恶法的改变,不可能来自于法律制定者的觉悟,只有遇到底层的反抗,才有可能。

用最通俗的话来概括“消极的自由”,那么就是免于被强制;而“积极自由”,就是无所顾忌的去实现自己的意志。

没有自由的理念,就没有自由的行动;没有自由的行动,就没有保卫自由的立宪者挺身而出,建立以保护人权为基础的自由国家。

正如爱因斯坦所说,“国家是为人而设立,人不是为国家而生存。” 爱因斯坦的这句话,今天被刻在德国政府大楼上。德国人相信:国家应当是人民的保护者,而人民不应当是国家的奴隶。2005 年被德国命名为“爱因斯坦年”,纪念在纳粹德国期间逃亡的爱因斯坦。

自由国家不会从天而降,民族国家更不是自由的前提条件。在不自由的民族国家,人民丧失一切自由。不仅丧失正常的言论自由,甚至丧失“不言论的自由”。

《论语》泰伯篇中,有一段非常经典的话。子曰:“笃信好学,守死善道。危邦不入,乱邦不居。天下有道则见,无道则隐。邦有道,贫且贱焉,耻也,邦无道,富且贵焉,耻也。”

Manually remove

First, reboot your System to be sure it is using the latest kernel. Then open terminal and check your current kernel:

uname -r

DO NOT REMOVE THIS KERNEL!

Next, type the command below to view/list all installed kernels on your system.

dpkg --list | grep linux-image

Find all the kernels that lower than your current kernel. When you know which kernel to remove, continue below to remove it. Run the commands below to remove the kernel you selected.

sudo apt-get purge linux-image-x.x.x-x-generic

Finally, run the commands below to update grub2

sudo update-grub2

Reboot your system.

All-in-one command

All-in-one version to remove images and headers (combines the two versions above):

echo $(dpkg --list | grep linux-image | awk '{ print $2 }' | sort -V | sed -n '/'`uname -r`'/q;p') $(dpkg --list | grep linux-headers | awk '{ print $2 }' | sort -V | sed -n '/'"$(uname -r | sed "s/\([0-9.-]*\)-\([^0-9]\+\)/\1/")"'/q;p') | xargs sudo apt-get -y purge

Question: How do I remove old kernel versions to clean up the boot menu?

删除旧版本的 Snap 包

查看已经安装的包

snap list --all

Name               Version    Rev   Tracking  Publisher   Notes
mailspring         1.2.2      216   stable    foundry376  -
mailspring         1.2.1      209   stable    foundry376  disabled
slack              3.2.1      7     stable    slack       classic
slack              3.1.1      6     stable    slack       disabled,classic

删除旧版本

旧版本的包在 Notes 一栏中会显示为 disabled

sudo snap remove slack --revision 6

其中 --revision 后面跟版本号(Rev)

Removing old snaps on Ubuntu: https://kazakov.lt/notes/removing-old-snaps-on-ubuntu

字体特性

  • 无论相似的特征是区分的,比如 0O1lI
  • 字体样式(线宽,字符宽度/高度)是否易于阅读
  • 安装方式
  • 分辨率支持
  • 是否开源、收费

流行字体列表

1. Input

Input 是一个灵活的字体系统,由 David Jonathan Ross 专门为代码设计。提供等宽字体和比例字体,所有字体都具有宽度,粗细和样式,以实现更丰富的代码格式。

  • 灵活配置
  • 有 Mono,Sans 和 Serif 两种款式
  • 明确区分相似的字符
  • 清晰的低分辨率和视网膜显示

2. Fira Code

Fira 是 Mozilla 主推的字体系列,Fira Code 是基于 Fira Mono 等宽字体的一个扩展,主要特点是加入了编程连字特性(ligatures)。

Fira Code 就是利用这个特性对编程中的常用符号进行优化,比如把输入的「!=」 直接显示成 「≠」 或者把 「>=」 变成 「≥ 」 等等,以此来提高代码的可读性。

