I read this post on Joey Hess’ blog which expresses a thought I’ve been having: one shouldn’t rely on version control for backups in the disaster-recovery sense of backups, but just for history and synchronisation between machines. The reason for this is that while I do have some automatic checking-in, use of version control means that large chunks of important stuff is not safe until you check it in and you won’t do this regularly enough: it’s too annoying. And of course there is all the stuff that is (sensibly) not in git or git-annex, such as my ~/tmp/ which is actually my desktop. A backup of that would save my mental energy consumed by remembering to check stuff in.

Obnam has many feature conducive to this. There is even a continuous backup feature on the roadmap, though you don’t really need this, just run every 20 minutes in a cronjob, with the main exclusion being /home/swhitton/var/.git/annex/objects which git-annex can deal with. What makes it shine for my purposes is the multi-client de-duplication: it can avoid storing two copies of identical files that exist on both my laptop and desktop. But at the moment it’s just too slow for the transatlantic backups I need to use (only off-site location I have enough disc space) due to the way it iterates through SFTP commands. The author says that he’s going to work on this once he’s fixed outstanding bugs.

I dream of the day when stable, suffiently-featured versions of Emacs 24, git, git-annex, Org-mode, vcsh, mr and obnam are available in Debian Stable for all architectures and in Raspbian, and this version of Debian Stable is ubiquitous enough that you can get your friendly sysadmin to apt-get them for you and you have it all everywhere.

I just realised that it’s been two years to the day since I switched from Vim to Emacs (or at least, two years since I blogged about doing so). I’ve gone through an appropriate journey: wiring the keybindings deep into my brain, learning to touch-type properly, too, adding loads and loads of junk to my .emacs.d and then eventually, a few months ago, slimming down to the stuff I actually use. The one thing I still don’t really do is use incremental search to shoot around.

Taking a moment here to appreciate just how much Emacs improves my life, even though it’s mostly in the background now as I’m just so used to it.

I just installed redshift; this is so comfortable, and so much better than constantly fiddling my screen brightness up and down (which only worked on my laptop, anyway).

Infographics are porn without the happy ending | Tom Morris

Debian Code Search

Debian Code Search (DCS) is a search engine for source code — it searches all the open source projects which are included in the Debian archive (the “main” distribution only, not non-free or contrib). Currently, that includes about 18000 packages with 140 GiB of source code.

I am really pleased that I’m not going to be cut off from JSTOR at the end of this year, as it turns out I won’t be. The situation with online journals, and in fact journals in general, is such a mess, especially in the humanities.

Two separate thoughts and a synthesis that I got from a mindfulness class this evening. continue reading this entry

#+LaTeX_HEADER: \RequirePackage{lineno} \def\linenumberfont{\normalfont\small\tt}

then at the beginning of the document’s text

\setrunninglinenumbers \modulolinenumbers[10] \linenumbers A classic ...

”You see this goblet?” asks Achaan Chaa, the Thai meditation master.

”For me this glass is already broken. I enjoy it; I drink out of it. It holds my water admirably, sometimes even reflecting the sun in beautiful patterns. If I should tap it, it has a lovely ring to it. But when I put this glass on the shelf and the wind knocks it over or my elbow brushes it off the table and it falls to the ground and shatters, I say, ‘Of course.’

When I understand that the glass is already broken, every moment with it is precious.”

Here’s a blog post I just read, plus the things linked from it, about undergraduates wanting to go into academic philosophy, such as me. I’m currently working on the assumption that this is what I am going to do: hopefully go away to Korea to teach English for a year, and emerge from that ready to face graduate study. What this also does is give me a year outside of the academic world to become more sure, or otherwise, that this is what I want to do. So I don’t have to make any decisions now, since only the next year is relevant for the moment. Even so, having read the things I’ve just read, I want to review my reasons for wanting to pursue academic philosophy and the alternatives to this I have in mind. This is all in the context of careers-pressure from friends applying for and obtaining jobs, and what a young Oxford graduate is expected to do etc.

continue reading this entry

tgwnet is a peer-to-peer VPN based on the excellent tincd.

