DEV Community: Sam Erickson

Improving Performance With Linux Boxes in Hyper-V

Sam Erickson — Sun, 10 Sep 2023 21:26:41 +0000

This post contains a collection of StackOverflow posts that were used to solve my Linux box performance issues in Hyper-V. All original pages are listed, where the commands from those sources are written out along with the story of how I used them.

📈 Improving Performance

I found the UI to be really clunky and slow on HiDPI monitors, and after some digging I found the following things to improve performance:

💫 Disable Compositing

Source: xrdp is quite slow

This setting can be tested using:

xfconf-query --channel=xfwm4 --property=/general/use_compositing --type=bool --set=false --create

After entering the above command I found that my performance issues were far less noticeable. So the next thing I needed to do was make the fix permanent, so I added the following to a new file /etc/X11/xorg.conf (I found the location to add this configuration file by reading through man xorg.conf):

Section "Extensions"
    Option "Composite" "Disable"
EndSection

💡 This can also be edited using the GUI: xfwm4-tweaks-settings

I then rebooted and checked the GUI to see if my edits to the xorg.conf configuration file worked.

❎ Optimize XRDP Configuration

Source: xrdp and xfce4 Ubuntu > 18.04 Unusable

The settings that I modified in the /etc/xrdp/xrdp.ini file were:

max_bpp = 128
xserverbpp = 128
crypt_level = low

The final recommendation was to lower the color quality from 32 bits to 16 bits. I was unable to modify this setting by using the “Connect” button within Hyper-V Manager, so the next thing I needed to do was configure xrdp to allow connections outside the console

🖥️ Allowing RDP Connections Outside Hyper-V

Sources:

Edit the following file /etc/X11/Xwrapper.config:

# Change this value
allowed_users=console

# To this value
allowed_users=anybody

Next we need to configure xrdp to listen for outside connections through tcp by adding the following to /etc/xrdp/xrdp.ini:

port=vsock://-1:3389 tcp://:3389

💡 Note that you will need to restart xrpd for this change to take effect. Make sure you take note of your ip address before restarting xrdp so that you can connect using the RDP app, and not have to go back in through Hyper-V once your session is closed.

It is also worth noting that entering service xrdp restart will boot your RDP client, but keep you logged in. Which will result in you not being able to connect another RDP session until you restart your box.

HiDPI In Kali Linux Through RDP | Hyper-V

Sam Erickson — Sat, 02 Sep 2023 21:37:51 +0000

📃 HiDPI in Kali Linux Through RDP

To get started kali maintains a collection of “Pre-Built Virtual Machines” that we can download and use.

In my case I downloaded the Hyper-V version by following the official documentation.

💻 Monitors

Once I got the pre-built virtual machine installed, and I started it up, I was pleased to see that the “Enhanced Session” was already enabled. This is a setting within Hyper-V that uses RDP to connect to the virtual machine. This gives us a bunch of nice features, like shared clipboard, and the ability to use all our connected monitors.

In my case using all connected monitors was an issue, since I have one 1080p monitor and one 4k monitor. So enabling Kali hiDPI Mode would make my 1080p monitor useless, but not enabling it would make the text on my 4k monitor way too small.

⚖️ Monitor Scaling Through Display Manger Settings

I was disappointed to find out that DPI scaling though XFCE display settings had no effect.

Normally I would be able to set the scaling of my 4k monitor to 2x or 1.5x and leave my 1080p monitor to 1x, and things would appear correctly on both monitors, but since I could not get this to work I was left with configuring my Hyper-V settings to use only one monitor at a time. Then I can either use or disable Kali HiDPI Mode as required.

⚙️ Hyper-V Settings

In order to change the RDP settings used when you select “Connect” on a virtual machine within Hyper-V we can use the “Edit Session Settings…” button:

That will open the RDP Display Configuration window prior to connecting:

This allows us to configure RDP prior to connecting to our virtual machine. In this case we can un-check the “Use all my monitors” option and then connect. From there we can set Kali HiDPI Mode accordingly and we are done.

Installing diesel_cli on OpenSUSE Tumbleweed

Sam Erickson — Fri, 07 Apr 2023 18:06:50 +0000

I recently ran into some issues installing diesel_cli on openSUSE. I wanted to use the package with postgres only so I tried entering the following command from their getting started page:

# The package that is required according to the docs
zypper install libpq5
cargo install diesel_cli --no-default-features --features postgres

Then I get met with this fun error message:

The last few lines are of interest:

= note: /usr/lib64/gcc/x86_64-suse-linux/13/../../../../x86_64-suse-linux/bin/ld: cannot find -lpq: No such file or directory
          collect2: error: ld returned 1 exit status

I started just installing all packages that I could find using zypper search that related to postgres and tried the installation process of diesel_cli after each one. Eventually, after much trial and error I found the missing package:

sudo zypper install ghc-postgresql-libpq-devel

After installing this I was able to build diesel.

