Networking
Craftsmanship And The Right Tools for Your Job
I wonder, why I my hardware was always superior than the one my companies provided me with. Shouldn’t they be interested in getting best quality? Would I order an electrician, and then forbid him to use his tools and give him my IKEA toolbox? – I wouldn’t!
A Software Craftsman’s tools are not mere instruments; they are his accumulated skill, capital, and tradition made tangible. I believe you have to care for your tools. Also, ★nix craftsmen often tend to solve problems with the capabilities of their systems.
Techstack n - 1 is dead!
TL;DR TechStack n-1 is dead. It ended with the rise of the clouds and software release cycles going down to weeks due to containerized CIs.
Against ‘it’s stable and mature so let it run’
Beeing OpenSource-based, Ubuntu already had the concept of point releases every 6 months when the Docker and K8s hit the world and gave automated CIs a big boost in making system containers. Some years after Docker itself switched to a 3-month release cycle. So did the Linux Kernel with 2-3 months. Firefox 4-weeks.
Connect to GitLab via SSH
Start an SSH Agent
If you haven’t already done so, add the following command to your shell’s RC file (such as .bashrc or .zshrc) to start the ssh-agent:
$ eval $(ssh-agent)
Add Your Generated Key
Use the ssh-add command to add your private SSH key (assuming it is the default id_rsa file) to the agent:
$ ssh-add ~/.ssh/id_rsa
List Keys
You can list the keys currently loaded by the ssh-agent using the following command:
PulseAudio: Mono-Sink Audio
Just in case your 10,000+ employee corporation doesn’t plug in the microphone jack correctly and no one is allowed to ask questions (presentation-only).
Creating a Mono Audio Sink with PulseAudio
To force stereo audio output into a single mono channel, you can use the PulseAudio module module-remap-sink. This is often useful for presentations or when hardware is misconfigured (e.g., a microphone is plugged into an unbalanced stereo input, but only one channel is picked up).
AWS sync is not reliable!
While migrating from s3cmd to the AWS S3 CLI, I noticed that files did not reliably sync when using the AWS CLI.
I tested this behavior with different versions, and they all exhibited the same issue:
python2.7-awscli1.9.7python2.7-awscli1.15.47python3.6-awscli1.15.47
Test Setup
-
Set up the AWS CLI utility and configure your credentials.
-
Create a testing S3 bucket.
-
Set up some random files:
# Create 10 random files of 10MB each for i in {1..10}; do dd if=/dev/urandom of=multi/part-$i.out bs=1MB count=10; done; # Then copy the first 5 files over mkdir multi-changed cp -r multi/part-{1,2,3,4,5}.out multi-changed # And replace the content in the remaining 5 files (6-10) for i in {6..10}; do dd if=/dev/urandom of=multi-changed/part-$i.out bs=1MB count=10; done;
Testing S3 sync with AWS CLI
Cleanup
$ aws s3 rm s3://l3testing/multi --recursive
Inital sync
$ aws s3 sync multi s3://l3testing/multi
upload: multi/part-1.out to s3://l3testing/multi/part-1.out
upload: multi/part-3.out to s3://l3testing/multi/part-3.out
upload: multi/part-2.out to s3://l3testing/multi/part-2.out
upload: multi/part-4.out to s3://l3testing/multi/part-4.out
upload: multi/part-10.out to s3://l3testing/multi/part-10.out
upload: multi/part-5.out to s3://l3testing/multi/part-5.out
upload: multi/part-6.out to s3://l3testing/multi/part-6.out
upload: multi/part-8.out to s3://l3testing/multi/part-8.out
upload: multi/part-7.out to s3://l3testing/multi/part-7.out
upload: multi/part-9.out to s3://l3testing/multi/part-9.out
Update files
Only 5 files should now be uploaded. Timestamps for all 10 files should be changed.
Connecting to CheckPoint VPN SNX in Linux
This guide explains how to connect to CheckPoint VPN using SNX (SSL Network Extender) on Linux systems.
Prerequisites
Ensure you have received the following information from your VPN administrator:
- VPN Certificate file (.p12)
- Your VPN password
- Your server username
Please use that information to replace placeholders in scripts found in this tutorial.
Installation Script
You can either download from their website (crappy and frustrating) or get it directly via http://gateway-ip.
Connecting to Checkpoint QVPN SXN in Linux
This tutorial provides a step-by-step guide on how to connect to a Checkpoint QVPN on a Linux system. It covers prerequisites, installation of the snx client, and automation scripts for connecting and disconnecting.
