Icinga Locale

Getting Unable to interpret /usr/bin/free output? Make sure your locale is not set to something weird, e.g. not C.

Icinga Eventstream

Need to debug if data is sent from a satelite to your master? Use an event stream to filter for CheckResults from hosts matching *foo*:

curl -N -k -s -u 'x:y' \
  -H 'Accept: application/json' \
  -X POST \
  'https://localhost:5665/v1/events?queue=more&types=CheckResult&filter=match%28%22*foo*%22,event.host%29'

The parameter for filter is match=(”*foo*”,event.host) urlencoded.

Stream multipart uploads from a pipe with python requests

With requests-toolbelt you can stream files to a multipart POST, but you can not stream from a pipe, as there is no way to compute the Content-Length HTTP header.

However, if you are in the situation, that you do know the length and data is coming from a pipe, you can wrap it with something like this:

class NotAPipe():
    """ Implement enough of a file like object, that MultipartEncoder can
    use a pipe to stream data """

    def __init__ ( self, pipe, length ):
        self._pipe = pipe
        self._length = length

        self._left = self._length
        self._hash = hashlib.md5()

    def read( self, *args, **kwargs ):
        data = self._pipe.read( *args, **kwargs )
        self._hash.update( data )
        self._left -= len( data )
        return data

    def md5( self ):
        return self._hash.hexdigest()

    def __len__( self ):
        return self._left

The md5 part, is optional, but plays well together with this test server, a Mojolicious::Lite application heaily based on their Streaming Cookbook example. Run it with morbo server.pl. Use it with this complete test client.

Openwrt Firmware

Does your box need a firmware blob to work? Putting it in /lib/firmware will lead to it’s loss on upgrade; /etc on the other hand seems to be kept.

Reptyr to the resuce

Did your XFCE crash during apt-get dist-upgrade and apt-get is now still running and waiting for your input? reptyr to the rescue:

reptyr is a utility for taking an existing running program and attaching it to a new terminal. Started a long-running process over ssh, but have to leave and don’t want to interrupt it? Just start a screen, use reptyr to grab it, and then kill the ssh session and head on home.

Luckily gcc and make was installed, so I could build it ;).

Icinga check_disk Inodes Ignored

Running icinga2 < 2.9.0 and wondering why check_disk ignores your inode thresholds?

Turns out check_disk needs all thresholds specified before passing -A, -R, etc., see #5714

This can be done using the order key (see CheckCommand Documentation):

--- /tmp/command-plugins.conf   2019-05-10 13:15:27.358692552 +0200
+++ /usr/share/icinga2/include/command-plugins.conf 2019-05-10 13:13:03.106517997 +0200
@@ -961,11 +961,13 @@
        "-W" = {
            value = "$disk_inode_wfree$"
            description = "Exit with WARNING status if less than PERCENT of inode space is free"
+           order = -2
        }

        "-K" = {
            value = "$disk_inode_cfree$"
            description = "Exit with CRITICAL status if less than PERCENT of inode space is free"
+           order = -2
        }

        "-p" = {

Nextcloud Doesn't Stop Syncing

Is your nextcloud client constantly syncing with:

The downloaded file does not match the checksum …

According to help.nextcloud.com deleting cached file checksums helps:

UPDATE oc_filecache
SET checksum = ''
WHERE COALESCE (checksum, '') <> '';

ImportError Cannot Import Name Flask

Getting ImportError: cannot import name Flask? Make sure you don’t call your app flask.py.

Still getting the same error, even after a rename? Delete flask.pyc ;).

Puppetdb Report to Csv

Query puppetdb for the last report of this node, and convert the returned json document to csv with the help of jq:

curl \
    -s -G \
    --cert /etc/puppetlabs/puppet/ssl/certs/$(hostname -f).pem \
    --key /etc/puppetlabs/puppet/ssl/private_keys/$(hostname -f).pem \
    --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem  \
    https://puppetdb:8081/pdb/query/v4 \
    --data-urlencode 'query=[
        "from", "reports",
        ["=", "certname", "'$(hostname -f)'"],
        ["order_by", [["end_time", "desc"]]],
        ["limit", 1]
    ]' | jq -r ' .[] |
        [
            .certname,
            .status,
            .end_time,
            ( .metrics.data[] | select(.name == "total") | select(.category == "time") | .value | tostring )
        ] | @csv'

This will result in something like this

"Foo","unchanged","2019-04-05T18:26:00.866Z","10.1234"

Mutt Segfault when piping message

mutt 1.7.2-1+deb9u1 from Debian stretch segfaults when piping a message? Turns out to be related to 860176, at least for me.

The following patch on top of the 1.7.2-1+deb9u1 source package fixes the segfault for me:

Index: mutt-1.7.2/imap/message.c
===================================================================
--- mutt-1.7.2.orig/imap/message.c
+++ mutt-1.7.2/imap/message.c
@@ -508,7 +508,7 @@ int imap_fetch_message (CONTEXT *ctx, ME
      }
      else
        pbar = NULL;
-     if (imap_read_literal (msg->fp, idata, bytes, &progressbar) < 0)
+     if (imap_read_literal (msg->fp, idata, bytes, pbar) < 0)
        goto bail;
      /* pick up trailing line */
      if ((rc = imap_cmd_step (idata)) != IMAP_CMD_CONTINUE)