Writing init scripts is a pain in the rear. Upstart was better but badly documented. And for all the fruit thrown at it, systemd isn’t that bad when it comes to the end user experience. I’ve been using supervisord to run the update daemon for ttrss. I’ve upgraded from 14.10 to 16.10, and supervisord broke. After spending much too long on the update, and getting saved by a friend who knows his way around a debugger, I felt it was the perfect time to scrap that and run it on systemd.

I started off by looking at a script someone else wrote. It has a few nice things, but lets see, I use a different version of php (potentially!), postgres and so on. Its a good starting point. I also looked at the official docs for RHEL7 . I figured starting after the database and networking made a ton of sense. I had to find the name of the postgres unit, the path to php(I run php7.0), and include my own path to ttrss. Restarting on failure would be nice, and while I didn’t quite grok that on the official docs,the  U&L stack has a lovely question on this.


Putting all this together

Fire up

sudo nano /etc/systemd/system/ttrss.service

and lets build us a systemd unit.


ExecStart=/usr/bin/php /var/www/ttrss/update_daemon2.php


I had to find a few of the variables – I used systemctl status to find the name of the postgres service. I built the ExecStart line using which php7.0 to find the location of the file.

I want this starting as www-data(makes permissions simpler), and its set to always restart, and if it fails, to restart in 5 seconds.

The [install] block is default. Seems to work fine

And there you have it, a systemd unit for any ttrss setup you care to modify it for.


System level backups are pretty much something everyone *needs* to do. While windows has had a bit of a mixed history on this (The current system imaging tool on windows 10 is from windows 7), there’s excellent third party tools to do this.

I’m not really going to go into massive detail on these since these tools seem to be evolving quickly, and are pretty self explainatory. Veem endpoint backup is my current go to backup software. I run one backup a day, it does incrementals and automatically prunes excessively old backups. It *has* failed on occasion on my oldest active system (with 1gb of ram) so I would consider this unsuitable for such systems (I use macrium reflect free on those. Its not as elegant or simple, but it covers the gaps veem does). You can restore to a smaller drive with either tool – (I did my SSD migrations by restoring backups) by manually setting partition sizes.

Veem’s simple, elegant, and idiotproof in the 90% of situations where it works. As always *test* your backups, preferably to another drive *BEFORE* you need them.

It also only backs up to one location. One is none. I also like to have copies of music and other files that would be a pain to re-convert, but these do not need to be part of my boot/system image. I use bvckup2 for this. I used to run the beta (which was free) and bought a licence during a periodic sale. Its *awesome*.  I use this to sync a 100+gigabyte folder of music, a few hundred terabytes of backups (stored on a nas, and synced back to my desktop) so it handles big files, lots of small files and network shares great









Set up the backup job here. You’d want to backup to an empty folder













Nice simple interface, shows you when the task last ran of it it failed. I use this to backup my music folder (to 2 locations), and backups (ditto). Its *insanely fast* due to delta copying and other things and backups typically happen at close to line speed.  I set this up and as long as its running it quietly and unobtrusively backs up my files to other locations. In short, it does what it says on the tin.

Writing this up cause someone was asking me about it, and its one of those things that I’m actually pretty proud of. Its however a slightly complicated setup, involving many pieces of hardware and software working together. I’ll be starting with what I expect out of my backup setup, and an overview of how its setup. Part 2  will cover the software I use in a bit more detail and why I use it.

Since I’m using ‘only’ backing up 2-3 systems and the ones that need backing up and bare metal restoration on failure run windows, I’ve chosen to run a very similar setup on them. I’ve a few basic rules in place when designing the setup which are a mix of (bitter) experience and things that have worked well for me in the past.

One is none. I’d like a minimum of *three* different backup locations for anything important. Four is nice. I’ll eventually be looking at off site storage, but for now, that’s a large hard drive on my main desktop (which also acts as a central hub for replicating backups), a network attached storage device, and a fileshare on my linux box hosting live or semi live backups, and a spare copy that’s not super up to date. In theory I can survive 2/3 backup locations going down with at most a reinstall of the OS on the desktop or linux box.

Different backups types are treated separately. Music gets file level backups since rebuilding my collection would be a pain. Windows *system drives* get imaged for quick restoration, and I keep a week’s worth of incrementals. I’ve tested my backup software for a worst case scenario (drive failure – restored to an empty drive and checked if it boots) and checked that I can do file level recovery from there.

I also never have the *primary* copy of a backup set (the copy that’s initially backed up to) where its most likely to be accessed from. Music’s updated on the desktop, but the share I usually use is on the linux box. Backups are saved to the NAS, but should my desktop SSD or my fail,  I’ll likely use the local copy for restores.

