JRRZZ Blog

Crap, just blew up my father’s expensive Bosch drill. I had only 3 holes left, and made 21 already. And then my new chair broke. #FML

@tweedledumweb Nooooooooo!

Testing the #WordPress Twitter integration. If you can read this, it works!

During the coming elections in the Netherlands, the Pirate Party will participate as a true political party for the very first time. These are exciting times for the Netherlands. We’ve got a grave right-wing extremist threat, a financial crisis and increasing social unrest. These elections will be key for the direction Dutch politics will take during the next decade. Will it be the continuation of the (failing) Christian conservative policies, or will the people choose a different route? And if so, will it be left or right wing oriented?

This may come as a surprise from a long-time FSFE, EFF and FFII supporter. I really don’t think the Pirate Party is a good idea. As a matter of fact, I think it’s a very bad idea to be honest. There are a few things wrong with it, which I’ll try to explain one by one.

It’s a one-issue party. I absolutely detest one-issue parties. They contaminate the democracy by ignoring important issues that just have to be dealt with by the government. The worst thing you can do with a problem is ignoring it. Voting for a one-issue party makes sure your vote only counts for that single issue. For all of the other issues, some of which even more important than your favorite subject of debate, your vote contributes to the group of representatives abstaining. In other words, your vote keeps a larger part of the people’s representation in government from doing it’s job. You can’t just assume all of the other governmental problems will be dealt with in a proper way. It’s your duty as a citizen to make sure your vote actually represents you. If you don’t care about anything, don’t vote. One-issue parties are, in my opinion, even worse than not voting at all. It’s okay to kick the status quo every now and then, but utterly destroying a perfectly functional system is one step too far.

So let’s see what the Pirate Party thinks about health care. Nothing. Or what about education? Not much. The economic crisis? The Pirate Party couldn’t care less. This is the proper way to look at the party. Just imagine a government run by the Pirate Party. It would be absolute chaos. Nobody would care a hoot about you. Just the safety of your personal information. Nobody would care about job security, just the intellectual property it generates. Infrastructure? Yes, some fiber optic cabling maybe. But they can’t be bothered with roads or plumbing. The entire government would cease to function, cease to exist. This is not how democracy was intended.

All bashing and gnashing of teeth aside, I do agree with every single point the Pirate Party stands for. I completely support their efforts. I’m quite the proponent of privacy and open innovation. Ask my boss. I just don’t think a political party is the proper way to complete their goals.

So how should they, you might ask? I’d suggest joining a political party closest to your ideals and trying to use it’s internal democratic structure to promote your agenda. I think, hell, I know, many of the people within the Dutch Socialist Party will agree with most, if not all of the points^{[citation (dutch)]}. I’m not trying to lead a half-assed slander campaign against the Pirate Party in favor of my own political background. Quite the contrary. I’m trying to save the democracy the Pirate Party upholds as one of it’s core ideals. And, maybe more importantly, we need their help! All of the “main stream” political parties have less and less interest in upholding citizen’s rights. And I have to admit, even my own. Raising public awareness will make privacy, open innovation and strengthened citizen’s rights part of the political agenda again. As it should be.

So in short, I think there’s a lot an organization like the Pirate Party can achieve. They’re just using the wrong tool for the job. I wish them the best of luck.

Aaaaaaah! I’m meeeelting! Slashdot has been slashdotted!

So I received my degree. Whoop-the-fucking-doo. Now I’m fully qualified to do something, although nobody seems to know for sure what exactly. The only thing I have to do now is to actually go and collect the physical representation of this achievement. There’s a ceremony planned in a few weeks, and I guess people expect me to be there. I’ve paid for it, so I might just as well go.

People who have read this blog before (yes, all three of you!) might know where I’m going with this post. I’ll try to keep this as neutral as possible, and I’ll try to refrain from any biased negative comments towards the educational system. I initially wanted to list all of the useful things I’ve learned during my time, but that would make this post awfully short. I’ll just make this some kind of chronological report of all of the things I remember of the past four and a half years.

Back in the day I knew exactly what I wanted to do. I wanted to combine computer science with a bit of engineering and electronics. Luckily for me, the Dutch educational system offered a four year course teaching exactly that. Although, in hindsight they didn’t, but that’s beside the point. I visited the school a few times to make sure my cash ended up somewhere worth while. A few teachers seemed to be quite competent, so I decided to enroll.

