In this post, we'll walk through a fully declarative, Kubernetes-native setup for running a highly available MQTT broker using Eclipse Mosquitto. This configuration leverages core Kubernetes primitives (`Deployments`, `Services`, `ConfigMaps`, and `RBAC`), alongside Traefik `IngressRouteTCP` to expose MQTT traffic externally. It introduces a lightweight, self-healing failover mechanism that automatically reroutes traffic to a secondary broker if the primary becomes unhealthy. The setup also demonstrates internal MQTT bridging, allowing seamless message propagation between brokers. The big advantage over a single Pod deployment (which, in case of node failure, k8s will restart after 5 minutes) is that this setup has a downtime of only 5 seconds and shared state, so all messages will be available on a failover.

I'm pleased to announce the next version of Leaf Node Monitoring, the simple and easy to use open source site and server monitoring tool. This update adds two features users have requested, plus a couple of small but useful fixes. This post goes over everything that is new in this release.

For almost 5 years I've been using the `mqtt-data-logger` [python script](https://github.com/RaymiiOrg/mqtt-data-logger) to log all MQTT communication. This script works, but is a bit limited in how it stores logs (files per time it's started) and it often can't keep up with the message rate (tens of thousands per second) of my mqtt brokers. So I've written a new tool in C++ to log all MQTT messages to syslog and optionally to the terminal. Then, via syslog, you can send it to where ever you like, be it a file or an ELK (Logstash/Elasticsearch/Kibana) stack. It even compiles without syslog support, if you only want to log to a file or the terminal. There's a docker image and a docker compose file, so you can easily deploy it wherever you have an MQTT broker running.

As of the 18th of February, OpenVMS, known for its stability and high-availability, 47 years old and ported to 4 different CPU architecture, has a package manager! This article shows you how to use the package manager and talks about a few of its quirks. It's an early beta version, and you do notice that when using it. A small list of things I noticed, coming from a Linux (apt/yum/dnf) background: There seems to be no automatic dependency resolution and the dependencies it does list are incomplete. No update management yet, no removal of packages and no support for your own package repository, only the VSI official one. Service startup or login script changes are not done automatically. Packages with multiple installer files fail and require manual intervention. It does correctly identify the architectures, has search support and makes it way easier to install software. The time saved by downloading, manually copying and starting installation is huge, so even this early beta is a very welcome addition to OpenVMS.

I'm using the Headlamp dashboard for my [high-available local kubernetes cluster](/s/tutorials/High_Available_k3s_kubernetes_cluster_with_keepalived_galera_and_longhorn.html) because I find that to be faster, more clear and useful than the full blown Kubernetes Dashboard. In [my first article](/s/tutorials/My_First_Kubernetes_k3s_cluster_on_3_Orange_Pi_Zero_3s_including_k8s_dashboard_hello-node_and_failover.html#toc_4) I accessed the dashboard via a local port forward. This article documents how to expose the dashboard via an `Ingress` and some `Traefik` specific `annotations`. The dashboard helm chart sets up HTTPS internally, `Traefik` does not like that by default. Most of the time, all internal cluster communication is insecure (I'm not sure why, seems to be a bad idea). A few of the guides online suggest disabling HTTPS for the dashboard internally or, for the k3s specific case, disabling HTTPS validation entirely. Both of those are too broad for my use case, so I decided to figure out how to make `Traefik` talk to the `kubernetes-dashboard-kong-proxy` via `https`, without disabling certificate validation.

This is the result of my first attempt at learning KiCad during the Christmas break. I love the sound of a relay, so trying out [these relay logic gates](https://www.youtube.com/watch?v=_nXc439NTYk) from the Usagi video and the information [here on the MERCIA relay computer](https://web.archive.org/web/20250104211313/https://relaiscomputer.nl/index.php/elements) on a breadboard was fun, but a bit messy. No transistors or modern components, just relays, push buttons, resistors and LED's to show output. I've always wanted to make my own PCB. These simple relay logic gates are perfect to try out KiCad and actual PCB design, having never done that before. This short post shows you my first PCB, with all the beginner mistakes included.

You probably recognise this situation. You're working on your code and realise that the thing you're writing might take long, be blocking or is batch-wise. It might be resizing images, calling some API or processing hardware inputs or a stream of incoming messages. These tasks, if not handled efficiently, can halt your application, leaving it unresponsive. To avoid this, one solution is to offload these time-consuming operations to a separate thread, allowing the main application to continue executing without interruptions. In this article, I'll show you how you can implement asynchronous work processing in C++ using a worker thread. This example class is my go-to for this situation and is easily adapted to handle more complex use cases. It has a queue of work items and uses a `std::thread`, a `std::mutex` combined with a `std::condition_variable` to manage work asynchronously, processing items one by one.

Sherlock Holmes tackles a modern computing dilemma involving a missing system call. In this case, a frustrated developer attempts to port an embedded device running Yocto to a newer version, only to be met with `Error 38` due to a missing syscall. Holmes and Watson delve into the intricacies of kernel versions, glibc, and system calls to uncover the truth behind the missing `syscall_397` and provide a logical solution.

I recently faced a challenging issue with an application that wasn't shutting down correctly, either segfaulting or terminating without an active exception. Running the program via `valgrind` to check for memory leaks wasn't possible because the program couldn’t perform its cleanup if it didn't shut down correctly. This article covers adding runtime instrumentation provided by `gcc` to log destructors. This helped me figure out what was still left over from the closed-source framework in use preventing correct shutdowns or causing segfaults. It includes example code, setup instructions and insights into handling shutdown issues in large, multi-threaded codebases.

Since [DECWindows / CDE](/s/blog/OpenVMS_x86_E9.2-3_fixes_CDE_and_adds_Guest_Console.html) now works on OpenVMS x86 (from 9.2-3 onwards) there is much fun stuff to do. Back in 2021 I wrote an article on the [CDE desktop on Alpha / AXPbox](/s/blog/OpenVMS_CDE_Desktop_remote_x_axpbox.html) and also an article on how to run [CDE on modern linux, since it's still developed](/s/blog/The_Common_Desktop_Environment_CDE_is_still_developed_in_2021.html#toc_6). Both articles included a game, **GENERIC-TETRIS** from 1992, [written by Qiang Alex Zhao](https://web.archive.org/web/20240815073318/https://sites.cc.gatech.edu/gvu/people/qiang.a.zhao/Games.html). After getting the (remote) desktop working I wanted to compile and run Tetris to continue this lineage, from VAX, to Alpha, to Linux/CDE, to x86 VMS. I haven't got an Itanium to run it on, but if anyone has one left willing to send this way, feel free to contact me. This article includes the precompiled tetris binary for OpenVMS x86 and instructions to compile the source. The code required some minor modifications which I'll also cover, but that's not surprising for code that hasn't changed much since 1992 to be compiled in 2024. This article also shows you how to install curl on OpenVMS.

I'm a big fan of OpenVMS. You can [read all my OpenVMS articles here](/s/tags/openvms.html). Since the [licensing changes](https://web.archive.org/web/20240814192656/https://vmssoftware.com/about/news/2024-03-25-community-license-update/) to the Hobbyist Program, I applied and was included in to the Ambassador Program. A new update of the X86 field test is released and this includes to major changes for hobbyists. One is a new feature, the Guest Console, which makes installing easier by no longer requiring a serial port and fiddling with Putty or your telnet client and the second is a fix to the C/C++ compiler which, (probably by accident), fixes CDE and DECWindows. The [Common Desktop Environment (CDE)](/s/blog/The_Common_Desktop_Environment_CDE_is_still_developed_in_2021.html) is still under development and can be installed on Linux quite easily. This post shows the two new features, the Guest Console and CDE working.

