How to Archives - ☩ Walking in Light with Christ - Faith, Computing, Diary ☩ Walking in Light with Christ

Posts Tagged ‘How to’

How to add Bulgarian language to GCompris Kids education software on Debian 12 GNU / Linux installing gcompris via flatpak next generation package distribution tool

Monday, January 26th, 2026

As I have a small currently 5.5 years old Kid Dimitar at home and i'm doing my best to make him learn new things and advance in different areas of life and knowledge.

Today Decided to introduce him to Linux4Kids gcompris a KDE educational set of games for small children.
Once installed with simple

# apt install gcompris-qt

It works fine and default version installable from default Debian distribution is fine, except it does not support Bulgarian.

That is again not a nice suprise, as even some pseudo languages like Belarusian are there to set but Bulgarian missing on the default installable pack:

# dpkg -l |grep -i gcompris
ii gcompris-qt 3.1-2 amd64 educational games for small children
ii gcompris-qt-data 3.1-2 all data files for gcompris-qt

After some tampering and unable to find a native .deb port of the latest release and my undesire to move from debian 12 (bookworm) Desktop Linux laptop at the moment to Debian 13 Trixie, i've finally found a way to install it via flatpak:

For those who never used snap package ecosystem or flatpak, here is a shortly synthesis on it:

Flatpak is an open-source, next-generation framework for building, distributing, and running sandboxed desktop applications on Linux.
It enables developers to package apps once and run them on any Linux distribution by including all necessary dependencies.
Flatpak improves security by isolating applications from the host system.

Flatpaks are containerized applications. They require more space because the bring along their own versions of their dependencies instead of relying on system versions.

While a single application will have greater space requirements, the base images [and potentially overlays] will get shared between them and each successive flatpak will potentially require less overhead.

The pros to using them is that flatpaks are often more current than their distribution packaged versions and they are somewhat isolated from the base system. The cons are that they're not managed with the rest of your system packages, can have slower start times, occasionally have permissions issues, and take up more space.

In some cases, flatpak is a better choice. Sometimes, it's not, and there's no way we can really determine that for you.

Tried up to my best to install the newest version of gcompris which as of time of writting this blog post is gcompris 25.1

# apt info flatpak|grep -i 'descr' -A8 -B8

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

Recommends: ca-certificates, default-dbus-system-bus | dbus-system-bus, desktop-file-utils, hicolor-icon-theme, gtk-update-icon-cache, libpam-systemd, p11-kit, polkitd | policykit-1, shared-mime-info, xdg-desktop-portal (>= 1.6), xdg-desktop-portal-gtk (>= 1.6) | xdg-desktop-portal-backend, xdg-user-dirs
Suggests: avahi-daemon, malcontent-gui
Conflicts: xdg-app
Replaces: xdg-app
Homepage: https://flatpak.org/
Download-Size: 1,400 kB
APT-Manual-Installed: yes
APT-Sources: http://ftp.debian.org/debian bookworm/main amd64 Packages
Description: Application deployment framework for desktop apps
Flatpak installs, manages and runs sandboxed desktop application bundles.
Application bundles run partially isolated from the wider system, using
containerization techniques such as namespaces to prevent direct access
to system resources. Resources from outside the sandbox can be accessed
via "portal" services, which are responsible for access control; for
example, the Documents portal displays an "Open" dialog outside the
sandbox, then allows the application to access only the selected file.

# apt install flatpak

# flatpak remote-add –if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
# flatpak install flathub org.kde.gcompris
# flatpak run org.kde.gcompris

If you have sound glitches of gcompris on Older laptops install all necessery for pipewire run it like that:

# apt install pipewire pipewire-audio-client-libraries pipewire-pulse

Try to run it manually with:

# env PULSE_LATENCY_MSEC=60 ; flatpak run org.kde.gcompris

If still sound glithches are present a workaround is to tune PipeWire buffer/quantum size:

PipeWire buffer/quantum size too aggressive?

Many crackling issues come from too small quantum. Create ~/.config/pipewire/pipewire.conf.d/99-custom.conf

# vim ~/.config/pipewire/pipewire.conf.d/99-custom.conf
and add:textcontext.properties = {
default.clock.rate = 48000
default.clock.quantum = 1024
default.clock.min-quantum = 512
default.clock.max-quantum = 2048
}

#systemctl –user restart pipewire pipewire-pulse

Create a new wrapper script to run you gcompris easily

# vim /usr/local/bin/gcompris.sh

#!/bin/bash
# little hack script to make music streamed via pulseaudio to not have severe glitches when running gcompris latest release on debian 12
# through flatpak
# if not working run cmd
# systemctl –user restart pipewire
LANG=bg_BG.UTF-8
SDL_AUDIODRIVER=pulseaudio
#flatpak run –device=all –socket=pulseaudio org.kde.gcompris
flatpak override –user –env=SDL_AUDIODRIVER=pulseaudio org.kde.gcompris
flatpak override –user –filesystem=~/.config/pipewire:ro org.kde.gcompris
LANG=bg_BG.UTF-8 flatpak run –socket=pulseaudio org.kde.gcompris

# chmod +x /usr/local/bin/gcompris.sh

Hence I run the wrapper script and let the kid enjoy the nice educational stuff while I enjoyed the nice kiddish peaceful music !

# /usr/local/bin/gcompris.sh

P.S. ! If you get issues with pipewire (if you're using one instead of pulseaudio as I do with my Mate desktop environment you can restart it and relaunch the gcompris nice addition to tux4kids (see my previous article Tux for Kids (Tux Math, Tux Paint, Tux Typing) 3 games to develop your children Intellect):

# systemctl –user restart pipewire

Enjoy Gcompris !

Tags: access, after, again, ALL, allows, amd64, Bulgarian, clock, config, Debian, default, Description Application, gcompris, How to, kde, org, scripts, small, software, system resources
Posted in Educational, Games Linux, Linux, Various | No Comments »

How to Optimize Debian Linux on old Computers to Get improved overall Speed, Performance and Stability

Tuesday, December 30th, 2025

How to optimize Debian version 12.12 Linux OS to work responsive on Old ThinkPad laptops like from year 2008 Thinkpad R61 with Window Maker, zram, SSD etc.

Old computers aren’t obsolete but most worthy if you dont want to spend on extra hardware.

With the right setup, Debian Linux can run smoothly on hardware that’s more than a decade old. This article walks through a real-world, proven configuration using a classic ThinkPad R61 (Core 2 Duo, 4 GB RAM, SSD), but the principles apply to many older PCs as well.

Why use Debian Linux on old hardware?

Debian Stable is ideal for old hardware because it offers:

Low baseline resource usage
Long-term stability
Minimal background activity
Excellent support for lightweight desktops
Flexible and well organized and relatively easy to tune

Paired with a minimal window manager, Debian easily outperforms many “lightweight” distros that still ship heavy defaults.

Hardware Baseline PC setup

Test system:

Laptop: ThinkPad R61
CPU: Intel Core 2 Duo
RAM: 4 GB
Storage: SATA SSD
Graphics: Intel X3100 / NVIDIA NVS 140M
Desktop: Window Maker

This is a common configuration for late-2000s business laptops.

1. Desktop Environment: Keep It Simple

Heavy desktop environments is the main factor to slow down an old PC.
Where possible dont use the Desktop environment at all and stick to console.

Recommended:

Window Maker (used by myself)
Openbox
Fluxbox
IceWM

Avoid:

GNOME
KDE Plasma
Cinnamon

Window Maker is especially effective: no compositing, no animations, minimal memory usage.

2. Terminal Choice Matters

For console-based applications (games, tools, system utilities), use a terminal that correctly reports its size. Lets say you use xterm:

$ xterm

You can force a usable terminal size like this:

$ xterm -geometry 80×32 &

This avoids common issues with console applications failing due to incorrect terminal dimensions.

