While trying to proxy my main nginx instance to a GitLab docker container I wasted hours and hours and hours trying to fix the following error:

fatal: unable to access 'https://gitlab.burgundywall.com/kneufeld/myproject.git/': \
SSL read: error:00000000:lib(0):func(0):reason(0), errno 54

It turns out that nginx config option ssl_session_cache is super f'n important to not screw up. I'm not totally sure what the problem is, but in my main server clause i had

ssl_session_cache shared:SSL:1m;

and I didn't have any such option in my server gitlab stanza. So something something something I could not do any git commands via https.

And even with logging everything looked okay

GIT_CURL_VERBOSE=1 git clone https://gitlab.burgundywall.com/kneufeld/myproject.git
Cloning into 'myproject'...
* Couldn't find host gitlab.burgundywall.com in the .netrc file; using defaults
*   Trying 192.168.5.6...
* Connected to gitlab.burgundywall.com (192.168.5.6) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /usr/local/etc/openssl/cert.pem
  CApath: none
* NPN, negotiated HTTP1.1
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: CN=gitlab.burgundywall.com
*  start date: Sep  3 16:53:00 2016 GMT
*  expire date: Dec  2 16:53:00 2016 GMT
*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
*  SSL certificate verify ok.
> GET /kneufeld/myproject.git/info/refs?service=git-upload-pack HTTP/1.1
Host: gitlab.burgundywall.com
User-Agent: git/2.9.3
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache

* SSL read: error:00000000:lib(0):func(0):reason(0), errno 54
* Closing connection 0
fatal: unable to access 'https://gitlab.burgundywall.com/kneufeld/myproject.git/': SSL read: error:00000000:lib(0):func(0):reason(0), errno 54

except it didn't work.

Anyhow, when I finally figured out that ssl_session_cache was the issue and did some reading I just made sure that each ssl server has it's own cache.

ssl_session_cache shared:SSL-gitlab:1m;

Hours.

I was trying to get Plex to run in a container on CoreOS and for the life of me I couldn't get it to start. I kept getting the following error:

Error: Unable to set up server: bind: Cannot assign requested address (N5boost16exception_detail10clone_implINS0_19error_info_injectorINS_6system12system_errorEEEEE)

It turns out that at some point I had enabled IPv6 and that caused the problem.

So edit your Preferences.xml and disable IPv6 via EnableIPv6="0"

Here's my plex.service for completeness.

[Unit]
Description=plex media server
After=docker.service
#After=docker-registry.service

[Service]
TimeoutStartSec=0
Restart=always
KillMode=none
EnvironmentFile=/media/metadata/plex/environment
ExecStop=-/usr/bin/docker stop plex
ExecStartPre=-/usr/bin/docker kill plex
ExecStartPre=-/usr/bin/docker rm plex
ExecStartPre=/usr/bin/docker pull timhaak/plex:latest
ExecStart=/usr/bin/docker run --name plex --rm \
--net=host \
--env-file /media/metadata/plex/environment \
-v /home/plex:/config \
-v /home/media:/media \
timhaak/plex:latest

Yesterday I was working on Pygments during a Pycon 2016 sprint and added markdown syntax highlighting (with help from Tim Hatch). My pull request just got merged so version 2.2 will finally highlight GitHub flavored markdown (issue).

I was working on Magic Wormhole during a Pycon 2016 sprint and noticed that zipfiles don't preserve file permissions. I'm not the only one who's noticed this (some posts go back over five years) but it still doesn't appear to be fixed.

Anyhow, here's how I did it…

more…

At work I upgraded to Ubuntu 16.04 LTS and every time I ran gvim I got a bunch of errors.

(gvim:19805): Gtk-WARNING **: /usr/lib/x86_64-linux-gnu/gtk-2.0/2.10.0/immodules/im-fcitx.so: cannot open shared object file: No such file or directory
(gvim:19805): Gtk-WARNING **: Loading IM context type 'fcitx' failed

more…

Even after watching a bunch of YouTube videos and reading some websites I still didn't have the foggiest clue on how to actually enter any records in my current accounting software of choice, webzash.org.

In fact I was losing my mind, figuring the two demo programs I was using were both wrong but knowing that couldn't be the case. That's how hard it was for me to wrap my head around these concepts.

So here's how I think this stuff works. It's likely wrong and/or incomplete so take everything I'm about to say with a huge grain of salt.

more…

It took a bit of doing but I was able to install Webzash in a Docker container behind a nginx web server. Here's how I did it.

Plus some notes on database permissions.

more…

I recently moved my web server to Digital Ocean but apparently didn't properly configure my python virtual environment. My apologies to whomever tried to leave a comment but couldn't.

It should all work now.

Gitolite uses a slightly funky url scheme that can wreck havoc with other tools. In particular I wanted to use Google Repo (worst name ever by the way, htf do you search for git and repo to find this?)

Anyway, here's how…

more…

I often want to make a directory and then immediately cd into that directory.

mkdir foo
cd foo

put the following in your .bashrc

function mcd()
{
    mkdir $*
    args=($*)
    cd ${args[@]:(-1)}
}

and then

source ~/.bashrc
mcd -p a/b/c/d