Notes April to June 2026
Published June 01, 2026 • Updated June 07, 2026
Github Pages
getting familiar with github pages
https://docs.github.com/en/pages
created this blog
read up on creative commons license
https://creativecommons.org/licenses/
blog and github profile updated
adding some features to blog
search - done
rss feed - done
pagination - done
giscus comments - maybe later
reviewing https://xmonader.github.io/nimdays/day12_resp.html
this is mostly a nim tutorial - day 1 demidecode parser
man dmidecode - interesting tool, shame its output is "unreliable"
sudo dmidecode -q
installed a fedora 43 vm with kde
going to use this for trying nim code
sudo dnf group install c-development development-tools
curl https://nim-lang.org/choosenim/init.sh -sSf | sh
(optional) sudo dnf install --nogpgcheck --repofrompath '
terra,https://repos.fyralabs.com/terra$releasever' terra-release
sudo dnf install file-devel
nim c -r main.nim
opentofu - an open source alternative to terraform (which was open source until 2023)
https://github.com/opentofu/opentofu
iac templates for azure
https://github.com/infra-at-scale/organization-template
setup scrcpy
https://github.com/genymobile/scrcpy
trying nim
published my first nim program, more to follow
https://github.com/dofahy/nim-explore
getting kate setup for nim
enabled plugins
nimble install nimlsp
nimble install nph
run formatting in cli
kate defaults to python indentation for nim
change to none
settings > editing > indentation - set none and untick auto detect
formatting in kate
create external tool
Name: Format Nim
Exec: nph
Args: %{Document:FileName}
create shortcut for tool
ctrl+alt+f
add markdown preview to kate
sudo apt install markdownpart
bencode (bee-encode)
the encoding use by torrent files as part of bittorrent spec
https://en.wikipedia.org/wiki/Bencode
integers, byte strings, lists and dictionaries
a couple drawbacks:
not human-readable encoding format. values often contain binary data,
so decoding by hand may be error prone. a hex editor or bencode editor is needed.
does not store any metadata about the size of list or dictionary,
requiring all elements to be read sequentially. not be suitable for
large data where random access is required.
nim - parsing bencode
create nim-bencode, a library to encode/decode bencode torrent files
pushed code for nim-bencode
can create more tests and improve bencode.nim to be closer to spec
encoding and decoding are not robust
pushed code for nim-dmidecode
nim c main.nim
sudo dmidecode > dmi.txt
./main dmi.txt
output
Physical Memory Array => 6
End Of Table => 0
System Information => 8
Processor Information => 22
System Boot Information => 1
Memory Array Mapped Address => 5
Chassis Information => 15
Memory Device => 21
BIOS Information => 10
pushed code for nim-linkschecker
a simple http utility using sequential or async
installed markdown preview for kate
https://apps.kde.org/markdownpart/
viewing debian iputils package
https://salsa.debian.org/debian/iputils/-/tree/master/ping?ref_type=heads
came across sourcehut, a lightweight alternative to github
https://sourcehut.org/
https://news.ycombinator.com/item?id=33607098
nim has a robust config file parser module parsecfg
https://nim-lang.org/docs/parsecfg.html
https://github.com/nim-lang/Nim/blob/devel/lib/pure/parsecfg.nim
created a smaller version that works on an ini file taken from wiki's ini article
https://en.wikipedia.org/wiki/INI_file
pushed code for nim-configparser
pushed code for nim-urlshort
a simple url shortener
curl -X POST http://localhost:5000/short -H "Content-Type: application/json" -d '{"url":"example.com"}'
{"id":"tzjgq"}
mythos model
SANS NewsBites email
discussions on soon to be released mythos model - powerful but high token cost
watched dave's take on mythos
https://www.youtube.com/watch?v=vELETrEp27k
concern over malicious use - "offence moves at machine
speed while defence moves at corporate speed"
cybersecurity areas that are now more important - asset inventory,
patch discipline, logging, lease privilege, dependency hygiene
and supply chain security."
