Ubuntu VMs with libvirt and KVM

Read here. 13.03.2020

Matrix Synapse with Apache Reverse Proxy

After about an hour of jiggling today, I got Apache to work correctly with Matrix Synapse. I was trying to set up the synapse server with Apache as a reverse proxy. Apache already has my LetsEncrypt! certificates, so I thought this would be easy.

The setup would be as seen on the right.


However, Matrix Synapse provides it's API at localhost:8008/_matrix/. However, there's no redirect on /localhost:8008/_matrix/, only on localhost:8008. The instructions only mention setting up a proxy from /_matrix to localhost:8008/_matrix. This will not work, as any access to /_matrix is redirected to localhost:8008/_matrix, which does not exist. I've solved this by adding two rewrite rules, one redirecting from to, and another one proxying from to localhost:8008. The full config, including rewrite rules, looks like this:

RewriteEngine on
RewriteRule "^/_matrix$" "/_matrix/" [R,NE,L]
RewriteRule "^/_matrix/$" "" [P,NE]

ProxyPass /_matrix/ nocanon
ProxyPassReverse /_matrix/

For Google, a few more keywords: I was using Apache mod_rewrite for reverse proxying Matrix Synapse. The error was sometimes "No resource found", or "AH01136: Unescaped URL path matched ProxyPass".

26.06.2019 11:01

Setting up a wireguard VPN with NixOS

Lookee here.

02.01.2019 17:59

Automatic switching between wireless and wired network in Gentoo with ifplugd

It's actually quite simple: All you need to do is to add a clause to /etc/ifplugd/ifplugd.action to turn the wireless interface on and off, like so:


if grep -q initng /proc/1/cmdline

case "$2" in
        if [ "${INITNG}" = "yes" ]
            ARGS="-u net/$1"
            ARGS="--quiet start"
        if [ "${INITNG}" = "yes" ]
            ARGS="-d net/$1"
            ARGS="--quiet stop"
        echo "$0: wrong arguments" >&2
        echo "Call with <interface> <up|down>" >&2
        exit 1

case "$2" in
        "/etc/init.d/net.${WIRELESS}" --quiet stop
        "/etc/init.d/net.${WIRELESS}" --quiet start
        echo "$0: Wrong arguments."
        exit 1

export IN_BACKGROUND=true

if [ -x "${EXEC}" ]
    ${EXEC} ${ARGS}
    exit 0
    logger -t ifplugd.action "Error: Couldn't configure $1, no ${EXEC} !"                                                                   
    exit 1

Care must be taken to insert the stanza before the definition of IN_BACKGROUND, because the IN_BACKGROUND variable causes the wireless interface to not be stopped correctly. Also make sure that ifplugd is only running on the wired interfaces, or you'll get an endless loop. The Gentoo networking scripts should take care of this automatically though.


Makefile for converting SVG to PNG

A quick one: I prefer Inkscape for my diagramming needs, and saving to SVG. However, almost no application can natively read SVG (except browsers). For Latex, the solution is to automatically convert the SVG files to PDF and PNG via Makefile.

Another way would be integration into latexmk via custom rules, which I've also done. However, I can't currently find the configuration I've used. If it turns up, I'll update that rule here.

The following makefile can be used to convert images to a latex- (or Word- shudder) acceptable format.

IMAGES := $(wildcard *.svg)
PNGIMAGES := $(IMAGES:.svg=.png)
PDFIMAGES := $(IMAGES:.svg=.pdf)


%.pdf: %.svg
        inkscape -A $@ -d $(INKSCAPE_DPI) $<

%.png: %.svg
        inkscape -e $@ -d $(INKSCAPE_DPI) $<

        rm -f *.png *.pdf

.PHONY: clean images


Emacs LaTeX tweaks for AUCTeX

See here.


We have RSS!

I've finally gotten around to generate an RSS feed for my site. The generation program will probably need some adjustment, but theoretically, everything should work just fine.


Pick Threads in Emacs Wanderlust IMAP client

Wanderlust is a pretty good Emacs IMAP client that I've been using for my E-Mail for some years. It allows powerful searches, and integration of external search engines.

One functionality that I was missing was "extending" a search to encompass the whole thread. This way, I could search for "From:", and refile all messages from a conversation, which would otherwise require a much bigger search expression. The code I used to do implement this is here:

(defun wl-summary-pick-threads (&optional from-list delete-marks)
  (interactive "i\nP")
  (wl-summary-pick from-list delete-marks)
    (goto-char (point-min))
    (lexical-let ((saved-target-mark-list wl-summary-buffer-target-mark-list))
       for number in saved-target-mark-list
       (wl-summary-jump-to-msg number)

UPDATE: Something similar is now in Wanderlust upstream. Run your search, then press m T to mark all threads containing a mark. Cool.

