Archive

All published posts

2518 posts latest post 2026-07-10 simple view
Publishing rhythm
Jun 2026 | 26 posts
GitHub - johanhaleby/kubetail: Bash script to tail Kubernetes logs from multiple pods at the same time Bash script to tail Kubernetes logs from multiple pods at the same time - johanhaleby/kubetail GitHub · github.com [1] Kubetail is a pretty sick bash script that allows you to tail logs for multiple pods in one stream. Very handy when you have more than one replica running. wget https://raw.githubusercontent.com/johanhaleby/kubetail/master/kubetail chmod u+x ./kubetail Now with kubetail I can tail all the logs for every shot-wayl-one pod in the shot namespace. ./kubetail shot-wayl-one -n shot [2] References: [1]: https://github.com/johanhaleby/kubetail [2]: https://screenshots.waylonwalker.com/kubetail.png
I’m impressed by kubetail [1] from johanhaleby [2]. Bash script to tail Kubernetes logs from multiple pods at the same time References: [1]: https://github.com/johanhaleby/kubetail [2]: https://github.com/johanhaleby
- I am converting my docker compose env secrets over to k8s secrets. This guide was clear and to the point how I can replicate this exact workflow. First set the secret, the easiest way is to use kubectl wtih –from-literal because it automatically base64 encodes for you. kubectl create secret generic minio-access-key --from-literal=ACCESS_KEY=7FkTV**** -n shot If you don’t use the --from-literal you will have to base64 encode it. echo "7FkTV****" | openssl base64 Once you have your secret deployed, you have to update the container spec in your deployment manifest to get the valueFrom secretKeyRef. spec: containers: - env: - name: ACCESS_KEY valueFrom: secretKeyRef: key: ACCESS_KEY name: minio-access-key - name: SECRET_KEY valueFrom: secretKeyRef: key: SECRET_KEY name: minio-secret-key image: registry.wayl.one/shot-scraper-api name: shot-wayl-one ports: - containerPort: 5000 protocol: TCP resources: {} restartPolicy: Always
waylon walker (@_WaylonWalker) on X Which is more complicated X (formerly Twitter) · twitter.com [1] Wow, shocked at these results. All this time I’ve been told and believed that k8s is incredibly hard, and you need a $1M problem before you think about it because it will take a $1M team to maintain it. So far my experience has been good, and I definitely do not have a $1M problem in my homelab [2]. [1] References: [1]: https://twitter.com/_WaylonWalker/status/1718300097174270193 [2]: /homelab/
Wes Bos (@wesbos) on X 🔥 The stale-while-revalidate header is suuuuuuper handy for striking a balance between fast loads and and frequently changed content. Here I am using it to instantly deliver an OG image that t… X (formerly Twitter) · twitter.com [1] Wes has some of the coolest OG [2] images i’ve ever seen. Here he talks about how to enable cache configuration so that its constantly updating the cache without the user waiting for the image to be created. References: [1]: https://twitter.com/wesbos/status/1717923624559005977 [2]: /og/
Looking for inspiration? NeoComposer.nvim [1] by ecthelionvi [2]. Neovim plugin that simplifies macros, enhancing productivity with harmony. References: [1]: https://github.com/ecthelionvi/NeoComposer.nvim [2]: https://github.com/ecthelionvi
htmx ~ Locality of Behaviour (LoB) Carson Gross explores the Locality of Behaviour (LoB) principle, which emphasizes making the behavior of code units obvious on inspection to enhance maintainability. He discusses the tradeoffs betw... htmx.org [1] Interesting principle here. What a great example, If I’m looking at the second jQuery example, I have to dig into dev tools or make some assumtions that this team uses jQuery, and selects by id, therefore I can grep for $("#d1"). Consider two different implementations of an AJAX request in HTML [2], the first in htmx [3]: <!--markata-attribution--> <button hx-get="/clicked">Click Me</button> > and the second in jQuery: ``` js $("#d1").on("click", function(){ $.ajax({ /* AJAX options... */ }); }); <button id="d1">Click Me</button> References: [1]: https://htmx.org/essays/locality-of-behaviour/ [2]: /html/ [3]: /htmx/
