Reload SSL certificates with systemd
Recently I relinquished an old domain on my server and had to re-issue a certificate to drop that domain off. Previously it ran Let’s Encrypt’s official client Certbot, set up back in 2019. All my ...
- linux 23
- server 9
- development 7
- networking 7
- software 6
- web 6
- github-pages 4
- windows 4
- jekyll 3
- ssh 3
- proxmox-ve 3
- c++ 2
- open-source 2
- algorithm 2
- github 2
- aws 2
- android 1
- fpga 1
- keygen 1
- git 1
- talk 1
- raspberry-pi 1
- cloudflare 1
- mysql 1
- container 1
- ldap 1
- paper-reading 1
- games 1
- minecraft 1
- zfs 1
- nginx 1
linux
I almost broke our lab’s storage server…
Recently we discovered that both SSDs on our storage server were giving worrisome SMART values, so we started replacing them. One of them was used only for ZFS L2ARC, so pulling it out was easy. Th...
My firewall solution for RDP
Today I stumbled upon this V2EX post (Simplified Chinese) where the OP shared their PowerShell implementation of a “makeshift fail2ban” for RDP (their GitHub repository). Their script looked very c...
Understanding ZFS block sizes
ZFS is about the most complex filesystem for single-node storage servers. Coming with its sophistication is its equally confusing “block size”, which is normally self-evident on common filesystems ...
Debugging Proxmox VE Firewall Dropping TCP Reset Packets
A few days back when I was setting up a new VM to host some extra websites, I noticed an unexpected Nginx error page. As I don’t administer the new websites, I just added reverse proxy rules on the...
Running a dual-protocol OpenVPN/WireGuard VPN server on one port
Public Wi-Fi and some campus network typically block traffic from unauthenticated clients, but more often allow traffic targeting UDP port 53 to pass through, which is normally used for DNS queries...
Prolonging eMMC Life Span with Proxmox VE
Since my blog on installing Proxmox VE on eMMC, there’s been a lot of discussion over the Internet on this. I suspect that Proxmox decided not to include eMMCs in their hardware options by design, ...
LVM metadata exceeds maximum metadata size, now what next?
An LVM volume group (VG) on our Proxmox VE cluster has failed to create new logical volumes, reporting that its metadata was full. At first this appears to be easy, “fine I’ll just add more space f...
Centralized Linux authentication with OpenLDAP
LDAP, the #1 way to get your graduation delayed (as has always been the meme around Tsinghua University), is every SysAdmin’s dream tool for their servers. As mighty as its rumors fly, LDAP takes t...
Install Proxmox VE on eMMC
Recently I bought a mini PC looking forward to setting up a home router. It started quite well except the specs were higher than I anticipated. 8 GB RAM plus 128 GB eMMC - too much waste for “just ...
New Pandora’s box: Install Linux and Windows onto the same NTFS partition
Linux 5.15 is shipped with a brand new driver for Microsoft’s classic NTFS filesystem, NTFS3. Unlike the decades-old open-source NTFS-3G project, which is based on FUSE and have always received cri...
Reinstall Windows VPS into Linux with iPXE network boot
This November I found a discount from one of my favorite VPS providers, NETfront. They offered Linux VPS with 2 vCPUs and 2 GB RAM at HK$56/mo, and also Windows VPS with 4 vCPUs and 4 GB RAM at HK$...
Secure site-to-site connection with Linux IPsec VPN
Linux has a built-in framework for Internet Protocol Security (IPsec), which is often combined with other tunneling technologies (e.g. L2TP and GRE) to create secure cross-site network connections....
Disassembling a hardware RAID 1 array in Proxmox VE
Yesterday in a server maintenance period, we decided to tune the storage layout of our Proxmox VE server, which included disassembling a RAID 1 array and adjusting the size of the root filesystem.
A Deep Dive into Containers
Since years ago, containers have been a hot topic everywhere. There are many container softwares like Docker, Linux Containers and Singularity. It’s hard to say one understand what containers are w...
Use RSA CA Certificates with OpenSSH 8.2
OpenSSH 8.2 is coming to the latest Long-Term Service release of Ubuntu, Focal Fossa (20.04), and has some breaking changes for users using an SSH Certificate Authority.
