Warehouse concerns

Here’s my thoughts on this whole thing. It’s your choice to ignore what I say, or to read it. Completely up to you.

Holding back the ocean with a broom. It’s a silly, old saying. It’s quite apt as a parable here however. Your words are the broom, the ocean is change, and Amazon is just the current wave in front of us. Like a broom and the ocean, there’s nothing that can be said to prevent the project. At this stage, even a lawsuit will only work to hinder progress.

However, before ground breaking, there were words said. When it mattered. Those who spoke up had many changes made to the plans. Honestly, these changes should had been implemented from the beginning by the designers. Some of the notable changes made to the plans is the addition of a high living barrier (dirt wall with plants), trailer parking and warehouse docks on the interstate side of the warehouse, and traffic restrictions for trucks entering and leaving the warehouse.

I joking commented earlier about wanting the area to be a pig farm. (I love bacon, ham, porkchops) The absolute stench a pig farm would produce would be terrible. However, until Amazon became interested in the area, there was a high potential for the land to be used for agricultural uses. Mind you, the city would not had allowed a pig farm there, I’m certain. But that being said, there are worse things which could exist there than a warehouse.

Yes, from my understanding, there was a sign placed on the property indicating the arrival of a Publix. However, I happen to know that Publix never had any solid plans of building at that location. Their interested waned greatly due to new housing “crash” – Their interest was based on the developing and growing area, which ceased for quite a while. Publix also has a long standing habit of pulling out of a project if their name is attached without their consent. This is doubly so if their interest in a parcel or building is not solid. The sign itself may have been enough for them to withdraw their considerations.

As far as traffic is concerned – there will be two types: commercial/delivery and employee. From my understanding, the commercial and truck traffic will be using an entrance much closer to interstate, but still on the main through-way. Employee traffic will be routed to the entrance at the end of the residential feeder. There may be the occasional vehicle at that intersection throughout the day, but most of the employee traffic will be during 3 or 4 times a day. Trucks will probably be leaving and entering at all hours. They’re actually not as loud as people think, and won’t be disturbing anyone’s sleep.

Consider for a moment that Publix had built a store and retail center at that area. This would cause a constant and continual flow of traffic for most of the day. Consumers entering and leaving at all hours of day. Trucks and delivery vehicles would still exist (albeit not at the same quantity) and there would be no traffic restrictions preventing residential roads from becoming a through-way for those shoppers. There’s the possibility of an alcohol serving restaurant, or even a bar existing at that strip mall. Now, there’s a high potential of drunk drivers on these roads, which lead to our communities. Roads where big trucks won’t be driving. Personally, I say that’s a win for the area. Employees won’t be driving inebriated.

Let’s talk about the economics real quick. The sale of the land, lots of taxes to the county and City. Yearly taxable income. 500 new jobs (say 10% are filled by transfers, that’s still 450) This has already resulted in another parcel being considered for commercial building – so yet more taxes, more employees. $15 per hour wages. Ok, so let’s consider the work those employees will be doing, and the conditions in which they’re doing it. Warehouse workers are the new coal miners, the new boilermakers, the new high-rise riveters and steel workers. It’s a job not for everyone. Extremely physically demanding. Very mentally draining. There’s going to be a lot of burn-outs who will look at less stressful positions, even if it means taking a pay cut. But in the mean time, those employees will be living and shopping in the area. They will be spending their money in our home. That’s more taxes, more little stores getting income. That’s the potential for /more/ little stores.

Housing and property valuations. This is a big concern for high end communities. I get that. It’s also quite true that the values of houses will drop slightly. With the amount of employees Amazon will have at this location, there are certain to be new homes in the area built. Older homes purchased. The area will grow. If these homes are high value family residences, that will ultimately bring the value of existing homes and neighborhoods up again. However, if these new constructions are allowed to be dozens upon dozens of low-end or starter homes – I can’t say the values will raise at all. Now, I’m not talking about new neighborhoods of high-end communities, but rather $250-$500k homes. So, it is with that concern that the residents in the area should concentrate. Ensuring that any new developments have stipulations of being mid-level communities. Not just for area housing valuations, but so they are actually affordable by those who will be working at Amazon, and thus will purchase them and live there.

If the area were to have been used for a retail center – Publix or not – it would drive a lower end push for housing in the area. Sub $200k homes. Starter homes. In a few years, they would be sold off to others. There’s no attachment, and thus those neighborhoods would quickly fall into less optimal aesthetics. With Amazon, there is a chance of new neighborhoods being valued higher – both financially and emotionally, and will be better taken care of… and add to the value of existing neighborhoods.

There will be new homes, new commercial, retail and industrial projects in the area. It’s not stoppable. Not unless someone purchases all of the surrounding land. It’s progress (like it or leave it) It is up to us, the stewards of our community, to help shape the direction this growth takes. There will always be things not in our control. There is still plenty which can be done however. We just need to pick the fights we have a chance to win. Having the new construction and businesses make concessions to ease the burden they will put on the area. To compromise on designs to increase the overall happiness of both parties. To help direct the City in area restrictions and code. But it must be done appropriately, at the times and places when it matters, and always with high moral, ethical and legal intentions.

Linux SSH login – a good starting point

The steps below were included in a later article I wrote, regarding new Linux server installations, here which includes much more information from that aspect. The information below is still valid, useful, educational information which should be read if intending to start the process of hardening a Linux server. I apologize for the sloppiness of this, but I see no reason to copy and paste the same information into this article when it flows very naturally in the new article. You will thank yourself for reading both articles, however!

My environment:
Ubuntu Server 18.04 hosted in a datacenter, with a public IP used for administration and public use.
Windows client computer with SSH terminal program. (I highly suggest WinSSHTerm v2 for higher level usage)

The goal:
To run a server with SSH key login only.
To use password authentication for privilege escalation only.
To prevent unauthorized access, login and escalation, through various methods.

