XMPP Service Operators - 2021-04-24

  1. tom

    ext-to-btrfs just sounds like a disastrous idea

  2. tom

    just buy or rent a hard drive/cloud storage and migrate the data

  3. tom

    or better use, use zfs

  4. tom

    it's unstable immature crap like that pushed into the "stable" releases of distributions that made me stay the hell away from btrfs

  5. tom

    back in debian jessie, btrfs didn't even warn you when it encountered a corrupted chunk

  6. tom

    not even something in dmesg

  7. tom

    running btrfs is a minefield of this

  8. tom

    » has been broken for years, it will immediately and irrevocable corrupt your partition

  9. tom

    » did that on a laptop 2 years ago and it worked without any issues typical redhat (IBM) mentality. Works on my machine!

  10. tom

    therefor, good enough to sip

  11. tom


  12. tom

    "we only use ssds so we removed that feature"

  13. moparisthebest

    zfs-on-linux is the beta never-gonna-be-good stuff :)

  14. moparisthebest

    btrfs is in the kernel, it works today and you can assume it'll still work tommorow

  15. octagon

    btrfs is *extremely* stable when used in the single, dup, or raid1 modes

  16. octagon

    file system conversions will never be 100% perfect

  17. moparisthebest

    I use btrfs in raid1 and single depending on the machine, but I use it everywhere

  18. Sam

    zfs on linux is the main dev repo now. It *is* the good stuff

  19. moparisthebest

    but it'll never be merged and is often broken by upstream linux changes right ?

  20. xorman

    brtfs vs. zfs 🍿️

  21. octagon

    main dev repo? mainline or of zfs?

  22. xorman

    the only thing I hate about zfs is that cache RAM usage shows as used, not buffer

  23. Kris

    zfs for the win :p

  24. tom

    » <octagon> btrfs is *extremely* stable when used in the single, dup, or raid1 modes yeah but that's not impressive and doesn't offer much over an lvm or hardraid

  25. tom

    moparisthebest: ZoL uses the same zfs codebase as all the other openzfses

  26. octagon

    hwraid doesn't have checksumming, and hwraid/lvm has no compression, dedupe, or snapshots

  27. octagon

    mdraid is tedious to maintain

  28. tom

    including FreeBSD, which is switching to OpenZFS because that's where the good stuff is happening

  29. tom

    » <octagon> hwraid doesn't have checksumming, yes it does

  30. tom

    It's called Type 2 protection and can be had with HBA controllers too

  31. moparisthebest

    yea hardware raid is an immediate hard no

  32. tom

    it's still useful for zfs in that it can prevent some stupid errors relating to the sas cable plug being loose from happening

  33. moparisthebest

    btrfs and zfs both have wins and losses over each other, depends what you want really

  34. tom

    I just don't think so

  35. octagon

    but you should still use btrfs or zfs wherever possible, they are modern file systems no reason to not use them

  36. tom

    there's no scenario i can think of that btrfs does that zfs or some other solution does a whole lot better

  37. moparisthebest

    tom, can I setup a raid1 array with 2x2TB drives today and then add a 3TB drive tommorow and then replace one of the 2TB with a 4TB the next day with ZFS? can with btrfs

  38. tom

    I'd still rather do XFS w/ checksumming on a lvm raid1

  39. tom

    » <moparisthebest> tom, can I setup a raid1 array with 2x2TB drives today and then add a 3TB drive tommorow and then replace one of the 2TB with a 4TB the next day with ZFS? can with btrfs you can append vdevs to a pool

  40. xorman

    why not? you can add devices to a mirror in zfs

  41. octagon

    adding vdevs is a hack

  42. moparisthebest

    I'm under the impression you can't "change shape" with zfs

  43. tom

    reconfigure your topology on the fly is a hack

  44. moparisthebest

    what about changing raid levels ?

  45. tom

    until you issue a 'rebalance' your data is in a very unsafe state

  46. moparisthebest

    like going from single to raid1

  47. tom

    and won't fix itself until you do rebalance manually

  48. tom

    but it's not like it's going to warn you that some of your blocks are only partially replicated

  49. xorman

    > like going from single to raid1 zfs can do that

  50. moparisthebest

    in-place without downtime ?

