The Firefox multi-account container add-on is very useful for creating isolated containers for various sites and groups of sites. I use it every day and love it. The add-on provides a simple way to map certain domains to always open in specific containers. This is useful, but it doesn’t work well when sites use the same domain for multiple web applications that you want to isolate. Google, for example, does this and hosts Google search and Google maps on the same domain, and the add-on will open both of them in the same container, without a way to separate them.
Here’s where the Containerise add-on comes handy. It supports mapping URLs to specific containers using glob and regex patterns. Using this, I can add the following glob pattern for my Google container in the ‘Containerise’ add-on to isolate all Google searches to the Google container.
!https://www.google.com/search*
This is useful to prevent my Google searches from being directly linked to my Google account logged in another container or outside the containers.
I have been using the Netspeed widget on my KDE Plasma installations for a long time to display the network download and upload speed in the Plasma panel. When I upgraded to Kubuntu 22.04 a few months ago, I found that it stopped working. After doing some research, I found that the KSysGuard package that the widget depends on has been removed from the Debian and Ubuntu repositories as it is unmaintained (Debian bug).
Thanks to a useful suggestion on Reddit, I was able to recreate the functionality of this widget using the System Monitor Sensor widget. Here is what I did to achieve it.
Add the System Monitor Sensor widget to the panel.
Right-click the widget and click on the Configure System Monitor Sensor option in the menu
In the Appearance tab, load the Network speed preset, set the Display style to Text Only and set the Minimum Time Between Updates to 1 second. Apply the changes before proceeding to the next step.
Open the Sensors Details tab and in the Text Only Sensors field, search for the Download Rate sensor. I chose the Download Rate (B/s) version. There is also a Download Rate (b/s) sensor, if you prefer that.
Click on the small pencil icon edit button just after the name of the widget, Download Rate, to edit it. Specify the down arrow symbol, ↓, as the name. Apply the changes.
Now you have a widget that shows the current download speed on the panel, updated once every second.
Add another System Monitor Sensor widget to the panel and configure it to display the Upload Rate by following the steps above, tweaked for displaying the upload rate.
The result of doing these steps should look like what is shown in the screenshot below.
With this, I have a good replacement for the NetSpeed Widget on my Kubuntu install.
I am a big fan of Willi Mutschler‘s btrfs-luks full disk encryption installation guides on his site, https://mutschler.dev, and have used them for installing Manjaro and Ubuntu 20.04 and newer versions. Recently, I set up Kubuntu 22.04 full disk encryption by following the same guide and noticed a couple of changes that had to be done to get it working. So I am documenting those here till he writes a new guide for Ubuntu 22.04. 🙂
In the step 3 of his excellent guide, the optimized mount options for SSD and NVMe drives are listed. The space_cache option mentioned in that section no longer works on Ubuntu 22.04 because the option has been renamed in the newer versions of the Linux kernel. So one has to specify the option as space_cache=v2. Otherwise, the Ubiquity installer will crash, and the installation will fail.
Also, in the Install the EFI bootloader section, it is a good idea to use the HWE Linux kernel package names corresponding to 22.04 instead of 20.04 since the packages containing the old LTS version in their name are ‘dummy transitional packages’. So the corresponding command can to be updated to
At the time of writing this post, the HWE package installs the same kernel version as the one that shipped with Ubuntu 22.04 since there isn’t a newer kernel released yet – these are usually backported from newer LTS versions.
With these minor changes, it should be possible to follow the steps in that documentation to set up full disk encryption with btrfs and luks on Ubuntu 22.04.
As a bonus, I have used the same guide for installing Kubuntu 20.04, 21.10 and 22.04, with appropriate substitutions, wherever needed.
I have usually skipped the last section in this guide, Install Timeshift, timeshift-autosnap-apt and grub-btrfs, in favour of using my tools of choice to do the same – Snapper and snapper-gui, both of which are available in the official Ubuntu repositories. I will write a blog post about it in the future. 🤞
This blog now integrates with the Fediverse using the ActivityPub protocol. This means that you can follow this blog by searching for lguruprasad@www.lguruprasad.in and following that account from any of the supported platforms mentioned here! 🎉
Matrix is a modern, decentralized, federated real-time communication protocol and open standard. It has a thriving ecosystem of servers, clients, and applications. Synapse is the reference server and Element is the reference client for the web, desktop and mobile platforms.
This is something that I have been interested in using and self-hosting for a few years now. I have had an account on the main matrix.org instance for a while now and wanted to switch to a self-hosted instance.
Since I have been using docker, docker-compose, and Ansible to deploy and run a wide range of self-hosted applications for my personal use, the spantaleev/matrix-docker-ansible-deploy was my choice for setting up my instance. I chose to use Synapse over Dendrite, the second-generation server because though it is lightweight, it is not feature-complete. All the other third-party implementations have a lot of catching up to do as well, at the time of writing this post.