External Link thoughts.waylonwalker.com [1] I was looking to add running kubernetes jobs to a python cli I am creating, and I found this solution, mostly thanks to ollama run mistral:7b-instruct-q4_K_M and my loose understanding of what the yaml syntax is supposed to look like for a kubernetes job. This will let me create a job in the cluster, choose the image that runs, the command that is called, and how long until the job expires and is cleaned up. While the job still exists I can go in and look at the logs, but once its ttl has expired they are gone. from kubernetes import client, config # Load the default kubeconfig config.load_kube_config() # Define the API client for batch jobs api_instance = client.BatchV1Api() # Create a new job object job = client.V1Job( api_version="batch/v1", kind="Job", metadata=client.V1ObjectMeta(name="myjob"), spec=client.V1JobSpec( ttl_seconds_after_finished=100, template=client.V1PodTemplateSpec( metadata=client.V1ObjectMeta(labels={"app": "myjob"}), spec=client.V1PodSpec( containers=[ client.V1Container( name="myjobcontainer", image="busybox", command=["ls", "/"], ), ], restart_policy="Never", ), ), backoff_limit=1, )...
Check out kevinhwang91 [1] and their project nvim-ufo [2]. Not UFO in the sky, but an ultra fold in Neovim. References: [1]: https://github.com/kevinhwang91 [2]: https://github.com/kevinhwang91/nvim-ufo
https://neovim.io/doc/user/diagnostic/ neovim.io [1] Clear out lsp diagnostics in nvim. lua vim.diagnostic.reset() References: [1]: https://neovim.io/doc/user/diagnostic.html#vim.diagnostic.reset()
How to kill process based on the port number in Linux Learn to kill a process by port in Linux using fuser, lsof, and ss commands. Essential for system admins managing network processes efficiently. LinuxConfig · linuxconfig.org [1] I’ve often struggled to find and kill a process using a certain port on archlinux. Mainly becuase most guides use netstat rather than ss. Here is how I just killed the process using port 5000 using fuser. sudo fuser -k 5000/tcp You can also get information about the process by running lsof ❯ lsof -i :5000 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME thoughts 1058292 waylon 11u IPv4 119622828 0t0 TCP *:commplex-main (LISTEN) References: [1]: https://linuxconfig.org/how-to-kill-process-based-on-the-port-number-in-linux
GitHub - mkimuram/k8sviz: Generate Kubernetes architecture diagrams from the actual state in a namespace Generate Kubernetes architecture diagrams from the actual state in a namespace - mkimuram/k8sviz GitHub · github.com [1] This is a sick kubernetes architecture diagran generation tool. Here is an example [2] installation # [3] $ curl -LO https://raw.githubusercontent.com/mkimuram/k8sviz/master/k8sviz.sh $ chmod u+x k8sviz.sh Usage # [4] ./k8sviz.sh --kubeconfig ~/.config/kube/falcon-k3s.yaml -t png -o k8sviz.png References: [1]: https://github.com/mkimuram/k8sviz [2]: https://raw.githubusercontent.com/mkimuram/k8sviz/master/examples/wordpress/default.png [3]: #installation [4]: #usage
Just starred just [1] by casey [2]. It’s an exciting project with a lot to offer. 🤖 Just a command runner References: [1]: https://github.com/casey/just [2]: https://github.com/casey
GitHub - casey/just: 🤖 Just a command runner 🤖 Just a command runner. Contribute to casey/just development by creating an account on GitHub. GitHub · github.com [1] I think just, might just be the thing I have been looking for. I’ve been looking for some ci/cd that I can host myself, but everything looks pretty big, so for now I am going to use just as my task runner. I installed with installer. curl https://i.wayl.one/casey/just | bash I set up my devtainer builds with just. Here is my justfile, yes you just need the cli and a file named justfile. default: base alpine slim base: build deploy alpine: build-alpine deploy-alpine slim: build-slim deploy-slim build: podman build -t registry.wayl.one/devtainer:latest . deploy: podman push registry.wayl.one/devtainer build-alpine: podman build -f docker/Dockerfile.alpine -t registry.wayl.one/devtainer:alpine . deploy-alpine: podman push registry.wayl.one/devtainer:alpine build-slim: podman build -f docker/Dockerfile.slim -t registry.wayl.one/devtainer:slim . deploy-slim: podman push registry.wayl.one/devtainer:slim References: [1]: https://github.com/casey/just
Translate a Docker Compose File to Kubernetes Resources What Kubernetes · kubernetes.io [1] kompose is a sick cli to convert docker-compose.yml to kubernetes manifest. # install curl -L https://github.com/kubernetes/kompose/releases/download/v1.26.0/kompose-linux-amd64 -o kompose kompose convert kompose convert -o deployment.yaml References: [1]: https://kubernetes.io/docs/tasks/configure-pod-container/translate-compose-kubernetes/
