path: root/gemfeed/atom.xml

<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
    <updated>2023-03-12T17:13:52+02:00</updated>
    <title>foo.zone feed</title>
    <subtitle>To be in the .zone!</subtitle>
    <link href="gemini://foo.zone/gemfeed/atom.xml" rel="self" />
    <link href="gemini://foo.zone/" />
    <id>gemini://foo.zone/</id>
    <entry>
        <title>How to shut down after work</title>
        <link href="gemini://foo.zone/gemfeed/2023-02-26-how-to-shut-down-after-work.gmi" />
        <id>gemini://foo.zone/gemfeed/2023-02-26-how-to-shut-down-after-work.gmi</id>
        <updated>2023-02-26T17:13:52+02:00</updated>
        <author>
            <name>Paul C. Buetow</name>
            <email>comments@mx.buetow.org</email>
        </author>
        <summary>Do you need help fully discharging from work in the evenings or for the weekend? Shutting down from work won't just improve your work-life balance; it will also significantly improve the quality of your personal life and work. After a restful weekend, you will be much more energized and productive the next working day. So it should not just be in your own, but also your employers' interest that you fully relax and shut down after work. . .....to read on please visit my site.</summary>
        <content type="xhtml">
            <div xmlns="http://www.w3.org/1999/xhtml">
                <h1>How to shut down after work</h1>
<p class="quote"><i>Author: Paul; Published: 2023-02-26T23:48:01+02:00</i></p>
<pre>
    |\   "Music should be heard not only with the ears, but also the soul."
|---|--\-----------------------|-----------------------------------------|  
|   |   |\                     |                   |@     |\             |
|---|---|--\-------------------|-------------/|----|------|--\----|------|     
|  @|   |   |\          |O     |        3  /  |    |@     |       |      | 
|---|--@|---|--\--------|------|---------/----|----|------|-------|------|      
|  @|      @|    \      |O     |       / |    |    |@    @|      @|.     | 
|-----------|-----|-----|------|-----/---|---@|----|--------------|------|     
|          @|     |     |O     |    |    |         |             @|.     | 
|-----------|----@|-----|------|----|---@|------------------------|------|  
           @|           |           |        Larry Komro         @|.     
                                  -@-        [kom...@uwec.edu]
</pre><br />
<p>Do you need help fully discharging from work in the evenings or for the weekend? Shutting down from work won't just improve your work-life balance; it will also significantly improve the quality of your personal life and work. After a restful weekend, you will be much more energized and productive the next working day. So it should not just be in your own, but also your employers' interest that you fully relax and shut down after work. </p>
<h2>Have a shutdown routine</h2>
<p>Have a routine. Try to finish work around the same time every day. Write any outstanding tasks down for the next day, so you are sure you will remember them. Writing them down brings wonders as you can remove them from your mind for the remainder of the day (or the upcoming weekend) as you know you will surely pick them up the next working day. Tidying up your workplace could also count toward your daily shutdown routine. </p>
<p>A commute home from the office also greatly helps, as it disconnects your work from your personal life. Don't work on your commute home, though! If you don't commute but work from home, then it helps to walk around the block or in a nearby park to disconnect from work. </p>
<h2>Don't work when you officially don't work</h2>
<p>Unless you are self-employed, you have likely signed an N-hour per week contract with your employer, and your regular working times are from X o'clock in the morning to Y o'clock in the evening (with M minutes lunch break in the middle). And there might be some flexibility in your working times, too. But that kind of flexibility (e.g. extending the lunch break so that there is time to pick up a family member from the airport) will be agreed upon, and you will counteract it, for example, by starting working earlier the next day or working late, that one exception. But overall, your weekly working time will stay N hours. </p>
<p>Another exception would be when you are on an on-call schedule and are expected to watch your work notifications out-of-office times. But that is usually only a few days per month and, therefore, not the norm. And it should also be compensated accordingly. </p>
<p>There might be some maintenance work you must carry out, which can only be done over the weekend, but it should be explicitly agreed upon and compensated for. Also, there might be a scenario that a production incident comes up shortly before the end of the work day, requiring you (and your colleagues) to stay a bit longer. But this should be an exceptional case.</p>
<p>Other than that, there is no reason why you should work out-of-office hours. I know many people who suffer "the fear of missing out", so slack messages and E-Mails are checked until late in the evening, during weekends or holidays. I have been improving here personally a lot over the last couple of months, but still, I fall into this trap occasionally. </p>
<p>Also, when you respond to slack messages and E-Mails, your colleagues can think that you have nothing better to do. They also will take it for granted and keep slacking and messaging you out of regular office times. </p>
<p>Checking for your messages constantly outside of regular office times makes it impossible to shut down and relax from work altogether. </p>
<h2>Distract your mind</h2>
<p>Often, your mind goes back to work-related stuff even after work. That's normal as you concentrated highly on your work throughout the day. The brain unconsciously continues to work and will automatically present you with random work-related thoughts. You can counteract this by focusing on non-work stuff, which may include:</p>
<ul>
<li>Exercise. A half an hour workout or yoga session, followed by some stretching, helps to calm your mind after work. </li>
<li>Play (with your family, pets, friends, or video game)</li>
<li>Mindfully listen to music. When have you ever "really" listened to music? I mean, not just as a background stimulation but really paid attention to the melody, rhythm, voice and lyrics? That requires focused attention and distracts you from other thoughts. </li>
<li>Think of or work on that fun passion project. I currently, for example, like to learn and code a bit in Rakulang. </li>
<li>Read. Nothing beats reading a good Science Fiction Novel (or whatever you prefer) before falling asleep.</li>
</ul>
<p>Some of these can be habit-stacked: Exercise could be combined with watching videos about your passion project (e.g. watching lectures about that new programming language you are currently learning for fun). With walking, for example, you could combine listening to an Audiobook or music, or you could also think about your passion project during that walk.  </p>
<h2>Get a pet</h2>
<p>Even if you have children, it helps wonders to get a pet. My cat, for example, will remind me a few times daily to take a few minute's breaks to pet, play or give food. So my cat not only helps me after work but throughout the day.</p>
<p>My neighbour also works from home, and he has dogs, which he regularly has to take out to the park.</p>
<h2>Journal your day</h2>
<p>If you are upset about something, making it impossible to shut down from work, write down everything (e.g., with a pen in a paper journal). Writing things down helps you to "get rid" of the negative. Especially after conflicts with colleagues or company decisions, you don't agree on. This kind of self-therapy is excellent. Brainstorm all your emotions and (even if opinionated) opinions so you have everything on paper. Once done, you don't think about it so much anymore, as you know you can access that information if required. But stopping ruminating about it will be much easier now. You will likely never access that information again, though. But at least writing the thoughts down saved your day. </p>
<p>Write down three things which went well for the day. This helps you to appreciate the day. </p>
<h2>Don't stress about what your employer expects from you</h2>
<p>Think about what's fun and motivates you. Maybe the next promotion to Principal or a Manager role isn't for you. Many fall into the trap of stressing themselves out to satisfy the employer so that the next upgrade will happen and think about it constantly, even after work. But it is more important that you enjoy your craftsmanship. Work on what you expect from yourself. Ideally, your goals should be aligned with your employer. I am not saying you should abandon everything what your manager is asking you to do, but it is, after all, your life. And you have to decide where and on what you want to work. But don't sell yourself short. Keep track of your accomplishments.</p>
<h2>Call it a day</h2>
<p>Every day you gave your best was good; the day's outcome doesn't matter. What matters is that you know you gave your best and are closer to your goals than the previous day. This gives you a sense of progress and accomplishment.</p>
<p>There are some days at work you feel drained afterwards and think you didn't progress towards your goals at all. It's more challenging to shut down from work after such a day. A quick hack is to work on a quick win before the end of the day, giving you a sense of accomplishment after all. Another way is to make progress on your fun passion project after work. It must not be work-related, but a sense of accomplishment will still be there.</p>
<p> </p>
<p>E-Mail your comments to hi@paul.cyou :-)</p>
            </div>
        </content>
    </entry>
    <entry>
        <title>Why GrapheneOS rox</title>
        <link href="gemini://foo.zone/gemfeed/2023-01-23-why-grapheneos-rox.gmi" />
        <id>gemini://foo.zone/gemfeed/2023-01-23-why-grapheneos-rox.gmi</id>
        <updated>2023-01-23T17:13:52+02:00</updated>
        <author>
            <name>Paul C. Buetow</name>
            <email>comments@mx.buetow.org</email>
        </author>
        <summary>Art by Joan Stark. .....to read on please visit my site.</summary>
        <content type="xhtml">
            <div xmlns="http://www.w3.org/1999/xhtml">
                <h1>Why GrapheneOS rox</h1>
<p class="quote"><i>Author: Paul; Published: 2023-01-23T15:31:52+02:00</i></p>
<pre>
Art by Joan Stark
               _.===========================._
            .'`  .-  - __- - - -- --__--- -.  `'.
        __ / ,'`     _|--|_________|--|_     `'. \
      /'--| ;    _.'\ |  '         '  | /'._    ; |
     //   | |_.-' .-'.'      ___      '.'-. '-._| |
    (\)   \"` _.-` /     .-'`_ `'-.     \ `-._ `"/
    (\)    `-'    |    .' .-'" "'-. '.    |    `-`
   (\)            |   / .'(3)(2)(1)'. \   |
   (\)            |  / / (4) .-.     \ \  |
   (\)            |  | |(5) (   )'==,J |  |
  (\)             |  \ \ (6) '-' (0) / /  |
 (\)              |   \ '.(7)(8)(9).' /   |
 (\)           ___|    '. '-.._..-' .'    |
 (\)          /.--|      '-._____.-'      |
  (\)        (\)  |\_  _  __   _   __  __/|
 (\)        (\)   |                       |
(\)_._._.__(\)    |                       |
 (\\\\jgs\\\)      '.___________________.'
  '-'-'-'--'
</pre><br />
<p>In 2021 I wrote "On Being Pedantic about Open-Source", and there was a section "What about mobile?" where I expressed the dilemma about the necessity of using proprietary mobile operating systems. With GrapheneOS, I found my perfect solution for personal mobile phone use. </p>
<a class="textlink" href="https://foo.zone/gemfeed/2021-08-01-on-being-pedantic-about-open-source.html">On Being Pedantic about Open-Source</a><br />
<p>What is GrapheneOS?</p>
<p class="quote"><i>GrapheneOS is a privacy and security-focused mobile OS with Android app compatibility developed as a non-profit open-source project. It's focused on the research and development of privacy and security technologies, including substantial improvements to sandboxing, exploits mitigations and the permission model.</i></p>
<p>GrapheneOS is an independent Android distribution based on the Android Open Source Project (AOSP) but hardened in multiple ways. Other independent Android distributions, like LineageOS, are also based on AOSP, but GrapheneOS takes it further so that it can be my daily driver on my phone.</p>
<a class="textlink" href="https://GrapheneOS.org">https://GrapheneOS.org</a><br />
<a class="textlink" href="https://LineageOS.org">https://LineageOS.org</a><br />
<h2>User Profiles</h2>
<p>GrapheneOS allows configuring up to 32 user profiles (including a guest profile) on a single phone. A profile is a completely different environment within the phone, and it is possible to switch between them instantly. Sessions of a profile can continue running in the background or be fully terminated. Each profile can have completely different settings and different applications installed.</p>
<p>I use my default profile with primarily open-source applications installed, which I trust. I use another profile for banking (PayPal, various proprietary bank apps, Amazon store app, etc.) and another profile for various Google services (which I try to avoid, but I have to use once in a while). Furthermore, I have configured a profile for Social Media use (that one isn't in my default profile, as otherwise I am tempted to scroll social media all the time, which I try to avoid and only want to do intentionally when switching to the corresponding profile!).</p>
<p>The neat thing about the profiles is that some can run a sandboxed version of Google Play (see later in this post), while others don't. So some profiles can entirely operate without any Google Play, and only some profiles (to which I rarely switch) have Google Play enabled. </p>
<p>You notice how much longer (multiple days) your phone can be on a single charge when Google Play Services isn't running in the background. This tells a lot about the background activities and indicates that using Google Play shouldn't be the norm.</p>
<h2>Proxying some of the Google offerings </h2>
<p>There's also the case that I am using an app from the Google Play store (as the app isn't available from F-Droid), which doesn't require Google Play Services to run in the background. Here's where I use the Aurora Android store. The Aurora store can be installed through F-Droid. Aurora acts as an anonymous proxy from your phone to the Google Play Store and lets you install apps from there. No Google credentials are required for that!</p>
<a class="textlink" href="https://f-droid.org">https://f-droid.org</a><br />
<p>There's a similar solution for watching videos on YouTube. You can use the NewPipe app (also from F-Droid), which acts as an anonymous proxy for watching videos from YouTube. So there isn't any need to install the official YouTube app, and there isn't any need to login to your Google account. What's so bad about the official app? You don't know which data it is sending about you to Google, so it is a privacy concern. </p>
<h2>Google Play Sandboxing </h2>
<p>Before switching to GrapheneOS, I had been using LineageOS on one of my phones for a couple of years. Still, I always had to have a secondary personal phone with all of these proprietary apps which (partially) only work with Google Play on the phone (e.g. Banking, Navigation, various travel apps from various Airlines, etc.) somewhere around as I didn't install Google Play on my LineageOS phone due to privacy concerns and only installed apps from the F-Droid store on it. When travelling, I always had to carry around a second phone with Google Play on it, as without it; life would become inconvenient pretty soon. </p>
<p>With GrapheneOS, it is different. Here, I do not just have a separate user profile, "Google", for various Google apps where Google Play runs, but Google Play also runs in a sandbox!!!</p>
<p class="quote"><i>GrapheneOS has a compatibility layer providing the option to install and use the official releases of Google Play in the standard app sandbox. Google Play receives no special access or privileges on GrapheneOS instead of bypassing the app sandbox and receiving a massive amount of highly privileged access. Instead, the compatibility layer teaches it how to work within the full app sandbox. It also isn't used as a backend for the OS services as it would be elsewhere since GrapheneOS doesn't use Google Play even when it's installed.</i></p>
<p>When I need to access Google Play, I can switch to the "Google" profile. Even there, Google is sandboxed to the absolute minimum permissions required to be operational, which gives additional privacy protection.</p>
<p>The sad truth is that Google Maps is still the best navigation app. When driving unknown routes, I can switch to my Google profile to use Google Maps. I don't need to do that when going streets I know about, but it is crucial (for me) to have Google Maps around when driving to a new destination.</p>
<p>Also, Google Translate and Google Lens are still the best translation apps I know. I just recently relocated to another country, where I am still learning the language, so Google Lens has been proven very helpful on various occasions by ad-hoc translating text into English or German for me.</p>
<p>The same applies to banking. Many banking apps require Google Play to be available (It might be even more secure to only use banking apps from the Google Play store due to official support and security updates). I rarely need to access my mobile banking app, but once in a while, I need to. As you have guessed by now, I can switch to my banking profile (with Google Play enabled), do what I need to do, and then terminate the session and go back to my default profile, and then my life can go on :-). </p>
<p>It is great to have the flexibility to use any proprietary Android app when needed. That only applies to around 1% of my phone usage time, but you often don't always know when you need "that one app now". So it's perfect that it's covered with the phone you always have with you. </p>
<h2>The camera and the cloud </h2>
<p>I really want my phone to shoot good looking pictures, so that I can later upload them to the Irregular Ninja:</p>
<a class="textlink" href="https://irregular.ninja">https://irregular.ninja</a><br />
<p>The stock camera app of the OASP could be better. Photos usually look washed out, and the app lacks features. With GrapheneOS, there are two options:</p>
<ul>
<li>Use the official Google camera app with sandboxed Google Play Services running. You will get the full Google experience here.</li>
<li>Or, just use the default GrapheneOS camera app.</li>
</ul>
<p>The GrapheneOS camera app is much better than the stock OASP camera app. I have been comparing the photo quality of my Pixel phone under LineageOS and GrapheneOS, and the differences are pronounced. I didn't compare the quality with the official Google camera app, but I have seen some comparison videos and the differences seem like they aren't groundbreaking. </p>
<p>For automatic backups of my photos, I am relying on a self-hosted instance of NextCloud (with a client app available via F-Droid). So there isn't any need to rely on any Google apps and services (Google Play Photos or Google Camera app) anymore, and that's great!</p>
<a class="textlink" href="https://nextcloud.com">https://nextcloud.com</a><br />
<p>I also use NextCloud to synchronize my notes (NextCloud Notes), my RSS news feeds (NextCloud News) and contacts (DAVx5). All apps required are available in the F-Droid store.</p>
<h2>Fine granular permissions</h2>
<p>Another great thing about GrapheneOS is that, besides putting your apps into different profiles, you can also restrict network access and configure storage scopes per app individually.</p>
<p>For example, let's say you are installing that one proprietary app from the Google Play Store through the Aurora store, and then you want to ensure that the app doesn't send data "home" through the internet. Nothing is easier to do than that. Just remove network access permissions from that only app.</p>
<p>The app also wants to store and read some data from your phone (e.g. it could be a proprietary app for enhancing photos, and therefore storage access to a photo folder would be required). In GrapheneOS, you can configure a storage scope for that particular app, e.g. only read and write from one folder but still forbid access to all other folders on your phone.</p>
<h2>Termux</h2>
<p>Termux can be installed on any Android phone through F-Droid, so it doesn't need to be a GrapheneOS phone. But I have to mention Termux here as it significantly adds value to my phone experience. </p>
<p class="quote"><i>Termux is an Android terminal emulator and Linux environment app that works directly with no rooting or setup required. A minimal base system is installed automatically - additional packages are available using the APT package manager.</i></p>
<a class="textlink" href="https://termux.dev">https://termux.dev</a><br />
<p>In short, Termux is an entire Linux environment running on your Android phone. Just pair your phone with a Bluetooth keyboard, and you will have the whole Linux experience. I am only using terminal Linux applications with Termux, though. What makes it especially great is that I could write on a new blog post (in Neovim through Termux on my phone) or do some coding whilst travelling (e.g. during a flight), or look up my passwords or some other personal documents (through my terminal-based password manager). All changes I commit to Git can be synced to the server with a simple <span class="inlinecode">git push</span> once online (e.g. after the plane landed) again.</p>
<p>There are Pixel phones with a screen size of 6", and that's decent enough for occasional use like that, and everything (the phone, the BT keyboard, maybe an external battery pack) all fit nicely in a small travel pocket.</p>
<h2>So, why not use a pure Linux phone?</h2>
<p>Strictly speaking, an Android phone is a Linux phone, but it's heavily modified and customized. For me, a "pure" Linux phone is a more streamlined Linux kernel running in a distribution like Ubuntu Touch or Mobian. </p>
