hardware-wise). X-Plane and apparently other flight simulators can't use this, they need buttons.

This week I wrote uhat to solve this problem. It'll listen to joystick events and if you move the hat switch axes, it will generate button events on a separate virtual joystick device. There's a similar tool called jhat, which generates keyboard events instead, but I never really liked the idea of my joystick pretending to be a keyboard and hoped there were a better way to do this. A week ago I found my answer in uinput. It's poorly documented, but fortunately very simple to figure out. It looks like uinput is just a fairly 1:1 translation of the input subsystem kernel interface into a character device.

It works like a charm for me, with the udev rule I don't even have to think about it, udev will just start it for me when I plug in my joystick. Hugely enjoying X-Plane 10 again. :-D

Debian, dmcrypt and SSD TRIMming

Spent an hour or so this morning wondering how to get my Debian initramfs to activate my LUKS-encrypted partition with --allow-discards. I know it's less secure, but as long as wrenches are still cheap I'm fine with sub-standard security if it means my hardware will perform better for longer. :-)

The trick is to add a flag "discard" to your crypttab, like this:

wilmer@peer:~$ cat /etc/crypttab
sda2_crypt /dev/sda2 none luks,discard

And then of course rebuild your initramfs (update-initramfs -u) and reboot, etc.

You do need cryptsetup 1.4 or higher for this to work. I had to manually install that package (only twenty or so days old) from sid on my testing laptop.

Bank statement scraper for Bank of Ireland

Like many people, I was also losing track of my finance. Having bank accounts in use in both NL and IE probably didn't help. :-) As any proper FOSS geek, I learned to like the monster called GnuCash. (Psst! Guys! It's pretty amazing that a product more than ten years old still doesn't let you do operations (like delete) on multiple entries at once, dont you think?)

And there's this thing about Irish Banks. They have bigger issues to worry about than how well their Internet banking service works. What keeps you away from looking at my bank account? You (hopefully) not knowing my six-digit user ID, date of birth (top secret information! Have I mentioned that my birthday is next Saturday? ;-P) and another six-digit number, this time my PIN number. No one-time passwords, no challenge-response system, nothing else.

My only hope is that this lets you transfer money only to accounts to which I've transferred money before. IOW all you can do is give my landlady a little present. Pfew!

Also, going back to the original topic, there's no way to export info from their web interface. So I wrote one myself. One advantage of a pretty simple website is that I could easily write a scraper for it. Run it with the right arguments, and it'll spit out a CSV bank statement, ready to be fed to your favourite accounting software.

What else have I been doing? Been working on Giggity. Android development's fun. I spent the weekend scraping the Dance Valley timetable page, Google, Last.FM, Wikipedia and more to automatically generate a Giggity schedule file for it. Love it! :-)

On Pandaboard SD card performance

I have the Pandaboard running as my home server for a while now. Until last weekend, I was using a Microdrive as its root filesystem. Sadly, the drive seems to be broken. :-( That means I finally had a chance to try bootstrapping a server very quickly using Puppet. This worked fairly well, which means the time investment is paying off already.

Since all the storage I had at home was the 32GB SD card I bought for this thing anyway, I decided to give it another chance. At some point I was reminded already that alignment really matters with these things. Some Bonnie++ runs do seem to confirm this. I removed the second partition on the SD, and recreated it on a 4MB barrier. (The trick to do this is to use the "u" command in fdisk to switch units to sector instead of cylinders, and make sure the start sector is a multiple of 8192.)

To be honest, I did run most of these benchmarks with the SD card reader/writer in my desktop machine. Only the last test was done on my Pandaboard, but as you can see the results are very similar.

Version 1.96Sequential OutputSequential InputRandom
Sequential CreateRandom Create
SizePer CharBlockRewritePer CharBlockNum FilesCreateReadDeleteCreateReadDelete
K/sec% CPUK/sec% CPUK/sec% CPUK/sec% CPUK/sec% CPU/sec% CPU/sec% CPU/sec% CPU/sec% CPU/sec% CPU/sec% CPU/sec% CPU

Click here for a table not f*cked up by my blog software.

Although the throughput numbers for ext3 are pretty similar for non-aligned and aligned access, look at the latency numbers. Unfortunately I haven't got a clue how Bonnie++ calculates these and can't find very good documentation on it. Throughput may be average and latency worst-case? Either way, as you can see a misaligned partition can cause some slowdowns.

What surprised me more is that a switch to ext4fs sped up things a lot more, up to the point that the performance is perfectly reasonable! I'm running with this SD as my root filesystem now and everything just works. (While before a simple apt-get install run could take several minutes.)

While I was at it, I also tried out logfs and nilfs2, which are officially optimised for flash media. However, AFAIK they're more meant for raw NAND storage, not for block devices with all the NAND logic abstracted away (like anything you buy in stores these days). Not worth it for these SDs.

Obviously this test is far from scientific. Only in the case of ext4-panda have I run the test five times to then pick a decent result (there were some outliers in all areas). All other tests were done on a freshly formatted filesystem, which I'm sure also doesn't make the result that reliable.

Just my 2 cents! But my Pandaboard's definitely happier now. Here's hoping that wear leveling works well..

If you're interested, here is a more thorough overview of SD card performance. The LWN article about flash storage it links to is interesting too. The Flash card I used here is a 32GB class 10 Transcend card.


As a bit of a cloud "sceptic" I still like to waste too much time maintaining my own network/IT infrastructure. :> I'm definitely trying to avoid the more tedious stuff though. I started using Puppet a while ago which definitely helps.

Last week I was looking for a way to automatically populate DNS reverse lookup zones. The only thing I could find was mkrdns which is unmaintained for almost ten years and doesn't seem to support IPv6. So I decided to write my own thing, dnsrev.

It's pretty simple, written in Python with help from some modules. It can read any number of zonefiles and update any number of reverse zonefiles. There's no need for any kind of 1:1 mapping between them, so it can deal with multiple netblocks in one zonefile, etc. I hope it'll be useful to someone. Comments, suggestions and patches are welcome.