[1] Running your own docker registry in one line podman run -d -p 5000:5000 --restart=always --name registry registry:latest References: [1]: /static/https://blog.nashcom.de/nashcomblog.nsf/dx/k3s-podman-and-a-registry.htm
[1] I was curious to see what was going on inside of my minio object storage. Great technique here by Frank to create an inspector pod, then you can do as you wish with the data. I created the manifest as pvc-inspector.yml apiVersion: v1 kind: Pod metadata: name: pvc-inspector spec: containers: - image: busybox name: pvc-inspector command: ["tail"] args: ["-f", "/dev/null"] volumeMounts: - mountPath: /pvc name: pvc-mount volumes: - name: pvc-mount persistentVolumeClaim: claimName: pvc-name Then used it like this. # create pvc-inspector pod kubectl apply -f pvc-inspector.yml # exec into inspector kubectl exec -it pvc-inspector -- sh # explore data ls /pvc # cleanup kubectl delete -f pvc-inspector.yml References: [1]: /static/https://frank.sauerburger.io/2021/12/01/inspect-k8s-pvc.html
Reddit - Please wait for verification reddit.com [1] Right after installing k3s you are going to need to use sudo to use any kubectl command. The reason for this is that the default config is owned by root. To get around this you will need to make your own config and set the KUBECONFIG environment variable To do this I used sudo one last time to copy the k3s.yaml file into my own directory and take ownership of it. sudo cp /etc/rancher/k3s/k3s.yaml /home/waylon/.config/kube sudo chown -R waylon:waylon ~/.config/kube export KUBECONFIG=~/.config/kube/k3s.yaml References: [1]: https://www.reddit.com/r/kubernetes/comments/cojjf5/can_i_access_k3s_using_just_kubectl_no_sudo_and/
Quick-Start Guide | K3s This guide will help you quickly launch a cluster with default options. Make sure your nodes meet the requirements before proceeding. docs.k3s.io [1] I recently spun up k3s in my homelab [2]. I’m trying to offload some work off of my free tier fly.io app in order to keep it free tier without crashing. # install and start k3s curl -sfL https://get.k3s.io | sh - # check to see if your nodes are started sudo kubectl get nodes My main hiccup so far was the machine I am running on runs zfs on root, and it would not start the master node. Rather than figuring out how to make zfs play nice I just pointed k3s to a drive that is not zfs. # manuallly sudo k3s server -d /mnt/vault/.rancher/k3s # without editing systemd service sudo ln -s /mnt/vault/.rancher/k3s /var/lib/rancher/k3s References: [1]: https://docs.k3s.io/quick-start [2]: /homelab/
Check out djmaze [1] and their project docker-caching-proxy [2]. Caching proxy docker image References: [1]: https://github.com/djmaze [2]: https://github.com/djmaze/docker-caching-proxy
Looking for inspiration? oterm [1] by ggozad [2]. a text-based terminal client for Ollama References: [1]: https://github.com/ggozad/oterm [2]: https://github.com/ggozad
Litestar: Effortlessly Build Performant APIs We all know about Flask and Django. And of course FastAPI made a huge splash when it came on the scene a few years ago. But new web frameworks are being created all the time. And they have these ea... talkpython.fm [1] Litestar is an interesting api framework similar to fastpi, that I am interested to check out to see if it fits into some project scope. It sounds like it comes with a lot more batteries included for things like auth, but does not have hard opinions like django. At this point I’m not jumping off of fastapi [2], but its something I want to try. References: [1]: https://talkpython.fm/episodes/show/433/litestar-effortlessly-build-performant-apis [2]: /fastapi/
Delete a Postgres Cluster Documentation and guides from the team at Fly.io. Fly · fly.io [1] Deleting a fly postgres db cluster was not straightforward to me as the app name is not inferred from the toml like it is for the main app. fly apps destroy <pg-app-name> fly pg db list -a <pg-app-name> References: [1]: https://fly.io/docs/postgres/managing/deleting/
![[None]] Yet again twitter cards were causing me pain. This time it was me not realizing that they require full urls, and not relative or abolute urls. This was not working <meta name="twitter:image" content="/shot/?path={{ request.url|quote_plus }}" content-type='image/png'/> This does work with a full url <meta name="twitter:image" content="https://thoughts.waylonwalker.com/shot/?path={{ request.url|quote_plus }}" content-type='image/png'/>