<p>A pure Linux phone, e.g. with Ubuntu Touch installed, e.g. on a PinePhone, Fairphone, the Librem 5 or the Volla phone, is very appealing to me. And they would also provide an even better Linux experience than Termux does. Some support running LineageOS within an Anbox, enabling you to run various proprietary Android apps occasionally within Linux.</p>
<a class="textlink" href="https://ubuntu-touch.io/">Ubuntu Touch</a><br />
<a class="textlink" href="https://en.wikipedia.org/wiki/Linux_for_mobile_devices">More Linux distributions for mobile devices </a><br />
<p>But here, Google Play would not be sandboxed; you could not configure individual network permissions and storage scopes like in GrapheneOS. Pure Linux-compatible phones usually come with a crappy camera, and the battery life is generally pretty bad (only a few hours). Also, no big tech company pushes the development of Linux phones. Everything relies on hobbyists, whereas multiple big tech companies put a lot of effort into the Android project, and a lot of code also goes into the Android Open-Source project.  </p>
<p>Currently, pure Linux phones are only a nice toy to tinker with but are still not ready (will they ever?) to be the daily driver. SailfishOS may be an exception; I played around with it in the past. It is pretty usable, but it's not an option for me as it is partial a proprietary operating system.</p>
<a class="textlink" href="https://sailfishos.org">SailfishOS</a><br />
<h2>Small GrapheneOS downsides </h2>
<p>Sometimes, switching a profile to use a different app is annoying, and you can't copy and paste from the system clipboard from one profile to another. But that's a small price I am willing to pay!</p>
<p>Another thing is that GrapheneOS can only run on Google Pixel phones, whereas LineageOS can be installed on a much larger variety of hardware. But on the other hand, GrapheneOS works very well on Pixel phones. The GrapheneOS team can concentrate their development efforts on a smaller set of hardware which then improves the software's quality (best example: The camera app).</p>
<p>And, of course, GrapheneOS is an open-source project. This is a good thing; however, on the other side, nobody can guarantee that the OS will not break or will not damage your phone. You have to trust the GrapheneOS project and donate to the project so they can keep up with the great work. But I rather trust the GrapheneOS team than big tech. </p>
<p>E-Mail your comments to hi@paul.cyou :-)</p>
            </div>
        </content>
    </entry>
    <entry>
        <title>Ultra(re)learning Java - My takeaways</title>
        <link href="gemini://foo.zone/gemfeed/2022-12-24-ultrarelearning-java-my-takeaways.gmi" />
        <id>gemini://foo.zone/gemfeed/2022-12-24-ultrarelearning-java-my-takeaways.gmi</id>
        <updated>2022-12-24T17:13:52+02:00</updated>
        <author>
            <name>Paul C. Buetow</name>
            <email>comments@mx.buetow.org</email>
        </author>
        <summary>As a regular participant in the annual Pet Project competition at work, I always try to find a project where I can learn something new. In this post, I would like to share my takeaways after revisiting Java. You can read about my motivations in my 'Creative universe' post:. .....to read on please visit my site.</summary>
        <content type="xhtml">
            <div xmlns="http://www.w3.org/1999/xhtml">
                <h1>Ultra(re)learning Java - My takeaways</h1>
<p class="quote"><i>Author: Paul; Published: 2022-12-24T23:18:40+02:00</i></p>
<a href="https://foo.zone/gemfeed/2022-12-24-ultrarelearning-java-my-takeaways/learnjava.jpg"><img src="https://foo.zone/gemfeed/2022-12-24-ultrarelearning-java-my-takeaways/learnjava.jpg" /></a><br />
<p>As a regular participant in the annual Pet Project competition at work, I always try to find a project where I can learn something new. In this post, I would like to share my takeaways after revisiting Java. You can read about my motivations in my "Creative universe" post:</p>
<a class="textlink" href="https://foo.zone/gemfeed/2022-04-10-creative-universe.html">Creative universe</a><br />
<p>I have been programming in Java back in the days as a university student, and even my Diploma Thesis I implemented in Java (it would require some overhaul so that it is fully compatible with a recent version of Java, though - It still compiles and runs, but with a lot of warnings, though!):</p>
<a class="textlink" href="https://codeberg.org/snonux/vs-sim">VS-Sim: Distributed systems simulator</a><br />
<p>However, after that, I became a Linux Sysadmin and mainly continued programming in Perl, Puppet, bash, and a little Python. For personal use, I also programmed a bit in Haskell and C. After my Sysadmin role, I moved to London and became a Site Reliability Engineer (SRE), where I mainly programmed in Ruby, bash, Puppet and Golang and a little bit of C. </p>
<p>At my workplace, as an SRE, I don't do Java a lot. I have been reading Java code to understand the software better so I can apply and suggest workarounds or fixes to existing issues and bugs. However, most of our stack is in Java, and our Software Engineers use Java as their primary programming language.</p>
<h2>Stuck at Java 1.4</h2>
<p>Over time, I had been missing out on many new features that were added to the language since Java 1.4, so I decided to implement my next Pet Project in Java and learn every further aspect of the language as my main goal. Of course, I still liked the idea of winning a Pet Project Prize, but my main objective was to level up my Java skills.</p>
<h2>Ultra(re)lerning &amp; upskilling to Java 18</h2>
<h3>Effective Java</h3>
<p>This book was recommended by my brother and also by at least another colleague at work to be one of the best, if not the best, book about Java programming. I read the whole book from the beginning to the end and immersed myself in it. I fully agree; this is a great book. Every Java developer or Java software engineer should read it!</p>
<a href="https://foo.zone/gemfeed/2022-12-24-ultrarelearning-java-my-takeaways/effective-java.jpg"><img src="https://foo.zone/gemfeed/2022-12-24-ultrarelearning-java-my-takeaways/effective-java.jpg" /></a><br />
<p>I recommend reading the 90-part effective Java Series on <span class="inlinecode">dev.to</span>. It's a perfect companion to the book as it explains all the chapters again but from a slightly different perspective and helps you to really understand the content.</p>
<a class="textlink" href="https://dev.to/kylec32/series/2292">Kyle Carter's 90-part Effective Java Series </a><br />
<h3>Java Pub House</h3>
<p>During my lunch breaks, I usually have a walk around the block or in a nearby park. I used that time to listen to the Java Pub House podcast. I listened to *every* episode and learned tons of new stuff. I can highly recommend this podcast. Especially GraalVM, a high-performance JDK distribution written for Java and other JVM languages, captured my attention. GraalVM can compile Java code into native binaries, improving performance and easing the distribution of Java programs. Because of the latter, I should release a VS-Sim GraalVM edition one day through a Linux AppImage ;-).</p>
<a class="textlink" href="https://www.javapubhouse.com">https://www.javapubhouse.com</a><br />
<a class="textlink" href="https://www.graalvm.org">https://www.graalvm.org</a><br />
<h3>Java Concurrency course</h3>
<p>I also watched a course on O'Reilly Safari Books online about Java Concurrency. That gave an excellent refresher on how the Java thread pools work and what were the concurrency primitives available in the standard library.</p>
<h3>Read a lot of Java code</h3>
<p>First, the source code is often the best documentation (if programmed nicely), and second, it helps to get the hang of the language and standard practices. I started to read more and more Java code at work. I did that whenever I had to understand how something, in particular, worked (e.g. while troubleshooting and debugging an issue). </p>
<h3>Observed Java code reviews</h3>
<p>Another great way to get the hang of Java again was to sneak into the code reviews of the Software Engineer colleagues. They are the expert on the matter and are a great source to copy knowledge. It's OK to stay passive and only follow the reviews. Sometimes, it's OK to step up and take ownership of the review. The developers will also always be happy to answer any naive questions which come up.</p>
<h3>Took ownership of a roadmap-Java project</h3>
<p>Besides my Pet Project, I also took ownership of a regular roadmap Java project at work, making an internal Java service capable of running in  Kubernetes. This was a bunch of minor changes and adding a bunch of classes and unit tests dealing with the statelessness and a persistent job queue in Redis. The job also involved reading and understanding a lot of already existing Java code. It wasn't part of my job description, but it was fun, and I learned a lot. The service runs smoothly in production now. Of course, all of my code got reviewed by my Software Engineering colleagues.</p>
<h2>The good</h2>
<p>From the new language features and syntaxes, there are many personal takeaways, and I can't possibly list them all, but here are some of my personal highlights:</p>
<ul>
<li>Static factory methods and public constructors both have their uses, and it pays to understand their relative merits. Often static factories are preferable (cleaner and easier to read), so avoid the reflex to provide public constructors without first considering static factories.</li>
<li>Java streams were utterly new to me. I love how they can help to produce more compact code. But it's challenging to set the line of when enough is enough. Overusing streams can have the opposite effect: Code becomes more complex and challenging to understand. And it is so easy to parallelize the computation of streams by "just" marking the stream as <span class="inlinecode">.parallel()</span> (more on that later in this post).</li>
<li>Overall, object-oriented languages tend to include more and more functional paradigms. The functional interfaces, which Java provides now, are fantastic. Their full powers shine in combination with the use of streams. An entire book can be written about Java functional interfaces, so I leave it to you to do any further digging.</li>
<li>Local type inference help to reduce even more boilerplate code. E.g. instead of <span class="inlinecode">Hash&lt;String,Hash&lt;String,String&gt;&gt; foo = new Hash&lt;String,Hash&lt;String,String&gt;&gt;();</span> it's possible to just write <span class="inlinecode">var foo = new Hash&lt;String,Hash&lt;String,String&gt;&gt;();</span></li>
<li>Class inheritance isn't the preferred way anymore to structure reusable code. Now, it's composition over inheritance. E.g. use dependency injection (inject one object to another object through its constructor) or prefer interfaces (which now also support default implementations of methods) over class inheritance. This makes sense to me as I do that already when I program in Ruby. </li>
<li>I learned the <span class="inlinecode">try-with-resources</span> pattern. Very useful in ensuring closing resources again correctly. No need anymore for complicated and nested <span class="inlinecode">finally</span>-blocks, which used to be almost impossible to get right previously in case of an error condition (e.g. I/O error somewhere deeply nested in an input or output stream).</li>
<li>Optimize only when required. It's considered to be cleaner to prefer immutable variables (declaring them as <span class="inlinecode">final</span>). I knew that already, but for Java, it always seemed to be a waste of resources (creating entirely new objects whenever states change), but apparently, it's okay. Java also does many internal tricks for performance optimization here, e.g. interning strings.</li>
<li>I learned about the concept of static member classes and the difference between non-static member classes (also sometimes known as inner classes). Non-static member classes have full access to all members of their outer class (think of closure). In contrast, static member classes act like completely separate classes without such access but provide the benefit of a nested name that can help group functionality in the code.</li>
<li>I learned about the existence of thread-local variables. These are only available to the current thread and aren't shared with other threads.</li>
<li>I learned about the concept of Java modules, which help to structure larger code bases better. The traditional Java packages are different. </li>
<li>I learned to love the new <span class="inlinecode">Optional</span> type. I already knew the concept from Haskell, where <span class="inlinecode">Maybe</span> would be the corresponding type. <span class="inlinecode">Optional</span> helps to avoid <span class="inlinecode">null</span>-pointers but comes with some (minimal) performance penalty. So, in the end, you end up with both <span class="inlinecode">Optional</span> types and <span class="inlinecode">null</span>-pointers in your code (depending on the requirements). But I like to prefer <span class="inlinecode">Optional</span> over <span class="inlinecode">null</span>-pointer when "no result" is a valid return value from a method.</li>
<li>The <span class="inlinecode">enum</span> type is way more powerful than I thought. Initially, I felt an <span class="inlinecode">enum</span> could only be used to define a list of constants and then to compare an instance to another instance of the same. An <span class="inlinecode">enum</span> is still there to define a list of constants, but it's also almost like a <span class="inlinecode">class</span> (you can implement constructors, and methods, inherit from other enums). There are quite a lot of possible use cases.</li>
<li>A small but almost the most helpful thing I learned is always to use the <span class="inlinecode">@Override</span> annotation when overriding a method from a parent class. If done, Java helps to detect any typos or type errors when overriding methods. That's useful and spares a lot of time debugging where a method was mistakenly overloaded but not overridden.</li>
<li>Lambdas are much cleaner, shorter and easier to read than anonymous classes. Many Java libraries require passing instances of (anonymous) classes (e.g. in Swing) to other objects. Lambdas are so lovely because they are primarily compatible with the passing of anonymous classes, so they are a 1:1 replacement in many instances. Lambdas also play very nicely together with the Java functional interfaces, as each Lambda got a type, and the type can be an already existing functional interface (or, if you got a particular case, you could define your custom functional interface for your own set of Lambdas, of course).</li>
<li>I love the concept of Java records. You can think of a record as an immutable object holding some data (as members). They are ideal for pipe and stream processing. They are much easier to define (with much less boilerplate) and come with write protection out of the box.</li>
</ul>
<h2>The bad and the ugly</h2>
<p>There are also many ugly corners in Java. Many are doomed to stay there forever due to historical decisions and ensuring backward compatibility with older versions of the Java language and the Java standard library. </p>
<ul>
<li>Finalizers and cleaners seem obsolete, fragile and still, you can use them.</li>
<li>In many cases, extreme caution needs to be taken to minimize the accessibility of class members. You might think that Java provides the best "out-of-the-box" solution for proper encapsulation, but the language has many loopholes.</li>
<li>In the early days, Java didn't support generics yet. So what you would use is to cast everything to <span class="inlinecode">Object</span>. Java now fully supports generics (for a while already), but you can still cast everything to <span class="inlinecode">Object</span> and back to whatever type you want. That can lead to nasty runtime errors. Also, there's a particular case to convert between an Array of Object to an Array of String or from an Array of String to a List of String. Java can't convert between these types automatically, and extreme caution needs to be taken when enforcing so (e.g. through explicit type casts). In many of these cases, Java would print out warnings that need to be manually suppressed via annotations. Programming that way, converting data between old and new best practices, is clunky.</li>
<li>If you don't know what you do, Java streams can be all wrong. Side effects in functions used in streams can be nasty to debug. Also, don't just blindly add a <span class="inlinecode">.parallel()</span> to your stream. You need to understand what the stream does and how it exactly works; otherwise, parallelizing a stream can impact the performance drastically (in a negative way). There need to be language constructs preventing you from doing the wrong things. That's so much easier to do it right in a purely functional programming language like Haskell.</li>
<li>Java is a pretty old language (already), so there are many obstacles to consider. There are too many exceptions and different outcomes of how Java code can behave. In most cases, when you write an API, every method you program needs to be documented so the user won't encounter any surprises using your code. Writing and reading a lot of documentation seems to be quite the overhead when the method name is already descriptive.</li>
<li>Java serialization is broken. It works, and the language still supports it, but you better not use Java's native way of object serialization and deserialization. Unbelievable how much can get wrong here, especially regarding security (injecting arbitrary code).</li>
<li>Being a bit spoiled by Golang's Goroutines, I was shocked about the limitations of the Java threads. They are resource hungry, and you can't just spin up millions of them as you would with Goroutines. I knew this limitation of threads already (as it's not a problem of the language but of how threads work in the OS), but still, I was pretty shocked when I got reminded of them again. Of course, there's a workaround: Use asynchronous sockets so that you don't waste a whole thread on a single I/O operation (in my case, waiting for a network response). Golang's runtime does that automatically for you: An OS thread will be re-used for other tasks until the network socket unblocks. Every modern programming language should support lightweight threads or Coroutines like Go's Goroutines. </li>
</ul>
<h2>Conclusion</h2>
<p>While (re)learning Java, I felt like a student again and was quite enthusiastic about it initially. I invested around half a year, immersing myself intensively in Java (again). The last time I did that was many years ago as a university student. I even won a Silver Prize at work, implementing a project this year (2022 as of writing this). I feel confident now with understanding, debugging and patching Java code at work, which boosted my debugging and troubleshooting skills. </p>
<p>I don't hate Java, but I don't love programming in it, either. I will, I guess, always see Java as the necessary to get stuff done (reading code to understand how the service works, adding a tiny feature to make my life easier, adding a quick bug fix to overcome an obstacle...).</p>
<p>Although Java has significantly improved since 1.4, its code still tends to be more boilerplate. Not mainly because due to lines of code (Golang code tends to be quite repetitive, primarily when no generics are used), but due to the levels of abstractions it uses. Class hierarchies can be ten classes or deeper, and it is challenging to understand what the code is doing. Good test coverage and much documentation can mitigate the problem partially. Big enterprises use Java, and that also reflects to the language. There are too many libraries and too many abstractions that are bundled with too many legacy abstractions and interfaces and too many exceptions in the library APIs. There's even an external library named Lombok, which aims to reduce Java boilerplate code. Why is there a need for an external library? It should be all part of Java itself.</p>
<a class="textlink" href="https://projectlombok.org/">https://projectlombok.org/</a><br />
<p>Java needs a clean cut. The clean cut shall be incompatible with previous versions of Java and only promote modern best practices without all the legacy burden carried around. The same can be said for other languages, e.g. Perl, but in Perl, they already attack the problem with the use of flags which change the behaviour of the language to more modern standards. Or do it like Python, where they had a hard (incompatible) cut from version 2 to version 3. It will be painful, for sure. But that would be the only way I would enjoy using that language as one of my primary languages to code new stuff regularly. Currently, my Java will stay limited to very few projects and the more minor things already mentioned in this post. </p>
<p>Am I a Java expert now? No, by far not. But I am better now than before :-).</p>
<p>E-Mail your comments to hi@paul.cyou :-)</p>
            </div>
        </content>
    </entry>
    <entry>
        <title>I tried (Doom) Emacs, but I switched back to (Neo)Vim</title>
        <link href="gemini://foo.zone/gemfeed/2022-11-24-i-tried-emacs-but-i-switched-back-to-neovim.gmi" />
        <id>gemini://foo.zone/gemfeed/2022-11-24-i-tried-emacs-but-i-switched-back-to-neovim.gmi</id>
        <updated>2022-11-24T17:13:52+02:00</updated>
        <author>
            <name>Paul C. Buetow</name>
            <email>comments@mx.buetow.org</email>
        </author>
        <summary>Art by      \ \_!  / __!. .....to read on please visit my site.</summary>
        <content type="xhtml">
            <div xmlns="http://www.w3.org/1999/xhtml">
                <h1>I tried (Doom) Emacs, but I switched back to (Neo)Vim</h1>
<p class="quote"><i>Author: Paul; Published: 2022-11-24T11:17:15+02:00; Updated: 2022-11-26</i></p>
<pre>
             _/  \    _(\(o
             /     \  /  _  ^^^o
            /   !   \/  ! '!!!v'
           !  !  \ _' ( \____
           ! . \ _!\   \===^\)
Art by      \ \_!  / __!