⛏ Hosting A Minecraft Server Using CentOS

Sam Erickson — Sun, 13 Jun 2021 19:00:09 +0000

Historically I have always used Ubuntu to host my applications and game servers, but I was interested in checking out a more server and security focused distribution with the goal of expanding my knowledge and experience with different tools and distributions.

What really grabbed my attention was the promises of stability and support offered by CentOS.

To start off with I created a VPS that is running CentOS 8 using Digital Ocean. This can be done with a few simple clicks, so I will not be covering how to do that here.

🥽 Updating Packages

Before we get started make sure all of your packages are up to date by issuing the following command:

dnf update

👥 Creating Users

I always start a VPS by adding two users, one is a user with access to Sudo that will be used for server administration tasks, and the other is a user will as few privileges as possible to run the service in question.

useradd <Admin-name>
passwd <Admin-name>

useradd <service-account>
passwd <service-account>

👩‍💻 Applications

Two applications that we will need are vim and tmux, and screen.

Vim and tmux are easy to install:

dnf install vim tmux java-16-openjdk-devel

Installing screen requires epel (Extra Packages for Enterprise Linux), which can be installed like so:

dnf install epel-release

Then screen can be installed:

dnf install screen

🦺 SSH Permissions

One issue I ran into was in using ssh keys to login to those accounts. The key is to make sure that the permissions of the files related to ssh are correct:

Repeat this process for each user:

su <username>
chmod 0700 .

mkdir .ssh
chmod 0700 .ssh

# Paste the ssh key in this file
vim .ssh/authorized_keys

chmod 0600 .ssh/authorized_keys

🖥 Setting up the server

To get stated with creating the server we need the server.jar which you can get from Mincraft.net or from the Launcher itself (if your server is going to be using snapshots, or a version other than the most recent release, then you are going to want to go the launcher route).

🎈 Getting the Server File from the Official Launcher

Start by opening the launcher and clicking the installations tab on the top menu !![[Screenshot 2021-05-15 145451 2.png]]
Select the installation that you want to use to connect to your server (paying attention to the version number) ![[Screenshot 2021-05-15 145636.png]]
Click the download server jar button ![[Screenshot 2021-05-15 145751.png]]
This will open a URL in your web-browser. We do not want to download the file to our computer, but we want the URL so that we can download the server file to our CentOS Server. Copy the URL, then cancel the download (note that if you are not using Firefox as your default browser, things may look and operate differently) ![[Screenshot 2021-05-15 145854.png]]
I like to keep a copy of each and every jar file that I use for the server, so I start by creating a jars directory, this way it is easy to roll back to previous versions if need be.

mkdir -p server/jars
cd jars

# The following command will download Mincraft server version 1.16.5 to the current directory
curl https://launcher.mojang.com/v1/objects/1b557e7b033b583cd9f66746b7a9ab1ec1673ced/server.jar --output server-1.16.5.jar

# Create a symbolic link to the current jar file, to change which jar file the server will be using, you can modify which jar the current.jar link points to
ln -s server-1.16.5.jar current.jar

# Return to the main server directory
cd ..

The next thing we need to do is get the Minecraft server files and eula.txt files. We can do this with the following command:

java -jar jars/current.jar

Open the eula.txt read through the terms and conditions in the supplied URL, and then set eula=true to agree to them.
We can now modify our server.properties file. These settings are outside of the scope of this post, bu if you want to learn more about what each of these properties do you can read about them here.
Next we want to create our administration scripts: https://github.com/BrandonDusseau/minecraft-scripts

curl -O https://raw.githubusercontent.com/BrandonDusseau/minecraft-scripts/master/startmc.sh

curl -O https://raw.githubusercontent.com/BrandonDusseau/minecraft-scripts/master/backup.sh
10.

These files need to be modified to match out environment a little bit. Note that you need to use the non-privileged user in place of <mcserveruser> and use an amount of RAM that is appropriate for your server in the JVMARGS section (-Xmx/Xms)


# startmc.sh
    MCDIR="/home/<mcserveruser>/server"
    JVMARGS="-XmxM3072M -Xms3072M -d64"
    MCJAR="jars/current.jar"
    MCSCREENNAME="minecraft"

# backup.sh

    # File and directory configuration
    # Ensure these directories have correct permissions
    # Do not add trailing slashes
    MCDIR="/home/mcserveruser/server"
    BACKUPDIR="${MCDIR}/backups"

Next we need to make both of these scripts executable: chmod +x backup.sh startmc.sh
We can now start the server by entering the following commands:

./startmc.sh
./backups.sh

And that is it. You now have a Minecraft server up and running! Congratulations 🎉!

