David Goodwin – Page 3 – Linux, PHP, geeky stuff … boring man.

March 30, 2023

PHP psalm annotations

This is more of a note for myself, as I keep forgetting the syntax. See also https://github.com/vimeo/psalm and

List of Arrays

Given an 2d array like :

[
   [ 'name' => 'Pickle', 'age' => 4 ],
   [ 'name' => 'David', 'age' => 42 ],
   [ 'name' => 'Sooty', 'age' => 13 ],
]

PHP code that expects a data structure in that same shape can use an annotation like :

/**
 * @psalm-param list<array{name: string, age: int}>
 */

Alternatively that can be used on a @psalm-return ….

Fixed List of Possible Things

If you have a fixed list of stringy things being returned you might have :

/**
 * @psalm-return 'Foo'|'Bar'|'Baz'
 */

March 26, 2023

systemd-resolve (DNS is always to blame)

For the record, this is using systemd v247, from Debian’s buster-backports.

I think I was enticed by the cool aid, hoping to be able to have DNSSEC or DNSoverTLS …. and caching … and to be fair, it appeared to work on all the servers I’d installed it on (although they were just ‘boring’ LAMP style webservers).

Anyway, everything seemed to be going well, with the default /etc/resolv.conf like :

nameserver 127.0.0.53

options edns0

and /etc/systemd/resolved.conf looking like :

[Resolve]
DNS=8.8.8.8#dns.google 8.8.4.4#dns.google 1.1.1.1
FallbackDNS=1.1.1.1 8.8.4.4 9.9.9.9
LLMNR=no
DNSOverTLS=opportunistic
DNSSEC=no
Cache=yes

Unfortunately, on one relatively busy server which makes multiple HTTP requests out every second, I saw sporadic failures where curl would report a timeout for e.g. graph.facebook.com (>10 connect time).

The timeouts seemed to be grouped together (no timeouts for a number of hours, and then a load of requests would fail) and obviously to be annoying this only happened in production and wasn’t something I could reproduce.

As best I can tell, a failure to lookup was being cached, so all requests for a specific hostname would then fail until the cache expired (30 seconds?)

So I end up having /etc/resolv.conf looking a bit more like a traditional one with 8.8.8.8 as the first nameserver and some custom options to lower the retry time and hopefully trigger multiple DNS lookup attempts.

So, perhaps …. perhaps … systemd-resolve isn’t quite ready for production yet?

November 30, 2022April 15, 2023

faster rsync (ssh cipher choice)

Perhaps the bottleneck isn’t always bandwidth – but does changing ssh cipher make any difference?

Using a derivative of :

rsync -W --delete --no-owner --no-group --no-perms \
    -e ssh \
    -arv /source/ remote@destination:/destination/path/

In unscientific tests, it looks like ssh parameters might do something when copying a 4GiB file between two random virtual machines in different data centres, but both in London.

SSH Variant	Speed
-e “ssh”	~45MB/s
-e “ssh -x -T”	~44MB/s
-e “ssh -x -T -c chacha20-poly1305@openssh.com”	~42MB/s
-e “ssh -x -T -c aes128-ctr”	~47MB/s
-e “ssh -x -T -c aes256-gcm@openssh.com”	~50MB/s
-e “ssh -x -T -c aes128-gcm@openssh.com “	~45MB/s

I’m not sure if these results are particularly insightful / useful.

November 23, 2022November 23, 2022

Twitter?

Will we soon think of it as “wasn’t that like MySpace? but it imploded ?” ?

Thankfully, after waiting a few days, I was able to generate an archive of my tweets and download it. I then ran https://github.com/timhutton/twitter-archive-parser over it – which did a pretty good job

and it quickly allows me to zoom back in time to when I started tweeting …

November 21, 2022

Hello (again) world

I don’t blog very often.

I should probably stop bothering with the automated twitter compilations.

In other news, some legacy PHP code I look after had this :

<?php
// ...
require('#something.inc.php');

Yes, that’s including a file name that starts with a ‘#’ … which while it’s a clever idea, it’s also a pain in the bum to edit in Vim etc all the time.

November 13, 2022