 Gunnar Z.   \!   /    \    &lt;--- Emacs is a giant dragon
       (\_      _/   _\ )
        \ ^^--^^ __-^ /(__ 
         ^^----^^    "^--v'
</pre><br />
<p>As a long-lasting user of Vim (and NeoVim), I always wondered what GNU Emacs is really about, so I decided to try it. I didn't try vanilla GNU Emacs, but Doom Emacs. I chose Doom Emacs as it is a neat distribution of Emacs with Evil mode enabled by default. Evil mode allows Vi(m) key bindings (so to speak, it's emulating Vim within Emacs), and I am pretty sure I won't be ready to give up all the muscle memory I have built over more than a decade.</p>
<a class="textlink" href="https://www.gnu.org/software/emacs/">GNU Emacs</a><br />
<a class="textlink" href="https://github.com/doomemacs/">Doom Emacs</a><br />
<p>I used Doom Emacs for around two months. Still, ultimately I decided to switch back to NeoVim as my primary editor and IDE and Vim (usually pre-installed on Linux-based systems) and Nvi (usually pre-installed on *BSD systems) as my "always available editor" for quick edits. (It is worth mentioning that I don't have a high opinion on whether Vim or NeoVim is the better editor, I prefer NeoVim as it comes with better defaults out of the box, but there is no real blocker to use Vim instead).</p>
<a class="textlink" href="https://www.vim.org">Vim</a><br />
<a class="textlink" href="https://neovim.io">NeoVim</a><br />
<p>So why did I switch back to the Vi-family?</p>
<h2>Emacs is a giant dragon</h2>
<p>Emacs feels like a giant dragon as it is much more than an editor or an integrated development environment. Emacs is a whole platform on its own. There's an E-Mail client, an IRC client, or even games you can run within Emacs. And you can also change Emacs within Emacs using its own Lisp dialect, Emacs Lisp (Emacs is programmed in Emacs Lisp). Therefore, Emacs is also its own programming language. You can change every aspect of Emacs within Emacs itself. People jokingly state Emacs is an operating system and that you should directly use it as the <span class="inlinecode">init 1</span> process (if you don't know what the <span class="inlinecode">init 1</span> process is: Under UNIX and similar operating systems, it's the very first userland processed launched. That's usually <span class="inlinecode">systemd</span> on Linux-based systems, <span class="inlinecode">launchd</span> on macOS, or any other init script or init system used by the OS)!</p>
<p>In many aspects, Emacs is like shooting at everything with a bazooka! However, I prefer it simple. I only wanted Emacs to be a good editor (which it is, too), but there's too much other stuff in Emacs that I don't need to care about! Vim and NeoVim do one thing excellent: Being great text editors and, when loaded with plugins, decent IDEs, too. </p>
<h2>Magit love</h2>
<p>I almost fell in love with Magit, an integrated Git client for Emacs. But I think the best way to interact with Git is to use the <span class="inlinecode">git</span> command line directly. I don't worry about typing out all the commands, as the most commonly used commands are in my shell history. Other useful Git programs I use frequently are <span class="inlinecode">bit</span> and <span class="inlinecode">tig</span>. Also, get a mechanical keyboard that makes hammering whole commands into the terminal even more enjoyable.</p>
<a class="textlink" href="https://magit.vc/">Magit</a><br />
<a class="textlink" href="https://github.com/jonas/tig">Tig</a><br />
<p>Magit is pretty neat for basic Git operations, but I found myself searching the internet for the correct sub-commands to do the things I wanted to do in Git. Mainly, the way how branches are managed is confusing. Often, I fell back to the command line to fix up the mess I produced with Magit (e.g. accidentally pushing to the wrong remote branch, so I found myself fixing things manually on the terminal with the <span class="inlinecode">git</span> command with forced pushes....). Magit is hotkey driven, and common commands are quickly explorable through built-in hotkey menus. Still, I found it challenging to navigate to more advanced Git sub-commands that way which was much easier accomplished by using the <span class="inlinecode">git</span> command directly.</p>
<h2>Graphical UI</h2>
<p>If there is one thing I envy about Emacs is that it's a graphical program, whereas the Vi-family of editors are purely terminal-based. I see the benefits of being a graphical program as this enables the use of multiple fonts simultaneously to embed pictures and graphs (that would be neat as a Markdown preview, for example). There's also GVim (Vim with GTK UI), but that's more of an afterthought.</p>
<p>There are now graphical front-end clients for NeoVim, but I still need to dig into them. Let me know your experience if you have one. Luckily, I don't rely on something graphical in my text editor, but it would improve how the editor looks and feels. UTF8 can already do a lot in the terminal, and terminal emulators also allow you to use TrueType fonts. Still, you will always be limited to one TTF font for the whole terminal, and it isn't possible to have, for example, a different font for headings, paragraphs, etc... you get the idea. TTF+UTF8 can't beat authentic graphics. </p>
<h2>Scripting it</h2>
<p>It is possible to customize every aspect of Emacs through Emacs Lisp. I have done some Elk Scheme programming in the past (a dialect of Lisp), but that was a long time ago, and I am not willing to dive here again to customize my environment. I would instead take the pragmatic approach and script what I need in VimScript (a terrible language, but it gets the job done!). I watched Damian Conway's VimScript course on O'Reilly Safari Books Online, which I greatly recommend. Yes, VimScript feels clunky, funky and weird and is far less elegant than Lisp, but it gets its job done - in most cases! (That reminds me that the Vim team has announced a new major version of VimScript with improvements and language changes made - I haven't gotten to it yet - but I assume that VimScript will always stay VimScript).</p>
<a class="textlink" href="https://en.wikipedia.org/wiki/Emacs_Lisp">Emacs Lisp</a><br />
<a class="textlink" href="http://sam.zoy.org/elk/">Elk Scheme</a><br />
<a class="textlink" href="http://vimscript.org/">VimScript</a><br />
<a class="textlink" href="https://www.oreilly.com/library/view/scripting-vim/9781491996287/">Scripting Vim by Damian Conway</a><br />
<p>NeoVim is also programmable with Lua, which seems to be a step up and Vim comes with a Perl plugin API (which was removed from NeoVim, but that is a different story - why would someone remove the most potent mature text manipulation programming language from one of the most powerful text editors?).</p>
<a class="textlink" href="https://neovim.io/doc/user/lua.html">NeoVim Lua API</a><br />
<p>One example is my workflow of how I compose my blog articles (e.g. this one you are currently reading): I am writing everything in NeoVim, but I also want to have every paragraph checked against Grammarly (as English is not my first language). So I write a whole paragraph, then I select the entire paragraph via visual selection with <span class="inlinecode">SHIFT+v</span>, and then I press <span class="inlinecode">,y</span> to yank the paragraph to the systems clipboard, then I paste the paragraph to Grammarly's browser window with <span class="inlinecode">CTRL+v</span>, let Grammarly suggest the improvements, and then I copy the result back with <span class="inlinecode">CTRL+c</span> to the system clipboard and in NeoVim I type <span class="inlinecode">,i</span> to insert the result back overriding the old paragraph (which is still selected in visual mode) with the new content. That all sounds a bit complicated, but it's surprisingly natural and efficient.</p>
<p>To come back to the example, for the clipboard integration, I use this small VimScript snippet, and I didn't have to dig into any Lisp or Perl for this:</p>
<pre>
" Clipboard
vnoremap ,y !pbcopy&lt;CR&gt;ugv
vnoremap ,i !pbpaste&lt;CR&gt;
nmap ,i !wpbpaste&lt;CR&gt;
</pre><br />
<p>That's only a very few lines and does precisely what I want. It's quick and dirty but get's the job done! If VimScript becomes too cumbersome, I can use Lua for NeoVim scripting.</p>
<h2>The famous Emacs Org mode</h2>
<p>Org-mode is an Emacs mode for keeping notes, authoring documents, computational notebooks, literate programming, maintaining to-do lists, planning projects, and more — in a fast and effective plain-text system. There's even a dedicated website for it:</p>
<a class="textlink" href="https://orgmode.org/">https://orgmode.org/</a><br />
<p>In short, Org-mode is an "interactive markup language" that helps you organize everything mentioned above. I rarely touched the surface during my two-month experiment with Emacs, and I am impressed by it, so I see the benefits of having that. But it's not for me.</p>
<p>I use "Dead Tree Mode" to organize my work and notes. Dead tree? Yeah, I use an actual pen and a real paper journal (Leuchtturm or a Moleskine and a set of coloured <span class="inlinecode">0.5</span> Muji Pens are excellent choices). That's far more immersive and flexible than a computer program can ever be. Yes, some automation and interaction with the computer (like calendar scheduling etc.) are missing. Still, an actual paper journal forces you to stay simple and focus on the actual work rather than tinkering with your computer program. (But I could not resist, and I wrote a VimScript which parses a table of contents page in Markdown format of my scanned paper journals, and NeoVim allows me to select a topic so that the corresponding PDF scan on the right journal page gets opened in an external PDF viewer (the PDF viewer is <span class="inlinecode">zathura</span>, it uses Vi-keybindings, of course) :-). (See the appendix of this blog post for that script).</p>
<a class="textlink" href="https://pwmt.org/projects/zathura/">Zathura</a><br />
<p>On the road, I also write some of my notes in Markdown format to NextCloud Notes, which is editable from my phone and via NeoVim on my computers. Markdown is much less powerful than Org-mode, but I prefer it the simple way. There's a neat terminal application, <span class="inlinecode">ranger</span>, which I use to browse my NextCloud Notes when they are synced to a local folder on my machine. <span class="inlinecode">ranger</span> is a file manager inspired by Vim and therefore makes use of Vim keybindings and it feels just natural to me. </p>
<a class="textlink" href="https://github.com/ranger/ranger">Ranger - A Vim inspired file manager</a><br />
<p>Did I mention that I also use my <span class="inlinecode">zsh</span> (my default shell) and my <span class="inlinecode">tmux</span> (terminal multiplexer) in Vi-mode?</p>
<a class="textlink" href="https://zsh.sourceforge.io/">Z shell</a><br />
<a class="textlink" href="https://github.com/tmux/tmux">tmux terminal multiplexer</a><br />
<h2>Seeking simplicity</h2>
<p>I am not ready to dive deep into the whole world of Emacs. I prefer small and simple tools as opposed to complex tools. Emacs comes with many features out of the box, whereas in Vim/NeoVim, you would need to install many plugins to replicate some of the behaviour. Yes, I need to invest time managing all the Vim/NeoVim plugins I use, but I feel more in control compared to Doom Emacs, where a framework around vanilla Emacs manages all the plugins. I could use vanilla Emacs and manage all my plugins the vanilla way, but for me, it's not worth the effort to learn and dive into that as all that I want to do I can already do with Vim/NeoVim.</p>
<p>I am not saying that Vim/NeoVim are simple programs, but they are much simpler than Emacs with much smaller footprints; furthermore, they appear to be more straightforward as I am used to them. I only need Vim/NeoVim to be an editor, an IDE (through some plugins), and nothing more.</p>
<h2>Conclusion</h2>
<p>I understand the Emacs users now. Emacs is an incredibly powerful platform for almost everything, not just text editing. With Emacs, you can do nearly everything (Writing, editing, programming, calendar scheduling and note taking, Jira integration, playing games, listening to music, reading/writing emails, browsing the web, using as a calculator, generating HTML pages, configuring interactive menus, jumping around between every feature and every file within one single session, chat on IRC, surf the Gopherspace, ... the options are endless....). If you want to have one piece of software which rules it all and you are happy to invest a large part of your time in your platform: Pick Emacs, and over time Emacs will become "your" Emacs, customized to your own needs and change the way it works, which makes the Emacs users stick even more to it.</p>
<p>Vim/NeoVim also comes with a very high degree of customization options, but to a lesser extreme than Emacs (but still, a much higher degree than most other editors out there). If you want the best text editor in the world, which can also be tweaked to be a decent IDE, you are only looking for: Pick Vim or NeoVim! You would also need to invest a lot of time in learning, tweaking and customizing Vim/NeoVim, but that's a little more straightforward, and the result is much more lightweight once you get used to the "Vi way of doing things" you never would want to change back. I haven't tried the Emacs vanilla keystrokes, but they are terrible (that's probably one of the reasons why Doom Emacs uses Vim keybindings by default).</p>
<p class="quote"><i>Update: One reader recommended to have a look at NvChad. NvChad is a NeoVim config written in Lua aiming to provide a base configuration with very beautiful UI and blazing fast startuptime (around <span class="inlinecode">0.02</span> secs ~ <span class="inlinecode">0.07</span> secs). They tweak UI plugins such as telescope, nvim-tree, bufferline etc well to provide an aesthetic UI experience. That sounds interesting!</i></p>
<a class="textlink" href="https://github.com/NvChad/NvChad">https://github.com/NvChad/NvChad</a><br />
<p>E-Mail your comments to hi@paul.cyou :-)</p>
<h1>Appendix</h1>
<p>This is the VimScript I mentioned earlier, which parses a table of contents index of my scanned paper journals and opens the corresponding PDF at the right page in <span class="inlinecode">zathura</span>:</p>
<pre>
function! ReadJournalPageNumber()
    let page = expand("&lt;cword&gt;")
    if page !~# '^\d\+$'
        for str in split(getline("."), "[ ,]")
            if str =~# '^\d\+$'
                let page = str
                break
            end
        endfor
    endif
    return page
endfunction

function! ReadJournalMeta()
    normal! mj

    1/MetaFilePath:/
    normal! 3w
    let s:metaFilePath = expand("&lt;cWORD&gt;")
    echom s:metaFilePath

    1/MetaOffset:/
    normal! 3w
    let s:metaOffset = expand("&lt;cword&gt;")
    echom s:metaOffset

    1/MetaPageAtOffset:/
    normal! 3w
    let s:metaPageAtOffset = expand("&lt;cword&gt;")
    echom s:metaPageAtOffset

    1/MetaPagesPerScan:/
    normal! 3w
    let s:metaPagesPerScan = expand("&lt;cword&gt;")
    echom s:metaPagesPerScan

    normal! `j
endfunction

function! GetPdfPage(page)
    return s:metaOffset + (a:page - s:metaPageAtOffset) / s:metaPagesPerScan
endfunction

function! OpenJournalPage()
    let page = ReadJournalPageNumber()
    if page !~# '^\d\+$'
        echoerr "Could not identify Journal page number"
    end
    call ReadJournalMeta()
    let pdfPage = GetPdfPage(page)
    echon "Location is " . s:metaFilePath . ":" . pdfPage
    call system("zathura --mode fullscreen -P " . pdfPage . " " . s:metaFilePath)
    " call system("evince -p " . pdfPage . " " . s:metaFilePath)
endfunction

nmap ,j :call OpenJournalPage()&lt;CR&gt;
</pre><br />
            </div>
        </content>
    </entry>
    <entry>
        <title>Installing DTail on OpenBSD</title>
        <link href="gemini://foo.zone/gemfeed/2022-10-30-installing-dtail-on-openbsd.gmi" />
        <id>gemini://foo.zone/gemfeed/2022-10-30-installing-dtail-on-openbsd.gmi</id>
        <updated>2022-10-30T17:13:52+02:00</updated>
        <author>
            <name>Paul C. Buetow</name>
            <email>comments@mx.buetow.org</email>
        </author>
        <summary>This will be a quick blog post, as I am busy with my personal life now. I have relocated to a different country and am still busy arranging things. So bear with me :-). .....to read on please visit my site.</summary>
        <content type="xhtml">
            <div xmlns="http://www.w3.org/1999/xhtml">
                <h1>Installing DTail on OpenBSD</h1>
<p class="quote"><i>Author: Paul; Published: 2022-10-30T11:03:19+02:00</i></p>
<pre>
       ,_---~~~~~----._
 _,,_,*^____      _____``*g*\"*,
/ __/ /'     ^.  /      \ ^@q   f
 @f   |       |  |       |  0 _/
\`/   \~__((@/ __ \__((@/    \
 |           _l__l_           I    &lt;--- The Go Gopher
 }          [______]           I
 ]            | | |            |
 ]             ~ ~             |
 |                            |
  |                           |
  |                           |       A       ;
~~~~~~~~~~~~~~~~~~~~~~~~~~~~|~~~,--,-/ \---,-/|~~,~~~~~~~~~~~~~~~~~~~~~~~~~~~
                           _|\,'. /|      /|   `/|-.
                       \`.'    /|      ,            `;.
                      ,'\   A     A         A   A _ /| `.;
                    ,/  _              A       _  / _   /|  ;
                   /\  / \   ,  ,           A  /    /     `/|
                  /_| | _ \         ,     ,             ,/  \
                 // | |/ `.\  ,-      ,       ,   ,/ ,/      \/
                 / @| |@  / /'   \  \      ,              &gt;  /|    ,--.
                |\_/   \_/ /      |  |           ,  ,/        \  ./' __:..
                |  __ __  |       |  | .--.  ,         &gt;  &gt;   |-'   /     `
              ,/| /  '  \ |       |  |     \      ,           |    /
             /  |&lt;--.__,-&gt;|       |  | .    `.        &gt;  &gt;    /   (
            /_,' \\  ^  /  \     /  /   `.    &gt;--            /^\   |
                  \\___/    \   /  /      \__'     \   \   \/   \  |
                   `.   |/          ,  ,                  /`\    \  )
                     \  '  |/    ,       V    \          /        `-\
 OpenBSD Puffy ---&gt;   `|/  '  V      V           \    \.'            \_
                       '`-.       V       V        \./'\
                           `|/-.      \ /   \ /,---`\         kat
                            /   `._____V_____V'
                                       '     '
</pre><br />
<p>This will be a quick blog post, as I am busy with my personal life now. I have relocated to a different country and am still busy arranging things. So bear with me :-)</p>
<p> In this post, I want to give a quick overview (or how-to) about installing DTail on OpenBSD, as the official documentation only covers Red Hat and Fedora Linux! And this blog post will also be used as my reference!</p>
<a class="textlink" href="https://dtail.dev">https://dtail.dev</a><br />
<p>I am using Rexify for my OpenBSD automation. Check out the following article covering my Rex setup in a little bit more detail:</p>
<a class="textlink" href="https://foo.zone/gemfeed/2022-07-30-lets-encrypt-with-openbsd-and-rex.html">Let's Encrypt with OpenBSD and Rex</a><br />
<p>I will also mention some relevant <span class="inlinecode">Rexfile</span> snippets in this post!</p>
<h2>Compile it</h2>
<p>First of all, DTail needs to be downloaded and compiled. For that, <span class="inlinecode">git</span>, <span class="inlinecode">go</span>, and <span class="inlinecode">gmake</span> are required:</p>
<pre>
$ doas pkg_add git go gmake
</pre><br />
<p>I am happy that the Go Programming Language is readily available in the OpenBSD packaging system. Once the dependencies got installed, clone DTail and compile it:</p>
<pre>
$ mkdir git
$ cd git
$ git clone https://github.com/mimecast/dtail
$ cd dtail
$ gmake 
</pre><br />
<p>You can verify the version by running the following command:</p>
<pre>
$ ./dtail --version
 DTail  4.1.0  Protocol 4.1  Have a lot of fun!
$ file dtail
 dtail: ELF 64-bit LSB executable, x86-64, version 1
</pre><br />
<p>Now, there isn't any need anymore to keep <span class="inlinecode">git</span>, <span class="inlinecode">go</span> and <span class="inlinecode">gmake</span>, so they can be deinstalled now:</p>
<pre>
$ doas pkg_delete git go gmake
</pre><br />
<p>One day I shall create an official OpenBSD port for DTail.</p>
<h2>Install it</h2>
<p>Installing the binaries is now just a matter of copying them to <span class="inlinecode">/usr/local/bin</span> as follows:</p>
<pre>
$ for bin in dserver dcat dgrep dmap dtail dtailhealth; do
  doas cp -p $bin /usr/local/bin/$bin
  doas chown root:wheel /usr/local/bin/$bin
done
</pre><br />
<p>Also, we will be creating the <span class="inlinecode">_dserver</span> service user:</p>
<pre>
$ doas adduser -class nologin -group _dserver -batch _dserver
$ doas usermod -d /var/run/dserver/ _dserver
</pre><br />
<p>The OpenBSD init script is created from scratch (not part of the official DTail project). Run the following to install the bespoke script:</p>
<pre>
$ cat &lt;&lt;'END' | doas tee /etc/rc.d/dserver
#!/bin/ksh

daemon="/usr/local/bin/dserver"
daemon_flags="-cfg /etc/dserver/dtail.json"
daemon_user="_dserver"

. /etc/rc.d/rc.subr

rc_reload=NO

rc_pre() {
    install -d -o _dserver /var/log/dserver
    install -d -o _dserver /var/run/dserver/cache
}

rc_cmd $1 &amp;
END
$ doas chmod 755 /etc/rc.d/dserver
</pre><br />
<h3>Rexification</h3>
<p>This is the task for setting it up via Rex. Note the <span class="inlinecode">. . . .</span>, that's a placeholder which we will fill up more and more during this blog post:</p>
<pre>
desc 'Setup DTail';
task 'dtail', group =&gt; 'frontends',
   sub {
      my $restart = FALSE;

      file '/etc/rc.d/dserver':
        content =&gt; template('./etc/rc.d/dserver.tpl'),
        owner =&gt; 'root',
        group =&gt; 'wheel',
        mode =&gt; '755',
        on_change =&gt; sub { $restart = TRUE };

        .
