Just a quick tip to remind myself how to properly commit some data that needs to be encrypted with git-crypt.

First of all, if you need to change files pattern or paths of the data you need to encrypt you have to change your .gitattributes file:

1. git clone the encrypted repo
2. modify .gitattributes
3. git add & git commit
4. git push

In case you only have to change encrypted files or add new encrypted files

1. git clone the encrypted repo
2. unlock it with “git-crypt unlock <key path>”
3. verify files are not crypted with “git-crypt status ; file <encrypted files path>”.
   If they’re shown as “data” it means they’re still encrypted (unless they’re binary data by themself)
4. add/change files
5. git add & git commit
6. git-crypt lock
7. verify files are encrypted before pushing repo with “git-crypt status ; file <encrypted files path>”
8. git push

After all this you can blame yourself for turning one more simple thing into a hard one.

These days I’m playing a little bit with Authentik, quite a pretty piece of software if you need a flexible identity provider for your services and don’t want to pay a ton of money for Okta or some other humongous commercial idp.

To be honest the more I spend time on Authentik the more I think It’s probably the best option if you’re looking for an “open source” Okta.

Honestly I don’t need a service like this, I have a basic experience with federation (mostly with SAML2 protocol) but I never had to setup and idp.

This time I tried to federate WordPress and Matomo with Authentik.

With WordPress it was fine, I had only one problem with the RedirectURI that has a querystring, and that means that the question mark needs an escape character, for example:

/wp-admin/admin-ajax.php\?action=openid-connect-authorize

With Matomo… well It was a different story:

1. first of all I had to install the only plugin available (LoginOIDC)

2. as for WordPress I had to escape the querystring question mark for the RedirectURI

3. I had to create a rewrite rule to accept a static RedirectURI

RewriteRule oidc/callback /index.php?module=LoginOIDC&action=callback&provider=oidc$1 [R=301,QSA]

4. I had to manually create the database table for the plugin to work, because the plugin installation procedure missed.

I used this SQL syntax onMariaDB 10:

CREATE TABLE piwik_loginoidc_provider (
user VARCHAR(100) NOT NULL,
provider_user VARCHAR(255) NOT NULL,
provider VARCHAR(255) NOT NULL,
date_connected TIMESTAMP NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(),
PRIMARY KEY (provider_user, provider),
UNIQUE KEY user_provider (user, provider),
FOREIGN KEY (user) REFERENCES piwik_user (login) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_general_ci;

…and finally the OpenID federation plugin start to work.

A couple of considerations:

WordPress: how is it bloody possible that in 2024 the most used CMS, the platform that runs more than 70% of the web does not support out of the box at least one federation protocol?!?!?
This is absolutely crazy imho… stop working on the damn interface and fix this nonsense…

Matomo: c’mon guys… you pretend to be a serious alternative to Google Analytics and you don’t support out of the box at least one federation protocol???? Seriously?!?!?
And the only plugin available was updated almost 1 year ago, we have two options:
1) it has no bugs, maybe it’s the best written piece of software ever made in human history
2) its development is basically abandoned

I would like it’s the first option, but if I had to bet some money I’ll bet on the 2nd one…

Today I did my longest trip so far, around 160 Km, here is what I learned.

Lesson number three: be humble
I know, this may sound obvious but it’s always good to remember.
You have your first bike, you have your license, you have your safety gear, what can go wrong? Well everything.
No, nothing bad happened to me, but the more I ride the more I understand there’s always something to learn, and the moment you feel too comfortable is the moment you’re closer to make mistakes, bad mistakes.
A few days ago I went to a grocery store for buying some stuff, while I was coming back there was a bump in the road and I though I was some sort of enduro superstar, so I was standing on my footpegs just before a turn. I was too fast for it so I started to brake, but while I was braking I was still twisting a little bit the thrust and I almost crushed on the side of the road on a small wall.
Thanks to the ABS I stopped… but I went so close to ruin my day. In that case I don’t think I can get some injury because I was not that fast, I was riding on an empty street and nobody else was involved… but it was a good lesson :’

Lesson number four: your body needs to adjust to riding
Serious adventure riders can ride for hours, hours, hours, and if you look to their fantstic videos you can think that’s a piece of cake, right?
Well, no :)
I’m not speaking about commuting or a small 50Km trip, I’m speaking about riding for 200-300 Km a day, that’s exhausting for your body.
Don’t get me wrong, you can do it, but you need your body to get used to it, you need training and, most important, you need to be patient, Rome was not built in a day, right?
The last time I went to the lake I did about 100Km with one break in the middle, when I returned home I was happy as a child but my legs were really really tired and specially my butt was hurting.
Today I did 160 Km in total, I did 3 breaks; when I stopped for the first break my butt was hurting and I felt my legs tingling a little bit, after a 5 minutes break I was as good as new, same after each of the other breaks.
At the end of the day the trip was fantastic and I was really happy, I felt like I was able to go around the world and more… but no, remember the previous point, be humble, be patient and train yourself :)

As you may heard on march 10th a large fire destroyed part of a big datacenter in Strasbourg owned by OVH (maybe the biggest european service provider), and yes, this blog burned with it.

