Governments and truth
I wrote this rambling reply to a Cruisers Forum conversation surrounding the Gov’t’s ability to communicate facts. Then I decided not to post it. But it has some thoughts worth preserving so…
[QUOTE=Mike OReilly;3401382]Yes … see even I’m doing a piss-poor job here, and I’m a science writer :redface:.
If your choice is binary: mRNA vs viral vector, it makes perfect sense to go with the one that has slightly less risk, and slightly more efficacy. But none of these choices are binary. There are multiple factors, including availability AND most importantly getting any vaccine sooner rather than later.
The risk of contracting Covid-19 far outweigh the risk of getting a weird blood clot; by something like 10,000 fold. But an honest scientist will tell you the risk is greater with AZ and Jansen than with Pfizer or Moderna, so in some hypothetical situation where you can reduce your risk of contracting the disease to near-zero, it makes sense to hold out for the lower-risk vaccine.
But this all requires an ability to rationally assess risk, and that is something few people know how to do.
It reminds me of the first time I went to see a lawyer. I wanted to know if I could start a business without doing anything other than opening a bank account. An hour of risk assessment, fear mongering and over-explaining worst-case scenarios he wrapped up up with a simple “yes, but you will be personally liable.” Since all I wanted to do was graphic design under a company name it seemed a bit hysterical. I now realize that all that liability he was talking about applied to him as well. If he didn’t do his damnedest to scare the bejesus out of me he would have been “shirking” his responsibilities.
It is really hurting my brain to listen to all the people who b*tch about governments lying and withholding information or just plain being wrong. Do I think this whole thing has been a case-study in communication f*ck-ups? Yes. But the thing most people think the gov’t is there to do isn’t accurate (at least outside the US…they have a weird origin story…). They aren’t primarily responsible for telling us the truth etc.—they are responsible for the common weal. And if anyone has been a parent you know that doesn’t always involve “truth” or “justice.” We can argue about that if you want, but I just want my government to do what needs to be done—I really couldn’t give a damn if they have to mislead me in order to get the rest of the population to line up and toe the line. Up to a point.
Instagram Since Last Time
900: My Library in 2021
I own 863 books. Well I might own a few more here and there (books that I have worked on but not necessarily “read” etc.) but my main library — of mostly SF/Fantasy — consists of 863 titles. It took me almost 40 years to accumulate those.
Yes, I have a spreadsheet. I also haven’t bought a new book in 10 years…for certain definitions of “book.”
Ebooks
On the other hand, today I bought my 900th ebook.
For Xmas in December 2009, L bought me my first ereader—a Sony Reader PRS-600 (read about it here). I was suspicious but willing to give it a chance. On January 1, 2010 I bought my first ebook: March to the Stars by David Weber and John Ringo from Baen for $5 usd (the same book is now $6.99). I chose a Baen book (and generally still do) because of their non-drm policy.
So, since 2010, I have accumulated more ebooks in ~10 years than I did in the preceding 45. That says something about me, but I am not sure exactly what 🙂
Number 900?
I decided on Steven Brust’s The Baron of Magister Valley —a very under-marketed book published last year that I didn’t realize even existed until very recently. I have been trying very, very hard not to acquire any new books in order to get my To-Read pile down. I can happily announce that, other than a pile of “backup book” (classics and freebies that I have in case of emergency but don’t really intend to read unless I have to), I was down to 3. Woohoo!
So I went on a buying spree: A Desolation Called Peace by Arkady Martine, Martha Wells’ Fugitive Telemetry —number 6 of awesome The Murderbot Diaries and The Assassins of Thasalon (Penric & Desdemona) from Lois McMaster Bujold. Which brought my ebook count to 899.
Well, what’s a fella to do? Buy another book of course. Despite it costing $14.99. Seriously? Fifteen bucks?
Whatever.
But it’s done. And now happy reading!
NGINX Proxy Manager
What’s it all about?
My home server was just revolutionized! I’ve run several websites on my home network for years for testing purposes. Recently I was doing some work for hire and I needed to open them up to the wider internet. In the past I would just open up a bunch of port forwards and be happy.
