Email Address Obfuscation
Hide email addresses from bots while keeping them visible to visitors.
Cloudflare Docs · developers.cloudflare.com [1]
I recently started seeing email-decode.min.js show up on my blog posts, and I wondered what the heck ? I didn’t put it there. Turns out that cloudflare put it there from pages to safely serve email addresses for me.
inspecting the page without js running we can see that the mailto email is swapped out for email protected. Neat feature.
❯ curl --silent https://waylonwalker.com/diskcache-as-debounce/ | grep email
<a class="decoration-pink-500 hover:decoration-pink-300 hover:text-pink-100" href="/cdn-cgi/l/email-protection#a4ccc1c8c8cbe4d3c5ddc8cbcad3c5c8cfc1d68ac7cbc9" rel="me"><span class="__cf_email__" data-cfemail="630b060f0f0c2314021a0f0c0d14020f0806114d000c0e">[email protected]</span></a>
<script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
Looking deeper into this article it looks like this feature comes from Scrape Shield and enabling Email Address Obfuscation.
References:
[1]: https://developers.cloudflare.com/waf/tools/scrape-shield/email-address-obfuscation/
Publishing rhythm
Background Tasks - FastAPI
FastAPI framework, high performance, easy to learn, fast to code, ready for production
fastapi.tiangolo.com [1]
fastapi [2] comes with a concept of background tasks which are functions that can be ran in the background after a function has been ran. This is handy for longer running functions that may take some time and you want to have fast response times.
Here is an example from the docs
from fastapi import BackgroundTasks, FastAPI
app = FastAPI()
def write_notification(email: str, message=""):
with open("log.txt", mode="w") as email_file:
content = f"notification for {email}: {message}"
email_file.write(content)
@app.post("/send-notification/{email}")
async def send_notification(email: str, background_tasks: BackgroundTasks):
background_tasks.add_task(write_notification, email, message="some notification")
return {"message": "Notification sent in the background"}
References:
[1]: https://fastapi.tiangolo.com/tutorial/background-tasks/
[2]: /fastapi/
markdown-it-pyrs
A Python interface for markdown-it.rs, using Rust for blazingly fast Markdown parsing ⚡️
PyPI · pypi.org [1]
markdown it py running in rust claims to be 20x faster. I’ll definitely look into this if markdown it py is ever a bottleneck in my performance. At first glance it appears that plugins are written in rust not python, and there is no admonition plugin, so I’ll keep my eye on it for now, but I can’t use it.
References:
[1]: https://pypi.org/project/markdown-it-pyrs/
[1]
diskcache has a peekitem method that allows you to lookup the expire_time of a cached item without changing it. I recently used this to implement debounce for fastapi [2] background tasks with multiple workers running. since all the workers I care about are on the same machine, but running in different processes diskcache was a great option. All workers have access to the same disk, but not the same variables in memory.
References:
[1]: /static/https://grantjenks.com/docs/diskcache/api.html#diskcache.Cache.peekitem
[2]: /fastapi/
-
Great intro into kustomize. This helped me get started with kustomize.
I’ve been using fastapi more and more lately and one feature I just started using is background tasks [[ thoughts-333 ]].
Seealso
basic diskcache example <a href="/python-diskcache/" class="wikilink" data-title="How I setup a sqlite cache in python" data-description="When I need to cache some data between runs or share a cache accross multiple processes my go to library in python is . It's built on sqlite with just enough..." data-date="2022-03-29">How I setup a sqlite cache in python</a>
One Background Task per db entry #
I am using it for longer running tasks and I don’t want to give users the ability to spam these long running tasks with many duplicates running at the same time. And each fastapi worker will be running in a different process so I cannot keep track of work in memory, I have to do it in a distributed fashion. Since they are all running on the same machine with access to the same disk, diskcache is a good choice
What I need #
- check if a job is running
- automatically expire jobs
Less infrastructure complexity #
My brain first went to thinking I needed another service like redis running alongside fastapi for this, then it hit me that I can use diskcache.