After the accident there was a huge discussion on the web, flames (sigh…) on Twitter and Reddit about this crazy provider which doesn’t have a disaster recovery plan or some sort of automagic backup, so people get stucked with no options other than start their site/service from scratch…

Some of you may think I’m mad about it and I would run away from this provider… well I’m not and I’ll remain with OVH.

The reasons are very simple, first of all as you can see the blog is back (maybe better than before, things like this always makes you think how can you improve stuff, or at least this is how they work for me) because (surprise surprise!) I had a backup every 6 hours on another location (thanks restic).
The second reason why I decided to stay with OVH is that their vps offer is perfect for my needs, it costs like a shared hosting service and runs so much better, and obviously I can do whatever I want with my private vps, instead of get stucked with only a wordpress hosting service.

And no, I’m not mad with OVH, because even without reading carefully the contract I signed, I knew from the beginning that I had to take care of backups, even if they were included in the service (and they’re not in my case).
Why? Because I want backup made on my way, so I can control them, I can check them, I can figure out the best recovery plan for me.

I understand those who were complaining about backups made in the same location where the burning happened, they payed for a service and it has a flaw (a big one, don’t get me wrong).
But from my perspective there was a bigger flaw, and it was their thinking “ok I paid someone to take care of the backup, job’s done”.
No… no…. NOOOOO!
If you own a service you have the responsibility to take care of the backup, to understand it, to figure out the recovery plan, and to test it; if their backups burned with servers it’s because they missed one, many or all those points.

That’s it, for me the case is closed.

It’s been a while since a wrote something about Eve, and to be honest this is not a State Of The Alliance (SOTA) because… well I’m not an alliance executor and not even a corp CEO, I’m just a regular grunt, as my Twitter bio says I’m just another kender exploring New Eden.

This is not only a post about Eve, in some sense this is a milestone for me because my main character reached the symbolic objective of 100.000.000 skill points; If I sum all the skill points of all my toons I’m reaching about 400.000.000 SP, but you know… the first char is always the most beloved.

Last time I wrote something about Eve I was starting to train one of my biggest and most precious objective, the JF pilot, It was exactly 4 years ago, I reached that goal and despite all the other big objectives (dread and carrier pilots well trainer, two maxed rorqual toons, one almost maxed industrial an reprocessing toon, 6 maxed pi toons, etc etc…) that JF was one of the sweetest and maybe the most precious.

The Italian Alliance I started with died almost 6 months after I joined because of too many elite-pvp players inside, with the core group we joined CO2 back in Tribute, I was part of one of the epic siege of M-OEE8, we fought hard, we lost the first real fought Keepstar citadel and became history.
Then with the entire alliance I moved to Catch and Impass, where we suffered the biggest betrayal in the history of Eve aka “the Judgement Day”.

Thanks to some good friends (and awesome human beings) we moved to Test Alliance Please Ignore in Esoteria, one of the most remote regions of the Eve universe.
We spent almost a year in Test and I have to admit that I loved it, my time in CO2 was great, but the alliance really changed during the years, it became more obsessed on pvp and revenge, almost closed to new players, at some point CO2 became the only alliance without allies and against everyone, and honestly I didn’t like it…
Test was really different, even today I think it’s the most organized alliance I ever seen, awesome wiki, doctrines extremely well documented, very friendly for noobs, everything was great for regular grunts like me, can’t say the same thing for our CEO because Test leadeship seems quite… how can I say… tricky.

After that experience our corp moved into another historic alliance, The Initiative. I always heard about them as smaller but more pvp focused alliance, some kind of elite pvp group inside the Imperium coalition.
At first I was not sure at all and was tempted to leave my corp and stay in Test, but I decided to have faith in our former CEO (I repeat an awsome person) so I jumped into Init.
We started living between Querious (which was the first null region when I started playing Eve) and Fountain, It was tough at first because we lost our habits (we made a lot of huge industrial production in Esoteria) but then I found an equilibrium and things started to work pretty well.

After about six months into the trial alliance Initiative Mercenaries we were promoted as full members of The Initiative, and I have to admit that I was really proud of it, we were parte of one of the most skilled and active groups in the history of Eve.
With Init we made history again, we archived something that everyone in the game considered impossibile, something called the “siege of Rage” which took an entire year of work and preparation and concluded with the destruction of the first Keepstar citadel ever built in the game, we made history, again.

Living in Init is quite different from every other alliance I lived before, in Init I found great fleet commanders, awesome people always helpful and willing to do everything, but it’s a more mature alliance, you must be able to get your stuff, you must be more independent from a logistic point of view, don’t expect the alliance will run for you providing everything you need, you asked to be part of Init, not the opposite.

Now I continue to play, yesterday I lost my first capital into a huge brawl (I used them several times during the years but never lost one) that made almost 1 trillion isk in lost ships, It was awsome.
During the last year I had moments when I really never played, when I thought to leave the game, months spent mainly doing PI, putting skills in the queues and nothing else; it was not an alliance fault, nor my corp fault, it was simply the consequence of huge CCP mistakes, but that’s a different story for a new SOTA rant.

o7