Markus CislerThe personal website of Markus Cisler.2020-05-07T23:03:22Zhttps://markuscisler.com/Markus Cislerhello@markuscisler.comStarting Sourdough2020-05-07T23:03:22Zhttps://markuscisler.com/starting-sourdough<p><a href="https://twitter.com/badboy_/status/1242044492234076167">Jan-Erik</a> and <a href="https://youtu.be/sTAiDki7AQA">"The Ultimate Sourdough Starter Guide"</a> made me want to start... a sourdough starter.</p>
<p>I would like to use <a href="https://www.dropbox.com/s/gj7xmbiv6sbtpao/Ultimate%20Sourdough%20Starter%20Feeding%20Schedule.docx?dl=0">Joshua's feeding schedule guide</a>. The guide asks for <em>stoneground rye flour</em> and <em>unbleached all purpose flour</em> and I wondered which types of German flour I could use instead. For posterity here are my findings:</p>
<ul>
<li>All flours in Germany are unbleached, so that’s out of question.</li>
<li>The type of German flour that comes close to the <em>stoneground rye flour</em> he is using for his starters seems to be <strong>Roggenmehl Typ 1150</strong>.</li>
<li>American <em>all purpose flour</em> is closest to the German <strong>Weizenmehl Typ 550</strong>.</li>
</ul>
Using a private registry on minikube2019-06-12T20:51:47Zhttps://markuscisler.com/minikube-private-registry<p>When using <a href="https://github.com/kubernetes/minikube">minikube</a> to test containers or features on your machine you might run into the situation where you would like to pull an image from a private Docker registry.</p>
<p>There is a simple way to enable minikube to do so by using <code>kubectl</code> to create a secret, then patch the default serviceaccount to use it.</p>
<h2>Create the secret</h2>
<p>One way to create a secret is to supply credentials on the command line. This will add your credentials to your shell history though.</p>
<pre class="language-shell"><code class="language-shell">kubectl create secret docker-registry pullsecret <span class="token punctuation">\</span><br /> --docker-server<span class="token operator">=</span><span class="token operator"><</span>your-registry-server<span class="token operator">></span> <span class="token punctuation">\</span><br /> --docker-username<span class="token operator">=</span><span class="token operator"><</span>your-username<span class="token operator">></span> <span class="token punctuation">\</span><br /> --docker-password<span class="token operator">=</span><span class="token operator"><</span>your-password<span class="token operator">></span> <span class="token punctuation">\</span><br /> --docker-email<span class="token operator">=</span><span class="token operator"><</span>your-email<span class="token operator">></span></code></pre>
<p>Another solution is to use credentials from the local <code>~/.docker/config.json</code>.</p>
<pre class="language-shell"><code class="language-shell">kubectl create secret generic pullsecret <span class="token punctuation">\</span><br /> --from-file<span class="token operator">=</span>.dockerconfigjson<span class="token operator">=</span><span class="token variable">${<span class="token environment constant">HOME</span>}</span>/.docker/config.json <span class="token punctuation">\</span><br /> <span class="token parameter variable">--type</span><span class="token operator">=</span>kubernetes.io/dockerconfigjson</code></pre>
<h2>Patch the default serviceaccount</h2>
<p>Last step is to patch the default serviceaccount to use this secret.</p>
<pre class="language-shell"><code class="language-shell">kubectl patch serviceaccount default <span class="token parameter variable">-p</span> <span class="token string">'{"imagePullSecrets": [{"name": "pullsecret"}]}'</span></code></pre>
<p>If you don't want to patch the default serviceaccount you can also reference your secret in <code>imagePullSecret</code> in your pod spec.</p>
