Today I Learned

			I'm currently at a remote site and wanted to stream
			some games from my bazzite box at home\*. Unfortunately I
			needed to enter a PIN to allow connections from my
			steamdeck I had with me. After a bit of tinkering, I
			found a way to **interact with my remote bazzite** instance:

			Preconditions:
			 * you have sudo privileges without a password
			   (Alternatively you can do `chmod 777 /dev/dri/card0`
			   or put yourself to the video group)
			 * `systemctl start ydotool.service`

			To see the screen:

			```bash
			ssh tox@bazzite 'ffmpeg -device /dev/dri/card0 \
			    -framerate 5 -f kmsgrab -i - \
			    -vf "hwmap=derive_device=vaapi,hwdownload" \
			    -g 120 -f h264 -' | mpv - --no-cache
			```

			To send input:

			```bash
			ydotool type "ABC"
			ydotool key 28:1 28:0 # enter
			...
			```

			It's not good enough to play games, but it helps to quickly
			interact with the steam UI when there's no remote desktop
			available.

			\* I'm using remoteplay + wireguard + vxlan to stream
			my games from remote. Works surprisingly well.
		

			Unattended windows installations are a nightmare. But there's a tool that can help: [schneegans.de/windows/unattend-generator](https://schneegans.de/windows/unattend-generator/)
		

			both **`mdadm` and `pvcreate`** won't override block
			devices if they contain an existing raid or lvm
			signature. For pvcreate, it stops working when you add
			the block device to a volume group.
		

			**Human brains** are surprisingly bad at estimating volumes.
		

			**Hetzner** deploys different mainboard types with their
			bare metal servers. That means: Ordering a server with 4
			SSDs is an easy task, upgrading a given server from 2 to
			4 SSDs isn't.
		

			**Amazon SSM** port forwarding is capped around 1MB/s.
			Not enough to do database dumps in a reasonable amount
			of time.
		

			**`pthread_mutex_unlock()`** is a noop if a mutex was
			unlocked before. Except on OpenBSD. OpenBSD
			`abort()`s.
		

			**Hetzner Object Storage** is not yet [stable enough](https://www.reddit.com/r/hetzner/comments/1scpe8c/hetzner_s3_is_an_abdomination_of_a_product_and/) to be used in production
		

			**Kubespan** has issues when the nodes have temporary
			network addresses. This is especially the case when you
			use the IPv6 Privacy Extensions. A workaround - for
			which I feel bad for - is enable the endpoint filters
			in the talos config.

			```yaml
			# ...
			machine:
			  network:
			    kubespan:
			      enabled: true
			      advertiseKubernetesNetworks: true
			      filters:
			        endpoints:
			          - 0.0.0.0/0
			# ...
			```
		

			**Cilium Agents** don't like it when they get OOM killed. They take the entire node network down.