🏖 Optimizations and Improvements

This section covers going about improving the server itself in order to ensure that we are operating the Minecraft server securely and properly.

🐱‍👤 Securing CentOS

Below are a few of the steps that I use to secure CentOS. Most of these modifications came from the following blog post: https://www.linuxtechi.com/harden-secure-centos-8-rhel-8-server/

🐱‍💻 Change the port used by ssh

This prevents your server from being bombarded with ssh connection requests by bots that are scanning for default credentials being used on port 22 on all global IP addresses.

vim /etc/ssh/.sshd_config

# Find the line below
Port 22

# Chang it to something random, like
Port 5052

SELinux will prevent sshd from starting on any port other than 22, so we will need to do a few more things to make the change take effect.

semanage port -a -t ssh_port_t -p tcp 5052

systemctl restart sshd

🧱 Configuring the Firewall
Install and start firewalld:

dnf install firewalld

systemctl start firewalld
systemctl enable firewalld

Next we want to let tcp traffic through two ports:

The port we are using for ssh
The port we are using for Minecraft


# Let Minecraft through the firewall
firewall-cmd --add-port=25565/tcp --zone=public --permanent

# Let our ssh traffic through the firewall
firewall-cmd --add-port=5056/tcp --zone=public --permanent

🔒 Lock Down Critical Files
We want to lock down all files that we do not want accidentally deleted (such as the files containing our hashed passwords).

chattr +i /etc/passwd
chattr +i /etc/shadow

🕵️‍♀️ Install and Configure Fail2Ban

dnf install fail2ban

systemctl start fail2ban
systemctl enable fail2ban

# Configure by adding the following file

vim /etc/fail2ban/jail.local

# Add the following to the file mentioned above

[DEFAULT]
# Ban hosts for one hour:
bantime = 3600

# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport

[sshd]
enabled = true

# Restart the service
systemctl restart fail2ban

How to Create a Minecraft Server: Server Optimizations

Sam Erickson — Sun, 07 Jun 2020 23:34:50 +0000

The following optimizations can be made in game using the Minecraft command line. This is accessed by the / key.

Modifying Gamerules

You can read more about gamerules on the Offical Minecraft Wiki

Next we want to disable fireTick, this prevents fire from spreading. This reduces lag from accidental fires, and lava lakes burning down an entire forrest. We change the gamerule by typing:

/gamerule doFireTick false

The gamerules that I change are:

doFireTick=false: to prevent lag and destructive accidents
doPatrolSpawning=false: prevent patrols from spawning and thus triggering raids in villages. This may be contriversial, but I have a limited amount of time in a day to play, and I do not want to spend it all dealing with raids. If I ever want a raid, I can turn it back on

Pre-generating terrain

Minecraft can read the level.dat file much faster than it can generate terrain. The level.dat file contains all information about the entities and blocks in a Minecraft world, Only the information about the areas that have been visited by the user. So before you have a bunch of players join and run arround each of them forcing the server to generate the areas they are exploring you will experience lots of lag. To avoid this I recommend flying around in spectator mode to load in the main area. I typically try and generate all the area within 1 2000-4000 block radius. (*Note that this will make your world file size reach into the GB).

You can enter spectator mode using the following command:

/gamemode spectator

You can then get back to survival mode by:

/gamemode survival

The reason you want to use spectator mode over creative mode is that you can use the scroll wheel to change the speed that you are able to fly around.

For more information on this watch Xisumavoid's video on Pre-Generating minecraft worlds. Note that his version of pre-generating is far more complicated than mine.

How to Create a Minecraft Server: Setting up the Actual Server

Sam Erickson — Sun, 07 Jun 2020 23:33:32 +0000

To start off with we need to switch to our Minecraft profile that we created in the first section of this series.

su minecraft

Now we need to setup the respective files. The Minecraft server executable will do most of this for us, but there are a few files and directories that we need to add manually.

mkdir -p server/jars
mkdir servers/backups

Next we need to get the Minecraft server .jar file. The easiest way to do this id to use the Minecraft Launcher on our local machine.

Select the "Installations" tab and click on the installation that has the same version of Minecraft that you want your server to run. This is typically labeled as either "Latest release" or "Latest snapshot".

In the version section click the server button. This will download the server.jar file for that version of Minecraft.