<pre class="language-yaml"><code class="language-yaml"><span class="token key atrule">apiVersion</span><span class="token punctuation">:</span> v1<br /><span class="token key atrule">kind</span><span class="token punctuation">:</span> Pod<br /><span class="token key atrule">metadata</span><span class="token punctuation">:</span><br /> <span class="token key atrule">name</span><span class="token punctuation">:</span> private<span class="token punctuation">-</span>pod<br /><span class="token key atrule">spec</span><span class="token punctuation">:</span><br /> <span class="token key atrule">containers</span><span class="token punctuation">:</span><br /> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> private<span class="token punctuation">-</span>container<br /> <span class="token key atrule">image</span><span class="token punctuation">:</span> <your<span class="token punctuation">-</span>private<span class="token punctuation">-</span>image<span class="token punctuation">></span><br /> <span class="token key atrule">imagePullSecrets</span><span class="token punctuation">:</span><br /> <span class="token punctuation">-</span> <span class="token key atrule">name</span><span class="token punctuation">:</span> pullsecret</code></pre>
<p>Done.</p>
Buying a notebook is still hard2019-05-05T17:39:43Zhttps://markuscisler.com/buying-a-notebook-is-still-hard<p>Just a quick note on the Thinkpad X280 I bought earlier this year because I feel I have to follow up on this.</p>
<p>I returned it because for me it was not suited for media consumption. The speakers on the bottom of the device were just too bad, it was not possible for me to watch a YouTube video and understand what has been said without putting headphones on.</p>
<p>Next I might order a Dell XPS 13 (9380) and see if it fits my needs. To be honest: I don't know what else to buy right now. It's hard enough to even get a notebook with US ANSI keyboard layout to begin with.</p>
Notes on the Thinkpad X2802019-02-02T23:18:08Zhttps://markuscisler.com/notes-on-x280<p>I got my Thinkpad two days ago and already installed at least four linux distributions.
Here are my first thoughts:</p>
<ul>
<li>
<p>The <strong>hardware</strong> or rather the build quality is great. The only minor nitpicky issue is the camera slider, it feels cheap. Still better having a camera slider than having none I would say. CPU and NVMe SSD are fast, I did not expect anything else.</p>
</li>
<li>
<p>The <strong>keyboard</strong> is a pleasure to type on. When I got a 2018 Macbook Pro at work I said that the keyboard is fine but I did not have the comparison to this one yet. <em>This</em> keyboard is more than fine, it is amazing.</p>
</li>
<li>
<p>The <strong>trackpoint</strong> is... a trackpoint. It works fine, sometimes seems to be stuck and slowly moving the mouse into a corner of the screen, but I had that with my X220 as well. The <strong>trackpad</strong> is good, not as good as a Macbook trackpad though. Not sure if it's hardware or software that makes the difference but everybody: please catch up.</p>
</li>
<li>
<p>The <strong>display</strong> is good. This resolution on a 12.5" screen is <em>almost</em> too much. If we could at least have fractional scaling on Linux, that would be great. It is fine on 1x scaling though, not an issue. I now want a matte display on my Macbook as well. The bezels around the screen could be smaller, you can get that with basically all the other vendors.</p>
</li>
<li>
<p>The <strong>speakers</strong> are bad. They are on the bottom of the device, way too quiet, they sound like shit. This is actually quite a big deal for me since I want to watch videos on YouTube or Netflix on this device. When the device is not laying on a flat surface it is almost impossible to hear anything.</p>
</li>
</ul>
<p>While replacing Windows 10 Home on the device I wanted to see which Linux distribution would offer the best out of the <s>box</s> installer experience.</p>
<ul>
<li>
<p>I had to find out the hard way that <strong><a href="https://www.debian.org/">Debian</a></strong> does not ship with the firmware needed for the intel wifi card. At least it warns you before you nuke your partitions. Interesting to know for people that usually do not use Debian: it only ships with <a href="https://www.mozilla.org/en-US/firefox/organizations/">Firefox ESR</a> which is currently on version 60 and does not include the performance improvements from the latest versions. There will not be another version until july of this year.</p>
</li>
<li>