Conditionally include LaTeX content based on jobname

I've recently rewritten my CV with LaTeX, using the moderncv class. However, I need several similar versions of the same CV: One for print, and one for electronic publication, and one "small" one without the photo. I could copy and edit a latex file for each, but keeping them in sync would be a horrible nightmare. Instead, I've done it using LaTeX and the latexmk -jobname parameter.

Here's how to do it in LaTeX:

% Any other configuration

  % Include picture
  % Otherwise, empty picture
% ...


You can then generate the correct file by simply running latexmk -jobname cv-electronic or latexmk -jobname cv-print, and generate a customized CV.

Addendum: Note the star in the IfSubStr command. Because of a funky TeX concept called catcodes, IfSubStr without a star would not correctly compare jobname and your string, since they have different catcodes. The star calls a command that does comparison without comparing the catcode.

Moving Windows installation to SSD

New guide on moving a Windows installation to an SSD, without having to reinstall all of your programs. Beware: Potential for data loss, what worked for me might not work for you!

Read here.

Accessing Frink from conkeror

The following function allows you to access the nifty unit-based programming language Frink via an interactive command. Simply do "M-x frink" and enter the frink expression you want to evaluate.

I haven't yet implemented toVal yet, but it's not necessary anyway, just put a -> between your source and the expression you want to convert to. For more, read the Frink docs, they're actually quite useful (and also hilarious).

interactive("frink", "Evaluate statement with frink server pages",
            function(I) {
                var d = I.window.buffers.current.document;
                if (!d.body)
                    throw('Please wait until the page has loaded.');
                        + encodeURIComponent((yield(
                            $prompt = "Please enter frink expression")))))

PGP keys

So I've finally updated my PGP keys – revoked a very old key for my GMail address and generated a new one for my thenybble address. Disregard the old thenybble key that's still on the keyservers, it's expired anyway, and I didn't keep a revocation certificate for it.

The new key is for, the fingerprint is «1C9C DBB9 8C63 83DB 9872 EA78 FDF8 34A5 4810 255C», and the key ID is 4810255C. Note that you shouldn't trust this information yet, until my SSL certificate is updated with correct owner information, I'll fix that soon.

Then, you'll be able to get in touch with me in a safe manner.

Hearts of Iron 3 Collection + Their Finest Hour under Wine 1.7

So I've tried installing the GamersGate version of HOI3 under wine, and after trying several conflicting guides, I've found my own working setup. However, I think that music isn't working yet in the new setup. Quickly, it works like that:

  • Install the HOI3 Collection. Cancel all extra installations except the Visual C++ runtime (For gentoo users: Your wine should have the xml use flag enabled, or the install won't run properly).
  • Use either winetricks or PlayOnLinux to install the following extra components: devenum, directmusic, quartz, dotnet20, directx9.
  • Set the following settings (The example is for winetricks): winetricks orm=fbo videomemorysize=2048. In PlayOnLinux, simply select the correct options in the Appearances tab of the configuration dialog.

Conkeror, Firefox, Gentoo and "Could not read configuration file"

If you use conkeror and Gentoo, and get an error saying "Could not read configuration file, please contact your administrator" or similar, I found the solution.

The problem is that Gentoo locks some preferences (automatic updating and such) in a startup file called local-settings.js. This, in turn, makes firefox read a file called gentoo-all.js. This is not a problem when running plain firefox.

However, when using the -app switch, something breaks, and firefox looks for the gentoo-all.js file in the conkeror installation directory instead of /opt/firefox. So the solution is to copy the gentoo-all.js file to your conkeror installation directory.

This cost me a pretty afternoon, so I hope I could help anyone with this.

Setting up an IPv4-in-IPv6 tunnel in Debian

Yes, it's a new entry! This time, it's on IP tunnelling and how to set it up. See it here!

Dotless I on Nokia e71

Quick tip: If your Symbian phone has suddenly started to type an "ı" (a dotless i) instead of a regular one, press the "function" key (bottom left) and space, and select the correct input language (not turkish). Took me several days and a lot of work to find that out.

Git repositories missing

Due to a little post-privacy fuckup by yours truly (ehem), I have taken the repositories offline temporarily. Hopefully, they'll be back soon.

Update: Aaand they're back. Thank god for git –filter-branch.

My emacs configuration

Since my emacs configuration file is no longer a big blob of text (took me all day to untangle it), you can now git-clone it from, or look at it here.

Instructions: Check it out, then run git submodule init && git submodule update in the .emacs.d folder. Then, if you want to use wanderlust, install SEMI and FLIM. If you want AuCTeX, install it (all from the distribution packages). If you want to disable certain packages, simply edit the site-local.conf config file and add (setq <package-name>-disabled t) to inhibit loading of <package-name>. Otherwise, on Windows you're in for some pain, and there is a computer name pasted over several files (need to remove that).

A short list of things I've bought and still enjoy

Might get bigger when I buy new stuff. Consider this a wholehearted endorsement by me. Go here for the list.