Install urxvt (best choice for terminal productivity)

Open a terminal and run:

# apt update
# apt install rxvt-unicode

Optional (if you want tabbed terminal use suckless):

# sudo apt install suckless-tools

rxvt-unicode-256color → main terminal (n/a in debian) have to install third party
rxvt-unicode-256color-perl → Perl extensions (tabs, URL click, etc.) (n/a in debian, installable via third party)
suckless-tools → includes tabbed, can be used as an alternative for tabs

a. Configure .Xresources

Create or edit ~/.Xresources:

$ vim~/.Xresources

Example for beautiful setup with tabs, transparency, and fonts:

! Basic appearance
! URxvt.font: xft:FiraCode Nerd Font Mono:size=12
URxvt.background: [90]#1c1c1c
URxvt.foreground: #c0c0c0
! URxvt.cursorColor: #ff5555
! URxvt.saveLines: 10000
! URxvt.scrollBar: false
! URxvt.borderLess: true

! Enable tabs using built-in tabbed extension
URxvt.perl-ext-common: default,tabbed

! Tab colors
URxvt.tabbed.tabbar-fg: 15
URxvt.tabbed.tabbar-bg: 0
URxvt.tabbed.tab-fg: 2
URxvt.tabbed.tab-bg: 8

! Keybindings for tabs
! Ctrl+Shift+N → new tab
URxvt.keysym.Control-Shift-N: perl:tabbed:new_tab
! Ctrl+Shift+W → close tab
URxvt.keysym.Control-Shift-W: perl:tabbed:close_tab
! Ctrl+Tab → next tab
URxvt.keysym.Control-Tab: perl:tabbed:next_tab
! Ctrl+Shift+Tab → previous tab
URxvt.keysym.Control-Shift-Tab: perl:tabbed:prev_tab
! Tabs keybindings
URxvt.keysym.Control-N: perl:tabbed:new_tab
URxvt.keysym.Control-W: perl:tabbed:close_tab

b. Apply .Xresources changes

Run:

$ xrdb ~/.Xresources

Then launch urxvt:

$ rxvt

Ctrl+Shift+T → new tab
Ctrl+Shift+W → close tab

c. Optional: Make it even cooler

Install powerline fonts or Nerd Fonts (for fancy prompt icons):

# apt install fonts-firacode

Enable URL clicking and clipboard (already enabled above)
Combine with tmux for extra tabs/panes, session management, and more shortcuts.

3. Retain only last 500MB from journald

Retain only the past 500 MB:

# journalctl –vacuum-size=500M

This is exteremely useful as sometimes failing services might generate ton of unnecessery logs and might flood up the old machine hard disk.

4. Reduce journal memory footprint

# vim /etc/systemd/journald.conf

Set Storage=volatile
Set RuntimeMaxUse=50M

# systemctl restart systemd-journald

5. Trim services boot times

# systemd-analyze blame
# systemd-analyze critical-chain

This tells you which services slow down your boot the most.

6. Disable Unnecessary Services

Old systems benefit massively from disabling unused background services.

Check what’s enabled:

# systemctl list-unit-files –state=enabled

Common candidates to disable (if not needed):

# systemctl disable bluetooth
# systemctl disable cups
#systemctl disable avahi-daemon
#systemctl disable ModemManager

Each disabled service saves RAM and CPU cycles.

7. Dirty Page Tuning (Reduces Freezes)

Defaults favor servers, not laptops.

Edit:

# vim /etc/sysctl.conf

Add:

vm.dirty_background_ratio=5
vm.dirty_ratio=10

This forces writeback earlier, preventing sudden stalls.

8. Memory Tuning: zram Done Right

Does zram make sense with 4 GB RAM and an SSD?

Yes it could, but only in moderation.

zram compresses memory in RAM and acts as fast swap. On a Core 2 Duo, compression overhead is small and the benefit is smoother multitasking.

Recommended zram configuration

Install zram-tools deb package:

# apt install zram-tools

Edit:

# vim /etc/default/zramswap

Set:

PERCENT=15

This creates ~600 MB of compressed swap — enough to absorb memory spikes without wasting RAM.

9. Keep Disk Swap (But Small)

Even with zram, disk swap is useful as a fallback.

Recommended:

1–2 GB swap on SSD
zram should have higher priority than disk swap

Check:

# swapon –show

10. Swappiness and Cache Pressure

Tune the kernel to prefer RAM and zram first:

# vim /etc/sysctl.conf

Add:

vm.swappiness=10
vm.vfs_cache_pressure=50

Apply:

# sysctl -p

This prevents early swapping and keeps the system responsive.

11. CPU Governor: A Hidden Performance Win

Older ThinkPads often run conservative CPU governors.

Install tools:

# apt install cpufrequtils

Set a balanced governor:

# echo 'GOVERNOR="ondemand"' | sudo tee /etc/default/cpufrequtils

# systemctl restart cpufrequtils

This allows the CPU to ramp up quickly when needed.

12. Power and Thermal Management (ThinkPad-Specific)

Install TLP:

# apt install tlp
# systemctl enable tlp
# systemctl start tlp

TLP improves:

Battery life
Thermal behavior
SSD longevity

Defaults are usually perfect – no heavy tuning required.

13. Disable Watchdogs (If You Don’t Debug Kernels)

Watchdogs waste cycles on old CPUs.

Check:

# lsmod | grep watchdog

Disable:

# vim /etc/modprobe.d/blacklist.conf

Add:

blacklist iTCO_wdt
blacklist iTCO_vendor_support

Reboot.

14. Reduce systemd Noise

systemd logs aggressively by default.

Edit:

#vim/etc/systemd/journald.conf

Set:

Storage=volatile
RuntimeMaxUse=50M

Then:

#systemctl restart systemd-journald

Less disk I/O, faster boots.

15. Use tmpfs for caching and Volatile Junk

Put garbage in RAM, not SSD.

Edit:

# vim /etc/fstab

Add:

tmpfs /tmp tmpfs noatime,nosuid,nodev,mode=1777,size=256M 0 0

Optional:

tmpfs /var/tmp tmpfs noatime,nosuid,nodev,size=128M 0 0
# mount -a

16. IRQ Balance: Disable It (might slow down machine)

On single-socket old laptops, irqbalance can hurt.

Disable:

# systemctl disable irqbalance

Test performance; re-enable if needed.

17. Reduce systemd Timeout Delays

Old laptops often wait forever on dead hardware.

Edit:

# vim /etc/systemd/system.conf

Set:

DefaultTimeoutStartSec=10s
DefaultTimeoutStopSec=10s

18. Strip Kernel Modules You Don’t Use

If you don’t use:

FireWire
Bluetooth
Webcam

Blacklist them:

# vim /etc/modprobe.d/blacklist-extra.conf

Example:

blacklist firewire_ohci
blacklist firewire_core
blacklist uvcvideo
blacklist bluetooth

Faster boot, fewer interrupts.

19. X11 Performance Tweaks (Intel Graphics)

Create:

# vim/etc/X11/xorg.conf.d/20-intel.conf

Add:

Section "Device"
Identifier "Intel Graphics"
Driver "intel"
Option "TearFree" "false"
Option "AccelMethod" "sna"
EndSection

20. Disable IPv6 (if not used)

Saves a little RAM and startup time.

Edit:

# vim/etc/sysctl.conf

Add:

net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1

21.Lower Kernel Log Level verbosity

Stop kernel spam.

# dmesg -n 3

Make permanent:

# vim/etc/sysctl.conf

Add:

kernel.printk=3 4 1 3

22.Scheduler Latency (Advanced)

For desktop interactivity:

# vim/etc/sysctl.conf

Add:

kernel.sched_autogroup_enabled=1

Helps UI responsiveness under load.