<p>Promising contender for the <em>it just works</em> award is <strong><a href="https://system76.com/pop">Pop!_OS</a></strong>. It actually kind of just works. Based on Ubuntu with an opinionated configuration and defaults this was to be expected. The only issue I had thich I did not want to fix is that it reset itself to 2x scaling on every reboot and after every hibernate.</p>
</li>
<li>
<p>Never have I tried to use <strong><a href="https://getfedora.org/">Fedora</a></strong>. At least not in the last 10 years. It is great, really. It is also what I am writing this blog post on. I had wayland crash on me two times when I first installed it, but it did not happen again until now. You can get a very integrated vanilla Gnome experience which I actually like.</p>
</li>
</ul>
<hr />
<p>Anything you want to know about the Thinkpad or Linux? Let me know on <a href="https://twitter.com/bl1nk">Twitter</a> or <a href="https://mastodon.social/@markus">Mastodon</a>. I'll try to use this thing for at least a week. I will then evaluate how many issues I have and if I am able to solve them. Also let me know if you know other devices that will make me happier than this one does.</p>
Buying a notebook is hard2019-01-27T21:05:59Zhttps://markuscisler.com/buying-a-notebook-is-hard<p>My beloved Macbook Air I bought in 2011 died last week. It does not turn on anymore, it does not make a sound, all it does is turn on its fan. Farewell, you served me well. ❤️</p>
<p>Now, on the hunt for a replacement, I struggle. I would love to buy and use something that is <strong>not</strong> a Macbook. Linux would be nice, something to hack on again. What I am looking for in particular:</p>
<ul>
<li>Small (not bigger than 13")</li>
<li>Light (not heavier than my dead Macbook Air)</li>
<li>Linux-compatible</li>
<li>Less than 1000€</li>
</ul>
<p>Should not be too hard to find something fitting, I thought. In the end all came down to the following choices:</p>
<ul>
<li>
<p><strong>Thinkpad X1 Carbon</strong> (used 3rd gen)
Best when you're coming from a Macbook Air. The used model if configured with an i7, 8GB of RAM, 256GB of SSD and the QHD (2560x1440) display. Unfortunately, due to its age, the battery lasts for about 2 hours. For around 650€ it is still a good deal.</p>
</li>
<li>
<p><strong>Xiaomi Notebook Air 12</strong>
Only available though one of these chinese sellers. In case of problems you're on your own. Also I have read that it has problems with the rollover support of the keyboard, might be fixed already.</p>
</li>
<li>
<p><strong>Surface Go</strong>
tl;dr: Too expensive once I want to get hardware good enough for my requirements.</p>
</li>
<li>
<p><strong>Dell XPS 13</strong>
Nice, but also too expensive. A lot of plastic but build quality should be fine. Webcam on the bottom edge of the screen seems strange.</p>
</li>
<li>
<p><strong>Huawei Matebook D 14</strong>
Looks like a Macbook, kind of the same hardware as all of the other notebooks in this list, also available with an AMD Ryzen CPU/GPU combo. Unfortunately not really available on any of the website I'd like to order from, at least not for under 1000€.</p>
</li>
<li>
<p><strong>Huawei Matebook X</strong>
Looks even better than the notebook above, bonus points for the 3:2 aspect ratio. Even more expensive than the Matebook D. Also I cannot get it with an US keyboard layout.</p>
</li>
<li>
<p><strong>Thinkpad L390</strong>
This looked like the perfect deal on first sight. I almost bought it. To keep it short: Good hardware, but not as well built as a T or X series Thinkpad. Also you only get 1 instead of 3 years of warranty.</p>
</li>
</ul>
<p>The missing sturdiness probably nags me more than it should, so I continued looking for other devices and there it was, the <strong>Thinkpad X280</strong>. Smaller than the Thinkpad X1 Carbon, same weight, same hardware configuration. Just a little bit more expensive than I initially was willing to pay. I ordered it (i5-8250U, FHD display, 16GB of RAM, 256GB SSD) yesterday.</p>
<p>There will be another update once I had the time to set everything up and use it for some days.</p>
Goodbye Facebook2019-01-03T18:19:34Zhttps://markuscisler.com/bye-facebook<p>Starting the new year the right way: I finally remembered I wanted to delete my account on Facebook. They have given me another 30 days to change my mind, but I don’t think I will.</p>