How I used diskcache #
Here is how I used diskcache to debounce taking screenshots for a unique shot every 60 seconds.
from diskcache import Cache
jobs_cache = Cache("jobs-cache")
@shots_router.get("/shot/{shot_id}", responses={200: {"content": {"image/webp": {}}}})
@shots_router.get("/shot/{shot_id}/", responses={200: {"content": {"image/webp": {}}}})
async def get_shot_by_id(
background_tasks: BackgroundTasks,
request: Request,
shot_id: int,
):
shot = Shot.get(shot_id)
# check if the shot exists and return it or continue to create it.
is_running = jobs_cache.get(shot_id)
if is_running:
expire_time = datetime.fromtimestamp(jobs_cache.peekitem(expire_time=True)[1]) - datetime.now()
console.print("[red]Already running store_shot: ", shot_id)
console.print(f"[red]Can retry in {expire_time.seconds}s")
else:
jobs_cache.set(shot_id, True, 60)
background_tasks.add_task(
store_shot,
shot_id=shot_id,
)
I’m really excited about homelab-diagrams [1], an amazing project by Doomlab7 [2]. It’s worth exploring!
A repository to house diagrams for my homelab [3]
References:
[1]: https://github.com/Doomlab7/homelab-diagrams
[2]: https://github.com/Doomlab7
[3]: /homelab/
learn-pdm [1] by pypeaday [2] is a game-changer in its space. Excited to see how it evolves.
A repository for learning and playing with the pdm package manager/system for python
References:
[1]: https://github.com/pypeaday/learn-pdm
[2]: https://github.com/pypeaday
If you’re into interesting projects, don’t miss out on zmk-config-fourpad [1], created by wyattbubbylee [2].
my fourpad keybord
References:
[1]: https://github.com/wyattbubbylee/zmk-config-fourpad
[2]: https://github.com/wyattbubbylee
kind cluster
kind [1]{.hoverlink} is a very useful tool to quickly standup and
teardown kubernetes clusters. I use it to run clusters locally. Generally
they are short lived clusters for trying, testing, and learning about
kubernetes.
Kind is Kubernetes in Docker, its very fast to get a new cluster up and
running. Other than checking a box in docker desktop it is the easiest way
currently to get a cluster up and running. I’ve used docker desktop for k8s
before I really developed on k8s and it was buggy at the time and sometimes
started and sometimes didn’t, when it didnt I had no idea how to fix it. I’d
suggest kind as the best option to get a cluster up and running locally.
Not Production # [2]
If you are looking for a production ready cluster this is not it. I really
like k3s [3]{.hoverlink}. At the time that I chose k3s it was
the most lightweight option that easily supported multi-node clusters.
Starting a kind cluster # [4]
The first step, and maybe only one that you need is to create ...
Yesterday I realized that I have overlooked the default installation method of the sealed secrets controller for kubernetes kubeseal this whole time an jumped straight to the helm section. I spun up a quick kind cluster and had it up quickly. I can’t say this is any better or worse than helm as I have never needed to customize the install. According to the docs you can customize it with [[ kustomize ]] or helm.
# option if you don't have a cluster try with kind
kind create cluster
curl -L https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.27.0/controller.yaml > controller.yaml
kubectl apply -f controller.yaml
I like rothgar’s [1] project bashScheduler [2].
Kubernetes scheduler written in less than 100 lines of bash 😬 😆
References:
[1]: https://github.com/rothgar
[2]: https://github.com/rothgar/bashScheduler
Alternatives
A Pro Micro alternative for wireless keyboards. Contribute to joric/nrfmicro development by creating an account on GitHub.
GitHub · github.com [1]
Huge list of micro controllers tried and used in keeb builds.
References:
[1]: https://github.com/joric/nrfmicro/wiki/Alternatives
I’m impressed by nrfmicro [1] from joric [2].
A Pro Micro alternative for wireless keyboards
References:
[1]: https://github.com/joric/nrfmicro
[2]: https://github.com/joric
waylon walker (@_WaylonWalker) on X
First bit of hand written gcode in 12 years let's go! https://t.co/BeTXnHE3uJ
X (formerly Twitter) · x.com [1]
Not gonna lie, kinda pumped about this one. I manually did one, jotted down the coordinates, opened the gcode in vim, added markers between setup/teardown and print. then added the wipe, the copy pasted the print+wipe section a bunch of times.
