ai
AI on macOS with Apple Silicon: Why It Pays to Run LLMs Through MLX
• <p>Over the past two years, Macs with Apple Silicon chips (M1 through M5) have gone from a curiosity to one of the most practical machines for running language models locally. The reason isn’t raw horsepower, the way it is with dedicated NVIDIA GPUs — it’s the architecture, and the software that takes full advantage of it. That software is <strong>MLX</strong>, an open-source framework from Apple Research.</p><h2 id="why-apple-silicon">Why Apple Silicon</h2> <p>The key advantage is the so-called <strong>unified memory</strong> architecture. On a typical PC with a dedicated graphics card, the model has to physically fit into the GPU’s VRAM — usually 8 to 24 GB on consumer hardware — and the model weights have to be copied back and forth across the PCIe bus. On Apple Silicon, the CPU and GPU share a single pool of memory at full bandwidth, so nothing gets copied anywhere.</p><p>In practice this means a MacBook with 64 GB of memory can run a 70-billion-parameter model at 4-bit quantization — a model that simply won’t fit into the 24 GB VRAM of a much more expensive gaming GPU. Capacity here is limited by the size of your RAM, not by a small amount of graphics memory, and for large models that’s a decisive difference.</p><h2 id="what-mlx-is">What MLX is</h2> <p>MLX is an array framework that Apple released in late 2023, built from the ground up for Apple Silicon. Its API closely follows NumPy (and the higher-level layers follow PyTorch), so it feels immediately familiar to people in the field. Under the hood it uses Metal for GPU acceleration and takes advantage of exactly that unified memory.</p><p>For language models there’s a layer called <strong>MLX LM</strong> — a package and set of command-line tools you install with a single <code>pip install mlx-lm</code>. It can pull thousands of models straight from Hugging Face (the <code>mlx-community</code> organization hosts around 4,800 already-converted models), start a chat with one command, generate text, and fine-tune a model directly on your own machine. MLX offers APIs for Python, Swift, C++, and C.</p><h2 id="why-use-the-optimized-variant">Why use the optimized variant</h2> <p>Running a “plain” model without Apple Silicon optimization means leaving a large chunk of performance on the table. MLX brings two things that are well worth it:</p><ul> <li><strong>Native quantization.</strong> Reducing the precision of the weights (for example to 4 bits) dramatically lowers the memory footprint. Converting a Hugging Face model with <code>mlx_lm.convert</code> takes only a few seconds.</li> <li><strong>Use of next-generation hardware.</strong> The M5 chip added so-called Neural Accelerators to its GPU cores — dedicated matrix-multiplication operations that are critical for inference. Apple reports up to a fourfold speedup in time-to-first-token compared to the M4.</li> </ul> <p>The ecosystem has also matured in other ways: the popular tool Ollama switched its Apple Silicon backend to one built on top of MLX, so even users who don’t know MLX directly benefit from it.</p><h2 id="summary">Summary</h2> <p>On a Mac with Apple Silicon, it makes sense to run LLMs through MLX because it leverages unified memory and Metal and supports both quantization and acceleration on the newest chips. The result is the ability to run models locally, privately, and offline — often at sizes that a standalone consumer GPU wouldn’t have the capacity to handle.</p>
vps
Discount coupons for WEDOS
• <p>Discount: 50%<br>Coupon code: <code>DM222GPGOZ</code><br>Services: <a href="https://www.wedos.cz/?ap=76802">domains</a> (.EU, .ONLINE, .STORE, .TECH, .SITE, .WEBSITE, .SPACE, .FUN), for the first year<br>Coupon valid until: 31.12.2022</p><p>Discount: 50%<br>Coupon code: <code>WN222KJZNB</code><br>Services: <a href="https://www.wedos.cz/?ap=76802">web hosting</a><br>Coupon valid until: 31.12.2022</p><p>Discount: 33%<br>Coupon code: <code>HVYNBPGEKU</code><br>Services: <a href="https://www.wedos.cz/?ap=76802">web hosting, vps, wedos disk</a><br>Coupon valid until: 08.12.2022<br><br>Discount: 33%<br>Coupon code: <code>N2LMA23XDM</code><br>Services: <a href="https://www.wedos.cz/?ap=76802">web hosting, vps, wedos disk</a><br>Coupon valid until: 08.12.2022</p><p>Discount: 25%<br>Coupon code: <code>VD222YPUZB</code><br>Services: <a href="https://www.wedos.cz/?ap=76802">vps ssd</a><br>Coupon valid until: 31.12.2022<br><br>All coupons can be used when ordering a service at <a href="https://www.wedos.cz/?ap=76802">WEDOS</a>. A non-working coupon = the coupon's usage limit has been reached.</p>
