Hi, [coworker],

I hope this email finds you well.
Wait, no that’s not quite true;
I hope this email never finds you.
I hope you sleep the deepest sleep of your life,
A sleep earned through labor and fresh air. That you smile in the slight fog as you rise to dew
on the increasingly-reclaimed markers of our once-great society.
Once-“great” society.

I hope you look back on the things we built
And find them quaint in how they misjudged what was important,
And entirely misguided in how they defined “value”.
I hope you feel the Earth and the plants in your lungs,
that you see your breath in the springtime sun.

I hope you can reflect and reject the techno-industrial, the educational-industrial,
the capital-industrial complex to which we dedicated so many years,
And I hope you see smiles and dirt on the faces of your children.
Hope you smile too, knowing our mistakes won’t be theirs.

I hope you find satisfaction in the routine,
reaching into stores to make breakfast for you and yours.
Tending to others, to plants, to animals. I hope you take less than you give
And that you teach others do the same.
I hope you know your worth, our worth
Is not defined in EBITDA or MAU.
It’s defined in what we instill, how we inspire, and how we reflect the things we claim to hold dear.
I think you said that to me.

I hope that between when I hit send and when this gets delivered to you.
We, the greater we, face a redefining event.
That we are forced to reckon with our past prioritization.
But, I guess, if all that doesn’t happen.
Maybe, if you could get me the latest quarterly summary?
We’re supposed to update it with the new KPIs that the Leadership team defined last week.
Yeah, no the new new KPIs. I know. I told them.

But, really, I hope this email never finds you.

I wrote this a little over a year ago, thinking of a friend who I was frustrated on behalf of. It’s been a while, I need to check in on him.

I took this shot of a wonderful Cheyenne Randall piece and cleaned up some of the junk and tags that went up around it. Easily one of my favorite pieces of street art, deserves to be appreciated on its own.

Pretty decent view from the office this morning. Olympics in full alpenglow.

I’ve never been a new year’s resolution kind of guy - if it’s important enough to do, there’s no reason to wait until the end of the year. But the turn of the calendar offers the opportunity to look back on some adjustments I made throughout the year. Indulge me in a little reflection:

General

• Restarted my journaling habit
• Let my work-life take a little less, and keep a little more for my family and friends - I’d say I’ve been successful since January
• Read more books - semi-successful, getting better again lately
• Make my kids laugh every day - check
• Fix more broken stuff myself - check
• Buy less - check
• Rely less on news aggregation (Reddit) and more on reading and critiquing journalism - Moving slowly in the right direction

Work

• Be intentional with my time - Was very good February through June, let myself get caught in the churn mid-year, back at it over the past couple months
• Lead with curiosity - I should write more about this, but suffice it to say for now that this has been a big change over time and has gone well. Still need to develop this muscle, though
• Define concrete individual work goals - Yes, and documented! Sometimes writing them down is the hard part

There are opportunities, too, as there always are. I want to spend more time getting away both with the kids and just with Linds. But these changes don’t have to be right now.

Still haven’t speckled and painted that dent in the drywall in our bedroom, though.

I kept running across a problem with my Mastodon instance where I was seemingly unable to follow other accounts. Reviewing Sidekiq logs revealed HTTP 401s for nearly every account I tried to follow.

After some poking and help from some very kind folks on a Mastodon admin Discord (@[email protected], specifically), as well as my host, I think I’ve resolved the issue. It seems to have been because I boched my webfinger redirect.

For some context, Mastodon relies webfinger as a method for clearly identifying users on remote servers. Since I have my Mastodon instance on a subdomain of alvani.me, but want my usernames to be in the @[email protected] format, I have to create a redirect for requests to

https://alvani.me/.well-known/webfinger
to be redirected to
https://mastodon.alvani.me/.well-known/webfinger.

I used a CloudFlare redirect rule to accomplish this, as per the screenshot below.

Santa dropped off a secondhand OneWheel Pint. Really appreciate the thoughtfulness of keeping things out of the landfill, and excited to get to refurbish it! Here’s one of my Pints riding the Pint.