23.Kill Browser Bloat (Biggest Win)

For Firefox ESR:

Disable telemetry
Enable tab unloading

browser.sessionstore.interval = 300000

No kernel tweak beats this.

a. Enable tab unloading (automatic tab discard)

Open Firefox ESR
Type
about:config
in the address bar.
Accept the warning: “This might void your warranty.”
Search for the following preference:

browser.tabs.unloadOnLowMemory

Default: false
Set to: true

This enables Firefox to unload inactive tabs automatically when memory is low.

b. Optional tuning

Some other preferences you can tweak:

Preference	Description	Suggested value
browser.tabs.maxSuspendedTabs	Maximum number of tabs that can be suspended	10–20
browser.tabs.autoHide	Auto-hide tabs while suspended (older ESR versions)	true
browser.tabs.loadInBackground	Background tabs load in suspended state	true
browser.sessionstore.interval	How often session is saved (ms)	15000

These may vary slightly depending on ESR version.

24. Graphics Considerations

ThinkPad R61 models typically have:

Intel X3100 → works well out of the box
NVIDIA NVS 140M → use nouveau driver

Recommendations:

Avoid proprietary legacy NVIDIA drivers
No compositing
Simple themes only

25. Extremely for Geeks, Build a Custom Kernel (Optional)

Only if you have plenty of time and you have a developers background and maniacal tendencies 🙂

Benefits:

Smaller kernel
Faster boot
Fewer interrupts

Cost:

Maintenance burden

26. Application Choices Matter More Than Tweaks

Keep in mind the application choices matter more than tweeks.
Even the best-tuned system can be ruined by heavy applications.

Recommended software:

Browser: Firefox ESR
File manager: PCManFM
Terminal: xterm, rxvt
Editor: nano, geany

Limit browser tabs and disable unnecessary extensions.

27. Things Not to Do

Avoid:

Huge zram sizes (50%+)
Do not Disable swap entirely
Beware of Aggressive kernel “performance hacks”
Disable any Heavy desktop effects if choosing to run MATE or alike GUI environment

Stability beats micro-optimizations.

Final Recommended Configuration

For a ThinkPad R61 with 4 GB RAM and SSD perhaps the best Linux configuration would be:

Debian Stable
Window Maker
zram: 15%
SSD swap: 1–2 GB
swappiness: 10
TLP enabled
No compositor

This setup would deliver:

Smooth multitasking
No UI lag
Minimal CPU overhead
Long-term stability

Conclusion

Old PCs don’t need to be fast necessery, but can be made work slightly faster, though the limits if used in a proper way with the right software and without out the eye candy nonse of today, they be still fully functionally used.

With Debian, a lightweight window manager, and sensible memory tuning, even 15-year-old + old hardware remains useful today for common daily tasks, and makes it not only useful but fun and different especially if you are a sysadmin or a developer who needs mostly console and a browser.

It gives you another perspective on how to do your computing in a simplier and more minimalistic way.

Of course do not expect the Old Hardware PC to be the perfect station for youtube maniacs, heavy gamers or complete newbies, who dont honor the old PC limited resources and don't want to have a bit of experimental approach to the PC.

Anyways by implementing before mentioned tweaks, they will reward you with reliability and simplicity – something modern over complicated OS and Apps often lack.

Enjoy and Happy Christmas 2025 and Happy New Year 2026 soon ! 🙂

Tags: browser, Cache Pressure, debian linux, Debian performance tweaks, Desktop Window Maker, desktops, Disable Unnecessary Services, Done Right, Enjoy, Final Recommended Configuration, Graphics Considerations, How to, Install, Lightweight Linux, Linux for old hardware, Linux performance tips, Linux system optimization, Linux terminal tabs, Low RAM Linux, nano, Noise, Old PC optimization, SSD optimization, systemctl, Systemd tuning, SysVinit vs systemd, tabs, Terminal Choice Matters, thinkpad r61, Timeout Delays, times, vim, Volatile Junk, Window Maker, xterm, zram
Posted in Linux, Linux Audio & Video, Linux on Laptops, System Administration, System Optimization, Various | No Comments »

How to keep your Linux server Healthy for Years: Hard learned lessons

Friday, November 28th, 2025

how-to-keep-your-linux-servers-healthy-every-year-doctor_tux

I’ve been running Linux servers long enough to watch hardware die, kernels panic, filesystems fill up at midnight hours, and network cards slowly burn out like old light bulbs.

Over time, you learn that keeping a server alive is less about “perfect architecture” and more about steady discipline – the small habits built to manage the machines, helps prevent big disasters.

Here are some practical, battle-tested lessons that keep my boxes running for years with minimal downtime. Most of them were learned the hard way.

1. Monitor Before You Fix – and Fix Before It Breaks

Most Linux disasters come from things we should have noticed earlier. The lack of monitoring, there is modern day saying that should become your favourite if you are a sysadmin or Dev Ops engineer.

"Monitoring everything !"

The disk that was at 89% yesterday will be at 100% tonight.
The log file that grew by 500 MB last week will explode this week.
The swap usage creeping from 1% → 5% → 20% means your next heavy task will choke.
The unseen failing BIOS CMOS battery
The RAID disks degradation etc.

You don’t need enterprise monitoring to prevent this. And even simple tools like monit or a simple zabbix-agent -> zabbix-server or any other simplistic scripted monitoring gives you a basic issues pre-warning.

Even a simple cronjob shell one liner can save you hours of further sh!t :

#!/bin/bash

df -h / | awk 'NR==2 { if($5+0 > 85) print "Disk Alert: / is at " $5 }' \
| mail -s "Disk Warning on $(hostname)" admin@example.com

2. Treat /etc directory as Sacred – Treat It Like an expensive gem

Every sysadmin eventually faces the nightmare of a broken config overwritten by a package update or a hasty command at 2 AM.

To avoid crying later, archive /etc automatically:

# tar czf /root/etc-$(date +%Y-%m-%d).tar.gz /etc

If you prefer the backup to be more sophisticated you can use my clone of the dirs_backup.sh (an old script I wrote for easifying backup of specific directories on the filesystem ) the etc_backup.sh you can get here.
Run it weekly via cron.
This little trick has saved me more times than I can count — especially when migrating between Debian releases or recovering from accidental edits.

3. Automate everything what you have to repeatevely do

If you find yourself doing something manually more than twice, script it and forget it.

Examples:

rotating logs for misbehaving apps
restarting services that occasionally get “stuck”
syncing backups between machines
cleaning temp directories

Here’s a small example I still use today:

#!/bin/bash

# Kill zombie PHP-FPM children that keep leaking memory

ps aux | grep php-fpm | awk '{if($6 > 300000) print $2}' | xargs -r kill -9

Dirty way to get rid of misfunctioning php-fpm ?
Yes. But it works.

4. Backups Don’t Exist Unless You Test Them

It’s easy to feel proud when you write a backup script.
It’s harder – and far more important – to test the restore.

Once a month or at least once in a few months, try restore a random backup to a dummy VM.
Sometimes backup might fails, or you might get something different from what you originally expected and by doing so
you can guarantee you will not cry later helplessly.

A broken backup doesn’t fail quietly – it fails on the day you need it most.

5. Don’t Ignore Hardware – It Ages like Everything Else

Linux might run forever, but hardware doesn’t.

Signs of impending doom:

dmesg spam with I/O errors
slow SSD response
increasing SMART reallocated sectors
random freezes without logs
sudden network flakiness

Run this monthly:

6. Document Everything (Future You Will Thank Past You)

There are moments when you ask yourself:

“Why did I configure this machine like this?”

If you don’t document your decisions, you’ll have no idea one year later.

A simple markdown file inside /root/notes.txt or /root/README.md is enough.

Document:

installed software
custom scripts
non-standard configs
firewall rules
weird hacks you probably forgot already

This turns chaos into something you can actually maintain.

7. Keep Things Simple – Complexity Is the Enemy of Uptime

The longer I work with servers, the more I strip away:

fewer moving parts
fewer services
fewer custom patches
fewer “temporary” hacks that become permanent

A simple system is a reliable system.
A complex one dies at the worst possible moment.