docker
Installing Pi-hole in Docker on an RPi4
• <h2>Installing docker on Raspbian OS</h2> <ul> <li><code>sudo apt-get update</code></li> <li><code>sudo apt-get install apt-transport-https ca-certificates curl gnupg lsb-release</code></li> <li><code>curl -sSL https://get.docker.com | sh</code></li> <li><code>sudo usermod -aG docker pi</code></li> <li><code>sudo systemctl enable docker</code></li> </ul> <h2>Installing docker-compose</h2> <ul> <li><code>sudo apt-get install libffi-dev libssl-dev</code></li> <li><code>sudo apt install python3-dev</code></li> <li><code>sudo apt-get install -y python3 python3-pip</code></li> <li><code>sudo pip3 install docker-compose</code></li> </ul> <h2>Installing Pi-hole</h2> <ul> <li>Create a docker compose file for the installation and save it as <code>docker-compose.yml</code></li> </ul> <pre><code class="language-YAML">version: "3" services: pihole: container_name: pihole image: pihole/pihole:latest ports: - "53:53/tcp" - "53:53/udp" - "67:67/udp" - "80:80/tcp" - "443:443/tcp" environment: TZ: 'Europe/Prague' volumes: - './etc-pihole/:/etc/pihole/' - './etc-dnsmasq.d/:/etc/dnsmasq.d/' dns: - 127.0.0.1 - 1.1.1.1 cap_add: - NET_ADMIN restart: unless-stopped </code></pre> <ul> <li>Start building the container with <code>sudo docker-compose up -d</code></li> <li>Connect into the newly created container <code>sudo docker exec -it pihole bash</code></li> <li>Change the password <code>pihole -a -p</code></li> <li>Pi-hole will be available on the server's IP on port 80 <ul> <li>for example <a href="http://192.168.1.55/admin">http://192.168.1.55/admin</a></li> </ul> </li> </ul> <p><strong>If we have, for example, a UFW firewall on the RPI, we also need to allow ports</strong> <code>53, 67, 80 and 443</code>.</p>
Guides
Securing a Raspberry Pi after installation
• <h2>Installing fail2ban</h2> <p>Fail2ban is software that helps prevent brute-force attacks and, after 5 failed login attempts, bans the IP for 10 minutes.</p> <ul> <li><code>sudo apt install fail2ban</code></li> <li><code>sudo service fail2ban restart</code></li> </ul> <h2>Installing a Firewall</h2> <p>On Linux antivirus isn't necessary, unless it's something like a NAS that's accessed from a Windows machine too. But it's very practical to install a firewall and set the rules correctly.</p> <ul> <li><code>sudo apt install ufw</code></li> <li>If we want to allow access to port 80, for example <ul> <li><code>sudo ufw allow 80</code></li> </ul> </li> <li>If we want to allow access to port 80 from a specific address <ul> <li><code>sudo ufw allow from 192.168.1.50 port 80</code></li> </ul> </li> <li>If we want to allow everything from a specific address <ul> <li><code>sudo ufw allow from 192.168.1.50</code></li> </ul> </li> <li>Before enabling the firewall it's good to have ssh access allowed, or we won't be able to get into the device without physical access <ul> <li><code>sudo ufw allow ssh</code></li> </ul> </li> <li>Enable the firewall with <code>sudo ufw enable</code></li> <li>We can check the rules with <code>sudo ufw status verbose</code></li> </ul> <p>The recommendation is to allow port 22, ssh connection, only from a specific address or subnet so that nobody from outside can log in over ssh.</p> <h2>Securing the SSH configuration</h2> <ul> <li>Open the SSH configuration <code>sudo vi /etc/ssh/sshd_config</code></li> <li>Find the line that says <code>PermitRootLogin prohibit-password</code> <ul> <li>If this line is present without <code>#</code>, add it to comment the line out and disable root login over ssh</li> </ul> </li> <li>The setting takes effect only after restarting the ssh service <code>sudo service ssh restart</code></li> </ul> <h2>Changing the password</h2> <ul> <li>After logging into the system, type <code>passwd</code> and change the password</li> </ul>
azure
Installing PowerShell on Linux and managing AzureAD and Exchange Online
