hallettj

joined 8 months ago
[–] [email protected] 3 points 5 days ago

I was reading this thread thinking, "this isn't the time to recommend NixOS that's not what OP asked about." But if you're using Ansible this way NixOS might be a good fit for you. It's got the advantages of the other immutable distros with the added feature of managing everything through a declarative configuration.

[–] [email protected] 2 points 1 week ago

4k for me since my primary use case is programming, and I want to be able to get a lot of sharply-rendered text on the screen at once. I managed to get a 2160 ultrawide that does 72 Hz at least. But I do miss 120 Hz.

[–] [email protected] 5 points 2 weeks ago

For TNG I'd suggest Identity Crisis. That one freaked me out more than any Trek I can recall.

[–] [email protected] 2 points 3 weeks ago
14
submitted 3 weeks ago* (last edited 3 weeks ago) by [email protected] to c/[email protected]
 

Some app launchers these days run each app in a new systemd scope, which puts the app process and any child processes into their own cgroup. For example I use rofi which does this, and I noticed that fuzzel does also. That is handy for tracking and cleaning up child processes!

You can see how processes are organized by running,

$ systemctl --user status

I think that's a quite useful way to see processes organized. Looking at it I noticed a couple of scopes that shouldn't still be running.

Just for fun I wanted to use this to try to script a better killall. For example if I run $ killscope slack I want the script to:

  1. find processes with the name "slack"
  2. find the names of the systemd scopes that own those processes (for example, app-niri-rofi-2594858.scope)
  3. kill processes in each scope with a command like, systemctl --user stop app-niri-rofi-2594858.scope

Step 2 turned out to be harder than I liked. Does anyone know of an easy way to do this? Ideally I'd like a list of all scopes with information for all child processes in JSON or another machine-readable format.

systemctl --user status gives me all of the information I want, listing each scope with the command for each process under it. But it is not structured in an easily machine-readable format. Adding --output json does nothing.

systemd-cgls shows the same cgroup information that is shown in systemctl --user status. But again, I don't see an option for machine-readable output.

systemd-cgtop is interesting, bot not relevant.

Anyway, I got something working by falling back on the classic commands. ps can show the cgroup for each process:

$  ps x --format comm=,cgroup= | grep '^slack\b'
slack           0::/user.slice/user-1000.slice/[email protected]/app.slice/app-niri-rofi-2594858.scope
slack           0::/user.slice/user-1000.slice/[email protected]/app.slice/app-niri-rofi-2594858.scope
slack           0::/user.slice/user-1000.slice/[email protected]/app.slice/app-niri-rofi-2594858.scope
...

The last path element of the cgroup happens to be the scope name. That can be extracted with awk -F/ '{print $NF}' Then unique scope names can be fed to xargs. Here is a shell function that puts everything together:

function killscope() {
    local name="$1"
    ps x --format comm=,cgroup= \
        | grep "^$name\b" \
        | awk -F/ '{print $NF}' \
        | sort | uniq \
        | xargs -r systemctl --user stop
}

It could be better, and it might be a little dangerous. But it works!

[–] [email protected] 5 points 3 weeks ago (3 children)

I'd rather listen to Raditude than Pinkerton...

[–] [email protected] 5 points 3 weeks ago (1 children)

I lived in Grenada for a couple of years. It's a chill, safe place. I had my family there and we always felt safe, as long as we kept an eye out for speeding buses when crossing the street. It certainly checks the boxes you specified. Night life is limited. I'm planning to go back for a vacation in February.

As I recall there is a time of year that gets very windy. I think that's in winter, but my memory is fuzzy. The internet says February is the windiest, and that matches some of my memories. In any case it's always warm. I wouldn't worry about rain. That's tapered off by December. If it does rain it's a warm rain, and it's likely to come in short showers so I don't think you'd be stuck inside all day.

If you want to be in walking distance to amenities I'd recommend staying near Grand Anse. You can also get public buses there. (They are actually vans.) There are resorts close to the airport, but in those places you'd be dependent on taxis to get away from the resort - which might be fine if you want to be somewhere quieter.

[–] [email protected] 3 points 1 month ago

When I researched this previously I concluded that there are two very good options for regular backups: Borg and Restic. These are especially efficient at backing up a diff of what has changed since the last backup. So you get snapshots of your filesystem state at each backup point without using a huge amount of space. You can mount any snapshot as a virtual directory. After the initial backup, incremental backups take a minute or two.

I use Borg, and I back up to cloud storage on Borgbase. I use Vorta as a GUI for Borg. I have Vorta start automatically when I start my window manager, and I have it set up for daily backups. I set up the same thing on my kid's computer.

I back up my home directory. I have some excluded directories like ~/.cache, and Steam's data directory. I use Baobab to find large directories that I don't want backed up.