The first two years were a breeze. Most of the stuff was actually quite easy. None of it was interesting, compelling or even slightly useful. There might have been a few exceptions to this rule. I remember learning C++. It’s an odd choice for a programming language. You have to keep in mind most people attending these classes haven’t written a single line of code in their entire life. Throwing C++ at them won’t make much of a difference. So all of the people who didn’t already know how to code automatically left. After the first two years, more than half of the students had left. Which was a shame, because some of them were quite smart and clearly possessed the required talent. But the educational system didn’t motivate these people at all, so they dropped out. Anyway, back to C++. It’s a great language, once you get the hang of it. It has a huge learning curve, which makes it absolutely useless as an educational language. If your goal is to teach people some programming basics, grab a language that’s accessible to novice programmers. In that respect, almost any language would be better than C++. I’d suggest Lua, Ruby or Python. Pascal used to be a good choice, although the world has passed that era a few eras ago. It got even worse by the way. Students initially started out using Borland C++, creating nifty win32 GUI point-and-click applications. That’s no way to learn a language. Only afterwards people learned an application didn’t necessarily come with a GUI. After C++, and if you were able to write C++ on paper during a test, you could go on to the advanced course. C. Yes, you’ve read that correctly. C. It’s like learning how to construct a roof before you’ve learned how the foundation works. Instead of teaching that C++ offers methods to easily work with strings, you learned that C lacks those and works with character arrays. Throw some pointer magic in there while most people didn’t even grasp the difference between for- and while-loops, and you end up with total chaos. The very basics of software engineering, e.g. writing software, were neglected to a degree of absolute shamefulness. If I didn’t have years of experience writing software, I think I also would’ve dropped out.

Next to writing software, we also learned useful things like teamwork. Teamwork usually translates in one of two things. Or you work your ass off to get the project finished in time, or you just make it seem you do all the work, while you’re actually just relying on your teammates to finish the job for you. The second kind of people tend to be more successful, since they actually have the time to study for all of those other things the educational system tries to shove down the student’s throats. During the first two years this system has made some of the best people leave out of pure frustration. I didn’t, but I did have trouble finding the motivation to be the one doing all the work all the time.

The rest of the curriculum during the first two years wasn’t that interesting. Most courses needed a whole semester to teach something that can be taught equally well by reading some relevant Wikipedia articles for an hour or so. That’s what I ended up doing, too. It’s amazing how much nonsense some of these courses try to teach, ranging from extremely dated theories to outright lies. Too bad the educational system doesn’t approve of people pointing out the absurdities during tests. To pass the test, you’re expected to copy over the same things you’ve been taught in class. You’re not, I repeat, not allowed to think for yourself. On the other hand, some things were quite lacking. I’ve already covered programming basics, but things like maths and logic were completely non-existent during the entire four and a half years. How do people expect students to create decent solutions if they’re not even told how some of the most basic principles in engineering work?

The other two years were interesting in their own right. Now the students (the ones who were left) grasped the basics, or that’s what they were being told anyway, the fun stuff could begin. It turned out to be quite a challenge. During these two years two semesters were dedicated to internships, and the other two to “regular” education. The educational semesters seem to have been designed to test the student’s ability to cope with vast amounts of stress. First off, they managed to cram 100 hours worth of work in a single week, for five months straight. During these semesters students had to follow all kinds of weird courses, some of which even had dependency problems by scheduling a course parallel to it’s predecessor. Next to these courses a project was organized, which in itself cost more than 40 hours a week. Again, it was mostly one or two people doing all the work, while others were idly slacking along. The worst thing is, these projects were actually fun. I especially invested lots of time into these projects to make the best out of the end result. Playing around with Embedded Linux, networking and electronics is way too much fun to sacrifice for a few of these lame courses. I ended up doing another semester worth of overtime because of this decision. All of that while the slackers graduated before me. I still don’t understand why there are companies actually hiring these people. These people end up automating banks, public transport and other sensitive areas. It’s a horrifying idea. Anyway, the two projects I’ve done have been quite successful. I’ve learned most of what I know today about X11 and Embedded Linux during these two semester projects. I’m actually putting that knowledge to good use right now. The sad thing is though, there’s not a single teacher who understands what I’ve built. They ended up hiring post-graduates to teach the students about the technology we’ve been playing around with. Luckily these guys know what they’re talking about, and I admire them for their effort. I sure as hell couldn’t function as a teacher within that educational system, let alone actually bring my message across.