• <p>If you want to manage Microsoft AD or Exchange from Linux, just write PowerShell scripts, or use PowerShell to help with various tasks on Linux, you can install it the official way on Debian Linux and "play around". This procedure was tested on Debian 11.</p> <h2>Procedure</h2> <ul> <li>Download the Microsoft repo GPG key <ul> <li><code>wget https://packages.microsoft.com/config/debian/10/packages-microsoft-prod.deb</code></li> </ul> </li> <li>Register the Microsoft repo GPG keys <ul> <li><code>sudo dpkg -i packages-microsoft-prod.deb</code></li> </ul> </li> <li>Update <ul> <li><code>sudo apt-get update</code></li> </ul> </li> <li>Install <ul> <li><code>sudo apt-get install -y powershell</code></li> </ul> </li> <li>Start the PS console <ul> <li><code>pwsh</code></li> </ul> </li> </ul> <h2>Installing modules for AzureAD and ExchangeOnline</h2> <ul> <li>register the repository for downloading modules <ul> <li><code>Register-PackageSource -Trusted -ProviderName 'PowerShellGet' -Name 'Posh Test Gallery' -Location https://www.poshtestgallery.com/api/v2/</code></li> <li><code>Register-PackageSource -Trusted -ProviderName 'PSGallery' -Name 'PS Gallery' -Location https://www.powershellgallery.com/api/v2/</code></li> </ul> </li> <li>Install the AzureAD module <ul> <li><code>Install-Module AzureAD.Standard.Preview</code></li> </ul> </li> <li>Install the Exchange Online module <ul> <li><code>Install-Module ExchangeOnlineManagement</code></li> </ul> </li> <li>Install WSMAN, without which login won't work due to a missing SSL library <ul> <li><code>Install-Module -Name PSWSMan -Scope AllUsers</code></li> <li><code>Install-WSMan</code></li> </ul> </li> </ul> <h2>Connecting to Azure AD</h2> <p><a href="https://docs.microsoft.com/en-us/powershell/module/?view=azureadps-2.0">AzureAD module - command set</a></p> <ul> <li> <p>Enter the login command for AzureAD</p> <ul> <li><code>Connect-AzureAd</code><br> <img src="https://rn.itmoov.eu/media/posts/22/powershell_na_linuxu_connect_azure_01.png" alt="powershell_na_linuxu_connect_azure_01" loading="lazy"></li> </ul> </li> <li> <p>It shows that we should click through to the browser using the attached link and enter the generated code there - so we do<br> <img src="https://rn.itmoov.eu/media/posts/22/powershell_na_linuxu_connect_azure_02.png" alt="powershell_na_linuxu_connect_azure_02" loading="lazy"></p> <p><img src="https://rn.itmoov.eu/media/posts/22/powershell_na_linuxu_connect_azure_03.png" alt="powershell_na_linuxu_connect_azure_03" loading="lazy"></p> <p><img src="https://rn.itmoov.eu/media/posts/22/powershell_na_linuxu_connect_azure_04.png" alt="powershell_na_linuxu_connect_azure_04" loading="lazy"></p> </li> <li> <p>Then the connection is verified and we can return to the console where we'll already be logged in<br> <img src="https://rn.itmoov.eu/media/posts/22/powershell_na_linuxu_connect_azure_05.png" alt="powershell_na_linuxu_connect_azure_05" loading="lazy"></p> </li> <li> <p>To sign out, enter the command</p> <ul> <li><code>Disconnect-AzureAd</code></li> </ul> </li> </ul> <h2>Connecting to Exchange Online</h2> <p><a href="https://docs.microsoft.com/en-us/powershell/module/exchange/?view=exchange-ps">ExchangeOnline - command set</a></p> <ul> <li>Enter the login command for Exchange Online <ul> <li><code>Connect-ExchangeOnline</code><br> <img src="https://rn.itmoov.eu/media/posts/22/powershell_na_linuxu_connect_sharepoint_01.png" alt="powershell_na_linuxu_connect_sharepoint_01" loading="lazy"></li> </ul> </li> <li>It shows that a browser window opened where you need to log in with an MS account and confirm the login<br> <img src="https://rn.itmoov.eu/media/posts/22/powershell_na_linuxu_connect_sharepoint_02.png" alt="powershell_na_linuxu_connect_sharepoint_02" loading="lazy"></li> <li>Then the connection is verified and we can return to the console where we'll already be logged in<br> <img src="https://rn.itmoov.eu/media/posts/22/powershell_na_linuxu_connect_sharepoint_03.png" alt="powershell_na_linuxu_connect_sharepoint_03" loading="lazy"></li> <li>To sign out, enter the command <ul> <li><code>Disconnect-ExchangeOnline</code></li> <li>Without signing out we'd needlessly waste sessions, of which there's a limited number - exactly 3! Sessions are restored after they expire over time; until then we can't reconnect</li> </ul> </li> </ul>
apache
Let's Encrypt with automatic renewal
• <p>Since restrictions on using sites without https - i.e. without a certificate - keep growing, we'll issue such a certificate for our site and also set up automatic renewal. We'll configure this on a reverse nginx proxy, but the procedure will be quite similar when configuring directly on individual sites.