This guide shows you how to use Role-based access control (RBAC) to create a user account that only has rights for one specific namespace. I'll also show you how to limit the resource usage of that `Namespace`. Last but not least, I'll also show you how to create a `kubeconfig` file for that specific user.

If you have [set up a Self Signed Root CA](/s/tutorials/Self_signed_Root_CA_in_Kubernetes_with_k3s_cert-manager_and_traefik.html) for your local Kubernetes Cluster and have trusted the Root Certificate, you are at risk if the key is compromised. If the key is stolen, it can be used to create trusted certificates for everything. Luckily there is something we can do, using `nameConstraints` to limit the scope of the Root Certificate to, in our case, a single domain (`k3s.homelab.mydomain.org`). This means that if your key would be compromised, it would only be able to issue certificates for anything under that domain, not your bank for example.

Now that I'm learning Kubernetes for a few weeks, I'm finally at the point where I was 20 years ago with regular boring old tech, being able to [host multiple domains](/s/tutorials/Kubernetes_k3s_Ingress_for_different_domains_like_virtual_hosts.html), [password protection](/s/tutorials/Password_protect_web_services_in_Kubernetes_k3s_traefik_with_basic_auth.html) and [high available clusters](/s/tutorials/High_Available_k3s_kubernetes_cluster_with_keepalived_galera_and_longhorn.html). It seems we have to re-invent the wheel every time but in the end, it's just resume-driven development, the underlying stack costs more, is way more complex but for the user, nothing changes, they see the same website as always. [Not all change is progress](https://luddites.latenightlinux.com/). Enough of being a curmudgeon, time to continue with Kubernetes. In this episode of 'Remy discovers Kubernetes', I'm setting up `cert-manager`, **not with Lets Encrypt**, but with a self-signed certificate authority. I'll also show you how to set up a regular certificate, one you've for example bought somewhere. I'll also cover `nameConstraints` to make the risk of compromise of your trusted root ca lower.

The `openssl x509` command can be used to get information from a certificate. If you supply a filename, the command will only use the topmost certificate in the file, not all certificates in the file, like in the case of a certificate chain. The `openssl s_client -connect` command can connect to a server and show all certificates served by that server. The command I'm providing in this snippet splits up all certificates found in a file or as the result of `openssl s_client` and allows `openssl x509` to loop over each one individually.

Now that I have a [high-available local kubernetes cluster](/s/tutorials/High_Available_k3s_kubernetes_cluster_with_keepalived_galera_and_longhorn.html) and am [experimenting with deploying apps](/s/snippets/Using_nodeSelector_to_deploy_a_Kubernetes_Helm_chart_only_on_x86_or_amd64_nodes_not_arm64.html), it's also time to look into securing those apps using certificates and passwords. In this case I'm going to set up password authentication, like a `.htaccess` file in `Apache2`, to protect the `Longhorn` dashboad, which by default requires no authentication. This means deploying an `Ingress`, a `Middleware` and a `Secret`.

I'm pleased to announce the next version of Leaf Node Monitoring, the simple and easy to use open source site and server monitoring tool. Major new features include minimizing to the tray, automatic startup on Windows and Linux and a new check, SSL Certificate Expiry. This post goes over everything that is new in this release.

My [k3s cluster](/s/tutorials/My_First_Kubernetes_k3s_cluster_on_3_Orange_Pi_Zero_3s_including_k8s_dashboard_hello-node_and_failover.html) runs on Orange Pi Zero 3 small board computers, with a 1.5 GHz Allwinner H618 Quad-Core Cortex-A53 ARM64 CPU. Nowadays most popular software has support for `aarch64` due to the popularity of boards like the Raspberry Pi and the Apple M1 series processors, but smaller projects or niche software often can only run on x86/amd64. If you write your own yaml files for deployment you can use a `nodeSelector` combined with the `kubernetes.io/arch=amd64`, but with a Helm Chart this is not that obvious. This small snippets shows you the correct syntax to force deploy a Helm Chart to only amd64 nodes in your cluster. This assumes you have a mixed cluster, I added a small virtual machine to it for testing.

Now that I have a [high-available local kubernetes cluster](/s/tutorials/High_Available_k3s_kubernetes_cluster_with_keepalived_galera_and_longhorn.html) it's time to learn not just managing the cluster but actually deploying some services on there. Most examples online use a `NodePort` or a `LoadBalancer` to expose a service on a port, but I want to have domains, like, `grafana.homelab.mydomain.org` instead of `192.0.2.50:3000`. Back in the old days this was called [Virtual Host](https://web.archive.org/web/20240515131604/https://httpd.apache.org/docs/2.4/vhosts/), using 1 IP for multiple domains. My k3s cluster uses `traefik` for its incoming traffic and by defining an `Ingress` we can route a domain to a service (like a `ClusterIP`). This page will show you how.

After my [first adventure with Kubernetes](/s/tutorials/My_First_Kubernetes_k3s_cluster_on_3_Orange_Pi_Zero_3s_including_k8s_dashboard_hello-node_and_failover.html), getting started with k3s on my small 3 node ARM cluster that [boots via PXE / NFS](/s/tutorials/Netboot_PXE_Armbian_on_an_Orange_Pi_Zero_3_from_SPI_with_NFS_root_filesystem.html), I noticed that there is only one k3s node that has the `control-plane,master` role. If that node fails you can no longer manager the cluster. Other nodes can fail and then the workloads (pods) will be restarted eventually after 5 minutes, but this node is special. Time to change that and make it a high available cluster. K3s [supports](https://web.archive.org/web/20240703112841/https://docs.k3s.io/datastore/ha) high-availability with embedded `etcd` and with external databases like `MySQL` and `postgres`. `etcd` will thrash your storage (SD cards) so I decided to go with a `MySQL` cluster using `Galera` for the database and `keepalived` for the High Available Cluster IP. This guide will show you how to configure the HA database and HA-IP and I'll also setup [longhorn](https://web.archive.org/web/20240707025724/https://longhorn.io/) for high-available block storage inside kubernetes. The end result is that I can pull the power from any two of the three nodes without the k3s cluster or workloads going down.

I've been working as an embedded C++ developer for over 5 years now so my sysadmin / devops skills are becoming a bit rusty. The odd bit of Ansible here and there but no new stuff. I figured it was time to expore Kubernetes, as it is what all the cool kids do these days. So I [got myself 3 new SBC's] (/s/tutorials/Netboot_PXE_Armbian_on_an_Orange_Pi_Zero_3_from_SPI_with_NFS_root_filesystem.html), the [Orange Pi Zero 3] (https://web.archive.org/web/20240623200133/http://www.orangepi.org/html/hardWare/computerAndMicrocontrollers/details/Orange-Pi-Zero-3.html). I'll be using these to install and setup a basic Kubernetes cluster, getting the Dashboard working, installing a Hello World app and testing how the failover works.

Because I wanted to experiment with Kubernetes I bought a few cheap SBC's and a Power over Ethernet switch to run `k3s`. Since Kubernetes is very resource intensive I wanted to try to boot the boards via the network without causing wear on the Micro SD card. The boards have built-in SPI flash from which it can boot `u-boot` and Armbian works quite well with a root filesystem over NFS. This guide will help you with netbooting an Orange Pi Zero 3 running Armbian.