During the same two projects, the educational system had to introduce something which most engineers hate the most. Paperwork and bureaucracy. And lots of it. Every feature needed it’s own set of documents, seals of approval and meetings. Writing these documents took way more time than actually developing the damn thing in the first place. For every line of code there were 60 lines of documentation. I’m not even counting comments here, it’s 60 lines of bullshit for every line of actual code. I’ve still got the source tree of those projects, and it’s awful. We ended up with almost 300 pages of text, and a product lacking features. All of those features had been documented though, and that has to count for something, right? Right?

The other two semesters were internships. No courses, just a full-time project to invest your time in. Most of the students called these internships vacation, because of the sheer contrast of a normal 40 hour week to the 100 hour week we were used to. Of course we had to write a report, but that’s it. We were expected to show up after 100 work days with a report, a presentation and a happy employer. Some of us even managed to get a contract out of these internships. I already had a contract at my first internship, so that doesn’t really count. I’ve had a wonderful time hacking on Linux-HA, OpenBSD, VLC, X11 and way more cool stuff. If I replaced all of the educational mumbo-jumbo with internships, I could’ve been a full time kernel developer at one of the big sponsors or something. I could’ve learned so much more in those four and a half years.

So, while everybody went to work at their new employers after graduation, I had to endure another semester worth of education. I had a few courses left, all of them having something to do with drawing pictures and schematics instead of actually writing the damn software. Coincidence? I think not. Luckily I was given the chance to participate in a new Embedded Linux project for a group a companies, headed by my university. This way I didn’t have to do all of the courses again, but only a small subset of them. I don’t know how I did it, but I have pulled through. The Embedded Linux project is starting to look quite promising, and all of the courses have been dealt with. I’ve got a final meeting with the project members tomorrow. After that, I’m a free man. I’m actually quoting one of my teachers here.

So, looking back on these years. What have I learned? Most of the things I’ve learned, I’ve taught myself. I don’t believe having all of those teachers around has made that much of a difference. I’ve only met a few teachers who were actually interesting, and managed to teach me new things I’m able to use in my job as a software and network engineer. Don’t get me wrong, most of them are great people, but they just can’t keep up with what has happened in the last, say, 20 years. The educational system hasn’t entirely wasted my time, but it’s gotten damn close. I think I could’ve achieved way more in less time under a much lower budget. There’s something wrong with this system, and it should be fixed.

It may be old, but it’s still valid.

user@box:~/kitchen$ make
Make what?
user@box:~/kitchen$ make sandwich
What? Make it yourself.
user@box:~/kitchen$ sudo make sandwich
Okay.

So, after using NGINX as my primary web server for over six months, I’m quite happy with it. The sites I’ve migrated have all been running without real practical problems what so ever. During my usage of NGINX, one of the most useful aspects is it’s use of assignable variables in the configuration files. Where I needed to write the same twenty-something lines of configuration for every similar virtual host using Apache, NGINX allows me to replace all that with a single write-once works-for-all virtual host. Trac is one of the things for which this will come in handy. I’m hosting a dozen of Trac sites, all requiring their own Apache Location directive. I’ve replaced all of that with a few lines of NGINX config and a single init-script. I’m going to show you how.

Before we start, I have to tell you I’ve only tested this using Trac 0.11.6 and NGINX 0.7.64 on Debian GNU/Linux. It’ll probably work everywhere, except on Windows. Trac’s FastCGI simply won’t run.

Just like NGINX hasn’t got mod_php, mod_python is equally absent. Which is a good thing^tm. Trac supports running every site in FastCGI mode since 0.9, making it entirely NGINX-compatible. There’s even a config sample on the wiki, which we are not going to use.

After creating your Trac environment using trac-admin, you’ll have to deploy the site first. Since I’m using Debian, it’s going to end up somewhere under /var/www/. I’ve also put my Trac sites in /var/trac/, just to make things a little more complicated. Put your files wherever you fancy, I’ll keep using these paths. Say, we’re about to host helloworld’s project trac page.

trac-admin /var/trac/helloworld initenv
mkdir -p /var/www/trac && chown www-data:www-data /var/www/trac
trac-admin /var/trac/helloworld deploy /var/www/trac/helloworld
chown -R www-data:www-data /var/www/trac/helloworld /var/trac/helloworld

Replace www-data with whatever user your NGINX is using. This will initialize your Trac environment and deploy the site-specific static files to the webroot. This will also provide you with the FastCGI server, which in turn can be started using Lighty’s spawn-fcgi. As always, I’ll supply the init script you can use to automate this. This time though, I’ve simplified things a bit. Since all of the Trac FastCGI processes are the same anyway, we can use symlinks and the init script’s basename to unify our configuration. The only thing you have to do to start the site’s FastCGI daemon during the system boot is to copy the fcgi-trac-base script to /etc/init.d/, and the following.