</p> <h2>Installing and generating the certificate</h2> <ul> <li>Run apt update <ul> <li><code>apt-get update</code></li> </ul> </li> <li>Install certbot, which will take care of the certificates <ul> <li><code>apt-get install certbot -y</code></li> </ul> </li> <li>Install the package that gives certbot additional features <ul> <li><code>apt-get install python-certbot-nginx -y</code></li> </ul> </li> <li>Create a certificate for the desired site (assuming the nginx proxy already contains some sites) <ul> <li><code>certbot --nginx -d domena.cz -d www.domena.cz</code></li> <li>enter an email</li> <li>accept the license agreement - <code>Y</code></li> <li>decline sharing our email address - <code>N</code></li> <li>choose whether to redirect http to https (<code>2</code>) or not (<code>1</code>)</li> </ul> </li> <li>After entering, it should show that the certificate was successfully created and where it was saved</li> <li>If we open that site's nginx configuration, we'll see that the necessary configuration was added automatically (if we chose option <code>2</code>) for HTTPS, with the certificate locations and the http-to-https redirect</li> </ul> <h2>Automatic certificate renewal</h2> <p>A Let's Encrypt certificate is valid for only 90 days, which means we'd have to log into the server every 90 days and manually generate a new certificate. But we can make it easier in this simple way using <a href="https://crontab.tech/">cron</a>. The line entered in the step below means that every day at midnight a certificate renew command runs; certbot then renews the certificate if its validity is less than 30 days.</p> <p>If we don't have cron on Linux, install it with <code>apt-get install cron -y</code></p> <ul> <li>Open the crontab for editing <ul> <li><code>crontab -e</code></li> <li>Start editing using the <code>i</code> or <code>insert</code> key</li> <li>Enter the following line <code>0 12 * * * /usr/bin/certbot renew --quiet</code></li> <li>Exit editing using the <code>ESC</code> key</li> <li>Save the crontab changes by typing <code>:wq!</code></li> </ul> </li> <li>If we want to verify the setting, enter <code>crontab -l</code></li> </ul>
dns
Email on your own domain using seznam.cz
• <p>We'll show how to quickly and easily set up email for your own domain without needing your own server. We'll use the seznam.cz service and create such an email server with them. Best of all, it's completely free.</p> <p>The guide assumes you already own a domain, but if not you can buy one for example at <a href="https://www.wedos.cz/domeny?ap=76802">WEDOS</a> and with this coupon <code>DM212HUZIU</code> you get 50% off the domain.</p> <h2>Procedure</h2> <ul> <li>Go to <a href="https://emailprofi.seznam.cz">emailprofi.seznam.cz</a></li> <li>Sign in with a Seznam account <ul> <li>the account must be @seznam.cz or @email.cz</li> </ul> </li> <li>After signing in, a page opens with a large orange button <code>Add new domain</code></li> <li>After clicking, a page opens where we enter our domain <ul> <li>for example <code>novak.cz</code></li> </ul> </li> <li>Choose that we have our own domain and continue</li> <li>On the next page, two important values appear; these connect your domain with the Seznam email server via DNS <ul> <li>first, on the purchased domain, delete the existing MX records in the DNS settings</li> <li>then create the first MX record <ul> <li>Name: empty</li> <li>TTL: <code>300</code></li> <li>Type: <code>MX</code></li> <li>Data: <code>10 <value generated by Seznam>.mx1.emailprofi.seznam.cz</code></li> </ul> </li> <li>Once the first is saved, do the same with the second, just use 20 instead of 10</li> <li>Apply the DNS changes</li> </ul> </li> <li>Finish the wizard in the Seznam administration and return to the <a href="https://emailprofi.seznam.cz">administration</a> <ul> <li>Domain verification can take up to 48 hours, but it's usually verified within an hour</li> </ul> </li> <li>Once the domain is verified, we can create a mailbox for the added domain <ul> <li>Click <code>Manage this organization</code></li> <li>Then click <code>Create first mailbox</code></li> <li>Enter the basic mailbox details and click <code>Continue</code></li> </ul> </li> <li>After the mailbox is created, a success message appears and we can sign in to the mailbox</li> </ul>
apache
AreWeDown? Installing on Docker