  51. tom

    » <moparisthebest> I'm under the impression you can't "change shape" with zfs there are some restrictions with regard to Zn and vdev types

  52. xorman

    not sure about the growing/"changing shape"

  53. tom


  54. xorman

    yes, you can add a device to make a mirror on the fly

  55. xorman

    and the good thing is you only sync what is occupied, unlike mdraid

  56. tom

    you just can't reconfigure the topology of a raidZn vdev within a pool

  57. tom

    you can grow it and add/remove other vdevs tough

  58. tom


  59. tom

    you can add multiple raidZn vdevs to a pool

  60. xorman

    so you can't grow a zpool?

  61. tom

    yes you can grow a zpool

  62. tom

    there are many ways to do it

  63. tom

    you can grow the vdevs and/or add more storage type vdevs to a pool

  64. tom

    this is how mine looks

  65. tom

    pool: tank state: ONLINE scan: scrub repaired 0B in 04:02:08 with 0 errors on Thu Apr 8 02:19:10 2021 config: NAME STATE READ WRITE CKSUM SLOW tank ONLINE 0 0 0 - raidz1-0 ONLINE 0 0 0 - scsi-35000c5004247a387 ONLINE 0 0 0 0 scsi-35000c50042488edf ONLINE 0 0 0 0 scsi-35000c5004248a547 ONLINE 0 0 0 0 scsi-35000c500560c720f ONLINE 0 0 0 0 scsi-35000c500565cbc4b ONLINE 0 0 0 0 special mirror-2 ONLINE 0 0 0 - ata-Samsung_SSD_850_EVO_M.2_1TB_S33ENX0H902345P-part3 ONLINE 0 0 0 0 ata-HFS500G32TND-N1A2A_FI64N09421020524Z ONLINE 0 0 0 0 errors: No known data errors

  66. tom

    I plan to replace the special mirror-2 vdev with 12GB/s SAS ssds when I can afford more hardware

  67. tom

    until then I had a m.2 ssd with extra space and a sata ssd i threw in

  68. tom

    i plan to replace the drives within the mirror-2 vdev and then grow that vdev to accomodate more space, then adjust some of the datasets so they are fully accelerated

  69. tom

    currently, just tiny io and metadata are stored within solid state

  70. tom

    because spinning rust is terrible at performance with tiny io

  71. tom

    or random io

  72. tom

    so i just send the tiny and random to the ssds, which they are good at

  73. tom

    best of both worlds!

  74. tom

    and I get a little bit of hardware error-correction across the full path so even a a faulty cable won't cause an error which the software needs to correct and slow things down via the Type 2 protection which my HBA card supports

  75. tom

    the disks use 520-byte sectors instead of 512

  76. tom

    8 bytes are used for hardware ECC

  77. tom

    the rest is given to ZFS to use it's purposes

  78. tom

    this allowed for error correction in the cables, not just the data

  79. tom

    but the sata drives are just stupid and don't have anything fancy

  80. tom

    just consumer drives

  81. tom

    btw, FreeBS13 will use the OpenZFS codebase (the same one OpenZFS on Linux uses)

  82. tom

    or you could use it right now by installing the zfs.ko from ports

  83. tom

    which you should do anyways if you want things like encrypted datasets

  84. xorman

    do you use external SLOG on the SSDs?

  85. tom

    not right now. I used to but currently I just don't have a lot of synchronous writes

  86. xorman

    apt-get is painfully slow for me under zfs, even with sync=disabled. I hope to solve it with a slog but I'm not sure

  87. tom

    keep in mind that a raidZ(n) has the random performance of 1 spindle

  88. tom

    if sync=disabled did not fix your problem try adding a special vdev xorman. It sounds like the apt problem may be database expensive

  89. xorman

    I'm using a mirror

  90. tom

    how many mirror vdevs?

  91. xorman


  92. tom

    oh, so 2 spindle write perf

  93. xorman

    apt-get over spinning ext4 is way faster

  94. tom

    I would suggestion adding a solid state special mirror, and then setting the pool's special allocation class to 64K

  95. tom

    assuming your other datasets's recordsize is 128K

  96. tom

    yeah, ext4 isn't copy on write

  97. xorman

    I might try with sync=enabled and libeatmydata

  98. tom

    what is that?

  99. xorman

    it's a workaround to disable sync writes in dpkg

  100. tom

    why does dpkg use a lot of sync writes?