I'm pleased to announce the next version of Leaf Node Monitoring, the simple and easy to use open source site and server monitoring tool. Major new features include better alerting and history of events. This post goes over everything that is new in this release.

Recently I was gifted a T65 rotary telephone. This was **the** standard telephone in The Netherlands in the seventies and eighties. I remember my parents having one as well. Because this phone does not use DTMF but pulse dialing it does not work with modern equipment, like the built in telephony / voip server on my FritzBox router. Using a hardware converter it is possible to convert pulse dialing to DTMF and to use your rotary phone again. This page covers two such devices, the DialGizmo and the GrandStream HT502 and a more homebrew approach.

Adding [properties to QObject based classes](https://web.archive.org/web/20240529180113/https://doc.qt.io/qt-6/properties.html) is cumbersome. Although [the property system](https://web.archive.org/web/20240529180113/https://doc.qt.io/qt-6/properties.html) and [Signals and Slots](https://web.archive.org/web/20240529180002/https://doc.qt.io/qt-6/signalsandslots.html) are great to use, especially with QML, it takes a lot of boilerplate code to add such properties to a class, at least 15 to 20 lines for each property. I've cobbled up a macro that saves you about 95% of lines when using a `Q_PROPERTY`. (22 lines to 1 line).

I recently had to setup a Windows development environment with Qt 5.15. Qt 5.15 is still developed by the Qt company, but only released in binary form for paying customers. The [source code is released after 1 year](/s/blog/Qt_5.15_LTS_Docker_Image_for_Android_with_OpenSSL.html#toc_0). Via the Online Installer you can only install 5.15.2 and you must login with a Qt account. This guide shows you how to install the most recent Qt 5.15 (as of writing it's 5.15.13) and Qt Creator, **without** a Qt account. We're using `vcpkg` to compile Qt and a specific offline-enabled installer for Qt Creator.

At home I have a 2 node Proxmox VE cluster consisting of 2 HP EliteDesk Mini machines, both running with 16 GB RAM and both an NVMe and SATA SSD with ZFS on root (256 GB). It's small enough (physically) and is just enough for my homelab needs specs wise. Proxmox VE has support for clustering. For a cluster (in any sense of the word), you need at least 3 nodes, otherwise there is no quorum. Corosync, the cluster software used by Proxmox, supports an external Quorum device. This is a small piece of software running on a third node which provides an extra vote for the quorum. In my case I wanted to run this on my NAS, since (physical) space is a premium. The NAS supports Docker, this guide explains how to run the QDevice for Proxmox VE 7 in a Docker container. There is a qdevice Docker image on the Docker hub but that guide does not work for Proxmox VE 7 and requires a lot of manual setup. Using my method involves a lot less steps, since you're basically running an extra debian VPS (a container with systemd and openssh).

The [Atgames Legends Pinball Micro](https://web.archive.org/web/20240123213954/https://www.atgames.us/products/legends-pinball-micro) is a small virtual pinball cabinet for around USD 350. I imported one to the Netherlands, Atgames does not ship here. The built in tables are okay and more are for sale via Atgames' webshop. Overall for the price it is a nice device. Build quality is okay, software lacks a bit of quality. One really annoying issue which severely impacts gameplay is a buzz / hiss sound. This post goes over my attempts to fix this hiss and the one that worked was a ground loop isolator.

Which Root Certificates should you trust? Did you know that any certificate authority can issue a certificate for any website? There are protocols in place so that should not happen, but when (not if, when) they get hacked or coerced by their government, they can issue a certificate to intercept secure communication for any website. I've made an open source program, [CertInfo](https://github.com/raymiiOrg/certinfo) that analyzes your browser history and queries all visited domains for their certificates. It presents a list of used root certificates (meaning, a website you visited was ultimately signed by that root CA) and a list of unused root certificates (meaning, no website in your analyzed history was signed by that root CA).

The [YouLess](https://youless.nl/home.html) is a device that can help you monitor energy usage. It works on so called smart meters using a P1 port, it can monitor solar panels but it also works with regular old analog meters. I have an old style analog meter but I like gadgets and monitoring / reducing my energy usage just as much as the next guy so I bought one. It has an optical sensor that you paste (with tape) on your meter and that detects a little black bar on the rotor disc and using a rpm factor on your meter it calculates the electricity used. I has some trouble with the device when I set it up, it turned out to be aligned wrongly. It sometimes missed the black bar, so the numbers were incorrect. I wrote a little application using Qt and QML to show the raw light sensor values in a line graph to help me align the YouLess correctly. This post tells you more about the application, which of course is open source.

Recently I got an email from Google regarding the API level of [Leaf Node Monitoring](https://leafnode.nl), my open source monitoring app for Windows, Linux and Android. The Play Store version must be updated to target API level 33. For Windows and Linux I'm building the app automatically in a CI environment but the Android build was still a manual process. Until now, because after a bunch of messing around with Android NDK versions, OpenSSL library paths and Qt compile flags I can automatically build Leaf Node Monitoring in my CI. I'm using Woodpecker CI and that requires every build step to be executed in a Docker image. There are a few Qt docker images floating around but they are all using the pre-built 5.15.2 version by extracting it from the Qt Online Installer. That version is quite old, 5.15.15 LTS was released [a few days ago for Commercial License Holders](http://web.archive.org/web/20230902132649/https://www.qt.io/blog/commercial-lts-qt-5.15.15-released) on August 31, so after 1 year it will become available as open source. My docker image builds Qt from source using the `5.15 KDE Qt Patch Collection` branch for Android and it includes OpenSSL. This is as far as I know the most up to date docker image for Qt 5.15, currently at 5.15.10 LTS.

Qt has no `Circle` built in to QML as a basic type, as for example the `Rectangle` or the `Button` control. This post shows you how to get a `Circle` in QML, from the most basic method (a `Rectangle` with a `radius` of 180) to more advanced methods, using the `Canvas` JavaScript API (which allows us to draw a partially filled Circle, for a Pie Chart) and a `c++` control based on `QQuickPaintedItem`. I wanted to experiment with the `Canvas` QML control and the `QQuickPaintedItem` C++ interface to get a better understanding of Qt and QML drawing interfaces, this post reflects that journey including showing your grouped QML properties exposed from C++.

This is a static site, meaning that no server-side processing occurs. All HTML is generated out of a few folders full of markdown source and then uploaded to the cluster. Searching on this site was always provided by a text-box form that sent you to google with 'site:raymii.org' appended to it. Works fine, but it sends all data to Google. With my recent removal of all Google Ads on this site, as well as tracking via Google Analytics, sending searches via Google seems wrong.

I recently found the `pagefind` program which I now use on here, it is a self hosted static site search engine of sorts.

OpenVMS 7.3 was the last version for the VAX architecture. All later versions (like 8.4) are only available for the Alpha CPU architecture or Intel's Itanium platform. Since I don't want hardware running, which is suprisingly hard to get in The Netherlands, Alpha machines, I want to be able to run it in an emulator. simh is the best open source VAX emulator, but it does not support Alpha. My adventure with es40, the only open source Alpha emulator (development halted 10 years ago) ended prematurely since it crashes all the time. The only other available options are FreeAXP, Charon-AXP, vtAlpha and EmuVM AlphaVM. Only FreeAXP is available as a free (but not open source) download, Charon had a personal version but that is nowhere to be found nowdays, vtAlpha doesn't offer a trial or free version and EmuVM Alphaserver also stopped with their free version. In this article I'll go over my adventure with FreeAXP and EmuVM.