I use the "exclude caches" option in the Borg "create archive" settings. That automatically excludes Rust target/ directories because they follow the Cache Directory Tagging Specification. Not all programming languages' tooling follows that spec so I also use directory name pattern excludes. For example I have an exclude pattern for .*/node_modules/.*

I use NixOS, and I keep my system config in a git repo so I don't need backups for anything outside my home directory.

[–] [email protected] 16 points 1 month ago (1 children)

What I'm hearing is shepherds' pie, but spherical

[–] [email protected] 1 points 1 month ago

I made a rendering of a lighthouse on the Dark Ocean in 3D Studio Max. Or I guess it would be better called a darkhouse. Unfortunately that image is lost to time.

[–] [email protected] 9 points 1 month ago (2 children)

I enjoyed Digimon as a teenager. I never got any cards. However I did make a liiiittle fan art.

[–] [email protected] 2 points 1 month ago

I thought so too, but my wife said, "Nope nope nope"

 

I installed StarCraft: Mass Recall which is an impressive project that recreates the original StarCraft and Brood War campaigns in StarCraft 2. Everything works except that the cinematics and some of the game assets are flat, blank red. For example some of the video portraits in the briefing rooms display correctly, but Mengsk is a solid red square. In the first mission Raynor's vulture is flat red while everything else looks correct. Sound works correctly including in cinematics.

The game assets aren't a huge deal, but the cinematics are a big part of the reason for playing these campaigns IMO.

I've tried everything I can think of. I tried some different Wine runners. I tried disabling DXVK. I installed a number of dependencies that look like they provide video codecs:

  • amstream
  • devenum
  • quartz
  • xvid
  • ffdshow

Does anyone have ideas about what else I might try?

What I did figure out is a working command to run the mod, which took me a while. I used Bottles, installed Battle.net through the Bottles program installer, installed StarCraft 2 via Battle.net, and finally installed Mass Recall by unzipping and copying its files to the StarCraft Maps/ and Mods/ directories. Then I was able to run Mass Recall with this command:

$ bottles-cli shell -b "<bottle name>" -i '"C:\Program Files (x86)\StarCraft II\Support64\SC2Switcher_x64.exe" "C:\Program Files (x86)\StarCraft II\Maps\Starcraft Mass Recall\SCMR Campaign Launcher.SC2Map"'
45
submitted 6 months ago* (last edited 6 months ago) by [email protected] to c/[email protected]
 

Passkeys seem like a great idea, and we are at a point where, although things are still very much in flux, software passkeys managed by password managers are starting to be usable. I thought I'd share the workflow that's working for me on Linux with some sites, and ask the community for more tips & tricks.

A passkey is a client certificate - which is an old idea, but now there are some new standards in place*. When you log into a website, instead of sending a password you send a message signed using the private key on your hardware security device, or stored in your password manager. If you use a password manager the flow is about the same as with passwords: your password manager pops up and asks if you want to log in to the given website. But instead of sending a password to the browser, message signing takes place in the password manager. Unlike passwords those signed messages can't be replayed. Arguably you can skip sending MFA codes and get about the same (or maybe better) security with passkeys than you were getting with passwords + MFA.

Complications come up because support for passkey APIs is still patchy. On Linux I think there is system-level support for hardware keys, but not for passkey managers (password managers that can do passkey signing). But you can close that gap using browser extensions! I'm using Enpass with it's Firefox extension. Signing into websites in Firefox using passkeys works quite well in some of the sites I've tried. (I've also tested with Bitwarden's browser extension, and it works just as well.**) Although creating passkeys doesn't work on all of those sites.

  • I was able to create a passkey on Github, and sign in with it.
  • I was able to create a passkey for the demo at https://www.passkeys.io/, and sign in with it.
  • I couldn't create passkeys for Google, but I could log in with passkeys created on another device, and synced by Enpass to my Linux machine.
  • I can use a passkey for MFA on Discord, but they don't seem to be using them for logins yet.
  • I'm not getting options to use my passkeys on Amazon or Paypal, but I was able to create passkeys for these sites on Android.

Without using a browser extension Chrome on Linux does have a feature to sign in with passkeys on mobile devices. I don't think this works with third-party passskey managers. On some sites Chrome gave me the option to log in using the automatically-generated, Google-managed passkey on my phone. It didn't actually worked for me - my phone showed a message saying "connecting to device" but never actually connected.

That brings me to the Android side. Since some sites will let me log in with passkeys but not create them it's helpful to have another option for creating passkeys. Android is further along in implementing system level passkey support (only in Android 14 or later). But it's not perfect yet. Firefox for Android is not working with passkey managers yet, but there is a ticket to track this. Third-party passkey managers work in Chrome for Android, but only if you enable an experimental flag:

  • open chrome://flags/
  • find the setting "Android Credential Management for passkeys"
  • set the value to "Enabled for Google Password Manager and 3rd party passkeys"

* "Passkey" seems to be an umbrella term for WebAuthn or FIDO U2F. It looks like WebAuthn is a part of FIDO2.