• <p>AreWeDown is a simple application/server monitoring tool that can send alerts, or you can leave it displayed on a screen to watch how online your services are. We'll show how to get such simple monitoring running in Portainer in a docker container.</p> <h2>Installation</h2> <ul> <li>First we need to create a volume where the configuration will be stored <ul> <li>In Portainer, click <code>Volumes</code> in the left menu</li> <li>In the next window click <code>Add Volume</code></li> <li>Name it for example <code>AreWD</code> and confirm with the <code>Create the volume</code> button</li> </ul> </li> <li>Next we need to create a container <ul> <li>In Portainer, click <code>Containers</code> in the left menu</li> <li>In the next window click <code>Add container</code></li> <li>Enter a container name, for example <code>arewedown</code></li> <li>As the image enter <code>shukriadams/arewedown:0.2.5</code></li> <li>In the <code>Network ports configuration</code> section, manually add one port (any free <strong>host</strong> port can be chosen) <ul> <li>host: <code>81</code> -> container: <code>3000</code></li> </ul> </li> <li>In the <code>Advanced container settings</code> section, expand <code>Volumes</code> and add a mapping <ul> <li>container: <code>/etc/arewedown/config</code> -> volume: <code>areWD - local</code></li> </ul> </li> <li>Now click <code>Deploy the container</code></li> </ul> </li> </ul> <h2>Configuring monitoring</h2> <ul> <li>On the host system, find the created docker volume so we can edit the arewedown configuration <ul> <li>the most common location is <code>/var/lib/docker/volumes/</code></li> <li>in our case it will be <code>/var/lib/docker/volumes/areWD/_data/</code></li> </ul> </li> <li>Open the configuration (if it's missing entirely, create the file -> <code>touch settings.yaml</code>)</li> <li>Into the configuration add, as an example, monitoring of one website and one ts3 server</li> </ul> <pre><code>header: Uptime watchers: itmooveu: # checks if this website is up interval: "*/2 * * * *" url: http://rn.itmoov.eu ts3: test: net.portOpen host: 192.168.0.10 port: 10011 </code></pre> <ul> <li>The <code>header</code> parameter sets the header of the web page</li> <li><code>interval</code> determines, using cron syntax, how often the check runs</li> </ul> <figure class="kg-card kg-image-card"><figure class="kg-image"><img src="https://rn.itmoov.eu/media/posts/19/Sn-mek-obrazovky-2021-07-19-v-11.22.06.png" alt loading="lazy" width="2000" height="717"></figure></figure>
apache
Basic Nginx proxy
• <p>Nginx is an open-source software web server with load management and a reverse proxy. It works with HTTP, SMTP, POP3, IMAP and SSL protocols. It focuses mainly on high performance and low memory usage. That's the definition from Wikipedia. In practice nginx is used mainly as a proxy server that routes websites to the correct addresses and ports and optionally covers them with an SSL certificate. Today we'll show the basic configuration of such a proxy. The guide focuses mainly on the configuration, which was done in a docker container, but it will be the same when installing on bare Linux.</p> <p><strong>Fictional sites we'll enter into the proxy:</strong></p> <ul> <li>domena1.cz</li> <li>domena2.cz</li> <li>domena3.cz</li> </ul> <p><strong>Fictional servers running apache2 with the sites for the domains:</strong></p> <ul> <li>www1 and www2 - 192.168.1.10</li> <li>www3 - 192.168.1.11</li> </ul> <p><strong>Ports of the fictional sites:</strong></p> <ul> <li>www1 - 8080</li> <li>www2 - 8081</li> <li>www3 - 8080</li> </ul> <p><strong>Server running the nginx proxy:</strong></p> <ul> <li>192.168.1.2</li> </ul> <p><strong>Nginx proxy ports:</strong></p> <ul> <li>80</li> <li>443</li> </ul> <h2>Configuring the nginx proxy</h2> <ul> <li>Open <code>/etc/nginx/nginx.conf</code></li> <li>In the http section, add a parameter that increases the allowed number of characters in the domain entered as server_name <ul> <li><code>server_names_hash_bucket_size 128;</code></li> </ul> </li> <li>Save this change and close the file</li> <li>Move to <code>/etc/nginx/conf.d/</code> and create a file <code>proxy.conf</code> here</li> <li>Open the newly created configuration file and enter the following <ul> <li> <pre><code class="language-bash:">server { listen 80; listen [::]:80; server_name domena1.cz; location / { proxy_pass http://192.168.1.10:8080; } } server { listen 80; listen [::]:80; server_name domena2.cz; location / { proxy_pass http://192.168.1.10:8081; } } server { listen 80; listen [::]:80; server_name domena3.cz; location / { proxy_pass http://192.168.1.11:8080; } } </code></pre> </li> </ul> </li> <li>Save and close the file</li> <li>Now reload the nginx service so it picks up the new configuration file and applies the changes <ul> <li><code>service nginx reload</code></li> </ul> </li> </ul> <h2>Configuring DNS</h2> <p>Now we want the domains to point to the proxy server, which then routes them on to the correct apache servers and their ports, so we need to set DNS for the domains.</p> <ul> <li>Open the DNS settings for the domain domena1.cz (this procedure can be replicated for the remaining domains)</li> <li>Choose a new A record and fill it in correctly <ul> <li><strong>Name:</strong> domena1.cz</li> <li><strong>TTL:</strong> 300</li> <li><strong>Type:</strong> A</li> <li><strong>Value:</strong> 192.168.1.2</li> </ul> </li> <li>Save the record and let the changes apply - these usually propagate within an hour for a public DNS provider</li> </ul> <p>Now when you enter <a href="http://domena1.cz">http://domena1.cz</a> in your browser, the flow will be:</p> <ul> <li><code>http://domena1.cz -> 192.168.1.2:80 -> 192.168.1.10:8080</code></li> </ul>
