Listing posts

Displaying posts 6 - 10 of 264 in total
Chromium personalizations
mouse 74 · person cloud · link
Browser
Chrome
Configuration
Tools
Last update
2021-07-17
2021
07-17
«chromium/google chrome/vivaldi/webkit engine based browsers»

Add-ons

Command line options

1
2
3
4
5
6
7
8
9
# https://www.ghacks.net/2017/02/13/how-to-speed-up-the-vivaldi-web-browser/
# optimized command for raspberry pi
/usr/bin/vivaldi \
  --process-per-site \
  --enable-low-res-tiling \
  --enable-low-end-device-mode \
  --disk-cache-size=104857600 \
  --disk-cache-dir=$TMPD \
  "$@"

~~~ * ~~~

Useful Android apps
mouse 1197 · person cloud · link
Android
Audio
Games
Images
Networking
Security
Tools
Video
Last update
2021-07-12
2021
07-12
«a collection of must have android apps for many common needs»

General

Media

Games

System

Home automation


~~~ * ~~~

Docker howto attachment
mouse 1512 · person cloud · link
Debian
Dev
Linux
Security
Terminal
Tools
Virtualization
Last update
2021-07-08
2021
07-08
« — »

Installation on debian

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# check system compatibility
modprobe configs # loads /proc/config.gz
wget -q -O - https://raw.githubusercontent.com/docker/docker/master/contrib/check-config.sh | \
  bash | tee docker-check.txt

# install docker: key, repo, packages
apt-get install apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -

# amd64 - x64
echo "deb [arch=amd64] https://download.docker.com/linux/debian $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker-ce.list
# armhf - x32 / raspberry pi / raspbian
echo "deb [arch=armhf] https://download.docker.com/linux/raspbian $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker-ce.list

apt-get update && apt-get install docker-ce

# allow user to use docker
usermod -aG docker username

# test installation
docker version
docker info

# run a simple test image
docker run hello-world

See also post install for troubleshooting dns/network/remote access.

On raspberry pi just use curl -sSL https://get.docker.com | sh (repo not working).

Configure daemon

1
2
3
4
5
mkdir -p        /path/to/data
chown root.root /path/to/data
chmod 711       /path/to/data
echo '{ "data-root": "/path/to/data" }' > /etc/docker/daemon.json
systemctl restart docker

1
echo '{ "log-driver": "local" }' > /etc/docker/daemon.json

Creating an image (ref, best practices)

1
2
3
4
5
6
7
8
9
10
11
12
touch Dockerfile # and fill it
docker build -t test-myimg . # create the image with a tag

# test run image
docker run -p 4000:80    test-myimg
docker run -it test-myimg /bin/bash

# run image detached/on background
docker run -p 4000:80 -d --name tmi test-myimg
docker container ls -a
docker container stop <container_id>
docker container start -i tmi # restart container

Interact (ref)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# run interactive shell into debian image (temporary)
docker run --name prova --rm -it debian /bin/bash 

# run interactive shell into debian image
docker run -it debian /bin/bash 

apt-get update

apt-get install -y dialog nano ncdu
apt-get install -y locales

localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
echo "LANG=en_US.utf8" >> /etc/environment

rm -rf /var/lib/apt/lists/*

docker commit e2b7329257ba myimg:v1

docker run --rm -it myimg:v1 /bin/bash

# run a command in a running container
docker exec -ti a123098734e bash -il

docker stop a123098734e
docker kill a123098734e

Save & restore

1
2
3
4
5
6
7
8
9
10
# dump image
docker save imgname | gzip > imgname.tgz
zcat imgname.tgz | docker load

# dump container
docker create --name=mytemp imgname
docker export mytemp | gzip > imgname-container.tgz

# flatten image layers (losing Dockerfile) from a container
docker export <id> | docker import - imgname:tag

Registry - Image repository

1
2
3
4
5
# push image to gitlab registry
docker login registry.gitlab.com
docker tag test-myimg registry.gitlab.com/username/repo:tag # add new tag...
docker rmi test-myimg # ...and remove the old tag
docker push registry.gitlab.com/username/repo:tag

DockerHub official base images links: debian, ruby, rails, redis, nginx.