gen.nvim [1] by David-Kunz [2] is a game-changer in its space. Excited to see how it evolves. Neovim plugin to generate text using LLMs with customizable prompts References: [1]: https://github.com/David-Kunz/gen.nvim [2]: https://github.com/David-Kunz
Ollama Ollama is the easiest way to automate your work using open models, while keeping your data safe. ollama.ai [1] ollama is the easiest to get going local llm tool that I have tried, and seems to be crazy fast. It feels faster than chat gpt, which has not been the experience I have had previously with running llm’s on my hardware. curl https://i.jpillora.com/jmorganca/ollama | bash ollama serve ollama run mistral ollama run codellama:7b-code ollama list References: [1]: https://ollama.ai/
Check out Boeing [1] and their project config-file-validator [2]. Cross Platform tool to validate configuration files References: [1]: https://github.com/Boeing [2]: https://github.com/Boeing/config-file-validator
If you’re into interesting projects, don’t miss out on NeoTweet [1], created by ChristianChiarulli [2]. No description available. References: [1]: https://github.com/ChristianChiarulli/NeoTweet [2]: https://github.com/ChristianChiarulli
GitHub - sysid/sse-starlette Contribute to sysid/sse-starlette development by creating an account on GitHub. GitHub · github.com [1] sse-FastAPI [2].">starlette provides server sent events for startlette and FastApi. I’m evaluating for use with htmx [3]. Installation: # [4] pip install sse-starlette Usage: # [5] import asyncio import uvicorn from starlette.applications import Starlette from starlette.routing import Route from sse_starlette.sse import EventSourceResponse async def numbers(minimum, maximum): for i in range(minimum, maximum + 1): await asyncio.sleep(0.9) yield dict(data=i) async def sse(request): generator = numbers(1, 5) return EventSourceResponse(generator) routes = [ Route("/", endpoint=sse) ] app = Starlette(debug=True, routes=routes) if __name__ == "__main__": uvicorn.run(app, host="0.0.0.0", port=8000, log_level='info') References: [1]: https://github.com/sysid/sse-starlette [2]: /fastapi/ [3]: /htmx/ [4]: #installation [5]: #usage
overflow - Layout Utilities for controlling how an element handles content that is too large for the container. tailwindcss.com [1] Controlling overflow with tailwindcss Examples # [2] <div class="overflow-visible ..."></div> <div class="overflow-hidden ..."></div> References: [1]: https://tailwindcss.com/docs/overflow [2]: #examples
[1] Default scrollbars on a dark theme website are just the ugliest thing. This page covers all the pseudo selectors needed to style the scrollbar. /* width */ ::-webkit-scrollbar { width: 10px; } /* Track */ ::-webkit-scrollbar-track { background: #f1f1f1; } /* Handle */ ::-webkit-scrollbar-thumb { background: #888; } /* Handle on hover */ ::-webkit-scrollbar-thumb:hover { background: #555; } References: [1]: /static/https://www.w3schools.com/howto/howto_css_custom_scrollbar.asp
[1] Wincent (Greg Hurrel) has a pretty solid and fast zshrc. I recently grabbed his completion section and it seems to be working better than whatever I had. zsh completion snippet # # Completion # fpath=($HOME/.zsh/completions $fpath) autoload -U compinit compinit -u # Make completion: # - Try exact (case-sensitive) match first. # - Then fall back to case-insensitive. # - Accept abbreviations after . or _ or - (ie. f.b -> foo.bar). # - Substring complete (ie. bar -> foobar). zstyle ':completion:*' matcher-list '' '+m:{[:lower:]}={[:upper:]}' '+m:{[:upper:]}={[:lower:]}' '+m:{_-}={-_}' 'r:|[._-]=* r:|=*' 'l:|=* r:|=*' # Colorize completions using default `ls` colors. zstyle ':completion:*' list-colors '' # Allow completion of ..<Tab> to ../ and beyond. zstyle -e ':completion:*' special-dirs '[[ $PREFIX = (../)#(..) ]] && reply=(..)' # $CDPATH is overpowered (can allow us to jump to 100s of directories) so tends # to dominate completion; exclude path-directories from the tag-order so that # they will only be used as a fallback if no completions are found. zstyle ':completion:*:complete:(cd|pushd):*' tag-order 'local-directories named-directories' # Categorize completion...