The server software:
OpenSSH (sshd – ssh daemon service)
fail2ban (intrusion prevention service)
Linux PAM (Pluggable Authentication Module)
UFW (Uncomplicated FireWall, in lieu of IPTables)

Additional software used for demonstration puroses:
MariaDB (A fork of MySQL, with some enhancements)
HAProxy (A layer 4 and 7 routing service (HTTP(S) and TCP-only proxy)
Hiawatha (HTTP daemon akin to Apache, with simpler configs, and a security focus)

The method:
Using the above software services, the GNU/Linux installation will be secure from intrusion from unauthorized and unauthenticated users (and user-like software). This process will include allowing TCP port 22 incoming access, and denying incoming access to all other ports (opening 22, closing everything else), until such time as additional ports are needed for access into the machine. All outbound connections will be allowed in this tutorial. Once UFW is enabled, external clients may connect only to port 22/TCP. Being OpenSSH will run on port 22, SSH is the only thing that can connect to the server. The next step will be to allow SSH key logins, ensure this is working correctly, and then disable password authentication on SSH. After getting the server to a point where only SSH with a key pair can connect to the server, fail2ban and PAM will be utilized to help mitigate brute-force attacks for login and privilege escalation (i.e. sudo and su usage).

The end result:
We’ll be using 5 pieces of software (Linux, SSH, fail2ban, PAM and UFW) as a starting point to secure a Linux server installation. These instructions are based around Ubuntu 18.04 LTS, but may be applicable to other distros and version. 18.04 is a SystemD based system, and some differences will occur for older, non-SysD installations. Before a Linux server can be of any use, it must be accessible. This can be through a local console (keyboard & monitor), through a remote console (such as many hosting companies provide for direct access, or which can be set up using a serial cable and terminal (often using a laptop connected to the server) – or by remote terminal access, via SSH (at this time, I do not know any other ways to access the main console or terminals of a Linux host) For this tutorial, we will assume SSH access will be used, even if console access is also used.

Users (potentially just the server admin, you, the reader perhaps) will gain access to the server with an SSH compatible client. This client will connect to TCP port 22 (possibly changed, will go over later in this article) The server will go through various methods of authenticating the connect, the supplied account, and credentials (SSH key). Upon successful connection and authentication, the user will have access to the server. If the user is granted sudoers privileges, the user can then use ‘su’ and ‘sudo’ to gain escalated (root) privileges. If, however, authentication fails, the user’s connection will be terminated. Multiple failures will invoke the user being banned, and from connecting at all. The user information will be added to a fail2ban jail, with configurable ban time (or permanent – but this is dangerous as if the admin somehow fails to login properly multiple times, the admin will have to gain direct console access to resolve the issue)

There will be a minimalized guide at the bottom with the basic information needed as a refresher for admins who understand the software and steps needed, but lack the confidence in blindly following memory to achieve this basic setup.

A synopsis of the steps needed:
Step 1 – Install and setup the Linux server, and accounts. This is the only time the root user account will be used to gain access to the system.

Step 2 – Install and set up UFW. This will include choosing to use the default SSH port, or modifying it. Changing the SSH port is “security by obscurity” – which can help mitigate SSH probing attempts, causing a lack of interest in your server to any hackers. Using the default port is still highly suggested, and though probes may find the port to be open, it will be very difficult for hackers to gain access. (Warning: These methods do not encompass software exploits which may exist in the SSH daemon, Linux, or any other software being used – This covers conventional, brute-force and guessing-game type attacks only)

Step 3 – Secure the SSHd to use SSH keys, and to then disable password login. Passwords will still be used by the system for authenticated users to gain su/sudo access.

Step 4 – Use PAM to mitigate authenticated user brute-force and guessing-game password escalation attempts, and to assist with SSH key login.

Step 5 – Ensure fail2ban is set up to ban malicious connections, and mitigate attacks on connection and escalation.

Step 6 – To use some commonly used user-accessible software services to demonstrate how to allow access to these services, including non-authentication public access (HAproxy and Hiawatha) and secure, private access (MariaDB) These demonstrations will provide a basis for understanding how to grant access to nearly any hosted service in a secure manner.

These 6 steps will give a BASE LINE level of security, and should not be counted on for 100% of a system’s security. There are many additional methods which can be utilized to harden a server system. Some options are additional software, replacement software, hardware firewalls, VPNs (Software and hardware) The extensiveness of advanced security and hardening is beyond the scope of this guide, but should be understood and researched as needed.

BluntAboutIT.com and I, the author do NOT make any guarantee to any end, and CANNOT be held accountable for security failure for any system which is set up using this guide. Again, this is a base line guide, but the admin must ensure that ALL security needs are met, including ensuring that every security measure needed is in use and properly functioning and using the latest available software. With that said, this guide can provide a good starting point for admins to secure their servers.

(At this time, I am publishing this page, with it incomplete and lacking any actual instructions. The information here is enough for a smart person to do some research and be able to begin the process, if not complete it. This tutorial will be updated at a later time to include instructional steps for installing, setting up and utilizing the software mentioned thus far. There may also be additions to what is currently published)

Icecast music streaming…

This is an old guide I wrote back in 2014. It may still be applicable, or it may be completely useless now. But at least it’s shows the steps I took years ago to set up a streaming station.

BEGIN:==========================================================================
Poor man’s basic Icecast source setup instructions
Everything needed to set up a basic streaming system without the mess.

This tutorial assumes you’ve successfully setup icecast2 for this.
This tutorial also assumes you’ve got audio files to use to stream to icecast2.
You will also need a method seperate from your source computer to tune-in to the
stream – another computer or a friend with a PC you can be in communication with.