I like to tinker with old hardware. The [DEC](https://raymii.org/s/tags/dec.html) PDP-8 is my favorite [retro computer](/s/tags/pdp-8.html) and [Office 2003](/s/blog/Using_a_Windows_Mobile_2003_PDA_hp_ipaq_in_2022_including_whatsapp.html) is the best version ever released IMHO. One of my other favorite retro devices is the HP Jornada 720. A small `handheld PC` (smaller than a netbook) running Windows CE or in my case, Linux. It has a decent keyboard, CFL backlit screen, **32 MB of RAM(!)**, a compact Flash card for storage and a stylus for the resistive touchscreen. Oh and I got a 10Mbit PCMCIA network card, but wireless cards are also still available. It might be old, released in 1999, but can do one thing your modern iPhone can't.

This guide shows you how to run `Vi` without an operating system, bare metal. This is a follow up on my article from 2014 where I made a custom linux distro that would [Boot to Vim, VIM as PID 1](https://raymii.org/s/blog/Vim_as_PID_1_Boot_to_Vim.html). This time we go further, we boot into `Vi` without an operating system. This is made possible by [Cosmopolitan](https://justine.lol/cosmopolitan/index.html), a `libc` that outputs a POSIX-approved polyglot format that runs natively on Linux + Mac + Windows + FreeBSD + OpenBSD + NetBSD + BIOS with the best possible performance and the tiniest footprint imaginable.

This article shows you how to install HAProxy on OpenVMS 9.2 for x86. I've often used HAProxy in my career as a sysadmin and find it a very useful tool. HAProxy is an open source, fast, reliable load balancer for TCP and HTTP-based applications. This guide assumes you've set up your OpenVMS system via [my guide](https://raymii.org/s/blog/OpenVMS_9.2_for_x86_Getting_Started.html) and the [second part](https://raymii.org/s/blog/OpenVMS_9.2_for_x86_Getting_Started_part_2.html) of my guide, that will give you a fully licensed OpenVMS installation with networking and SSH access. Since I've used HAProxy so very often to set up high-available clusters and load balancers, I was surprised but happy to see it ported to OpenVMS. This guide shows the setup but also a few OpenVMS specific quirks, like file paths and troubleshooting error messages / logs.

OpenVMS on x86 is now available for hobbyists! Almost a year after [the official release](/s/blog/OpenVMS_9.2_for_x86_will_be_released_tomorrow.html). This is a part 3 of my getting started guide. Part 2 ended with a working network setup and SSH access. In part 3 we'll do something very exciting, installing the WebUI, a web based management interface for OpenVMS. I'll also share a few smaller tidbits, like how to use the interactive text editor via an `ssh` session and how to use `unzip`.

A small site update this time, just to let you know that I've added a cookie consent popup to this static site. If you reject all cookies, you should not see any advertisements and aren't tracked by Google Analytics. It's open source, cookieconsent by Orest Bida.

OpenVMS on x86 is now available for hobbyists! Almost a year after [the official release](/s/blog/OpenVMS_9.2_for_x86_will_be_released_tomorrow.html). This is a part 2 of my getting started guide. [Part 1](https://raymii.org/s/blog/OpenVMS_9.2_for_x86_Getting_Started.html) ended with an installed system, this part continues with automatic startup, activating the license files (PAKs) and setting up networking including SSH access.

OpenVMS on x86 is now available for hobbyists! Almost a year after [the official release](/s/blog/OpenVMS_9.2_for_x86_will_be_released_tomorrow.html). This is a part 1 of my getting started guide, showing you how to install OpenVMS on VirtualBox on Windows 10/11. More parts will follow, documenting license installation, network setup, ssh, application installation etc.

OpenVMS x86 is now available for (most) hobbyists! Almost a year after [the official release](/s/blog/OpenVMS_9.2_for_x86_will_be_released_tomorrow.html) most hobbyists can now login to the [Service Portal](https://sp.vmssoftware.com) to download their copy of OpenVMS 9.2 for x86, `X86E921OE.ZIP` and the PAK (license) files (`x86community-20240401.zip`), valid until April 2024.

During a recent code review I found a hard to spot bug, a misplaced parenthesis in an `if` statement. I often employ a technique I call `named booleans`, which would have prevented this bug. It's a simple technique, instead of a long `if` statement, give every comparison a seperate boolean variable with a descriptive name and use those variables is the `if` statement. This post shows the bug in question, an example of my `named booleans` technique and another tip regarding naming magic numbers.

I've seen many C++ code bases where there was the concept of a service locator. An global static object that anyone can query to get a class. This is handy with old legacy spiderweb intertwined code that gets everything from everywhere, but not so useful when you're trying to unit test code, it is not visible from the header what dependencies you need. My preference goes to dependency injection, give all the dependencies to the class' constructor and use them that way. Makes it easy to mock and if you have many dependencies, it serves as a starting point to refactor in to a more clearly separated architecture. This article shows a piece of code that uses QObject, the Qt object base class, to replace a servicelocator. All QObjects can have a parent QObject, thus a tree is formed, which you can walk back up and search. This effectively replaces the servicelocator, since you can just request a certain type of QObject.

Recently a few of my Ubuntu 20.04 and Debian 11 servers failed to run an `apt update` because it insisted that the HTTPS certificate for a repository could not be validated, while `curl` on the same system had no issues connecting. Join me on a deep dive into certificate validation and troubleshooting `apt`, digging into the C++ source code for `apt` and `GnuTLS` and in the end, it turned out to be my own fault due to permission on a folder. However, the error messages were totally unhelpful resolving the mysterious validation problem. This article was written over the period of a few days, chronologically during troubleshooting.

This is an overview of all the servers in the Sparkling Network, mostly as an overview for myself, but it might be interesting for others. It also has a status overview of the nodes. Prices are monthly, excluding VAT.

I'm pleased to announce the next version of Leaf Node Monitoring, the simple and easy to use open source site and server monitoring tool. Major new features include a responsive and adjustable layout, massive performance improvements and a new check type, allowing you to execute external processes, for example, the nagios/monitoring plugins. This post goes over everything that is new in this release.

The Meta-Object Compiler, `moc`, handles Qt's C++ extensions and it is required for signals and slots and properties in Qt. `moc` reads C++ header files and if the `Q_OBJECT` macro is used, it generates an extra `.cpp` file named `moc_filename.cpp` containing extra (meta-object) code. This post has a bit of background information and a shell script to automatically include `moc_*.cpp` files in your code whenever `Q_OBJECT` is used. If you use `qmake`, this will probably speed up your build and if you use `cmake`, this will probably speed up incremental builds (when `CMAKE_AUTOMOC` is `on`).

Spinrite is a hard drive recovery and maintenance utility written by Steve Gibson from GRC. It is marketed on the Security Now TWiT podcast which I often listen to. I have bought a copy of it and sometimes use it on solid state disks or SD cards. Spinrite 6.0 is written is assembly language and runs on top of MS-DOS or FreeDOS, using the BIOS. UEFI is not supported and neither are NVMe drives. This post will show you how to run Spinrite 6.0 on such a system anyway, using a modern linux live USB drive that can boot on UEFI only system and VirtualBox, exposing the NVMe disk as a SATA drive.

This is a simple page with a form which you can use to generate OpenSSL commands to, for example, create a CSR or a self signed certificate.