  • 连字特性
  • 多种编辑器、IDE 支持
  • 支持视网膜显示
  • 经常更新
  • 开源免费
  • 提供 CSS

- 阅读剩余部分 -

Google 没有在 Chrome 浏览器官方主页上提供完整安装包,但强调了如何在支持页面上下载适用于 Windows、macOS 和 Linux 的脱机安装程序。

使用以下链接可以获取完整 Chrome 安装包:

Chrome Stable: https://www.google.com/chrome/?standalone=1
Chrome Beta: https://www.google.com/chrome/?extra=betachannel&standalone=1
Chrome Dev: https://www.google.com/chrome/?extra=devchannel&standalone=1
Chrome Canary: https://www.google.com/chrome/?extra=canarychannel&standalone=1

The aim: to make checking system resource usage a little more accessible, ideally with historical data thrown into the mix for some added context.

Two years on and the fruits of that redesigned effort are finally available to sample, albeit through a new app called (aptly enough) GNOME Usage.

gnome-usage.jpg

A new version of Usage is set to be released alongside GNOME 3.28 in March, and, accordingly, will be available to install in Ubuntu 18.04 LTS.

But how’s the app looking?

Well, don’t get too excited. Despite being in development for a while the app doesn’t quite deliver on the lure of the early mock-ups. For instance, it doesn’t provide historical data (yet) or offer any stats on power usage.

Effectively Usage 3.28 only tells you what your computer is doing right now — a job the regular System Monitor app and CLI apps like top can do too.

That said, it’s nice enough. Even at this early stage it’s clear to see that Usage is well placed as user friendly alternative to GNOME System Monitor. Through the use of colorful graphs you can quickly see how system resources like RAM, CPU and network are being used.

GNOME Usage wants to relay all of the information the GNOME System Monitor tool does, but in a more modern and easier to parse manner, with less emphasis on interfering with processes, and more on inferring what they’re up to.

This first version is able to relay the following information:

  • Processor Usage
  • Memory usage
  • Network usage
  • Storage usage

It also lets you:

  • Filter processes by name
  • Browse & visualise storage

GNOME developers will hate me for saying it but Usage sort of reminds me of a mobile system resource app in that it’s designed to relay system information in a manner that’s instantly digestible. CLI tools like top and other process monitoring tools aren’t indecipherable, but understanding what they show requires a couple of minutes of orientation.

Usage is promising and I look forward to seeing it mature.

(Of course, nothing competes with the sheer system monitor bling of Deepin System Monitor!)
Reiteratium Disclamerium

Now, lest anyone misunderstand: Usage is not replacing System Monitor. Development on System Monitor is continuing (indeed, there are nice improvements coming in GNOME 3.28). They are two apps that do similar things, but in different ways, aimed at different users.

Got it? Get it? Good.
Install GNOME Usage on Ubuntu

If you’re running the Ubuntu 18.04 daily builds then you can try Usage out for yourself by installing it from Ubuntu Software.

https://www.omgubuntu.co.uk/2018/02/gnome-usage-in-ubuntu-18-04

SHTF生存问答:长期SHTF生存的第一手报告

SHTFPlan.com的Mac Slavo最近在论坛里编辑贴出了Chris Kitze发布在Before Its News的帖子。原帖在生存者论坛里,是一个叫塞尔克的人1992年间波斯尼亚危机中与其家庭长期SHTF状态下生存的第一手报告。许多论坛成员问了塞尔 克各种各样的问题,后者很热情的回答了。本文是对这些问答的的编辑本。

在这个梗概里,塞尔克描述了他如何在一个没有电力,燃油或燃料,自来水,食物分配,传统商业,的城市里生活了一年的。他们的货币已经全无用处,也 没有警察或政府,街道被匪徒和暴力所统治。他,他的家庭,以及社区所采用的生存策略是:保持警惕,为了生存重新考虑哪些才是最重要的。虽然这是一篇很长的 文章,但考虑到文中这位生存下来的人所提供的大量宝贵知识,我还是强烈推荐本文。

- 阅读剩余部分 -

Automatic Snapshots for Google (gcloud) Compute Engine

Bash script for Automatic Snapshots and Cleanup on Google Compute Engine. Requires no user input!