bsod
Windows - User Profile Cannot Be Loaded
• <p>It probably surprises no one that Windows contains some bugs. And that's why this guide had to be written. The complexity isn't great, but I think that if you're a regular PC user you might struggle to fix this error. I'll try to write it all clearly so everyone can understand.</p> <p>The error message in question is:<br> <strong>The User Profile Service failed the sign-in. User profile cannot be loaded.</strong></p> <p>Sometimes the result of this error is signing in with a temporary profile, but very often sign-in doesn't happen at all. In Event Viewer you can often see errors <code>Source: Microsoft-Windows-User Profiles Service</code> or <code>Source: Microsoft-Windows-Winlogon</code>.</p> <p><strong>This guide applies to Windows 7 and Windows Vista!!!</strong></p> <h2>Solution</h2> <ul> <li>Boot the computer into Safe Mode (press F8 while the PC boots) and sign in to your Administrator profile. Usually that's your own profile. In most cases your profile works in Safe Mode.</li> <li>Launch the REGEDIT tool</li> <li>Find the correct registry branch <ul> <li><code>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList</code></li> </ul> </li> <li>Find your profile SID (clicking a SID shows info on the right, including which profile it is)</li> <li>You'll find the same SID in two forms, one of which has a .bak extension. Rename the SID without an extension so it ends in .bak2, and delete the .bak extension from the SID that has it! <ul> <li><img src="https://rn.itmoov.eu/media/posts/17/bak-1.jpg" alt="bak-1" loading="lazy"></li> </ul> </li> <li>Now we've removed the .bak extension from the backup SID and it has become the main SID!</li> <li>Open this SID and find the keys "RefCount" and "State". Both keys must have a value of 0! That means if there's a different value here, you must overwrite it to zero! <ul> <li><img src="https://rn.itmoov.eu/media/posts/17/registry.jpg" alt="registry" loading="lazy"></li> </ul> </li> <li>Then restart the PC and let Windows boot normally. Sign in to your profile. It may take a while! After the second or third sign-in, startup will be at normal speed.</li> </ul> <p><strong>This problem can recur. I strongly recommend testing the HDD and running a diagnostic with an antivirus boot CD. This problem often occurs when the hard drive is damaged or the PC is infected.</strong></p>
cluster
How to install Docker and Portainer
• <p>We'll show how to install Docker and Portainer. If you're reading this you surely know what these two things mean, but let's do a quick recap.</p> <p><strong>Docker</strong><br> <a href="https://www.docker.com">Docker</a> is an open-source software whose goal is to provide a unified interface for isolating applications into containers on macOS, Linux and Windows.</p> <p><strong>Portainer</strong><br> <a href="https://www.portainer.io">Portainer</a> is a simple web UI for managing your Docker installations or Kubernetes clusters.</p> <h2>Installation</h2> <ul> <li>First run apt update <ul> <li><code>apt-get update</code></li> </ul> </li> <li>Then install the prerequisites <ul> <li><code>apt-get install apt-transport-https ca-certificates curl gnupg lsb-release</code></li> </ul> </li> <li>Then download the gpg key <ul> <li><code>curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg</code></li> </ul> </li> <li>Add the Docker installation source into sources.list <ul> <li><code>echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null</code></li> </ul> </li> <li>Now run apt update and upgrade again <ul> <li><code>apt-get update</code></li> <li><code>apt-get upgrade</code></li> </ul> </li> <li>Install docker <ul> <li><code>apt-get install docker-ce docker-ce-cli containerd.io</code></li> </ul> </li> <li>Verify the docker installation with <code>docker --version</code></li> <li>To install Portainer we need to create a docker volume <ul> <li><code>docker volume create