8. Accept That Failure Will Still Happen

No matter how careful you are, servers will surely:

crash
corrupt filesystems
lose network connectivity
inexplicably freeze
reboot after a kernel panic

Don’t aim for perfection.Aim for resilience.

If you can restore the machine in under an hour, you're winning and in the white.

Final Thoughts

Linux is powerful – but it rewards those who treat it with respect and perseverance.
Over many years, I’ve realized that maintaining servers is less about brilliance and more about humble, consistent care and hard work persistence.

I hope this article helps some sysamdmin to rethink and rebundle servers maintenance strategy in a way that will avoid a server meltdown at night hours like 3 AM.

Cheers !

Tags: doesn, doom, hardware, How to, machines, need, restore, running, scripts, servers, services, simple, something, today, years
Posted in Linux, System Administration, Various | No Comments »

How to boost Linux Server Speed with tmpfs and few smart Optimization tweaks

Monday, October 20th, 2025

speed-up-accelerate-wordpress-joomla-drupal-cms-and-mysql-server-with-tmpfs_ramfs_decrease-pageload-times-with-ram-caching.png

If you’ve ever managed a busy Linux server, you’ve probably noticed how I/O bottlenecks can make your system feel sluggish – even when CPU and memory usage look fine. I recently faced this problem on a Debian box running Nginx, PHP-FPM, and MySQL / MariaDB. The fix turned out to be surprisingly simple: using tmpfs for temporary directories and tweaking a few kernel parameters.

1. Identify the resource issue Bottleneck

Running iostat -x 1 showed my /var/lib/mysql drive constantly pegged at 100% utilization, while CPU load stayed low. Classic disk-bound performance issue.

I checked swap usage:

# swapon –show

# free -h

The system was swapping occasionally — not good for performance-critical workloads.

2. Use tmpfs for Cache and Temporary Files

Linux allows you to use part of your RAM as a fast, volatile filesystem. Perfect for things like cache and sessions.

I edited /etc/fstab and added:

tmpfs /tmp tmpfs defaults,noatime,mode=1777,size=1G 0 0

tmpfs /var/cache/nginx tmpfs defaults,noatime,mode=0755,size=512M 0 0

Then:

# mount -a

Immediately, I noticed fewer disk I/O spikes. Nginx’s cache hits were lightning-fast, and PHP temporary files were written in memory instead of SSD.

3. Tune Kernel Parameters

Adding these lines to /etc/sysctl.conf helped reduce swapping and improve responsiveness:

vm.swappiness=10

vm.vfs_cache_pressure=50

Then apply:

# sysctl -p

4. Use tmpfs for MySQL / MariaDB tmpdir (Optional)

If you have enough RAM, move MySQL’s temporary directory to tmpfs:

# mkdir -p /mnt/mysqltmp

# mount -t tmpfs -o size=512M tmpfs /mnt/mysqltmp

# chown mysql:mysql /mnt/mysqltmp

Then set in /etc/mysql/my.cnf: / /etc/mysql/mariadb.cnf

tmpdir = /mnt/mysqltmp

This dramatically speeds up large sorts and temporary table creation.

5. Monitor the Effects and tune up if necessery

After applying these changes, iostat showed disk utilization dropping from 95% to under 20% under the same workload.
Average response times from Nginx dropped by around 30–40%, and the server felt much more responsive.
However other cases might be different so it is a good idea to play around with tmpfs side according to your CPU / Memory system parameters etc. and find out the best values that would fit your Linux setup best.

Short rephrasal

tmpfs is one of those underused Linux features that can make a real-world difference for sysadmins and self-hosters. Just remember that data in tmpfs disappears after reboot, so only use it for volatile data (cache, temp files, etc.).

If you’re running a VPS or small dedicated box and looking for a quick, low-cost performance boost — give tmpfs a try. You might be surprised how much smoother your system feels.

Tags: cnf, data, filesystem, How to, Linux Server Speed, mnt, response times, Short, tmpfs, use
Posted in Linux, Linux and FreeBSD Desktop, MySQL, Performance Tuning, Various | No Comments »

How To Install ChatGPT on Debian Linux with snap

Tuesday, August 19th, 2025

chatgpt-desktop-linux-screenshot

To install ChatGPT (official desktop app) on Debian Linux using Snap, do the following:
You need as

Prerequisites

Debian-based system (e.g., Debian, Ubuntu, Mint whatever deb based Linux).
Snap package manager installed.

1. Install Snap (if not installed)

Run these commands in your terminal:

# apt update sudo apt install snapd

Enable and start the Snap daemon:

# systemctl enable snapd sudo systemctl start snapd

Create a symbolic link to ensure

snap

is accessible:

# ln -s /var/lib/snapd/snap /snap

2. Find ChatGPT Snap Package

The official ChatGPT desktop app (by OpenAI) is not available as a Snap package directly from OpenAI, but a third-party Snap package or wrapper may exist.

You can search with:

# snap find chatgpt

As of now, you might see unofficial community packages (e.g.,

chatgpt-desktop

chatgpt-wrapper

, etc.).

3. Install ChatGPT Snap Package

If you find a package (e.g., chatgpt-desktop), install it like this:

# snap install chatgpt-desktop

Note: Be cautious about third-party Snap packages—review the publisher and permissions.

4.Launch ChatGPT

Once installed, launch it from your app menu or run:

/snap/bin/chatgpt-desktop-client

Alternative (if no Snap available)

If no Snap package is available or you're uncomfortable with third-party sources:

Option: Use the Official .deb Installer

OpenAI released an official desktop app for Linux in

.deb

format:

To use the native deb;

Download from: https://openai.com/chat
Install with:

# apt install ./chatgpt_*.deb

Tags: about, alternative, and, available, based, bin, Chat, com, Commands, community, create, daemon, deb, Debian, debian linux, Desktop, download, enable, find, format, how, How to, installed, need, official, packages, sudo, systemctl, update
Posted in AI on Linux, Linux, Various | No Comments »

How to use gocryptfs to encrypt directory to secure data on Linux / BSD / Unix and Windows

Tuesday, July 22nd, 2025

Cryptography - gocryptfs

If you have sensitive data concentrated in single folder like plain text files with some important data or files that needs to be visible only after decrypted GoCryptFS is a very elegant way to be able to both have the data encrypted but be able to access it at times with a password.

gocryptfs – simple. secure. fast encryption.

gocryptfs uses file-based encryption that is implemented as a mountable FUSE filesystem. Each file in gocryptfs is stored one corresponding encrypted file on the hard disk. The screenshot below shows a mounted gocryptfs filesystem (left) and the encrypted files (right).

The encrypted files can be stored in any folder on your hard disk, a USB stick or even inside the Dropbox folder. One advantage of file-based encryption as opposed to disk encryption is that encrypted files can be synchronised efficiently using standard tools like Dropbox or rsync. Also, the size of the encrypted filesystem is dynamic and only limited by the available disk space.

To use gocryptfs to encrypt a directory on Linux (or macOS), follow these steps. gocryptfs is a FUSE-based encrypted file system that encrypts files on-the-fly and presents a decrypted view when mounted.

Step-by-step: Encrypting a Directory with gocryptfs

# apt-cache show gocryptfs

Package: gocryptfs
Version: 2.3.1-1
Priority: optional
Section: utils
Maintainer: Debian Go Packaging Team <pkg-go-maintainers@lists.alioth.debian.org>
Architecture: amd64
Depends: libc6 (>= 2.34)
Description-en: Encrypted overlay filesystem written in Go
gocryptfs implements an encrypted overlay filesystem that is similar
to EncFS, but uses FUSE and Go. Encryption is done per-file, and directory
structure is preserved. This allows incremental backups and deduplication.
Homepage: https://github.com/rfjakob/gocryptfs

1. Install gocryptfs

On Debian/Ubuntu:

# apt install gocryptfs

On Arch Linux:

# pacman -S gocryptfs

On macOS (install via Homebrew tool):

# brew install gocryptfs

2. Create Two Directories

One for the encrypted data (encrypted_dir)
One to mount the decrypted view (decrypted_mountpoint)

# mkdir ~/encrypted_dir mkdir ~/decrypted_mountpoint

3. Initialize Encrypted Directory

This sets up the encryption config:

# gocryptfs -init ~/encrypted_dir

You will be prompted to create a password. This is needed to mount/decrypt the filesystem.