** From a cursory look at the two I feel more comfortable with Enpass' browser extension than with Bitwarden's. I'm not positive, but it looks like Bitwarden loads credentials in the extension itself which puts all of your secrets in the browser process. OTOH the Enpass extension uses IPC to send requests to the Enpass desktop app. But as many will point out, Bitwarden's clients are open-source and audited while Enpass' software is closed-source.

 

It took me some time to work out how to get my ssh agent set up in Niri so I though I would share what I did. I'm using NixOS and Home Manager. I put this in my Home Manager config:

services.gnome-keyring = {
  enable = true;
  components = [ "pkcs11" "secrets" "ssh" ];
};
home.sessionVariables.SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/keyring/ssh";

I'm using GDM according to NixOS' default configuration which I think runs gnome-keyring (I thought I saw it in the process list before I set up the user unit), and I think that configuration is automatically unlocking gnome-keyring when I log in via PAM integration. But apparently I need to run gnome-keyring again in my window manager session. Home Manager's services.gnome-keyring adds a systemd user unit that does that.

1
submitted 8 months ago* (last edited 8 months ago) by [email protected] to c/[email protected]
 

I'd like a treesitter query that matches a Rust struct together with all of its attributes. For example,

#[derive(Debug)]
#[serde(rename_all = "camel_case")]
pub struct MyType {
    pub foo: i32,
}

The lines beginning with # are attributes that are logically connected to the struct declaration. But the treesitter grammar for Rust parses attributes as adjacent nodes, not as children of the struct declaration:

  (attribute_item ; [27, 0] - [27, 16]
    (attribute ; [27, 2] - [27, 15]
      (identifier) ; [27, 2] - [27, 8]
      arguments: (token_tree ; [27, 8] - [27, 15]
        (identifier)))) ; [27, 9] - [27, 14]
  (attribute_item ; [28, 0] - [28, 35]
    (attribute ; [28, 2] - [28, 34]
      (identifier) ; [28, 2] - [28, 7]
      arguments: (token_tree ; [28, 7] - [28, 34]
        (identifier) ; [28, 8] - [28, 18]
        (string_literal)))) ; [28, 21] - [28, 33]
  (struct_item ; [29, 0] - [31, 1]
    (visibility_modifier) ; [29, 0] - [29, 3]
    name: (type_identifier) ; [29, 11] - [29, 17]
    body: (field_declaration_list ; [29, 18] - [31, 1]
      (field_declaration ; [30, 4] - [30, 16]
        (visibility_modifier) ; [30, 4] - [30, 7]
        name: (field_identifier) ; [30, 8] - [30, 11]
        type: (primitive_type)))) ; [30, 13] - [30, 16]

How can I get produce a query that I can use in mini.ai that matches the struct, and all attributes?

I've tried this query using Neovim's new built-in :EditQuery command:

((attribute_item)* . (struct_item)) @custom_capture.outer

It looks like it does what I want. But when I try using @custom_capture.outer in mini.ai it matches the struct declaration, but not the attributes.

I tried using #make-range! like this,

((attribute_item)* @_start . (struct_item) @_end
  (#make-range! "custom_capture.outer" @_start @_end))

That matches the struct and the second attribute, but does not get the first attribute. I'm guessing that's because the . specifies that nodes must be adjacent, and the second attribute is the only one that is adjacent to a struct_item. Following that thinking I tried this,

((attribute_item)? @_start . (attribute_item)* . (struct_item) @_end
  (#make-range! "custom_capture.outer" @_start @_end))

That gets the struct and all the attributes, but only if my cursor is on the first attribute line when I use the textobject. If my cursor is on any subsequent line then I get the second attribute and the struct, but the first attribute is missed.

One problem is I'm not clear whether ((attribute_item) . (struct_item)) matches an attribute_item and a struct_item that are adjacent, or matches an attribute_item that precedes a struct_item, but does not also match the struct_item. I tried experimenting with the second interpretation and used this query,

(((attribute_item) 
  . [(attribute_item) (struct_item)])* @_start
  (struct_item) @_end
  (#make-range! "custom_capture.outer" @_start @_end))

That captures what I want, but in some cases if I have two struct declarations and I try to match only the second one the query selects both structs instead.

Is that the way to do a lookahead? Or is there another way?

I've kinda hit a wall looking at documentation, other examples, and running my own experiments. Does anyone have any pointers to help understand these queries on a deeper level?

Edit: It looks like this stuff is in flux, so I should mention that I'm using the latest nightly as of March 2 2024, and I made sure that all of my plugins are up-to-date.

view more: next ›