Inspiration (and the installation instructions) taken from AWS script aws-ec2-ebs-automatic-snapshot-bash

How it works

gcloud-snapshot.sh will:

  • Determine the Instance ID of the Google Compute Engine server on which the script runs
  • Get all the Disk IDs attached to that instance
  • Take a snapshot of each Disk
  • The script will then delete all associated snapshots taken by the script for the Instance that are older than 7 days (optional: default snapshot retention can be changed by using -d flag)

Prerequisites

  • cURL must be installed
  • The VM must have the sufficient gcloud permissions, including "compute" set to "enabled":

    [    http://stackoverflow.com/questions/31905966/gcloud-compute-list-networks-error-some-requests-did-not-succeed-insufficie#31928399](http://stackoverflow.com/questions/31905966/gcloud-compute-list-networks-error-some-requests-did-not-succeed-insufficie#31928399)
  • The version of gcloud is up to date: gcloud components update

Installation

ssh on to the server you wish to have backed up

Install Script: Download the latest version of the snapshot script and make it executable:

cd ~
wget https://raw.githubusercontent.com/jacksegal/google-compute-snapshot/master/gcloud-snapshot.sh
chmod +x gcloud-snapshot.sh
sudo mkdir -p /opt/google-compute-snapshot
sudo mv gcloud-snapshot.sh /opt/google-compute-snapshot/

To manually test the script:

sudo /opt/google-compute-snapshot/gcloud-snapshot.sh

Setup CRON: You should then setup a cron job in order to schedule a daily backup. Example cron for Debian based Linux:

0 5 * * * root /opt/google-compute-snapshot/gcloud-snapshot.sh >> /var/log/cron/snapshot.log 2>&1

Please note: the above command sends the output to a log file: /var/log/cron/snapshot.log - instructions for creating & managing the log file are below.

Manage CRON Output: You should then create a directory for all cron outputs and add it to logrotate:

  • Create new directory:
sudo mkdir /var/log/cron 
  • Create empty file for snapshot log:
sudo touch /var/log/cron/snapshot.log
  • Change permissions on file:
sudo chgrp adm /var/log/cron/snapshot.log
sudo chmod 664 /var/log/cron/snapshot.log
  • Create new entry in logrotate so cron files don't get too big :
sudo nano /etc/logrotate.d/cron
  • Add the following text to the above file:
/var/log/cron/*.log {
    daily
    missingok
    rotate 14
    compress
    notifempty
    create 664 root adm
    sharedscripts
}

Snapshot Retention

By default snapshots will be kept for 7 days, however they can be kept for longer / shorter, by using the the -d flag:

Usage: ./snapshot.sh [-d <days>]

Options:

   -d  Number of days to keep snapshots. Snapshots older than this number deleted.
       Default if not set: 7 [OPTIONAL]

要阻止 IP 直接访问 80 端口,请创建新的或添加到现有的服务器配置,如下所示:

server {
 listen 80 default_server;
 server_name _;
 return 404;
}

要阻止 IP 的直接访问 443 端口,请在其中一个服务器配置块中使用以下命令:

if ($host != "example.com") {
 return 404;
}

示例:

server {
 listen 443 ssl;
 server_name example.com
 
 ssl_certificate /etc/nginx/ssl/example.com.crt;
 ssl_certificate_key /etc/nginx/ssl/example.com.key;

 if ($host != "example.com") {
  return 404;
 }
}

这将阻止所有流量到 https://YOUR_IP_ADDRESS

希望这可以帮助你!

本文翻译 NGINX – Disable direct access (via http and https) to a website using IP address