ln -s /etc/init.d/fcgi-trac-base /etc/init.d/fcgi-trac-helloworld
update-rc.d fcgi-trac-helloworld defaults
/etc/init.d/fcgi-trac-helloworld start

Now we’ve got Trac itself running, it’s time to get NGINX to actually serve the site. I’ve chosen, because of SSL limitations, to host Trac sites under https://www.domain.tld/trac/project instead of a sub domain. I think the config’s easy enough to change this behavior. The first thing we want to do is to make sure static content, like CSS and images, is served directly by NGINX instead of tunneled through FastCGI. All the following configuration goes, in order, into your domain’s server { } block.

location ~ ^/trac/([0-9a-zA-Z\-_]*)/chrome(.*)$ {
    alias /var/www/trac/$1/htdocs$2;
}

All of the static content will now be caught before Trac’s even touched. This increases the speed of serving this content drastically. Next up, calling Trac itself. It becomes a little tricky from here, since we’re juggling with regular expressions and variables. Once you’ve set them up correctly though, you shouldn’t have to edit a single line anymore when adding extra Trac sites. First, we want to store which Trac site we’re accessing. In this case, we want the helloworld part from our Trac URI.

if ($uri ~ ^/trac/([0-9a-zA-Z\-_]*).*$) {
    set $trac_host $1;
}

We’ll make good use of this variable. The next step is to call the right Trac FastCGI server. Because we’ve used a self-configuring init script, we can safely assume the location of the listening UNIX socket. We can even use this variable to point to the right authentication file, if you wish to secure your Trac sites. The right way to create this authentication file is using Apache’s htpasswd.

mkdir /etc/nginx/trac
htpasswd /etc/nginx/trac/trac.helloworld.passwd johndoe
chmod 400 /etc/nginx/trac/trac.helloworld.passwd
chown www-data /etc/nginx/trac/trac.helloworld.passwd

I’ll explain the following block in parts, because there are quite some gotcha’s hidden between the lines.

location ~ ^/trac {
    auth_basic            "Trac";
    auth_basic_user_file  /etc/nginx/trac/trac.$trac_host.passwd;

I’ve used a regular expression match in the location instead of a regular location definer because otherwise the PHP interpreter out of my previous NGINX post would try to parse anything that ends with .php, including PHP files in Trac’s browse source functionality. It would fail of course, but Trac will also fail to produce the pretty syntax highlighted source code. You do have to make sure Trac’s configuration comes before PHP’s.

    fastcgi_split_path_info ^(/trac/[0-9a-zA-Z\-_]*[/]*)(.*)$;

It took me a while, and some help, to figure this out. To get the right PATH_INFO FastCGI variable, you can’t just use the regular expression in the previous if-statement. It will work, except for URIs with urlencoded characters in them, like spaces. NGINX keeps these %something characters, while FastCGI’s PATH_INFO expects these strings to be supplied decoded. The special function fastcgi_split_path_info corrects this error, and will supply you with a correct value stored in the $fastcgi_path_info variable. You’ll have to be using NGINX 0.7.31 or later to get this to work.

    fastcgi_pass   unix:/var/run/trac-fastcgi-$trac_host.sock;

Now we can pass everything to our eagerly waiting UNIX socket, which has been set up by the fcgi-trac-base init script. As you can see, it’s important the project name throughout the config matches exactly. Otherwise, some components might fail to find the right locations.

    fastcgi_param  HTTPS            on;
    fastcgi_param  QUERY_STRING     $query_string;
    fastcgi_param  CONTENT_TYPE     $content_type;
    fastcgi_param  CONTENT_LENGTH   $content_length;
    fastcgi_param  SCRIPT_NAME      /trac/$trac_host;
    fastcgi_param  PATH_INFO        /$fastcgi_path_info;
    fastcgi_param  AUTH_USER        $remote_user;
    fastcgi_param  REMOTE_USER      $remote_user;
    fastcgi_param  REQUEST_METHOD   $request_method;
    fastcgi_param  SERVER_NAME      $server_name;
    fastcgi_param  SERVER_PORT      $server_port;
    fastcgi_param  SERVER_PROTOCOL  $server_protocol;
}

Finally, we can add the right variables to get FastCGI the information needed to serve the Trac pages. Remove the HTTPS variable if you don’t use HTTPS for your Trac sites. Also, remove the *_USER variables if you don’t use NGINX’s HTTP authentication for Trac.