Despite being aware of Mastodon and following its development since its introduction back in 2015, I never really spent any meaningful time with it. Along with many others, I was motivated to change this as for so many reasons including but certainly not limited to Elon Musk’s capricious “leadership” of Twitter.

I initially signed up with an account on Mastodon.social, the “first-party” instance that’s run by the service’s founder. After poking around a bit, I decided I’d prefer to run my own instance that maybe some friends and family could share if they were interested. After reading over the requirements and officially-supported architectures for the image, and looking into options for self-hosting either on my home lab or in some IaaS provider, I decided that this was a case where I’d prefer to have a host. If friends or family wanted to use it, I didn’t want to be on the hook for keeping it running during or after power outages, etc. Looking for servers and primary administration outside of the US, I found Cloudplane. Reasonably priced for a “small” instance, which is probably all I need.

Cloudplane makes it fairly easy, although the documentation is sparse. During their signup, they seemed to indicate that the name server the customer uses must support root-level CNAMEs or aliases, and they seemed to recommend Cloudfront¹. After a little more discovery, I learned that the root-level CNAME/alias requirement only applies if you intend for the root of your domain to point to the Cloudplane-hosted Mastodon instance. In my case, where I intended to use mastodon.alvani.me as the name of the domain, but use Mastodon’s local_domain and web_domain features to make handles as @alvani.me/@jehanalvani.com

Thus, once the new Cloudplane instance was deployed, I added alvani.me as the local_domain, and mastodon.alvani.me as the Cloudplane-labeled “Custom Domain”². Cloudplane informs you of the DNS records to configure - in my case just a CNAME.

[Update] Since I’m using a subdomain and Cloudplane’s proxy for seucrity features, I also had to set up a root-domain txt record. The same record displayed if I typed “example.com” into the web domain field.

There’s one more step to take care of: Cloudflare defaults to unencrypted backend connections, and Cloudplane requires encryption. I solved this by creating a Cloudflare configuration rule to capture all requests for the host mastodon.alvani.me, and setting the SSL encryption mode to Full. I also overrode the defaults for my account to SSL encryptions mode - Full (Strict).

The rule expression in my case was:

 (http.host eq “mastodon.alvani.me”)

Then scroll down to the “SSL (optional)” section and choose “Full”.

Once configured in Cloudflare and propagated, I could access my hosted instance at the name I preferred.

The last step is enabling the well-known redirect per Mastodon’s documentation:

To install Mastodon on mastodon.example.com in such a way it can serve @[email protected], set LOCAL_DOMAIN to example.com and WEB_DOMAIN to mastodon.example.com. This also requires additional configuration on the server hosting example.com to redirect or proxy requests to https://example.com/.well-known/webfinger to https://mastodon.example.com/.well-known/webfinger. For instance, with nginx, the configuration could look like the following:

 location /.well-known/webfinger {    
  add_header Access-Control-Allow-Origin ‘*’;     
  return 301 https://mastodon.example.com$request_uri;      
}    

In Cloudflare, this is accomplished with a Redirect rule. Note that the check mark at the bottom to preserve query parameters is checked. That’s important.

Skating in the street ⛸️⛸️

Considered rolling my own, but in the end I wanted a reliable primary home that I didn’t have to manage. And if I make a secondary server, self-hosted might be the way to go. I’ll write up something a little more thoughtful soon.

Need to write up setting up a small Mastodon host with Cloudplane and Cloudflare. Pretty pleased with this config.

I’ve been periodically slamming my head into the wall for the past ~10 months about why a new install of MacOS 12 Monterrey wouldn’t connect to my NFS server. Turns out I had to inform the client to use NFSv4.

nano /etc/nfs.conf

#
# nfs.conf: the NFS configuration file
nfs.client.mount.options = vers=4

Saved nfs.conf and both command-line and GUI connections worked immediately.

Man, this little interaction at the end of my Apple support chat kind of broke my heart. The support guy, Prashant, was great. I didn’t do anything special, just remembered and used his name my pleases and thank yous.

Maybe a year ago, I added FreshRSS to my self-hosted tools. I was a longtime Fever user, and used Google Reader and NetNewsWire before that. Sadly the moden web pushed RSS to a background function, and the few sites that actually made their feeds public would often only publish spammy headline feeds.