This small one liner lets you generate an OpenSSL self signed certificate with both a common name and a [Subject Alternative Name (SAN)](https://en.wikipedia.org/wiki/Subject_Alternative_Name). Most guides online require you to specify a separate config file but this guide uses a bash trick [(process substitution)](https://web.archive.org/web/20221014191420/https://superuser.com/questions/1059781/what-exactly-is-in-bash-and-in-zsh) to pass such a config file to OpenSSL via the command line. If you are using OpenSSL 1.1.1 or higher, there now finally is a built in command line option which I'll also cover.

This guide shows you how to add a fade in / fade out effect to a control in QML. There are a lot of built in animations in Qt/QML, but no fade in/fade out. Using a state machine and a `SequentialAnimation`, we can first animate the opacity, then set the visibility, achieving a fade in / fade out effect. Other ways like a `PropertyAnimation` are also available but are less expressive or configurable.

[Leaf Node Monitoring](https://leafnode.nl) is my own open source (GPLv3), paid, network monitoring program for Windows, Linux & Android. Written in C++ & Qt 5. Perfect to run on your desktop and monitor your servers. Simple setup, auto-detects running services, runs checks concurrently and alerting. This post shows another upcoming feature in the next version, responsive layouting to more effectively use screen real estate.

On July 8th, a few days ago, I saw the following post on the VMS Software Inc (VSI) blog, titled 'Release of OpenVMS V9.2 for x86 Scheduled for July 14, 2022'. That is tomorrow! I'm so excited, I can't wait to start playing around with it. This short post goes over the announcement and the status of the community license, and hopes to make you just as enthusiastic as I am for the coming release!

Leaf Node Monitoring is my own open source (GPLv3), paid, network monitoring program for Windows, Linux & Android. Written in C++ & Qt 5. Perfect to run on your desktop and monitor your servers. Simple setup, auto-detects running services, runs checks concurrently, open port scanning and alerting. I've recently released the first version, and this post goes over the features that will come in the next release.

While cleaning out my collection of electronics, I found a PDA. Not the modern kind (voice assistant), but the old school precursor to the smartphone. It's a HP iPAQ h4350, it was a model used by the Dutch Railways. I picked it up in working condition years ago and was wondering, how does a mobile device from 2003 stack up to a modern smartphone? The first thing I did was run linux on it which worked surprisingly well, it however was noticeably slower than Windows Mobile. This post shows you how well the device still works in 2022, including using WhatsApp to chat. Almost all things I use my smartphone for, I can do with this PDA!

Property bindings are one of the most powerful concepts in Qt/QML. Property bindings let you specify relationships between different object properties. When a properties dependencies change in value, the property is automatically updated according to the specified relationship. The QML engine monitors the properties dependencies (that is, the variables in the binding expression). When a change is detected, the QML engine re-evaluates the binding expression and applies the new result to the property. One little known caveat with property bindings is that they break after a static JavaScript assignment (`property = value`). This post shows you the different behaviors and how to use `Qt.binding()` to assign property bindings via JavaScript.

With Qt it's very easy to work with (async) HTTP requests. This guide shows you how to do it with Qt core and in Qml. The two examples print the output of a HTTP GET request on screen after pressing a button. The Qml method uses JavaScript, so that's cheating a bit, the other method uses plain C++ with Qt's libraries for networking (`QNetworkAccessManager`) and signals and slots for the async part.

In my earlier posts I described the hurdles I faced with my plan to [sell my own](/s/blog/Selling_GPL_Software_part_1_lots_of_hurdles.html) GPL software and I described how to [embed the source code directly inside the app] (/s/articles/Embed_the_source_code_directly_in_your_Qt_app.html) (for mobile platforms). This post looks at a few other projects that sell GPL software and it's a bit of a progress update regarding my plans and software.

I have a deep-seated hatred towards half-assed quick-moneygrabbing marketeers, but today they reached at an all-time low. This site is `raymii.org`, I received an email for a guest post on `dragonflydigest.com`. Not even remotely alike in spelling. I'm not called Justin, and I (sadly) don't maintain an excellent BSD distro. So dear telemarketers, every week I get emails like this, please put in a bit more effort. Normally I don't spend any time or effort, certainly not provide exposure, but this instance of Cunningham's Law does deserve a post, sadly.

In this guide we'll build a linux distribution for Seeed reTerminal, using the Yocto project and the `boot2qt` stack provided by Qt. This `boot2qt` image can be written to the internal eMMC and when booted up, the Seeed reTerminal runs a software stack that integrates nicely with Qt Creator (the Qt IDE), for example, one click deployment to the device. You can run your own Qt application on the reTerminal, full screen, it will boot right into it. This guide covers Qt 6.2. The guide also covers changing the default startup app to your own app, Qt Creator integration and rotating your Qt app, both Widgets and QML, the latter via Wayland and Weston.

In this guide I'll show you how to build a weather app for the Seeed reTerminal using Qt and QML. Imagine the reTerminal in your entrance hallway and with just a quick glance at the screen you'll know what the weather will be the next few hours, if you need an umbrella, if you'll have a headwind on your bicycle ride or if it's just going to be clear and sunny. This tutorial builds on the [reTerminal Yocto boot2qt distro](/s/tutorials/Yocto_boot2qt_for_the_Seeed_reTerminal_qt6.html) we've built in the previous article and uses Qt 6. Qt is a C++ framework, but this Weather app will use QML almost exclusively. I'm using just QML to make the guide more accessible and also because I'm used to doing everything in C++, so a sidestep to QML is fun for me as well.

Qt is a nice C++ framework with a GUI toolkit on top, actually, 2 toolkit, Widgets and Qml. Qt is available under the GPL and LPGL, open source licenses and a closed source license. [Back in 2020](https://lwn.net/Articles/817129/), the Qt company decided to [start a war](https://ev.kde.org/2020/04/06/changes-in-qt-and-the-kde-free-qt-foundation/) against their own users and contributors by withholding the 5.15 code, only releasing them under a closed license, making the offline installers available to paid customers and requiring a Qt account for the online installer. Due to [an agreement](https://www.qt.io/faq/3.2.-why-do-you-have-an-agreement-with-kde-about-your-licensing-what-kde-is-and-whats-the-history-of-qt-and-kde) with the [KDE project](https://kde.org/community/whatiskde/kdefreeqtfoundation/) they are obliged to release the code after one year under an open source license, and that time has come for 5.15.3. For most LTS releases, the Qt company writes a blog post, but this open source release only gets a [mailing list post](https://lists.qt-project.org/pipermail/development/2022-March/042262.html) (One day and 4 blog posts later, [no mention of 5.15.3 on their blog](https://archive.ph/IvMSn)). This short post is intended to give a bit more publicity to that release and to tell you about the KDE Qt 5.15 LTS patch collection. Even if I might not agree with the business practices, the framework is nice to work with.

Five years ago I made a website that allowed you to put in a few domains and get an email when the SSL certificate was about to expire. No ads, no fuss, just an easy way for people to keep tabs on their sites without setting up their own monitoring like Nagios. As with all of my software, I released it under the AGPL due to it being web based software. Recently I found a company that hosted certificatemonitor, with some modifications (branding and a dutch tanslation), without any reference to its origin, no source code provided and no mention of the license. In this article I'll talk about what I did to enforce the license and how it went. TL;DR, not as expected. The company responded timely and friendly, but did a half assed attempt (added a link to my site with 'Inspired By Remy' as the text), then after my complaints, took down the entire site.