Available free registry services:

Name # Priv/Pub Notes
gitlab inf/ND 1 prj x registry
treescale inf/inf max 500 pulls & 50GB
canister 20/ND very good service
docker hub 1/inf perfect

Running arm image on x86

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# https://ownyourbits.com/2018/06/27/running-and-building-arm-docker-containers-in-x86/
apt-get install qemu-user-static

docker run \
  -v /usr/bin/qemu-arm-static:/usr/bin/qemu-arm-static \
  -e LANG=en_US.utf8 -ti --name myarmimg arm32v7/debian:wheezy

[...]

docker commit myarmimg myarmimg

docker container prune -f

docker run \
  -v /usr/bin/qemu-arm-static:/usr/bin/qemu-arm-static \
  -ti --rm --name myarmimg \
  myarmimg /bin/bash -il

Composer (ref, dl) - Services

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
# docker-compose.yml
version: "3"
services:
  web:
    image: username/repo:tag
    deploy:
      replicas: 5
      resources:
        limits:
          cpus: "0.1"
          memory: 50M
      restart_policy:
        condition: on-failure
    ports:
      - "4000:80"
    networks:
      - webnet
networks:
  webnet:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# install docker-compose
curl -L  -o /usr/local/bin/docker-compose https://github.com/docker/compose/releases/download/1.24.0-rc1/docker-compose-`uname -s`-`uname -m`
chmod 755 /usr/local/bin/docker-compose

docker swarm init

docker stack deploy --with-registry-auth -c docker-compose.yml getstartedlab
docker service ls
docker service ps getstartedlab_web # or docker stack ps getstartedlab

# change the yml file and restart service
docker stack deploy --with-registry-auth -c docker-compose.yml getstartedlab
docker service ps getstartedlab_web
docker container prune -f

# stop & destroy service
docker stack rm getstartedlab
docker container prune -f

# leave the swarm
docker swarm leave --force

Machine (ref, dl) - SWARM/Provisioning

Remember to update the host firewall: open port 2376 and do not apply rate limits on port 22.

On the fish shell you can install the useful omf plugin-docker-machine to easily select the current machine.

Without an official supported driver we can use the generic one. Install docker-ce on your worker nodes and then in your swarm manager host:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
# install docker-machine
curl -L -o /usr/local/bin/docker-machine https://github.com/docker/machine/releases/download/v0.16.1/docker-machine-`uname -s`-`uname -m`
chmod 755 /usr/local/bin/docker-machine

# setup each VMs (this creates and shares the certificates for a secure
# connetion between your client and the daemon runnig on the server)
ssh-copy-id -i ~/.ssh/id_rsa user@ww.xx.yy.zz
docker-machine create --driver generic --generic-ssh-key ~/.ssh/id_rsa \
  --generic-ip-address=ww.xx.yy.zz myvm1

ssh-copy-id -i ~/.ssh/id_rsa user@ww.xx.yy.kk
docker-machine create --driver generic --generic-ssh-key ~/.ssh/id_rsa \
  --generic-ip-address=ww.xx.yy.kk myvm2

docker-machine ls

# run a command via ssh in a VM
docker-machine ssh myvm1 "ls -l"                 # use internal SSH lib
docker-machine --native-ssh ssh myvm1 "bash -il" # use system SSH lib

# set env to run all docker commands remotely on a VM
eval $(docker-machine env myvm1) # on bash
docker-machine use myvm1         # on fish + omf plugin-docker-machine

# set VM1 to be a swarm manager
docker-machine use myvm1
docker swarm init # --advertise-addr ww.xx.yy.zz
docker swarm join-token worker # get token for adding worker nodes

# set VM2 to join the swarm as a worker
docker-machine use myvm2
docker swarm join --token SWMTKN-xxx ww.xx.yy.zz:2377

# check cluster status on your local machine...
docker-machine ls
# ...or on the manager node
docker-machine use myvm1
docker node ls

# locally login on your registry...
docker-machine unset
docker login registry.gitlab.com
# ...then deploy the app on the swarm manager
docker-machine use myvm1
docker stack deploy --with-registry-auth -c docker-compose.yml getstartedlab
docker service ls
docker service ps getstartedlab_web

# access cluster from any VM's IP
curl http://ww.xx.yy.zz:4000
curl http://ww.xx.yy.kk:4000

# eventually re-run "docker stack deploy ..." to apply changes

# undo app deployment
docker-machine use myvm1
docker stack rm getstartedlab

# remove the swarm
docker-machine ssh myvm2 "docker swarm leave"
docker-machine ssh myvm1 "docker swarm leave --force"

Stack / Deploy application

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# docker-compose.yml
version: "3"
services:
  web:
    image: username/repo:tag
    deploy:
      replicas: 5
      restart_policy:
        condition: on-failure
      resources:
        limits:
          cpus: "0.1"
          memory: 50M
    ports:
      - "80:80"
    networks:
      - webnet
  visualizer:
    image: dockersamples/visualizer:stable
    ports:
      - "8080:8080"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
    deploy:
      placement:
        constraints: [node.role == manager]
    networks:
      - webnet
  redis:
    image: redis
    ports:
      - "6379:6379"
    volumes:
      - "/home/docker/data:/data"
    deploy:
      placement:
        constraints: [node.role == manager]
    command: redis-server --appendonly yes
    networks:
      - webnet
networks:
  webnet:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
docker-machine use myvm1
docker-machine ssh myvm1 "mkdir ./data" # create redis data folder