        .
        .
        .

      service 'dserver' =&gt; 'restart' if $restart;
      service 'dserver', ensure =&gt; 'started';
   };
</pre><br />
<h2>Configure it</h2>
<p>Now, DTail is fully installed but still needs to be configured. Grab the default config file from GitHub ...</p>
<pre>
$ doas mkdir /etc/dserver
$ curl https://raw.githubusercontent.com/mimecast/dtail/master/samples/dtail.json.sample |
    doas tee /etc/dserver/dtail.json
</pre><br />
<p>... and then edit it and adjust <span class="inlinecode">LogDir</span> in the <span class="inlinecode">Common</span> section to <span class="inlinecode">/var/log/dserver</span>. The result will look like this:</p>
<pre>
  "Common": {
    "LogDir": "/var/log/dserver",
    "Logger": "Fout",
    "LogRotation": "Daily",
    "CacheDir": "cache",
    "SSHPort": 2222,
    "LogLevel": "Info"
  }
</pre><br />
<h3>Rexification</h3>
<p>That's as simple as adding the following to the Rex task:</p>
<pre>
file '/etc/dserver',
  ensure =&gt; 'directory';

file '/etc/dserver/dtail.json',
  content =&gt; template('./etc/dserver/dtail.json.tpl'),
  owner =&gt; 'root',
  group =&gt; 'wheel',
  mode =&gt; '755',
  on_change =&gt; sub { $restart = TRUE };
</pre><br />
<h2>Update the key cache for it</h2>
<p>DTail relies on SSH for secure authentication and communication. However, the system user <span class="inlinecode">_dserver</span> has no permission to read the SSH public keys from the user's home directories, so the DTail server also checks for available public keys in an alternative path <span class="inlinecode">/var/run/dserver/cache</span>. </p>
<p>The following script, populating the DTail server key cache, can be run periodically via <span class="inlinecode">CRON</span>:</p>
<pre>
$ cat &lt;&lt;'END' | doas tee /usr/local/bin/dserver-update-key-cache.sh
#!/bin/ksh

CACHEDIR=/var/run/dserver/cache
DSERVER_USER=_dserver
DSERVER_GROUP=_dserver

echo 'Updating SSH key cache'

ls /home/ | while read remoteuser; do
    keysfile=/home/$remoteuser/.ssh/authorized_keys

    if [ -f $keysfile ]; then
        cachefile=$CACHEDIR/$remoteuser.authorized_keys
        echo "Caching $keysfile -&gt; $cachefile"

        cp $keysfile $cachefile
        chown $DSERVER_USER:$DSERVER_GROUP $cachefile
        chmod 600 $cachefile
    fi
done

# Cleanup obsolete public SSH keys
find $CACHEDIR -name \*.authorized_keys -type f |
while read cachefile; do
    remoteuser=$(basename $cachefile | cut -d. -f1)
    keysfile=/home/$remoteuser/.ssh/authorized_keys

    if [ ! -f $keysfile ]; then
        echo 'Deleting obsolete cache file $cachefile'
        rm $cachefile
    fi
done

echo 'All set...'
END
$ doas chmod 500 /usr/local/bin/dserver-update-key-cache.sh
</pre><br />
<p>Note that the script above is a slight variation of the official DTail script. The official DTail one is a <span class="inlinecode">bash</span> script, but on OpenBSD, there's <span class="inlinecode">ksh</span>. I run it once daily by adding it to the <span class="inlinecode">daily.local</span>:</p>
<pre>
$ echo /usr/local/bin/dserver-update-key-cache.sh | doas tee -a /etc/daily.local
/usr/local/bin/dserver-update-key-cache.sh
</pre><br />
<h3>Rexification</h3>
<p>That's done by adding ...</p>
<pre>
file '/usr/local/bin/dserver-update-key-cache.sh',
  content =&gt; template('./scripts/dserver-update-key-cache.sh.tpl'),
  owner =&gt; 'root',
  group =&gt; 'wheel',
  mode =&gt; '500';

append_if_no_such_line '/etc/daily.local', '/usr/local/bin/dserver-update-key-cache.sh';
</pre><br />
<p>... to the Rex task!</p>
<h2>Start it</h2>
<p>Now, it's time to enable and start the DTail server:</p>
<pre>
$ sudo rcctl enable dserver
$ sudo rcctl start dserver
$ tail -f /var/log/dserver/*.log
INFO|1022-090634|Starting scheduled job runner after 2s
INFO|1022-090634|Starting continuous job runner after 2s
INFO|1022-090644|24204|stats.go:53|2|11|7|||MAPREDUCE:STATS|currentConnections=0|lifetimeConnections=0
INFO|1022-090654|24204|stats.go:53|2|11|7|||MAPREDUCE:STATS|currentConnections=0|lifetimeConnections=0
INFO|1022-090719|Starting server|DTail 4.1.0 Protocol 4.1 Have a lot of fun!
INFO|1022-090719|Generating private server RSA host key
INFO|1022-090719|Starting server
INFO|1022-090719|Binding server|0.0.0.0:2222
INFO|1022-090719|Starting scheduled job runner after 2s
INFO|1022-090719|Starting continuous job runner after 2s
INFO|1022-090729|86050|stats.go:53|2|11|7|||MAPREDUCE:STATS|currentConnections=0|lifetimeConnections=0
INFO|1022-090739|86050|stats.go:53|2|11|7|||MAPREDUCE:STATS|currentConnections=0|lifetimeConnect
.
.
.
Ctr+C
</pre><br />
<p>As we don't want to wait until tomorrow, let's populate the key cache manually:</p>
<pre>
$ doas /usr/local/bin/dserver-update-key-cache.sh
Updating SSH key cache
Caching /home/_dserver/.ssh/authorized_keys -&gt; /var/cache/dserver/_dserver.authorized_keys
Caching /home/admin/.ssh/authorized_keys -&gt; /var/cache/dserver/admin.authorized_keys
Caching /home/failunderd/.ssh/authorized_keys -&gt; /var/cache/dserver/failunderd.authorized_keys
Caching /home/git/.ssh/authorized_keys -&gt; /var/cache/dserver/git.authorized_keys
Caching /home/paul/.ssh/authorized_keys -&gt; /var/cache/dserver/paul.authorized_keys
Caching /home/rex/.ssh/authorized_keys -&gt; /var/cache/dserver/rex.authorized_keys
All set...
</pre><br />
<h2>Use it</h2>
<p>The DTail server is now ready to serve connections. You can use any DTail commands, such as <span class="inlinecode">dtail</span>, <span class="inlinecode">dgrep</span>, <span class="inlinecode">dmap</span>, <span class="inlinecode">dcat</span>, <span class="inlinecode">dtailhealth</span>, to do so. Checkout out all the usage examples on the official DTail page.</p>
<p>I have installed DTail server this way on my personal OpenBSD frontends <span class="inlinecode">blowfish</span>, and <span class="inlinecode">fishfinger</span>, and the following command connects as user <span class="inlinecode">rex</span> to both machines and greps the file <span class="inlinecode">/etc/fstab</span> for the string <span class="inlinecode">local</span>:</p>
<pre>
❯ ./dgrep -user rex -servers blowfish.buetow.org,fishfinger.buetow.org --regex local /etc/fstab
CLIENT|earth|WARN|Encountered unknown host|{blowfish.buetow.org:2222 0xc0000a00f0 0xc0000a61e0 [blowfish.buetow.org]:2222 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9ZnF/LAk14SgqCzk38yENVTNfqibcluMTuKx1u53cKSp2xwHWzy0Ni5smFPpJDIQQljQEJl14ZdXvhhjp1kKHxJ79ubqRtIXBlC0PhlnP8Kd+mVLLHYpH9VO4rnaSfHE1kBjWkI7U6lLc6ks4flgAgGTS5Bb7pLAjwdWg794GWcnRh6kSUEQd3SftANqQLgCunDcP2Vc4KR9R78zBmEzXH/OPzl/ANgNA6wWO2OoKKy2VrjwVAab6FW15h3Lr6rYIw3KztpG+UMmEj5ReexIjXi/jUptdnUFWspvAmzIl6kwzzF8ExVyT9D75JRuHvmxXKKjyJRxqb8UnSh2JD4JN [23.88.35.144]:2222 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9ZnF/LAk14SgqCzk38yENVTNfqibcluMTuKx1u53cKSp2xwHWzy0Ni5smFPpJDIQQljQEJl14ZdXvhhjp1kKHxJ79ubqRtIXBlC0PhlnP8Kd+mVLLHYpH9VO4rnaSfHE1kBjWkI7U6lLc6ks4flgAgGTS5Bb7pLAjwdWg794GWcnRh6kSUEQd3SftANqQLgCunDcP2Vc4KR9R78zBmEzXH/OPzl/ANgNA6wWO2OoKKy2VrjwVAab6FW15h3Lr6rYIw3KztpG+UMmEj5ReexIjXi/jUptdnUFWspvAmzIl6kwzzF8ExVyT9D75JRuHvmxXKKjyJRxqb8UnSh2JD4JN 0xc0000a2180}
CLIENT|earth|WARN|Encountered unknown host|{fishfinger.buetow.org:2222 0xc0000a0150 0xc000460110 [fishfinger.buetow.org]:2222 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNiikdL7+tWSN0rCaw1tOd9aQgeUFgb830V9ejkyJ5h93PKLCWZSMMCtiabc1aUeUZR//rZjcPHFLuLq/YC+Y3naYtGd6j8qVrcfG8jy3gCbs4tV9SZ9qd5E24mtYqYdGlee6JN6kEWhJxFkEwPfNlG+YAr3KC8lvEAE2JdWvaZavqsqMvHZtAX3b25WCBf2HGkyLZ+d9cnimRUOt+/+353BQFCEct/2mhMVlkr4I23CY6Tsufx0vtxx25nbFdZias6wmhxaE9p3LiWXygPWGU5iZ4RSQSImQz4zyOc9rnJeP1rwGk0OWDJhdKNXuf0kIPdzMfwxv2otgY32/DJj6L [46.23.94.99]:2222 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNiikdL7+tWSN0rCaw1tOd9aQgeUFgb830V9ejkyJ5h93PKLCWZSMMCtiabc1aUeUZR//rZjcPHFLuLq/YC+Y3naYtGd6j8qVrcfG8jy3gCbs4tV9SZ9qd5E24mtYqYdGlee6JN6kEWhJxFkEwPfNlG+YAr3KC8lvEAE2JdWvaZavqsqMvHZtAX3b25WCBf2HGkyLZ+d9cnimRUOt+/+353BQFCEct/2mhMVlkr4I23CY6Tsufx0vtxx25nbFdZias6wmhxaE9p3LiWXygPWGU5iZ4RSQSImQz4zyOc9rnJeP1rwGk0OWDJhdKNXuf0kIPdzMfwxv2otgY32/DJj6L 0xc0000a2240}
Encountered 2 unknown hosts: 'blowfish.buetow.org:2222,fishfinger.buetow.org:2222'
Do you want to trust these hosts?? (y=yes,a=all,n=no,d=details): a
CLIENT|earth|INFO|STATS:STATS|cgocalls=11|cpu=8|connected=2|servers=2|connected%=100|new=2|throttle=0|goroutines=19
CLIENT|earth|INFO|Added hosts to known hosts file|/home/paul/.ssh/known_hosts
REMOTE|blowfish|100|7|fstab|31bfd9d9a6788844.h /usr/local ffs rw,wxallowed,nodev 1 2
REMOTE|fishfinger|100|7|fstab|093f510ec5c0f512.h /usr/local ffs rw,wxallowed,nodev 1 2
</pre><br />
<p>Running it the second time, and given that you trusted the keys the first time, it won't prompt you for the host keys anymore:</p>
<pre>
❯ ./dgrep -user rex -servers blowfish.buetow.org,fishfinger.buetow.org --regex local /etc/fstab
REMOTE|blowfish|100|7|fstab|31bfd9d9a6788844.h /usr/local ffs rw,wxallowed,nodev 1 2
REMOTE|fishfinger|100|7|fstab|093f510ec5c0f512.h /usr/local ffs rw,wxallowed,nodev 1 2
</pre><br />
<h2>Conclusions</h2>
<p>It's a bit of manual work, but it's ok on this small scale! I shall invest time in creating an official OpenBSD port, though. That would render most of the manual steps obsolete, as outlined in this post!</p>
<p>Check out the following for more information:</p>
<a class="textlink" href="https://dtail.dev">https://dtail.dev</a><br />
<a class="textlink" href="https://github.com/mimecast/dtail">https://github.com/mimecast/dtail</a><br />
<a class="textlink" href="https://www.rexify.org">https://www.rexify.org</a><br />
<p>E-Mail your comments to hi@paul.cyou :-)</p>
            </div>
        </content>
    </entry>
    <entry>
        <title>After a bad night's sleep</title>
        <link href="gemini://foo.zone/gemfeed/2022-09-30-after-a-bad-nights-sleep.gmi" />
        <id>gemini://foo.zone/gemfeed/2022-09-30-after-a-bad-nights-sleep.gmi</id>
        <updated>2022-09-30T17:13:52+03:00</updated>
        <author>
            <name>Paul C. Buetow</name>
            <email>comments@mx.buetow.org</email>
        </author>
        <summary>Everyone has it once in a while: A bad night's sleep. Here I attempt to list valuable tips on how to deal with it.. .....to read on please visit my site.</summary>
        <content type="xhtml">
            <div xmlns="http://www.w3.org/1999/xhtml">
                <h1>After a bad night's sleep</h1>
<p class="quote"><i>Author: Paul; Published: 2022-09-30T09:53:23+03:00; Updated: 2022-10-12</i></p>
<pre>
               z
                z
                 Z
       .--.  Z Z
      / _(c\   .-.     __
     | / /  '-;   \'-'`  `\______
     \_\/'/ __/ )  /  )   |      \--,
     | \`""`__-/ .'--/   /--------\  \
      \\`  ///-\/   /   /---;-.    '-'
jgs                (________\  \
                             '-'
</pre><br />
<p>Everyone has it once in a while: A bad night's sleep. Here I attempt to list valuable tips on how to deal with it.</p>
<h2>Don't take the day off.</h2>
<p>Don't take a day off after not sleeping enough the previous night. That would be wasting the holiday allowance. It wouldn't be possible to enjoy my free time anyway, so why not just work? There's still a way for an IT Engineer to be productive (sometimes even more) with half or less of the concentration power available!</p>
<h2>Start work early</h2>
<p>Probably I am already awake early and am unable to fall asleep again. My strategy here is to "attack" the day: Start work early and finish early. The early bird will also encounter fewer distractions from colleagues.</p>
<h2>Sweat the small stuff</h2>
<p>There's never a shortage of small items to hook off my list. Most of these items don't require my full concentration power, and I will be happy to get them off my list so that the next day, after a good night's sleep, I can immerse myself again in focused, deep work with all concentration powers at hand.</p>
<p>Examples of "small work items" are:</p>
<ul>
<li>Tidying up the workspace.</li>
<li>Installing pending computer software updates.</li>
<li>Going through the work backlog: Create new tickets, close obsolete ones, and roughly pre-plan upcoming work.</li>
<li>Finishing off the easy tickets from the current sprint.</li>
<li>Going through any tedious paperwork.</li>
<li>Catch up with the journal and mark off all trivial action items.</li>
</ul>
<h2>Enter the flow state</h2>
<p>I find it easy to enter the "flow state" after a bad night's sleep. All I need to do is to put on some ambient music (preferably instrumental chill house) and start to work on a not-too-difficult ticket.</p>
<p>Usually, the "flow state" is associated with deep-focused work, but deep-focused work isn't easily possible under sleep deprivation. It's still possible to be in the flow by working on more manageable tasks and leaving the difficult ones for the next day.</p>
<h2>Reschedule meetings</h2>
<p>I find engaging in discussions and demanding meetings challenging after a lousy night's sleep. I still attend the sessions I am invited to as "only" a participant, but I prefer to reschedule all meetings I am the primary driver of.</p>
<p>This, unfortunately, also includes interviews. Interviews require full concentration power. So for interviews, I would find a colleague to step in for me or ask to reschedule the interview altogether. Everything else wouldn't make it justice and would waste everyone's time!</p>
<h2>Invent</h2>
<p>The mind works differently under sleep deprivation: It's easier to invent new stuff as it's easier to have a look at things from different perspectives. Until an hour ago, I didn't know yet what I would be blogging about for this month, and then I just started writing this, and it took me only half an hour to write the first draft of this blog post!</p>
<h2>Fast</h2>
<p>I don't eat breakfast, and I don't eat lunch on these days. I only have dinner. Not eating means my mind doesn't get foggy, and I keep up the work momentum. This is called intermittent fasting, which not only generally helps to keep the weight under control and boosts the concentration power. Furthermore, intermittent fasting is healthy. You should include it in your routine, even after a good night's sleep.</p>
<h2>Stretch</h2>
<p>I won't have enough energy for strenuous physical exercise on those days, but a 30 to a 60-minute stretching session can make the day. Stretching will even hurt less under sleep deprivation! The stretching could also be substituted with a light Yoga session.</p>
<h2>Walk</h2>
<p>Walking is healthy, and the time can be used to listen to interesting podcasts. The available concentration power might not be enough for more sophisticated audio literature. I will have enough energy for one or two daily walks (~10k steps for the day in total). Sometimes, I listen to music during walks. I also try to catch the bright sunlight.</p>
<h2>Red Bull</h2>
<p>I don't think that Red Bull is a healthy drink. But once in a while, a can in the early afternoon brings wonders, and productivity will skyrocket. Other than Red Bull, drink a lot of water throughout the day. Don't forget to drink the sugar-free version; otherwise, your intermittent fast will be broken.</p>
<h2>Power nap</h2>
<p>I don't know how to "enforce" a nap, but sometimes I manage to power nap, and it helps wonders. A 30-minute nap sometimes brings me back to normal. If you don't tend to fast as you are too hungry, it helps to try to nap approximately 30 minutes after eating something.</p>
<h2>Don't take anything personally.</h2>
<p>It's much more challenging to keep the mind "under control" in this state. Every annoyance can potentially upset, which could reflect on the work colleagues. It is wise to attempt to go with a positive attitude into the day, always smile and be polite to the family and colleagues at work. Don't let anything drop out to the people next; they don't deserve it as they didn't do anything wrong! Also, remember, it can't be controlled at all. It's time to let go of the annoyances for the day.</p>
<h2>Meditate</h2>
<p>To keep the good vibe, it helps to meditate for 10 minutes. Meditation must nothing be fancy. It can be just lying on the sofa and observing your thoughts as they come and go. Don't judge your thoughts, as that could put you in a negative mood. It's not necessary to sit in an uncomfortable Yoga pose, and it is not required to chant "Ohhmmmmm".</p>
<h2>Write things down</h2>
<p>Sometimes something requiring more concentration power demands time. This is where it helps to write a note in a journal and return to it another day. This doesn't mean slacking off but managing the rarely available concentration power for the day. I might repeat myself: Today, sweat all the small stuff. Tomorrow, do the deep-focused work on that crucial project again.</p>
<p>It's easier to forget things on those days, so everything should be written down so that it can be worked off later. Things written down will not be overlooked!</p>
<h2>Social media</h2>
<p>I wouldn't say I like checking social media, as it can consume a lot of time and can become addictive. But once in a while, I want to catch up with my "networks". After a bad night's sleep, it's the perfect time to check your social media. Once done, you don't have to do it anymore for the next couple of days!</p>
<p>E-Mail your comments to hi@paul.cyou :-)</p>
            </div>
        </content>
    </entry>
    <entry>
        <title>Gemtexter 1.1.0 - Let's Gemtext again</title>
        <link href="gemini://foo.zone/gemfeed/2022-08-27-gemtexter-1.1.0-lets-gemtext-again.gmi" />
        <id>gemini://foo.zone/gemfeed/2022-08-27-gemtexter-1.1.0-lets-gemtext-again.gmi</id>
        <updated>2022-08-27T17:13:52+03:00</updated>
        <author>
            <name>Paul C. Buetow</name>
            <email>comments@mx.buetow.org</email>
        </author>
        <summary>I am proud to announce that I've released Gemtexter version . What is Gemtexter? It's my static site generator written in GNU Bash:. .....to read on please visit my site.</summary>
        <content type="xhtml">
            <div xmlns="http://www.w3.org/1999/xhtml">
                <h1>Gemtexter 1.1.0 - Let's Gemtext again</h1>
<p class="quote"><i>Author: Paul; Published: 2022-08-27T18:25:57+01:00</i></p>
<pre>
-=[ typewriter ]=-  1/98

       .-------.
