bram@cbbg.nl~$ hexdump cbbg.bin 00 | CA BB A9 E0 00 42 72 61 6D 27 73 Ê»©à.Bram's 0B | 72 65 73 69 64 65 6E 63 65 00 00 residence.. 16 | 6F 6E 20 74 68 65 20 77 65 62 2E on the web.

Posts

Bike rear wheel weight breakdown

As an amateur bicycle mechanic, one of the final frontiers I’ve yet to explore was wheel building. After much hesitation, I finally mustered the courage to give it a try. During this process, I realized I had a unique opportunity: to create a detailed breakdown of the weight distribution of my rear wheel (excluding the cassette). For those of you who have spent countless nights pondering the weight composition of a bicycle rear wheel, I’m excited to share my findings.

FreeBSD TiddlyWiki rc.d script

After manually starting a TiddlyWiki node.js server in a tmux environment for many years at each reboot of my system, I decided it was finally time to create a fancy rc.d for this. TiddlyWiki can be installed using npm install -g tiddlywiki.

The rc.d script

The script should be placed in /usr/local/etc/rc.d.

#!/bin/sh

# PROVIDE: tiddlywiki
# REQUIRE: LOGIN
# KEYWORD: shutdown

. /etc/rc.subr
load_rc_config $name

: ${tiddlywiki_enable:=no}
: ${tiddlywiki_user:="www"}
: ${tiddlywiki_group:="www"}
: ${tiddlywiki_port:="8080"}

name="tiddlywiki"
desc="TiddlyWiki server"
rcvar="tiddlywiki_enable"
command="/usr/local/bin/${name}"
procname="node"
pidfile="/var/run/${name}.pid"
command_args="${tiddlywiki_dir} --listen port=${tiddlywiki_port}"
start_precmd="tiddlywiki_precmd"
start_cmd="daemon -u ${tiddlywiki_user} -p ${pidfile} -f \
           ${command} ${command_args} ${tiddlywiki_flags}"

PATH="${PATH}:/usr/local/bin" # Otherwise node not found

tiddlywiki_precmd()
{
  if [ ! -d ${tiddlywiki_dir} ]; then
    info "TiddlyWiki dir does not exist. Creating one ..."
    if ! mkdir -p ${tiddlywiki_dir}; then
      err 1 "Failed to create TiddlyWiki dir."
    fi

    chown ${tiddlywiki_user}:${tiddlywiki_group} ${tiddlywiki_dir}
  fi

  if [ ! -f ${tiddlywiki_dir}/tiddlywiki.info ]; then
    info "No tiddlywiki.info found. Creating one ..."
    su -m ${tiddlywiki_user} -c "${command} ${tiddlywiki_dir} --init server"
  fi
}

run_rc_command "$1"

The procname variable is defined here, to aid the check_pidfile to find the correct process. If procname is not defined it defaults to command. To give an impression, this is how the process look like in the ps output:

OpenIKED based IPsec VPN tunnel on FreeBSD

This post will show how to set up an IPsec based VPN tunnel using OpenIKED. Road warrior clients will be placed within their own subnet of 10.0.5.0/24. Authentication between road warriors and the VPN server will be based on certificates. A word of advice for those attempting this journey; IPsec based VPNs with certificate based authentication is a messy endeavour. The first messy part is the Internet Key Exchange (IKE), both client and server have their own set of supported algorithms. During key negotiation a common ground needs to be found between client and server regarding cipher suites. Second messy part are the certificates, as a random guy on the internet, has so nicely phrased: public key infrastructure (PKI) and X.509 certificates are a wild, wild, west.

Assign T-mobile public IP to own server (FreeBSD)

With the recent (forced) transition from ADSL to fibre optic broadband internet, an interesting oppertunity arose. It enabled assigning the public ip address from the provider easily to a network interface of my private home server. The fibre optic cable entering our house is fed to a media converer which has a UTP connection. The default set-up from the installer attaches the media converter directly to the supplied T-Mobile router. For home networking enthousiasts it is also possible to connect the media converter directly to your home server. But why is this cool?! Here are two reasons:

GraphicsMagick batch convert png to jpg

For a recent project I needed to batch convert a large set of png files to jpeg. The trouble was, that some png files had transparency. After conversion the transparent regions showed up as black regions in the jpeg files. It took an embarrassingly long time to solve the issue, hence I’ll post the solution here.

gm mogrify -resize 25\% -background white -extent 0+0 \\
-output-directory ~/out_dir/ -format jpg *.png

The regular convert mode of GraphicsMagick has the flatten option. The mogrify mode does not have this option, hence the extent option is used. This extent option together with the geometry specifier (0+0 in this case) will composite the input image on a new background.

Boosting PointNet++ performance

PointNet++ has been a major milestone in the area of applying deep learning to point clouds. Though impressive results can be obtained, the computational load, especially on the CPU side is high. Luckily, after a quick internet search an elegant solution was found which can speed things up by a factor two. Credits for this solution go to the blog post by Open3D. During the interpolation stage PointNet++ uses a nearest neighbout search, the original implementation uses a brute force approach to finding nearest neighbours. The solution put forward by Open3D is by using a k-d tree to speed up the nearest neighbour search. This post will show how this can be implemented using the nanoflann library. This library is a C++ header only library for building k-d trees.

Embedding public gpg key in HTML comment

Cool idea from Travis. This will enable to import my public key simply by running curl https://cbbg.nl | gpg --import. Pretty cool huh? Worth the few extra bytes at each page load? Hell yeah!

In config/_default/params.toml

key='''
<!--
-----BEGIN PGP PUBLIC KEY BLOCK-----

xsFNBFRABlQBEADpJnaPhAWHkAw7kiRq5xdvh51BC86O2aQMALKlmNesSNR/aIIk
...................... more key data ...........................
GBNnmKCglTQSqNnWFyq6lKqus01dG4c+f4BUnQaqllUwcnCqBGjxkCLx8JTXaEoa
v68=
=T92X
-----END PGP PUBLIC KEY BLOCK-----
-->
'''

Somehere in the footer partial of my theme I added this:

{{ if .IsHome }}
  {{ site.Params.key | safeHTML }}
{{ end }}

This will only include the raw HTML code including the key on the homepage.

Unbound as DNS Sinkhole

Inspired by the popular pi-hole project which sends advertisements and tracking scripts into oblivion, I decided to roll my own solution as an educational exercise. First place to look was at a DNS server, dnsmasq is a common choice for this kind of task, but I noticed that FreeBSD is shiped with the Unbound DNS server installed by default. As I like to keep my system as clean as possible, I decided to use this one. Below is the config file used for the unbound DNS server, the important lines are the local-zone: lines. This tells the server to return NXDOMAIN which stands for non-existent domain. Also frequently seen on the internet is to return 127.0.0.1 instead of NXDOMAIN, the downside of this solution is that the client will make an additional request to 127.0.0.1 to find the data it was looking for. Using the local-zone: approach also any subdomains are automatically blocked. Any non-blocked DNS queries are forwarded to upstream DNS servers in the forward-zone.

Monitoring my deGiro Portfolio

I was interested in monitoring the growth of my stock portfolio at DeGiro. After googling a bit I learned it was possible to get the data I was interested in using a few simple HTTP GET/POST requests. I got inspired by the Node.JS unofficial API and decided to make my own API using Python. After peering at the network monitor output of the web developer tools for some time I was able to quickly cook up a Pyton based API.