Port forwarding: generally web traffic travels though various devices on a port 80 (http) or port 443 (https). You can open up other ports on your router and forward them to specific devices e.g. external traffic sent to http:macblaze.ca:8083 —> internal route 192.168.1.250:80
This results in opening a bunch of ports on your router (insecure) and having to give clients and others oddlooking urls like macblaze.ca:8083.
And recently Shaw has upgraded their routers to use a fancy fancy web interface that actually removes functionality in the name of making things easier. So my linux server, which had a virtual NIC (network interface card) with a separate IP, didn’t show up on their management site and I was unable to forward any external traffic to it.
But up until this week it was a c’est la vie sort of thing as I struggled to try and figure out how to get the virtual NIC to appear on the network. And then I saw this video about self hosting that talked about setting up a reverse proxy server.
NGINX Proxy Manager
Find it here: nginxproxymanager.com
Turns out this was what I was supposed to be doing all along. A reverse proxy senses incoming traffic and routes it not via the port but by the dns name. So now that I have it set up I can just add a CNAME to my dns setup like testserver.myserver.com and it will send it to my home IP on the normal port 80. My router lets it through, passes it to the proxy server which then parses the name and then sends it on to the proper machine/service. So then whenever I set up a new project I can go and add testserver2.myserver.com and the proxy server will send it to where it belongs on my internal setup.
So cool.
My Set Up
I used to have some ports going to my Mac mini server and some ports to my Linux machine. Now all traffic is directed to the linux box. It runs NGINX Proxy Manager (NPM) on a Docker container and receives traffic on port 80. I moved the two websites hosted on that box to ports 8090 and NPM now sorts them based on the various CNAMEs I added to my hosting.
CNAMEs
CNAMEs are canonical names — akin to forwarding in a weird way. www.macblaze.ca is a CNAME for macblaze.ca. So if for some reason the IP address changes for macblaze.ca then www.macblaze.ca will still go to the right place. If I set up a domain myserver.com which points to the IP that is assigned to our house by our ISP (Shaw, Telus etc.) I can then set up the CNAME testserver.myserver.com which will be handled internally. If our IP ever changes (which it used to do quite often) now I only have to change the one record and all the CNAMES will still work.
Docker
Docker is a virtualized container system. I haven’t a lot of experience with it but this iteration of the NGINX proxy is a GUI based implementation of the command line version and the developer decided to set it up as container (sort of a mini virtual computer) so he could easily roll out updates as necessary. So my poor old Linux box is now running virtualized software on top of being a web server and a linux sandbox. Not bad for something from 2009. I will start playing a bit more with docker because it allows you to build a container and implement it with all sorts of things without affecting the main machine and, best of all, be able to throw out any changes and start again. we will see if the old PC is up to it or not.
I also installed docker-compose in order for Docker to run “headless” in the background.
Here’s a good video on the process:
The Process
Docker
(From the video)
Update the Linux system:
– sudo apt update
– sudo apt upgrade
– sudo apt install docker.io
Start
– sudo systemctl start docker
– sudo systemctl enable docker
– sudo systemctl status docker
Check to see if its working by checking the version: docker -v
Then test by installing a test container:
– sudo docker run hello-world
Docker-Compose
sudo apt install docker-compose
To verify: docker-compose version
Then check permissions:
– docker container ls
If you are denied:
– sudo groupadd docker
– sudo gpasswd -a ${USER} docker
– su - $USER
NGINX Reverse Proxy
Make a directory (make sure you have permissions on it)
sudo mkdir nginx_proxy_manager
I had to change permissions. Then create a file in the directory:
nano docker-compose.yaml
Copy the setup text from https://nginxproxymanager.com/guide/#quick-setup and change passwords
- Be sure to change the passwords
Then compose:
– docker-compose up -d
This grabs the specified docker containers, sets up the program and database and creates the virtual machine that is running the NGINX Reverse Proxy server.
You should be able to access the GUI at [http://127.0.0.1:81]
Set up
At this point it is a simple matter of adding a proxy host. Be sure to take advantage of the free SSL offered through Let’s Encrypt ( a non profit Certificate Authority).
- click add proxy host
- Add domain name (the CNAME), IP to forward it to and the port
- Go to SSL tab
- Select “Request a New Certificate” from the dropdown
- Select Force SSL (this will auto forward all http requests to https), agree tot eh terms and add a contact email
You should be good to go. Go ahead and add as many proxies as you have CNAMEs and servers.
