Edit: use ansible

I just started using puppet a few days ago and so far I'm really liking it. Except it's in Ruby and not Python. If puppet was written in python I would have just hacked up a new derived class. Oh well…

So my problem is that I want to distribute new id_rsa and id_rsa.pub files to my servers but I also want to be DRY. So therefore when I copy the id files over it should be possible to extract the public key and put it in authorized_keys.

This should have been significantly easier but here's how I did it.

more…

Helped along greatly by http://yourmacguy.wordpress.com/2012/06/29/osx-automount/

Apple seems to change how nfs/nis/anything unix works with each release. On Snow Leopard my nis and nfs worked great, but after my upgrade to Mountain Lion, less so.

My nis already “works”. As in, ypcat passwd does what you'd expect but permissions and ownership over nfs are still buggered. I'll update this post or make a new one when I have that figured out.

Here's how I got /home to automount a Linux nfs server.

sudo mkdir /etc/automounts

# /etc/auto_master 
# Automounter master map
#
+auto_master        # Use directory service
/net            -hosts      -nobrowse,hidefromfinder,nosuid
#/home          auto_home   -nobrowse,hidefromfinder
/Network/Servers    -fstab
/-          -static

/home /etc/automounts/home

# /etc/automounts/home 
* -fstype=nfs,rw,bg,hard,intr,tcp fs.burgundywall.com:/tank/home/&

sudo automount -vc
ls /home/username

Update: I gave up and just added myself to a local group so that I can edit files on my webserver and get on with my life. Damn you apple.

# as root
dscl . create /Groups/apache gid 48 # where 48 is the group number on linux
dseditgroup -o edit -p -a kneufeld -t user apache # type in your root password
# open a new terminal window and it will have the new permissions

Holy crap what a disappointment. I've been jonesing for an upgrade for about 6 months now (my current desktop is a Mac Mini 2009) and was eagerly awaiting an updated mini.

So the new mini has a new Ivy Bridge cpu. Whoop-dee-doo.

It only has one Thunderbolt port but at least it does have USB 3.

It only has Intel 4000 graphics. That's a crappy gpu that uses main memory. The reason I wanted a newer mini was so I could play a video game made in the last 5 years. As far as video games go, this mini is worse than the last one and only marginally better than my 3 year old one!

Looks like it's Hackintosh for me because this mini sucks.

I currently have a two disk raid1 array (2TB in size) that is the storage for my LVM but is running out of space. I want to add two more drives to bring available storage to 4TB but I also want to convert raid1 to raid10 to increase the performance of my storage. Here's how I did it.

more…

To autostart the very excellent SickBeard and SABnzbd on OSX (Snow Leopard in my case) you need to create two plist files and then tell launchd to start them.

more…

Any Standard Template Library (STL) pro doesn't need to be told this but for somebody moving from MFC to the STL like me, the following would no doubt be handy.

The problem is that std::map creates a new object anytime you have map[key], even as an rvalue. So here is a super simple template function to quickly check if a map has a key.

template<typename T>
bool has_key( const T& map, typename const T::key_type& key )
{
    T::const_iterator iter = map.find( key );
    return iter != map.end();
}

// eg. has_key( my_map, "key" );

The tiny bit of magic here is the typename in typename const T::key_type&. typename is required due to deep c++ voodoo that I really don't understand.

Or you could just…

map.count( key ) > 0;

Always learning.

There is something seriously wrong with my server, I can only write over nfs at 5 MB/s. Local writes rarely break 35 MB/s. I've tried disabling sync but to no avail. So… I'm afraid I'm going to have to dump Solaris for Linux and part of that is re-arranging my drives.

As a stop-gap measure I want to run Solaris in a virtual machine, and I want my LSI 2008 controller to be pci passed through, so I had to move my rpool from one controller to the LSI.

Like everything Solaris, this was harder than it should have been. Solaris 11 does not have failsafe mode so all of the awesome howto's only apply to Solaris 10.

# boot to single user mode via grub
kernel$ ... -s
# can't boot, can't find rpool

# boot with solaris cd, thankfuly my motherboard is awesome and I
# can redirect an iso into a virtual cdrom via ipmi

zpool import rpool
# error, previously mounted on other host (or something like that)

zpool import -f rpool
zpool status
# very different disk ids

reboot
# success!

I was trying to get multicast working and all of the ancient howtos weren't helping.

Purely by accident I found the solution to the multicast “hello world” of pinging 224.0.0.1.

# setup the routes
ip route add 224.0.0.0/4 dev eth0

# try to ping the multicast aware hosts on your lan with 2 pings
ping -c 2 224.0.0.1
# 100% packet loss

# stop ignoring broadcasts
sudo echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts

# try to ping the multicast aware hosts on your lan with 2 pings
ping -c 2 224.0.0.1
# 100% packet success!

# make your change permanent
sudo echo "net.ipv4.icmp_echo_ignore_broadcasts = 0" >> /etc/sysctl.conf

Installing Virtualbox 4.1.6 on Solaris 11 Express hung my machine and even prevented it rebooting successfully. I suspect a faulty kernel module. Thankfully I have auto-snapshots running and could rollback my rpool after booting from the install cd.

This was a truly miserable experience as my Solaris-Fu is much weaker than my Linux-Fu.

• Boot from install dvd
• zfs rollback rpool@thismorning

Based off of a script by Adam Pierce. Mine is a little more user friendly.

Get latest version here.

more…