CI/CD Environment for A Smaller Project

Advantages of Continuous Integration (CI) and Continuous Delivery (CD) are obvious even for small projects with few contributors and are easily achievable with help of  free cloud tools – like for instance with mighty combo of Github plus Travis. But what if we want to achieve similarly convenient  environment inside of our private network, available only to our internal teams. Luckily open source is here again to help us with another great tool – GitLab –  GitLab  is a similar platform to GitHub, but the code is open source and we can easily install it in our environment. In this article I’ll summarize my experiences and guidelines how to build convenient environment for a small project  with automatic testing and deployment. Continue reading CI/CD Environment for A Smaller Project

Asynchronous Again – Rewriting ptunnel in Rust

Asynchronous programing model is quite popular for I/0 intensive tasks – it enables you effective use of resources, while maintaining agility of and assuring scalability of the application. I myself used asynchronous programming many times –   in JavaScript (where it’s omnipresent) , Python ( mainly  in asyncio recently, but also bit in twisted, which was one of first network asynchronous libraries I met) and also in OCAML with  lwt or Core Async. The concept is always similar for all implementations –  I/O operations are returning handles to future results – they are called either  Futures, Promises, or Deferred  – and they are returned immediately.  These futures can have functions attached to them, which are executed later, when I/O result becomes available.  Asynchronous  programming is very much about functions, it requires first class functions  and anonymous functions are very useful here, that’s why asynchronous model flourishes in functional languages.  Apart of I/O deferred processing usually there are other utilities for later execution – like timeouts, pausing execution for some time (sleep), tasks synchronization (events, locks). Futures are executed in an “event loop”,   a loop that monitors various events from OS (availability of data from I/O), timers, etc. to execute futures (meaning functions attached to them), when appropriate. It’s also very common to chain futures, executing second one with result of first one , when first one is resolved and result is available and the third one with results from the second one and so on. Apart of this basic scheme languages may provide some syntactic sugar around asynchronous model like await and async keywords in Python or C#, which makes it easier to write the code.

Recently, as I’m progressing in learning of Rust,  I wondered how asynchronous programing is done in Rust. I decided to remake my old project ptunnel (written in Python) into Rust – ptunnel is a program that tunnels arbitrary connection/protocol through HTTPS proxy, so it can be used to connect IMAP, SMTP or SSH through proxy. In the rest of this article I”l share my experiences from this project. Continue reading Asynchronous Again – Rewriting ptunnel in Rust

MyBookshelf2 Beta2

MyBookshelf2 – ebooks management and sharing solution moved to next version – Beta 2 – apart of few small fixes, the main change is an internal revamp to make it compatible with latest Asexor and thus removing dependence on Crossbar.io and Autobahn library.  It makes deployment of MyBookshelf2 easier and removes components that did not add much value to the solution, just made it bit overcomplicated.  Some effort was given to provide easy implementation in Docker – now there is a script that will guide you through two pre-configured scenarios – development (local code, monitoring of code changes) and stage (code in a volume, JS client built and packed, app server running behind nginx proxy with SSL termination, nginx serving static content).

Check latest code on github. To give it a try just clone repo and run init.sh script in deploy directory (assuming you have Docker installed).

Splitting Large Audio Books

I’m big fan of audio books.   During past years I’ve been using setup described in this article (libresonic server, android client, audio encoded with opus codec) for audio books listening.  It works well  for me , but it’s best with audio books split to chapters or to parts not longer then 1 hour. However some audio books come in  one large file (m4b format, or  aax proprietary file  from Audible).  To listen to such audio books conveniently I need to split them. Luckily with ffmpeg tool and a bit of bash scripting it is not difficult. Continue reading Splitting Large Audio Books

What Is This Weird File Name in My Samba Share?