My printer tends to run a bit better on single prints than printing a dozen at once as it has less issues with retract start and stop.
References:
[1]: https://x.com/_WaylonWalker/status/1807594004453667134
-
another great use and demo of the one eyed fighting kirby
[1]
Damn, supply chain vector attacks are wild. Random guy in Primes stream was getting $40k offers to buy their open source project while in university and they have never made anything from it. What a social engineering attack this is. It would be so easy to make it look like a good deal and that the package was going to a good new owner who has real resources to maintain it.
References:
[1]: /static/https://www.youtube.com/watch?si=6NK4iCu1b1rCDo7a&t=555&v=mmlHQyMOK7Y&feature=youtu.be
Found: OverlayKey X
Designed by @yfuku_, a keyboard to place on top of your laptop.
Thomas Baart's Microblog · micro.thomasbaart.nl [1]
This is almost exactly what I have been thinking about building for quite awhile. I am going to give it a good try with a few $$ in filiment some cheap switches a microcontroller and go pretty bare bones, maybe open wiring on the bottom.
References:
[1]: https://micro.thomasbaart.nl/2024/06/12/overlaykey-x/
Queueing – An interactive study of queueing strategies
In this blog, we go on an interactive journey to understand common queueing strategies for handling HTTP requests.
encore.dev [1]
Absolutely sick post. This is top tier animated blog posts. This posts demos how different queuing systems work with fantastic interactive demos.
References:
[1]: https://encore.dev/blog/queueing
-
Supply chain attacks are so big these days engineers definitely need to take these into consideration. It’s wild that such a simple attack vector hit some really big applications. This particular vector is so easy to avoid. You are already hosting web content, just curl the file and self host [1] the script, then you own it. That eliminates this attack vector all together, but doesn’t completely remove supply chain attacks, the js file can still hit external apis internally.
What I see has happened in this case is that the owner of the domain polyfill.io changed. so anyone who directly linked to them got a malware injected script used.
I can only imagine the number of applicatons that are not even being maintained anymore getting hit by this. TLDR, if you are taking something to production, where you are goind to deploy it and let it run, host the js yourself. these cdns are great for prototyping, but tread with caution.
References:
[1]: /self-host/
- YouTube
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
youtube.com [1]
Well spoken prime. Co-pilot is a fantastic tool for templating, boilerplate, or just getting something done that is just outside your knowledge or care to know. Bit if you really want to learn something, you need to use your hands. Reading the solution only gives you the happy path. This does not give you that path that most people would take, and completely misses debugging. If you are very new and learning it’s unlikely that you can write large blocks of code without running a test or a script to try it. Taking these shortcuts will hinder your ability to do it yourself.
If I were to devils advocate here, copilot is still not the greatest at the big picture, you still have to drive, and tell it I want to use python, fastapi [2], I want to load settings from .env. taking these shortcuts can help you move quick and get the big picture. This is especially helpful for someone who might know one language or framework and is trying a different one, but at some point you need to do the work and learn if you are going to be effecti...
GitHub - dropbox/pyannotate: Auto-generate PEP-484 annotations
Auto-generate PEP-484 annotations. Contribute to dropbox/pyannotate development by creating an account on GitHub.
GitHub · github.com [1]
pyannotate is a tool that uses runtime types to suggest type annotations to use. Test runners such as pytest can be used to generate the types.
References:
[1]: https://github.com/dropbox/pyannotate
[1]
Interesting, linux supports 32 programmable buttons, special buttons that do nothing that hotkey programs like xbindkeys can pick up and run things, seems like it would be very intersting to use on a macro pad. You could easily do dynamic and complex tasks without clashing that keybinding with something else.
I’m going to look into this for my next obs setup. No matter what I try to do with the hyper key it always tends to do odd things depending on the application I am in. typically its tmux, and it starts trying to do something I don’t want it to.
References:
[1]: /static/https://github.com/qmk/qmk_firmware/blob/master/docs/features/programmable_button.md
GitHub - tusharsadhwani/yen: The last Python environment manager you'll ever need.