I learned a bit of Terraform in my previous job, but never had a chance to learn it properly or build something from scratch using it. So armed with my little knowledge of Terraform, I created a small Terraform project to automate setting up a new Matrix instance. It provisions the DNS records needed for Matrix on Namecheap — my domain registrar and DNS host, provisions an appropriately sized Hetzner cloud instance with a floating IP address, and runs the deployment playbook in the matrix-docker-ansible-deploy repository with the provided Ansible variables file. I used the hcloud and the namecheap Terraform providers to do this.
With this, I was able to provision and set up my Matrix instance in under 10 minutes by just running
$ terraform plan -out=matrix-plan
$ terraform apply "matrix-plan"
I have released the source code for this project here on GitLab under the GNU Affero General Public License v3.0 (AGPLv3) or later. Since this project contains the matrix-docker-ansible-deploy repository as a git submodule, running git submodule update --init should automatically pull in a known good commit of that repository to use for the deployment. The README file has the instructions for using the project to set Matrix instances from scratch.
I hope it is useful for those who are looking to set up a new Matrix instance.
I have a dual-display setup for my desktop and I usually set up custom keyboard shortcuts in KDE Plasma to allow moving windows between the displays easily. However, the KWin shortcuts section of the Plasma System Settings app has multiple shortcuts named in a confusingly similar way.
So I am writing this post to just document what I did to get my custom Ctrl +Alt + <left/right> arrow shortcut working.
Set up custom shortcuts for the Window to Previous Screen and the Window to Next Screen entries to get this working. As mentioned above, I use Ctrl + Alt + <left arrow> for the former and Ctrl + Alt + <right arrow> for the latter.
Screenshot showing the shortcut entries to change.
I have a WireGuard server running on a Raspberry Pi 4B at my home, exposed to the internet via a static IP address and port forwarding. I set it up using the Linuxserver.io WireGuard docker container, which is straightforward to use and manage.
As I am in a different city now, I had been postponing the updates to the docker container since it is risky to do so remotely. Any issue in the upgrade process could lock me out of my home network till I am physically present in my home.
As I hate deferring updates, I decided to apply the update remotely. To prepare for that, I logged into the Raspberry Pi via the WireGuard VPN and set up a remote forwarding SSH tunnel on a server of mine hosted in the cloud, using a command like,
This command forwards the 2222 port on the remote server to 127.0.0.1:22 on the Raspberry Pi, thereby allowing access to it from the remote server. The -N flag prevents the execution of any remote command (like say, starting the user’s shell) and is useful for just forwarding ports.
Then I logged in directly to that server and logged in to the Raspberry Pi using the forwarded port on that server. Now I could destroy and re-create the WireGuard container without the fear of being locked out since I was connected to the device using SSH and not the WireGuard VPN itself. So, I ran the following command.
The UserKnownHostsfile=/dev/null option prevents the saving of the remote host’s SSH key in the ~/.ssh/known_hosts file, the StrictHostKeyChecking=no option prevents the checking of the remote host key, and the CheckHostIP=no option prevents the checking of the remote host’s IP address. These options disable a lot of important security measures that SSH provides by default ⚠️. But since we are connecting to a known host through a forwarded host, and don’t want to save any local data about it, these options are fine to use.
This command my remote SSH session, and I was worried that I had missed something important and was locked out. So, I disconnected the SSH session using the escape sequence (<enter>~.) and reconnected to my cloud server and then to the Raspberry Pi. It worked and I heaved a sigh of relief and was glad to have pulled this off without any issues. I verified that updated WireGuard container was running without any issues and that I was able to connect to the VPN. 😌
Update (April 2021): I switched back to Tiny Tiny RSS after fixing the abandoned LinuxServer.io Tiny Tiny RSS docker codebase to work with the latest Tiny Tiny RSS changes in my fork.
I have been using feed readers to consume RSS feeds for more than a decade now, starting with Liferea and then moving on to the web-based Google Reader (RIP) and NewsBlur. I used the free tier of NewsBlur for a long time and even contributed some bug fixes to it. The Android app was available on F-Droid and worked pretty well. However, as a self-hosting enthusiast, I wanted to self-host NewsBlur, and it was very difficult to do so. So I started searching for alternatives again.
I found Tiny Tiny RSS and fell in love with it as it was full of useful features and very easy to self-host. The project’s author can often be a very difficult person to deal with and is very opinionated. Fortunately, I had to ask for support on the official forums just a few times in the many years that I used Tiny Tiny RSS.
The TTRSS-Reader app on F-Droid proved to be a very good companion Android app, followed by a fork of the official version. When I moved all my self-hosted applications to a docker-compose based setup a couple of years ago, the LinuxServer.io tt-rss container image was very easy to set up and migrate to. Then the project stopped maintaining the container because the upstream author didn’t like them packaging his software and asked them to stop doing so. 🙁
The source for the container image was available on GitHub and I continued to use it to build and update the tt-rss container that I self-hosted. However, a month or so ago, there were some breaking changes to the configuration method used by Tiny Tiny RSS and my builds stopped working. Then I started checking if I could use the officially supported docker-based installation method documented here. However, that installation method required Tiny Tiny RSS to be run as a sub-folder under a top-level domain and not as a sub-domain like I wanted.