I tend to standardise on windows file shares/smb for slinging files around since I’m typically backing up from windows boxen and at least one end of my backups are on windows.

If I have a single point of failure, its my desktop, since one of its hard drives is a backup repository, and its the ‘hub’ from which I replicate backups.

The *primary* backup storage at the moment is a seagate nas. Its 3tb, entirely standalone. While I can use a password protected share, I’m using one without one since I’ve had massive headaches with the previous, fairly securely setup primary backup setup. If everything *else* goes north, that’s where my backups would end up.

Previously I was using my brix as a primary backup, running fedora (and with selinux turned on) 1TB hard drive with about half of it used for backups. For some reason my laptop would be able to write, but not *overwrite*/amend/delete files so it wasn’t a very good primary backup. Going with ubuntu or a nas centric platform might have been a better idea, but the fedora box has other uses. Its currently my third line backup, with backups sent from the main desktop – which can connect reliably to it.

I also have an external HDD which acts as an additional layer of backups, tho its not kept updated like the other copies.

More on what software I actually use next.

Until recently, I had a boring, run of the mill 1600×900 display. It worked well enough, it was a decent gaming monitor, and well, I didn’t really see anything that made me go wow.

I figured I’d go for one of the korean displays Jeff Atwood seemed so fond of eventually and maybe an inexpensive colour calibrator. Its one of those “I’ll do it eventually” things I never got around to doing. Between the bewildering array of choices, me being late to the party and missing them being *ultra* cheap (they were a bit more expensive, at around 400), it just didn’t happen.

What I did end up getting was a P2715Q. I paid somewhere north of 900 sgd (with sales tax, and a smaller discount than dell offers in the US) for it. Its a proper 4K display (with 60hz capability over DP/mDP), with an IPS panel 27″ (there’s a 24 inch version for somewhat less, but I figured that I didn’t want/need pixel density that badly.


This display supports single stream transport (earlier displays used multi stream transport, and split up one panel into 2 streams since 4K requires a lot of pixel pushing, even at the display level) – this means it can hit 60hz as a single display, and 30hz if daisy chained to a second display through a specific display port connector. In my case, between the onboard graphics and the nvidia GTX 660 (which I’m planning on upgrading) I have plenty of ports. This is probably more useful if you want to run two of these off a laptop for some reason.

Out of the box, the display looks a bit yellow. *Do not adjust your set yet*. Both P series monitors are properly colour calibrated our of the box, and look glorious for most things. After a bit of getting used to, I tried to calibrate my old VE220T to be a bit better… and well, Its impossible to get it calibrated with the tools in windows. This, I didn’t need to adjust at all. I did turn down brightness to 50% (Most monitors, even nice ones come too bright out of the box. IPS tends to be brighter than run of the mill displays, and even with those, turning down brightness actually makes things better). After a few days, its a *quantum* leap from my old display.

Portswise, it comes with one mini displayport and one displayport connector, one HDMI/MHL connector (which would restrict you to 30 hz) and a second full sized DP connector for daisychaining. It also comes with one usb 3 input with 4 USB 3.0 ports. All except one of these is in a recess behind the screen with the video and power in. On one hand, this keeps wiring neat. On the other, it makes the USB ports hard to access for casual use – they’d probably be more useful for things you don’t plug and unplug often. There’s one port on the back that’s vaguely reachable, but its definately no replacement for a USB hub. The ports power down when the monitor does so you can’t really use them for charging either.

Industrial design wise, there’s many complaints that dell’s conservative. Their monitors do tilting, panning, height adjustment and rotation, and look the same as they did half a decade ago cause its pretty hard to improve on it. Even the thick bezels have a purpose – to hide nice tactile buttons. The only real complaints I have are the rear usb ports, but the older models with side usb ports were somewhat less thin.

Whoever designed this monitor was pretty serious about power use. The USB ports shut down when it goes on standby. Its got a little graph showing power usage. Its got a feature that *lets you turn off the power LED when its running* which I love to death.

On youtube 4K videos, colours are lovely. There’s pretty much *no* 4k media that’s readily available (I went to take a look at my friendly local torrent site and its 99% porn… not that I was going to download anything ;p). I’m currently using madvr to upscale, but I’ve not really done comparative tests on it and the cccp defaults. Nonetheless. Video quality is *subjectively* better than it was on the Asus at most things.

My video card probably can’t handle 4k gaming. I’m running things at 2560×1440 for now and my GPU handles it fine.