Remember
And remember to close down all the ports on your router if you’d been like me and opened a bunch. Now you should only need 80 (http) and 443 (https).
Like I said—it’s been life changing for organizing my environment.
Without judgement
A lot of truth in this. People are funny.
Instagram Since Last Time
Tweet not…
As I haven’t been posting a lot of interesting content over the last few years and since I have been automatically uploading my tweets on a weekly basis, it has kind of made the blog look kinda unappealing. So I decided to block all the Tweeting reposts from the main feed. You can still find them all here: https://macblaze.ca/?cat=9 or in the menu under Categories and they will continue to accumulate in the background.
Hopefully the blog will now look a little bit more like a blog.
Here’s a cat pic to seal the deal.
Why?
Mostly because I don’t like other entities controlling my content. So I repost all my twitter and instagram posts on my own server. At some point I intend to do the same thing for Facebook but it isn’t as easy do to their security etc. I do however download all my content from Facebook and store a copy in my own archives. Paranoid? No, but I do like to be in control 🙂
Some great writing…not.
A “scientific” journal.
High Quality & Rigorous Review Process
The peer-review process of articles is never compromising and the quality is undoubtedly of high standards. The journal imbibes a thorough, neat and clean peer review process by very eminent and world’s leading scientific experts, thereby flushing out the cognizance paucity and empowering access to relevant information timely, about the upcoming and ever-changing developmental process. The journal is primarily based on values centered on loyalty, commitment, scientific accuracy, and ethics. Our rigorous review process accomplishes our core aspiration to give just right and accurate information to the global citizens.—https://www.scivisionpub.com/why-scivision-publishers
Sigh.
Instagram Since Last Time
Gmail and Filters
Further to my previous post about Apple Mail Issue I have been having issues on my new mac with threading conversations. Normally this isn’t much of an issue but I subscribe to the Standard Ebooks Google Group because that is what they use to track projects and keeping the various projects grouped together is pretty important.
Normally what one does is create a rule on the server (iCloud, your webmail etc.) and the server will automatically sort the mail before it gets to your desktop or phone. For example I have all mu linked in emails go straight into a LinkedIn folder or anything related to ebooks purchased routed to an Ebook folder. This means they don’t bing my phone and aren’t sitting in my inbox and I can check them later at my leisure. But for some reason Google had to be different. For the longest time I had the rule on my laptop which was always on and it would sort the gmail emails and then synch that back up to the cloud—a bit of a hack but I couldn’t be bother to try and figure out what Gmail was doing. But the new mini goes into a deeper sleep and doesn’t sort—so I decided to figure out the actual correct solution.
I will save all my the swearing at Google. Suffice it to say that against all conventions, Gmail does not use simple folders but has this weird-assed system of labels and a given email can exist in the inbox and in the label at the same time—which is exactly what I didn’t want.
To Fix it
Go to mail.google.com and sign in to you account
Go to Settings (the gear in the upper left)
Click See all settings
Go to/Click Labels
Click Create new label
be sure (show in IMAP) is checked
Then go to Filters and blocked addresses
Click Create a new filter
Add your criteria. I wanted all emails from standardebooks@googlegroups.com to move to a new folder so I selected From: and entered that address; but I could have selected Subject: etc. to filter by whatever made sense…
Click Create filter
Check Skip the Inbox (Archive it)
and
Check Apply the label: Whatever you chose in the step above
Then Click Create Filter
This will “archive the email — basically removing it from the inbox without marking it as read — and then label it with which ever “folder” you want it to appear in. Then by the time you desktop or phone synchs with the server the email will be moved and not appear in your inbox.
SOOO convoluted. As an aside I find most of what Google apps (gmail, sheets, etc.) do is to make a simple thing more complicated rather than a complicated thing more simple. But then again I prefer a computer does what I tell it to rather than what some anonymous programmer decides is simplest, so maybe it’s just me.
Update to Apple Mail Issue
In Apple Mail Issue I had talked about sorting conversations and threading correctly and frankly rebuilding the mailboxes only worked for a while. Now I have deleted the gmail account entirely and added it back as an IMAP account rather than using Apple & Google’s “secure method.” This entails changing the security setting to allow “less secure apps” and manually adding the IMAP account. So far so good, but we will have to wait and see if this works any better.