<figure>
<img src="https://markuscisler.com/img/blog/bye-facebook.png" alt="What it looks like to delete your Facebook account" />
<figcaption>What it looks like to delete your Facebook account</figcaption>
</figure>
<p>I am not sure what took me so long to actually do it. Maybe the fear of missing out, maybe the fact that some people will not be able to contact me anymore. But nobody has contacted me in the last two years anyway and I have not looked at my Facebook stream. I am convinced that nothing will change.</p>
<p>You can still find Instagram and WhatsApp on my phone. It's nice to look at stories posted by friends and there's no other messenger everybody is using.</p>
Rotate Docker container logs daily2018-12-30T21:23:57Zhttps://markuscisler.com/rotate-docker-logs<p>While making sure that I don't save webserver logs for longer than I actually have to I stumbled across the fact that docker cannot rotate or keep logs for a specific amount of time when using the <a href="https://docs.docker.com/config/containers/logging/json-file/"><code>json-file</code> log driver</a>. It only has options to set a maximum filesize or a maximum number of files.</p>
<p>To get around that I am using good old <code>logrotate</code>.</p>
<h2>Configuring the Docker daemon</h2>
<p>I have configured my Docker daemon to use the <code>json-log</code> logging driver by default. Also I am making sure here to not write more than 30 megabytes of logs per container. If anything logs more than that I don't care anyway, nobody can read all that. This is my <code>/etc/docker/daemon.json</code>:</p>
<pre class="language-json"><code class="language-json"><span class="token punctuation">{</span><br /> <span class="token property">"log-driver"</span><span class="token operator">:</span> <span class="token string">"json-file"</span><span class="token punctuation">,</span><br /> <span class="token property">"log-opts"</span><span class="token operator">:</span> <span class="token punctuation">{</span><br /> <span class="token property">"max-size"</span><span class="token operator">:</span> <span class="token string">"10m"</span><span class="token punctuation">,</span><br /> <span class="token property">"max-file"</span><span class="token operator">:</span> <span class="token string">"3"</span><br /> <span class="token punctuation">}</span><br /><span class="token punctuation">}</span></code></pre>
<h2>Configuring <code>logrotate</code></h2>
<p>First of all: install <code>logrotate</code>, make sure it is being run regularly. The <code>/etc/logrotate.conf</code> on my system includes all files that you put in <code>/etc/logrotate.d</code>:</p>
<pre class="language-shell-session"><code class="language-shell-session"><span class="token command"><span class="token shell-symbol important">$</span> <span class="token bash language-bash"><span class="token function">cat</span> /etc/logrotate.conf</span></span><br /><span class="token output">[...]<br />include /etc/logrotate.d</span></code></pre>
<p>I then added the following lines to <code>/etc/logrotate.d/docker</code>:</p>
<pre><code>/var/lib/docker/containers/*/*.log {
rotate 7
daily
compress
missingok
delaycompress
copytruncate
}
</code></pre>
<p>Log files will be rotated every day and compressed on the following run of <code>logrotate</code>. And we're done.</p>
Castlemacs2018-12-22T10:57:52Zhttps://markuscisler.com/castlemacs<p>I came across <a href="https://github.com/freetonik/castlemacs">Castlemacs</a> on Github. If you ever wanted to try out some of the things that emacs has to offer but are not willing to get used to emacs keybinds right away, try Castlemacs, looks decent.</p>
<p>It tries to be compatible to standard emacs but implements a lot of default keybinds that you know from other editors on macOS.</p>
Just watch2018-12-03T10:36:54Zhttps://markuscisler.com/just-watch<p>There's this strange kind of YouTube channel that I really dig. No talking involved, just people doing things.</p>