So, for somewhat more than what you’d pay for a no name, A- grade korean display a few years ago, you can get a properly colour caliberated 4K display, with all the modern inputs.

It comes with an optional application that sits in your taskbar on windows and lets you set per application colour profiles (maybe useful), set brightness and contrast (which can be useful, but setting colours for custom mode would be nice), and snapping windows into up to 2×3 grids or custom grids, which can be shiny.

The good part? Its a *great* display with fewer compromises than the early generations. It does 60hz, 4K and is pretty usable out of the box for most folk

The bad? You’ll need a beefy video card to game on it, and 4K content is a little hard to find.

The ugly? Your old TN monitor. And my photography skills.


Update: Almost 4 months on… I discover that all the USB ports work when the monitor is on standby, which is handy. Not sure if I completely missed something that obvious, or something got updated (do monitors have firmware updates?) in the meanwhile.




While I’ve been happy with my previous hosting (I was using a 256mb VPS on buyvm with offloaded sql), I’ve also been running a few other services for my own use on a VM a friend let me use on his dedi. I was holding out for something reasonably cheap (I’m paying about 16 euros, or 30 sgd for this right now), and not too shitty.

I’ve got an 8 core avato, 8gb of ram, and a 1tb hdd and  paid another 2 euros a month for another IP. This blog (and a few other services) will be running on the VM, while I’m keeping the physical box for a few other things. This should let me do quick reboots of the VM box if need be, and easier backups and moves in future.  I’ve got other plans for the rest of the server.

This is pretty neat.

This blog was offline for a few weeks

I had my account suspended, my blog down, and a entirely warrented, and slightly annoyed email from my VPS host threatening to shut down my service if this happened again…. cause I was too lazy to set key based authentication.

I always figured a reasonably strong, alphanumeric password was enough, and linux was reasonably safe from viruses. An attacker would need to somehow know my password to get in (and yeah, I REALLY should have known better) and that keeping my software minimal and up to date was good enough.

Turns out I got hit by the xorbddos trojan. Lovely. It brute forced my password, injected a rootkit, and used my little, carefully built VPS to DDOS others. On one hand, I should have known better. I’ve set up good key based authentication and am pondering port knocking.

Victim blaming rarely helps, but there’s a few places where I really messed up.

Passwords arn’t good enough. I actually may redo my key based auth setup with stronger keys than what I have now. Its a pain remembering to have my keys so I need to create device specific keys, and a backup one on a USB drive or something. Key based auth is *easy*. There’s tons of good tutorials out there, and it takes less htna 5 minutes.

I didn’t have real backups – my db is elsewhere and in theory (and practice!) I could easily rebuild my wordpress instance quickly.  However, if that install *had* been compromised, well.. I’d be in trouble. Still looking for a good solution there. Pondering a periodic scripted tarball of my /var/www and/or something WP specific

My VPS was running *too* well. I’d probably have noticed if I was paying attention to it. I need to log in and look for *obvious* things like high processor usage. I noticed this when I’d logged in to get my WP install out.  In short, I need to *proactively* check on this, and not just run apt-get update every so often.

Some people suck. Seriously. However, a little patience means that they can’t ruin your day by turning your system into a one of the sources of a DDOS attack 😉

Yeah, this is primarily for my own reference in case I need to rebuild but it might be useful for someone else. The night theme in ttrss is actually *meant* for night time use, and the developer has *gradually* added support for images to be monochrome. I use it all the time, and want colour. The fix is simple – open up preferences and customise your stylesheet and copy and paste the following lines in. The important bits are the “greyscale(0)” (they’re set to 1) and this overrides the default setting.

body#ttrssMain .cdm .cdmContentInner img,
body#ttrssMain .cdm img.tinyFeedIcon,
body#ttrssMain .cdm .cdmFooter img,
body#ttrssMain #feedTree img,
body#ttrssMain .postContent img {
filter: grayscale(0);
-webkit-filter: grayscale(0);
filter: url("data:image/svg+xml;utf8, }

And it was a minor pain. Everything is supported out of the box (even the emmc that makes older kernels apparently pitch a fit) *except* the trackpad.For some reason fedora (kde?) dosen’t support touch pads out of the box, and I didn’t have a spare mouse handy. Its detected but a pain to configure without a mouse

I did the install from a liveusb to another liveusb, using the keyboard to select between install options, then realised I could fire up a launcher with alt-f2, and use that to enable tapping to click. Still working out how to do clicking to click (since the touchpad is clicky).

