Tuesday, February 16, 2016

Dotfiles Part 3: Wherein Things Remain the Same

I spent some time trying to get my dotfiles working with git-crypt. I really tried. However, I kept having problems with it. Bad problems, like accidentally committing unencrypted files to my repo. Undoing that means purging and re-writing history, which is a major pain.

Some of these mistakes were my fault. I thought everything was working after a reimaging and restore from backup, but had failed to re-initialize git-crypt so it didn't know it was supposed to  be encrypting or with what keys. However, some were not. One of the problems is that due to the transparent way git-crypt works, a git show will always show you the plaintext changes, so there is no obvious indicator that something isn't going to be encrypted as expected. Git-crypt added a check command because of user feedback, which let's you check to make sure a file is being encrypted on commit. I ran into at least one situation where I checked a file with git-crypt check, and it reported that it would be encrypted, and yet on checkin it was still committed in plain text.

There is just too much danger of accidentally exposing the sensitive files you are trying to keep encrypted for me to have any confidence in continuing to use git-crypt as a solution. Which is a real shame, because the transparency which is its weakness is also its biggest strength. I was able to easily add it into the dotfiles script to handle unencrypting automatically which made it frictionless in normal use, at least on the receiving/installing end of things.

Tuesday, May 26, 2015

Dotfiles Part 2: I Knew It Couldn't Be That Easy

    As I discussed in the first post, I wanted a place to store my dotfiles where I could easily pull them down onto a new system. Github has become a popular place for this. It makes sense. Github is a cloud based git repo that you can easily reach from anywhere you have an internet connection. Git is a VCS which makes it easy to track changes to text files, which dotfiles are by definition. A simple git clone on a new system, and you have all your files ready and waiting for you.

    There are, of course, some issues with simply creating a git repo out of your entire home directory. So, many systems have been created which usually use symlinks to point into the repo controlled directory instead. There is even a nice listing available on the unofficial guide at github at http://dotfiles.github.io. It lists out some bootstrap systems to handle the symlinking and setup. It moves on to some app specific options, for things like shells and editors which may have extensive config and plugins that may be better managed with a dedicated system. Lastly, it covers general purpose dotfiles utilities, which may do more than just symlinking and syncing them for you.

    I've started to figure out how I wanted to manage my dotfiles many times over the years, and never gotten much further than looking at this massive page of options, opening up many of them in tabs, and then getting overwhelmed or distracted. This time, however, I was determined to make a choice and start trying to implement it. Even if it didn't end up being the solution I use in the end, I needed to get started at some point and figure out what would and wouldn't work for me. So, I made an initial pick.

Monday, May 25, 2015

Dotfiles: More Than Meets the Eye

    Dotfiles are pretty important. Anyone who has used a *NIX OS for a while will recognize the truth of this simple statement. For the uninitiated, Linux, Unix, and BSD (and OSX, which is a variant of BSD) operating systems have many things in common. One of these things is that files whose name begins with a period, like .config for example, are treated specially and hidden from the vanilla file list command, ls. Now, they aren't super secret or anything. A simple -a added to the ls command (making it ls -a) will show them again, they are just hidden by default. Due to the naming and pronunciation (.config would be spoken dotconfig by most people) they have become known collectively as dotfiles.

    The assumption is that they will be system files, usually configuration settings and the like, that you won't work with every day and won't want cluttering up your file listings all the time. Which is a pretty good assumption considering that the things multiply like crazy. These days it isn't just dotfiles, you have entire subdirectories that hold all sorts of things for whatever program uses them. Example, I have a .weechat that holds all the config settings, plugins, and chat logs from my irc client. Many programs use these the way Windows programs use their directory under Program Files. It is a good system, as it keeps the config easily findable in the user's home directory and also keeps the config user specific.

    Since they control the configuration of so many different pieces of your system, the dotfiles become important. They are how your system has been configured the way you like it. How it knows the behavior you want. They become very valuable, and over time, very difficult to replace. Some people spend years making small modifications to files like .bashrc and .vimrc until the resulting config is perfect. However, recreating it from scratch might be impossible as you won't remember what the setting you found on that obscure blog 3 years ago that solved this one issue was. You basically have to start over and tweak slowly until you arrive at another working, but inevitably different, config.

A Short Program Note

    Usually, I tend to meet a problem, research it, and (hopefully) eventually solve it, and then I finally think about maybe writing up a blog post about it. The problem with this approach is that I then have to go back and remember the entire process and how I figured out what eventually worked, especially if I want to provide links in my post, which I usually do. This also lends itself towards extremely long or multi-part posts, which rarely get the followup posts (see my minecraft server post for example).
    This time, I'm going to try writing a post while I'm in the early stages of being stuck looking at a new problem. It might be a less comprehensive stand alone post or a series of posts that don't work unless you read them all, but it might also be something that is easier for me to actually complete, so it's worth a shot. If I don't like it, I'll go back to my regularly scheduled long post every couple of years.

Monday, July 21, 2014

Adventures in Running a Personal Minecraft Server for Linux Admins

    So, I've been playing Minecraft for several years now. My wife, however, just started playing recently. Naturally, we wanted to play together. Sometime back in the history of Minecraft, the multi-player server code was merged in with the original single player game code, and thus even local single player games are run internally with a client/server architecture.  Because of this fact, Minecraft has has a nifty feature that lets you take a single player game you are playing, and "Open to LAN" which makes it multiplayer.

    My laptop was powerful enough to run the game with minimal lag for either of us, but this meant that she could not play if she had down time during the day while I was at work. We tried hosting the game off her laptop instead, but it could not handle the load and caused lots of lag and other problems for both of us, enough to make a survival game unplayable. The obvious solution to this was to run a server.

    Now, Mojang recently started their own hosting for Minecraft, known as Minecraft Realms. This is a nice self-contained option that handles all the administration and operation for you. There were just two problems. 1) I'm a Linux Engineer. If word gets out that I'm letting someone else run a server for me, I'll never hear the end of it at work. 2) More seriously, there is a monthly fee for using Minecraft Realms. It isn't much, clearly a lot less than purchasing hosting to run your own server. However, I don't have to purchase hosting. I get an allowance of cloud servers through my work (Rackspace, disclaimer at the bottom of the page, all views are my own and not theirs.) and I'm not currently using it all. So, I can have a decent quality server to use for free. Now, I just need to figure out how.