We will be using several programs to achieve this. These are:
VB-Cable from Pagesperso-orange.fr
edcast reborn from code.google.com
LAME MP3 from rarewares.org
VLC from videolan.org

First, you will need to download and install several pieces of software.
We will do this before continuing to configuration. Please follow the directions
as given as not doing so may cause errors in setup or configuration which cannot
easily be traced with issue diagnosing.

Go to:
http://vb-audio.pagesperso-orange.fr/Cable/index.htm
download CB-Cable Driver (center coloumn)
unzip to a fodler on your desktop and open the folder
right click on VBCable_setup and choose “Run as Administrator”
**Note: If using Windows 64bit, instead use VBCable_Setup_x64**
Click install on the screen that opens (if nothing, use other setup file)
allow the software to be trusted (check the box) and install
Verify this was installed by:
open Sound control panel
verify “CABLE Input” exists on “Playback” tab
verify “CABLE Output” exists on “Recording” tab
close Sound control panel

Go to:
http://code.google.com/p/edcast-reborn/downloads/
download edcast_standalone_3.37~~
Open Edcast Standalone Setup
click “Next>”
click “I Agree” (after reading and understanding the liscensing and terms)
click “Next>”
click “Install” (yes, use the default path)
Verify edcast is installed:
open the icon on the desktop for EdcastStandalone
Verify edcast opens, providing a window with several controls
close edcast

Go to:
http://www.rarewares.org/mp3-lame-bundle.php
Download LAME 3.99.5 with a size of 636kB (top download)
(DO NOT download the 64bit version)
open your edcast installation directory (C:\Program Files (x64)\edcast)
open the lame3.99.5.zip archive
copy lame_enc.dll from the zip to ~\edcast (it will be in with ogg.dll, vorbis.dll)
close the zip archive
close the edcast install directory
Verify LAME is installed:
open edcast (shortcut on desktop)
click “Add Encoder” button
See that a new entry was added under “Encoder Settings” and it is the only one
right click the new Encoder Setting selection, choose “Configure”
click the “Encoder Type” drop down, choose “MP3 Lame”
(it will not allow you to select it if it’s not instaleld properly)
click “OK” button
close edcast

Go to:
http://www.videolan.org
download VLC (big blue “Download VLC” button)
open VLC install
follow instructions on screen to install
use “Recommended” install type (just press next on “Choose Components” screen)
Verify VLC is installed:
open VLC (shortcut on desktop)
play any media file with audio to make sure VLC is working
close VLC

Now, go get some coffee, mt dew, take a bathroom break or just stretch.
You now have all the base software installed on your computer.
When you get back, it will be time to put all these bits together and stream!

OK Good! You’re back. At this point it would be ideal to have either another
computer, or a friend you can communicate with to help with testing. Their part
will be minimal, they just have to connect to your icecast server and listen.

Now, it’s time to configure VLC and edcast to work in tandem via VB-Cable.
VB-Cable shouldn’t need to be configured, but we will touch it’s options.

Open VLC (shortcut on the desktop)
open VLC’s Preferences (ctrl-p)
under “Show settings” click “All”
Go to Audio > Output modules
for “Audio output module” select “DirectX audio output”
go to Audio > Output modules > DirectX (You will have to expand the list to see it)
for “Output device” select “CABLE Input (VB-Audio Virtual Cable)
uncheck “Use float32 output”
for “Speaker configuration” select “stereo”
click “Save” button
Close VLC
re-open VLC (This is required to set the audio output properly)

set VLC aside for a bit, but leave it open.

Open edcast (desktop shortcut)
under “Live Recording” select “CABLE Output…”
right click on the MP3: selection under Encoder Settings, choose “configure”
Basic Settings tab:
change “Server IP” to the *IP* address of your server
change “Server Port” if you chose something other than 8000 in icecast2 setup
change “Encoder Password” to the password you used when setting up icecast2
YP Settings tab:
uncheck “Public Server” (This disables your server from being in icecast directories)
change “Stream Name” to your website/domain/station name
change “Stream Description”
change “Stream URL” to your website or icecast2 url
Advanced Settings tab:
(nothing to change, but look anyways for familiarity)
click “OK” button
click “Edit” to the right of “Metadata”
put your station name and your dj handle in the “Metadata” field
click “OK” button

Now it’s time to get your client computer or friend to tune into the stream
Be advised the audio may be very loud, so the volume on the client should be down

go to VLC
load up the playlist with files, enough for 20 minutes, or hit repeat
press play, ensure you cannot hear audio from it from your speakers
turn the volume all the way up to ensure audio quality to edcast and beyond

go to edcast
click the large black bar towards the top, it should start showing two
green and yellow bars bouncing left and right
press “Connect” button and let your friend know to tune in

You should now have a live stream going from VLC to edcast to icecast2 to your friend.

There are additonal features of edcast that can be set or configured. Such as the
Metadata being able to pull the song title from VLC’s window (this did not work for me)
Take note of what you change in case it breaks something and you need to revert it.

Play with the settings so you know what everything does, and remember it’s better to
have the audio player’s volume very high and use edcast to limit it so as to keep the
audio quality higher.

This document is liscensed under the Creative Commons Attribution with ShareAlike BY-SA

Spreadsheets, Minecraft and OCD organization…

Let me start out with HOLY CRAP TWO POSTS IN ONE DAY!? AFTER 9 MONTHS OF NO POSTS!? WOAH!! Am I crazy? Probably! Maybe not enough though…

So I found that I really enjoy using Google Docs spreadsheets. Well, I’d say use, but I think “abuse” is more the correct adjective here. Did you know that you can get 188000 rows, if you have only 13 columns? Well, it’s an odd limitation, but I found it! A workbook on Googlde Docs Spreadsheets can have only 5 million cells. That’s all sheets in a spreadsheet, not per-spreadsheet. It makes sense, memory resource limitations and all.