3 ways to use MySQL / MariaDB CLI without password
For all of us who are learning to use or developing with MySQL or MariaDB, it’s a common task to manually log in to the database for inspection. This is usually done with the mysql command line cli...
Managing servers with OpenSSH Certificate Authority
Since the addition of the website server for an external corporation, I now have 5 Linux servers to manage on my own. I also have 4 terminal devices that I use to connect to those servers: two of m...
Creating templated Systemd services
Last time I wrote an article about NAT traversal using FRP, which has been my personal solution for exposing SSH access of machines behind NAT to the internet for a long time.
Build a minimal Linux system and run it in QEMU
Linux is the #1 open-source operating system nowadays, and many people are running a Linux distro, such as Ubuntu or Arch. Linux is also the most popular choice for a server OS.
Filter manually installed packages from APT with AWK
It’s again when I want to find out what packages I have manually installed (or by a script) from the output of apt list, with all output on one line.
Setting up Ubuntu in VMware Workstation
A quick step-by-step guide for those wanting to get in touch with Ubuntu in a virtual machine with minimal effort. For example, at the start of a semester of Operating System Concepts course.
Access your Raspberry Pi remotely with SSH
Do you have a personal server at home but can’t access it from work or travel because your home doesn’t have a public IP? If so, then, this article is what you’re looking for.
server
I almost broke our lab’s storage server…
Recently we discovered that both SSDs on our storage server were giving worrisome SMART values, so we started replacing them. One of them was used only for ZFS L2ARC, so pulling it out was easy. Th...
Request limiting in Nginx
Nginx has a built-in module limit_req for rate-limiting requests, which does a decent job, except its documentation is not known for its conciseness, plus a few questionable design choices. I happe...
Prolonging eMMC Life Span with Proxmox VE
Since my blog on installing Proxmox VE on eMMC, there’s been a lot of discussion over the Internet on this. I suspect that Proxmox decided not to include eMMCs in their hardware options by design, ...
My automated Daily Health Report infrastructure
Back in the days when the Zero COVID policy was prevailing, our university introduced a Daily Health Report system. Students and faculty were mandated to submit a daily online form detailing their ...
LVM metadata exceeds maximum metadata size, now what next?
An LVM volume group (VG) on our Proxmox VE cluster has failed to create new logical volumes, reporting that its metadata was full. At first this appears to be easy, “fine I’ll just add more space f...
Centralized Linux authentication with OpenLDAP
LDAP, the #1 way to get your graduation delayed (as has always been the meme around Tsinghua University), is every SysAdmin’s dream tool for their servers. As mighty as its rumors fly, LDAP takes t...
Install Proxmox VE on eMMC
Recently I bought a mini PC looking forward to setting up a home router. It started quite well except the specs were higher than I anticipated. 8 GB RAM plus 128 GB eMMC - too much waste for “just ...
Reinstall Windows VPS into Linux with iPXE network boot
This November I found a discount from one of my favorite VPS providers, NETfront. They offered Linux VPS with 2 vCPUs and 2 GB RAM at HK$56/mo, and also Windows VPS with 4 vCPUs and 4 GB RAM at HK$...
Disassembling a hardware RAID 1 array in Proxmox VE
Yesterday in a server maintenance period, we decided to tune the storage layout of our Proxmox VE server, which included disassembling a RAID 1 array and adjusting the size of the root filesystem.
development
My automated Daily Health Report infrastructure
Back in the days when the Zero COVID policy was prevailing, our university introduced a Daily Health Report system. Students and faculty were mandated to submit a daily online form detailing their ...
Overengineering Advent of Code 2022
Advent of Code (Wikipedia, link) is an annual event that releases a programming puzzle every day from December 1 to December 25. It’s a great chance to learn a new language or practice your skills.
Taking the 24 puzzle game to the next level
The 24 game is a classic math game where players try to arrange 4 integers into 24 using basic arithmetics (addition, subtraction, multiplication and division). Thanks to its popularity, it’s now a...
Bootstrapping Make
Have C or C++ project to build? You may think, “Yeah this is very easy, I’ll just call the compiler to do so”, and yes, let’s take a look at an example.
