First write operation to large ext4 file system is slow

I'm running a large (>20TB) ext4 file system and noticed that the first substantial write operation after mounting is very slow and involves plenty of drive activity. The reason seems to be some memory structure initialisation as described here: https://linux-ext4.vger.kernel.narkive.com/SUFNE520/ext4-slow-performance-on-first-write-after-mount The workaround is thankfully as simple as running this command in a script after mounting … Continue reading First write operation to large ext4 file system is slow

Resetting a PCI device

The Wi-Fi adapter on my VivoBook 17 has been acting up under Ubuntu 18.04 LTS insofar that at a random point in time, possibly accelerated by power saving features, the Wi-Fi will stop working with suspicious syslog entries: ath10k_pci 0000:03:00.0: failed to wake target for read32 at 0x0003a028: -110 The usual tricks (suspend/resume, reload driver, … Continue reading Resetting a PCI device

parchive: protecting backups against data corruption

As time goes by, my [place appropriate interval] backups may not grow much, but the size of my entire data archive exceeds the largest available hard disks (don't ask). Taking into account correctness guarantees by hard disk manufacturers, transmission errors over the network and who knows what else, I don't feel confident that I'll flip … Continue reading parchive: protecting backups against data corruption

Ansible local_action privilege de-escalation or: how to wait for a reboot

I increasingly use Ansible not only for glorious tasks like setting up my various VMs I use for prototyping but also for mundane things like resetting my personal laptop every time I get a new one or break it (dedicated readers of this blog will know me to do that a lot [2],[3],[4]). Most of … Continue reading Ansible local_action privilege de-escalation or: how to wait for a reboot

Securing a development server

In this post I talk about setting up and securely operating development tools like Jenkins and Gitlab on a server connected to the internet. All applications run behind a firewall and a reverse HTTP proxy which allows only HTTP requests from selected users through who authenticate themselves with client certificates. Putting web-facing software on the … Continue reading Securing a development server