I’ve taken to using a spreadsheet for organizing all of the permissions for a small Minecraft network. When I say small, I mean 9 servers, 26 worlds, 10 “tracks” (groups of permission groups), 75 positions (permission groups), with an unknown amount of permission nodes for 98 plugins. The way I have my spreadsheet set up, is to use a row as section headers for the next set of columns. (If that don’t sound foncusing, let me explain)

The first row is, of course, my sheet header with each column labeled – because “A” “B” etc are not good names for data organization. I have this row frozen, so it’s always at the top. I also have the first and second columns frozen, so they will always be shown on the left side of the screen. These columns are Track and Group. I then have Columns “C”, “D” and “E” grouped under Group. These columns are “Prefix” “Username” and “Suffix” This was important so I can hide these columns now that I’ve completed that part of my job, without starting a new sheet, or removing them. Duration and Titles, “G” and “H” are grouped under Info, column “F”. Again, so the Duration and Titles columns can be hidden under Info. Columns “I” and “J” are “Server context” and “World context”, with World being grouped under Server, again to hide it. The next three columns, “K”, “L” and “M” are Plugin, Permissions and Negated Permissions. Yes, “L” and “M” are grouped under “K”. When I say grouped, this is a function in Spreadsheets which allows the grouped rows or columns to be folded or collapsed into the parent row/column. So with everything collapsed, I see columns “A”, “B”, “F”, “I” and “K” – and I can expand the section I need to focus on.

I’ve done this with rows as well. The first data row is the name of my first track, and as such A2 is filled in with that name, “Admin” (A1 being the label for the column in my header row, “Track”) For organizational purposes, I’ve left B2 empty, and went to B3 for my first “Group” entry. This allows me to collpase B3 under A2, without showing the first group, as it would be if I were to have used B2. This also allows me to free-up the rest of the row for track-specific data, such as Suffix, info, etc. I’ve done the same for the rows which contain an entry in the Group column, again so I can have group-specific data stored in that row. Moving to Column “I” or “Server context” I have again stepped the first entry in this column to the next row down. So, I4 is my first entry for Server contexts. And “J5” is my first entry for World contexts, as a “world” is a subset of a “server” I’ve continued this mostly-empty row organization with columns “K”, with each row having a plugin name. My first plugin is in cell K6. The next two columns will contain all of the permissions for that plugin in the same row however, L6 (first plugin’s permissions) and M6 (first plugin’s negated permissions) Row 7 will have my second plugin, permissions and negations, so on and so forth until I run out of plugins.

I have a nice nested effect going on with my rows, with the column to the left being the “header” for the cells to down and to the right. And when I collapse all of my rows, I see a nice list of all of my tracks. Then I can expand which track I want, and see the Groups within it. And expand the Group for which I want to modify or retrieve data from. At this point, I’m working towards well over 120000 rows, with 12 columns (The username column is only a placeholder, and is going to be removed) And so I’ll be looking at 1.4 million cells, with the vast majority of them empty, and not even visible at any given time.

But why so many rows, columns and thus cells? So, each plugin has it’s own permissions – some plugins give inherent permissions for all players, and some give inherent permissions only for those in the game servers’ “Op” file. Minecraft uses it’s own very primitive permission system for built-in commands. It’s archaic, non-granular, has 4 levels and various permissions within each level, with each higher level inheriting the permissions from the lower. But here’s the kicker, and why it’s archaic – Say I want someone to be able to kick a player, but not to build at spawn – well, with Minecraft’s Op system, that’s not possible, because building in spawn protected areas is a base level permission – kicking is the next level up. So, enter, and back to, Minecraft Permission Management Systems. I’m transitioning from PermissionsEx to LuckPerms. Various reasons, mostly due to LuckPerms having an active development team, and some functional technical reasons as well. I’m also taking the opportunity to build out readable documentation that my staff can access to assist with entering all of the permissions into LuckPerms, and for future reference for myself.

I seemed to have digressed a bit with that, so back to the question of why so many. First off, I have an unknown number of permissions. But let’s say the average plugin has 15 permissions (so have none, and some have much much more, so 15 is pulled out of thin air). Now, I have about 100 plugins. That alone means there’s 1500 permissions. Now, one plugin in specific has roughly 1500 permissions by itself. So, let’s say we have a total of 3000 permissions. Now, you may ask “OK, but that’s only 100 rows, as permissions for each plugin are grouped into the same row?” It’s not that simple. There is the potential for each world context (a world context is the number of worlds + the global server context, so n+1) having at least one entry for each plugin. There are a total of 26 world contexts, and several servers are only using a single context (global), so there’s the potential for even more. So we’re at 2600 unique potential permission rows. World context * plugin count. (I’m at 96 confirmed plugins, but may be adding a few more, so we’ll round off to 100 for this exercise) Now here’s the kicker: That’s per position. I have 75 permission groups (positions) So, 2600*75 is 195000 potential permission rows. Now, not all plugins will be installed on all servers, not all plugin permissions will be applied to every position (given or negated), not all plugins even have permissions, and there are some tricks to compounding permissions using * and built-in super-permissions (a permission which gives all the same functions as multiple other permissions) So it’s a LOT of permissions, data and work.

As someone who is very visually organizationally oriented, this helps to fully detail out the entire scope of the permissions on the network of servers. For me, at least. Ideally, this will also give my staff the ability to read the permissions per world, per server, per group and thus be able to enter the permissions into the new system for me. AND We’ll have a system-agnostic documentation that can be referred to and altered as needed in the future. It sounds extrememly convoluted and anything from easy. And it has been an absolute pain in the sphincter to set up. However, it’s use should be pretty simple, provided those who use it can understand multi-dimensional data storage. (spreadsheets with collapsable rows and columns) At it’s visually smallest, there will be only 11 rows and 5 columns. 55 cells, with 44 of them being empty. This is how each person should initially view this document. Each row and column can then be exapanded and collapsed as needed to navigate to the particular section and sub-section to modify or read.