4. Mount the Encrypted Directory

Now mount the encrypted directory into the decrypted mount point:

# gocryptfs ~/encrypted_dir ~/decrypted_mountpoint

It will ask for the password you created during initialization.

An ls of the directory would look unencrypted like so:

# ls -1 /encrypted_dir/
├── notes.txt
├── photo.jpg
└── projects/
└── report.docx

5. Use the Decrypted View

Now anything you put inside ~/decrypted_mountpoint is automatically encrypted and stored in ~/encrypted_dir. For example:

# echo "secret" > ~/decrypted_mountpoint/secret.txt

You'll see secret.txt encrypted in ~/encrypted_dir as a file with a scrambled name.

6. Unmount When Done

When finished seeing the data or adding new data into the mounted directrory,
to unmount the decrypted view:

On Linux

# fusermount -u ~/decrypted_mountpoint

On macOS or alternative other Unix compatible OS like Free OpenBSD

# umount ~/decrypted_mountpoint

# ls -1 /decrypted_dir/
├── gocryptfs.conf
├── 2YI8IfnpP6qThZUE1Mo-YA
├── 8o8TUS3LgI6K0WZjaPAjkg
└── WmJyYmAKoLJINkWyXr3UAw/

7. AutoMount on boot

To automount on boot or login, consider using systemd or a shell script with your password securely managed.

To mount / unmount encrypted directory you can create a tiny shell script like this:

# cd /usr/local/bin/
# cat mount_crypted.sh
#!/bin/bash
gocryptfs /directory/encrypted/info /directory/encrypted/info-decrypted/
cd /directory/encrypted/info-decrypted/

8. Use Case Example for gocryptfs -reverse

You can use gocryptfs -reverse to create a read-only encrypted mirror of an existing plaintext folder.

Lets say You have this:

/home/user/documents/ ← your plaintext files

You want to create an encrypted view of it at:

/mnt/encrypted_view/

First, create a gocryptfs config:

This can be anywhere, just not inside your plaintext folder.

mkdir ~/.gocryptfs-reverse-config gocryptfs -init ~/.gocryptfs-reverse-config

Mount in reverse mode:

# gocryptfs -reverse -config ~/.gocryptfs-reverse-config/gocryptfs.conf /home/user/documents /mnt/encrypted_view

Now

/mnt/encrypted_view

contains encrypted versions of your documents.

!!! You must not edit or write to

/mnt/encrypted_view

– it's read-only. !!!

9. Create Archive or Sync Backup

For example, make a secure encrypted backup:

rsync -avz /mnt/encrypted_view/ /backup/encrypted/

Or upload to cloud storage (Dropbox, Google Drive, etc.).

Decrypt later on another machine:

Mount the encrypted copy in normal mode:

# gocryptfs /backup/encrypted/ /mnt/decrypted_view

You'll be prompted for the password used when creating the config.

10. Few more Tips

You can also mount with

-ko allow_other

if you want other users to see the encrypted view.

To avoid storing the password, use

–passfile FILE

or integrate with

gopass

10. Use gocryptfs cppcryptfs (native Windows port)

To use on Windows there are different ways to make gocryptfs work on windows:

Option 1: Use gocryptfs via WinFsp + Cygwin or WSL
Option 2: Use gocryptfs with WSL (Windows Subsystem for Linux)
Option 3 (recommended) one – use the native cppcryptfs

Just download the app and install it as any normal Windows app and you're done:

cppcryptfs

It's a native Windows version of gocryptfs
100% compatible with gocryptfs (same encryption format)
Supports drag-and-drop, File Explorer, etc.
No need for WSL or Cygwin

For more details on how gocryptfs works and how to install it on multiple platforms check out the original site https://nuetzlich.net/gocryptfs/

Tags: amd64, Arch Linux, bash, boot, config, created, Decrypted View, encrypted data, encryption, filesystem, How to, Initialize Encrypted Directory, Install, login, machine, mnt, password, sensitive data, shell script, stored, Supports, use
Posted in Computer Security, Curious Facts, Debian, Linux | No Comments »

How to Fix Windows Update Problems: A Complete Guide

Friday, July 11th, 2025

Windows Update is essential for keeping your Windows system secure, stable, and up to date to be on track with latest security patches and (for those working in large corporations) for the PC to be compliant to Company / Corporation / Domain security defined policies and standards. However, users often encounter issues like updates failing to install, being stuck at a certain percentage, or causing error messages. Whether you're using Windows 10 or Windows 11, this guide walks you through proven steps to fix Windows Update problems.

Common Symptoms of Windows Update Issues

Before diving into the solutions, it helps to identify typical signs of update problems:

Updates stuck at 0%, 35%, or 100%
Update error codes like 0x80070002, 0x800f081f, or 0x8024a105
"Windows Update Failed" or "There were problems installing updates"
PC crashes or slowdowns after an update
Restart loops or repeated update attempts

Step-by-Step Guide to Fix Windows Update Problems

1. Restart Your PC and rerun updates

Sometimes (very rarely) a simple reboot clears temporary glitches in the update process.

Steps:

Click Start > Power > Restart
Try running Windows Update again

2. Run the Windows Update Troubleshooter

Windows includes a built-in tool that can automatically detect and fix common update problems.

Steps:

Open Settings > System > Troubleshoot > Other troubleshooters
Find Windows Update and click Run
Follow the prompts and apply any fixes it suggests

3. Check Your Internet Connection

A slow or intermittent connection can prevent updates from downloading or installing.

Tips:

Ensure a stable connection
Avoid using mobile hotspots during large updates
Try a wired Ethernet connection if possible

4. Free Up Disk Space

Windows Update needs adequate space to download and install updates.

To free space:

Open Settings > System > Storage
Use Storage Sense or manually delete:
- Temporary files
- Old downloads
- Unused programs

5. Manually Restart Windows Update Services

Windows Update relies on several background services. Restarting them can resolve stuck updates.

Steps:

Press

Windows + R

, type

services.msc

and press Enter
Find and restart the following:
- Windows Update
- Background Intelligent Transfer Service (BITS)
- Cryptographic Services
Right-click each > Restart

6. Clear the Windows Update Cache (SoftwareDistribution Folder)

Corrupted update files in the SoftwareDistribution folder can cause problems.

Steps:

Press

Windows + R (key)

type

Right-click > Run as Administrator
Stop update services:

net stop wuauserv
net stop bits
Delete the update cache:

Cmd line

del /f /s /q %windir%\SoftwareDistribution\
Restart services:

net start wuauserv net start bits
Try updating again

7. Use the System File Checker (SFC) and DISM Tools

Corrupt system files can interfere with updates.

Steps:

Open Command Prompt as Administrator
Run SFC from cmd line:

sfc /scannow
After it completes, run DISM:

DISM /Online /Cleanup-Image /RestoreHealth

These commands check for system corruption and repair it.

8. Install Updates Manually via Microsoft Update Catalog

If a specific update keeps failing, download and install it manually.

Steps:

Go to: https://www.catalog.update.microsoft.com/
Search the KB number of the failed update
Download the correct version for your system
Run the installer

9. Pause and Resume Updates

This can force Windows to reattempt updates cleanly.

Steps:

Open Settings > Windows Update
Click Pause updates for 1 week
Restart your PC
Go back and click Resume updates

10. Perform an In-Place Upgrade (Repair Install)

If nothing else works, a repair install reinstalls Windows while keeping your files and apps.