So I attempted to build my own Tiny Tiny RSS container and while doing so, realized that it is not worth doing so. I decided against spending any more time trying to get Tiny Tiny RSS to work as it was clearly not intended to be used in the way that I wanted to (according to the author). I started looking for alternatives again and liked FreshRSS. To be honest, it didn’t feel as polished and mature as Tiny Tiny RSS or NewsBlur, but was close enough.
I used the LinuxServer.io FreshRSS container to set up my instance and migrated all my feeds from Tiny Tiny RSS to it. As the web interface felt a bit clunky to me, I started using it via the client apps – NewsFlash on my desktop and Readrops from F-Droid on my phone and the experience has been okay.
Before I chose FreshRSS, I checked and investigated the current status of NewsBlur and if the self-hosting scenario had improved. The project has a docker-based deployment method now in the dashboard3 branch, but it looks like it might take a while for it to have first-class support. And the project has and uses a lot of bells and whistles which are not needed for a small instance or a single-user setup. I briefly considered subscribing to the premium plan on the official NewsBlur site, but didn’t do so out of subscription fatigue and also because I already pay for infrastructure which can be used for self-hosting many services.
Today is my wife’s birthday and after hearing that her nephew had made her a greeting card, my 32-months-old daughter decided that she had to do something to top that.
So she took her scribbling notepad, took all her crayons and scribbled all the colors she had one by one singing “Happy birthday to you amma!” for each color and gifted the result as her greeting card immediately after.
I use KDE Plasma on my Arch desktop and I’ve had some issues with getting my dual-monitor, mixed DPI setup to work properly as mentioned in my previous post.
I nuked and paved my existing installation a few weeks ago and set up Arch afresh on the same computer on a new SSD. On the previous install, I had set up the root filesystem on a hard drive with LVM and the system startup was very slow – ~45 seconds to reach SDDM, an additional ~30 seconds to drop to a usable desktop, and then ~5 seconds to run my xrandr script.
The boot time and the time taken to reach a usable desktop was significantly lesser with the SSD – ~8 seconds to start SDDM, ~5 seconds to the desktop, ~3 seconds to run the xrandr script. So I was happy.
As exciting as that was, I still had many rough edges and paper cuts, most of them persisting across multiple re-installations. Thanks to the posts by various posts by fellow Plasma users, I was able to solve them 🙂
SDDM
Monitor layout
When SDDM started, it always did with my monitor layout and DPI configured wrong. My secondary 1080p monitor is placed to the left of my primary 4K monitor and SDDM always placed the former to the right of the latter.
Thanks to this useful post, I was able to create a custom Xsetup script by adding the xrandr command from my previous post and configuring SDDM to run it when starting the display server.
I don’t like the default theme used by SDDM, maui. Since Arch is a DIY distro, it doesn’t automatically set up the default Plasma theme, breeze, like many other distros do when Plasma is installed.
Previously, I was using the Chili login theme to make the SDDM greeter look nice. I was unsure why and how, the Manjaro installation on my laptop, had a nice Plasma theme for SDDM. But I didn’t spend any time investigating at all till now.
I checked the Arch wiki page on SDDM theming to check if there are nice themes listed there that I could use and found that it is possible to configure the SDDM theme using the Plasma System Settings application after installing the sddm-kcm package. I found the default Breeze theme which I liked very much and set it as the theme. But that didn’t work. So I went ahead and configured it manually in sddm.conf and voilà, it worked! 😀
I was pleasantly surprised to see that Plasma automatically scaled my 4K monitor without having to configure scaling manually via the Display settings application. Everything in the secondary monitor looked large as expected and I had to run my xrandr command from the previous post, with some changes to restart Plasma shell for making the wallpaper fit the scaled display, manually every time due to something in the Plasma startup process resetting the screen configuration irrespective of when my xrandr auto-start script ran.
Thanks to this post on Reddit by a fellow Plasma user, I found that the kscreen2 service was the culprit and disabling it ensured that the display configuration set up by the SDDM Xsetup script persisted and as a result, I didn’t have to manually run my xrandr script 😀 😌
There could be some side-effects caused by disabling the kscreen2 service, but I haven’t run into any till now 🙂
Emoji picker
The built-in emoji picker, introduced in Plasma 5.18, is very convenient and something that Plasma was sorely missing before. However, in spite of installing an appropriate emoji font, the emoji picker had a lot of missing emoji with blank squares and the color/gender variants of some emoji looked broken with those showing up as two separate symbols (one for the emoji and the other for the color/gender variant) overlapping each other.
Thanks to this Reddit post, I was able to solve the issue by creating a custom fontconfig configuration file, ~/.config/fontconfig/fonts.conf, with the configuration below and by forcefully rebuilding the font info cache files by running fc-cache -f.