October 19th, 2019
I finally got to fly on an A380 for the first time when I went home last month.
On the way out I got an economy seat upstairs at the front of the plane. More than a little bit excited.
Would have liked to spend a day or two in Dubai. Maybe next time…
October 19th, 2019
I went to Folkestone with my parents last Saturday. My dad was visiting a model railway exhibition of all things. I don’t think I’ve ever explored the town before. From the news you might expect it to be very run-down, but there a quite a few quaint parts to the old town, and lots of interesting things to look at in the harbour.
The old Folkestone Harbour train station which was recently renovated. Note the signs in French: you could get straight off the train and onto a boat to France.
Lighthouse at the end of Folkestone harbour. You can almost see the white cliffs of Dover in the distance.
Metropole and Grand hotels. There was an interesting info board about their rivalry in the 19th century.
October 13th, 2019
If you’re using an Android phone with LineageOS or similar close-to-stock ROM in mainland China you may have problems with NTP not syncing and every WiFi network being marked as “no internet access”.
By default Android tries to access
http://connectivitycheck.android.com/generate_204 to determine if a network has internet access. This is also used for captive portal detection. The
android.com domain is completely blocked by the Great Firewall.
The default NTP server is
2.android.pool.ntp.org. At lease some of the servers in this pool are either blocked or have poor connectivity from China.
You could work around this by using a VPN all the time. But it’s actually easy to change these settings, and you only need ADB access, not root.
First change the connectivity check URL to Google’s China holding page.
adb shell settings put global captive_portal_http_url 'https://www.google.cn/generate_204'
adb shell settings put global captive_portal_https_url 'https://www.google.cn/generate_204'
You can use another URL that generates a HTTP 204 response if you don’t want to rely on anything Google.
Next change the NTP server:
adb shell settings put global ntp_server pool.ntp.org
pool.ntp.org should give servers geographically close to you. Alternatively you might like to use
October 11th, 2019
When I was child I had a bit of a thing about building Lego submarines. I think it started after we went on a day out to the soviet submarine in Folkstone, sadly no longer open to the public. Anyway it seems I’ve still got the skillz.
At the front we have the sleeping area for the crew and some missiles. The next room is the on-board dentist because… reasons. Followed by the crew relaxation area and the nuclear reactor / engine room at the rear. Upstairs is the control room.
October 6th, 2019
I went for a short walk on the South Downs near Willingdon with my parents last week.
Going up the steep hill from the village
This isn’t far from where I grew up but I only got into walking long after I moved away from Hastings so I haven’t explored here at all. Hope I can come back one day and do a longer linear walk, to Brighton, say.
October 4th, 2019
Back in Hastings at the moment. The weather this week has been rather uninspiring but it did clear up a bit yesterday afternoon and I took some photos on the beach.
This ferris wheel is relatively new. Never seen it going…
The harbour arm
October 1st, 2019
I spent a little time recently updating my lunar lander game. Nothing much changed gameplay-wise but I cleaned up the code and build system, and rewrote all the graphics code away from the “legacy” OpenGL fixed-function pipeline. I also fixed a number of small issues and removed the artificial fixed 30fps frame rate.
I’ve made an experimental foray into Flatpak packaging so the game is also available on Flathub! This the most convenient way to install. Either find it in Gnome Software or use the command line:
flatpak install flathub uk.me.doof.Lander
If you want you can also get the source code on GitHub or directly.
September 22nd, 2019
I recently did a new Debian install on my laptop after upgrading the NVMe and this time round I set up LUKS disk encryption for my
/home partition. I want this to be as hassle-free as possible, which means having the partition automatically unlocked and mounted when I log in, rather than having to type a separate password on boot.
It’s not as straightforward as you might think, I guess because everyone’s setup and requirements are a little different. So I’ll write my notes here in case it’s useful to someone else. I’m doing this on Debian, but I cribbed a lot of it from the excellent Arch wiki.
When first setting up the encrypted partition make sure that the disk password is the same as your login password. This will be important later.
/etc/crypttab is read early in boot by systemd (see its crypttab map page). Systemd then calls cryptsetup on each entry in this file to unlock the partition. This is where the boot time password prompt that we want to get rid of comes from. Simply add
noauto to options list at the end and systemd will skip it:
nvme0n1p3_crypt UUID=XXXX-XXXX none luks,discard,noauto
/etc/fstab to comment out or remove the entry for
/home: we’ll be using pam_mount to do this directly.
sudo apt install libpam-mount
This is a PAM plugin that can mount arbitrary filesystems whenever a user logs in and unmount them when they log out. We can also use it to unlock and encrypted partition using the user’s password before mounting. This is why the login password and the disk password must be the same. Open
/etc/security/pam_mount.conf.xml and add these lines to it:
<volume user="nick" fstype="crypt" path="/dev/nvme0n1p3"
<volume user="nick" fstype="auto" path="/dev/mapper/nvme0n1p3_crypt"
mountpoint="/home" options="defaults,relatime,discard" />
<cryptmount>cryptsetup open --allow-discards %(VOLUME) %(MNTPT)</cryptmount>
<cryptumount>cryptsetup close %(MNTPT)</cryptumount>
We need to add two
<volume> entries. The first with
fstype="crypt" unlocks the physical LUKS partition (
/dev/nvme0n1p3) and creates a new volume that we can mount as a normal filesystem (
/dev/mapper/nvme0n1p3_crypt). Obviously change the user name and physical device path to match your system.
<cryptumount> entries tell
pam_mount how to open and close the encrypted partition when
fstype="crypt". Note that I’ve added the
--allow-discard option here which enables the SSD TRIM command to reduce wear on the disk, but has some security implications which you might want to read up on.
Reboot and check everything works. If you have problems try adding:
pam_mount.conf.xml and log in on a text console. This will print some diagnostic messages.
August 14th, 2019
Time was this blog had a bit of an obsession with bridges. I think it might have started with Naburn railway bridge. Anyway that source of content seems to have dried up of late so here’s a very large bridge a short subway trip from home.
This is the Nanpu bridge in Shanghai. The 57th longest cable-stayed bridge in the world. Hull’s got a longer one 😏.
You can take a ferry across the river and underneath the bridge which is quite fun, and there’s a walking path along both banks.
August 11th, 2019
I went back to Suzhou for a weekend recently and visited a few new places, mostly around Mudu (木渎) to the west of the city.
Taiping mountain scenic area
Net master garden
I’ve been to Suzhou so many times but this was the first time I made it to Taihu, one of China’s largest inland lakes.
And finally I visited Mudu old town. But sadly I got there too late to go in any of the attractions.
Mudu old street