I recently got my hands on a Raspberry Pi 4 Compute Module, 4 GB with 32 GB eMMC flash and a Compute Module 4 IO board. Due to the global chip shortage it's hard to find one in stock but I got lucky by checking [rpilocator.com] (https://rpilocator.com/) regularly (thanks to [Jeff Geerling] (https://www.jeffgeerling.com/blog/2022/its-dire-raspberry-pi-availability-tracker-launched) for that site. He's got amazing Raspberry Pi related content next to a bunch of high-quality Ansible playbooks, go give him a visit). The eMMC edition I have can only be flashed if you put a jumper on a pin on the I/O board (to put the cm4 in a special mode, `nRPI_BOOT`) and use a special tool, [usbboot](https://github.com/raspberrypi/usbboot). [Jeff has a great guide](https://web.archive.org/web/20220226203155/https://www.jeffgeerling.com/blog/2020/how-flash-raspberry-pi-os-compute-module-4-emmc-usbboot) on flashing the cm4 eMMC edition. My `cm4` however, was not showing up whenever I put it in this special flashing mode. This article goes over the troubleshooting I did and the eventual solution (hint: hardware problem).

This is a small snippet showing a Yocto recipe that executes a script on every build of an image that includes that recipe. I use it to write the build hosts date/time to a file on the image, but you could do anything you want inside the script. It's not recommended to do this, for example, if you want to place a binary on your image you should version it correctly. Yocto can build from a git repo, no need to copy binaries. If you include the `buildinfo` class your image or the `os-release` recipe, build info is also written to your image.

In this guide we'll build a linux distribution for Raspberry Pi 4, using the Yocto project and the `boot2qt` stack provided by Qt. This `boot2qt` image can be written to an SD card and when booted up, the Raspberry Pi runs a software stack that integrates nicely with Qt Creator (the Qt IDE), for example, one click deployment to the device. You can run your own Qt application on the Pi, full screen, it will boot right into it. This guide covers both Qt 5.15 and Qt 6.2. The 5.15 build process is a bit convoluted due to a few upstream issues. The guide also covers changing the default startup app to your own app and Qt Creator integration.

In my earlier [post on selling GPL software](/s/blog/Selling_GPL_Software_part_1_lots_of_hurdles.html) I outlined a few points that make it hard to sell GPL software. One of them is the availability of the source code. You could put it online but then everyone has access without paying. Other options like putting it behind a login or sending a link after purchase require extra systems and saving more user information, lots of extra hassle for me and the users. One of my ideas for 'solving' this issue is by shipping the actual source code directly inside the application. This article shows you how to do that, by creating an archive of the current source code on every build with `qmake` and embedding that inside the application using `qrc`, including a button to save the archive locally to disk. It works on the desktop as well as Android, including the required permissions.

This small snippet of Javascript logs all properties and functions of a Qml Item. This is useful when you're knees-deep in a dynamic control that has a model and you're wondering why your code does not work. Probably because you're not using the correct property name. Or at least, that is something I often have. Logging all properties or functions helps to figure out that issue.

This small snippet shows how to loop over all Repeater items in Qml and also over all Delegate items in Qml. There are sublte differences between the two. I'm using this to update visual all items in a control, before syncing state to a networked backend, and if the backend actions fails, I undo the visual state change. The network backend could be slow, by keeping state locally and syncing in the background, the user can continue working.

Recently I got a new Github Sponsor, a one-time donor. Often, these github profiles list a name, email address or some information to contact the person, even a last-resort ssh key with a comment, but this profile has nothing. They joined github 8 days ago, and I suspect it was just to do a donation to me. Because I have no other way of communicating, here is a public post to say thank you to [shotternail](http://web.archive.org/web/20220207192842/https://github.com/shotternail), whomever you are!

This guide shows you how to enable a red visual square around your `Mouseareas` and `MultiPointTouchArea` controls. It visualizes where you can click/touch and also shows any overlapping touch area's. It's helpful on full screen device interfaces like a coffee-machine or other HMI. The environment flag `QML_VISUAL_TOUCH_DEBUGGING` needs to be set, but this is not documented on the Qt Docs site, only on a cheat sheet from 2016 by ISC. If you google for the environment flag, the only pages you get are the Qt source code and that cheat sheet. I've found this flag to be very useful when debugging touch issues, like overlapping touch or when a touch area is too small to use. One of my co-workers found it when we had touch issues and since there is a lack of documentation, perfect for a small guide.

This guide shows you how to implement drag and drop in Qml including how to reorder the backing C++ (`QAbstractListModel` derived) data model. Most QML Drag and Drop examples you find online, including the Qt official example, use a `ListModel` in the same Qml file which has the data, but no example I found actually reordered a C++ model. This example has a simple `MVVM (model-view-viewmodel)` C++ structure and a QML file with a drag and drop grid. The dragable example items come from the C++ model, which is derived from `QAbstractListModel`.

For as long as I can remember I've got this dream of a passive income software project. At first I thought of it as a hosted service, probably something monitoring related, or high-available cloud hosting-ish. That's the kind of stuff a sysadmin dreams of.

Now that I'm a developer for a couple of years, exposed to a few different languages, design patterns and software architectures, that idea is still lingering around, but no longer focused on a hosted piece of software. The web is just too fast paced, bloated and way too much work compared to a piece of cross platform software.

In my spare time I've been chugging along on a piece of software, which I'm contemplating selling. In my case the commercial aspect is made more difficult because I also want to release the software with a GPL license.

This post describes the initial hurdles I'm encountering, next to just programming the software.

In my calendar there is a yearly recurring item named 'backup restore test'. This is an article on my backup scheme and the yearly restore test, covering all aspects, such as data validation, backup scheme, time and cost involved. I started doing personal restore tests each year around 2012, when I did them for my first job. At work back then, the restore test was monthly, for my own backups I decided that yearly was okay enough, since the backup scheme, software and provider do not change. I'm using Azure cold storage for my (locally encrypted) personal backups, since it's both cheap and supported by my local NAS. Have you done your backup restore test recently?

In this article I'll show you how to make a responsive layout in Qt / QML that automatically adjusts the amount of columns and rows based on the window dimensions, including scrollbars for when the content does not fit inside the window. This also works if you have a portrait and landscape orientation of your application, since the screen or window dimensions will be different across those two builds. I also explain how the dynamic resizing works with an explanation of property bindings in QML and as a bonus this works on mobile (Android/iOS) as well.

I recently discovered that Qt QML can render Markdown in `Text{}` controls. This snippet shows you how to do that including a screenshot and demo QML app.

In this article I'm going to discuss the different ways to expose a C++ class to QML. QML is a markup language (part of the QT framework) like HTML/CSS, with inline JavaScript that can interact with the C++ code of your (QT) application. There are multiple ways to expose a C++ class to QML, each with their own benefits and quirks. This guide will cover three integration methods, `qmlRegisterSingletonType<>`, `rootContext->setContextProperty()` and `qmlRegisterType<>`. We'll end off with a simple benchmark showing the difference in startup times between the first two.

A few months ago I wrote about [Microsoft Teams running on a coffee machine. That was a fun work experiment where I got a VNC client running on the Linux-based coffee machines that we produce at work. In the comments on hackernews Jean-Michaël Celerier pointed me to the reverse, a way to expose any Qt application over VNC. This article shows you how I use this feature to work on our Qt 5 based coffee machine frontend as well as how you can use this on your machine, for example, to expose Dolphin, the KDE file manager, over VNC.