portainer_data</code></li> </ul> </li> <li>Then start a container in docker that will contain Portainer, and the appropriate ports will be exposed <ul> <li><code>docker run -d -p 8000:8000 -p 9000:9000 --name=portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce</code></li> </ul> </li> <li>Open the Portainer web interface <ul> <li><code>http://<ip>:9000</code></li> </ul> </li> <li>A first-run wizard opens where we set a password and user</li> <li>Then choose what you want to manage in Portainer; for now we choose Docker <ul> <li>Then click <strong>Connect</strong></li> </ul> </li> <li>If everything went well, a page appears showing our local docker, which we can click into and start managing</li> </ul> <figure class="kg-card kg-image-card"><figure class="kg-image"><img src="https://rn.itmoov.eu/media/posts/16/portainer_1-min-1.png" alt loading="lazy" width="2000" height="1135"></figure></figure><figure class="kg-card kg-image-card"><figure class="kg-image"><img src="https://rn.itmoov.eu/media/posts/16/portainer_2-min-1.png" alt loading="lazy" width="2000" height="1132"></figure></figure>
bat
How to set up a game server - Minecraft Vanilla
• <p>In today's article we'll show how to set up and run a Minecraft game server on Linux and Windows.</p> <h2>Requirements</h2> <p>A Minecraft hosting server isn't very demanding and at the same time it can be very demanding. As for CPU power, the basic rule applies: the higher the single-core frequency, the better the chance of a lag-free server. As for RAM, without proper launch parameters it can easily happen that memory "overflows" and the server crashes.</p> <p>Generally speaking, a vanilla Minecraft server is light on resources and for 20 slots a single core at > 3GHz and 2GB of RAM will be enough. Storage should be SSD with at least 10GB.</p> <p>A chapter of its own is the internet connection. If your server is in a datacenter you probably don't need to worry about this and you'll have at least a "100/100" connection. At home it could be a problem, but if you have at least 10 Mbps upload you have nothing to fear and you'll handle 20 slots - as long as nothing else on your network is eating that bandwidth at the time.</p> <p><strong>Example of such a server or VPS:</strong><br> CPU: 1 thread AMD Ryzen 5 3.6 GHz<br> RAM: 2 GB DDR4<br> SSD: 10 GB (nvme)<br> LAN: 100/100 Mbps</p> <h2>Installing the server on Windows</h2> <ul> <li><a href="https://download.oracle.com/otn-pub/java/jdk/16.0.1+9/7147401fd7354114ac51ef3e1328291f/jdk-16.0.1_windows-x64_bin.exe">Download the current JAVA</a> (64bit) and install it following the wizard after launching the installer</li> <li><a href="https://launcher.mojang.com/v1/objects/a16d67e5807f57fc4e550299cf20226194497dc2/server.jar">Download the Minecraft server (jar file)</a></li> <li>On the drive where the server will live, create a folder "MCvanilka" <ul> <li>for example D:\MCvanilka</li> </ul> </li> <li>Copy the downloaded jar file into the MCvanilka folder</li> <li>In the MCvanilka folder create a new file named "start.bat"</li> <li>Open the newly created file for editing in Notepad or another editor (I recommend VS Code)</li> <li>Enter the following launch parameters for the downloaded jar file <ul> <li><code>java -XX:+UseG1GC -Xms256M -Xmx2G -Dsun.rmi.dgc.server.gcInterval=2147483646 -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:G1ReservePercent=20 -XX:MaxGCPauseMillis=50 -XX:G1HeapRegionSize=32M -jar server.jar nogui</code></li> </ul> </li> <li>Save and run start.bat - this starts creating the directory structure and the necessary configuration files</li> <li>Once the server is up, type the command "stop" to shut it down</li> <li>Open the eula.txt file and, if it isn't there yet, add the following line and save <ul> <li><code>eula=true</code></li> </ul> </li> <li>Open server.properties and set the parameters as explained below</li> <li>Start the server using start.bat</li> </ul> <p><strong>The port you set in server.properties needs to be allowed on the firewall so the server can communicate with player clients.