      _|~~ ~~  |_
    =(_|_______|_)=
      |:::::::::|
      |:::::::[]|
      |o=======.|
 jgs  `"""""""""`
</pre><br />
<p>I am proud to announce that I've released Gemtexter version <span class="inlinecode">1.1.0</span>. What is Gemtexter? It's my static site generator written in GNU Bash:</p>
<a class="textlink" href="https://foo.zone/gemfeed/2021-06-05-gemtexter-one-bash-script-to-rule-it-all.html">Gemtexter - One Bash script to rule it all</a><br />
<a class="textlink" href="https://codeberg.org/snonux/gemtexter">https://codeberg.org/snonux/gemtexter</a><br />
<p>It has been around a year since I released the first version <span class="inlinecode">1.0.0</span>. Although, there aren't any groundbreaking changes, there have been a couple of smaller commits and adjustments. I was quite surprised that I received a bunch of feedback and requests about Gemtexter so it means that I am not the only person in the universe actually using it.</p>
<h2>What's new?</h2>
<h3>Automatic check for GNU version requirements</h3>
<p>Gemtexter relies on the GNU versions of the tools <span class="inlinecode">grep</span>, <span class="inlinecode">sed</span> and <span class="inlinecode">date</span> and it also requires the Bash shell in version 5 at least. That's now done in the <span class="inlinecode">check_dependencies()</span> function:</p>
<pre>
check_dependencies () {
    # At least, Bash 5 is required
    local -i required_version=5
    IFS=. read -ra version &lt;&lt;&lt; "$BASH_VERSION"
    if [ "${version[0]}" -lt $required_version ]; then
        log ERROR "ERROR, \"bash\" must be at least at major version $required_version!"
        exit 2
    fi

    # These must be the GNU versions of the commands
    for tool in $DATE $SED $GREP; do
        if ! $tool --version | grep -q GNU; then
            log ERROR "ERROR, \"$tool\" command is not the GNU version, please install!"
            exit 2
        fi
    done
}
</pre><br />
<p>Especially macOS users didn't read the <span class="inlinecode">README</span> carefully enough to install GNU Grep, GNU Sed and GNU Date before using Gemtexter.</p>
<h3>Backticks now produce <span class="inlinecode">inline code blocks</span> in the HTML output</h3>
<p>The Gemtext format doesn't support inline code blocks, but Gemtexter now produces <span class="inlinecode">inline code blocks</span> (means, small code fragments can be placed in the middle of a paragraph) in the HTML output when the code block is enclosed with Backticks. There were no adjustments required for the Markdown output format, because Markdown supports it already out of the box.</p>
<h3>Cache for Atom feed generation</h3>
<p>The Bash is not the most performant language. Gemtexter already takes a couple of seconds only to generate the Atom feed for around two hand full of articles on my slightly underpowered Surface Go 2 Linux tablet. Therefore, I introduced a cache, so that subsequent Atom feed generation runs finish much quicker. The cache uses a checksum of the Gemtext <span class="inlinecode">.gmi</span> file to decide whether anything of the content has changed or not.</p>
<h3>Input filter support</h3>
<p>Once your capsule reaches a certain size, it can become annoying to re-generate everything if you only want to preview the HTML or Markdown output of one single content file. The following will add a filter to only generate the files matching a regular expression:</p>
<pre>
./gemtexter --generate '.*hello.*'
</pre><br />
<h3>Revamped <span class="inlinecode">git</span> support</h3>
<p>The Git support has been completely rewritten. It's now more reliable and faster too. Have a look at the <span class="inlinecode">README</span> for more information.</p>
<h3>Addition of <span class="inlinecode">htmlextras</span> and web font support</h3>
<p>The <span class="inlinecode">htmlextras</span> folder now contains all extra files required for the HTML output format such as cascading style sheet (CSS) files and web fonts.</p>
<h3>Sub-section support</h3>
<p>It's now possible to define sub-sections within a Gemtexter capsule. For the HTML output, each sub-section can use its own CSS and web font definitions. E.g.:</p>
<a class="textlink" href="https://foo.zone">The foo.zone main site</a><br />
<a class="textlink" href="https://foo.zone/notes">The notes sub-section (with different fonts)</a><br />
<h3>More</h3>
<p>Additionally, there were a couple of bug fixes, refactorings and overall improvements in the documentation made. </p>
<p>Overall I think it's a pretty solid <span class="inlinecode">1.1.0</span> release without anything groundbreaking (therefore no major version jump). But I am happy about it.</p>
<p>E-Mail your comments to hi@paul.cyou :-)</p>
            </div>
        </content>
    </entry>
    <entry>
        <title>Let's Encrypt with OpenBSD and Rex</title>
        <link href="gemini://foo.zone/gemfeed/2022-07-30-lets-encrypt-with-openbsd-and-rex.gmi" />
        <id>gemini://foo.zone/gemfeed/2022-07-30-lets-encrypt-with-openbsd-and-rex.gmi</id>
        <updated>2022-07-30T17:13:52+03:00</updated>
        <author>
            <name>Paul C. Buetow</name>
            <email>comments@mx.buetow.org</email>
        </author>
        <summary>I was amazed at how easy it is to automatically generate and update Let's Encrypt certificates with OpenBSD.. .....to read on please visit my site.</summary>
        <content type="xhtml">
            <div xmlns="http://www.w3.org/1999/xhtml">
                <h1>Let's Encrypt with OpenBSD and Rex</h1>
<p class="quote"><i>Author: Paul; Published: 2022-07-30T12:14:31+01:00</i></p>
<pre>
                                               /    _    \
  The Hebern Machine                            \ ." ". /
                                  ___            /     \
                              ..""   ""..       |   O   |
                             /           \      |       |
                            /             \     |       |
                          ---------------------------------
                        _/  o     (O)     o   _            |
                      _/                    ." ".          |
                    I/    _________________/     \         |
                  _/I   ."                        |        |
          =====  /  I  /                         /         |
     =====  | | |   \ |       _________________."          |
=====  | |  | | |   /  \     /  _|_|__|_|_          __     |
  | |  | |  | | |   \   "._."  /  o    o  \       ."  ".   |
  |  --|  --|  -|   /          \         _/      /      \  |
   \____\____\__|   \  ______   |       /       |        | |
               --------      ---       /        |        | |
              ( )        (O)          /          \      /  |
               -----------------------            ".__."   |
               _|__________________________________________|_
              /                                              \
             /________________________________________________\
                                 ASCII Art by John Savard
</pre><br />
<p>I was amazed at how easy it is to automatically generate and update Let's Encrypt certificates with OpenBSD.</p>
<h2>What's Let's Encrypt?</h2>
<p class="quote"><i>Let's Encrypt is a non-profit certificate authority run by Internet Security Research Group that provides X.509 certificates for Transport Layer Security (TLS) encryption at no charge. It is the world's largest certificate authority, used by more than 265 million websites, with the goal of all websites being secure and using HTTPS.</i></p>
<a class="textlink" href="https://en.wikipedia.org/wiki/Let's_Encrypt">Source: Wikipedia</a><br />
<p>In short, it gives away TLS certificates for your website - for free! The catch is, that the certificates are only valid for three months. So it is better to automate certificate generation and renewals.</p>
<h2>Meet <span class="inlinecode">acme-client</span></h2>
<p><span class="inlinecode">acme-client</span> is the default Automatic Certifcate Management Environment (ACME) client on OpenBSD and part of the OpenBSD base system. </p>
<p>When invoked, the client first checks whether certificates actually require to be generated.</p>
<ul>
<li>It first checks whether a certificate already exists; if not, it will attempt to generate a new one.</li>
<li>If the certificate already exists but expires within the next 30 days, it will renew it.</li>
<li>Otherwise, <span class="inlinecode">acme-client</span> won't do anything.</li>
</ul>
<p>Oversimplified, the following steps are undertaken by <span class="inlinecode">acme-client</span> for generating a new certificate:</p>
<ul>
<li>Reading its config file <span class="inlinecode">/etc/acme-client.conf</span> for a list of hosts (and their alternative names) to generate certificates. So it means you can also have certificates for arbitrary subdomains!</li>
<li>Automatic generation of the private certificate part (the certificate key) and the certificate signing request (CSR) to <span class="inlinecode">/etc/ssl/...</span>.</li>
<li>Requesting Let's Encrypt to sign the certificate. This also includes providing a set of temporary files requested by Let's Encrypt in the next step for verification.</li>
<li>Let's Encrypt then will contact the hostname for the certificate through a particular URL (e.g. <span class="inlinecode">http://foo.zone/.well-known/acme-challenge/...</span>) to verify that the requester is the valid owner of the host.</li>
<li>Let's Encrypt generates a certificate, which then is downloaded to <span class="inlinecode">/etc/ssl/...</span>.</li>
</ul>
<h2>Configuration</h2>
<p>There is some (but easy) configuration required to make that all work on OpenBSD.</p>
<h3>acme-client.conf</h3>
<p>This is how my <span class="inlinecode">/etc/acme-client.conf</span> looks like (I copied a template from <span class="inlinecode">/etc/examples/acme-client.conf</span> to <span class="inlinecode">/etc/acme-client.conf</span> and added my domains to the bottom:</p>
<pre>
#
# $OpenBSD: acme-client.conf,v 1.4 2020/09/17 09:13:06 florian Exp $
#
authority letsencrypt {
    api url "https://acme-v02.api.letsencrypt.org/directory"
    account key "/etc/acme/letsencrypt-privkey.pem"
}

authority letsencrypt-staging {
    api url "https://acme-staging-v02.api.letsencrypt.org/directory"
    account key "/etc/acme/letsencrypt-staging-privkey.pem"
}

authority buypass {
    api url "https://api.buypass.com/acme/directory"
    account key "/etc/acme/buypass-privkey.pem"
    contact "mailto:me@example.com"
}

authority buypass-test {
    api url "https://api.test4.buypass.no/acme/directory"
    account key "/etc/acme/buypass-test-privkey.pem"
    contact "mailto:me@example.com"
}

domain buetow.org {
    alternative names { www.buetow.org paul.buetow.org }
    domain key "/etc/ssl/private/buetow.org.key"
    domain full chain certificate "/etc/ssl/buetow.org.fullchain.pem"
    sign with letsencrypt
}

domain dtail.dev {
    alternative names { www.dtail.dev }
    domain key "/etc/ssl/private/dtail.dev.key"
    domain full chain certificate "/etc/ssl/dtail.dev.fullchain.pem"
    sign with letsencrypt
}

domain foo.zone {
    alternative names { www.foo.zone }
    domain key "/etc/ssl/private/foo.zone.key"
    domain full chain certificate "/etc/ssl/foo.zone.fullchain.pem"
    sign with letsencrypt
}

domain irregular.ninja {
    alternative names { www.irregular.ninja }
    domain key "/etc/ssl/private/irregular.ninja.key"
    domain full chain certificate "/etc/ssl/irregular.ninja.fullchain.pem"
    sign with letsencrypt
}

domain snonux.land {
    alternative names { www.snonux.land }
    domain key "/etc/ssl/private/snonux.land.key"
    domain full chain certificate "/etc/ssl/snonux.land.fullchain.pem"
    sign with letsencrypt
}
</pre><br />
<h3>httpd.conf</h3>
<p>For ACME to work, you will need to configure the HTTP daemon so that the "special" ACME requests from Let's Encrypt are served correctly. I am using the standard OpenBSD <span class="inlinecode">httpd</span> here. These are the snippets I use for the <span class="inlinecode">foo.zone</span> host in <span class="inlinecode">/etc/httpd.conf</span> (of course, you need a similar setup for all other hosts as well):</p>
<pre>
server "foo.zone" {
  listen on * port 80
  location "/.well-known/acme-challenge/*" {
    root "/acme"
    request strip 2
  }
  location * {
    block return 302 "https://$HTTP_HOST$REQUEST_URI"
  }
}

server "foo.zone" {
  listen on * tls port 443
  tls {
    certificate "/etc/ssl/foo.zone.fullchain.pem"
    key "/etc/ssl/private/foo.zone.key"
  }
  location * {
    root "/htdocs/gemtexter/foo.zone"
    directory auto index
  }
}
</pre><br />
<p>As you see, plain HTTP only serves the ACME challenge path. Otherwise, it redirects the requests to TLS. The TLS section then attempts to use the Let's Encrypt certificates.</p>
<p>It is worth noticing that <span class="inlinecode">httpd</span> will start without the certificates being present. This will cause a certificate error when you try to reach the HTTPS endpoint, but it helps to bootstrap Let's Encrypt. As you saw in the config snippet above, Let's Encrypt only requests the plain HTTP endpoint for the verification process, so HTTPS doesn't need to be operational yet at this stage. But once the certificates are generated, you will have to reload or restart <span class="inlinecode">httpd</span> to use any new certificate.</p>
<h3>CRON job</h3>
<p>You could now run <span class="inlinecode">doas acme-client foo.zone</span> to generate the certificate or to renew it. Or you could automate it with CRON.</p>
<p>I have created a script <span class="inlinecode">/usr/local/bin/acme.sh</span> for that for all of my domains:</p>
<pre>
#!/bin/sh

function handle_cert {
    host=$1
    # Create symlink, so that relayd also can read it.
    crt_path=/etc/ssl/$host
    if [ -e $crt_path.crt ]; then
        rm $crt_path.crt
    fi
    ln -s $crt_path.fullchain.pem $crt_path.crt
    # Requesting and renewing certificate.
    /usr/sbin/acme-client -v $host
}

has_update=no
handle_cert www.buetow.org
if [ $? -eq 0 ]; then
    has_update=yes
fi
handle_cert www.paul.buetow.org
if [ $? -eq 0 ]; then
    has_update=yes
fi
handle_cert www.tmp.buetow.org
if [ $? -eq 0 ]; then
    has_update=yes
fi
handle_cert www.dtail.dev
if [ $? -eq 0 ]; then
    has_update=yes
fi
handle_cert www.foo.zone
if [ $? -eq 0 ]; then
    has_update=yes
fi
handle_cert www.irregular.ninja
if [ $? -eq 0 ]; then
    has_update=yes
fi
handle_cert www.snonux.land
if [ $? -eq 0 ]; then
    has_update=yes
fi

# Pick up the new certs.
if [ $has_update = yes ]; then
    /usr/sbin/rcctl reload httpd
    /usr/sbin/rcctl reload relayd
    /usr/sbin/rcctl restart smtpd
fi
</pre><br />
<p>And added the following line to <span class="inlinecode">/etc/daily.local</span> to run the script once daily so that certificates will be renewed fully automatically:</p>
<pre>
/usr/local/bin/acme.sh
</pre><br />
<p>I am receiving a daily output via E-Mail like this now:</p>
<pre>
Running daily.local:
acme-client: /etc/ssl/buetow.org.fullchain.pem: certificate valid: 80 days left
acme-client: /etc/ssl/paul.buetow.org.fullchain.pem: certificate valid: 80 days left
acme-client: /etc/ssl/tmp.buetow.org.fullchain.pem: certificate valid: 80 days left
acme-client: /etc/ssl/dtail.dev.fullchain.pem: certificate valid: 80 days left
acme-client: /etc/ssl/foo.zone.fullchain.pem: certificate valid: 80 days left
acme-client: /etc/ssl/irregular.ninja.fullchain.pem: certificate valid: 80 days left
acme-client: /etc/ssl/snonux.land.fullchain.pem: certificate valid: 79 days left
</pre><br />
<h2>relayd.conf and smtpd.conf</h2>
<p>Besides <span class="inlinecode">httpd</span>, <span class="inlinecode">relayd</span> (mainly for Gemini) and <span class="inlinecode">smtpd</span> (for mail, of course) also use TLS certificates. And as you can see in <span class="inlinecode">acme.sh</span>, the services are reloaded or restarted (<span class="inlinecode">smtpd</span> doesn't support reload) whenever a certificate is generated or updated.</p>
<h2>Rexification</h2>
<p>I didn't write all these configuration files by hand. As a matter of fact, everything is automated with the Rex configuration management system.</p>
<a class="textlink" href="https://www.rexify.org">https://www.rexify.org</a><br />
<p>At the top of the <span class="inlinecode">Rexfile</span> I define all my hosts:</p>
<pre>
our @acme_hosts = qw/buetow.org paul.buetow.org tmp.buetow.org dtail.dev foo.zone irregular.ninja snonux.land/;
</pre><br />
<h3>General ACME client configuration</h3>
<p>ACME will be installed into the frontend group of hosts. Here, blowfish is the primary, and twofish is the secondary OpenBSD box.</p>
<pre>
group frontends =&gt; 'blowfish.buetow.org', 'twofish.buetow.org';
</pre><br />
<p>This is my Rex task for the general ACME configuration:</p>
<pre>
desc 'Configure ACME client';
task 'acme', group =&gt; 'frontends',
  sub {
    file '/etc/acme-client.conf',
      content =&gt; template('./etc/acme-client.conf.tpl',
        acme_hosts =&gt; \@acme_hosts,
        is_primary =&gt; $is_primary),
      owner =&gt; 'root',
      group =&gt; 'wheel',
      mode =&gt; '644';

    file '/usr/local/bin/acme.sh',
      content =&gt; template('./scripts/acme.sh.tpl',
        acme_hosts =&gt; \@acme_hosts,
        is_primary =&gt; $is_primary),
      owner =&gt; 'root',
      group =&gt; 'wheel',
      mode =&gt; '744';

    file '/etc/daily.local',
      ensure =&gt; 'present',
      owner =&gt; 'root',
      group =&gt; 'wheel',
      mode =&gt; '644';

    append_if_no_such_line '/etc/daily.local', '/usr/local/bin/acme.sh';
  };
</pre><br />
<p>And there is also a Rex task just to run the ACME script remotely:</p>
<pre>
desc 'Invoke ACME client';
task 'acme_invoke', group =&gt; 'frontends',
  sub {
    say run '/usr/local/bin/acme.sh';
  };

</pre><br />
<p>Furthermore, this snippet (also at the top of the Rexfile) helps to determine whether the current server is the primary server (all hosts will be without the <span class="inlinecode">www.</span> prefix) or the secondary server (all hosts will be with the <span class="inlinecode">www.</span> prefix):</p>
