emk

systemd-nspawn Container Setup Guide

Want to run Gas Town on a Linux machine with a pretense of isolation? You could probably run Docker if you're sensible, but I decided to be foolish and build a complete VM-like setup on top of systemd-nspawn with:

• A mapped, shared gt directory.
• A network firewall to isolate it from your local net, assuming you use private networking IDs. It should be able to look stuff up on the internet, but probably can't talk to internal stuff.
• A bunch of container namespacing support which seemed like a good idea.

The instructions below are by Claude Code Sonnet 4.5, which also did 80% of the troubleshooting. There may be a missing step or two somewhere. Use at your own risk. This is basically a jury-rigged amateur zoo for observing 10-30 agents. The threat models is "well-meaning but overenthusiastic."

emk

// Change the phase of your orbit, that is, advance yourself a certain
// amount of time along the same orbit path.
//
// See https://en.wikipedia.org/wiki/Orbit_phasing for the math and lots
// of explanations.
//
// AUTHOR: Eric Kidd.
//
// REQUIREMENTS: To run this, you'll need Kerbel Space Program, the kOS mod,
// and a computer on your craft.

emk

{
    "containerDefinitions": [
        {
            "name": "nginx-proxy",
            "image": "771600087445.dkr.ecr.us-east-1.amazonaws.com/nginx-proxy:latest",
            "memory": "128",
            "essential": true,
            "portMappings": [
                {
                    "hostPort": "443",

emk

type alias Model =
  { errorMessage: Maybe String      -- This is what Rails would call a "flash": we just show it.
  , video: Maybe Video.Model        -- Information about a video and subtitles.
  , player: Maybe VideoPlayer.Model -- Player state: URL, playing/paused, time.
  }

type Action
  = VideoLoaded Video.Model
  | VideoPlayerAction VideoPlayer.Action

emk

// Based on:
//   https://github.com/emk/jit.rs/blob/master/src/macros.rs#L41-L64
//   https://github.com/emk/jit.rs/blob/master/src/compile.rs#L105-L109
//   https://github.com/emk/jit.rs/blob/master/examples/hello_world.rs#L22
// Build on branch:
//   https://github.com/emk/jit.rs/tree/rust-beta-updates

trait Foo {}

impl Foo for fn() {}

emk

$ vault help auth/github/config
Error reading help: Error making API request.

URL: GET http://127.0.0.1:8200/v1/auth/github/config?help=1
Code: 500. Errors:

* unsupported operation

emk

Keybase proof

I hereby claim:

• I am emk on github.
• I am emk (https://keybase.io/emk) on keybase.
• I have a public key whose fingerprint is C641 D85B 8218 678E 41F5 7961 5533 ABC9 38D4 BE26

To claim this, I am signing this object:

emk

#!/usr/bin/env ruby
#
# Usage:
#     csv2pbo book.csv > book.pbo

require 'csv'

path = ARGV[0]

# PBO format _looks_ like XML, but the parser is very fragile.  So we

emk

use std::sync::Arc;
use std::sync::RWLock;
use std::task::spawn;
 
trait Common : Sized + Send + Sync {
    fn munge(&mut self);
}

#[deriving(Show)]
struct Foo { i: int }

emk

    /// Call the global JavaScript function named `fn_name` with `args`, and
    /// return the result.
    pub fn call<'a>(&mut self, fn_name: &str,
                    args: &[&Encodable<Encoder<'a>, DuktapeError>]) ->
        DuktapeResult<Value<'static>>
    {
        unsafe {
            assert_stack_height_unchanged!(self, {
                duk_push_global_object(self.ptr);
                fn_name.with_c_str(|c_str| {