Disabling zprezto’s git prompt for large repositories

At work we have a very large and highly active repository which contains the majority of our company’s code. Despite regular pruning and garbage collection, this repo can get rather slow, and the asynchronous git commands run by zprezto often get in the way of actual work, like commits, by holding locks at inopportune times.

Thus, selectively disabling the git prompt for some repositories makes a lot of sense, as the cost outweighs the benefit if it’s constantly getting in the way.

I couldn’t find direct instructions for doing this online, but fortunately the code is easy to parse; there’s a check for a git config option here.

As git configuration can be on a per-repository basis, all you need to do is run the following command from your giant repo to disable the git prompt:

git config --bool prompt.showinfo false

And you’ll still see the git status information on other repositories without this config option.

Note, this will obviously work only for themes that use the built-in git module, but that should be most of them.

Nationwide pays you to downgrade

This surprised me, but it’s there in black and white on the website.

FlexPlus is Nationwide’s premium paid-for current account. For a fee of £10, which increased to £13 in 2017, you got mobile phone insurance, travel insurance, no-fee ATM withdrawals overseas, and 3% interest on balances up to £2,500. It’s been MoneySavingExpert’s recommended premium account for years now, and until recently was a great deal. Possibly a bit too good to be true.

Continue reading

Backups – au revoir Urbackup, bon jour syncthing!

A while ago I wrote a post about my backup solution and replacing Crashplan – a once great product I was a happy user of. It served pretty much all my backup needs in one product, but alas it was too good to last.

Eventually I settled on Duplicati on my home server backing up to Backblaze, and Urbackup to back up my various devices to the NAS. But since then a few things have changed:

  • The upgrade to Ubuntu 18.04 broke the Urbackup installation on my server. I never really got around to fixing it, so my device backups have been manual. Fortunately the server hosts the important stuff, and I don’t keep much on my devices that aren’t saved elsewhere, but it’s still not ideal.
  • If a broken server wasn’t enough, Urbackup discontinued support for MacOS earlier this year, which made the product useless to me.
  • Perhaps somewhat mitigating this for Mac clients, the Samba project released version 4.8.0, which includes support for MacOS time machine (see “Time Machine Support with vfs_fruit”).
  • Dropbox have started being dicks.

… Dropbox?

Er, yeah. Despite writing “I think that you should never use Dropbox for anything remotely private or sensitive”, words that I stand by today, I have not only been using Dropbox… but for private and sensitive things.

Continue reading

The Paradox of Tolerance

Today I read an article on Arstechnica (Right-wingers say Twitter’s “bias” against them should be illegal), and, as hot-button political topics such as this so often do, it spawned an interesting comment thread. Ars is a thoughtful, rational, and evidence-based site, so it should come as no surprise that the majority of commenters are of the same persuasion. So much so that the comment threads are occasionally more interesting than the original article.

The argument you often hear from the far right, is that refusing to publish or listen to their hate-speech amounts to censorship. By “censoring” their speech, the supposedly “tolerant” society is behaving like the Third Reich. Godwin’s law aside, this latest attempt by Trump and Co. to stop Twitter and other social media companies “silencing conservative voices”, runs along similar lines; they are arguing that bias in suppressing “conservative voices” should be illegal, in the name of free speech.

Continue reading

Lightroom – subscribe or not?

For some time now I’ve been a happy user of Adobe Lightroom. I brought it back when Lightroom 4 was released, skipped version 5, then paid to upgrade to 6.

Since then, Adobe has discontinued the perpetually licensed version. The only way to legally obtain Lightroom is by paying £120-240 per-year for one of their Creative Cloud subscriptions.

Unfortunately the new subscription model is a rather poor fit for my needs.

I want to state upfront that I don’t object to subscription-based pricing models for software in general. It makes a lot of sense from a development point of view, as maintenance and support costs don’t go away once the product is shipped. But in my opinion Adobe has reached too far, and is trying to steer customers towards cloud solutions for reasons that don’t really align with their best interests.