Wireless, bluetooth, most shortcut buttons and the like work fine. Even airplane mode (which I need to see if I can disable in linux since its the same key as my dropdown terminals!)


I’m not sure if the netbook is a Phoenix rising from the ashes or a zombie. The very small, low powered system with a *proper* keyboard is pretty handy, and while I won’t go as far as calling tablets a fad, a fancy touch screen is no match for a proper keyboard IMO.

I tend to prefer smaller laptops in general – I’ve used an X220 for the past couple of years and its a great, well built machine (and well, lenovo hasn’t made another thinkpad I’ve had the same amount of desire for since), and I’ve always wanted something small and cheap I could throw into a bag and use on a train or on a bus.

The HP Stream is probably one of the first of a new breed of fairly cheap, plastic laptops with tablet cores, soldered in everything, and surprisingly low pricetags. Chromebooks are probably the same class, but the wintel netbooks seem to be a lot cheaper.

So.. what does 310 dollars get me? What’s essentially a copy of office 365 personal (so.. ~100 dollars in value), 25 dollars in windows store credits (which I can’t really find anything to spend on), and a slightly flawed, but very charming piece of hardware.

I’ll start with the two main annoyances – the screen isn’t that great, and once you have installed that copy of office 365, you only have 6gb left. If you’re a display snob (and in my line of work I see some *lovely* screens), you’ll likely get annoyed. It leaks light into black areas on the screen in the dark, its kinda uneven, but most of the time, unless you’ve got a completely black screen and are using the laptop in the dark, its not too bad. I guess it was a compromise to keep costs down. As for the storage, its an emmc, its reasonably fast, but its *tiny*. I’d note it *could* be worse – HP’s used a little trick meant for low cost tablets that puts many system files in a WIM disk image to save space. Nonetheless, I use the SD card for secondary storage, and for apps I don’t need running all the time. If only office 365 could install there… but apparently MS dosen’t think people need to install office on secondary drives. I’ll likely remove it once office 365 expires, or see if I can move the subscription to a more powerful system in future. The onboard webcam also seems a bit junk, but that’s not really a major issue for me.

Build quality is great. While its cheap, it doesn’t *feel* cheap. Its almost as if HP’s proud of thing thing – There’s almost no flex in it I can feel, and its a really *good looking* machine. The keyboard is *fantastic* despite being an island keyboard – Maybe its the spacing, and the nice, very reassuring light clickiness. There’s a few nice touches – a power/charging light on the left that’s orange when its charging, and white when its full, an orange mute light on the mute button and a power light on the side (which is nice if your system is on when your lid is closed). function keys do ‘additional’ functions such as volume or brightness control by default, which mostly works great (other than me fat-fingering f4 for switching monitors when I wanted to f5 for refreshing. The horror!). The onboard storage is *reasonably* fast, and considering that these things are lightweight, probably the best compromise they could pull between price and weight. Battery life seems insanely good, with only 20% usage after 2 hours or so (granted on fairly light duties, wifi, IRC and a few chat sites – basically what I normally do with my netbook).










The base system build is fairly sparse, you get a copy of mcafee (TOSS!), an installer that pulls in office 365 if you want it, some HP software for making rescue disks and such, and a few metro/modern UI apps. There’s a traveladvisor link in IE, but other than that its pretty clean.

While video is slightly dodgy, sound quality is good. The onboard speakers are surprisingly good for the size, and the headphone out is excellent once you turn off the dts equalizer.

While there’s reports that the touchpad is a bit insensitive, it works well for me, both with basic gestures and tapping. I might have actually preferred it if they hadn’t made it a clicky touchpad.

I’d also add, its a pretty good looking machine.


It looks almost 70sish, with the bright blue basic colour, the *really* polished chrome HP badge, and the fairly obvious branding on the back.

right panel





The right panel. One USB 3.0, one USB 2.0. I do believe the platform supports one more USB 2.0 interface, and that’s being used for the SD card reader. Yes, cheap laptops have HDMI now. The 3.5mm port is a combo port and a smartphone headset should probably work there. And you only get these two ports – with almost any system on this platform I suspect

left panel





And the left side. One light (which tells turns amber when its charging). The SD card reader is USB attached as I mentioned and a realtek so don’t bother getting a really fast SD card if you want to use it for more space. I just grabbed a spare and popped it in.












And the keyboard .  The caps lock light dosen’t bleed *as* badly in real life, and f6 is a lovely orange. I probably should not have used my moto G for this. It really is a lovely keyboard.