Change Autocomplete Styles in WebKit Browsers | CSS-Tricks We got a nice tip from Lydia Dugger via email with a method for changing the styles that WebKit browsers apply to form fields that have been autocompleted. CSS-Tricks · css-tricks.com [1] All the hover, select, autofil, focus combinations have left me confused on how to consistently get my form elements styled in dark mode This snippet from CSS tricks has fixed all the different states for me to give me full control. /* Change Autocomplete styles in Chrome*/ input:-webkit-autofill, input:-webkit-autofill:hover, input:-webkit-autofill:focus, textarea:-webkit-autofill, textarea:-webkit-autofill:hover, textarea:-webkit-autofill:focus, select:-webkit-autofill, select:-webkit-autofill:hover, select:-webkit-autofill:focus { border: 1px solid green; -webkit-text-fill-color: green; -webkit-box-shadow: 0 0 0px 1000px #000 inset; transition: background-color 5000s ease-in-out 0s; } References: [1]: https://css-tricks.com/snippets/css/change-autocomplete-styles-webkit-browsers/
GitHub - florimondmanca/arel: Lightweight browser hot reload for Python ASGI web apps Lightweight browser hot reload for Python ASGI web apps - florimondmanca/arel GitHub · github.com [1] arel is a “Lightweight browser hot reload for Python ASGI web apps” I just implemented this on my thoughts website using fastapi [2], and it’s incredibly fast and lightweight. There just two lines of js that make a web socket connection back to the backend that watches for changes. When in development mode, this snippet gets injected directly on the page and does a refresh when arel detects a change. const ws = new WebSocket("ws://localhost:5000/hot-reload"); ws.onmessage = () => window.location.reload(); References: [1]: https://github.com/florimondmanca/arel [2]: /fastapi/
main.py [1] python import os import arel from fastapi import FastAPI, Request from fastapi.templating import Jinja2Templates app = FastAPI() templates = Jinja2Templates("templates") if _debug := os.getenv("DEBUG"): hot_reload = arel.HotReload(paths=[arel.Path(".")]) app.add_websocket_route("/hot-reload", route=hot_reload, name="hot-reload") app.add_event_handler("startup", hot_reload.startup) app.add_event_handler("shutdown", hot_reload.shutdown) templates.env.globals["DEBUG"] = _debug templates.env.globals["hot_reload"] = hot_reload @app.get("/") def index(request: Request): return templates.TemplateResponse("index.html", context={"request": request}) # run: # DEBUG=true uvicorn main:app --reload I just discovered arel [2] for hot reloading python applications when content changes from this snippet that implements it for fatapi. On app startup add the /hot-reload routes if in DEBUG mode. import os import arel from fastapi import FastAPI, Request from fastapi.templating import Jinja2Templates app = FastAPI() templates = Jinja2Templates("templates") if _debug := os.getenv("DEBUG"): hot_reload = arel.HotReload(paths=[arel.Path(".")]) app.add_websocket_route("...
Bob Belderbos (@bbelderbos) on X Forget Python for a sec, here's how Vim helped me out today … 💪 📈 Ever felt like you needed a quick string replacement without diving into a script? Here's a Vim trick I just used … I w… X (formerly Twitter) · twitter.com [1] I need to learn regex capture groups better. This is so dang powerful. I really like the \v that bob uses here, it really does cut down on the terseness of all the special characters. I wanted to replace all occurrences of: name,[email protected],0,171,,2023-09-21 With: name,[email protected] Easy to do with Python, but what about a bit of > regex in Vim? :%s/\v([^,]+,[^,]+),.*/\1/ References: [1]: https://twitter.com/bbelderbos/status/1709525676154368055
teej dv 🔭 (@teej_dv) on X Hypermedia fixes this HATEOAS gonna hate X (formerly Twitter) · twitter.com [1] HATEOAS gonna hate. More and more htmx [2] seems like the js library for backend devs. So rather than making 55 rest calls here, just make an endpoint that does what you want it to do with one, or a few requests. References: [1]: https://twitter.com/teej_dv/status/1708258701008593173 [2]: /htmx/
Open source, not open contribution with Ben Johnson (Changelog Interviews #433) This week we're talking with Ben Johnson. Ben is known for his work on BoltDB, his work in open source, and as a freelance Go developer. Late January when Ben open sourced his newest project Litest... Changelog · changelog.com [1] Ben Johnson was on the Changelog a few years back covering his work on litestream, and talks about why he chose to go open source, but not open contribution. You should have a good reason to move off of sqlite. References: [1]: https://changelog.com/podcast/433