Continue reading

Domain Expert vs Generalist

When should you use a blunt generalist tool, and when should you use a sharper domain-specific tool?

I posted a question on Serverfault recently, and received a relevant answer that wasn’t quite what I was looking for:

Systemd – How do I automatically reload a unit, when another oneshot service is fired by timer?

My reply to the answer thanked him for it, but mentioned that I think systemd is the right place to do this “sort of thing”. In reply to my reply, he told me that systemd is “absolutely the wrong place” to do this sort of thing, which is pretty strong language!

I think we’re approaching this from different perspectives here, so let’s break the problem down in general terms.

Continue reading

The 80/20 Rule Applied to Personal Finance

It’s hard to watch The Big Short, and not come away thinking that the odds are stacked against you as a would-be individual investor. It’s a great film that makes some very valid points, but leaves you thinking.

Surely if there are all these hedge funds that mismanage their clients’ money, and getting a seat at the big-boy’s table requires vast amounts of capital, there’s a gap in the market for cooperatively run mutual funds that actually act in their clients’ interests?

It turns out that there are already companies in this space, but the chances are you wouldn’t hear about them from a financial advisor.

Continue reading

Improving your privacy with a custom email domain

This blog post is a follow-up to It’s Time to Ditch Gmail. It began as a review of Fastmail, and my experience of moving to it from Gmail, but I quickly found myself going on a tangent. Since privacy was the main driver in my decision to move to Fastmail, and using a custom domain is one of the ways that I protect my privacy, I figured it was important enough to warrant its own post.

One of the factors that made it easier to move away from Gmail is my use of a custom domain for most of my mail. Before moving to Fastmail, this domain was tied to a GSuite account which forwarded everything to my standard Gmail account. This made switching in anger much easier, as I had fewer accounts to log in to and update my email address, and those that were still pointing directly at Gmail tended to be older low-value accounts that I no longer use anyway.

In this article though, I want to take a detour to explain why I use a custom domain, and how it can aid your privacy. Continue reading

It’s Time to Ditch Gmail

I haven’t written much about privacy on this blog, despite often behaving, by some people’s standards, like a paranoid schizophrenic where my data is concerned. Until fairly recently I used to run a rooted phone with XPrivacy installed, which is about as private as you can get without ditching smartphones altogether. These days I’ve gone back to a stock un-rooted phone, partly because Android permissions have improved (although you do have to be careful with apps targeting older APIs), and partly because rooting is more risk and burden to me as a user. Also, some apps actively attempt to block rooted devices for quite legitimate (if, I would argue, misguided) reasons.

Anyway, I could go on for hours about Android privacy, but the subject of this post is Gmail. We all know that Google mines your personal data for targeted advertising purposes. But when giving data to companies, there’s a balance between functionality that is useful to you, and commercialising your data for purposes that, often, are not in your best interest.

While Gmail was once an innovative service, I’d argue that the scales have long been tipped in favour of commercialisation, and that today the data cost of Gmail outweighs its value as a service. Continue reading

Provisioning Vault with Code

A couple of years ago, Hashicorp published a blog post “Codifying Vault Policies and Configuration“. We used a heavily modified version of their scripts to get us going with Vault.

However there are a few problems with the approach, some of which are noted in the original post.

The main one is that if we remove a policy from the configuration, applying it again will not remove the objects from Vault. Essentially it is additive only, and while it will modify existing objects and create new ones, removing objects that are no longer declared is arguably just as important.

Another problem is that shell scripts inevitably have dependencies, which you may not want to install on your shell servers. Curl, in particular, is extremely useful for hackers, and we don’t want to have it available in production (in our environment, access to the vault API from outside the network is not allowed).

Finally, shell scripts aren’t easy to test, and don’t scale particularly well as complexity grows. You can do some amazing things in bash, but once it gets beyond a few hundred lines it’s time to break out into a proper language.

So that’s what I did.

The result is a tool called vaultsmith, and it’s designed to do one thing – take a directory of json files and apply them to your vault server.

Continue reading