Programming the On-Board SPI Flash of Digilent Nexys4 DDR
This semester I have the course “Experiments of Digital Circuits”, the content of which is designing digital circuits using Vivado software, and writing Verilog code. Most of the lab papers require...
Batch convert PowerPoint slideshow to PDF
The TL:DR line: If you want my script, you can get it here.
Making a Reversi game with Python
As a casual attempt to accomplish a Grand Assignment, I created a Reversi game with Python. The project is open-source on GitHub and you can view it with the link above.
networking
My firewall solution for RDP
Today I stumbled upon this V2EX post (Simplified Chinese) where the OP shared their PowerShell implementation of a “makeshift fail2ban” for RDP (their GitHub repository). Their script looked very c...
Debugging Proxmox VE Firewall Dropping TCP Reset Packets
A few days back when I was setting up a new VM to host some extra websites, I noticed an unexpected Nginx error page. As I don’t administer the new websites, I just added reverse proxy rules on the...
Running a dual-protocol OpenVPN/WireGuard VPN server on one port
Public Wi-Fi and some campus network typically block traffic from unauthenticated clients, but more often allow traffic targeting UDP port 53 to pass through, which is normally used for DNS queries...
My automated Daily Health Report infrastructure
Back in the days when the Zero COVID policy was prevailing, our university introduced a Daily Health Report system. Students and faculty were mandated to submit a daily online form detailing their ...
Secure site-to-site connection with Linux IPsec VPN
Linux has a built-in framework for Internet Protocol Security (IPsec), which is often combined with other tunneling technologies (e.g. L2TP and GRE) to create secure cross-site network connections....
Fix traceroute not showing intermediate results in a virtual machine on Windows
Today when I was running some networking diagnostics from an Ubuntu inside VMware Workstation, I noticed this strange result from mtr (My Traceroute):
Access your Raspberry Pi remotely with SSH
Do you have a personal server at home but can’t access it from work or travel because your home doesn’t have a public IP? If so, then, this article is what you’re looking for.
software
Visualizing Weather Forecast with Grafana
Grafana is a great piece of software for visualizing data and monitoring. It’s outstanding at what it does when paired with a time-series database like InfluxDB, except this time I’m trying to get ...
I switched from Google Chrome to Microsoft Edge
Last year (maybe September? I don’t remember now) I switched my primary browser from Google Chrome to the new Microsoft Edge. It turned out to be a wise move and I’ve been with Edge for more than h...
Bootstrapping Make
Have C or C++ project to build? You may think, “Yeah this is very easy, I’ll just call the compiler to do so”, and yes, let’s take a look at an example.
Setting up Ubuntu in VMware Workstation
A quick step-by-step guide for those wanting to get in touch with Ubuntu in a virtual machine with minimal effort. For example, at the start of a semester of Operating System Concepts course.
Batch convert PowerPoint slideshow to PDF
The TL:DR line: If you want my script, you can get it here.
web
I switched from Google Chrome to Microsoft Edge
Last year (maybe September? I don’t remember now) I switched my primary browser from Google Chrome to the new Microsoft Edge. It turned out to be a wise move and I’ve been with Edge for more than h...
Keep using Flash Player in browsers in 2021
It’s 2021 now, and Adobe Flash Player has been end-of-life after December 31, 2020. There are many cases where you want to retain it, however. For example, you may want to keep enjoying an old game...
Working against WordPress DeBlocker plugin
I’ll go straight to the solution (keep in mind that it’s considerably primitive, so use at your own risk) with code attached below. It’s a Tampermonkey userscript.
High-performance mass web crawling on AWS
The 3rd-and-last experiment of course Web Information Processing and Application required us to create a recommendation engine, and “predict” the rating (1-5 stars) for 4M user-item pairs based on ...
How to change email of your Nvidia account
I recently retired a few old email addresses, and am currently going in a row to change email for accounts associated with those emails. Everything else went smoothly, with my Nvidia account being ...
Make your GitHub Pages website faster with Cloudflare
This September I employed Cloudflare to optimize my website (https://ibugone.com) in various aspects. It turned out to be a brilliant move and Cloudflare has proved to be a great service to have.
github-pages
Build GitHub Pages with GitHub Actions
Why use an external service when there’s an in-house GitHub service?