In some respects, this is still easier than Windows Server 2003’s Active Directory. In others, I’ve completely rebuilt the entire framework of a Permissions Management System in a spreadsheet. For years, I’ve hoped someone would create an AD or OpenLDAP Minecraft plugin, but I feel the time for such an adventurous project has come and gone. Microsoft may be doing wonderful things with Minecraft still, but if we’re not already in it, Minecraft’s sunset period will be upon us within a few years. With the release of the right game, it could be even sooner. But what the developers behind LuckPerms has done is absolutely amazing and I hope they have written it in a way that LuckPerms can become game-agnostic and useful for other ventures in the future. It is already available for Minecraft Java Edition (Bukkit, Spigot and Paper); Minecraft Bedrock (for consoles/Win10) through NukkitX, a Bedrock server written in Java; Minecraft Forge servers (Also for Minecraft Java Edition, but different API) and I think another Minecraft server or two as well. But these things have two things very much in common: the base Minecraft game & Java.

At the top of this post, there’s a screenshot of the framework, with some sections collapsed, and some visible. For reference to this article only.

Linux, Java, Git and Maven…

Here, I will explain how to *simply* get a Java project with Maven compile instructions (pom.xml) on Github to your system, and compile it using Maven. This requires a few things. We’ll use Potato. You can fork this project with your own Github account, and then you can say that you’ve “Forked a Potato” (Seriously, it’s just a fun project with limited to no practicle use) We’ll be using Potato as our reference example project. It is Java, with Maven, on Github and will compile under Linux. https://github.com/AeSix/Potato

First, let me state that I use Ubuntu GNU/Linux distros. Life is too short to worry about getting everything installed “the hard way” – Ubuntu’s apt-get is, in my humble opinion, the simplest way to do routine software installs. I’ve built Slackware linux, ran through Fedora Core, messed with Gentoo and Suse, and various other distros, including Debian (Ubuntu’s papa distro) For everything I’ve ever needed, Ubuntu has provided much simpler than other distros. That may not be the case for everyone, however. So with that all said, I’ll be talking about “Linux” pertaining to Ubuntu GNU/Linux specifically. These instructions may be translatable to other Linus distros, to UNIX distros (FreeBSD, MacOS, etc) or even for Windows with varrying degrees of success. I won’t discuss these here though.

The first step, of course, is to procure suitable environment and install your OS. We’ll assume this is done. If it’s not, you’ll want to do that, after reading the rest of this. You’ll find specific instructions for your environment online, and so I won’t waste time here detailing that.

Next, you’ll need to install Java. This is a considerably more difficult process on any Linux distro, if you’re wanting to use Oracle Java (as opposed to OpenJDK), that’s as simple as
> apt-get install open-jdk
I prefer to use Oracle JDK, however that’s a personal preference. You can find installation instructions if you were to search for “Oracle Java Ubuntu webupd8” – there’s plenty of info on that and does not need to be duplicated here.

Once you have Java installed, you’ll want to get a Git client and Maven. Again, there are installation instructions online for each of these. I suggest Gitlab’s instructions, but DigitalOcean has some nice write-ups as well.

At this point, we’ll assume you can do these things:
login to your Linux user account, and perform commands with sudo. I highly suggest NOT using root user!
– Test your network connection:
> ping google.com
– Test your Java installation:
> java -version
– Test git client:
> git –version
– Test Maven installation:
> mvn –version

Assuming this all went to plan, you should now create your work environment. I suggest making a ‘dev’ directory under your /home/username, with a git directory under that. OCD organization!
> cd ~ && mkdir dev && cd dev && mkdir git && cd git && pwd
Provided this worked, you should see something akin to, with “yourusername” being replaced:
/home/yourusername/dev/git

Now all the setup is done, let’s clone us some code!
> git clone https://github.com/AeSix/Potato
> cd Potato && ls
The first command here will reach out to Github and fetch a copy of Potato from github.com/AeSix/ and create a new directory under git/ called “Potato” The git client will always create a new directory in your cwd with the project name as the new directory name. The second command simply puts us into that directory and lists it’s contents. Verify that the contents on your system match that of the repository you cloned from. If it does match, Congrats! You’ve cloned a Java Maven Git project!

Let’s build this project. This is what I *LOVE* about Maven, how simple it is! You’ll be addicted and wanting to compile github projects every day! (Ok, maybe I alone got a bit overly enthusiastic about Maven when I first got it working!)
> mvn clean install
That’s it! That’s all you needed to do! Of course, you *have* to be in the directory with the project’s files for this to work, and the project *has* to have a ‘pom.xml’ file. Of course, the project also has to be fully written, not broken, and compatible with your version of Java and potentially your OS (Very old OSes may not have some functions that newer Java projects require, but then your Java version would be subject to these and you’d never get a new enough Java installed to even build with much less run the project with)

Oh! You actually want to run the project? I guess I can tell you where the compiled jar is.
You should still be in /home/yourusername/dev/git/Potato – so do
> pwd
and confirm you are. If you’re not, then something went awefully awry and you should figure that out. Let’s assume there’s no problems though. Now do
> ls
You should now see a “target” directory. Again, assuming all things went well, do
> cd target && ls
And you’ll see “classes” and “Potato.jar” So let’s run Potato!
> java -jar Potato.jar
You should be greeted with a friendly, if passive-aggressive, yet humerous message from your new Potato.