The last Python environment manager you'll ever need. - tusharsadhwani/yen
GitHub · github.com [1]
Create virtual environments for any Python version, without needing Python installed.
References:
[1]: https://github.com/tusharsadhwani/yen
Where DOESN’T curl run with curl BDFL Daniel Stenberg (Changelog & Friends #49)
Daniel Stenberg shares his guiding principles for BDFL'ing curl, gives us his perspective on the state of the internet, talks financial independence, ensuring curl won't be the next XZ & more!
Changelog · changelog.com [1]
Love how Daniel just brushed off the number of netflix tv installs as small beans for curl installs. overall great episode on open source, owning a major component to technology with such a small team.
References:
[1]: https://changelog.com/friends/49
I’ve long had issues with my qmk keyboard media keys on my arch install, I always thought it was on the keyboard end. Today I learned that playerctl fixes this.
paru -S playerctl
Once it is installed all of my media keys started working right away.
I played around with it a bit more and came up with a way to display the current playing title in my notifictations.
notify-send "`playerctl metadata --format '{{lc(status)}}:{{artist}}-{{album}}-{{title}}'`"
External Link
keyboard.university [1]
Great keyboard design guide for all the different mounting options that are normal for keyboards with pros and cons of each.
References:
[1]: https://www.keyboard.university/200-courses/keyboard-mounting-styles-4lpp7
Welcome to RSS Club
Congratulations on joining a secret society! If you’re reading this, that means my message has been transmitted successfully. This post is only available to you, Reader, through the ancient peer-...
daverupert.com · daverupert.com [1]
Super cool idea, kinda breaking the rules by talking about it here, but Its a cool idea to throw out posts to the core audience. Apparently its been around for quite while Dave started in 2018.
References:
[1]: https://daverupert.com/2018/01/welcome-to-rss-club/
GitHub - stackrox/kube-linter: KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.
KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices. - stackrox/kube-linter
GitHub · github.com [1]
A linter for linting kubernetes manifests and help charts.
References:
[1]: https://github.com/stackrox/kube-linter
Keycodes Overview | QMK Firmware
Documentation for QMK Firmware
docs.qmk.fm [1]
Full reference to all of the qmk keycode list. Handy reference to refer to all of the keycodes that qmk has.
References:
[1]: https://docs.qmk.fm/keycodes
-
Fantastic guide to building handwried keyboards. I used this guide to build my first hand-wired macro pad.
Just starred TinyLlama [1] by jzhang38 [2]. It’s an exciting project with a lot to offer.
The TinyLlama project is an open endeavor to pretrain a 1.1B Llama model on 3 trillion tokens.
References:
[1]: https://github.com/jzhang38/TinyLlama
[2]: https://github.com/jzhang38
Just starred packaged [1] by tusharsadhwani [2]. It’s an exciting project with a lot to offer.
The easiest way to ship python applications.
References:
[1]: https://github.com/tusharsadhwani/packaged
[2]: https://github.com/tusharsadhwani
-
Two inspirational people in one podcast, its cool to see how adam thinks about code, css, webdev, and building businesses.
Best practices for Docker in production
You
talkpython.fm [1]
Great listen for anyone interested in productionizing python code with docker. Itamar brings up some
Don’t trust base images for security, upgrade your packages. Vulnerabilties become published and solved giving the bad guys istructions how to wreck your day and these fixes wont come to your docker application for up to two weeks due to image build tatency.
For job based containers pre-compile your pyc for faster startup.
Alpine linux is probably not what you want for python. Many packages such as postgres ship pre-copiled binaries that work for most linux distributions wich use glibc, but alpine uses musl so the binaries will be incompatable requiring you to need to install a bunch of build dependencies.
References:
[1]: https://talkpython.fm/episodes/show/323/best-practices-for-docker-in-production
-
Homelabbers have been some of the best co-workers I have ever had. Typically have a get shit done, If there’s a way I will find it kind of mentality. If you are struggling to get a job in tech right now its tough. Starting a homelab on a pc you pull out of the trash is a good way to get some experience that you can talk about in interview questions.
Linked video has some great points!