Make your GitHub Pages website faster with Cloudflare
This September I employed Cloudflare to optimize my website (https://ibugone.com) in various aspects. It turned out to be a brilliant move and Cloudflare has proved to be a great service to have.
Using SSH deploy keys on CircleCI
A year ago back I wrote an article on automating build & deployment of GitHub Pages website with Travis CI. It’s a great CI service at first, but since Travis CI has completely moved away from ...
Build GitHub Pages with Travis CI
Update December 2020
windows
My firewall solution for RDP
Today I stumbled upon this V2EX post (Simplified Chinese) where the OP shared their PowerShell implementation of a “makeshift fail2ban” for RDP (their GitHub repository). Their script looked very c...
New Pandora’s box: Install Linux and Windows onto the same NTFS partition
Linux 5.15 is shipped with a brand new driver for Microsoft’s classic NTFS filesystem, NTFS3. Unlike the decades-old open-source NTFS-3G project, which is based on FUSE and have always received cri...
Fix traceroute not showing intermediate results in a virtual machine on Windows
Today when I was running some networking diagnostics from an Ubuntu inside VMware Workstation, I noticed this strange result from mtr (My Traceroute):
Keep using Flash Player in browsers in 2021
It’s 2021 now, and Adobe Flash Player has been end-of-life after December 31, 2020. There are many cases where you want to retain it, however. For example, you may want to keep enjoying an old game...
jekyll
Build GitHub Pages with GitHub Actions
Why use an external service when there’s an in-house GitHub service?
Enabling better “Related Posts” with Jekyll
There’s a less-known feature of Jekyll that populates related_posts correctly with “related” posts, instead of the 10 latest posts when it’s disabled by default.
Build GitHub Pages with Travis CI
Update December 2020
ssh
Use RSA CA Certificates with OpenSSH 8.2
OpenSSH 8.2 is coming to the latest Long-Term Service release of Ubuntu, Focal Fossa (20.04), and has some breaking changes for users using an SSH Certificate Authority.
Managing servers with OpenSSH Certificate Authority
Since the addition of the website server for an external corporation, I now have 5 Linux servers to manage on my own. I also have 4 terminal devices that I use to connect to those servers: two of m...
Using SSH deploy keys on CircleCI
A year ago back I wrote an article on automating build & deployment of GitHub Pages website with Travis CI. It’s a great CI service at first, but since Travis CI has completely moved away from ...
proxmox-ve
Debugging Proxmox VE Firewall Dropping TCP Reset Packets
A few days back when I was setting up a new VM to host some extra websites, I noticed an unexpected Nginx error page. As I don’t administer the new websites, I just added reverse proxy rules on the...
Prolonging eMMC Life Span with Proxmox VE
Since my blog on installing Proxmox VE on eMMC, there’s been a lot of discussion over the Internet on this. I suspect that Proxmox decided not to include eMMCs in their hardware options by design, ...
Install Proxmox VE on eMMC
Recently I bought a mini PC looking forward to setting up a home router. It started quite well except the specs were higher than I anticipated. 8 GB RAM plus 128 GB eMMC - too much waste for “just ...
c++
Taking the 24 puzzle game to the next level
The 24 game is a classic math game where players try to arrange 4 integers into 24 using basic arithmetics (addition, subtraction, multiplication and division). Thanks to its popularity, it’s now a...
Append int to std::string
For people new to template resolution and template type deduction in C++, they may have written this code and get confused why it doesn’t compile:
open-source
My speech at Microsoft Summer Camp 2019
This is a translated version from the Chinese (original) script. The slideshow can be acquired here. For comments, please head to the Chinese version of this post.
Joining SmokeDetector
After a plain request, an administrator of the SmokeDetector project added me under the Developers section of their team member list, which indicates that I am a known personnel for contributing a ...
algorithm
Taking the 24 puzzle game to the next level
The 24 game is a classic math game where players try to arrange 4 integers into 24 using basic arithmetics (addition, subtraction, multiplication and division). Thanks to its popularity, it’s now a...