If *anything* went wrong, I suggest starting from the top of the first checklist, pinging Google. If you still can’t get it going, you may need to do some more research.

Here’s the TL;DR for those who just need a reminding of how easy (so easy, it’s forgettable) Java/Maven/Git is:

Get project url:
example: https://github.com/AeSix/Potato
Enter your working environment:
> cd ~/dev/git
Clone project to local system:
> git clone https://github.com/AeSix/Potato
Build with Maven:
> mvn clean install
Test the built jar:
> java -jar Potato/target/Potato.jar
Rejoice at the deliciously prepared Potato!

To update the local project files:
> cd ~/dev/git/Potato
> git pull
The git pull command has to be done from within the project’s local directory, otherwise it wouldn’t know which project to update.

Life in general, a rant

Holy crap can life throw some curve balls.

So without getting into details – life in general has been very hectic the last couple of weeks. It’s been building to a boiling point for several months. In the last 5 months there has been a death, a marriage, a family feud, I started smoking, a family addition (more on that later, maybe) a hurricane, a trip to the mountains, and a couple of falls on the way home, a bit of personal self-learning. I quit smoking. Not in any specific order.

I now have, for the first time in my life, a preferred auto-body shop. I’ve never needed one before, but so far, so good. I’d prefer to not need one, but alas, I have one. Why might I now need an auto-body shop? Because our brand new, less than a week old car had some issues. It’s sitting at the auto-body shop with the drive-off tag still attached. Almost $8,000 of estimated damage. In two claims. Thankfully. Had the damage been a single claim, it could have turned out very bad for us, with the car being totaled and a replacement not exactly working out. (Blame that marriage thing I mentioned earlier)

The wife and I went on a trip to Tennessee a couple of weeks ago, a last vacation for the foreseeable future. Not that we won’t be taking small trips, etc, but we have none planned. We enjoyed ourselves greatly! The car did not enjoy the trip so much however. The Saturday before we left for our trip, we traded up our 2015 Soul for a 2018 model. Score! New car smell, tiny little issues all gone, OOOH SHINEY! New, real Rims! By Thursday, I had backed into a tree. Saturday on the return trip home, an old woman t-boned us in a parking lot. Not fun. Not so shiny any more. Not my greatest moments. Though the delivery was quite rude, crude even in tone and volume – the words were not. Or maybe they were a bit. I was beyond pissed. I couldn’t drive the car if I wanted to, my nerves were (and to some extent still are) completely shot. I can’t stand people pulling out onto the road I’m traveling from side streets – at all.

With my nerves shot and responsibilities which include driving, I turned to that old crutch, the only horrible coping mechanism I’ve used in the past. Smoking. Cigarettes. I’ve quit again, as of Saturday Night (So about 36 hours now, as of this writing) So what’s the first thing my body does? That night, it start expunging crap from my lungs and decides that’d be a great time to give me a lung infection. So now, I’m sitting my computer, coughing and writing this because I’m too sore and physically exhausted to do anything else. And I have about 200 hours of work to get done. *sigh*

I’ve done a lot of “growing the fuck up” over the last 5 months. A lot. My mother passed away less than a month before my wedding. I’ll never forgive myself for that, though I know there was nothing I could do. My mother’s husband had lost almost everything taking care of her, and over the last three years or so was completely unable to leave her alone for more than a few minutes at a time. My mother’s family, completely inept and incapable of ever understanding the drain she put on him, decided to see things that weren’t there. To put it nicely. It was bad enough she wouldn’t be at my wedding. Then my wedding was cut considerably smaller because of those expenses. Wouldn’t her family help out too? Oh hell no. My crowd funding got called a scam, I was called a liar and thief. Her husband was insulted multiple times. Oh, and there was a murder investigation. No charges were brought against anyone, nor was there any reason to. I don’t care how old a person is, when they have a good relationship with their parents and they die, it’s fucking hard. Needless to say, I’m *done* with my uncles and aunts, etc from my mother’s side. Those people, I wouldn’t hit in the forehead with a penny if they asked for help from me.

My wife’s family came together for my wife and I at our wedding and made it one of the best days of my life, and I’m sure it was one of my wife’s best days too. I learned a lot about humanity, my new family, and myself when I got married. Amazing people, the whole lot of em. It’s great how her family was able to help us make it such a wonderful event. Our friends and family are the greatest. So many things changed when She and I became one in the eyes of the law. It seems like every time I turn around there’s something new that we must do, cannot do, or should/shouldn’t do because we’re married. Taxes, Insurance, Loans, even just a bank account… so many things change (some for the better) – all because we no pronounce we are legally one. So weird. More weird is the fact it’s all just financial stuff that seems to really change. I could rant on that alone for two posts. I wouldn’t change a bit of that if it meant not being married.

Technically the hurricane was closer to 6 months ago now. It’s effects are still being felt. Our garden is in complete and utter disrepair. When the hurricane killed my plants, I got depressed about the whole thing. Then this January, we had a hard freeze which killed off most of the rest. Partly because I didn’t plan accordingly (see above comment) We had various vegetables, herbs, and some squash plants. It was more of a “Let’s see what we can grow, and enjoy it” After all, the store is still an option. But now, we’ve come to discover that some of her several-year-old plants are now dead from the freeze. *Gut punch* Not too bad, but it’s just one thing after another. Not to mention the grass, which I’m fairly certain is just obliging my thoughts on not having to mow so much, is dying around the front entry and driveway.

This isn’t too horrible, other than I need to get some rock and stepping stones, which costs money – oh and the abominable trugreen salesmen who, despite the “NO SOLICITING” sign up front, continue to bother us about our dead grass. I like my neighbor’s opinion on that, which he voiced at our latest HOA meeting. It involved a shotgun. Apparently complete and utter verbal hostility is not enough to get on their “do not talk to” list. The last one left a written door hangar (folded up and shoved in the door), started with “I read your sign” How ignorant can people be? Seriously, this makes me sad on so many levels. I digress.

