This is an ongoing project. This post was last updated 8 May 2023.
Designed to look like an F16 fighter jet, the first Honda/Acura NSX is often lauded as one of the worlds best sports cars. It’s Japanese precision made to beat Ferrari, perfected by Ayrton Senna himself.
Initially I came into contact with the car through this video with almost half a million views.
It fascinated me how this legendary sports car was now combined with a modern, clean and electric drivetrain. This car had no engine in it and at over 200.000 miles, it’s the perfect update.
The search
Determined to find out more, I found the cars Instagram page. When I saw this post of a web browser displaying the cars information, I knew I could make this look and feel like it came from the factory with this setup. I reached out to Jeff and we came to an understanding about his goals and my capabilities.
Challenges
With the car being in California, it meant there was 8766km of distance between us. There would be no hands-on time for me to tweak things. I had to find normal words to explain what I was doing and what I needed Jeff to try for me. We also adopted an iterative approach: every little feature and detail would be tried by Jeff. It would be used in the real world and evaluated, which meant I had to find efficient ways of rolling out updates which were quick yet consistent.
After some deliberation, we found Jeff wanted to include things from Honda’s heritage, like the S2000 digital gauge cluster. He also pointed me to some other EV’s. I identified Honda’s fonts, gained inspiration from Honda’s current offerings (2nd NSX, Civic Type R…) and came up with a basic concept.
Push comes to shove
The dash runs on a Raspberry Pi connected to a 7″ screen. The design consists of the top black bar, which is a permanent fixture displaying the current power output, drivemode and warning lights. The space below displays several “pages”, which the user can navigate through to display other information like raw data and errors pulled from the control hardware.
Cardano is a decentralized proof of stake (PoS) blockchain designed to be a more efficient alternative to proof of work (PoW) networks like Bitcoin. Cardano’s cryptocurrency is named Ada.
Cardano stakepools help to expand and secure the network while generating rewards/blocks. A pool consists of a nodes, which fulfill the roles of a block producer and relays. Every node must run on its own network at a different location.
Case profile
Client
Mextro Media
Expertises
Infrastructure sourcing, installation & maintenance Disaster prevention & recovery planning User training
Problems
Bad performance, no rewards Neglected infrastructure incapable of running node software Insecure management access
Solutions
Upgraded existing and deployed new infrastructure Switched from Ubuntu Server to FreeBSD Improved security with industry best practices
Downtime means missed blocks and thus less rewards. Uptime and security are key, with high availability failover impossible. Reliability and recoverability are also important as certain aspects of a block producer are not reproducible data. Nodes that underperform do not amortize the investment, meaning optimization is also necessary.
Leveraging FreeBSD
Originally the pool ran on Ubuntu Server 18 and 20. Version 18 is at end of support, so I decided to tackle the servers running that first. Looking at the upgrade path, I realized there was a lot of work involved getting the things I like to see in these kinds of applications. I also took Cardano’s decentralization mission to heart and decided to practice operating system decentralization: roll out an alternative OS. If there’s an attack for Linux, it probably won’t work on FreeBSD, and the other way around. Since the absolute vast majority runs pools on Linux, this is an inherent advantage, as it will be more likely that hackers develop attacks for Linux run pools.
Tried and true performance
BSD has been powering the world since the 1970’s, and FreeBSD since 1993. It has better network performance, rock solid reliability, less security issues and more security features in the base system. It’s also the first containerization platform. Finetuning the base system to suit your needs is also trivial.
Reduced deploy times and maintenance
Normally one has to compile the Cardano node software on every machine for every update, which takes many hours. This time required scales linearly with with every deployment. FreeBSD is the only OS with node software available natively, cutting maintenance hours by massive margins. It also runs it inside of a container by default, aiding security.
To help manage nodes I created the cnodectl tool, similar to apachectl. It was also contributed to the CardanoBSD project.
More speed and reliability, less cost
Through the native ZFS filesystem, I was able to guarantee data integrity for the nodes while also improving performance.
Software ZFS RAID is industry standard because it allows for losing physical disks without losing data, while also checking for data integrity and making snapshots.
The node database (~152GB), through native Zstandard compression, fits in only 80GB (1.9x ratio). This means that we can use a smaller and cheaper disk for longer before it fills up. It also improves performance as less physical data has to be read from or written to the disks.