Perl coding guidelines for large projects

At work, I am currently working on a large(-ish) Perl project which needs to meet highest reliability standards. While coding, I have noticed some patterns which make finding and avoiding errors so much easier. So, here's my list (which will probably grow):

  • Always print out '$@' when you catch a die.
  • use strict and use warnings, but you already know that. Best if you have your editor automatically insert that snippet for you.
  • Use perl object orientation. It makes dealing with many interrelating components way easier. If you don't know how to write obeject oriented programs in perl, read perltoot.
  • Write tests. Even the simplest tests give me a warm fuzzy feeling inside when they pass. Test::Simple and Test::More are your friends here.
  • Use a makefile. Stuff targets in there to execute all tests, syntax check your perl and distribute the program.

More stuff when I get to it.

Localized Emacs. Today: parse-time

To enable me to use german day and month names in org-mode, I had a line like this in my init file:

(mapc (lambda (x) (add-to-list 'parse-time-weekdays x))
      '(("so" . 0)
        ("mo" . 1)
        ("di" . 2)
        ("mi" . 3)
        ("do" . 4)
        ("fr" . 5)
        ("sa" . 6)))

(setq seeger-german-month-names
      '(("jan" . 1)
        ("feb" . 2)
        ("mär" . 3)
        ("apr" . 4)
        ("mai" . 5)
        ("jun" . 6)
        ("jul" . 7)
        ("aug" . 8)
        ("sep" . 9)
        ("okt" . 10)
        ("nov" . 11)
        ("dez" . 12)))

(mapc (lambda (x) (add-to-list 'parse-time-months x))

(mapc (lambda (x) (add-to-list 'timezone-months-assoc (cons (upcase (car x)) (cdr x))))

Unfortunately, this completely breaks most elisp using parse-time. So, instead, now I use

(mapc (lambda (x) (add-to-list 'parse-time-months x))
      '(("jan" . 1)
        ("feb" . 2)
        ("mär" . 3)
        ("apr" . 4)
        ("mai" . 5)
        ("jun" . 6)
        ("jul" . 7)
        ("aug" . 8)
        ("sep" . 9)
        ("okt" . 10)
        ("nov" . 11)
        ("dez" . 12)))

(mapc (lambda (x) (add-to-list 'parse-time-weekdays x))
      '(("so" . 0)
        ("mo" . 1)
        ("di" . 2)
        ("mi" . 3)
        ("do" . 4)
        ("fr" . 5)
        ("sa" . 6)))

which works correctly with twittering-mode, at least (and perhaps gnus).

UPDATE: Yep, the above breaks gnus. The problem is that message-make-date, which actually shouldn't be localized, uses parse-time-weekdays and parse-time-months, which are localized. So, some more work is needed, along the lines of this:

(require 'parse-time)
(require 'message)

;; Do this before setting the variables  correctly.
(setq parse-time-months-unlocalized parse-time-months)
(setq parse-time-weekdays-unlocalized parse-time-weekdays)

(defun message-make-date-localized (&optional now)
  "Make a valid data header. Uses localized values from parse-time.el. If NOW, use that time instead."
  (let* ((now (or now (current-time)))
         (zone (nth 8 (decode-time now)))
         (sign "+"))
    (when (< zone 0)
      (setq sign "-")
      (setq zone (- zone)))
     ;; The day name of the %a spec is locale-specific.  Pfff.
     (format "%s, " (capitalize (car (rassoc (nth 6 (decode-time now))
     (format-time-string "%d" now)
     ;; The month name of the %b spec is locale-specific.  Pfff.
     (format " %s "
             (capitalize (car (rassoc (nth 4 (decode-time now))
     (format-time-string "%Y %H:%M:%S " now)
     ;; We do all of this because XEmacs doesn't have the %z spec.
     (format "%s%02d%02d" sign (/ zone 3600) (/ (% zone 3600) 60)))))

(defun message-make-date-unlocalized (&optional now)
  (let ((parse-time-weekdays parse-time-weekdays-unlocalized)
        (parse-time-months parse-time-months-unlocalized))
    (message-make-date now)))

(defalias 'message-make-date message-make-date-unlocalized)

This works with gnus as well.

Nokia + self-signed certificates

I have a Nokia E71 (great phone btw), and I had constant problems getting it to work with my IMAPS server. Today, I found the problem: You need to accept the root certificate for Then, the mail program won't ask about accepting the certificate anymore.

Simply download the certificate in DER format from here, mail it to yourself, open it on the phone and say yes to all ensuing dialogues.

For the record: The error reported (by dovecot) was

Apr 14 16:32:18 lvps87-230-95-74 dovecot: imap-login: SSL_accept() failed: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message []
Apr 14 16:56:13 lvps87-230-95-74 dovecot: imap-login: SSL_accept() failed: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown []

Author: Jan Seeger