  101. xorman

    zfs should handle the synced writes anyway with sync=always

  102. xorman

    as a test at least

  103. tom

    the only things that need to be persitent in a package manager is the list of installed packages

  104. octagon

    and ya know the packages it installs 😉

  105. tom

    everything else can be redownloaded or regenerated

  106. xorman

    I heard apt-get has performance issues with btrfs too

  107. tom

    the thing about zfs, well hard drives in generally really, is that if you send too many random writes to them you can starve out everything else

  108. tom

    a drive might be capable up pumping out 200MB/s largeio and 400MB/s sequential, but if you starve it with randomio it's capped to 4MB/s

  109. tom

    or smallio

  110. tom

    you know what has performance issues on zfs? lmdb and monero

  111. tom

    that's a big mess. I have to occasionally copy and delete the data around to defrag it

  112. tom

    hopefully I won't have to do that as much with the special class, or anymore ounce i get bigger ssds

  113. tom

    it's because using LMDB is CoW on CoW

  114. octagon

    Can you not chcon and disable cow for the folder/files?

  115. octagon


  116. xorman

    I guess ethereum may the same problem bc I tried to run a validator and it missed all the blocks due to i/o lag

  117. tom

    zfs is cow

  118. tom

    that's how it fails safe

  119. jonas’

    any DB on top of a Cow filesystem is not going to be fun :)

  120. ernst.on.tour

    Somebody from www.conversejs.org online ? Got a HSTS-Error, your cert is only named for conference.conservejs.org, but not for www Maybe your should add it. Https//conversejs.org is working well

  121. Licaon_Kter

    I've pinged JC

  122. ernst.on.tour

    Thanks ...

  123. nicola

    HI! I am evaluating setting up an XMPP server. Do you suggest to me ejabberd or openfire? Or other?

  124. flow

    nicola, i'd suggest ejabberd or prosody

  125. jonas’

    or snikket if it fits your usecase

  126. jonas’


  127. nicola

    > nicola, i'd suggest ejabberd or prosody Tks. I seem that ejabberd it simpler to install. Am I wrong?

  128. xorman

    both are equally simple

  129. nicola

    > or snikket if it fits your usecase Interesting.

  130. jonas’

    nicola, snikket is in my opinion simplest to set up, it is geared towards friends&family and I recommend it for that

  131. jonas’

    (disclaimer: I am a contributor :))

  132. nicola

    @jonas’ tsk ;-)

  133. nicola

    > nicola, snikket is in my opinion simplest to set up, it is geared towards friends&family and I recommend it for that What are the differences with ejabberd?

  134. jonas’

    nicola, Snikket is a complete suite: Android client, iOS client (closed beta), Server including web interface for easy management

  135. jonas’

    the XMPP server component is a preconfigured prosody with hand-selected modules for ease of use and setup.

  136. jonas’

    as the package is always tested together, many of the issues like "which modules do I need?" "does X work with Y?" don’t occur

  137. jonas’

    being standard XMPP, you can federate with other Snikket (and normal XMPP domains) or use it with other (non-Snikket) XMPP clients such as Dino or Gajim on non-phone systems.

  138. jonas’

    being standard XMPP, you can federate with other Snikket (and normal XMPP) domains or use it with other (non-Snikket) XMPP clients such as Dino or Gajim on non-phone systems.

  139. nicola

    > being standard XMPP, you can federate with other Snikket (and normal XMPP domains) or use it with other (non-Snikket) XMPP clients such as Dino or Gajim on non-phone systems. Tks. Very interesting. I see that the installation is very simple by docker

  140. jonas’

    that’s the goal :)

  141. xorman

    I was also about to recommend Snikket if you are new to server hosting

  142. jonas’

    we also have a chat: xmpp:general@channels.snikket.org?join

  143. jonas’

    if you have any questions or issues with setting it up or something, that’s the place to go :)

  144. nicola

    Ok. I’ll try to install Snikket and I’ll come back here. Thank you again

  145. jonas’

    have fun! :)

  146. nicola

    The iOS app is only for Snikket or is it possible to add other XMPP server accounts?

  147. jonas’

    I’m not sure, I don’t have an apple device myself

  148. jonas’

    I suggest you hop into general@channels.snikket.org and ask there, there are people who are in the iOS beta.

  149. jonas’

    however, during beta, standard snikket server users are preferred because that’s the main focus currently.

  150. nicola

    Here I am, again.

  151. nicola

    I installed Snikket

  152. MattJ

    Using the Snikket iOS app with servers other than a Snikket server or a Tigase server will lead to sub-optimal results

  153. jonas’

    hi nicola :)

  154. nicola

    I am using on iOS Siskin IM

  155. nicola

    Probably this is not the right place, but I see a warning on the SSL connection. Why?

  156. MattJ

    Which server are you connecting to?

  157. nicola

    https://chat.nicfab.it - self hosted

  158. jonas’

    nicola, hmm, do you have a reverse proxy in front?