Create a FreeBSD swapfile (tutorial)
Home > Blog > Create a FreeBSD swapfile (tutorial)
After having to deploy a new FreeBSD server, I found out there’s an overlooked trick needed to keep the swapfile mounted after reboots. So here’s a quick tutorial on how to use a swapfile in FreeBSD 10 and onwards!
The basics
Swap in operating systems basically means using disk space as extra RAM. It’s definitely not optimal if you use a lot of it but it’s wise to have some, as memory exhaustion is never nice and can lead to application downtime. The FreeBSD handbook comes in handy in a lot of situations. It states here that you should have twice the amount of swap as RAM, but I deploy with enough memory after doing research and experiments. I create less or equal the amount of RAM as swap. Measure twice, cut once!
Let’s go already…!
Okay, okay, easy. For the following examples you might replace doas with sudo, or gain root privileges depending on how you set your system up. Doas is more secure.
We start with creating an 8GB swapfile under /usr. Alter the count for your intended size, e.g. 1024 will give you 1GB, 2048 will give you 2GB, etc.
doas dd if=/dev/zero of=/usr/swap0 bs=1m count=8192
Afterwards we modify the permissions, this is very important!
doas chmod 0600 /usr/swap0
Then, we add this to the bottom of our fstab to mount it during startup.
md99 none swap sw,file=/usr/swap0,late 0 0
The late keyword is crucial here! It allows the system to mount it with a delay, otherwise the system finds it can’t mount it at boot and doesn’t do it.
You can now either reboot or run swapon -aq to enable it during runtime! You should now think and consider if you want to encrypt your swap or not.
I hope you’ve found this useful after pulling your hair out, because you didn’t read the handbook like me. BTW, this website is proudly hosted on FreeBSD!
This will be a bit of a read, but in 2020 I had a burnout which lasted until early 2022. I got interested in cryptocurrencies and the stock market as I didn’t have the energy to apply myself to real full-time work. After I got released from my contract in 2021 I started writing this crypto bot to help me understand what is going on behind the flashy charts.
Karura was a bot that could pull info from a crypto exchange, run calculations and then spit the results out on Telegram. It never progressed to the point where it could buy and sell on its own. But writing it was a trip! I learned about indicators and API’s and subtle intricacies of certain coins.
Like Majorak, Karura was written in PHP. The goal was to learn and to get back into the swing of things after not doing much for close to one-and-a-half years. I decided not to use a framework, as I figured that it wouldn’t be needed. In hindsight it was probably easier to go with one.
Pulling info from Kraken, my exchange at the time, turned out to be very difficult as they went down often. After realizing this I even implemented an automatic reconnect feature to help remedy this. It wasn’t enough and I switched to Binance, which never skipped a beat.
Likewise I also did not use PHP’s trader extension… Preferring instead to dig deep into the algorithms behind the indicators like RSI or support & resistance. This turned out to be a good decision as I learned a lot about optimizing and even multithreading (which was overkill and never made it in!) Other madness soon followed. I realized that looking at a screen is really boring and I’d like to take it on the go…
Deciding on Telegram, I had rough prototype code running and sending messages to my phone in intervals decided on by me.
And… What then?
It worked! Really well! It ran for over 4 months without pause. Eventually I learned to do what I had told the bot to do so it became obsolete. To this day I find the code to be written really well. I can take bits out and plop them in other projects and it still works flawlessly.
Recently I’ve began using screens with 5:4 aspect ratios on my workstation and gaming setup. Yes, they’re 14 years old. No, it’s not just because I had them laying around. Please trust me, I’m not going insane just yet.
Not just for cinephiles
Odd aspect ratios are a favorite among filmmakers, as it allows them to broaden or narrow their shots and visual scope of scenes. A square shot of someones face up close will come across as more claustrophobic. A film company famous for playing with aspect ratios is A24, known for movies like Midsommar, The VVitch or Hereditary. For designers, limiting space or content can also be freeing.
The reason I like them is because I hate wasted space. A desk can only be so big. So why plonk down another 16:9 monitor, when I could use a 16:10 and fit more code on my screen, or a 4:3 or 5:4 for text editing with just the right amount of information bombarding me. On the other hand, these issues may be fixed by using a tiled window manager or an ultrawide display.