<pre>
# Bootstrapping the FQDN based on the server IP as the hostname and domain
# facts aren't set yet due to the myname file in the first place.
our $fqdns = sub {
  my $ipv4 = shift;
  return 'blowfish.buetow.org' if $ipv4 eq '23.88.35.144';
  return 'twofish.buetow.org' if $ipv4 eq '108.160.134.135';
  Rex::Logger::info("Unable to determine hostname for $ipv4", 'error');
  return 'HOSTNAME-UNKNOWN.buetow.org';
};

# To determine whether the server is the primary or the secondary.
our $is_primary = sub {
  my $ipv4 = shift;
  $fqdns-&gt;($ipv4) eq 'blowfish.buetow.org';
};
</pre><br />
<p>The following is the <span class="inlinecode">acme-client.conf.tpl</span> Rex template file used for the automation. You see that the <span class="inlinecode">www.</span> prefix isn't sent for the primary server. E.g. <span class="inlinecode">foo.zone</span> will be served by the primary server (in my case, a server located in Germany) and <span class="inlinecode">www.foo.zone</span> by the secondary server (in my case, a server located in Japan):</p>
<pre>
#
# $OpenBSD: acme-client.conf,v 1.4 2020/09/17 09:13:06 florian Exp $
#
authority letsencrypt {
	api url "https://acme-v02.api.letsencrypt.org/directory"
	account key "/etc/acme/letsencrypt-privkey.pem"
}

authority letsencrypt-staging {
	api url "https://acme-staging-v02.api.letsencrypt.org/directory"
	account key "/etc/acme/letsencrypt-staging-privkey.pem"
}

authority buypass {
	api url "https://api.buypass.com/acme/directory"
	account key "/etc/acme/buypass-privkey.pem"
	contact "mailto:me@example.com"
}

authority buypass-test {
	api url "https://api.test4.buypass.no/acme/directory"
	account key "/etc/acme/buypass-test-privkey.pem"
	contact "mailto:me@example.com"
}

&lt;%
  our $primary = $is_primary-&gt;($vio0_ip);
  our $prefix = $primary ? '' : 'www.';
%&gt;

&lt;% for my $host (@$acme_hosts) { %&gt;
domain &lt;%= $prefix.$host %&gt; {
	domain key "/etc/ssl/private/&lt;%= $prefix.$host %&gt;.key"
	domain full chain certificate "/etc/ssl/&lt;%= $prefix.$host %&gt;.fullchain.pem"
	sign with letsencrypt
}
&lt;% } %&gt;

</pre><br />
<p>And this is the <span class="inlinecode">acme.sh.tpl</span>:</p>
<pre>
#!/bin/sh

&lt;%
  our $primary = $is_primary-&gt;($vio0_ip);
  our $prefix = $primary ? '' : 'www.';
-%&gt;

function handle_cert {
    host=$1
    # Create symlink, so that relayd also can read it.
    crt_path=/etc/ssl/$host
    if [ -e $crt_path.crt ]; then
        rm $crt_path.crt
    fi
    ln -s $crt_path.fullchain.pem $crt_path.crt
    # Requesting and renewing certificate.
    /usr/sbin/acme-client -v $host
}

has_update=no
&lt;% for my $host (@$acme_hosts) { -%&gt;
handle_cert &lt;%= $prefix.$host %&gt;
if [ $? -eq 0 ]; then
    has_update=yes
fi
&lt;% } -%&gt;

# Pick up the new certs.
if [ $has_update = yes ]; then
    /usr/sbin/rcctl reload httpd
    /usr/sbin/rcctl reload relayd
    /usr/sbin/rcctl restart smtpd
fi
</pre><br />
<h3>Service rexification </h3>
<p>These are the Rex tasks setting up <span class="inlinecode">httpd</span>, <span class="inlinecode">relayd</span> and <span class="inlinecode">smtpd</span> services:</p>
<pre>
desc 'Setup httpd';
task 'httpd', group =&gt; 'frontends',
  sub {
    append_if_no_such_line '/etc/rc.conf.local', 'httpd_flags=';

    file '/etc/httpd.conf',
      content =&gt; template('./etc/httpd.conf.tpl',
        acme_hosts =&gt; \@acme_hosts,
        is_primary =&gt; $is_primary),
      owner =&gt; 'root',
      group =&gt; 'wheel',
      mode =&gt; '644',
      on_change =&gt; sub { service 'httpd' =&gt; 'restart' };

    service 'httpd', ensure =&gt; 'started';
  };

desc 'Setup relayd';
task 'relayd', group =&gt; 'frontends',
  sub {
    append_if_no_such_line '/etc/rc.conf.local', 'relayd_flags=';

    file '/etc/relayd.conf',
      content =&gt; template('./etc/relayd.conf.tpl',
        ipv6address =&gt; $ipv6address,
        is_primary =&gt; $is_primary),
      owner =&gt; 'root',
      group =&gt; 'wheel',
      mode =&gt; '600',
      on_change =&gt; sub { service 'relayd' =&gt; 'restart' };

    service 'relayd', ensure =&gt; 'started';
  };

desc 'Setup OpenSMTPD';
task 'smtpd', group =&gt; 'frontends',
  sub {
    Rex::Logger::info('Dealing with mail aliases');
    file '/etc/mail/aliases',
      source =&gt; './etc/mail/aliases',
      owner =&gt; 'root',
      group =&gt; 'wheel',
      mode =&gt; '644',
      on_change =&gt; sub { say run 'newaliases' };

    Rex::Logger::info('Dealing with mail virtual domains');
    file '/etc/mail/virtualdomains',
      source =&gt; './etc/mail/virtualdomains',
      owner =&gt; 'root',
      group =&gt; 'wheel',
      mode =&gt; '644',
      on_change =&gt; sub { service 'smtpd' =&gt; 'restart' };

    Rex::Logger::info('Dealing with mail virtual users');
    file '/etc/mail/virtualusers',
      source =&gt; './etc/mail/virtualusers',
      owner =&gt; 'root',
      group =&gt; 'wheel',
      mode =&gt; '644',
      on_change =&gt; sub { service 'smtpd' =&gt; 'restart' };

    Rex::Logger::info('Dealing with smtpd.conf');
    file '/etc/mail/smtpd.conf',
      content =&gt; template('./etc/mail/smtpd.conf.tpl',
        is_primary =&gt; $is_primary),
      owner =&gt; 'root',
      group =&gt; 'wheel',
      mode =&gt; '644',
      on_change =&gt; sub { service 'smtpd' =&gt; 'restart' };

    service 'smtpd', ensure =&gt; 'started';
  };

</pre><br />
<p>This is the <span class="inlinecode">httpd.conf.tpl</span>:</p>
<pre>
&lt;%
  our $primary = $is_primary-&gt;($vio0_ip);
  our $prefix = $primary ? '' : 'www.';
%&gt;

# Plain HTTP for ACME and HTTPS redirect
&lt;% for my $host (@$acme_hosts) { %&gt;
server "&lt;%= $prefix.$host %&gt;" {
  listen on * port 80
  location "/.well-known/acme-challenge/*" {
    root "/acme"
    request strip 2
  }
  location * {
    block return 302 "https://$HTTP_HOST$REQUEST_URI"
  }
}
&lt;% } %&gt;

# Gemtexter hosts
&lt;% for my $host (qw/foo.zone snonux.land/) { %&gt;
server "&lt;%= $prefix.$host %&gt;" {
  listen on * tls port 443
  tls {
    certificate "/etc/ssl/&lt;%= $prefix.$host %&gt;.fullchain.pem"
    key "/etc/ssl/private/&lt;%= $prefix.$host %&gt;.key"
  }
  location * {
    root "/htdocs/gemtexter/&lt;%= $host %&gt;"
    directory auto index
  }
}
&lt;% } %&gt;

# DTail special host
server "&lt;%= $prefix %&gt;dtail.dev" {
  listen on * tls port 443
  tls {
    certificate "/etc/ssl/&lt;%= $prefix %&gt;dtail.dev.fullchain.pem"
    key "/etc/ssl/private/&lt;%= $prefix %&gt;dtail.dev.key"
  }
  location * {
    block return 302 "https://github.dtail.dev$REQUEST_URI"
  }
}

# Irregular Ninja special host
server "&lt;%= $prefix %&gt;irregular.ninja" {
  listen on * tls port 443
  tls {
    certificate "/etc/ssl/&lt;%= $prefix %&gt;irregular.ninja.fullchain.pem"
    key "/etc/ssl/private/&lt;%= $prefix %&gt;irregular.ninja.key"
  }
  location * {
    root "/htdocs/irregular.ninja"
    directory auto index
  }
}

# buetow.org special host.
server "&lt;%= $prefix %&gt;buetow.org" {
  listen on * tls port 443
  tls {
    certificate "/etc/ssl/&lt;%= $prefix %&gt;buetow.org.fullchain.pem"
    key "/etc/ssl/private/&lt;%= $prefix %&gt;buetow.org.key"
  }
  block return 302 "https://paul.buetow.org"
}

server "&lt;%= $prefix %&gt;paul.buetow.org" {
  listen on * tls port 443
  tls {
    certificate "/etc/ssl/&lt;%= $prefix %&gt;paul.buetow.org.fullchain.pem"
    key "/etc/ssl/private/&lt;%= $prefix %&gt;paul.buetow.org.key"
  }
  block return 302 "https://foo.zone/contact-information.html"
}

server "&lt;%= $prefix %&gt;tmp.buetow.org" {
  listen on * tls port 443
  tls {
    certificate "/etc/ssl/&lt;%= $prefix %&gt;tmp.buetow.org.fullchain.pem"
    key "/etc/ssl/private/&lt;%= $prefix %&gt;tmp.buetow.org.key"
  }
  root "/htdocs/buetow.org/tmp"
  directory auto index
}
</pre><br />
<p>and this the <span class="inlinecode">relayd.conf.tpl</span>:</p>
<pre>
&lt;%
  our $primary = $is_primary-&gt;($vio0_ip);
  our $prefix = $primary ? '' : 'www.';
%&gt;

log connection

tcp protocol "gemini" {
    tls keypair &lt;%= $prefix %&gt;foo.zone
    tls keypair &lt;%= $prefix %&gt;buetow.org
}

relay "gemini4" {
    listen on &lt;%= $vio0_ip %&gt; port 1965 tls
    protocol "gemini"
    forward to 127.0.0.1 port 11965
}

relay "gemini6" {
    listen on &lt;%= $ipv6address-&gt;($hostname) %&gt; port 1965 tls
    protocol "gemini"
    forward to 127.0.0.1 port 11965
}
</pre><br />
<p>And last but not least, this is the <span class="inlinecode">smtpd.conf.tpl</span>:</p>
<pre>
&lt;%
  our $primary = $is_primary-&gt;($vio0_ip);
  our $prefix = $primary ? '' : 'www.';
%&gt;

pki "buetow_org_tls" cert "/etc/ssl/&lt;%= $prefix %&gt;buetow.org.fullchain.pem"
pki "buetow_org_tls" key "/etc/ssl/private/&lt;%= $prefix %&gt;buetow.org.key"

table aliases file:/etc/mail/aliases
table virtualdomains file:/etc/mail/virtualdomains
table virtualusers file:/etc/mail/virtualusers

listen on socket
listen on all tls pki "buetow_org_tls" hostname "&lt;%= $prefix %&gt;buetow.org"
#listen on all

action localmail mbox alias &lt;aliases&gt;
action receive mbox virtual &lt;virtualusers&gt;
action outbound relay

match from any for domain &lt;virtualdomains&gt; action receive
match from local for local action localmail
match from local for any action outbound
</pre><br />
<h2>All pieces together</h2>
<p>For the complete <span class="inlinecode">Rexfile</span> example and all the templates, please look at the Git repository:</p>
<a class="textlink" href="https://codeberg.org/snonux/rexfiles">https://codeberg.org/snonux/rexfiles</a><br />
<p>Besides ACME, other things, such as DNS servers, are also rexified. The following command will run all the Rex tasks and configure everything on my frontend machines automatically:</p>
<pre>
rex commons
</pre><br />
<p>The <span class="inlinecode">commons</span> is a group of tasks I specified which combines a set of common tasks I always want to execute on all frontend machines. This also includes the ACME tasks mentioned in this article!</p>
<h2>Conclusion</h2>
<p>ACME and Let's Encrypt greatly help reduce recurring manual maintenance work (creating and renewing certificates). Furthermore, all the certificates are free of cost! I love to use OpenBSD and Rex to automate all of this.</p>
<p>OpenBSD suits perfectly here as all the tools are already part of the base installation. But I like underdogs. Rex is not as powerful and popular as other configuration management systems (e.g. Puppet, Chef, SALT or even Ansible). It is more of an underdog, and the community is small.</p>
<p>Why re-inventing the wheel? I love that a <span class="inlinecode">Rexfile</span> is just a Perl DSL. Also, OpenBSD comes with Perl in the base system. So no new programming language had to be added to my mix for the configuration management system. Also, the <span class="inlinecode">acme.sh</span> shell script is not a Bash but a standard Bourne shell script, so I didn't have to install an additional shell as OpenBSD does not come with the Bash pre-installed.</p>
<p>E-Mail your comments to hi@paul.cyou :-)</p>
            </div>
        </content>
    </entry>
    <entry>
        <title>Sweating the small stuff - Tiny projects of mine</title>
        <link href="gemini://foo.zone/gemfeed/2022-06-15-sweating-the-small-stuff.gmi" />
        <id>gemini://foo.zone/gemfeed/2022-06-15-sweating-the-small-stuff.gmi</id>
        <updated>2022-06-15T17:13:52+03:00</updated>
        <author>
            <name>Paul C. Buetow</name>
            <email>comments@mx.buetow.org</email>
        </author>
        <summary>This blog post is a bit different from the others. It consists of multiple but smaller projects worth mentioning. I got inspired by Julia Evan's 'Tiny programs' blog post and the side projects of The Sephist, so I thought I would also write a blog posts listing a couple of small projects of mine:. .....to read on please visit my site.</summary>
        <content type="xhtml">
            <div xmlns="http://www.w3.org/1999/xhtml">
                <h1>Sweating the small stuff - Tiny projects of mine</h1>
<p class="quote"><i>Author: Paul; Published: 2022-06-15T08:47:44+01:00; Updated: 2022-06-18</i></p>
<pre>
         _
        /_/_      .'''.
     =O(_)))) ...'     `.
 jgs    \_\              `.    .'''
                           `..'