Next, using the terminal on our local machine we want to copy the file onto our Linode server. Name this something descriptive--for instance, if I was downloading the server.jar file for Minecraft 1.15 I would name the file: "minecraft-server-11.5.jar".

scp ~/Downloads/minecraft-server-11.5.jar minecraft:server

This command will copy the file ~/Downloads/minecraft-server-11.5.jar to the ssh server with the hostname minecraft that we specified in out ~/.ssh/config previously. Specifically, it will copy the server.jar file into our ~/server/jars directory in our minecraft user account on the Linode server.

Now we can go to our minecraft users home directory on our Linode server.

To populate the server directory with the files needed to configure our Minecraft server we can issue the following commands:

java -jar minecraft-server-11.5.jar

You should be met with this message:

[11:47:16] [main/ERROR]: Unknown biome, defaulting to plains
[11:47:16] [main/ERROR]: Failed to load properties from file: server.properties
[11:47:16] [main/WARN]: Failed to load eula.txt
[11:47:16] [main/INFO]: You need to agree to the EULA in order to run the
server. Go to eula.txt for more info.

This means that the basic files you need to configure your server are present.

Configuring the Minecraft Server

Agreeing to the EULA

To start off with we need to agree to the EULA. There are rules to how you can use the Miencraft server files, and you have to agree to them before you can run your server. You can read over the rules here and then edit the eula.txt changing eula=false to eula=true meaning that you agree to Mojang's Terms and Conditions.

Modifying the Server.Properties

The main configuration file for your minecraft server is called server.properties you can learn more about this file on The Offical Minecraft Wiki

You can tweak this file to your liking, but there are a few lines that I recommend you change before moving forward.

spawn-protection=16: I recommend changing this to 0 if you are just playing with your friends, otherwise chests within a specific distance of spawn will be locked to other players.
enforce-whitelist=false: Change this to true so that only people you want on your server will be able to join.
server-ip=: set this to equal your server IP.
view-distance=10: I set this to 16 as I like to be able to see farther and there is a limited number of people playing on my server. If you change this setting you may experience extream lag when generating new terrain. See the server optimization section for more information.
motd=A Minecraft Server: This is the message that players will see in the multiplayer screen within Minecraft. Change it to whatever you like.

Recommended Wrapper Scripts

I have found a Github repo that has some really well written scripts that can be used to start your minecraft server. and run hourly backups of your servers world here.

We can download the scripts using the following commands from our servers directory:

wget https://raw.githubusercontent.com/BrandonDusseau/minecraft-scripts/master/startmc.sh
wget https://raw.githubusercontent.com/BrandonDusseau/minecraft-scripts/master/backup.sh

Next we want to edit the startmc.sh script. This script will be used to start our minecraft server.

Change the MCDIR to point to the root directory of our server:

MCDIR="/home/minecraft/server"

Change the Java Runtime Arguments to utilize the 4 GB of RAM that we are paying
for:

JVMARGS="-Xmx2048M -Xms3096M -d64"

Change the location of our jar file:

MCJAR="jars/minecraft-server-11.5.jar"

We then need to configure the backup.sh script.

Change the root directory of our server:

MCDIR="/home/minecraft/server"

Now we need to move our .jar file to the correct location:

mv *.jar jars

The scripts need to be executed so we need to modify the file permissions

chmod +x backup.sh
chmod +x startmc.sh

Setting up the Cron jobs

We want the backups to happen automatically, and the miencraft server to start up automatically upon system boot (that way if we update our server, or reboot for anyother reason, we do not have to manually start the minecraft server back up again).

We can do this by using cron.

crontab -e

This will prompt you to select an editor, I choose 2 for vim.basic but you can choose whichever you are most comfortable with.

Once you select your editor, we add the following lines to the file that was opened:

@reboot sleep 30 && /home/minecraft/server/startmc/sh
0 * * * * /home/minecraft/server/backup.sh

We can then start the server:

./startmc.sh

Congradulations your minecraft server is now running. However there are still a few things you need to do before you are finished setting it up.

Whitelists and Admins

You then need to connect to the screen session to whitelist yourself, and give yourself admin privilages.

screen -r

If the bottom line says "[done]" then you are welcome to issue miencraft server commands, if it does not say "[Done]" then just wait untill the server finishes loading.

Adding players to your whitelist

To add uses to the whitelist:

whitelist add <user-name>

You can add your minecraft username and the username of any friends you want to be able to join your server. Note that once you make yourself an admin, these commands can be issued from within the game.

Making a player an admin

Admins are able to issue commands that modify the game, these are often refered to as cheats.

DO NOT MAKE ANYONE YOU DO NOT FULLY TRUST AN ADMIN

My recommendation is that you only make yourself an admin, so that you are in complete control of your minecraft server.

To make yourself an admin issue the following command:

op <minecraft-username>

You can now detach from the screen session by pressing Ctrl+a d. Now you can close your ssh connection and your minecraft server will continue to run.