Lately it seems the pendulum may have begun to swing in the opposite direction, and I think we’re all better for it. More feeds are being published again and increasingly, again, with full article content. The main difference seems to be that these full-text feeds tend to be paywalled if they exist at all¹.

Hoping to see this trend continue. I want to rely less on content aggregators, and more on direct relationships with trusted news and writing sources. RSS could once again provide that in a way that is respectful to both sides of those relationships.

Been a while since I was primary engineer on a network outage. Nice to know I still have some chops.

Kyle Tucker is having a hell of a game. ⚾️

Fantastic terminal at PAE.

The terminal at PAE is one of the most beautiful airport terminals I’ve ever seen. I feel so relaxed every time I fly out of it.

Ran into a problem updating packages on my Ubuntu-based NAS and Plex host; zfs-zed and zfsutils-linux were unconfigured due to some logic failures that occurred in certain configurations. This resulted in apt failures. In my case, there was an empty zpool configured in a subdir of another pool which resulted in the zfsutils-linux configuration script failing when it was run.

dpkg: error processing package zfsutils-linux (--configure):
 installed zfsutils-linux package post-installation script subprocess returned error exit status 1
dpkg: dependency problems prevent configuration of zfs-zed:
 zfs-zed depends on zfsutils-linux (>= 0.8.3-1ubuntu12.14); however:
  Package zfsutils-linux is not configured yet.

dpkg: error processing package zfs-zed (--configure):
 dependency problems - leaving unconfigured
No apport report written because the error message indicates its a followup error from a previous failure.
																										  
 Errors were encountered while processing:
     zfsutils-linux
	 zfs-zed
  E: Sub-process /usr/bin/dpkg returned an error code (1)

To resolve, I stopped all the services that might write to the zpool(s) - NFS and a Plex container, then

• zfs unmount [root pool name] (replace [root pool name] with -a to unmount all pools if needed)
• zfs list to list pools
• zfs destroy [root pool name]/[sub pool] - Be really careful you’re destroying the right pool. Going back isn’t impossible, but it’s not easy.
• zfs list to confirm the pool isn’t listed
• zfs mount -a to mount all pools
• dpkg --configure -a to complete the configuration of unconfigured packages
• Restart stopped services

Took the allroad out to BSCC’s last autocross cup event of the season. Running novice class per BSCC rules - you’re a novice until you’ve completed six events. Not sad about it: 8+ years away from the sport has unsurprisingly left me quite rusty.

Very happy with how the Dad Wagon performed. It’s very heavy and not especially nimble stock. But the H&R Coilovers and sway bars improve the handling considerably.

All runs were clean, and each run was faster than the last. Very happy with the cars performance, and pretty pleased with my own!

Run 1

Run 2

Run 3

Run 4

Itching for a long drive on back roads.

Remembered that my son used to call the Incredible Hulk “Credible Puck”. Man kids don’t even know how funny they are.

A few shots from today’s Italian-themed Avants Caffeine and Gasoline in Tacoma.

Golden hour vibes

Dan Szymborski has a great analysis of the exceptionally complicated contract that still has wet ink on its pages. Excited Julio will be a Mariner for the foreseeable future, and having Julio will be an enticement for other top players to think hard about making a move northwest.

Not to mention the structure of the contract seems to make sense for both the team and Julio.

This paragraph also emphasizes how forthcoming the FO has been with Julio. DiPoto told the press that if Julio played well, he’d break camp with the team. Julio played fantastically, and he’s been with the team all season.

The Mariners not playing games with J-Rod’s service time clock has paid off handsomely. If Rodríguez had been held in the minors for a few weeks, he’d still likely be in the top two for AL Rookie of the Year voting, which would have resulted in him accruing a full year of service time anyway. And he’s been so good that it might have cost Seattle at least a win, which could have plausibly resulted in the team missing on a Wild Card spot it otherwise would have won. Hopefully, this will encourage other clubs to stop monkeying around with service time quite as much, especially with their ultra-elite prospects.

Family Vacation ‘22 Vol. 2