jpillora/installer is the install script generator I have been looking for. It downloads binaries for your machine from GitHub releases and unzips them for you. It grabs the latest release, so you can easily update them. I have tried scripting these installs in the past and struggled to consistently get the latest version for every package and unpack it correctly.

Also these pre-compiled binaries install rediculously fast compared to building them from source.

Check out some example links.

opening in a browser will show metadata

https://i.jpillora.com/serve

If you pass in script=true it will instead return the install script as it would by default through curl.

https://i.jpillora.com/serve?script=true

Use it to install neovim #

All you need to do to generate an install script is to pass in the GitHub repo slug with the org.

curl https://i.jpillora.com/neovim/neovim | bash

The shell script that it generates for neovim looks like this.

#!/bin/bash
if [ "$DEBUG" == "1" ]; then
    set -x
fi
TMP_DIR=$(mktemp -d -t jpillora-installer-XXXXXXXXXX)
function cleanup {
    rm -rf $TMP_DIR > /dev/null
}
function fail {
    cleanup
    msg=$1
    echo "============"
    echo "Error: $msg" 1>&2
    exit 1
}
function install {
    #settings
    USER="neovim"
    PROG="neovim"
    ASPROG=""
    MOVE="false"
    RELEASE="stable"
    INSECURE="false"
    OUT_DIR="$(pwd)"
    GH="https://github.com"
    #bash check
    [ ! "$BASH_VERSION" ] && fail "Please use bash instead"
    [ ! -d $OUT_DIR ] && fail "output directory missing: $OUT_DIR"
    #dependency check, assume we are a standard POISX machine
    which find > /dev/null || fail "find not installed"
    which xargs > /dev/null || fail "xargs not installed"
    which sort > /dev/null || fail "sort not installed"
    which tail > /dev/null || fail "tail not installed"
    which cut > /dev/null || fail "cut not installed"
    which du > /dev/null || fail "du not installed"
    #choose an HTTP client
    GET=""
    if which curl > /dev/null; then
        GET="curl"
        if [[ $INSECURE = "true" ]]; then GET="$GET --insecure"; fi
        GET="$GET --fail -# -L"
    elif which wget > /dev/null; then
        GET="wget"
        if [[ $INSECURE = "true" ]]; then GET="$GET --no-check-certificate"; fi
        GET="$GET -qO-"
    else
        fail "neither wget/curl are installed"
    fi
    #debug HTTP
    if [ "$DEBUG" == "1" ]; then
        GET="$GET -v"
    fi
    #optional auth to install from private repos
    #NOTE: this also needs to be set on your instance of installer
    AUTH="${GITHUB_TOKEN}"
    if [ ! -z "$AUTH" ]; then
        GET="$GET -H 'Authorization: $AUTH'"
    fi
    #find OS #TODO BSDs and other posixs
    case `uname -s` in
    Darwin) OS="darwin";;
    Linux) OS="linux";;
    *) fail "unknown os: $(uname -s)";;
    esac
    #find ARCH
    if uname -m | grep -E '(arm|arch)64' > /dev/null; then
        ARCH="arm64"

        # no m1 assets. if on mac arm64, rosetta allows fallback to amd64
        if [[ $OS = "darwin" ]]; then
            ARCH="amd64"
        fi

    elif uname -m | grep 64 > /dev/null; then
        ARCH="amd64"
    elif uname -m | grep arm > /dev/null; then
        ARCH="arm" #TODO armv6/v7
    elif uname -m | grep 386 > /dev/null; then
        ARCH="386"
    else
        fail "unknown arch: $(uname -m)"
    fi
    #choose from asset list
    URL=""
    FTYPE=""
    case "${OS}_${ARCH}" in
    "linux_amd64")
        URL="https://github.com/neovim/neovim/releases/download/stable/nvim-linux64.tar.gz"
        FTYPE=".tar.gz"
        ;;
    "darwin_amd64")
        URL="https://github.com/neovim/neovim/releases/download/stable/nvim-macos.tar.gz"
        FTYPE=".tar.gz"
        ;;
    *) fail "No asset for platform ${OS}-${ARCH}";;
    esac
    #got URL! download it...
    echo -n "Downloading"
    echo -n " $USER/$PROG"
    if [ ! -z "$RELEASE" ]; then
        echo -n " $RELEASE"
    fi
    if [ ! -z "$ASPROG" ]; then
        echo -n " as $ASPROG"
    fi
    echo -n " (${OS}/${ARCH})"

    echo "....."