Alpha-Beta Pruning
As described in a previous article, Alpha-Beta pruning can be used to speed up minimax heuristic searching by pruning branches that will never be reached.
github
Setting up a GitHub webhook on AWS Lambda
Last month I set up my own Telegram bot for GitHub event notification. To receive GitHub events via webhook, a receiver is needed. True, it isn’t hard to write a Flask or Sinatra server and throw t...
How I saved a lost commit from GitHub
Earlier today I force-pushed to my repository USTC-RV-Chisel for testing purposes, without noticing that my local ref origin/master is 1 commit behind the actual master on GitHub. My friend pushed ...
aws
Setting up a GitHub webhook on AWS Lambda
Last month I set up my own Telegram bot for GitHub event notification. To receive GitHub events via webhook, a receiver is needed. True, it isn’t hard to write a Flask or Sinatra server and throw t...
High-performance mass web crawling on AWS
The 3rd-and-last experiment of course Web Information Processing and Application required us to create a recommendation engine, and “predict” the rating (1-5 stars) for 4M user-item pairs based on ...
android
Some ideas about multicore on Android
Laptops have usually at most four cores, and dualcores are probably more common. I have recently switched from quadcore to dualcore and I can confirm there is a limited number of use cases for quad...
fpga
Programming the On-Board SPI Flash of Digilent Nexys4 DDR
This semester I have the course “Experiments of Digital Circuits”, the content of which is designing digital circuits using Vivado software, and writing Verilog code. Most of the lab papers require...
keygen
Wolfram Mathematica 13 Key Generator Online
As iBug no longer uses Mathematica himself, this keygen will not be updated or maintained anymore.
git
How I saved a lost commit from GitHub
Earlier today I force-pushed to my repository USTC-RV-Chisel for testing purposes, without noticing that my local ref origin/master is 1 commit behind the actual master on GitHub. My friend pushed ...
talk
My speech at Microsoft Summer Camp 2019
This is a translated version from the Chinese (original) script. The slideshow can be acquired here. For comments, please head to the Chinese version of this post.
raspberry-pi
Raspberry Pi 4 B Review and Benchmark - What’s improved over Pi 3 B+
Lately I’ve finally received my Raspberry Pi 4 (4 GB model), and I couldn’t resist the temptation to give it a try and see all the improvements that’s been reported for months.
cloudflare
Make your GitHub Pages website faster with Cloudflare
This September I employed Cloudflare to optimize my website (https://ibugone.com) in various aspects. It turned out to be a brilliant move and Cloudflare has proved to be a great service to have.
mysql
3 ways to use MySQL / MariaDB CLI without password
For all of us who are learning to use or developing with MySQL or MariaDB, it’s a common task to manually log in to the database for inspection. This is usually done with the mysql command line cli...
container
A Deep Dive into Containers
Since years ago, containers have been a hot topic everywhere. There are many container softwares like Docker, Linux Containers and Singularity. It’s hard to say one understand what containers are w...
ldap
Centralized Linux authentication with OpenLDAP
LDAP, the #1 way to get your graduation delayed (as has always been the meme around Tsinghua University), is every SysAdmin’s dream tool for their servers. As mighty as its rumors fly, LDAP takes t...
paper-reading
Paper Reading: Are You Sure You Want to Use MMAP in Your Database Management System?
Paper reading for [CIDR 2022] Are You Sure You Want to Use MMAP in Your Database Management System? by Crotty et al.
games
Recovering a Minecraft world from a crash, the technician way
While a friend was building an automatic brewing pipeline, our Create: Astral server crashed and wouldn’t start again. At first we thought it’d be easy to restore our world from a backup, only to f...
minecraft
Recovering a Minecraft world from a crash, the technician way
While a friend was building an automatic brewing pipeline, our Create: Astral server crashed and wouldn’t start again. At first we thought it’d be easy to restore our world from a backup, only to f...
zfs
Understanding ZFS block sizes
ZFS is about the most complex filesystem for single-node storage servers. Coming with its sophistication is its equally confusing “block size”, which is normally self-evident on common filesystems ...
nginx
Request limiting in Nginx
Nginx has a built-in module limit_req for rate-limiting requests, which does a decent job, except its documentation is not known for its conciseness, plus a few questionable design choices. I happe...