<p>The first channel I came across that belongs in this category is <a href="https://www.youtube.com/channel/UCAL3JXZSzSm8AlZyD3nQdBA">Primitive Technology</a>. Guy from australia building things without using any modern tools, lighting fires using fire sticks or -stones and so on. And as I like it: no talking involved. It's interesting to turn on closed captions though.</p>
<p>Another channel is <a href="https://www.youtube.com/channel/UCMrMVIBtqFW6O0-MWq26gqw">my mechanics</a>. Another guy restoring old and building new mechanical tools in his free time. <a href="https://lukas.io/">Lukas</a> has linked the channel earlier this month and I immediately subscribed. As always: no talking involved.</p>
<p>There's a third channel kind of fitting this category. Its name is <a href="https://www.youtube.com/channel/UCoC47do520os_4DBMEFGg4A">李子柒</a> which translates to Plum. I am as confused as you are. Still: woman cooking and building stuff, (almost) no talking involved. The food looks amazing.</p>
Switching from Dropbox to Resilio Sync2018-09-23T00:00:00Zhttps://markuscisler.com/switching-from-dropbox-to-resilio-sync<p>I've been using Dropbox since forever.</p>
<p>Really. I could not even find the date I registered in my mails. My account page on the website says that it must have been at least nine years. Back then I was still using Linux as my main operating system.</p>
<figure>
<img src="https://markuscisler.com/img/blog/dropbox-first-device.png" alt="My first Dropbox device" />
<figcaption>My first Dropbox device</figcaption>
</figure>
<p>Last week Dropbox notified me, that it will stop syncing my stuff on Windows if I don't move my folder to a supported filesystem. With NTFS being the only supported filesystem I would either have to reformat my HDD or use something else to sync my files between machines.</p>
<p>I decided to look for an alternative, coming across <a href="https://www.resilio.com/individuals/">Resilio Sync</a> and <a href="https://syncthing.net/">Syncthing</a>. The only reason I see to use Syncthing over Resilio is, that it's open source and the protocol is documented. But Resilio Sync can do encrypted folders and has a mobile app for iOS. So in the end I decided for Resilio Sync.</p>
<h2>Hosting it yourself</h2>
<p>While Resilio Sync can run just fine with just your two or more devices connected to each other, I decided to run another client on one of my servers as well. That way I have an always online node in my network that can sync files to the devices that are not always connected, my gaming PC at home for example. Also I used an encypted key on my server, it syncs all files but never sees the contents of them.</p>
<p>Currently it is running in Docker which makes deployment super easy. An example <code>docker-compose.yaml</code> could look like this:</p>
<pre class="language-yaml"><code class="language-yaml"><span class="token key atrule">version</span><span class="token punctuation">:</span> <span class="token string">"3"</span><br /><span class="token key atrule">services</span><span class="token punctuation">:</span><br /> <span class="token key atrule">sync</span><span class="token punctuation">:</span><br /> <span class="token key atrule">container_name</span><span class="token punctuation">:</span> sync<br /> <span class="token key atrule">restart</span><span class="token punctuation">:</span> on<span class="token punctuation">-</span>failure<br /> <span class="token key atrule">image</span><span class="token punctuation">:</span> resilio/sync<br /> <span class="token key atrule">volumes</span><span class="token punctuation">:</span><br /> <span class="token punctuation">-</span> ./sync<span class="token punctuation">:</span>/mnt/sync<br /> <span class="token key atrule">ports</span><span class="token punctuation">:</span><br /> <span class="token punctuation">-</span> <span class="token string">"55555:55555"</span><br /> <span class="token punctuation">-</span> <span class="token string">"8888:8888"</span></code></pre>
<p>To set everything up, open port 8888 on your host in a webbrowser and follow the instructions. That's it.</p>
<p><strong>If you actually want to run this, please think about securing your webinterface</strong>.</p>
<p>This has been happily syncing for more than a month now. I did not feel the need to use Dropbox again.</p>