Steps:

Download the Media Creation Tool from Microsoft
Choose Upgrade this PC now
Follow prompts and select Keep personal files and apps

This replaces system files and refreshes Windows Update components.

11. Use WuFix.bat script that refreshes services

wufix.bat

SC config trustedinstaller start=auto
net stop bits
net stop wuauserv
net stop msiserver
net stop cryptsvc
net stop appidsvc
Ren %Systemroot%\SoftwareDistribution SoftwareDistribution.old
Ren %Systemroot%\System32\catroot2 catroot2.old
regsvr32.exe /s atl.dll
regsvr32.exe /s urlmon.dll
regsvr32.exe /s mshtml.dll
netsh winsock reset
netsh winsock reset proxy
rundll32.exe pnpclean.dll,RunDLL_PnpClean /DRIVERS /MAXCLEAN
dism /Online /Cleanup-image /ScanHealth
dism /Online /Cleanup-image /CheckHealth
dism /Online /Cleanup-image /RestoreHealth
dism /Online /Cleanup-image /StartComponentCleanup
Sfc /ScanNow
net start bits
net start wuauserv
net start msiserver
net start cryptsvc
net start appidsvc

12. Contact Microsoft or other tech guru Help

If problems persist even after trying the above methods, consider:

Contacting Microsoft Support
Consulting with a local technician
Performing a clean install (as a last resort)

13. Few Final Tips for Smooth Windows Updates

Always back up important data before major updates
Keep drivers and antivirus software up to date
Avoid interrupting the PC during updates
Check for known issues on Microsoft’s support site before installing major feature updates

14. Advanced Commands and Additional Ways to Fix Windows Update Problems

These methods go deeper into system-level repairs and are ideal when the basic fixes fail.

14.1. Reset Windows Update Components Manually (Full Command Script)

Instead of just clearing the cache, reset all update-related services and components.

Steps:

Open Command Prompt as Administrator, and run these commands one at a time:

net stop wuauserv
net stop cryptSvc
net stop bits
net stop msiserver

Rename update-related folders:

ren C:/\Windows/\SoftwareDistribution SoftwareDistribution.old ren C:/\Windows/\System32/\catroot2 catroot2.old

Restart the services:

net start wuauserv
net start cryptSvc
net start bits
net start msiserver

This fully resets the update components.

14.2. Use PowerShell to Re-register Update DLLs

Sometimes DLLs (Dynamic Link Libraries) related to updates become unregistered.

Run this in PowerShell (Admin):

regsvr32 wuaueng.dll regsvr32 wups.dll regsvr32 wups2.dll regsvr32 wuwebv.dll regsvr32 wucltui.dll

14.3. Use PowerShell to Force Update Scan and Install

Open PowerShell as Administrator, and run:

Install-Module PSWindowsUpdate -Force Import-Module PSWindowsUpdate Get-WindowsUpdate Install-WindowsUpdate -AcceptAll -AutoReboot

You may be prompted to install NuGet or trust the repository—accept these prompts.

14.4. Enable Update Services via Registry Editor (Caution)

If your update services are being disabled by group policy or a third-party app, you can reset the registry settings.

Steps:

Press

Win + R

→ type

regedit

→ Enter
Navigate to:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
Delete values like NoAutoUpdate, AUOptions, etc.
Also check:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv
- Ensure Start is set to 2 (automatic)

Always back up your registry before editing!

14.5. Check Group Policy Settings (Windows Pro or Enterprise)

Group Policy can block updates.

Steps:

Press

Win + R

→ type

gpedit.msc

→ Enter
Navigate to:

Computer Configuration > Administrative Templates > Windows Components > Windows Update
Check and disable any restrictive settings like:
- No auto-restart with logged on users
- Configure Automatic Updates
- Do not connect to any Windows Update Internet locations

14.6. Use the Windows Update Assistant

Download the latest Windows Update Assistant from the Microsoft website or Windows 11 equivalent.

This tool bypasses built-in update problems
It can force the latest feature update or build version

14.7. Delete Windows Update Pending.xml File

Sometimes updates fail due to a corrupted

Pending.xml

file.

Steps:

Open Command Prompt as Administrator
Run:

del %windir%\winsxs\pending.xml

This is advanced; use only if you're stuck with a failed update loop.

14.8. Use Event Viewer to Identify Update Errors

Event Viewer can show exactly which update or process is failing.

Steps:

Press

Win + X

→ Event Viewer
Navigate to:

Windows Logs > System
Filter by Error and Warning
Look for sources like:
- WindowsUpdateClient
- CBS (Component-Based Servicing)
- WUSA

Note any error codes or update KB numbers.

14.9. Use Deployment Image Servicing and Management (DISM) from ISO

DISM can be more powerful when pointed to a known good source like an ISO image.

Steps:

Mount a Windows ISO (right-click > Mount)
Note the drive letter (e.g., D:)
Run in CMD (Admin):

cmd.exe

DISM /Online /Cleanup-Image /RestoreHealth /Source:D:\Sources\install.wim /LimitAccess

Replace

D:\

with the correct drive.

14.10. Revert Problematic Updates Using Recovery or Uninstall

If an update caused system problems:

Option A: Uninstall via Settings

Go to Settings > Windows Update > Update History > Uninstall updates

Option B: From Advanced Startup

Hold

while clicking Restart
Go to Troubleshoot > Advanced Options > Uninstall Updates

15.How to install Windows 11 without losing files (Re-install windows with keeping All stored files)

15.1. Download and Use the Media Creation Tool:

Download the Media Creation Tool from Microsoft's website.

a) Go to this website:
www.microsoft.com/en-us/software-download/windows11

b) Click Download Now.

c) Open the file you downloaded.
Double-click it.

d) Accept everything.
Click Accept and Install.

e) Important:
When it asks about keeping files, select:

f) Keep personal files and apps

Wait until it finishes.

Your PC will restart many times.

g) After install:
Your files and programs will still be there.
Run the tool and choose to create installation media for another PC.
Select your language, architecture, and edition of Windows.
Choose to create either a USB flash drive or an ISO file.
Follow the on-screen instructions to complete the process.

15.2 Perform a Clean Install or In-place Upgrade:

Clean Install: This will erase all your personal files, apps, and settings, so be sure to back up your data if you choose this option.
In-place Upgrade: This will keep your files, apps, and settings while reinstalling Windows. This is a good option if you want to try and preserve your existing setup.
To perform an in-place upgrade, boot from the installation media and choose the "Upgrade" option, according to Microsoft Support.

1️⃣ Go to this website:
https://www.microsoft.com/en-us/software-download/windows11

2️⃣ Download “Installation Assistant.”
Click Download Now.

3️⃣ Open the file you downloaded.
Double-click it.

4️⃣ Accept everything.
Click Accept and Install.

5️⃣ Important:
When it asks about keeping files, select:
✅ Keep personal files and apps

6️⃣ Wait until it finishes.

Your PC will restart many times.

It can take 1–2 hours.

After install, Your files and programs will still be there. But anyways just in case don't forget to create a full backup of everything important before you started.

Summary of Useful Commands

Purpose	Command or Tool
Stop Update Services	`net stop wuauserv etc.`
Delete Update Cache	*`del %windir%\SoftwareDistribution\.* /s /q`**
Run SFC	`sfc /scannow`
Run DISM	`DISM /Online /Cleanup-Image /RestoreHealth`
PowerShell Update Module	`Install-Module PSWindowsUpdate`
Force Install Updates	`Install-WindowsUpdate -AcceptAll`
Reset Update Components (Full)	See above command sequence
Manual Update via Catalog

Conclusion

Windows Update problems can be frustrating, but they’re usually fixable with a methodical approach. From restarting services to clearing cache and running built-in tools, this guide covers all essential fixes. Staying updated ensures your PC remains secure, efficient, and compatible with the latest software.