    #enter tempdir
    mkdir -p $TMP_DIR
    cd $TMP_DIR
    if [[ $FTYPE = ".gz" ]]; then
        which gzip > /dev/null || fail "gzip is not installed"
        bash -c "$GET $URL" | gzip -d - > $PROG || fail "download failed"
    elif [[ $FTYPE = ".tar.bz" ]] || [[ $FTYPE = ".tar.bz2" ]]; then
        which tar > /dev/null || fail "tar is not installed"
        which bzip2 > /dev/null || fail "bzip2 is not installed"
        bash -c "$GET $URL" | tar jxf - || fail "download failed"
    elif [[ $FTYPE = ".tar.gz" ]] || [[ $FTYPE = ".tgz" ]]; then
        which tar > /dev/null || fail "tar is not installed"
        which gzip > /dev/null || fail "gzip is not installed"
        bash -c "$GET $URL" | tar zxf - || fail "download failed"
    elif [[ $FTYPE = ".zip" ]]; then
        which unzip > /dev/null || fail "unzip is not installed"
        bash -c "$GET $URL" > tmp.zip || fail "download failed"
        unzip -o -qq tmp.zip || fail "unzip failed"
        rm tmp.zip || fail "cleanup failed"
    elif [[ $FTYPE = ".bin" ]]; then
        bash -c "$GET $URL" > "neovim_${OS}_${ARCH}" || fail "download failed"
    else
        fail "unknown file type: $FTYPE"
    fi
    #search subtree largest file (bin)
    TMP_BIN=$(find . -type f | xargs du | sort -n | tail -n 1 | cut -f 2)
    if [ ! -f "$TMP_BIN" ]; then
        fail "could not find find binary (largest file)"
    fi
    #ensure its larger than 1MB
    #TODO linux=elf/darwin=macho file detection?
    if [[ $(du -m $TMP_BIN | cut -f1) -lt 1 ]]; then
        fail "no binary found ($TMP_BIN is not larger than 1MB)"
    fi
    #move into PATH or cwd
    chmod +x $TMP_BIN || fail "chmod +x failed"
    DEST="$OUT_DIR/$PROG"
    if [ ! -z "$ASPROG" ]; then
        DEST="$OUT_DIR/$ASPROG"
    fi
    #move without sudo
    OUT=$(mv $TMP_BIN $DEST 2>&1)
    STATUS=$?
    # failed and string contains "Permission denied"
    if [ $STATUS -ne 0 ]; then
        if [[ $OUT =~ "Permission denied" ]]; then
            echo "mv with sudo..."
            sudo mv $TMP_BIN $DEST || fail "sudo mv failed"
        else
            fail "mv failed ($OUT)"
        fi
    fi
    echo "Downloaded to $DEST"
    #done
    cleanup
}
install

Self Host Your Own #

I’d reccomend self hosting your own. This way you know that it’s consistent and unlikely to change in a way that breaks your use.

curl -s https://i.jpillora.com/installer | bash

Repos I am using installer for #

Here are the repos I am using installer for.

atuinsh/atuin
benbjohnson/litestream
bootandy/dust
BurntSushi/ripgrep
chmln/sd
cjbassi/ytop
dalance/procs
dbrgn/tealdeer
ducaale/xh
go-task/task
imsnif/bandwhich
imsnif/diskonaut
kovidgoyal/kitty
mgdm/htmlq
neovim/neovim
ogham/dog
ogham/exa
pemistahl/grex
sharkdp/bat
sharkdp/fd
sharkdp/pastel
sirwart/ripsecrets
starship/starship
topgrade-rs/topgrade
zellij-org/zellij

I wanted to host some static files through fastapi. Typical use cases for this might be some static web content like html/css/js. It could also be images or some data that doesn’t need dynamically rendered.

From the Docs #

The docs cover how to host static files, and give this solution that is built into fastapi.

https://fastapi.tiangolo.com/tutorial/static-files/

from fastapi import FastAPI
from fastapi.staticfiles import StaticFiles

app = FastAPI()

app.mount("/static", StaticFiles(directory="static"), name="static")

Authenticated Static Files #

Thanks to #858.