Here you can see some examples of what I’m talking about. There’s very little wasted space. No empty columns and less distractions.
These square monitors are also cheap as bits to buy! As they’re often cast aside for the most popular aspect ratio (16:9) these odd ducklings can be had for cents on the dollar or euro. The nice ones with swiveling arms or modern video inputs can be a bit more expensive.
My workstation is as of now two 1080p screens, one of which is on an arm alongside a 1280×1024 screen. My gaming setup is as of now a 144Hz 1080p monitor on an arm and a 1280×1024 screen on the side.
Recently I found out about something called the 512kb Club. It’s a collection of websites whose entire size, when transmitted from server to browser, is less or equal to 512 kilobytes uncompressed. That is quite the prospect. Similarly, there is also a 1MB Club. Self-imposing this limit is far from ascetic however, as I will reveal below.
According to the clubs website the website for the New York Times has grown to over 15 megabytes! But how bad could this be, if it is even bad at all?
Some research is needed
I took it upon myself to find what could be the biggest website in the world. Some oddballs that I found were the self-proclaimed tallest website and one that grows with every visitor. The largest I found was Gfycat (~32MB) which is not odd, considering their content is exclusively animated images. Another bad offender was blizzard.com (~17MB.) My website floats around 2-2.5MB depending on what page, which is about on par with the average.
The consequences of this is that websites take longer to load in those parts of the world where internet connections aren’t that fast. It’s also bad for the environment as this data has to be transmitted (more info on this) from often idle (and thus power wasting) servers.
To coin a suitable term: a web footprint.
Not an exercise in minimalism
Anyone can piece together a page with little to no style or images. But that is not the point of the 512kb Club. Minimalism and frugality might be a solution but boring and unusable websites definitely aren’t.
Let’s go back to the days where the IBM PC had 640kb of RAM. Did this limit detract from the usability of the system? No. But inspiring graphics it definitely did not have out of the box, they were achieved through optimization and clever tricks. The hard limit bred innovation.
A 512kb limit does not constrain design as much as one might think. Layouts do not affect transfer size much or at all. FontAwesome also supports stacking icons out of the box, adding another dimension to iconography without adding much size.
WebM, WebP and SVG’s can fill this perceived gap. Cleverer usage of HTML and CSS also helps as using classes and inline styles everywhere adds unnecessary size. Likewise with unnecessary wrapping elements. Unused parts of libraries might be removed through cherry picking functions, SASS or tools like UnCSS. Minifying JavaScript and CSS is now an industry standard, but I still talk to developers that don’t do it with HTML when working statically.
Devils advocate
To provide some counter arguments, perhaps all this is not even needed as long as our SEO and conversion are fine. As technology progresses we don’t have to punish ourselves with endless diets for our software stacks. Bloat is never nice but eliminating the excesses we concern ourselves with here might not even amortise in speed, security and eco-friendliness.
Economically speaking, throwing money against a relatively small problem like a few megabytes isn’t worth it when we can make technology ease the symptoms for us through compression and caching for far less costs.
Core takeaways
The goal of this is obviously to call attention to the fact that all this bloat is just not needed. We can do better. It has certainly piqued my interest and I hope you in return may also get inspired to slim down your web footprint while maintaining your web presence, perhaps by hiring me 🙂
Too cheeky?
Seriously though, the 512kb Club is an admirable effort to call attention to an omnipresent problem. Software bloat persists throughout the computing world and as the web is the future, it is the place to start the diet.
FreeBSD, the perfect server (for me)
Home > Blog > FreeBSD, the perfect server (for me)
A project is usually only as good as its technical underpinnings, much like a house of cards. Here’s some, not most, of the reasons why I prefer FreeBSD over Linux for my servers.
Ridiculous ease of use/documentation
In my opinion, documentation is always the key to success. Not many sane people can read man pages or the Arch wiki. FreeBSD’s documentation project alone is a major reason to use the operating system. Everything that’s possible is outlined so clearly I use it as an entrypoint for most Linux questions I have when Google does not supply a quick answer.
Security and reliability
While many people like to flaunt that FreeBSD has less CVE’s than Linux, I have to admit that fact is probably due to the fact that it’s not as widely used. Perhaps a form of security through obscurity. Listing who uses it (Apple, Netflix, Sony, Nintendo, Yahoo!, Yandex) does not prove its perceived superiority either, just that it is trusted and perhaps useful.