Tier 1 nodes

Tier 2 nodes

(may not always be up-to-date)

How to add a new tier 1 node

These instructions are not yet complete, such as, they don’t reflect the following sentence. Suppose you are setting up a host called host and your IP block assignment is 172.19.44.0 and you want to use 172.19.44.1 as your tier 1 node’s IP address (you can use anything in your pool).

Information

Contact Sean to get an IP pool allocation, which will be of the form 172.19.4X.X (makes them easier to remember if we just go up 43, 44, 45…—and no-one gets 42, to prevent arguments :P). The idea is one class B(?) per tier 1 node admin i.e. TGW member. Choose an IP address for your tier 1 node, from your IP pool. E-mail this information to Sean so the table above can be updated.

It’s possible to use tinc to bridge your local LAN into tgwnet with only one machine (generally your router) running tinc. If you want to do this, the easiest thing to do is get a second class B(?) for your LAN’s computers which your router’s DHCP server can be setup to hand out.

GNU/Linux

Install the tincd package however your distribution does that. Also install avahi-daemon to get automagic distributed DNS. Now mkdir /etc/tinc/tgwnet/hosts (throughout you can use some other word instead of tgwnet; it’s a purely local identifier) and then edit /etc/tinc/tgwnet/tinc.conf:

Name = hestia
Interface = tap1
AddressFamily = ipv4
LocalDiscovery = yes
ConnectTo = hestia
Mode = switch

You can add the following lines to bind on more than one port, for example if you need access to your tier 1 node from within Balliol’s ridiculous LAN.

BindToAddress = * 655
BindToAddress = * 1194

Replacing the IP address in the below with your tier 1 node’s IP address that you selected earlier, create /etc/tinc/tgwnet/tinc-up

#!/bin/sh
ifconfig $INTERFACE 172.19.43.122 netmask 255.255.0.0

and chmod this file to 755. Now create /etc/tinc/tgwnet/hosts/hestia where hestia is your tier 1 host’s name (yes, the machine you are creating the file on):

Subnet = 172.19.43.122/32

where the IP address here is your chosen IP for your tier 1 node. Now execute, as root, tincd -n tgwnet -K4096 to generate a keypair for your host. Accept the default location to save the public key. E-mail this public key /etc/tinc/tgwnet/host, PGP signed and encrypted, to Sean. He will send you back a file to be put as /etc/tinc/tgwnet/hestia; this is hestia’s public key, so that you can connect in to the rest of the network.

If you like you could establish similar relationships with other tier 1 hosts but this isn’t strictly necessary as tinc will automatically build the tunnels. If you do establish such relationships, though, notify Sean so he can update the above table.

The node is now operational and you can go ahead and add tier 2 nodes using the instructions below. Test by pinging things like zephyr.local and watch to see if the ping times drop as tunnels are built, assuming Sean has his computer on.

Windows

Very similar to the above, just different config file locations etc.

How to add a new tier 2 node

These instructions are not yet complete.

GNU/Linux

Very similar to adding a tier 1 node, except you need to supply the tier 1 node’s public key file, obviously, and the ConnectTo statement in /etc/tinc/tgwnet/tinc.conf should point to your tier 1 node.

Windows

Very similar to the above, just different config file locations etc.

Ulrik Sverdrup has written https://github.com/blake2-ppc/git-remote-gcrypt, which allows using gpg encrypted ssh remotes with git. The same idea could be expanded to other types of remotes, like S3. I’m excited about adding encrypted git remote support to the assistant! (source)

This is very exciting. I am tired of using s3ql for this purpose rather than just having all my metadata and data stored in an encrypted git remote on the same machine where, at present, only my encrypted data is stored.