Anyways, I mentioned a new addition to the family. Well, not really an addition. More of a re-introduction? My wife and I are adopting my niece – originally we just wanted her placed with us, to get her out of the foster care system. However, there was a threat that she could be taken away for nearly any reason and that adopting her would prevent that. What ever. I just want the girl to have some-what of a normal life. The longer she’s in that system, the more harm is done. We’re within a week of finalizing this, so I feel it’s OK to say so. This has brought on it’s own set of stress, complications, and curve balls. Being we’re adopting a child from the state, we must have a “home study” completed. This involves background checks, finger printing, digging up stupid shit from my past, and generally being a nuisance to us. Certain people have known, and some have been mislead to believe otherwise – I’m sorry for any deceit from this. There were reasons.

The home study has been going on since November. We told the people before they ever scheduled anything that my fiance and I would be getting married and leaving for honeymoon. And what’s right after when we get back from our honeymoon? Thanksgiving. So what does this woman try to do? Schedule the first interview while we’re gone. As in not even in the state of Florida. At that moment I knew I should had requested another worker. What has the last 5 months done for that? Proven me right. Though I’m not sure there are any workers who are less inept and incompetent. Maybe there are, maybe she’s the worse of them all. I don’t know, but I bite my tongue because I need her to do her job. She’s lost reference letters sent to her. She outright replied to a personal reference email from my wife’s mother asking who the subject of said reference is talking about. (My wifes, my nieces and my full names were in the letter) This is after we sat at our kitchen table for 4 hours trying to explain how criminal records work. One would think this person would know this already. And yes, I have misdemeanors and traffic violations, etc. Anyone ever claiming me to be perfect is not to be trust and should probably be put away. But that’s all of us.

On the lighter side of things, I’ve got a trailer to haul stuff with (and which will be holding my lawn tools while in the garage) We’ve got the property mom’s husband lives cleaned up, and some back taxes paid. And he’s on his way back to building his lawn service company. I’m on better talking terms with my siblings, and we might be getting a puppy some time in the future. Puppies are always great. Almost as great as kittehs!

So, I think I’m done ranting. Thanks for reading, chuckling, laughing, crying.

Yesterday…

I’ve been officially married in the eyes of God, the law, friends and family for five days now. Nothing much has changed. But that’s to be expected – because we have been married to each other for over two years in our own eyes. We made that commitment then, to each other and have lived by it since.

It’s amusing how much has not changed. And how much actually has. The things I would have bet good money on changing after our ceremony are absolutely 100% the same. I’m still a perfectionist, and she is still the perfect person for me.

We’ve spent many units of space time together, traveling through this life with each other in the last 2+ years. We’re each other’s companion, staying side by side through all that life throws at us. She is by far much more my strength than I hers. We have grown together, she has taught me patience that no one else ever has, and has taught me to be calm. Her opinion is the first to matter to me in a long time. Maybe that’s what love is about?

She now refers to me as her husband, and I refer to her as my wife. These are not possessive terms as much as they are self-proclamations of attachment. I attach myself to her when I call her “my wife” – not the other way around. For so long, the left has been shouting wrongness and irrationality at my that I didn’t realize how much they were wrong, and how calling someone “my wife” would affect me positively.

I am not her property, and she is not my property, except that we give ourselves to each other and have bound our lives together, equally and have been acting as husband and wife for 2 years – only now we are legally and socially allowed to use the titles of endearment for which roles we play. Life is good, it is simple, and it is the most complex it has ever been, it is terrifying and exhilarating all at the same time. It’s a hell of a thing, and I’m so happy to be sharing this journey with the woman who calls me husband.

The Second Amendment, NRA and You!

So, the left is all mad because the NRA supports our Constitutionally Guaranteed Right to keep and bear arms. Now they’re mad because a device intended for disabled peoples to more easily is being recommended for regulations by the NRA and GOP? That makes perfect sense.
But honestly, the article is riddled with emotion, bias and slander. It reads more like a deranged lunatic’s diatribe about how they can’t come to understand that they’re right and everyone else can be too.
The NRA, first off is a group of people and not a singular entity, and second not capable of independent thought; as in “The NRA thinks you’re stupid” The people in charge of the NRA are quite sane and rational, compared to many out there, and see a problem. They are trying to work with the government to best solve this issue without anyone’s rights being infringed.
So let’s clear up something. There’s no such thing as an assault rifle. However, any weapon can be used for assault. Even an artist’s paintbrush can be quickly and easily fashioned into a dart short from a crossbow to injure someone. Rocks are used as weapons all over the world. This is truth, not conjecture or emotion.
As it stands right now, the average American cannot legally posses a fully automatic firing firearm. This has been the law for many years. Those firearms which are semi-automatic, and the various single-shot firearms are still legal. Bump-stocks have skirted this law by providing an external means of accelerated discharge to semi-automatic firearms. You can read more here: https://www.nraila.org/articles/19990729/fully-automatic-firearms
Now, the Second Amendment to The Constitution of The United States of America reads:
“A well regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear Arms, shall not be infringed.”
This tells me several things:
As a method of ensuring The Constitution of The United States of America is upheld, the people are guaranteed:
The creation and proper maintenance (well regulated) of a Militia.
The right of the people to keep and bear arms.
That neither of these shall be infringed upon (by the Federal Government)
Why is Federal Government in parenthesis? Because this document had been written and given it’s mission to protect the American Citizen from The American Government. The Second Amendment is the article which allows those Citizens a last recourse against a Federal Government that is no longer keeping the value of this document of that of The American People in good light, for The American People to be able to correct that situation by force if ever needed.
Now, one might ask “For whom would this fight and force be against?” The US Military for one. Mis-guided federal, state and local law enforcement. Private security hired by The President of The United States of America. Many other unknown groups and factions within, and with-out our borders as well.
Are we, The American People supposed to be able to fend off those aggressors of Liberty, Freedom and Justice with .22 single-shot rifles and shotguns with bird-shot when they will have machine guns, rapid fire weapons, large calibre firearms, tanks, choppers, rockets and the like? No. And THAT is what the NRA is protecting. They are not protecting some irrational, insane, psychotic, neurotic or otherwise under-educated criminal with a grudge against humanity with a device intended for the disabled.
As we all should know, criminals (you, the reader, do know what a criminal is, I hope) are quite adept at not following laws, policies, regulations, etc. Arms in the hands of law abiding American Citizens would make this country safer for all, but legislating that creates a situation where only criminals and elite groups have these privileges.
So please, before saying “The NRA thinks you’re stupid” – maybe do some real research on the subject.  https://www.law.cornell.edu/wex/second_amendment