References:
[1]: /homelab/
External Link
askubuntu.com [1]
podman requires qemu-system on
❯ podman machine init
Looking up Podman Machine image at quay.io/podman/machine-os:5.1 to create VM
Extracting compressed file: podman-machine-default-amd64.qcow2: done
Error: exec: "qemu-img": executable file not found in $PATH
The fix to this for me was to install qemu-system before podman machine init.
sudo apt update
sudo apt install qemu-system
References:
[1]: https://askubuntu.com/questions/1490805/how-do-i-install-qemu-on-ubuntu-23-10
SVG backgrounds, icons, and other website graphics
👉 Copy-and-paste backgrounds, patterns, icons, and other website graphics directly into projects. All customizable, tiny in file size, and licensed for multi-use.
SVG Backgrounds · svgbackgrounds.com [1]
svgbackgrounds is a really awesome resource for svg things recently featured on https://shoptalkshow.com/618/
References:
[1]: https://www.svgbackgrounds.com/
GitHub - darrenburns/posting: The modern API client that lives in your terminal.
The modern API client that lives in your terminal. - darrenburns/posting
GitHub · github.com [1]
Currently Posting is a super early postman like tui (terminal user interface). It looks so good. Darren is really getting into a groove, and textual is getting to a place that is allowing him to really make these beautiful.
I am so impressed with the progress that he has made so early, it looks so close to postman in the freaking terminal, and the ui is so good. He already has think like jump that give you a way to around the ui like easymotion plugins. Theres themes and a command line, oh man its so good. star it.
References:
[1]: https://github.com/darrenburns/posting
Looking for inspiration? dataherald [1] by Dataherald [2].
Interact with your SQL database, Natural Language to SQL using LLMs
References:
[1]: https://github.com/Dataherald/dataherald
[2]: https://github.com/Dataherald
Check out sqlsync [1] by orbitinghail [2]. It’s a well-crafted project with great potential.
SQLSync is a collaborative offline-first wrapper around SQLite. It is designed to synchronize web application state between users, devices, and the edge.
References:
[1]: https://github.com/orbitinghail/sqlsync
[2]: https://github.com/orbitinghail
Blogmarks that use markdown
I needed to attach a correction to an older blogmark (my 20-year old name for short-form links with commentary on my blog) today - but the commentary field has always …
Simon Willison’s Weblog · simonwillison.net [1]
Oh I kinda like the name blogmark, as opposed to thoughts like I have chose for the same thing. Aparantly Simon beat me to the punch by 20 years on this one.
References:
[1]: https://simonwillison.net/2024/Apr/25/blogmarks-that-use-markdown/
A Link Blog in the Year 2024
Kellan Elliott-McCrea has started a new link blog: Like many people I’ve been dealing with the collapses of the various systems I relied on for information over the previous decades. …
Simon Willison’s Weblog · simonwillison.net [1]
THIS! is the same reasons that I built thoughts [2]{.hoverlink}. Simon has bee a big inspiration along the way. He defintely changed the format of my posts as I watched him build out his quote posts.
Link blogging is a pleasantly low-pressure way of writing online. Found something interesting? Post a link to it, with a sentence or two about why it’s worth checking out.
Ditto! just make a post.
References:
[1]: https://simonwillison.net/2024/Jun/9/a-link-blog-in-the-year-2024/
[2]: https://thoughts.waylonwalker.com
[1]
Kellan brings some interesting thoughts on where the internet is headed in 2024. Interestingly I see myself headed in a similar direction. Feeling like I know just enough to say fuck it and build my own platform for me to me me, from thoughts [2]{.hoverlink} where I link and make thoughts on posts like this, to reader [3]{.hoverlink} which is my rss reader replacement that I wanted in 2013 when it was killedbygoogle [4]
And particular with the collapse of the social spaces many of us grew up with, I feel called back to earlier forms of the Internet, like blogs, and in particular, starting a link blog.
Ai has really had quite the two sided effect since chatgpt launched and set the world ablaze. Suddenly you can get any answer you want as a custom fit blog post for free without effort, thus killing the traffic to any of these sites.