How to Create a Minecraft Server: Hardening the Server

Sam Erickson — Sun, 07 Jun 2020 23:26:12 +0000

Photo by Sai Kiran Anagani on Unsplash

Now that our server is up and running we need to harden it. Or make it more difficult for anyone to gain unauthorized access to it.

There are lots of posts about this online. Here are some of my favorites:

10 Steps to secure Linux Server for Production Enviornment: a medium.com post by Megha Pandey
25 Hardening Security Tips for Linux Servers: a techmint article by Ravi Saive
How to harden Ubuntu Server 16.04 security in five steps: a techrepublic article by Jack Wallen

Securing SSHD

I remember the first time I mistakenly connected my raspberry-pi to the internet with port forwarding enabled on my router. I was hit with thousands of login attempts for random IP addresses within half an hour. One advantage to this is that I was forced to learn about better ssh practices.

Configuring SSHD

We are going to start by editing /etc/ssh/sshd_config.

Once you have that file open you want to uncomment and modify the following lines (I have arranged them by default value first, changed value second):

port 22 change this to an arbitrary number like 2916 (not 22, 80, 8080, etc.)
PermitRootLogin no
PubKeyAuthentication yes

PasswordAuthentication no
PermitEmptyPasswords no

# This makes it so that only login attempts from specific IP 
#  addresses can gain
#  access to your server. You can get your public IP address by 
#  typing: "whats my ip" into duckduckgo.com
#
# You can always add new ip addresses from the web console in 
#   your linode account if you get accidentally locked out.
#
# For more information:
#  https://www.cyberciti.biz/tips/howto-openssh-sshd-listen-multiple-ip-address.html
ListenAddress <your-public-ip-address>

Creating an SSH Key

Next we need to create and add an rsa key to the server. On your local machine issue the following command:

ssh-keygen -b4096

Then press enter to save it to the default location, or enter a custom location. I recommend using ~/.ssh/id_rsa for the privileged user and ~/.ssh/minecraft_rsa for the Minecraft user.

Then enter a passphrase, this is another layer of added protection in case someone gets a hold of your private key. (*Note that you can also leave this blank for no passphrase, but it is highly discouraged).

Copying the SSH Key to the Minecraft Server

We can do this by issuing the following command (note that if you entered a different filename/file location, you need to use them here):

ssh-copy-id -i ~/.ssh/id_rsa <username>@hostip
ssh-copy-id -i ~/.ssh/minecraft_rsa minecraft@hostip

If you do not know your servers username or password (if you are currently using the web terminal) you can copy the key manually using the following steps:

Copy ~/.ssh/minecraft_rsa.pub to clipboard. You can do this in the following ways
1. Windows (WSL): cat ~/.ssh/minecraft_rsa.pub | clip.exe
2. Ubuntu: cat ~/.ssh/minecraft_rsa.pub | xclip
3. MacOS: cat ~/.ssh/minecraft_rsa.pub | pbcopy
Create the following file in your text editor of choice: ~/.ssh/authorized_keys note that this file may already exist
Append your /home/miencraft/.ssh/minecraft_rsa.pub key to the end of this file
Copy your other users ssh key to clipboard
Paste that users key into /home/<username>/.ssh/authorized_keys

Finally, we need to restart the sshd service so that our changes take effect.

sudo systemctl restart sshd

Configuring the FireWall

I have found the easiest way to do this is using ufw. We start by enabling the service:

sudo ufw enable

Next we need to setup some default rules

sudo ufw default deny incomming
sudo ufw default allow outgoing

We also need to allow the port we specified for ssh to be open (remember I chose 2916, you need to replace that with the value you chose):

sudo ufw allow 2916/tcp

Now we need to allow traffic through port 25565 (the default port for Minecraft servers).

sudo ufw allow 25565/tcp

We can check and see all our rules by the following command:

sudo ufw status

Hardening the Network a Step Farther

This is a tip I learned while trying to disable ICMP broadcast requests. Taken from that Tech Republic article written by Jack Wallen that I mentioned in the beginning of this article.