</pre><br />
<p>This blog post is a bit different from the others. It consists of multiple but smaller projects worth mentioning. I got inspired by Julia Evan's "Tiny programs" blog post and the side projects of The Sephist, so I thought I would also write a blog posts listing a couple of small projects of mine:</p>
<a class="textlink" href="https://jvns.ca/blog/2022/03/08/tiny-programs/">Tiny programs</a><br />
<a class="textlink" href="https://thesephist.com/projects/">The Sephist's project list</a><br />
<p>Working on tiny projects is a lot of fun as you don't need to worry about any standards or code reviews and you decide how and when you work on it. There aren't restrictions regarding technologies used. You are likely the only person working on these tiny projects and that means that there is no conflict with any other developers. This is complete freedom :-).</p>
<p>But before going through the tiny projects let's take a paragraph for the <span class="inlinecode">1y</span> anniversary retrospective.</p>
<h2><span class="inlinecode">1y</span> anniversary</h2>
<p>It has been one year since I started posting regularly (at least once monthly) on this blog again. It has been a lot of fun (and work) doing so for various reasons:</p>
<ul>
<li>I practice English writing (I am not a native speaker). I am far from being a novelist, but this blog helps improves my writing skills. I also tried out tools like Grammarly.com and Languagetool.org and also worked with <span class="inlinecode">:spell</span> in Vim or the LibreOffice checker. This post was checked with the <span class="inlinecode">write-better</span> Node application. </li>
<li>I force myself to "finish" some kind of project worth writing about every month. If its not a project, then its still a topic which requires research and deep thinking. Producing 2k words of text can actually be challenging.</li>
<li>It's fun to rely on KISS (keep it simple &amp; stupid) tools. E.g. use of Gemtexter and not WordPress, use of Vim instead of an office suite or a rich web editor.</li>
</ul>
<p>Retrospectively, these have been the most popular blog posts of mine over the last year:</p>
<a class="textlink" href="https://foo.zone/gemfeed/2021-09-12-keep-it-simple-and-stupid.html">Keep it simple and stupid</a><br />
<a class="textlink" href="https://foo.zone/gemfeed/2022-04-10-creative-universe.html">Creative universe</a><br />
<a class="textlink" href="https://foo.zone/gemfeed/2021-11-29-bash-golf-part-1.html">Bash Golf series</a><br />
<a class="textlink" href="https://foo.zone/gemfeed/2021-12-26-how-to-stay-sane-as-a-devops-person.html">How to stay sane as a DevOps person</a><br />
<a class="textlink" href="https://foo.zone/gemfeed/2022-05-27-perl-is-still-a-great-choice.html">Perl is still a great choice</a><br />
<p>But now, let's continue with the small projects worth mentioning :-)</p>
<h2>Static photo album generator</h2>
<p><span class="inlinecode">photoalbum.sh</span> is a minimal static HTML photo album generator. I use it to drive "The Irregular Ninja" site and for some ad-hoc (personal) albums to share photos with the family and friends.</p>
<a class="textlink" href="https://codeberg.org/snonux/photoalbum">https://codeberg.org/snonux/photoalbum</a><br />
<h3>The Irregular Ninja</h3>
<p>Photography is one of my casual hobbies. I love to capture interesting perspectives and motifs. I love to walk new streets and neighbourhoods I never walked before so I can capture those unexpected motifs, colours and moments. Unfortunately, because of time constraints (and sometime weather constraints), I do that on a pretty infrequent basis.</p>
<a href="https://foo.zone/gemfeed/2022-06-15-sweating-the-small-stuff/ninja.jpg"><img src="https://foo.zone/gemfeed/2022-06-15-sweating-the-small-stuff/ninja.jpg" /></a><br />
<p>More than 10 years ago I wrote the bespoke small static photo album generator in Bash <span class="inlinecode">photoalbum.sh</span> which I recently refactored to a modern Bash coding style and also freshened up the Cascading Style Sheets. Last but not least, the new domain name <span class="inlinecode">irregular.ninja</span> has been registered.</p>
<p>The thumbnails are presented in a random order and there are also random CSS effects for each preview. There's also a simple background blur for each page generated. And that's all in less than 300 lines of Bash code! The script requires ImageMagick (available for all common Linux and *BSD distributions) to be installed.</p>
<p>As you can see, there is a lot of randomization and irregularity going on. Thus, the name "Irregular Ninja" was born.</p>
<a class="textlink" href="https://irregular.ninja">https://irregular.ninja</a><br />
<p>I only use a digital compact camera or a smartphone to take the photos. I don't like the idea of carrying around a big camera with me "just in case" so I keep it small and simple. The best camera is the camera you have with you. :-)</p>
<p>I hope you like this photo site. It's worth checking it out again around once every other month!</p>
<h2>Random journal page extractor</h2>
<p>I bullet journal. I write my notes into a Leuchtturm paper notebook. Once full, I am scanning it to a PDF file and archive it. As of writing this, I am at journal #7 (each from 123 up to 251 pages in A5). It means that there is a lot of material already.</p>
<p>Once in a while I want to revisit older notes and ideas. For that I have written a simple Bash script <span class="inlinecode">randomjournalpage.sh</span> which randomly picks a PDF file from a folder and extracts 42 pages from it at a random page offset and opens them in a PDF viewer (Evince in this case, as I am a GNOME user). </p>
<a class="textlink" href="https://codeberg.org/snonux/randomjournalpage">https://codeberg.org/snonux/randomjournalpage</a><br />
<p>There's also a weekly <span class="inlinecode">CRON</span> job on my servers to send me a reminder that I might want to read in my old journals again. My laptop also runs this script each time it boots and saves the output to a NextCloud folder. From there, it's synchronized to the NextCloud server so I can pick it up from there with my smartphone later when I am "on the road".</p>
<h2>Global uptime records statistic generator</h2>
<p><span class="inlinecode">guprecords</span> is a Perl script which reads multiple <span class="inlinecode">uprecord</span> files (produced by <span class="inlinecode">uptimed</span> - a widely available daemon for recording server uptimes) and generates uptime statistics of multiple hosts combined. I keep all the record files of all my personal computers in a Git repository (I even keep the records of the boxes I don't own or use anymore) and there's already quite a collection of it. It looks like this:</p>
<pre>
❯ perl ~/git/guprecords/src/guprecords --indir=./stats/ --count=20 --all
Pos |            System |               Kernel |        Uptime |                Boot time
  1 |               sun | FreeBSD 10.1-RELEA.. | 502d 03:29:19 | Sun Aug 16 15:56:40 2015
  2 |            vulcan | Linux 3.10.0-1160... | 313d 13:19:39 | Sun Jul 25 18:32:25 2021
  3 |             uugrn | FreeBSD 10.2-RELEASE | 303d 15:19:35 | Tue Dec 22 21:33:07 2015
  4 |             uugrn | FreeBSD 11.0-RELEA.. | 281d 14:38:04 | Fri Oct 21 15:22:02 2016
  5 |         deltavega | Linux 3.10.0-957.2.. | 279d 11:15:00 | Sun Jun 30 11:42:38 2019
  6 |            vulcan | Linux 3.10.0-957.2.. | 279d 11:12:14 | Sun Jun 30 11:43:41 2019
  7 |         deltavega | Linux 3.10.0-1160... | 253d 04:42:22 | Sat Apr 24 13:34:34 2021
  8 |             host0 | FreeBSD 6.2-RELEAS.. | 240d 02:23:23 | Wed Jan 31 20:34:46 2007
  9 |             uugrn | FreeBSD 11.1-RELEA.. | 202d 21:12:41 | Sun May  6 18:06:17 2018
 10 |           tauceti |  Linux 3.2.0-4-amd64 | 197d 18:45:40 | Mon Dec 16 19:47:54 2013
 11 |             pluto | Linux 2.6.32-5-amd64 | 185d 11:53:04 | Wed Aug  1 07:34:10 2012
 12 |               sun | FreeBSD 10.3-RELEA.. | 164d 22:31:55 | Sat Jul 22 18:47:21 2017
 13 |            vulcan | Linux 3.10.0-1160... | 161d 07:08:43 | Sun Feb 14 10:05:38 2021
 14 |               sun | FreeBSD 10.3-RELEA.. | 158d 21:18:36 | Sat Jan 27 10:18:57 2018
 15 |             uugrn | FreeBSD 11.1-RELEA.. | 157d 20:57:24 | Fri Nov  3 05:02:54 2017
 16 |         tauceti-f |  Linux 3.2.0-3-amd64 | 150d 04:12:38 | Mon Sep 16 09:02:58 2013
 17 |           tauceti |  Linux 3.2.0-4-amd64 | 149d 09:21:43 | Mon Aug 11 09:47:50 2014
 18 |             pluto |  Linux 3.2.0-4-amd64 | 142d 02:57:31 | Mon Sep  8 01:59:02 2014
 19 |         tauceti-f |  Linux 3.2.0-3-amd64 | 132d 22:46:26 | Mon May  6 11:11:35 2013
 20 |       keppler-16b |        Darwin 13.4.0 | 131d 08:17:12 | Thu Jun 11 10:44:25 2015
</pre><br />
<p>It can also sum up all uptimes for each host to generate a total per host uptime top list:</p>
<pre>
❯ perl ~/git/guprecords/src/guprecords --indir=./stats/ --count=20 --total
Pos |            System |               Kernel |        Uptime |
  1 |            uranus | Linux 5.4.17-200.f.. | 1419d 19:05:39 |
  2 |               sun | FreeBSD 10.1-RELEA.. | 1363d 11:41:14 |
  3 |            vulcan | Linux 3.10.0-1160... | 1262d 20:27:48 |
  4 |             uugrn | FreeBSD 10.2-RELEASE | 1219d 15:10:16 |
  5 |         deltavega | Linux 3.10.0-957.2.. | 1115d 06:33:55 |
  6 |             pluto | Linux 2.6.32-5-amd64 | 1086d 10:44:05 |
  7 |           tauceti |  Linux 3.2.0-4-amd64 | 846d 12:58:21 |
  8 |         tauceti-f |  Linux 3.2.0-3-amd64 | 625d 07:16:39 |
  9 |             host0 | FreeBSD 6.2-RELEAS.. | 534d 19:50:13 |
 10 |       keppler-16b |        Darwin 13.4.0 | 448d 06:15:00 |
 11 |         tauceti-e |  Linux 3.2.0-4-amd64 | 415d 18:14:13 |
 12 |              moon |        Darwin 18.7.0 | 326d 11:21:42 |
 13 |          callisto | Linux 4.0.4-303.fc.. | 303d 12:18:24 |
 14 |     alphacentauri | FreeBSD 10.1-RELEA.. | 300d 20:15:00 |
 15 |             earth | Linux 5.13.14-200... | 289d 08:05:05 |
 16 |          makemake | Linux 5.11.9-200.f.. | 286d 21:53:03 |
 17 |            london |  Linux 3.2.0-4-amd64 | 258d 15:10:38 |
 18 |          fishbone | OpenBSD 4.1       .. | 223d 05:55:26 |
 19 |       sagittarius |        Darwin 15.6.0 | 198d 23:53:59 |
 20 |              mars |  Linux 3.2.0-4-amd64 | 190d 05:44:21 |
</pre><br />
<a class="textlink" href="https://codeberg.org/snonux/guprecords">https://codeberg.org/snonux/guprecords</a><br />
<p>This all is of no real practical use but fun!</p>
<h2>Server configuration management</h2>
<p>The <span class="inlinecode">rexfiles</span> project contains all Rex files for my (personal) server setup automation. A <span class="inlinecode">Rexfile</span> is written in a Perl DSL run by the Rex configuration management system. It's pretty much KISS and that's why I love it. It suits my personal needs perfectly. </p>
<a class="textlink" href="https://codeberg.org/snonux/rexfiles">https://codeberg.org/snonux/rexfiles</a><br />
<a class="textlink" href="https://www.rexify.org">https://www.rexify.org</a><br />
<p>This is an E-Mail I posted to the Rex mailing list:</p>
<p class="quote"><i>Hi there! I was searching for a simple way to automate my personal OpenBSD setup. I found that configuration management systems like Puppet, Salt, Chef, etc.. were too bloated for my personal needs. So for a while I was configuring everything by hand. At one point I got fed up and started writing Shell scripts. But that was not the holy grail so that I looked at Ansible. I found that Ansible had some dependencies on Python on the target machine when you want to use all the features. Furthermore, I am not really familiar with Python. But then I remembered that there was also Rex. It's written in my beloved Perl. Also, OpenBSD comes with Perl in the base system out of the box which makes it integrate better than all my scripts (automation and also scripts deployed via the automation to the system) are all in the same language. Rex may not have all the features like other configuration management systems, but its easy to work-around or extend when you know Perl. Thanks!</i></p>
<h2>Fancy SSH execution loop</h2>
<p><span class="inlinecode">rubyfy</span> is a fancy SSH loop wrapper written in Ruby for running shell commands on multiple remote servers at once. I also forked this project for work (under a different name) where I added even more features such as automatic server discovery. It's used by many colleagues on a frequent basis. Here are some examples:</p>
<pre>
# Run command 'hostname' on server foo.example.com
./rubyfy.rb -c 'hostname' &lt;&lt;&lt; foo.example.com

# Run command 'id' as root (via sudo) on all servers listed in the list file
# Do it on 10 servers in parallel
./rubyfy.rb --parallel 10 --root --command 'id' &lt; serverlist.txt

# Run a fancy script in background on 50 servers in parallel
./rubyfy.rb -p 50 -r -b -c '/usr/local/scripts/fancy.zsh' &lt; serverlist.txt

# Grep for specific process on both servers and write output to ./out/grep.txt
echo {foo,bar}.example.com | ./rubyfy.rb -p 10 -c 'pgrep -lf httpd' -n grep.txt

# Reboot server only if file /var/run/maintenance.lock does NOT exist!
echo foo.example.com |
./rubyfy.rb --root --command reboot --precondition /var/run/maintenance.lock
</pre><br />
<a class="textlink" href="https://codeberg.org/snonux/rubyfy">https://codeberg.org/snonux/rubyfy</a><br />
<h2>A KISS dynamic DNS solution</h2>
<p><span class="inlinecode">dyndns</span> is a tiny shell script which implements "your" own DynDNS service. It relies on SSH access to the authoritative DNS server and the <span class="inlinecode">nsupdate</span> command. There is really no need to use any of the "other" free DynDNS services out there.</p>
<p>Syntax (this must run from the client connecting to the DNS server through SSH): </p>
<pre>
ssh dyndns@dyndnsserver /path/to/dyndns-update \
    your.host.name. TYPE new-entry TIMEOUT
</pre><br />
<p>This is a real world example: </p>
<pre>
ssh dyndns@dyndnsserver /path/to/dyndns-update \
  local.buetow.org. A 137.226.50.91 30
</pre><br />
<a class="textlink" href="https://codeberg.org/snonux/dyndns">https://codeberg.org/snonux/dyndns</a><br />
<h2>CPU information gatherer for Linux</h2>
<p>This is a tiny GNU Awk script for Linux which displays information about the CPU. All what it does is presenting <span class="inlinecode">/proc/cpuinfo</span> in an easier to read way. The output is somewhat more compact than the standard <span class="inlinecode">lscpu</span> command you find commonly on Linux distributions.</p>
<pre>
❯ ./cpuinfo
cpuinfo (c) 1.0.2 Paul Buetow

 11th Gen Intel(R) Core(TM) i7-1185G7 @ 3.00GHz GenuineIntel 12288 KB cache

p = 001 Physical processors
c = 004 Cores
s = 008 Siblings (Hyper-Threading enabled if s != c)
v = 008 [v = p*c*(s != c ? 2 : 1)] Total logical CPUs
 Hyper-Threading is enabled

0003000 MHz each core
0012000 MHz total
0005990 Bogomips each processor (including virtual)
0023961 Bogomips total
</pre><br />
<a class="textlink" href="https://codeberg.org/snonux/cpuinfo">https://codeberg.org/snonux/cpuinfo</a><br />
<h2>Show differences of two files over the network</h2>
<p>This is a shell wrapper to use the standard diff tool over the network to compare a file between two computers. It uses NetCat for the network part and also encrypts all traffic using OpenSSL. This is how its used:</p>
<p>1. Open two terminal windows and login to two different hosts (you could use ClusterSSH or <span class="inlinecode">tmux</span> here). 2. Run on the first host <span class="inlinecode">netdiff otherhost.example.org /file/to/diff.txt</span> and run on the second host <span class="inlinecode">netdiff firsthost.example.org /file/to/diff.txt</span>. 3. You then will see the file differences.</p>
<a class="textlink" href="https://codeberg.org/snonux/netdiff">https://codeberg.org/snonux/netdiff</a><br />
<h2>Delay sending out E-Mails with Mutt</h2>
<p>This is a shell script for the Mutt email client for delaying sending out E-Mails. For example, you want to write an email on Saturday but don't want to bother the recipient earlier than Monday. It relies on CRON.</p>
<a class="textlink" href="https://codeberg.org/snonux/muttdelay">https://codeberg.org/snonux/muttdelay</a><br />
<h2>Graphical UI for sending text messages</h2>
<p><span class="inlinecode">jsmstrade</span> is a minimalistic graphical Java swing client for sending SMS messages over the SMStrade service.</p>
<a href="https://foo.zone/gemfeed/2022-06-15-sweating-the-small-stuff/jsmstrade.png"><img src="https://foo.zone/gemfeed/2022-06-15-sweating-the-small-stuff/jsmstrade.png" /></a><br />
<a class="textlink" href="https://codeberg.org/snonux/jsmstrade">https://codeberg.org/snonux/jsmstrade</a><br />
<a class="textlink" href="https://smstrade.de">https://smstrade.de</a><br />
<h2>IPv6 and IPv4 connectivity testing site</h2>
<p><span class="inlinecode">ipv6test</span> is a quick and dirty Perl CGI script for testing whether your browser connects via IPv4 or IPv6. It requires you to setup three sub-domains: One reachable only via IPv4 (e.g. <span class="inlinecode">test4.ipv6.buetow.org</span>), another reachable only via IPv6 (e.g. <span class="inlinecode">test6.ipv6.buetow.org</span>) and the main one reachable through both protocols (e.g. <span class="inlinecode">ipv6.buetow.org</span>).</p>
<p>I don't have it running on any of my servers at the moment. This means that there is no demo to show now. Sorry!</p>
<h2>List open Jira tickets in the terminal</h2>
<p><span class="inlinecode">japi</span> s a small Perl script for listing open Jira issues. It might be broken by now as the Jira APIs may have changed. Sorry! But feel free to fork and modernize it. :-)</p>
<a class="textlink" href="https://codeberg.org/snonux/jsmstrade">https://codeberg.org/snonux/jsmstrade</a><br />
<p> </p>
<h2>Debian running on "your" Android phone</h2>
<p>Debroid is a tutorial and a set of scripts to install and to run a Debian <span class="inlinecode">chroot</span> on an Android phone.</p>
<a class="textlink" href="https://foo.zone/gemfeed/2015-12-05-run-debian-on-your-phone-with-debroid.html">Check out my previous post about it</a><br />
<p>I am not using Debroid anymore as I have switched to Termux now.</p>
<a class="textlink" href="https://termux.com">https://termux.com</a><br />
<h2>Perl service framework</h2>
<p>PerlDaemon is a minimal daemon for Linux and other Unix like operating systems programmed in Perl. It is a minimal but pretty functional and fairly generic service framework. This means that it does not do anything useful other than providing a framework for starting, stopping, configuring and logging. To do something useful, a module (written in Perl) must be provided.</p>
<a class="textlink" href="https://foo.zone/gemfeed/2011-05-07-perl-daemon-service-framework.html">Checkout my previous post about it</a><br />
<h2>More</h2>
<p>There are more projects on my Codeberg page but they aren't as tiny as the ones mentioned in this post or aren't finished yet so I won't bother listing them here. However, there also a few more scripts used frequently by me (not publicly accessible (yet?)) which I would like to mention here:</p>
<h3>Work time tracker</h3>
<p><span class="inlinecode">worktime.rb</span>, for example, is a command line Ruby script I use to track my time spent working. This is to make sure that I don't overwork (in particular useful when working from home). It also generates some daily and weekly stats and carries over work time (surpluses or minuses) to the next work day, week or even year.</p>
<p>It has some special features such as tracking time for self-improvement/development, days off and time spent at the lunch break and time spent on Pet Projects.</p>
<p>An example weekly report looks like this (I often don't track my lunch time but what I do instead I stop the work timer when I go out for lunch and start the work timer once back at the desk):</p>
<pre>
     Mon 20211213 50: work:5.92h
     Tue 20211214 50: work:7.47h lunch:0.50h pet:0.42h
     Wed 20211215 50: work:8.86h pet:0.50h
     Thu 20211216 50: work:8.02h pet:0.50h
     Fri 20211217 50: work:9.81h
   * Sat 20211218 50: work:0.00h selfdevelopment:1.00h
   * Sun 20211219 50: work:2.08h pet:1.00h selfdevelopment:-2.08h
================================================
 balance:0.06h work:42.15h lunch:0.50h pet:2.42h selfdevelopment:-1.08h buffer:8.38h
</pre><br />
<p>All I do when I start work is to run the <span class="inlinecode">wtlogin</span> command and after finishing work to run the <span class="inlinecode">wtlogout</span> command. My shell will remind me when I work without having logged in. It uses a simple JSON database which is editable with <span class="inlinecode">wtedit</span> (this opens the JSON in Vim). The report shown above can be generated with <span class="inlinecode">wtreport</span>. Any out-of-bounds reporting can be added with the <span class="inlinecode">wtadd</span> command.</p>
<h3>Password and document store</h3>
<p><span class="inlinecode">geheim.rb</span> is my personal password and document store ("geheim" is the German word for secret). It's written in Ruby and heavily relies on Git, FZF (for search), Vim and standard encryption algorithms. Other than the standard <span class="inlinecode">pass</span> Unix password manager, <span class="inlinecode">geheim</span> also encrypts the file names and password titles.</p>
<p>The tool is command line driven but also provides an interactive shell when invoked with <span class="inlinecode">geheim shell</span>. It also works on my Android phone via Termux so I have all my documents and passwords always with me. </p>
<h3>Backup procedure</h3>
<p><span class="inlinecode">backup</span> is a Bash script which does run once daily (or every time on boot) on my home FreeBSD NAS server and performs backup related tasks such as creating a local backup of my remote NextCloud instance, creating encrypted (incremental) ZFS snapshots of everything what's stored on the NAS and synchronizes (via <span class="inlinecode">rsync</span>) backups to a remote cloud storage. It also can synchronize backups to a local external USB drive.</p>