On the whole, the HP Stream is a *slightly* flawed machine, but the things I love about it (size, cool running and keyboard) kinda outweigh the cons (More hard disk space, and a better screen). Its probably a perfect second, or third machine, the sort of thing you’d toss into a bag on a whim and forget about. I was literally wrapping it in a reusable shopping bag, dumping it in my backpack and bringing it on my way to work for about 2 weeks with little issues.

I’d also add this entire review, other than photos was typed out on this, so clearly, I do consider it a very usable machine.  Its not a powerhouse by any measure but its *good enough*, and the price – which I suspect is partially due to both MS and Intel trying to gain market share is pretty hard to argue with. Its an awesome, surprisingly practical geek toy. I’ll need to see if I can get linux on a USB boot (Well, I could try installing it over the MMC since I have a backup but one at a time), which should expand the possibilities for fun.

Oh, and if you’re wondering, the cover is a pencil case from daiso. The cloth bag seemed a bit undignified.


I tend to maintain two types of systems – high-mid range gaming PCs, like my lovely core i7, and low powered home servers. My old atom server is getting noisy, and I wanted to get a new toy. Ended up looking around and picking up a gigabyte brix – specifically a N2807

Unlike the systems based on a more mainstream processor, the celeron based brix (and possibly its NUC cousins) lack a msata port. It has a single, non standard port on the board that breaks out sata data and sata power for a single 2.5 inch hard drive. It also has a single slot for DDR3L ram (which I populated with a single 4gb stick), unlike the two slots the more capable core i3 based NUC class systems do. In short, this is a small box with the heart of a tablet, the IO options of a laptop, and a need to stay firmly teathered to a wall. Its passively cooled, so you *cannot* get any quieter. Its an awesome, simple HTPC.

I went with fedora on this system, since I’ve been toying with moving off ubuntu, and fedora has all the shiny toys. I’m using BTRFS for the system.

The system comes with a single band, single channel wifi card, which also does bluetooth 4.0. Not played with this much yet, though locking and unlocking it with a phone sounds fun. You also have a gig-e capable nic.

Output wise, I have the standard HDMI and VGA ports, 2 USB 2 and one USB 3 port and a single combo out. Sound quality is decent, since it uses one of those practically ubiquitious realtek audio codecs.

I also wanted a decent, cheap display. Rather than going for a regular display, I ended up buying a 10.1 inch display off DX. Its actually a rather odd unit, the display seems to be wrapped in electrical tape at the edges, the backlight has a translucent screen (which is annoyingly desirable, since it gives me bias lighting. Any logical way I can think of mounting it involves covering up the back). Its insanely sharp, and lovely when its the right resolution. Which it often isn’t(it defaults to 1024×768 on the computer). I ended up creating a script that fixed that.

Total cost so far, about 500 dollars – 90 dollars for the hard drive, 250 for the brix and ram, and another 90 for the screen. I could have gone cheaper (I had a 40gb hard drive I spent a tenner on), or gotten a cheaper hard drive, and in a HTPC setting, you could probably forget about the screen.

Now here comes the fun part. Plug this little thing into a TV, install steamos or steam on linux, and its basically an awesome little streaming console. While steam streaming does seem to open up (and gets wierd when you move) a game on the ‘server’, so it dosen’t *quite* let you use the server for other things while you’re at it. I
t might make a ton of sense if you do a lan party house style setup (or even run a central server with more than one video card running KVM. Oh, the ideas.

The NUC class systems also seem to be decent for virtualisation. While ESXi is a finicky, grouchy thing, – There’s reports the core i3 and better versions do ESXi fine, but the realtek NIC on this isn’t supported, and a driver modded boot disk fails horribly on my celeron. KVM runs gloriously however, and was trivial to install on fedora (install virtmanager and its dependancies, and… well, that’s about it.)

One thing I had issues with with fedora was font rendering – I installed freetype-freeworld from rpmfusion, turned sub-aliasing and sub pixel rendering in the ‘fonts’
control panel, and set sub pixel rendering to RGB and hinting style to medium. I also installed corefonts and set most of the fonts in firefox to the same defaults as firefox on windows. This was also helpful since steam apparently needs some of those fonts.

One final annoyance is that selinux basically makes it a pain in the rear to install samba. You need the semanage command. This is installed through policycoreutils-python. Do not bother with the gui – edit your samba.conf file, and make sure your selinux permissions are set correctly. You need to run

 semanage fcontext -a -t samba_share_t '/<shared path>(/.*)?'


 restorecon -R /<shared path>


Still, this is a fun, low cost system with reasonable performance and great usability. Its no raspi, but try running windows, or steam on one. 😉