There is a very simple way to prevent source routing of incoming packets (and log all malformed IPs) on your Ubuntu Server. Open a terminal window, issue the command sudo nano /etc/sysctl.conf, and uncomment or add the following lines:

# IP Spoofing protection
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1

# Ignore ICMP broadcast requests
net.ipv4.icmp_echo_ignore_broadcasts = 1

# Disable source packet routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv6.conf.all.accept_source_route = 0 
net.ipv4.conf.default.accept_source_route = 0
net.ipv6.conf.default.accept_source_route = 0

# Ignore send redirects
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0

# Block SYN attacks
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 5

# Log Martians
net.ipv4.conf.all.log_martians = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1

# Ignore ICMP redirects
net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0 
net.ipv6.conf.default.accept_redirects = 0

# Ignore Directed pings
net.ipv4.icmp_echo_ignore_all = 1

We then restart the service so that the changes take effect:

sudo sysctl -p

Setting Up the SSH Config On Our Local Machine

To make it easier to copy files and to access the server, we will be creating entries in our local machines ssh config (~/.ssh/config). Open that file in your favorite text editor and insert the following:

Host            linode
Hostname        <linode-server-ip>
Port            2916
User            <username>

Host            minecraft
Hostname        <linode-server-ip>
IdentityFile    ~/.ssh/minecraft_rsa
Port            2916
User            minecraft

Now when we want to login to our server via ssh we can use:

ssh <username>

ssh minecraft

This also makes copying files a lot easier. More on that later.

If you have any suggjectsions or comments on how I could do this better please leave them down below!

How to Create a Minecraft Server: Choosing a Host

Sam Erickson — Sun, 07 Jun 2020 23:16:42 +0000

For this I chose Linode. Honestly I am a sucker for advertising and I have heard a million YouTubers mention Linode, and I was able to get a bill credit using one of their affiliate links.

I am also aware that there are cheaper alternates that require much less work than what I did, but I wanted to exercise my knowledge on servers and have as much control over it as possible.

Initial Setup

To start I selected the $10/Month plan which gives you:

2 GB RAM
1 CPU Core
50 GB SSD
2 TB Transfer
40 Gbps Network In
2000 Mbps network Out

This worked okay for the first little bit when there where just two people on my Minecraft server. You will also be using 100% of your CPU core 100% of the time. Linode will remind you of this with a weekly email.

I decided to upgrade to the next tier to improve performance. I know that Digital Ocean has a larger range of tiers to choose from (which are typically $5 /month cheaper than Linode), but I was already with Linode and changing seemed link a pain at the time. I may end up making the switch in the future.

Current Setup

My current package from Linode costs $20/Month + $2.5/Month for automatic backups. This gives me the following specifications:

4 GB RAM
2 CPU Cores
80 GB SSD
4TB Transfer
40 Gbps Network In
4000 Mbps Network Out

Setting Up The VPS

I started off with making sure the packages I wanted were installed with the following command:

sudo apt install default-jre vim ufw screen wget

default-jre is the java runtime environment used to run our Minecraft server
vim is my editor of choice (you can also use nano, both of these editors are often installed by default)
ufw is an Uncomplicated Fire*W*all
screen is a terminal multiplexor that is required for running the Minecraft server
wget is used to download files from the internet

Creating the users

For security purposes we are going to create two users, one with sudo and one without.

Adding the privilaged user:

useradd -m <username> -G wheel -s /bin/bash
passwd <username>

Adding the non-privilaged user

useradd -m minecraft -s /bin/bash
passwd minecraft

Why create 2 users? I have not ready any other tutorials that use this method, but I like the idea of my servers files and processes being owned by a user that does not have root privileges. You don't need root privileges in order to run a Minecraft server, and therefore, I think you should not have it.

For more information you can read the Debian wiki post Why Sudo?

I Love Linux, Just Not Enough To Stay With It

Sam Erickson — Mon, 16 Sep 2019 18:16:31 +0000

I love the idea of Linux. Admittedly, there are many things I miss every time I move away from it but that is not enough to make up for the sheer amount of work using it is.

What I love

Linux has the potential of being perfect, though the one aspect the I feel keeps me away from it is also what draws most people to it, choice.

What I hate

Power management

On macOS my battery lasts hours longer, and that can really be a deal-breaker while I am in university and not every classroom provides the option of charging.

Idle, suspend, and hibernate

I can only advocate for the function of these states running on a Macbook Pro hardware and they are beyond broken.

Sometimes, my machine would not wake up, or wakeup seconds after suspending. There are extended wiki pages about solving this issue, but the amount of time I was sinking into trying to make suspend work the way I wanted seems like a waste when I could be working on something more important such as school projects, labs, and papers.

Closing the lid does not always suspend the machine. I have had a few situations where my laptop would remain on while inside my backpack. To the point of almost overheating. Not cool.

After a while, I would just power on and off between each class, which is far from ideal. I would like to be able to leave work in progress pages open so that I remember to deal with them at a later date when I have time. I used to have a running notes file that I would open and create a list of "ongoing" projects so that I would remember to open up all the related files and applications at a later date. But again, this adds unnecessary time to what might otherwise be a quick project.