Recently I've been using a debugging technique in QT/QML that I've decided to name `Rectangle{}` debugging, in the same vein as `printf()` debugging. QML is a markup language (part of the QT framework) like HTML/CSS, with inline Javascript that can interact with the C++ code of your (QT) application. QML has the concept of `anchors` for relative positioning of elements. Overall, `anchors` work quite well, but can get complex when inheretance and complicated layouts come into play. The `Rectangle{}` style of debugging places a semi-transparent rectangle with a border around your element so you can visualize the positioning and see what effect your changes have. This article shows an example where I recently applied this style of debugging at work in our coffee machine user interface, including some tips to do actual `printf()` style debugging (but with `Console.log`).

As you might know, I've got a weird keyboard. It is an Ergodox EZ, it's split up in two halves and for me it's the best thing ever to combat RSI. I've also got a weird mouse, a left handed vertical mouse, for the same reason. Even 15 minutes on a regular setup and my wrists and shoulders hurt. The next best thing is my standing desk and number three is having regular breaks with small exercises. One downside to the Ergodox is that you have less keys than on a regular keyboard. This is solved with layers, just like when holding SHIFT or CTRL, a key does something different. SHIFT is the layer for capital letters and symbols, with the Ergodox you can define your own layers. I however cannot get used to layers, not even after 7 years of using the Ergodox. Not a problem, I've got an extra keyboard in the middle, next to my mouse, with 8 or 9 keys just for my most often used shortcuts. It's called a macropad, one I've soldered myself and one I've bought on a well-known chinese webstore. One at work and one at home, both run QMK, firmware that allows me to program the macropad with my own shortcuts. Recently a video from Atomic Shrimp (awesome channel) showed off relegendable keycaps. Those are transparent keycaps with an insert for your own label. Before I had relegendable keycaps, I had regular keycaps for the macropad, for example, the `L` key sends `CTRL+ALT+L` to lock the desktop. Now, with these awesome keycaps, I have a dedicated `LOCK` key. This is such a big quality of life improvement, especially when using the CLion debugger shortcuts. This post covers my usage of the macropads, the re-legendable keycaps and shows you a few pictures of the macropads, both before and after.

This is a guide on installing and running NetBSD 9.2 for the DEC Alpha CPU architecture on AXPbox, the open source Alpha Emulator. I recently wrote an article on how to install NetBSD in QEMU for Alpha and since I'm involved with the AXPbox project this article was just a matter of time. This guide shows you how to compile AXPbox and install NetBSD 9.2. It also shows you how to install packages without networking available and includes `openssl` and `sysbench` benchmarks, which we compare to NetBSD running inside QEMU.

This is a guide on installing and running NetBSD 9.2 for the DEC Alpha CPU architecture in QEMU, including a GUI (X11 via VNC). It requires you to patch and compile QEMU yourself. It was never possible, until now, to run an actual operating system easily with QEMU Alpha, so this is amazing! It is very cool that Jason Thorpe is putting in so much effort on the QEMU side, as all but one patch is upstream already. Alpha emulation has always been a niche of a niche, so seeing this improve in QEMU is wonderful. OpenVMS does not boot yet since many more things are missing on the QEMU side, but who knows what the future might bring? Maybe even Windows NT for Alpha will boot on QEMU one day?

After I recently wrote about NetBSD on the DEC Alpha CPU in QEMU, I decided to play with NetBSD some more. One x86_64 virtual machine later, I'm starting to appreciate the beauty and simplicity. Great documentation, both online and via the manpages, low resource usage and boy oh boy does it feel fast. But, you're not here for my love letter, you want to have a remote desktop. In the earlier article, we set up VNC, both because it shows you how to install packages and because native X11 crashes. In this article, we are going to set up X11 forwarding via SSH, but with `Xnest` instead of VNC. `Xnest` allows you to have a full desktop / window manager inside a window. If you did a full install of NetBSD, then all you need is included on the system, no need to install any packages. This is an advantage if you are on an architecture that has no precompiled binary packages or if compiling from source takes too long.

KDE is my desktop environment of choice. KDE5 is rock-solid, configurable in any way possible and works great. It treats you like a responsible adult instead of a child like GNOME does these days, and after XFCE switched to GTK3, the RAM usage is on-par, more often than not a bare KDE install (Debian or Arch) uses around 300MB ram. This is with Baloo (search indexer) and Akonadi (PIM database backend) disabled. Great default behaviour, low resource usage and enourmous configurability, so why is this post then titled 'IceWM'? At home I'm using a small ARM device (Raspberry Pi 4 with an SSD) as my main computer, and there resources are limited. KDE runs fine, but you notice that it is a bit slower than on my work computer. IceWM on the other hand, uses less than 30 MB of RAM and even less CPU. The program that gives you a desktop background, icewmbg, uses double the RAM of IceWM itself! IceWM, next to Awesome, is one of my favorite window managers, very configurable and provides all I need. This PC doesn't have multiple screens, which would be a bit more of a hassle than with KDE. After switching, the machine feels a lot faster. It's the small details in which I notice it, like text input, a few seconds of lag here and there. This post shows my IceWM config including some options explained, my IceWM theme and a few tips and tricks to configure the rest of the desktop.

Firefox 89 recently came out with a 'new' user interface (named proton). I'm not a fan of change because UX/UI people need to make it seem like their job is relevant. Also, the picture they show under the headline '17 billion clicks...' only scares the crap out of me, tracking every move a user makes in their browser seems to me to be a bad idea, but hey, lets see how long Mozilla can continue their war against their own users. Since the `about:config` flag to disable proton will probably be gone in a few releases I thought, why not try to get used to this new interface. It's so enormous and wide, lacking contrast. As you might have guessed, I cannot get used to the tab bar, so in this post I'll show you how to use the `userChrome.css` file to make the new tab bar look a bit more like the old tab bar.

This is a guide to get started with the Nitrokey HSM (or SmartCard-HSM). It covers what a HSM is and what it can be used for. It also goes over software installation and initializing the device, including backups of the device and the keys. Finally we do some actual crypto operatons via pkcs11, OpenSSL, Apache and OpenSSH. We also cover usage in Thunderbird (S/MIME), Elementary Files (EF), a Web cluster with Apache and mod_nss and the decryption of the keys.

Recently I had to parse some command line output inside a C++ program. Executing a command and getting just the exit status is easy using `std::system`, but also getting output is a bit harder and OS specific. By using `popen`, a POSIX `C` function we can get both the exit status as well as the output of a given command. On Windows I'm using `_popen`, so the code should be cross platform, except for the exit status on Windows is alway 0, that concept does not exist there. This article starts off with a stack overflow example to get just the output of a command and builds on that to a safer version (null-byte handling) that returns both the exit status as well as the command output. It also involves a lot of detail on `fread` vs `fgets` and how to handle binary data.

This is a small tip I want to give you when using a `less` based pager, for example in `journalctl` or when viewing a file interactively with `less` or `more`. You can exclude certain lines that match one or multiple words (or a regex) with a few keystrokes, once `less` is open. This is one of those tips you never knew you needed, but when you know it, you'll use it frequently. Like in my case today when searching through some logfiles to find out why my database stopped working.