In IT there are big things and there are small things. Some small things can be pretty annoying and they seem to stay here forever.  One of these annoying little things is difference between restrictions for file names in Windows versus  unix/linux (others are for instance legacy character encodings, http proxy support, these things has teased me many times in past).  Have you ever seen strange file name like W3NEM5~I on shared disc instead of meaningful file name, that you expected? If so and you’re interested what’s going on continue reading. Continue reading What Is This Weird File Name in My Samba Share?

Linux Desktop for 2017 and on

Screenshot from 2017-10-08 08-38-43As Canonical has announced the end of Unity desktop I thought it’s time to look again around at Linux desktops. In past years I have been using mainly Gnome 2 (or Mate recently), XFCE, Cinnamon and Unity (yes I did and experience was after all rather positive). I’ve tried Gnome 3 few years ago, but really never gave it longer try and never really find attraction for KDE. So in this article I’ll look a bit at those desktops again and especially at the recent Gnome Shell and it’s customization to my needs (which is indeed based on very individual preferences). Continue reading Linux Desktop for 2017 and on

Beware of sync option in mount

By default mount is using async option, which means that  write operations do not wait for final confirmation from the device – they are stored in disc cache and writes are done latter, optimized by disc firmware.  However you can set sync option manually ( -o sync), then write operations are synchronous, meaning each block write has to wait for confirmation that it’s physically written to the  disc and there is no optimization available.  This can significantly slow down write speed, of which I convinced myself just recently – I backuped  some data to external 2.5″ USB 3.0 HD – slowdown in this case was almost 1000x  –  (70kb/s vs 60MB/s   measured by rsync --progress).  How it happened that disc was mounted with sync option? I actually use usbmount to auto-mount disks and it has sync as default mount option (fortunately can be changed in it’s configuration). So conclusion is – don’t use sync  option unless you know exactly what you are doing and if write speed is suspiciously slow check mount options.

Secret Sharing Is Caring Too

In todays digital world passwords and other types of secrets are omnipresent and they secure access to various assets dear to our hearts, some of those can have tremendous tangible or moral value. For such assets it’s worth to select really good and strong password, which basically means long and hard to remember. How to ensure ourselves in case of memory failure? We can write it down and lock in secure place, share with trusted person etc., but still there is one point of of failure – secure place can be robbed, that person can betray us. Can cryptography  provide us with better options?  Yes it can with help of method called Secret sharing – we can split secret into n parts – called shared secrets – and distribute them to different places/people. Later we (or someone else) need to collect k (k > 0 and k <= n) shared secret to recover original secret. k is called threshold and it is defined when generating shared secrets – so we for instance generate n=5 shared secrets, but only k=3 will be needed to recover original secret.

I believe you can easily imagine  many other real life scenarios where secret sharing can be useful and for sure it’s used in many applications and systems today. Cryptography provides several algorithms for secure (by design) secret sharing.  Most common is Shamir’s Secret Sharing based on linear algebra approach. There are many tools and libraries for Shamir’s scheme (and further advancements of original algorithm),  you can for instance try ssss, which provides command line tool that you can easily install into your Linux and also there is an online demo. Another family of secret sharing schemes is based on Chinese Reminer Theorem, where especially Asmuth-Bloom scheme is interesting.  I have not seen many implementation for Asmuth-Bloom secret sharing so I created one in Rust. Continue reading Secret Sharing Is Caring Too

The Splendors and Miseries of CaaS – Experiences with Openshift3

Container as a Service (CaaS) is increasingly popular cloud service (usually categorized under Platform as a Service family of cloud services). It can provide easy ways how to deploy web applications leveraging Linux container technologies usually most popular Docker containers.  Recent addition to this family is Openshift v3 from RedHat.   Openshift is available as an open source  software (Openshift Origin) or as a hosted service (OpenShift Online).  I already used previous version of Openshift service (v2), as described in my previous article. In this article I’ll share my recent experiences with Openshift v3 service (also called NextGen). Continue reading The Splendors and Miseries of CaaS – Experiences with Openshift3

My Digital Bits And Pieces