The reason why these companies use FreeBSD is because it just works. It really does. Security and reliability is achieved through engineered-in excellence in those aspects. One does not inspect quality into a product, it is built in, designed in even. FreeBSD is derived from the BSD of the 70’s and 80’s, meaning it has run real workloads for well over four decades. It has weathered some serious storms, lawsuits and competition, and the fact it not only exists but thrives alongside other Unices and Unix-likes means it has its place. When you see an old item that’s still usable and in use that means the initial concept was good enough. When you see that same item still in production today… It really does speak for itself.
Security also leads into my next point.
Underappreciated diversity
If you want the tightest security, go for OpenBSD. Need performance in some more niche usecases, go for DragonFly BSD. Must it run on literally any heap of sand capable of thought, go for NetBSD. Want an it-just-works desktop? There’s choices for you too, GhostBSD, NomadBSD and more are capable of giving an excellent experience.
My point is that there is true diversity. Fedora and Ubuntu will probably garner similar experiences on the desktop, Ubuntu Server and RHEL are both still enterprise Linux servers that to me seemingly only differ in some methodology of management. The BSD universe has succinct varying qualities with practical end uses.
The BSD license
Perhaps the biggest difference to Linux is the license FreeBSD is distributed under. It boils down to the following.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
Think that is the boiled down version? It’s the entire license. You can read it here.
It’s much more permissive than most licenses, this has a couple of effects that I will not discuss here but this makes it an excellent choice to build a project that you do not want to release the source code to (like Sony and Nintendo), although it is better to do so (like iX Systems.) This is code that is truly out there to be used for the betterment of mankind.
The filesystems
It’s clear and simple: ZFS, despite its few drawbacks, rules. Proven robust for almost 20 years. More than a filesystem, without going into too much detail, it also manages disks, compression and redundancy and much more. Btrfs, Refs and VxFS are not nearly as good all rounders, while ZFS beats them nearly outright in every area. Hardware RAID is obsolete.
ZFS is a first class citizen on FreeBSD, and fact of the matter is that it’s not that on Linux.
UFS is the default and is battletested since the 80’s. NTFS, ext4, FAT and more are of course also available.
FreeBSD and Linux as projects
Linux is just the kernel, governed by one man: Linus Torvalds (humorously called Benevolent Dictator for Life.) In my opinion this is actually a good thing for it, Linux’ main “superpower” is the fact it can shift any which way it pleases. It’s why it’s a jack of all trades. If there is demand, it will provide.
FreeBSD is a democratically governed project that spans the entire operating system. Its features scale from the users programs all the way up into the kernel. It prefers technical excellence over quick development or popularity.
A human readable firewall?
I love things that do things well. PF (Packet Filter) is an example of that.
A firewall is a collection of rules that coordinate actions imposed upon network traffic.
Because PF is a filter, it can do the things a firewall does AND more. Like redirecting traffic between containers, configuring specific rules for each ethernet adapter and more. And it’s readable too.
ext_if="vtnet0"
set block-policy return
scrub in on $ext_if all fragment reassemble
set skip on lo
table <jails> persist
nat on $ext_if from <jails> to any -> ($ext_if:0)
rdr-anchor "rdr/*"
block in all
pass out quick keep state
antispoof for $ext_if inet
pass in inet proto tcp from any to any port ssh flags S/SA keep state
This is the base configuration needed for Bastille to work. If you can’t read what this says, I don’t think you should be working with firewalls.
Linux compatibility/Linuxulator
That’s right, you can run almost all Linux programs on FreeBSD, sometimes even faster. The original Matrix movie special effects were created on Linux, but rendered on FreeBSD because it ran the Linux software faster.
Jails/Bastille and Docker
Jails are nowadays often described as the original containerization platform. In reality this is a new development as Docker has taken the software world by storm to the point where people will look at you like you’re insane if you don’t use it. A jail is essentially the FreeBSD term for container before the word container was known as a container. More accurately a jail is a collection of namespace changes.
The first and foremost purpose of a container is exactly that, to contain. It’s a safety measure, often appearing to an intruder as the real system whereas they’re actually only digging in a small part. It also separates applications, meaning a rogue program won’t take down the whole system provided the container was well configured. And jails are very easily configured to limit system resources, access to raw sockets and more.