Tags: apps, cause, cmd, cmd line, code, Configure Automatic Updates, copy, Cryptographic Services, Delete Windows Update Pending, Download Installation Assistant, downloads, exe, How to, Install Updates Manually, Manually Restart Windows Update Services, Media Creation Tool, Microsoft Update Catalog, Navigate, net, Open Settings System Storage, Pc, Rename, running, Settings Windows Update Update History Uninstall, times, type, Useful Commands, Warning, Windows Update Internet, WUSA
Posted in Everyday Life, Windows | No Comments »

How to install BASH and use shell scripting on Windows ?

Thursday, June 26th, 2025

install-bash-on-windows-run-and-use-shellscripting-on-windows-howto

Bash (Bourne Again SHell) is definitely a technology that will stay for years to come its simplicity and multi-platoformness is a factor that will definitely continue for many years thus even though it is mostly used on Linux / BSD / Unix, its application on Windows OS-es nowadays is perhaps increasing. Hence since so many people use Winodws nowdays (for work) it is really useful to have Bash set-up on Windows host machine.
In this article, I'll shortly explain how this is done, the article will not have anything too much interesting for the advanced admin or dev ops guy, but I hope people who are entering the business of system administration and high level computing and still orienting might benefit from it.

To install and use Bash shell terminal in Windows there are at least 3 ways:

Use Git Bash (Download and install it directly precompiled on WIndows)
Use Windows WSL emulation (install some Linux distro)
Use Virtualbox / Vagrant / VMware / Hyper-V emulation and install VM from public ISO image.

As a Free Software Lover, I would recommend and always prefer to use the Free Software alternative if that is possible and thanksfully usually I use and install Git Bash or completely install Cygwin (Full set of Linux tools to run like native on Windows together with Mobaxterm) together.

1. Installing Git Bash on Windows (uses MinGW Minimalist GNU for Windows)

Some might prefer to not use Microsoft for managing their bash especially the more freedom in mind people who like GNU and Free software and people.

MinGW is well known among free and open source enthusiasts.
It includes a port of the GNU Compiler Collection (GCC), GNU Binutils for Windows (assembler, linker, archive manager), a set of freely distributable Windows specific header files and static import libraries which enable the use of the Windows API, a Windows native build of the GNU Project's GNU Debugger, and miscellaneous utilities.

MinGW does not rely on third-party C runtime dynamic-link library (DLL) files, and because the runtime libraries are not distributed using the GNU General Public License (GPL), it is not necessary to distribute the source code with the programs produced, unless a GPL library is used elsewhere in the program.

MinGW can be run either on the native Microsoft Windows platform, cross-hosted on Linux (or other Unix), or "cross-native" on Cygwin.

To install Bash via Git, you can use Git for Windows, which includes Git Bash — a lightweight Bash emulator.

Steps to Install Git Bash on Windows

a. Download Git for Windows

Go to the official Git website:

https://git-scm.com/download/win

The download should start automatically.

b. Run the Installer

Open the downloaded .exe file
Follow the installation prompts

Recommended Settings:

Select components: Keep default
Editor: Choose your preferred text editor (e.g., Notepad++ or Vim)
Adjust PATH environment: Choose “Git from the command line and also from 3rd-party software”
Choose SSH executable: Use Built-in OpenSSH
Choose HTTPS transport backend: Use the default (OpenSSL)
Configure line endings: Select “Checkout Windows-style, commit Unix-style line endings”
Terminal emulator: Choose “Use MinTTY (the default terminal)”

Click Next through the remaining steps and then Install.

c. Launch Git Bash

After installation:

Press Windows key, type "Git Bash"
Click to launch the terminal

Now you're using a Bash shell on Windows.

Perhaps most common way is to use Windows Subsystem for Linux (WSL), people follow. WSL is a technology which is native Windows but gives MS Windows the opportunity to act in a way similar to docker containers. WSL lets you run a full Linux environment (including Bash) directly on Windows without using a virtual machine and is really fast and easy on Machine system resources.

2. Installing WSL bash easy from Windows 10 / 11 using Win GUI menus

Steps to install WSL on Windows 10 / 11

Microsoft has since only continued to improve its Windows Subsystem for Linux, and an update in a Windows 10 preview build back in mid-2020 made it easier to install Bash.

That method also works the same as on Win 10 as well as on Win 11.
To install Bash shell emulation, hence open Windows Terminal as an admin user. You can do this by right-clicking the Windows icon and selecting “Windows Terminal (Admin)” from the power user menu.

(If you’re on Windows 10, you should see it listed as “Windows Powershell (Admin)” in the menu.)

To complete WSL install with Virtualized Ubuntu OS

In Windows Terminal, run this command:

PS C:\Users\MyUser> wsl –install

Once everything is downloaded needed to run WSL emulation and Ubuntu Linux distribution, Restart the PC.

Once your PC rebooted, installation will continue automatically.

After Ubuntu installed successfully, you’ll next be prompted to create a username and password and Ubuntu will fire up, and you will have your bash in Windows

Install-WSL-linux-subsystem-for-windows-from-powershell-prompt-screenshot

a. Enabling and Intalling BASH via command line (if WSL Linux subsystem for Windows is not enabled on Windows

It might be your Windows has no configured Windows Subsystem for Linux, hence if that is the case you will need to enable it following below few steps.

b. Enable WSL via dism.exe cmd

Open PowerShell as Administrator and run:

Powershell

PS C:\Users\MyUser> wsl –install

This installs WSL 2 and a default Linux distribution (like Ubuntu).

If you're on Windows 10 or on a PC where whoever installed the OS has not installed the Win Subsystem for Linux, you may need to manually enable WSL:

Launch Powershell

PS C:\Users\MyUser> dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart

PS C:\Users\MyUser> dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart

Then restart your computer and run:

from the Windows Magnifier run Powershell and type in PS1 prompt:

PS C:\Users\MyUser> wsl –set-default-version 2

c. Installing other Linux Distribution (different from Ubuntu)

If not already installed during wsl –install, open the Microsoft Store and search for:

Ubuntu
Debian
Kali Linux
etc.

Click Install on the one you want.

d. Launching WSL / Bash terminal

Once installed:

Open Start Menu
Search for your Linux distro you just installed (e.g., “Ubuntu”)
Launch it

This opens a Bash shell where you can run Linux commands, like in regular Linux but on your Microsoft Windows OS.

Sum it up

What we learned is how to install bash via Bash Git and start using it to have more hybrid environment Windows / Linux. The article explained the two main methods using GIt Bash and using embedded Windows emulator WSL with an emulated Linux distro.

Enjoy ! 🙂

Tags: bash, emulation, Enabling, exe, How to, installed, Installing, Launch Git Bash, linux?, Recommended Settings, run, Select Checkout Windows-style, shell scripting, Ubuntu Debian Kali Linux, ubuntu linux, use, username, using, Windows, Windows Linux, WSL
Posted in Curious Facts, Everyday Life, System Administration, Windows | No Comments »

How to Рecover deleted files in windows with Free ( unpaid ) software

Thursday, June 5th, 2025

How to Restore Deleted Files on Windows 10/11 - TinyFrom

It happens sometimes on Windows that accidently you deleted some files or directory with pressing Shift + DELETE key (not sending it to Trashbin) or by deleting fies / dirs by sending them in Trashbin but you decided you want them back once you have cleared up the Trashbin.
If this is the case it is pretty easy to recover deleted files in Windows using free (freeware) unpaid soft and tools, to do so chooose on of the many options described and follow the some of below methods by the well known and reputable tools pointed next.

1. Use Recuva (Free Version)

Recuva is one of the most popular free file recovery tools from the makers of CCleaner.

Steps:

Download from the official site: https://www.ccleaner.com/recuva
Install and open Recuva.
Select the type of files you want to recover (e.g., pictures, documents).
Choose the drive where the file was deleted.
Use the Deep Scan option if the regular scan fails.
Select files to recover and save them to a different drive to avoid overwriting.