Lack of consistency

There are design principles of computer human interaction that people have grown to expect to just work. Some examples are:

Drag and drop
Uniform look between apps
- The share icon should be in more or less the same location in every app. Etc.
Don't open every file I click on with wine.

I get it. Like everything listed in this post, with time I could go in and modify everything to my liking. This issue is time. How much time am I going to waste fine-tuning something--and also maintaining it through software updates of used applications--when the operating system that came with my machine is not costing me anything, and there are teams of people working on preventing issues that might arise from ever becoming issues for the end-user, which is me in this case.

The expectation from others

While using Linux, there are many, many alternate tools to mainstream applications like Photoshop, Word, and Sketch. But let's say a student that I am working within a group project is sharing files for Sketch for all of us to collaborate on, with the expectation that we all can get sketch on our computers. Now I, running Linux, have to find an alternative app that I often have to convert the files to a different format, then find a way to export them in a format that my classmates can read.

All of this is an unnecessary overhead that cuts directly into my free time.

Conclusion

Though I love the idea of a free operating system, free software, and opensource everything: the time required for using such tools is far greater than I am willing to put in at this date. Maybe this will change in the future, but for now, Linux requires too much time from its users.

For now, I will be using as many opensource tools as I can, but from the comfort of macOS.

Sharing your dotfiles

Sam Erickson — Tue, 30 Apr 2019 23:26:47 +0000

Why everyone should have their own dotfile repository

A good carpenter invests time and money into their tools and their workspace. They do this to improve their work flow, and make life easier for themselves, and why wouldn't they?

So why would you not want to take a few minutes to setup your programming environment to your liking? There is no reason programmers should not do the same. The biggest advantage programming workspaces have over wood shop is that setting up a dotfiles repository and configuring open source software can be done for free. Be careful though, it is far to easy to get sucked into the world of 'ricing' and spend all your time changing your color schemes, rather than actually being productive and writing something useful.

With dotfiles there is always that fine line of how far should I go with my configuration that will maximise programing speed, but still require less time than not configuring anything?

Getting started with dotfiles

I am currently working on a project to help new users who do not know where to begin in terms of setting up their dotfiles. Right now the project is focusing on swaywm, which is a tiling window manager, but later on down the road I hope to have a guide on configuring a large amount of software and window managers so that users can pick and choose what they want upon the installation of the dotfiles, but I am a long way from reaching that goal at this point link to the project.

Thats great and all but that project is intended to start you off with boiler plate files, that you are then suppose to fine tune yourself. Its a good idea to get a git repository started to keep track of every state of your dotfiles. That way if you break something, you can always get back to a working state.

There is a great guide on how to get this up and running over on Atlassian, but if you don't want to understand what is going on (which I highly recommend doing) and you just want to copy and paste working code (really you should not do this with any code that you do not fully understand the function of, as it can have detrimental effects on your systems security, not to mention break things), here is the code:

Step 1: install my dotfiles repository (skip if you prefer to use your own)

Note: doing this will overwrite any existing files in your home directory that match those in my dotfiles repository.

git clone https://github.com/samerickson/dotfiles.git
cd dotfiles
install.sh

Step 2: Setting up your personal repository

Initialize the git bare repository.

git init --bare ~/.dotfiles

Create an alias to for accessing the repository.
This makes dotfiles function like git, but rather than the .git with a few important differences. Again, if you want to learn more checkout Atlassian's tutorial on the subject.

# Add this to your ~/.bashrc
alias dotfiles='/usr/bin/git --git-dir=$HOME/.dotfiles --work-tree=$HOME'

# Source your ~/.bashrc
source ~/.bashrc

Step 3: Adding your files

Now its time to add all the files you want to be included in your dotfiles repository (be very careful you do not upload any information you do not wish to publicly disclose at this point as files you add will end up public on github. Do not add and pgp keys, ssh keys, passwords, or personal information).

# The syntax is just like `git add` but instead of `git`, we write `dotfiles`
dotfiles add .bashrc
dotfiles add .profile

Step 4: Setup the Github side of things

Head over to Github and login. Next, create a new repository. Github will then give you instructions on how to "...push an existing repository from the command line". Follow those instructions and you are done.

Dotfiles Project | For beginners to learn about system configuration

Sam Erickson — Sun, 28 Apr 2019 01:42:35 +0000

When I first started in Linux, I was obsessed with dot files configuration. Yet, I spent most of my time fumbling around and having no idea what I was doing, copying and pasting snippets of code from various dot files around the internet. Which is not a bad way to learn, but I firmly believe in not adding anything
to your configuration files that you do now fully understand the function and purpose of. Doing so just makes your files cluttered and messy with things you will probably never use.