Prerequisites
Ensure you have received their E-Mail and following information:
- VPN Certificate file (.p12)
- Your VPN password
- Your server username
Please use that information to replace placeholders in scripts found in this tutorial.
Installation script
You can either download from their website (which can be frustrating) or get it directly via http://gateway-ip.
Update Confluence Page by API
You can create you own API token here: https://id.atlassian.com/manage/api-tokens and live-update any information you want. The script basicaly creates a HTML file, pumps it by JQ into a JSON-file and uploads it.
#!/bin/bash
# Update Confluence page by API
# Strict mode
set -euo pipefail
# Some informations
PAGEID=602767382
SPACE="EL3"
AUTH="user@example.com:GETYOUROWNTOKENORNEVERKNOW"
API_URL="https://mycompany.atlassian.net/wiki/rest/api"
# Create temp dir
TMP=$( mktemp -d )
# Shutdown handler
shutdown() {
# Cleanup temp directory
if [ -e "$TMP" ]; then
rm -fr "$TMP"
fi
}
trap shutdown TERM EXIT
# We first need current page version for update with next-page version
curl --silent --user ${AUTH} ${API_URL}/content/${PAGEID} > ${TMP}/current.json
VERSION=$( cat ${TMP}/current.json | jq '.version.number' )
NEXTVERSION=$( expr 1 + ${VERSION} )
echo Got Version: ${VERSION}
# Get information
create page.txt
# Create HTML file
echo "
Date of creation: $( date --utc )
<pre>$( cat ${TMP}/page.txt | sed 's/$/<br\>/g' | tr -d '\n' )</br\></pre>
" > ${TMP}/page.html
# Prepare upload JSON with JQ
cat ${TMP}/page.html | jq -sR "@text | {\"id\":\"$PAGEID\",\"type\":\"page\",\"title\":\"Information Gathering\",\"space\":{\"key\":\"${SPACE}\"},\"body\":{\"storage\":{\"value\": . ,\"representation\":\"storage\"}},\"version\":{\"number\":${NEXTVERSION}}}" > ${TMP}/upload.json
# Upload
curl \
--silent \
--user ${AUTH} \
-X PUT -H 'Content-Type: application/json' \
-T ${TMP}/upload.json \
${API_URL}/content/${PAGEID} \
1>/dev/null
echo Updated Version: ${NEXTVERSION}
IP in VPN vs. LAN: Alias IP Address by iptables
Scenario: Using a Consistent IP Address
When you’re at work, you are on the LAN and use an IP address like 192.168.x.x. When you work from home, you connect via VPN to the same database (DB), and your IP address changes to 10.x.x.x. You want to avoid changing configuration files for your application every time you switch environments.
This problem can be easily worked around using iptables to create an IP address alias.
Better than VNC and TeamViewer - NoMachine and the NX protocol
NoMachine and the NX Protocol for Remote Desktop
The NX protocol is essentially a successor to the X protocol and is excellent for remote display and streaming. NoMachine implements this technology, offering a robust, cross-platform alternative to VNC with superior performance and video streaming capabilities. It is also a good alternative to TeamViewer.
A key advantage of NoMachine is its seamless cross-platform support for keyboard and mouse, which is often an issue with many other alternatives to TeamViewer. Despite this, TeamViewer remains my preferred choice for now.
Anti-Patterns and Mental Downers
Cognitive Biases and Communication Gaps
Most people are familiar with anti-patterns, but this discussion focuses more on the psychological side of working in complex environments.
I’ve personally experienced how poor communication can lead to issues. For example, I once believed there was a mandatory release chat and tried to gather information, only to have my questions in the company chat go unanswered. I was eventually added, but two months late. Similarly, I was forgotten when access was granted to a Shared Google Drive folder, yet everyone assumed I had the shared information because the distribution was taken as obvious.
Untitled
+++ title = ‘Better than VNC and TeamViewer - NoMachine and the NX protocol’ date = ‘2016-07-30T22:01:57+02:00’ draft = false tags = [] +++
About
The NX protocol is basicaly a successor to the X protocol and very nyce for Streaming. No Machine implements that and is a better VNC with video streaming and a nice alternative to TeamViewer with good cross-platform capabilities.
In-Depth
In 2001, the compression and transport protocol NX was created to improve on the performance of the native X display protocol to the point that it could be usable over a slow link such as a dial-up modem. It wrapped remote connections Secure Shell for encryption.