</strong></p> <h2>Installing the server on Linux (RHEL)</h2> <ul> <li>First create a user to run Minecraft under <ul> <li><code> adduser minecraft</code></li> <li><code> passwd minecraft</code></li> </ul> </li> <li>Now we need to install Java <ul> <li><code> sudo dnf install java-16-openjdk-devel</code></li> </ul> </li> <li>After installing Java, check we have the right version <ul> <li><code> java -version</code></li> </ul> </li> <li>If the Java version doesn't match the installed one, we may have multiple Java installations; we can configure which to use <ul> <li><code> sudo update-alternatives --config java</code></li> <li>alternatively, add the full path to the Java binary into the launch script, likely located at <code>/usr/lib/jvm/java-16-openjdk/bin/java</code></li> </ul> </li> <li>Switch to the minecraft user <ul> <li><code> su - minecraft</code></li> </ul> </li> <li>Create a folder for the vanilla server <ul> <li><code> mkdir vanilka</code></li> </ul> </li> <li>Go into the folder <ul> <li><code> cd vanilka</code></li> </ul> </li> <li>Download the current server version as a jar file <ul> <li><code> wget https://launcher.mojang.com/v1/objects/a16d67e5807f57fc4e550299cf20226194497dc2/server.jar</code></li> </ul> </li> <li>Create a launch script <ul> <li><code> touch start.sh</code></li> </ul> </li> <li>Put the following into the launch script <ul> <li><code> java -XX:+UseG1GC -Xms256M -Xmx2G -Dsun.rmi.dgc.server.gcInterval=2147483646 -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:G1ReservePercent=20 -XX:MaxGCPauseMillis=50 -XX:G1HeapRegionSize=32M -jar /home/minecraft/vanilka/server.jar</code></li> </ul> </li> <li>Run the script to initialize the basic structure needed for the server <ul> <li><code> ./start.sh</code></li> </ul> </li> <li>The console spits out an error that may look something like this; we can ignore it, it's expected <ul> <li><code> [17:54:46] [main/ERROR]: Failed to load properties from file: server.properties</code></li> <li><code> [17:54:47] [main/WARN]: Failed to load eula.txt</code></li> <li><code> [17:54:47] [main/INFO]: You need to agree to the EULA in order to run the server. Go to eula.txt for more info.</code></li> </ul> </li> <li>Now open eula.txt and change the parameter to <code>eula=true</code></li> <li>Now open server.properties and configure it to your needs (parameters explained below)</li> <li>Once set, start the server again using the script <ul> <li><code> ./start.sh</code></li> </ul> </li> <li>The server is created, its structure is completed, and it starts and becomes available on the configured port</li> </ul> <p><strong>The port you set in server.properties needs to be allowed on the firewall so the server can communicate with player clients.</strong></p> <h2>server.properties</h2> <p><strong>Sample configuration</strong><br> Minecraft server properties<br> Fri Jul 09 17:55:52 UTC 2021<br> broadcast-rcon-to-ops=true<br> view-distance=10<br> enable-jmx-monitoring=false<br> server-ip=<br> resource-pack-prompt=<br> rcon.port=25575<br> gamemode=survival<br> server-port=25565<br> allow-nether=true<br> enable-command-block=false<br> enable-rcon=false<br> sync-chunk-writes=true<br> enable-query=false<br> op-permission-level=4<br> prevent-proxy-connections=false<br> resource-pack=<br> entity-broadcast-range-percentage=100<br> level-name=world<br> rcon.password=<br> player-idle-timeout=0<br> motd=A Minecraft Server<br> query.port=25565<br> force-gamemode=false<br> rate-limit=0<br> hardcore=false<br> white-list=false<br> broadcast-console-to-ops=true<br> pvp=true<br> spawn-npcs=true<br> spawn-animals=true<br> snooper-enabled=true<br> difficulty=easy<br> function-permission-level=2<br> network-compression-threshold=256<br> text-filtering-config=<br> require-resource-pack=false<br> spawn-monsters=true<br> max-tick-time=60000<br> enforce-whitelist=false<br> use-native-transport=true<br> max-players=20<br> resource-pack-sha1=<br> spawn-protection=16<br> online-mode=true<br> enable-status=true<br> allow-flight=false<br> max-world-size=29999984</p> <p><strong>Important parameters</strong></p> <ul> <li>view-distance <ul> <li>determines how many chunks the server generates and thus the player's view range on the map; the higher the number, the further the player sees, but the more load on the server</li> </ul> </li> <li>server-port <ul> <li>determines which port the server runs on</li> </ul> </li> <li>white-list <ul> <li>determines whether access to the server is conditioned by a list of which players may join</li> </ul> </li> <li>max-tick-time <ul> <li>monitors the maximum time in milliseconds allowed for a single tick; if this threshold is exceeded the server shuts down</li> </ul> </li> <li>max-players <ul> <li>determines the maximum number of player slots; it's good to set it as close to reality as possible</li> </ul> </li> <li>online-mode <ul> <li>if true, only players verified by a Mojang account (i.e. with purchased Minecraft) can connect; if false, this verification isn't done</li> </ul> </li> </ul>