That Is why I have started this project. I reset all of my dot files and started my system from scratch. The idea here was to rebuild my system to use wayland,
rather than x11, the reason being x11 was creating all sorts of display errors such as tearing. In other words, I was frustrated every time I would try to watch
Netflix as it looked like my computer way broken, even though it was not. The solution was swaywm.

Moving away from X11

The obvious choice was to stop using the software that was causing me so many issues, but there is a catch. There are very few resources on swaywm and that means in order to learn how to create a system that is setup to my liking I was going to need to read lots of man pages, and fumble around figuring things out for myself.

The biggest issue is that nothing from x11 works in wayland. So the first step was figuring out which apps I was going to switch over to, and how to get them tuned to my liking.

Web browser: Firefox already supports wayland so no issues there
Terminal emulator: For this I use kitty , as it supports images (I ran into issues tying to use w3m).
Image viewer: For this I started using imv.
Video player: mpv appears to work just fine.
Screen casting: green-recorder This works fairly well, though I have not tested it all that much.
Screen shots: I am still working this one out
App launcher: I am using rofi, though I have not worked on configuring it at all.

I started with the goal of only adding software as I needed it so as to slowly build everything up properly.

The dotfiles project

While copying and pasting other peoples code, and struggling to solve your own issues by reading through threads online, and various blog posts is a great way to learn. I thought there had to be a better way. I could not manage to find very many resources on swaywm so I decided to take things into my own hands and start writing a guide. Once I got under way, I thought why not make it a dot files guide? After all, I am sure there are other out there just like me who want to learn how to configure a system but do not know where to start, thus the birth of the dotfiles project.

In this project the current goal is to work on my personal system adding things as I need them in my day to day life, and document solutions to issues that arise in the project wiki. I realize that dot files are more a personal thing, as not everyone will make use of things that I make use of, but this will serve as a place to start for some people who are looking to get into this sort of thing, but find themselves
overwhelmed on where to start.

This post was originally posted on my blog at samerickson.me

Linux Battery Percentage Correction

Sam Erickson — Thu, 07 Feb 2019 21:29:36 +0000

The problem

The problem I had in my initial arch linux installation on my macbook pro, was the battery. Fully charged it was showing 84%, and if I then immediately booted into macOS, it would show 100%. So what is going on there?

The fix

I did some digging, and found lots of forms where users were asking the same question, but with no real answer as to why or any solution. I started looking into how my computer was getting all the battery information.

In i3blocks, the command was cat /sys/class/power_supply/BAT0/capacity. Naturally, I cd into that directory to get a look at what is going on. I found the following files:

.
├── alarm
├── capacity
├── charge_full
├── charge_full_design
├── charge_now
├── current_avg
├── current_now
├── cycle_count
├── device -> ../../../ACPI0002:00
├── manufacturer
├── model_name
├── power/
├── present
├── status
├── subsystem -> ../../../../../../../../../../class/power_supply
├── technology
├── temp
├── type
├── uevent
├── voltage_min_design
└── voltage_now

The four files I was interested in are:

capacity
charge_full
charge_full_design
charge_now

When you divide charge_now by charge_full_design you get capacity, and when you divide charge_now by charge_full you get what macOS displays as the current battery level.

So I changed the command in my i3blocks config to run the following script:

#!/bin/bash

charge_current="$(cat /sys/class/power_supply/BAT0/charge_now)"
charge_full="$(cat /sys/class/power_supply/BAT0/charge_full)"
current=$(echo "scale=2;$charge_current/$charge_full" | bc | cut -c 2-)

echo "$current%"

I will admit it is a little bit slow, and I later read the i3blocks documentation and found their suggested battery module code:

#!/bin/bash

BAT=$(acpi -b | grep -E -o '[0-9][0-9]?%')

# Full and short texts
echo "Battery: $BAT"
echo "BAT: $BAT"

# Set urgent flag below 5% or use orange below 20%
[ ${BAT%?} -le 5 ] && exit 33
[ ${BAT%?} -le 20 ] && echo "#FF8000"

exit 0

Which works just as well, but with no completion time difference, and one more dependency. This would have saved me a little bit of time, but I am happy with my fix for now.

Why is this the case?

Different versions of batteries have different strengths and weaknesses, in the case of rechargeable lithium-ion batteries, like those found in laptops, they are only designed for a certain amount of cycles before they are used up. With each charge, you lose effectiveness, the max charge from the factory does not match the actual max charge. This causes linux to provide an incorrect battery reading as the battery degrades.

This is helpful when you want to know the current life state of your battery,
but not helpful if you want to know how much time you have before you need to
recharge.

Summary

There are lots of ways to check the battery status in linux, you just need to
find the one that suits your needs.