<a class="textlink" href="https://foo.zone/gemfeed/2016-04-03-offsite-backup-with-zfs.html">Check out my offsite backup series</a><br />
<h2>konpeito.media</h2>
<p>Here's a bonus...</p>
<pre>
                                                           ▄ █ ▄  ▄ █ ▄  ▄ █ ▄
                                                           ▄▀█▀▄  ▄▀█▀▄  ▄▀█▀▄
  ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄                                            ▀      ▀      ▀
 █   ▄▄     ▄▄   █
 █  █  █▀▀▀█  █  █  █   ▄▀  ▄▀▀▀▀▄  █▄    █ █▀▀▀▀▀▄  ▄▀▀▀▀▄  █ ▀▀▀█▀▀▀ ▄▀▀▀▀▄
 █   ▀▀▀▀▀▀▀▀▀   █  █ ▄█   █      █ █ ▀▄  █ █▄▄▄▄▄▀ █▄▄▄▄▄▄█ █    █   █      █
 █ ▄▀▀▀▀▀▀▀▀▀▀▀▄ █  █▀  ▀▄ ▀▄    ▄▀ █   ▀▄█ █       ▀▄    ▄  █    █   ▀▄    ▄▀
 ▀▄█▄█▄▄▄▄▄▄▄█▄█▄▀  ▀     ▀  ▀▀▀▀   ▀     ▀ ▀         ▀▀▀▀   ▀    ▀     ▀▀▀
</pre><br />
<p>*THIS ISN'T MY PROJECT* but I found KONPEITO an interesting Gemini capsule. It's a quarterly released Low-Fi music mix tape distributed only through Gemini (and not the web). </p>
<a class="textlink" href="gemini://konpeito.media">gemini://konpeito.media</a><br />
<p>If you wonder what Gemini is:</p>
<a class="textlink" href="https://foo.zone/gemfeed/2021-04-24-welcome-to-the-geminispace.html">Welcome to the Geminispae</a><br />
<p>E-Mail your comments to hi@paul.cyou :-)</p>
            </div>
        </content>
    </entry>
    <entry>
        <title>Perl is still a great choice</title>
        <link href="gemini://foo.zone/gemfeed/2022-05-27-perl-is-still-a-great-choice.gmi" />
        <id>gemini://foo.zone/gemfeed/2022-05-27-perl-is-still-a-great-choice.gmi</id>
        <updated>2022-05-27T17:13:52+03:00</updated>
        <author>
            <name>Paul C. Buetow</name>
            <email>comments@mx.buetow.org</email>
        </author>
        <summary>Perl (the Practical Extraction and Report Language) is a battle-tested, mature, multi-paradigm dynamic programming language. Note that it's not called PERL, neither P.E.R.L. nor Pearl. 'Perl' is the name of the language and  the name of the interpreter or the interpreter command.. .....to read on please visit my site.</summary>
        <content type="xhtml">
            <div xmlns="http://www.w3.org/1999/xhtml">
                <h1>Perl is still a great choice</h1>
<p class="quote"><i>Author: Paul; Published: 2022-05-27T07:50:12+01:00; Updated: 2023-01-28</i></p>
<a href="https://foo.zone/gemfeed/2022-05-27-perl-is-still-a-great-choice/regular_expressions.png"><img alt="Comic source: XKCD" title="Comic source: XKCD" src="https://foo.zone/gemfeed/2022-05-27-perl-is-still-a-great-choice/regular_expressions.png" /></a><br />
<p>Perl (the Practical Extraction and Report Language) is a battle-tested, mature, multi-paradigm dynamic programming language. Note that it's not called PERL, neither P.E.R.L. nor Pearl. "Perl" is the name of the language and <span class="inlinecode">perl</span> the name of the interpreter or the interpreter command.</p>
<p>Unfortunately (it makes me sad), Perl's popularity has been declining over the last years as Google trends shows:</p>
<a href="https://foo.zone/gemfeed/2022-05-27-perl-is-still-a-great-choice/googletrendsperl.jpg"><img src="https://foo.zone/gemfeed/2022-05-27-perl-is-still-a-great-choice/googletrendsperl.jpg" /></a><br />
<p>So why is that? Once the de-facto standard super-glue language for the web nowadays seems to have a bad reputation. Often, people state:</p>
<ul>
<li>Perl is a write-only language. Nobody can read Perl code.</li>
<li>Perl? Isn't it abandoned? It's still at version 5!</li>
<li>Why use Perl as there are better alternatives?</li>
<li>Why all the sigils? It looks like an exploding ASCII factory!!</li>
</ul>
<h2>Write-only language</h2>
<p>Is Perl really a write-only language? You have to understand that Perl 5 was released in 1994 (28 years ago as of this writing) and when we refer to Perl we usually mean Perl 5. That's many years, and there are many old scripts not following the modern Perl best practices (as they didn't exist yet). So yes, legacy scripts may be difficult to read. Japanese may be difficult to read too if you don't know Japanese, though.</p>
<p>To come back to the question: Is Perl a write-only language? I don't think so. Like in any other language, you have to apply best practices in order to keep your code maintainable. Some other programming languages enforce best practices, but that makes these languages less expressive. Perl follows the principles "there is more than one way to do it" (aka TIMTOWDI) and "making easy things easy and hard things possible".</p>
<p>Perl gives the programmer more flexibility in how to do things, and this results in a stronger learning curve than for lesser expressive languages like for example Go or Python. But, like in everything in life, common sense has to be applied. You should not take TIMTOWDI to the extreme in a production piece of code. In my personal opinion, it is also more satisfying to program in an expressive language.</p>
<p>Some good books on "good" Perl I can recommend are:</p>
<a class="textlink" href="http://modernperlbooks.com">Modern Perl</a><br />
<a class="textlink" href="https://hop.perl.plover.com">Higher Order Perl</a><br />
<p>Due to Perl's expressiveness you will find a lot of obscure code in the interweb in form of obfuscation, fancy email signatures (JAPHs), art, polyglots and even poetry in Perl syntax. But that's not what you will find in production code. That's only people having fun with the language which is different to "getting things done". The expressiveness is a bonus. It makes the Perl programmers love Perl.</p>
<a class="textlink" href="https://en.wikipedia.org/wiki/Just_another_Perl_hacker">JAPH</a><br />
<a class="textlink" href="http://www.cpan.org/misc/japh">http://www.cpan.org/misc/japh</a><br />
<a class="textlink" href="https://www.perlmonks.org/index.pl?next=20;node_id=1590">Perl Poetry</a><br />
<p>Even I personally have written some poetry in Perl and experimented with a polyglot script:</p>
<a class="textlink" href="https://foo.zone/gemfeed/2008-06-26-perl-poetry.html">My very own Perl Poetry</a><br />
<a class="textlink" href="https://foo.zone/gemfeed/2014-03-24-the-fibonacci.pl.c-polyglot.html">A Perl-Raku-C polyglot generating the Fibonacci sequence</a><br />
<p>This all doesn't mean that you can't "get things done" with Perl. Quite the opposite is the case. Perl is a very pragmatic programming language and is suitable very well for rapid prototyping and any kind of small to medium-sized scripts and programs. You can write large enterprise scale application in Perl too, but that wasn't the original intend of why Perl was invented (more on that later).</p>
<h2>Is Perl abandoned?</h2>
<p>As I pointed out in the previous section, Perl 5 is around for quite some time without any new major version released. This can lead to the impression that development is not progressing and that the project is abandoned. Nothing can be further from the truth. Perl 5.000 was released in 1994 and the latest version (as of this writing) Perl 5.34.1 was released two months ago in 2022. You can check the version history on Wikipedia. You will notice releases being made regularly:</p>
<a class="textlink" href="https://en.wikipedia.org/wiki/Perl_5_version_history">Perl 5 version history</a><br />
<p>As you can see, Perl 5 is under active development. I can also recommend to have a look at the following book, it summarizes all new Perl features which showed up after Perl v5.10:</p>
<a class="textlink" href="https://perlschool.com/books/perl-new-features/">Perl New Features by Joshua McAdams and brian d foy</a><br />
<p>Actually, Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages. "Perl" refers to Perl 5, but from 2000 to 2019 it also referred to its redesigned "sister language", Perl 6, before the latter's name was officially changed to Raku in October 2019 as the differences between Perl 5 and Perl 6 were too groundbreaking. Raku would be a different topic (mostly out of scope of this blog article) but I at least wanted it to mention here. In my opinion, Raku is the "most powerful" programming language out there (I recently started learning it and intend to use it for some of my future personal programming projects):</p>
<a class="textlink" href="https://raku.org">The Raku Programming Language</a><br />
<p>So it means that Perl and Raku now exist in parallel. They influence each other, but are different programming languages now. So why not just all use Raku instead of Perl? There are still a couple of reasons of why to choose Perl over Raku:</p>
<ul>
<li>Many programmers already know Perl and many scripts are already written in Perl. It's possible to call Perl code from Raku (either inline or as a library) and it is also possible to auto-convert Perl code into Raku code, but that's either a workaround or involves some kind of additional work.</li>
<li>Perl 5 comes with a great backwards compatibility. Perl scripts from 5.000 will generally still work on a recent version of Perl. New features usually have to be enabled via a so-called "use pragmas". For example, in order to enable sub signatures, <span class="inlinecode">use signatures;</span> has to be specified.</li>
<li>Perl is pre-installed almost everywhere. Fancy running a quick one-off script? In almost all cases, there's no need to install Perl first - it's already there on almost any Linux or *BSD or Unix or other Unix like operating system!</li>
<li>Perl has been ported to "zillions" of platforms. One day I found myself on a VMS box. Perl doesn't come installed by default on VMS, but the admin installed Perl there already. The whole operating system was very strange to me, but I was able to write "shell scripts" in Perl and became productive pretty quickly on VMS without knowing almost anything about VMS :-).</li>
<li>Perl is reliable. It has been proven itself "millions" of times, over and over again. Large enterprises, such as booking.com, heavily rely on Perl. Did you know that the package manager of the OpenBSD operating system is programmed in Perl, too?</li>
<li>Perl is a great language to program in (given that you follow the modern best practices). Don't get confused when Perl is doing some things differently than other programming languages.</li>
</ul>
<a class="textlink" href="https://perldoc.perl.org/feature">Perl feature pragmas</a><br />
<a class="textlink" href="https://www.OpenBSD.org">The OpenBSD Operating System</a><br />
<a class="textlink" href="https://news.ycombinator.com/item?id=23360338">Why does OpenBSD still include Perl in its base installation?</a><br />
<p>The renaming of Perl 6 to Raku has now opened the door for a future Perl 7. As far as I understand, Perl 7 will be Perl 5 but with modern features enabled by default (e.g. pragmas <span class="inlinecode">use strict;</span>,  <span class="inlinecode">use warnings;</span>, <span class="inlinecode">use signatures;</span> and so on. Also, the hope is that a Perl 7 with modern standards will attract more beginners. There aren't many Perl jobs out there nowadays. That's mostly due to Perl's bad (bad for no real reasons) reputation.</p>
<p class="quote"><i>Update 2022-12-10: A reader pointed out, that <span class="inlinecode">use v5.36;</span> already turns strict, warnings and signatures pragmas automatically on! </i></p>
<a class="textlink" href="https://www.perl.com/article/announcing-perl-7/">Announcing Perl 7</a><br />
<a class="textlink" href="http://blogs.perl.org/users/psc/2022/05/what-happened-to-perl-7.html">What happened to Perl 7? (maybe have to use <span class="inlinecode">use v7;</span>)</a><br />
<p class="quote"><i>Update 2022-12-10: A reader pointed out, that Perl 7 needs to provide a big improvement to earn and keep the attention for a major version bump.</i></p>
<p class="quote"><i>Update 2023-01-28: Meanwhile, I was also reading brian d foy's Perl New Feature book. It nicely presents all new features added to Perl since <span class="inlinecode">v5.10</span>.</i></p>
<a class="textlink" href="https://www.leanpub.com/perl_new_features">Perl New Features</a><br />
<h2>Why use Perl as there are better alternatives?</h2>
<p>Here, common sense must be applied. I don't believe there is anything like "the perfect" programming language. Everyone has got his preferred (or a set of preferred) programming language to chose from. All programming languages come with their own set of strengths and weaknesses. These are the strengths making Perl shine, and you (technically) don't need to bother to look for "better" alternatives:</p>
<ul>
<li>Perl is better than Shell/AWK/SED scripts. There's a point where shell scripts become fairly complex. The next step-up is to switch to Perl. There are many different versions of shells and AWK and SED interpreters. Do you always know which versions (<span class="inlinecode">mawk</span>, <span class="inlinecode">nawk</span>, <span class="inlinecode">gawk</span>, <span class="inlinecode">sed</span>, <span class="inlinecode">gsed</span>, <span class="inlinecode">grep</span>, <span class="inlinecode">ggrep</span>...) are currently installed? These commands aren't fully compatible to each other. However, there is only one Perl 5. Simply: Perl is faster, more powerful, more expressive than any shell script can ever be, and it is also extendible through CPAN. Perl can directly talk to databases, which shell scripts can't.</li>
<li>Perl code tends to be compact so that it's much better suitable for "shell scripting" and quick "one-liners" than other languages. In my own experience: Ruby and Python code tends to blow up quickly. It doesn't mean that Ruby and Python are not suitable for this task, but I think Perl does much better.</li>
<li>Perl 5 has proven itself for decades and is a very stable/robust language. It is a battle-tested and mature as something can ever become.</li>
<li>Perl is the reference standard for regular expressions. Even so much that there is a PCRE library (Perl Compatible Regular Expressions) used by many other languages now. Perl fully integrates regular expression syntax into the language, which doesn't feel like an odd add-on like in most other languages.</li>
<li>Perl 5 is the master of text processing (well, maybe after Raku now. But you might not have the latest Raku available everywhere). The chief objective of developing the language was for text processing, and this is where Perl (Practical extraction and report language) really shines.</li>
<li>Perl is a "deep" language. That means Perl got a lot of features and syntactic sugar and magic. Depending on the perspective, this could be interpreted as a downside too. But IMHO mastery of a "deep" language brings big rewards. The code can be very compact, and it is fun to code in it.</li>
<li>Perl is the only language I know which can do "taint checking". Running a script in taint mode makes Perl sanitize all external input and that's a great security feature. Ruby used to have this feature too, but it got removed (as I understand there were some problems with the implementation not completely safe and it was easier just to remove it from the language than to fix it).</li>
</ul>
<p>About the first point, using Perl for better "shell" scripts was actually the original intend of why Perl was invented in the first place.</p>
<a class="textlink" href="https://nostarch.com/perloneliners">Perl one-liners</a><br />
<a class="textlink" href="http://regex.info/book.html">Mastering Regular Expressions</a><br />
<a class="textlink" href="https://en.wikipedia.org/wiki/Taint_checking">Taint checking</a><br />
<p>Here are some reasons why not to chose Perl and look for "better" alternatives:</p>
<ul>
<li>If performance is your main objectives, then Perl might not be the language to use. Perl is a dynamic interpreted language, and it will generally never be as fast as statically typed languages compiled to native binaries (e.g. C/C++/Rust/Haskell) or statically typed languages run in a VM with JIT (e.g. Java) or gradually typed languages run in a VM (e.g. Raku) or languages like Golang (statically typed, compiled to a binary but still with a runtime in the binary). Perl might be still faster than the other language listed here in certain circumstances (e.g. faster startup time than Java or faster regular expressions engine), but usually it's not. It's not a problem of Perl, it's a problem of all dynamic scripting languages including Python, Ruby, ....</li>
<li>Don't use Perl (just yet) if you want to code object-oriented. Perl supports OOP, but it feels clunky and odd to use (blessed references to any data types are objects) and doesn't support real encapsulation out of the box. There are many (many) extensions available on CPAN to make OOP better, but that's totally fragmented. The most popular extension, Moose, comes with a huge dependency tree. But wait for Perl 7. It will maybe come with a new object system (an object system inspired by Raku).</li>
<li>It's possible to write large programs in Perl (make difficult things possible), but it might not be the best choice here. This also leads back to the clunky object system Perl has. You could write your projects in a procedural or functional style (Perl perfectly fits here), but OOP seems to be the gold standard for large projects nowadays. Functional programming requires a different mindset, and pure procedural programming lacks abstractions.</li>
<li>Apply common sense. What is the skill set your team has? What's already widely used and supported at work? Which languages comes with the best modules for the things you want to work on? Maybe Python is the answer (better machine learning modules). Maybe Perl is the better choice (better Bioinformatic modules). Perhaps Ruby is already the de-facto standard at work and everyone knows at least a little Ruby (as it happened to be at my workplace) and Ruby is "good enough" for all the tasks already. But that's not a hindrance to throw in a Perl one-liner once in a while :P.</li>
</ul>
<a class="textlink" href="https://github.com/Ovid/Cor">Cor - Bringing modern OOP to the Perl Core</a><br />
<h2>Why all the sigils? It looks like an exploding ASCII factory!!</h2>
<p>The sigils <span class="inlinecode">$ @ % &amp;</span> (where Perl is famously known for) serve a purpose. They seem confusing at first, but they actually make the code better readable. <span class="inlinecode">$scalar</span> is a scalar variable (holding a single value), <span class="inlinecode">@array</span> is an array (holding a list of values), <span class="inlinecode">%hash</span> holds a list of key-value pairs and <span class="inlinecode">&amp;sub</span> is for subroutines. A given variable <span class="inlinecode">$ref</span> can also hold reference to something. <span class="inlinecode">@$arrayref</span> dereferences a reference to an array, <span class="inlinecode">%$hashref</span> to a hash, <span class="inlinecode">$$scalarref</span> to a scalar, <span class="inlinecode">&amp;$subref</span> dereferences a referene to a subroutine, etc. That can be encapsulated as deep as you want. (This paragraph only scratched the surface here of what Perl can do, and there is a lot of syntactic sugar not mentioned here).</p>
<p>In most other programming languages, you won't know instantly what's the "basic type" of a given variable without looking at the variable declaration or the variable name (If named intelligently, e.g. a variable name containing a list of cats is <span class="inlinecode">cat_list</span>). Even Ruby makes some use of sigils (<span class="inlinecode">@</span>, <span class="inlinecode">@@</span> and <span class="inlinecode">$</span>), but that's for a different purpose than in Perl (in Ruby it is about object scope, class scope and global scope). Raku uses all the sigils Perl uses plus an additional bunch of twigils, e.g. <span class="inlinecode">$.foo</span> for a scalar object variable with public accessors, <span class="inlinecode">$!foo</span> for a private scalar object variable, <span class="inlinecode">@.foo</span>, <span class="inlinecode">@!foo</span>, <span class="inlinecode">%.foo</span>, <span class="inlinecode">%!foo</span> and so on. Sigils (and twigils) are very convenient once you get used to them. Don't let them scare you off - they are there to help you!</p>
<a class="textlink" href="https://www.perl.com/article/on-sigils/">https://www.perl.com/article/on-sigils/</a><br />
<h2>Where do I personally still use perl?</h2>
<ul>
<li>I use Rexify for my OpenBSD server automation. Rexify is a configuration management system developed in Perl with similar features to Ansible but less bloated. It suits my personal needs perfectly.</li>
<li>I have written a couple of smaller to medium-sized Perl scripts which I (mostly) still use regularly. You can find them on my Codeberg page.</li>
<li>My day-to-day workflow heavily relies on "ack-grep". Ack is a tool developed in Perl aimed at programmers and can be used for quick searches on source code at the command line.</li>
<li>I aim to leave my OpenBSD servers as "vanilla" as possible (trying to rely only on the standard/base installation without installing additional software from the packaging system or ports tree). All my scripts are written either Bourne shell or in Perl here. So there is no need to install additional interpreters.</li>
<li>Here and there, I drop a Perl one-liner in order to get stuff done (work and personally). A wise Perl Monk would say: "One one-liner a day keeps the troubles away".</li>
</ul>
<p>Btw.: Did you know that the first version of PHP was a set of Perl snippets? Only later, PHP became an independent programming language.</p>
<a class="textlink" href="https://www.perl.org">https://www.perl.org</a><br />
<p class="quote"><i>Update 2022-12-17: The following is another related post. I don't agree to the statement made there, that Python code tends to be shorter than Perl code, though!</i></p>
<a class="textlink" href="https://stackoverflow.blog/2022/07/06/why-perl-is-still-relevant-in-2022/">Why Perl is still relevant in 2022</a><br />
<p>E-Mail your comments to hi@paul.cyou :-)</p>
            </div>
        </content>
    </entry>
</feed>