Skip to main content

Posts for year 2020

Set Firefox to Default Browser in xdg Settings

If you use firefox nightly and chromium you've likely ran into the issue where some apps launch chromium as the default browser for URLs. This is ultimately due to firefox nightly not having a true installer which would create the firefox.desktop file that xdg-settings uses to set/determine the browser to open on xdg-open events.

To verify the current settings you can use: xdg-settings get default-web-browser which will likely return chromium.desktop.

To change this, you will need to create a firefox.desktop file and use the xdg-settings command:

  • in a terminal, clear BROWSER: export BROWSER=""
    • just to make sure it is not set which can cause other issues
  • create a firefox.desktop file in /usr/share/applications/ with the following content:
[Desktop Entry]
Name=Firefox Browser
GenericName=Web Browser
Comment=Access the Internet
Exec=/PATH_TO_FIREFOX_BIN/firefox %U

[Desktop Action new-window]
Name=New Window

[Desktop Action new-private-window]
Name=New Incognito Window
Exec=/PATH_TO_FIREFOX_BIN/firefox --incognito

NOTE: you will need to change /PATH_TO_FIREFOX_BIN/ to the path to your firefox binary.

  • change xdg to use firefox: xdg-settings set default-web-browser firefox.desktop
  • check xdg setting: xdg-settings get default-web-browser
  • test the change: xdg-open ""
    • this should open the URL in firefox

Also note you should check the default application (update-alternatives) gnome and default browsers settings:

  • default: update-alternatives --config x-www-browser
  • gnome: update-alternatives --config gnome-www-browser
  • kde: check System Settings > Applications > Default Applications > Web Browser

Graylog Syslog Grok Extractor

I have several apps in my k8s cluster which run behind a lighttpd web server where I wanted the access logs to be sent to graylog. The setup of lighttpd is relatively basic:

# /etc/lighttpd/lighttpd.conf

var.basedir  = "/var/www/localhost"
var.logdir   = "/var/log/lighttpd"
var.statedir = "/var/lib/lighttpd"

server.modules = (

include "mime-types.conf"

server.username      = "lighttpd"
server.groupname     = "lighttpd"

server.port          = 80
server.document-root = var.basedir + "/htdocs"      = "/run/"

server.indexfiles    = ("index.html")

server.errorlog-use-syslog = "enable"
accesslog.use-syslog       = "enable"

Next we need to tell rsyslog to send logs to graylog:

# /etc/rsyslog.d/dxc-graylog.conf

*.* @graylog-udp.graylog.svc.cluster.local:5410;RSYSLOG_SyslogProtocol23Format

Note that you will need to change the URL and port to match the graylog syslog URL and port you have. Also notice that we are using RSYSLOG_SyslogProtocol23Format format. This results in a log message with a message value similar to the following in graylog: - [28/Oct/2020:06:28:06 -0400] "GET / HTTP/1.1" 200 6341 "-" "kube-probe/1.16"

This should all work; however, we would like to have the message parsed - enter the grok pattern! In Graylog, go to your Syslog Input and click Manage Extractors. Add an Extractor with the following info:

  • select extractor type for the message field with a Grok Pattern
  • enter grok pattern:
%{SYSLOGHOST:host} %{SYSLOGHOST:referer} - \[%{HTTPDATE:timestamp}\] "(?:%{WORD:verb} %{NOTSPACE:request}(?: HTTP/%{NUMBER:httpversion})?|%{DATA:rawrequest})" %{NUMBER:response} (?:%{NUMBER:bytes}|-) %{QS:referrer} %{QS:agent}
  • Condition: Always try to extract
  • Extraction strategy: Copy
  • Extractor title: RFC5424
  • click the Create extractor

That should be all that is needed, go to your syslog stream and check (make sure you pick a message that came in after you created the extractor) to ensure the new fields are being created!

Minimalistic Coding Standard

Minimalistic applications require sound design and development which produce applications that are easier to run, use, support, and maintain over the life of the application.

The Minimalistic Coding Standard (MCS) is a simple coding (design, development, deployment) philosophy which emphasizes minimalism in all aspects of coding.

Core concepts of MCS:

  • simple over complex
  • one good way over multiple ways
  • simply secure over not

KIM = Keep it minimal

Setup SAR on Alpine Linux

There are several good articles on setting up SAR for debian (sar on ubuntu/debian) and redhat systems but I could find few on Alpine (perhaps because it is simple).

In any event, here's my process for setting up sar to run periodically via cron to track server stats.


Install with: apk add sysstat


Not a lot of setup is required, you may want to review the /etc/sysconfig/sysstat file for options.

Running Via cron

Create a cron task as you like to kick off sar periodically, the following will run sar every 2 minutes.

# Run sar to gather stats
*/2 * * * *   /usr/lib/sa/sa1 1 1
# Additional run at 23:59 to rotate the statistics file
59 23 * * *   /usr/lib/sa/sa1 60 2


Alpine's sysstats logs are in /var/log/sa

spw - simple, light, cli password manager

spw is a python application that stores and retrieves passwords in a secure maner. spw is designed to be quick, light on resources/dependencies, and command line/script driven.

Passwords are stored in an encrypted format using PKCS1_OAEP encryption. This means you use a public and private key to encrypt and decrypt items stored within the store. This is a secure method of password storage and there is virtually no chance someone (including yourself) can view decrypted passwords without the private key.

spw is intended to provide a secure mechanism to store (and more importantly retrieve) passwords. spw's command-line interface allows easy integration into openbox's keyboard shortcut functionality (or similar tools). spw provides an easy mechanism for copying a password to the clipboard (e.g. C+A+j will copy the gmail junk account's password to your clipboard). - spw - about

I have used spw daily for several years, the password generator is extremely useful/quick to generate passwords!