References:
[1]: /static/https://laughingmeme.org//2024/06/08/a-link-blog-in-2024.html
[2]: https://thoughts.waylonwalker.com
[3]: https://reader.waylonwalker.com
[4]: https://killedbygoogle.com/
How to Configure DNS over TLS (DoT) Using Unbound DNS in OPNsense
Going beyond the basics of home networking
homenetworkguy.com [1]
Setting up DNS overTLS in opnsense has made my dns just a bit more secure and reliable. I recently had an outage of half the internet within my house. This also hit some of my friends and not some. It did not hit my mobile network. What seems to have happened is a dns issue with my isp not resolving some domains. This setup corrected my issue and I was back online more securely.
Note
I did try to setup the family resolver and found it was blocking some sites I am ok with. I decided to drop back to the vanilla resolver and let other services within opnsense control blocking where I can caontrol the whitelist myself.
References:
[1]: https://homenetworkguy.com/how-to/configure-dns-over-tls-unbound-opnsense/
GitHub - argoproj/argo-events: Event-driven Automation Framework for Kubernetes
Event-driven Automation Framework for Kubernetes. Contribute to argoproj/argo-events development by creating an account on GitHub.
GitHub · github.com [1]
Argo events is an event driven automation framework for kubernetes that can create kubernetes objects among other things based on events. I’ve been using native kubernetes cronjobs to kick off jobs based on a cron trigger.
For instance I am running reader.waylonwalker.com every hour, to rebuild the site and re-deploy it. It takes about two minutes to fetch every rss feed, so this is a nice application of a job compared to a web server fetching the feeds live. Now my posts may be up to an hour stale but they load fast.
Argo events takes event drien architecture to the next level allowing to be triggered by many more things, and do many more things than creating a cron job. I’m definitely thinking about dropping this in my homelab [2].
References:
[1]: https://github.com/argoproj/argo-events?tab=readme-ov-file
[2]: /homelab/
What I'm learning in 2024
2024 has been a learning fueled year, Diving deep into things I never would
have previously thought I would. It’s been a bit of a mix of the 🔥hot twitter
trends, and exactly what tech twitter tells you not to do. It just goes to
show community is great, the tech community is filled with strong opinions, but
you need to think about what really makes sense for you, your career and your
customers (or lack there of).
tech # [1]
- k8s
- tailwind
- fastapi [2]
- htmx [3]
- jinja
- opnsense
successful one day builds # [4]
- play-outside
- reader
- thoughts
- thoughts chrome-extension
Kubernetes # [5]
Damn did I sleep on k8s for way took long. This is like exactly what I’ve
needed for a lot of things. It’s a perect example of what happens when you
listen to the tech community tell you.
Looking for a Heroku replacement, What I found was shocking! [6]
I started looking for something to make my homelab [7] deployments easier at home.
Previously I needed to ssh into my server an...
Today I am playing around with tailwind, flexing the css muscle and learning how to build new and different layouts with it.
I created a new post template that mimics a terminal look in css where I could inject the post title, description, and other frontmatter elements.
GitHub - catppuccin/ulauncher: 🇺 Soothing pastel theme for Ulauncher
🇺 Soothing pastel theme for Ulauncher. Contribute to catppuccin/ulauncher development by creating an account on GitHub.
GitHub · github.com [1]
I am using this theme for Ulauncher in arch and it looks fantastic! One line install (read it first).
python3 <(curl https://raw.githubusercontent.com/catppuccin/ulauncher/main/install.py -fsSL)
References:
[1]: https://github.com/catppuccin/ulauncher
Ulauncher — Application launcher for Linux 🐧
Download Ulauncher for Linux, discover extensions and videos, and support the project.
ulauncher.io [1]
Just discovered this really cool launcher from the DHH distro omakub. github.com/omakub [2]{.hoverlink}.
Ulauncher comes out of the box looking good, supports extensions, and shortcuts like I have a lot of mac launchers have. I installed it plus a theme and in no time It was looking good and launching applications.
In the past I have leaned in on rofi for task launching, it is good. I just felt it was harder to configure to get right or look good.
References:
[1]: https://ulauncher.io/
[2]: https://github.com/basecamp/omakub