  159. MattJ

    The certificate on that site says it is for a different site

  160. nicola

    > The certificate on that site says it is for a different site Ok. I try to understand

  161. nicola

    I have a firewall and I thought that the SSL connection was automatically set during the installation

  162. nicola

    I installed certbot. Can I use it to generate certificates for the Snikket site or it is managed by the docker?

  163. MattJ

    Snikket will generate its own certificates

  164. MattJ

    It just needs to listen directly on port 80/443, or you need to configure a reverse proxy if you have other things on the same machine

  165. nicola

    > Snikket will generate its own certificates If I set port 80 it doesn’t work

  166. MattJ

    Because I'm guessing you have something else already using port 80

  167. MattJ

    nginx or apache for example

  168. MattJ

    Documentation is here: https://github.com/snikket-im/snikket-server/blob/master/docs/advanced/reverse_proxy.md

  169. nicola

    Ok. Now it works fine

  170. MattJ

    Great :)

  171. nicola

    I need to set up a reverse proxy. Ho can I access to nginx ?

  172. MattJ

    Depends on your system and how you installed nginx. On most systems you'll find the config at /etc/nginx

  173. nicola

    Sure! I thought nginx was installed inside the docker

  174. MattJ

    There is an nginx inside the docker containers but you never need to touch that (and shouldn't... any changes you make will be lost when it updates)

  175. MattJ

    The documentation I linked is for if you already have nginx or another reverse proxy on your system, so you can share port 80 and port 443 between multiple sites

  176. nicola

    > The documentation I linked is for if you already have nginx or another reverse proxy on your system, so you can share port 80 and port 443 between multiple sites Ok. Tks

  177. mathieui looks at alex connecting one second every ~15 seconds

  178. mathieui

    that is a very bad connectivity issue

  179. Alex

    yeah thanks for the heads up, on a bad connection

  180. mathieui

    Alex, the lowercase you though

  181. mathieui

    seems like a bug more than anything else

  182. Alex

    not me then

  183. mathieui

    I would be curious actually, maybe the lowercase thinks it is in conflict with the uppercase and prevents the final join, then it reconnects after

  184. mathieui

    sadly we’ll never know

  185. nicola

    I was wondering if in the future it will be implemented the registration from the web page instead of by the admin via shell

  186. octagon

    nicola: ejabberd and prosody both support registration via web

  187. octagon

    And both support inband

  188. nicola

    > nicola: ejabberd and prosody both support registration via web Yes, I know. I was referring to Snikket

  189. menel

    Snikket allows registration via invite to a webpage too.. You can just send people a link and they registrate from there..

  190. menel

    I don't think snikket will ever do open registration..

  191. menel

    Easy to setup spam server

  192. rob

    I like the link + web page method

  193. rob

    I might eventually that up on my prosody server

  194. rob

    I wonder if you have multiple vhosts, if they can choose from any of them

  195. rob

    Probably better for the prosody channel

  196. tom

    There is IMMENSE lag to yax.im from my server

  197. tom

    Talking like over 30 seconds

  198. tom

    What's going on over there?

  199. tom

    Is your server paging in and out of swap or something?

  200. menel

    Be gentile to yax.im its handling the vaxvbot flood > https://yaxim.org/blog/2021/04/09/vaxbot-performance-challenge/

  201. rob

    Yes yax.im is under a lot of stress

  202. rob


  203. rob

    I'm getting the urge to write a bot that monitors various system things on your server and reports issues, but also responds to queries. As though I have time for more projects

  204. rob

    aioxmpp library looks good and would be fun to practice Python

  205. octagon

    rob: Jonas has that?

  206. rob

    Oh, the bot? That works be cool

  207. rob

    Or the library? In which case yes it's theirs

  208. tom

    This is hilarious https://yaxim.org/blog/2019/04/01/yaxim-enters-the-matrix/

  209. tom

    Thanks for writing this

  210. tom

    Especially this part: » cvwright on Feb 21, 2019 [–] » » If everyone shared your (lack of) optimism, then we'd still be stuck with: » » * Wonky unwieldy hypertext systems instead of the WWW » » * The Nomad instead of the iPod » » * The Blackberry instead of the iPhone » » * GNU Hurd instead of Linux » » * Geocities instead of Facebook (-- OK maybe that one's a wash :-) » » The point is, sometimes it's worth trying again until you can make it work. Hello, I would fuckin love to live in a world like that

  211. tom

    Can you imagine?