irishvpn dev
installed mailpit
sudo sh < <(curl -sL https://raw.githubusercontent.com/axllent/mailpit/develop/install.sh)
installed stripe-cli
https://github.com/stripe/stripe-cli/releases
stripe login
if using gpg signing
gpg --full-generate-key
auth is good for 90 days
setup mariadb-10.11.16
used sdkman to get java 21
installed latest nvm and node
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.4/install.sh | bash
fixed bug in temp password generation
code did not gaurantee at least one letter, number and special
python interview prep
revise relevant topics for interview
python, azure, saas, devops ci/cd, linux, postgresql, sqlalchemy
webapp/api for authenticated to access content
authentication for api
api keys
basic auth with https
bearer token (jwt)
oauth
digest authentication
hmac
api vulnerabilities
private resource leak
predictable serial number attack
session hijacking
python questions
meta class
decorators
dataclass
horizontal inheritance
https://www.geeksforgeeks.org/python/multiple-inheritance-in-python/
list comprehension
generator function
https://www.geeksforgeeks.org/python/generators-in-python/
context manager
https://www.geeksforgeeks.org/python/context-manager-in-python/
concurrency
threads
asyncio
the threads within each python process cannot truly run in parallel
for parallelism you have to create multiple processes
multiprocessing module
containers
sockets
queues
regulations api
installed latest postgresql
/postgresql-18.3/bin/initdb -D ~/databases/data/pg18.3-casino-reg-ie --encoding=UTF8 --locale=en_IE.UTF-8
pushed code for regulations app
working example for basic post and get
can refactor main.py to fill in the be
added helpers to the casino regulations api
commit checks
test coverage
ruff - linting and formatting
coverage in README is static
can make it dynamic (later)
codecov.io
need to use --no-verify until the imports are sorted
need to use underscores for python and postgres
dashes cause issues but they are only needed for
the apps name and cmd line starting
everywhere else in code should be underscores
desktop froze twice - gpu gtx 1070 issue - driver (nvidia 580.126.09) or wayland
audio was still playing
alt+prt screen+b to force reboot
see if it goes away with x11
sudo apt install plasma-session-x11
added logging, can switch to json format when needed
toggle sqlalchemy
network changes and kate support
made network changes
removed ISP device. it is not needed
set owned device to PPPoE
vodafone@vodafone.ie
broadband
set vlan 10
speeds tests are similar but stability has noticeably improved
added additional support in kate
https://github.com/python-lsp/python-lsp-server
pip install python-lsp-server
https://github.com/redhat-developer/yaml-language-server
npm install -g yaml-language-server
yaml-language-server --version => 1.22.0
https://github.com/artempyanykh/marksman
mv marksman-linux-x64 ~/.local/bin/marksman
chmod +x ~/.local/bin/marksman
echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.bashrc
source ~/.bashrc
marksman --version => release 2026-02-08
Also, Tools > Spelling > Auto spell check
matrix protocol and sqlalchemy
matrix protocol
https://en.wikipedia.org/wiki/Matrix_(protocol)
A communications protocol that can bridge instant messaging apps into a single app.
The messaging app developed by the matrix team is called Element.
gerrit - free web-based team code collaboration tool.
renamed app to regulate-ie
created github action for a production ci workflow
may use poetry
can install with pipx
reading docs for version 2
https://docs.sqlalchemy.org/en/20/tutorial/dbapi_transactions.html
pip, fortune and rogue
Went with pip-tools instead of poetry
note on poetry setup:
sudo apt install pipx
pipx install poetry
pipx upgrade poetry
poetry completions bash >> ~/.bash_completion
generate a project -> poetry init
sudo apt install fortunes
pipx install cowsay -> v6.1 original is 1999 perl program
(https://github.com/VaasuDevanS/cowsay-python)
cowsay -t "$(fortune)" -c "tux"
pip-tools -> https://pypi.org/project/pip-tools/
can install it in project venv or using pipx
pip install pip-tools
pip-compile --version
pip-compile, version 7.5.3
pip-compile -o requirements.txt pyproject.toml --strip-extras
pip-compile --extra dev -o requirements-dev.txt pyproject.toml --strip-extras
1980 text game
https://en.wikipedia.org/wiki/Rogue_(video_game)
https://en.wikipedia.org/wiki/Roguelike
openwrt router
firmware version: OpenWrt 21.02
kernel version: 5.4.238
OpenWrt - Linux operating system targeting embedded devices
https://openwrt.org/
LuCI - OpenWrt Configuration Interface
https://github.com/openwrt/luci/wiki/
ddns config
https://openwrt.org/docs/guide-user/services/ddns/client
to configure ddns
from router home page go to LuCI
click System > software
update list
filter for ddns
install ddns-scripts and luci-app-ddns
optional wget-ssl and ca-certificates, or curl and ca-bundle for SSL
ddns-scripts-noip ddns-scripts-cloudflare
full reload page
go to services > ddns
delete defaults
add new connections
ca cert path -> /etc/ssl/certs
for cloudflare the username is Bearer and pw is api key
logs are auto truncated
create backup of current config
system > backup > generate archive
setup ssh key only from lan
use vpn to lan
ash
https://en.wikipedia.org/wiki/Almquist_shell
opkg
https://openwrt.org/docs/guide-user/additional-software/opkg
created layer 3 segmentation
the web server is on its own network
it can be accessed from the management network
the firewall restricts it to reject input and forward
custom input for dhcp and dns
port forwarding setup
updating dependencies and depracted code
mvn dependency:tree
mvn versions:display-dependency-updates
in addition to stable release this also shows candidate, milestone, snapshot, beta, alpha versions
only go with stable or milestone for production
This is too heavy but could run it as part of CI
https://dependency-check.github.io/DependencyCheck/dependency-check-maven/index.html
pom.xml updated with
org.springframework.boot
version 3.5.13
jsonwebtoken
https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-api
latest 0.13.0
stripe 32.0.0
reverted to 30 as major version upgrade introduced breaking changes in
how objects are deserialized or how the Session object is constructed.
