I use the i3 tiling window manager on Gentoo Linux, and avoid heavy-weight desktop environments like GNOME or KDE. One consequence of this choice is that there isn’t any ‘system theme’ to speak of, that influences ‘Light’ and ‘Dark’ modes within GTK-based applications like Firefox. What this means is that I have no way to switch to ‘Dark’ mode for websites that follow the system theme — like this blog — unless I specially set it up.

My solution for this is fairly straightforward: add a button on my desktop that allows me to switch between light and dark modes. When I click the button, it invokes a script that toggles modes. You can see the button — the one with the 🌓 icon — in the screenshots of my desktop below, right at the bottom of the screen.

Light Mode

Dark Mode

Details

The toolbar at the bottom is rendered by i3blocks, with the following configuration block:

[switch-theme]
full_text=🌓
command=/data/bin/switch-theme

The switch-theme script that the command above invokes is quite simple:

#!/bin/bash
#
# Script to toggle GTK light & dark modes.
#
# The mode is toggled by using the `xsettingsd` daemon,
# which should already be running. The `.xsettingsd`
# configuration file is updated, with exactly one of the
# following sets of values:
#
# Net/ThemeName "Adwaita"       # Light
# Net/IconThemeName "Tela"      # Light
#
# OR
#
# Net/ThemeName "Adwaita-dark"  # Dark
# Net/IconThemeName "Tela-dark" # Dark
#
# Note that these themes must already be installed. The
# script sends a HUP signal to the process, causing the
# setting to take effect at once.
#
# Also note that there's a fun bug in this script that
# I didn't bother to fix, which is: it toggles the keys
# for Net/ThemeName and Net/IconThemeName separately, so
# they will not stay in sync if they didn't start out in
# sync!

set -euxo pipefail

CFG_PATH="$HOME/.xsettingsd"

update() {
    local key="$1"
    local def="$2"
    local alt="$3"
    local old=$(pcregrep -o1 "$key "'"(.*)"' "$CFG_PATH")
    if [ "$?" -eq 0 ]
    then
        local new=$([ "$old" == "$def" ] && echo -ne "$alt" || echo -ne "$def")
        sed -i 's#'$key' .*#'$key' "'$new'"#' "$CFG_PATH"
    else
        echo $key' "'$def'"' >> "$CFG_PATH"
    fi
}

update "Net/ThemeName" "Adwaita" "Adwaita-dark"
update "Net/IconThemeName" "Tela" "Tela-dark"

killall -HUP xsettingsd

For the script above to work, you must first install the gnome-themes-standard and xsettingsd packages on Gentoo, or their equivalents on other Linux distributions. You also need to have the xsettingsd process running, which I’ve added to my .xinitrc startup script.

Lake 22 is another short and easy hike, an hour and twenty minutes away from Bellevue. It is a roundtrip of 5.4 miles with an elevation gain of 1,350 feet. The toughest thing about this hike was finding parking — it turned out to be surprisingly busy at 8:30am, and we ended up parking half a mile away from the trailhead. In fact, it was so busy initially that we had a large group of people blocking our path ahead on the trail and I started regretting my choice of hike. But fortunately, we managed to break through the crowd and sprint ahead.

People who are inconsiderate enough to park their cars with unnecessary gaps, thus depriving others of precious parking spots — some say these are the folks who end up in “Parking Hell” when they die…where they’re forced to drive around mindlessly looking for parking spots, and everytime they find one, someone else swoops in and takes it from them. (Some others disagree, they say they just get sent to Capitol Hill in Seattle to find parking.)

This might be a bit of a quirk, but when it’s just us, Anu and I prefer to get to the turnaround point of the hike as quickly as possible. We might take a break every couple of miles to have a few sips of water, but we seldom pause to take in the sights or take photos. No, all that must wait until the return journey.

Lake 22 offers a pleasant view with calm waters. There’s actually some snow and ice on the mountain across the lake, which reflects on the surface of the water. There are some gorgeous views of the landscape along the trail. You also pass by several gushing waterfalls. Quite a few old tree trunks lie along the route.