# run stack / deploy app
docker stack deploy -c docker-compose.yml getstartedlab
docker stack ps getstartedlab

# show deployed services and restart one
docker service ls
docker service update --force getstartedlab_web

firefox http://<myvm1-ip>:8080/ # docker visualizer
redis-cli -h <myvm1-ip>         # interact with redis

docker stack rm getstartedlab

Init process to reap zombies and forward signals

  • single process: tini (use docker run --init or init: true in docker-compose.yml)
  • multiprocess: s6 and s6-overlay
  • init systems comparison

SWARM managers

Container-Host user remapping

You can map container users to the host ones for greater security.

  • put myuser:100000:65536 (start:length) in /etc/subuid and /etc/subgid, this defines the mapping id range 100000-165535 available to the host user myuser

  • configure docker daemon to use the remapping specified for myuser:

    1
2
    echo '{ "userns-remap": "myuser" }' > daemon.json
systemctl restart docker

    note that all images will reside in a /var/lib/docker subfolder named after myuser ids

  • now all your container user/group ids will be mapped to 100000+id on the host

You can write up to 5 ranges in sub* files for each user, in this example we set identical ids for users 0-999 and map ids >=1000 to id+1:

1
2
myuser:0:1000
myuser:1001:65536

UFW Firewall interactions

Docker bypasses UFW rules and published ports can be accessed from outside.

See a solution involving DOCKER-USER and ufw-user-forward/ufw-user-input chains.

Terms:

  • service = containers that only runs one/same image,
  • task = a single container running in a service,
  • swarm = a cluster of machines running Docker,
  • stack = a group of interrelated services orchestrated and scalable, defining and coordinating the functionality of an entire application.

Source: install, install@raspi, tutorial, overview, manage app data, config. daemon, config. containers,

Source for user mapping: docker docs, jujens.eu, ilya-bystrov

Useful tips: cleanup, network host mode for nginx to get client real IP, limit ram/cpu usage, docker system prune -a -f to remove all cache files

See also: thread swarm gui, docker swarm rocks


~~~ * ~~~

Consumi elettrodomestici attachment
mouse 42 · person cloud · link
Casa
Reference
Last update
2021-06-27
2021
06-27
«Casa, Vacanze, Accendi/Spegni
potenza xW = 220V * yA»

Consumi

Elettrodomestico Consumo
(max 3300-3520 W/h)
STIRO 1563
LAVATRICE 2000
STOVIGLIE 2000
CAFFE' 1425
MICROONDE 1750
MICROONDE FORNO 2600 (1500 a regime)
MICROONDE COMBI 3150
MICROONDE VAPORE 1725
FOLLETTO 950
CONDIZIONATORE 368-1373-1580
comfort-medio-picco
PHON 1 146
PHON 2 1060
PHON 3 1960

Accendi/Spegni

  • TERMO
  • CONDIZIONATORE
  • GAS
  • TV+ANTENNA
  • LAVATRICE
  • STOVIGLIE
  • PC + MONITOR
  • ROUTER
  • CIABATTA LETTO
  • MICROONDE

~~~ * ~~~

Test image for color, grayscale, or single hue gradient attachment
mouse 3066 · person cloud · link
Dev
ImageMagick
Images
Last update
2021-06-21
2021
06-21
« — »
Cover original

Discussing with the amazing guys at ImageMagick forums I ended up with this solution:

  1. compute sat_mean: the mean saturation percentage (1-100%)
  2. compute hue_st_dev: the standard deviation of the unique hues (without considering their absolute frequency)
  3. compute hue2_st_dev: the standard deviation of the 180° shifted unique hues (to workaround the red hue wrapping at 360°)
  4. if sat_mean >= 30, then it's a colored image
  5. if sat_mean < 10, then it's a grayscale image
  6. if sat_mean is between 10 and 30, compute hue_sd = MIN(hue_st_dev, hue2_st_dev): if hue_sd > 25 then it's a colored image otherwise it's a grayscale one.

In order to compute those values I extracted the image's histogram, converting the image to 64 colors:

1
convert fname.ext -dither FloydSteinberg -colors 64 -colorspace HSB -format %c histogram:info:-

in this manner I have a good enough approximation of the image hues and a smaller dataset to elaborate.