updating jjwt depracted code
https://github.com/jwtk/jjwt#installation
https://javadoc.io/doc/io.jsonwebtoken/jjwt-api/latest/io/jsonwebtoken/package-summary.html
the JwtService class now has cleaner and more readable code.
added issuer validation
The "iss" (issuer) claim identifies the principal that issued the
JWT. The processing of this claim is generally application specific.
The "iss" value is a case-sensitive string containing a StringOrURI
value. Use of this claim is OPTIONAL.
https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1.1
netbeans and dependency artifacts
netbeans has an option to auto download the source and javadoc for dependencies.
however this can cause slow startup times.
better to use maven
mvn dependency:sources
mvn dependency:resolve -Dclassifier=javadoc
they are needed for IDE features like code navigation, refactoring, and doc lookup.
network tester and KVM
network tester
Bufferbloat and Internet Speed Test
https://www.waveform.com/tools/bufferbloat
shopping list
Remote KVM
https://www.gl-inet.com/campaign/kvm/
kde tips
can copy the clock in plasma to get a timestamp, useful for jekyll date requirements.
setting up local build system
setting up a local build system
https://about.gitea.com/
https://github.com/go-gitea/gitea
can set up so that i push to it and github
it will run tests and local repo
github will just store private for remote acccess and as backup
it's also called a forge
https://en.wikipedia.org/wiki/Forge_(software)
setting up a forgejo system
using a pi 5 as a prototype
writing iac instructions as project progresses
using:
podman
cockpit, cockipit-podman
forgejo, forgejo-runner
postgres
caddy
the container files specify config to run as systemd services
systemd manages lifecycle/restarts
podman exec for entering and running commands inside
folders on the host persist and provide access to pod data
like
mkdir -p /srv/forge/data/caddy/{config,data,site}
creating a rootful version first then try rootless.
caddy
https://en.wikipedia.org/wiki/Caddy_(web_server)
setup involved making a container, creating a Caddyfile and copying the cert to client
devices then importing the authority cert in browser.
result is i can navigate to forge.home.arpa with no browser warnings.
pi EEPROM
https://en.wikipedia.org/wiki/EEPROM
electrically erasable programmable read-only memory is a type of non-volatile memory.
It is used in computers, usually integrated in microcontrollers such as smart cards
and remote keyless systems, or as a separate chip device, to store relatively small
amounts of data by allowing individual bytes to be erased and reprogrammed.
Raspberry Pi EEPROM stores critical bootloader firmware on Pi 4/5 models, non-volatilely
maintaining data without power.
https://github.com/raspberrypi/rpi-eeprom
sudo rpi-eeprom-update -a
ubuntu 26.04
steps to update
logout
ctrl+alt+f3
sudo systemctl stop sddm
cp .config backup-config
rm -r .config
sudo do-release-upgrade
follow prompts
reboot
restore any config
clean up any startup services
systemd-analyze blame
sudo systemctl disable NetworkManager-wait-online.service
sudo systemctl disable qemu-kvm.service
add to nextcloud service
[Service]
ExecStartPre=/bin/sleep 5
systemctl --user daemon-reload
systemctl --user restart com.nextcloud.desktopclient.nextcloud.servic