I quite enjoyed seeing the diverse flora along the trail. The most interesting of the lot is a orange-and-yellow wildflower called ‘Western columbine’ (aquilegia formosa). That’s the one on the right, below. I also noticed some wonderfully polished rocks that absolutely deserved to be photographed.

Overall, our parking situation added an extra mile for us to walk, but I’m not sure if that ought to count as part of the hike.

View posts in the archive…

Imagine that you live in a weird apocalyptic future, and you want to keep your home safe, so you find yourself a sturdy front door and a high-quality deadbolt to secure it with. Everything is set, and you’re satisfied that you’re safe.

Hardly a minute goes by before you hear a knock on the door. It’s a hooligan trying to get in. You know you’re still safe, and you shoo the person away the best you can without opening the door, but a minute later there’s another knock. And then yet another — it never stops. Checking who’s at the door is tiring work, and you can’t take it anymore. You could ignore all knocks, but you do occasionally get guests, and apocalypse or no, you mustn’t ignore your social circle. What do you do?

You come up with an ingenious scheme. You let your prospective guests know that when they come to your door, they will need to use a special knock sequence that you can recognize. Only when you hear this knock sequence will you bother to even check who’s at the door. “Ignore my protocol at your own peril!”, you warn them all.

The problem with running a public SSH server on your home network is less weird but otherwise not too different from the situation above. Even after securing your server with state-of-the-art certificate authentication and unbreakable ciphers, you find people (mostly automated bots) still trying all day to connect to your server with passwords. While this is not personally tiring, it does end up consuming compute resources and polluting your authentication logs (and as a consequence, obfuscating real problems). One solution to this problem is analogous to the one above — you ask your users to send a few packets to specific ports in a particular sequence, before accepting an SSH connection on the usual port. This works out especially well if the user is you — for instance, if you are using SSH to connect remotely to your home server, and you don’t need to grant access to anyone else.

Here’s how you get this going:

On the server —

• Step 1: Enable netfilter in your Linux kernel for packet sniffing.
• Step 2: Set up the nftables firewall to start automatically.
• Step 3: Configure a port knocking sequence in your firewall rules.
• Step 4: Open up the relevant ports on your home network router firewall.

Steps 1 and 2 are usually specific to the Linux distribution you use, and I would recommend looking up its documentation. For reference, Gentoo’s documentation can provide a general idea of how this is done. Step 3 is accomplished using nftables rules that you can load (and save). Step 4 is router-dependent. For instance, my eero app has a relevant section in Settings → Network settings → Reservations & port forwarding.

✗ Test that you can no longer connect directly over SSH.

On the client —

• Step 5: Set up your SSH configuration to knock on ports.
• Step 6: Test your SSH connectivity.
• Step 7: DONE!

To set up Step 5 on the client-side, you can create a simple knock script in your PATH, make it executable, and configure your SSH client to execute it automatically before connecting to your server.

✓ Test that you can once again connect over SSH.

And it’s as simple as that.

Today’s hike was a relatively easy one, 5.6 miles roundtrip with 1,585 feet elevation gain, with the trailhead along the I-90 corridor. This is, of course, the Teneriffe Falls Trail — not to be confused with the Mount Teneriffe Trail, which begins at the same trailhead but continues for 13 miles all the way up to the summit.

The waterfall at the top was a relatively calm one. In fact, it was only on the way back that we discovered it had even been in plain view about half a mile before getting the top, and both Anu and I had completely missed it on the way up. Perhaps we had been too engrossed in our conversation then.

We picked and ate some salmonberries (rubus spectabilis) on the way down. The yellow ones taste a tad like tomato. We did not eat any of the red-berried elder (samucus racemosa) — they are poisonous if eaten raw! We found a good deal of purple foxglove (digitalis purpurea) that added to the natural beauty of the woods.