Now you can easily add new Trac sites by following the next steps.

trac-admin /var/trac/$PROJECT initenv
trac-admin /var/trac/$PROJECT deploy /var/www/trac/$PROJECT
chown -R www-data:www-data /var/trac/$PROJECT /var/www/trac/$PROJECT
htpasswd /etc/nginx/trac/trac.$PROJECT.passwd $USER
chmod 400 /etc/nginx/trac/trac.$PROJECT.passwd
chown www-data /etc/nginx/trac/trac.$PROJECT.passwd
ln -s /etc/init.d/fcgi-trac-base /etc/init.d/fcgi-trac-$PROJECT
update-rc.d fcgi-trac-$PROJECT defaults
/etc/init.d/fcgi-trac-$PROJECT start

I’ve combined all of the config into a single file you can place in your NGINX config directory, which you can include inside any server {} block.

Here in the Netherlands, we’ve got a tradition called Sinterklaas. It’s about an old, single bearded man with a love for children dressed in red coming down the chimney with presents around December. But unlike Santaclaus, he’s got black people instead of reindeer. Who said the Dutch abolished slavery and apartheid? The Americans pretty much stole the whole thing, and made it Geneva-compatible, but that’s neither here nor there.

Sinterklaas comes from Spain in our traditions, on a big ocean steamer. This year though, he’s delivered his presents through email. And the email didn’t even come from Spain, it was sent by our Swedish friends. So I guess it wasn’t Sinterklaas this time. Unless these guys are Sinterklaas, that is.

Because Opeth has been going strong since way before I knew about them, that’s like 20 years of Opeth, they’re celebrating with a series of concerts. They kind of forgot to schedule a concert in the Netherlands, so we’ll have to come to them. To Germany. Not that I dislike our eastern neighbors, but you know, there has always been a bit of a friendly competition between the two of us. Let’s just don’t mention the war, now shall we?

Anyways, to make this extra special, the concert’s being held at the Lichtburg in Essen. As you can see, it’s not that much of a moshpit-esque venue. They’ll be playing the entire Blackwater Park album though, so they do deserve a venue with a certain style to play in. Not that the Lichtburg has that particular style, but at least it’s a proper recognition of the sheer musical quality these people have been producing for the last two decades.

Aaand, to make this whole deal even more awesome, me and my brother have got VIP-access. Another meet ‘n greet, wooh. It’s getting a bit tedious now, isn’t it? So I guess my brother can get his guitar signed again and I’ll be fumbling around, looking for the right words in front of gods again.

Okay, I’m getting just about sick of all of these half-assed solutions out there. I’ve done some research and I’ve made a script that usually works. It converts a H.264/AC3 MKV file to H.264/AAC. I’ve also downsized the AC3 to 192Kbit/s AAC stereo, because almost nobody has proper 5.1.

The script does make some assumptions, but it’ll work for almost 99% of the content out there. You can download it here or copy-paste from this piece of code. Oh, you’ll need some tools as well. Those would be mkvtoolnix, gpac and ffmpeg on Debian. Can’t find the packages you need? Debian-Multimedia might help.

#!/bin/bash

if [ -z "$1" -o -z "$2" ]; then
  echo "Usage: $0 movie.mkv movie.mp4"
  exit
fi

FPS=`mkvinfo "$1" |grep -m 1 fps | awk ' { print $6 }' | sed 's/(//'`

echo "Detected $FPS fps first stream"

mkvextract tracks "$1" 1:/tmp/mkv2ps3.264 2:/tmp/mkv2ps3.ac3
ffmpeg -i /tmp/mkv2ps3.ac3 -ab 192k -ac 2 -acodec libfaac /tmp/mkv2ps3.aac
MP4Box -new "$2" -add /tmp/mkv2ps3.264 -add /tmp/mkv2ps3.aac -fps $FPS
rm /tmp/mkv2ps3.{264,ac3,aac}

Edit: If you’re having trouble with double free or memory corruption errors at the end of the script, you’re using a broken gpac. Here’s a little something to get yourself a functional MP4Box. Run as root:

cd /usr/src/
cvs -z3 -d:pserver:anonymous@gpac.cvs.sourceforge.net:/cvsroot/gpac co -P gpac
cd gpac
chmod +x configure
./configure --static-mp4box
make
cp bin/gcc/MP4Box /usr/local/bin