OscartGiles posted this solution to add authentication to static files. I tried this out on my thoughts and it worked flawlessly.

import typing
from pathlib import Path
import secrets

from fastapi import FastAPI, Request, HTTPException, status
from fastapi.staticfiles import StaticFiles
from fastapi.security import HTTPBasic, HTTPBasicCredentials


PathLike = typing.Union[str, "os.PathLike[str]"]
app = FastAPI()
security = HTTPBasic()


async def verify_username(request: Request) -> HTTPBasicCredentials:

    credentials = await security(request)

    correct_username = secrets.compare_digest(credentials.username, "user")
    correct_password = secrets.compare_digest(credentials.password, "password")
    if not (correct_username and correct_password):
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Incorrect email or password",
            headers={"WWW-Authenticate": "Basic"},
        )
    return credentials.username


class AuthStaticFiles(StaticFiles):
    def __init__(self, *args, **kwargs) -> None:

        super().__init__(*args, **kwargs)

    async def __call__(self, scope, receive, send) -> None:

        assert scope["type"] == "http"

        request = Request(scope, receive)
        await verify_username(request)
        await super().__call__(scope, receive, send)


app.mount(
    "/static",
    AuthStaticFiles(directory=Path(__file__).parent / "static"),
    name="static",
)

If you want both then, all you have to do is mount AuthStaticFiles to a different route. Now you can have private, or paid content behind /restricted.

app.mount("/static", StaticFiles(directory="static"), name="static")
app.mount(
    "/restricted",
    AuthStaticFiles(directory=Path(__file__).parent / "restricted"),
    name="restricted"
)
Point-in-time recovery - Wikipedia en.wikipedia.org [1] I just learned that the term PITR means Point In Time Recovery. I have never seen this term, but it is most often referred to in relation to database recoveries. References: [1]: https://en.wikipedia.org/wiki/Point-in-time_recovery

I recently se tup minio object storage in my homelab for litestream sqlite backups. The litestream quickstart made it easy to get everything up and running on localhost, but I hit a wall when dns was involved to pull it from a different machine.

Here is what I got to work #

First I had to configure the Key ID and Secret Access Key generated in the minio ui.

❯ aws configure
AWS Access Key ID [****************VZnD]:
AWS Secret Access Key [****************xAm8]:
Default region name [us-east-1]:
Default output format [None]:

Then set the the s3 signature_version to s3v4.

aws configure set default.s3.signature_version s3v4

Now when I have minio running on https://my-minio-endpoint.com I can use the aws cli to access the bucket.

Note that https://my-minio-endpoint.com resolves to the bucket endpoint (default 9000) not the ui (default 9001).

aws --endpoint-url https://my-minio-endpoint.com s3 ls my_bucket

Now Configuring Litestream #

Litestream also accepts the endpoint argument via config. I could not get it to work just with the ui.

Note the aws configure step above is not required for litestream, only the aws cli.

dbs:
  - path: /path/to/database.db
    replicas:
      - url: s3://my_bucket/
        endpoint: https://my-minio-endpoint.com
        region: us-east-1
        access-key-id: ****************VZnD
        secret-access-key: ************************************xAm8

Now run a litestream replication.

litestream replicate -config litestream.yml
# or put the config in /etc/litestream.yml and just run replicate
litestream replicate
GitHub - benbjohnson/litestream: Streaming replication for SQLite. Streaming replication for SQLite. Contribute to benbjohnson/litestream development by creating an account on GitHub. GitHub · github.com [1] `litestream` is a sick cli tool for steaming replicas of sqlite. It automatically does daily snapshots, and streams all of the writes to the replica live. install # [2] Install is fast using installer, no compilation, just copy the binary and run. curl https://i.wayl.one/benbjohnson/litestream References: [1]: https://github.com/benbjohnson/litestream [2]: #install

why-is-postgres-default

Serious question. No one ever got fired for choosing PostgreSQL # [1] But, why. It’s the most loved db, right? Right? Maybe it’s time to rethink it. Don’t get me wrong, if I need a relational db as a service, PostgreSQL is going to be my first choice, but why do I need to run a separate application for it? Tutorials use sqlite # [2] Why is that? Because there is nothing else to stand up. Nothing else to maintain. And you probably already have it installed on just about anything that has a battery. SQLite runs in memory # [3] Don’t need, or maybe don’t want to persist state. Run it in memory. This is a nice feature for running tests. Less exposure # [4] SQLite is a file on your filesystem. It’s not a web service. It’s not a cloud service. Not that postgres is insecure, but it is one more endpoint that you have to think about securing. this means that is probably also cheaper 🤑 SQLite is easy to replicate # [5] Want to run your new feature with prod data? Pull a replica or...