Black Rifle Coffee

I’ve been drinking coffee instead of soda for a little more than a month. I’ve been using milk/half&half/cream and splenda/stevia/equal in my coffee. I’ve gotten to where I don’t need the dairy any more, and use less sweetener now, only enough to take away the bitter taste from the coffee.
 
I found out about Black Rifle Coffee Company a week or so ago. I found out they’re Vet owned and more so the owner has a plan to hire 10k more Vets. I don’t like donating to charities, where only a fraction of donations go to the cause. That’s why when I found out BRCC is Vet owned, I wanted to buy some of their coffee, so I can help contribute to a betterment for US Vets, directly.
 
And you know what – it’s the best damned coffee I’ve had. No dairy, no sweeteners. Just black coffee. It don’t taste burned, it’s not bitter, and in fact actually has a hint of sweetness. We (The girlfriend and I) bought a bag of V-Tac Berzerker
 
Now, I’m no coffee connoisseur, but I’ve had a good variety over the last month alone, and have been drinking coffee on and off for 15 years or so. We bought a bag of whole bean, and I, having never ground coffee before, ended up grinding it super fine. Apparently, this is an espresso ground what I did. And just amazing. This is still, by far, the best coffee I’ve made or drank.
 
And no, I’ve not been asked to, offered anything to, or am paid to write this review. I’m just seriously pleased with what these people are doing with their company and with their product.
 
I’ve been drinking Cafe` Du Monde (CDM) coffee with chicory, with a slight bit of stevia to soften the bitter. WaWa has moved into town here, and I’ve been drinking their Vienna and Cuban coffee too. This, coupled with Walmart not carrying CDM, we chose a canister of Cafe Bustelo coffee. It’s close to WaWa’s Cuban coffee, and is also finely ground (which is something I didn’t realize until after I “goofed” with the v-tac) Though it’s a good coffee, it’s nothing compared to BRCC’s V-tac. Folgers and Maxwell House are absolute crap to me now, and would only drink these in lack of other options.
 
I’ll be ordering more from BRCC later, for special occasions and as a “treat” drink. The CDM lasts me about a week per brick, while the V-Tac could last me maybe 10 days, as I brew it less strong than the CDM. Buying bags of beans for every day drinking would be OK, but I don’t want to get completely spoiled and not be able to drink any other coffee. However, At $13 a bag, it’s a bit more expensive than the $4.50/brick I’m paying for CDM, so almost literally 3 times the price. BRCC may be more expensive than the cheap stuff I drink, but the quality is infintely greater, and the price is comparable to other 12oz bags of beans from other companies that don’t provide the same quality (Starbucks, etc)
 

Anyways, if you want a damned fine cup of coffee – head over to Black Rifle Coffee Co. and pick a roast that sounds good to you. I’m certain you won’t be disappointed. If you want to be spoiled and unable to drink diner coffee any more, buy enough to make BRCC your main drink at home, and nothing else will ever do.

Black Rifle Coffee V-Tac Berzerker
Copyright Black Rifle Coffee Co (I think, used without permission. Get over it, or ask me nicely to remove and I will)

Setting the tone

So I have been indecisive about the first post I would write for BluntAboutIt.com
That was until earlier today when I found out something rather interesting.  I had to do a bit of research, and unfortunately I have only inconclusive answers due to various legal protections preventing penetration of a perpetual proof picture, plus personal principles.  What I am referring to is an act which I find amusing, but more so, see tells of deeper understandings and the twisting of the future as though it were play dough.  The, as far as I can tell legal, acquisition and implementation of Jeb Bush’s http://jebbush.com domain to redirect to https://www.donaldjtrump.com/ – clicking either will take you to the same page, an over saturated CloudFlare proxy of Donald Trump’s website, complete with campaign propaganda.  That is if it will load properly.  Of course, this may change at any time, and though currently we’re all having a bit of a chuckle at this – at least if you’re not a Jeb Bush supporter, it may be returned to Jeb.  I speculate that Jeb had lost track of the domain, and allowed it to lapse.  Now, I may be mistaken, but from what I’ve learned is that once a domain name expires, the registrar usually holds it for a period of time after expiration where the name cannot be registered by another party.  This is to allow for the domain to be re-registered by the previous owner, for a clean-up stage where URLs, email addresses and servers may be shut down to prevent unwanted attention, and for administrative purposes.  The point is that the domain name would have not been responsive for website, redirect or email (or any other service the domain may have been used to point to) would have been inaccessible.  And not just for an hour or a day, but generally for a month or longer.

I was at one point, as being a Florida native and of impressionable age when Jeb was Governor of the state, a supporter of his.  But at this point, how could I trust this man with my Nation, my Country, my protectors in uniform if he can’t keep a domain named after himself from expiry?