In the real world they are used to very easily deploy/provision fragile applications even though tools like Ansible exist exactly for that task. The benefit of Bastille in this that it does everything well. Out of the box it provides a sane base thin jail, thin meaning it shares the operating systems userspace programs. You can even replace it with a Linux userspace with the drop of a command, to run Linux apps. Even the programs in its filesystem can be “shared” through ZFS deduplication. You can package up entire older insecure FreeBSD systems into jails and protect them from the outside world.
The best thing about Bastille is the templates. There are a lot of templates for webservers, home automation, databases, etc. In other words, you can stack them on top of each other to create these software bundles. In Docker templating is still considered experimental.
Jails are a seemingly endlessly flexible tool.
In conclusion
Because FreeBSD stacks its features from top to bottom, it means it is not an edgecase to combine features in any which way. It is performant, stable, secure and extremely well documented. A mature developmental organization coupled with a track record of quality makes it a competent or even superior alternative to Linux. It might even “feel” nicer to use FreeBSD because of its logical administration.
Rocky Linux is a free and open source operating system meant to be bug-for-bug compatible with Red Hat Enterprise Linux®. It is under intensive development by the community. It’s a brilliant project and I decided to give something back.
In this issue, which was open for about 4 months, a suggestion for a dark mode for the website was made. Consequently, I decided to pick it up to research Gatsby and Tailwind CSS and put it into practice at the same time. It was done on April 27th and with minor changes was merged on May 5th 2022. You can see the small changes made by comparing it from here and the Rocky site.
In addition, I noticed was that at the time there were no Dutch translations. I took it upon myself to contribute nearly all of them, with some other people chiming in afterwards.
What I learned
Tailwind works really well and has more features than Bootstrap.
Gatsby (a JavaScript based front-end framework) is also awesome and very easy to develop with, some lessons I even put into Majorak.
Why is this project important?
Before Rocky Linux existed there was an operating system called CentOS (Community ENTerprise Operating System), a free enterprise OS built from the same source code as RHEL. It exists downstream of the paid license RHEL. In other words, the code it incorporates has already been tested thoroughly and run in production environments.
CentOS was more reliable and stable than the real product, costing nothing with commercial support generally less expensive. Most importantly, hundreds of thousands of projects, people and companies relied on it.
What went wrong?
After Red Hat took over CentOS in January 2014. After that, they decided to kill the project in late 2020. They replaced it with CentOS Stream. Therefore, countless users of CentOS who had recently upgraded to the latest version, expecting updates for years to come now had no new security updates coming…
The alternatives
Cough up the RHEL license costs.
Switch to the less stable CentOS Stream.
Gregory Kurtzner, the original founder of CentOS, decided to step up and create Rocky Linux to fill the void. Rocky not the only alternative, similarly Alma Linux exists, but Rocky Linux above all is the purest and the most neutral one.
Majorak is a custom built templating PHP framework built on ADR principles. This will be a quite technical read so it is perhaps better to know what MVC is. It’s also noteworthy that as of 19/10/2022, this software is not production ready or feature complete.
Regular frameworks, like Symfony or Laravel, are built on MVC principles: Model, View and Controller. Those three are originally meant for GUI applications like the browser you are using to read this, where Model, View and Controller may interact with each other, passing on information. It doesn’t really fit neatly into the space of a web application.
In short, ADR consists of Action, Domain and Responder. The Action is the entry point, and does nothing other than pass on the information it receives to the Domain. The Domain may manipulate that information, interact with a database, or invoke other Actions to receive more information. Then, it passes an object, the DomainPayload, on to the Responder. That in turn will render the app.
It follows the World Wide Webs request ➝ response in a much neater way. This makes building these web applications much simpler and effective although creating traditional GUI programs is probably ill-advised with it.
Current status
Majorak is currently fully working in terms of ADR. However, running a real modern website or web app is still impossible.
One of the benefits of being a freelance webdeveloper is that I am endlessly more flexible in the technologies I choose for specific projects. Majorak has become a bit of a pet project, as I would eventually like to really put it to work for API’s, web apps or even convert my own website. If you are interested in helping develop it, you can have a gander on GitHub. If you wish to know more about ADR, you can look here.