2. Use PhotoRec (Part of TestDisk)

Despite the name, PhotoRec can recover many types of files, not just photos.

Steps:

Download TestDisk & PhotoRec: https://www.cgsecurity.org/
Extract the archive and run photorec_win.exe.
Select the drive, then the partition.
Choose the file system type (typically "Other").
Select a destination for recovered files on another drive.
Let it scan and recover files.

⚠️ PhotoRec runs in a command-line interface but is powerful and completely free.

Note that Photorec is also available and can be used on Linux to recover files and if you're used to do things from command line I strongly recommend to give it a try on Windows as well.

3. Windows File History / Previous Versions (If Enabled)

If File History or System Protection was enabled:

Steps:

Right-click the folder where the file was.
Choose Restore previous versions.
Browse previous versions and restore as needed.

4. Windows File Recovery (Microsoft's Free CLI Tool)

A command-line tool from Microsoft for advanced users is avalable it is called winfr

Steps:

Download from Microsoft Store: Windows File Recovery
Open Command Prompt as Administrator.
To recover just a single file use the command:

C:\>

winfr C: D: /regular /n \Users\YourName\Documents\file.txt

Replace paths as needed.
To recover a directory it is pretty much the same except you have to include the directory instead of file

C:\>

winfr C: D: /regular /n \Users\YourName\Documents\YourDeletedFolder\

Replace

C:

and

D:

with the appropriate source and destination drives.

C:

= source drive (where the folder was deleted)
D:

= destination drive (where recovered files will be saved)
/n

= path filter (target folder)
/regular

= mode suitable for NTFS drives

Important Tips:

Stop using the drive where the file was deleted to avoid overwriting it.
Always recover to a different drive.
The sooner you act, the higher the recovery success rate.

Tags: command, Deleted, destination, directory, download, drive, ecover, Files, Free, free software restore files, freeware, How to, howto, Important Tips, restore accidently deleted files, restore directory, restore files windows, single file, software, type, unpaid, use, using, Windows, Windows File Recovery Microsoft, wwindows, www
Posted in Backups, Curious Facts, Windows | No Comments »

How to convert .p12 ssl certificate to .pem with openssl command

Friday, March 21st, 2025

In cryptography, PKCS #12 defines an archive file format for storing many cryptography objects as a single file. It is commonly used to bundle a private key with its X.509 certificate or to bundle all the members of a chain of trust.

A PKCS #12 file may be encrypted and signed. The internal storage containers, called "SafeBags", may also be encrypted and signed. A few SafeBags are predefined to store certificates, private keys and CRLs. Another SafeBag is provided to store any other data at individual implementer's choice.

PKCS #12 is one of the family of standards called Public-Key Cryptography Standards (PKCS) published by RSA Laboratories.

Privacy-Enhanced Mail (PEM) is a de facto file format for storing and sending cryptographic keys, certificates, and other data, based on a set of 1993 IETF standards defining "privacy-enhanced mail." While the original standards were never broadly adopted and were supplanted by PGP and S/MIME, the textual encoding they defined became very popular. The PEM format was eventually formalized by the IETF in RFC 7468.

If you already have a .P12 certificate password signed provided by someone and you need to convert it a .PEM, this can be done like so:

To convert .p12 certificate :

# Initialize variable
cert_p12_in=your-domain-name-cert.p12
cert_p12_pass='XXXZZZYYYPPPQQQ'
cert_pem_out=your-domain-name-cert.pem

# Extract the private key
openssl pkcs12 -in $cert_p12_in -nocerts -nodes -passin "pass:$cert_p12_pass" 2>/dev/null | sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > $cert_pem_out

# Extract the certificate
openssl pkcs12 -in $cert_p12_in -clcerts -nokeys -passin "pass:$cert_p12_pass" 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> $cert_pem_out

# Extract the Chain certificate, potentially nothing
openssl pkcs12 -in $cert_p12_in -cacerts -nokeys -chain -passin "pass:$cert_p12_pass" 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> $cert_pem_out

# Display the result
cat $cert_pem_out

That's all you should have the .p12 to .pem successfully converted.
Cheers ! 🙂

Tags: bundle, command, data, dev, file format, How to, null, openssl, pem, signed
Posted in Everyday Life, Web and CMS | No Comments »

Posts Tagged ‘How to’

PipeWire buffer/quantum size too aggressive?

Why use Debian Linux on old hardware?

Hardware Baseline PC setup

1. Desktop Environment: Keep It Simple

Avoid:

2. Terminal Choice Matters

Install urxvt (best choice for terminal productivity)

a. Configure .Xresources

b. Apply .Xresources changes

c. Optional: Make it even cooler

3. Retain only last 500MB from journald

4. Reduce journal memory footprint

5. Trim services boot times

6. Disable Unnecessary Services

7. Dirty Page Tuning (Reduces Freezes)

8. Memory Tuning: zram Done Right

Does zram make sense with 4 GB RAM and an SSD?

Recommended zram configuration

9. Keep Disk Swap (But Small)

10. Swappiness and Cache Pressure

11. CPU Governor: A Hidden Performance Win

12. Power and Thermal Management (ThinkPad-Specific)

13. Disable Watchdogs (If You Don’t Debug Kernels)

14. Reduce systemd Noise

15. Use tmpfs for caching and Volatile Junk

16. IRQ Balance: Disable It (might slow down machine)

17. Reduce systemd Timeout Delays

18. Strip Kernel Modules You Don’t Use

19. X11 Performance Tweaks (Intel Graphics)

20. Disable IPv6 (if not used)

21.Lower Kernel Log Level verbosity

22.Scheduler Latency (Advanced)

23.Kill Browser Bloat (Biggest Win)

a. Enable tab unloading (automatic tab discard)

b. Optional tuning

24. Graphics Considerations

25. Extremely for Geeks, Build a Custom Kernel (Optional)

26. Application Choices Matter More Than Tweaks

27. Things Not to Do

Final Recommended Configuration

Conclusion

1. Monitor Before You Fix – and Fix Before It Breaks

2. Treat /etc directory as Sacred – Treat It Like an expensive gem

3. Automate everything what you have to repeatevely do

4. Backups Don’t Exist Unless You Test Them

5. Don’t Ignore Hardware – It Ages like Everything Else

6. Document Everything (Future You Will Thank Past You)

7. Keep Things Simple – Complexity Is the Enemy of Uptime

8. Accept That Failure Will Still Happen

Final Thoughts

1. Identify the resource issue Bottleneck

2. Use tmpfs for Cache and Temporary Files

3. Tune Kernel Parameters

4. Use tmpfs for MySQL / MariaDB tmpdir (Optional)

5. Monitor the Effects and tune up if necessery

Short rephrasal

Prerequisites

1. Install Snap (if not installed)

2. Find ChatGPT Snap Package

3. Install ChatGPT Snap Package

4.Launch ChatGPT

Alternative (if no Snap available)

Option: Use the Official .deb Installer

gocryptfs – simple. secure. fast encryption.

Step-by-step: Encrypting a Directory with gocryptfs

# apt-cache show gocryptfs

1. Install gocryptfs

2. Create Two Directories

3. Initialize Encrypted Directory

4. Mount the Encrypted Directory

5. Use the Decrypted View

6. Unmount When Done

# ls -1 /decrypted_dir/ ├── gocryptfs.conf ├── 2YI8IfnpP6qThZUE1Mo-YA ├── 8o8TUS3LgI6K0WZjaPAjkg └── WmJyYmAKoLJINkWyXr3UAw/

7. AutoMount on boot

8. Use Case Example for gocryptfs -reverse

First, create a gocryptfs config:

Mount in reverse mode:

9. Create Archive or Sync Backup

10. Few more Tips

# ls -1 /decrypted_dir/
├── gocryptfs.conf
├── 2YI8IfnpP6qThZUE1Mo-YA
├── 8o8TUS3LgI6K0WZjaPAjkg
└── WmJyYmAKoLJINkWyXr3UAw/