Before computing hue std.dev I removed all low saturation rows as their corresponding hues are not meaningful.

Attached to this post you can find a Ruby script I wrote to perform this test.

For the image set in the post cover the results are the following (images in alphabetical order):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
bash$ ls|sort|while read fname; do ../test.rb "$fname"; done
hq_1-color.jpg                  S:58.40  H:35.78  H2:21.83  N:64  R: 5  O: 20%  =>    colored
hq_1-color-low.jpg              S:48.27  H:33.78  H2:24.44  N:64  R: 6  O: 24%  =>    colored
hq_2-gray1.png                  S: 0.00  H: 0.00  H2: 0.00  N:64  R:64  O:100%  =>    grayscale
hq_2-gray2.png                  S: 0.00  H: 0.00  H2: 0.00  N:64  R:64  O:100%  =>    grayscale
hq_2-gray3.png                  S: 0.00  H: 0.00  H2: 0.00  N:64  R:64  O:100%  =>    grayscale
hq_3-col1_H240-S50-L0.png       S:17.38  H: 0.00  H2: 0.00  N:63  R: 5  O: 74%  =>    monochrome_mid_sat
hq_3-col1_H250-S60-L0.png       S:18.88  H: 0.49  H2: 0.49  N:64  R: 4  O: 73%  =>    monochrome_mid_sat
hq_3-col1_H40-S50-L0.png        S:17.38  H: 0.72  H2: 0.72  N:64  R: 5  O: 74%  =>    monochrome_mid_sat
hq_3-col2_H360-S80-L0.png       S:15.12  H: 0.00  H2: 0.00  N:63  R: 3  O: 82%  =>    monochrome_mid_sat
hq_3-col3_H360-S80-L40.png      S:20.81  H: 0.00  H2: 0.00  N:61  R: 4  O: 75%  =>    monochrome_mid_sat
hq_3-gradient.jpg               S:23.02  H: 7.88  H2: 5.97  N:64  R:11  O: 50%  =>    monochrome_mid_sat
hq_4-monochrome.png             S: 0.00  H: 0.00  H2: 0.00  N: 2  R: 2  O:100%  =>    grayscale
hq_5-white-red.png              S:20.88  H:  NaN  H2:  NaN  N: 2  R: 1  O: 79%  =>    monochrome
lq_1-color.jpg                  S:54.94  H:35.62  H2:22.30  N:64  R:12  O: 30%  =>    colored
lq_1-color-low.jpg              S:44.92  H:33.14  H2:24.68  N:64  R:10  O: 33%  =>    colored
lq_2-gray1.jpg                  S: 0.00  H: 0.00  H2: 0.00  N:16  R:16  O:100%  =>    grayscale
lq_2-gray2.jpg                  S: 0.00  H: 0.00  H2: 0.00  N:16  R:16  O:100%  =>    grayscale
lq_2-gray3.jpg                  S: 0.00  H: 0.00  H2: 0.00  N:16  R:16  O:100%  =>    grayscale
lq_3-col1_H240-S50-L0.jpg       S:15.24  H:16.70  H2:16.87  N:64  R:16  O: 74%  =>    monochrome_mid_sat
lq_3-col1_H250-S60-L0.jpg       S:17.24  H:16.48  H2:16.74  N:64  R:15  O: 75%  =>    monochrome_mid_sat
lq_3-col1_H40-S50-L0.jpg        S:16.57  H:20.04  H2:15.23  N:64  R:18  O: 71%  =>    monochrome_mid_sat
lq_3-col2_H360-S80-L0.jpg       S:14.02  H:41.89  H2:14.72  N:64  R:18  O: 80%  =>    monochrome_mid_sat
lq_3-col3_H360-S80-L40.jpg      S:23.07  H:38.80  H2:16.24  N:64  R: 9  O: 56%  =>    monochrome_mid_sat
lq_3-gradient.jpg               S:12.58  H:10.14  H2:10.39  N:64  R:17  O: 78%  =>    monochrome_mid_sat
lq_4-monochrome.jpg             S: 0.00  H: 0.00  H2: 0.00  N:16  R:16  O:100%  =>    grayscale
lq_5-white-red.jpg              S:24.19  H:41.33  H2:20.64  N:64  R: 4  O: 69%  =>    monochrome_mid_sat

the columns are:

  • S saturation mean
  • H unique hue standard deviation
  • H2 180° shifted unique hue standard deviation
  • N number of colors
  • R removed rows from the histogram (outlayers)
  • O percent of outlayered pixels
  • resulting image type

Images named lq_* are the quality=1 JPEG conversion of the same image set.

Source: ImageMagick thread