Otherwise titled `Figure out the differences between two apt repositories`. Recently I've had a few packages that I often use but were missing from Ubuntu 20.04 LTS. One is [ckermit](/s/blog/Ive_packaged_up_CKermit_as_a_snap_for_Ubuntu_20.04.html) and the other is [gnash](/s/blog/Ive_packaged_up_Gnash_as_a_Snap_for_modern_linux.html), both of which I 'converted' to a snap. (In air quotes because I just converted the 18.04 deb). This made me wonder if I could figure out a list of that are present in Ubuntu 18.04, but absent in Ubuntu 20.04. As `apt` and `dpkg` are standardized tools and and package formats, we can use a few shell tools to parse the package lists and compare them side by side. This post shows you how to do the comparison yourself and I discuss the removed packages a bit. Some are version increments (like `gcc-6` in Ubuntu 18.04 but `gcc-7`in Ubuntu 20.04), and some are packages that were combined into one instead of split up (like `ltsp` in Ubuntu 20.04 but a bunch of seperate `ltsp-$postfix` packages instead in Ubuntu 18.04). Many others are just replaced by newer versions (`python-ceph` vs `python3-ceph`). The list of differences is provided as a download, both ways.

Last year I packaged up [gnash as a snap](/s/blog/Ive_packaged_up_Gnash_as_a_Snap_for_modern_linux.html) because it was missing from the Ubuntu 20.04 apt repositories. Recently I found out that `ckermit` is also not in Ubuntu 20.04, as far as I can tell because it wasn't in the Debian repositories when the Ubuntu 20.04 initial sync happened. Which is very inconvenient for an LTS release. I often use `ckermit` to connect to our hardware via a script, to automatically boot from NFS (via u-boot). I could do that manually via `screen` or `minicom`, but I have a `kermit` script that does it for me, which is very convenient. Since the snapping of `gnash` was so easy, I decided to do it for `ckermit` as well, since I now know how to convert deb packages to snaps. I also have a few colleagues who also use those kermit scripts and are going to update to 20.04 in the (near) future. The snap packaging is based on work by Phil Roche, he wrote about re-packaging older debian packages with an Ubuntu 18.04/16.04 base layer as a snap. My `ckermit` package is confined (no `--classic` needed), the source code for the snap is on my github and on any snap-enabled distro you can now 'snap install ckermit-raymii' to enjoy CKermit.

I hate snaps just as much as the next guy but last week I did something unexpected. I packaged up Gnash as a snap. Gnash is a GNU flash media player, not updated since 2011, and thus removed from the Ubuntu 20.04 repositories. The snap packaging is based on work by phil roche, he wrote about re-packaging older debian packages with an Ubuntu 18.04/16.04 base layer as a snap. My gnash package is confined (no '--classic' needed), the source code for the snap is on my github and on any snap-enabled distro you can now 'snap install gnash-raymii' to enjoy Gnash again.

In a [recent article on clang-tidy](/s/snippets/Run_one_specific_clang-tidy_check_on_your_codebase.html) I referenced the fact that we're doing a huge refactoring regarding `char` pointers, lifetime, ownership and `std::strings`. Todays post is another one related to that change, where even though everything compiled correctly, it didn't `work`. For a compiled language, that is not something you expect. Next to unit tests, a compiler error is your number one sign that you've made a mistake somewhere. In this case however, the code all compiled fine. The issue here was an older part of the code not using `override` combined with automated refactoring in CLion missing some parts of the code during a change. So, the issue in this case is entirely our own fault, it was spotted in the manual testing, but I'd rather had it not happen at all. In this post I'll describe the problem including some example code that illustrates what happened. My key point is that even though the code compiles, you should always test it, preferably automated with unit and integrations tests, otherwise manually with a runbook.

To fill some time [during compiling](https://xkcd.com/303/) I tried to get a VNC client running on a coffee machine, specifically to show MS Teams. At work I develop software for these coffee machines in C++, which allows me to do such fun stuff, because from a software point of view, it's just an ARM PC running linux with a framebuffer for graphics. I compiled a few framebuffer VNC clients, fired up an SSH tunnel and used `x11vnc` to share one specific window and after a few attempts, Teams was up and running on my 'new' second monitor. This post contains my little adventure in framebuffer VNC clients, but it's not a comprehensive guide as most of my other articles. Showing you how to set up an Openembedded server with a VariScite specific toolchain is way too much work to cross-compile a simple C program, but since that's my day job, why not use it for fun. It contains some tips for `x11vnc` and shows you two different framebuffer VNC clients, `fbvnc` and `directvnc`.

Recently I did a major refactor on a piece of code that involved thousands of lines of code which were in one way or another related to string handling. All of the code handled `char*` (C style character pointer arrays) and the concept of `const` or ownership was literally unknown in that part of the codebase. The refactored code uses `std::string`'s, but due to the legacy nature, a large number of methods returned `nullptr`'s instead of empty strings. I understand why this was done, but finding all those instances and the fact it only gives a runtime error was a bit of a bummer. Luckily `clang-tidy` is here to save the day. In my IDE, CLion, it gives a warning when you return a `nullptr`. It however does that only in the file you're currently editing, and since we're talking millions of files, I wasn't going to open them by hand. You can run `clang-tidy` easily on one file, and it's not hard to run it on an entire codebase as well, using the script `run-clang-tidy.py`, provided in their packages. This snippet shows you how to run one specific `clang-tidy` check, in my case, `bugprone-string-constructor`, on a (cmake and C++) codebase.

In this article I'll show you three ways to print a textual representation of a boolean in C++. Normally a bool is printed as either a `0` or a `1` by `std::cout`, but more often than not, if you're printing a `bool`, it's better to see `true/false`. Imagine reading through lines and lines of boring, repeating log files, how easy is it to miss a `0` in a sea of `1`'s? I've been there many times, wishing for more verbose logs. I'll start with a simple `printf` with a ternary `if` e.g. `(a ? this : that)` and continue on to `std::boolalpha`. The latter one is more flexible and allows you to set different values to be printed, for localization, and can even be used to parse input streams. That means, the string `true false` results in two `booleans`, the first being, well, `true` and the latter, surprisingly, being `false`.

This two-line shell script allows you to record a region of your linux desktop to a video file, or a `.gif`, using `slop` and `ffmpeg`. I use it often when a screenshot is not enough, or when you need to explain a sequence of events to someone.

In QT you can use a few functions from the `qDebug.h` header like `qDebug()` and `qWarning()` to log information to the console. In QML you can use the likes of `console.log()`, `console.error()`. It's also very easy to implement your own logger (eg. `SyslogMessageHandler`) if you want something different, like logging to syslog and the console. In this post I'll show you how to disable both forms of logging in a release build, qml and qt have different ways to manage their output.

QT has an Observer mechanism built in, which they call '[Signals and Slots](https://web.archive.org/web/20210210180603/https://doc.qt.io/qt-5/signalsandslots.html)'. It allows objects to communicate with each other without having to have knowledge of either ones internals. By inheriting from `QObject` and defining a few `Q_PROPERTY` macro's, the QT Meta Object Compiler (`moc`) does all the hard work for you. Inside a C++ class this all works handy dandy and is reasonable easy to follow, but when using QML it requires a bit more work. This small example shows you how to bind QML and C++ together using signals and slots, in QT 5.12.

On my laptop I recently had trouble with out of memory issues when running `clion`, `firefox`, `thunderbird`, `teams` and a virtualbox VM. To combat this, I've setup cgroups to limit how much RAM specific applications can use and configured `earlyoom`, a very nifty tool that checks available memory and kills the process with the highest `oom_score` if available memory falls below 5%. Otherwise, my laptop would first grind to a halt (even without swap) and only after half an hour of seemingly being stuck would the OOM killer kick in. With `earlyoom` this hanging behavior is gone, although sometimes applications get killed when I don't expect it. I've given firefox, thunderbird and teams a cgroup with memory limit and clion and virtualbox use their own configuration to limit their RAM usage.This post details how to setup `cgroups` to limit memory of specific processes including automatically placing process inside a cgroup.