Using the code cli in VS Code Remote extension

VS Code (Dall-e generated)

One of the major reasons I switched to VS Code completely some years back is its excellent extension system, in particular the seamless remote SSH editing extension.

Remote SSH extension is really cool!

Using a local editor on a remote filesystem without fiddling with sshfs or the like, managing to use extensions like Python, Go and Copilot, all setup and configured locally but running on content on a remote system has been pretty cool. It helps me keep my office and personal content separate - I edit my personal codebase on my personal computers using vscode on my office laptop when I need to.

The annoyance about the code cli

But one of the most annoying thing while using the VS Code remote ssh extension was the VS Code cli, which I use a lot. I spend a lot of time on the terminal inside VS Code, and sometimes it is just easier to open a file from the command line using code FILE instead of reaching for the mouse to click on the file in the explorer.

Here is where it gets tricky.

If you have a VS Code installation on the remote computer, and you used it to install the CLI, that CLI executable (On Mac installed in /usr/local/bin/code ) will always open files in that local VS Code installation. It will not open the file in the remote SSH VS Code workspace that you have open.

TLDR: Use the script at the end of this post instead of the code cli in path if you want to open files in the remote ssh extension workspace.

Using Giscus for commenting on this blog

An online article (Dall-E 3)

I had removed disqus comments from my blog a few years back when I noticed the horrible privacy issues with Disqus.

But I always felt that I was missing out on some feedback I had received from visitors in the past, especially when I would benefit from correcting my mistakes.

Age encryption cookbook

Many locks for one secret

One of the niftiest tools that I have been using a lot nowadays is the deceptively simple encryption/decryption command line tool called age by Filippo Valsorda.

Encrypting secrets using keypairs instead of a single passphrase is obviously a more secure option, as it separates the concerns for encryption and decryption. Therefore you can share around the public key without fear for others to encrypt data for you that only you can decrypt.

Traditionally, we have been using tools like gpg e.g. while using eyaml in Puppet, etc. However, gpg comes with its own overhead of key management - multiple keyrings, tool configuration, etc. which makes the use case of simple encryption to be fairly complicated.

age packs a lot of functionality into its dead simple CLI interface - a single file to “manage” the keypair. It requires zero configuration. More importantly, it supports not just its own X25519-based key pair format, but it can even use SSH key pairs for encryption. For simple use cases, it even supports symmetric passphrases.

I have been keeping this document in my PKM for a while, and I thought it best to share in public as a cookbook as well.

Decrypting and concatenating PDFs with qpdf

qpdf docs

I wanted to quickly jot down some of the PDF tasks that the wonderful qpdf has been helping me do. This ranges from merging multiple PDF files to storing decrypted versions of annoying PDFs sent by some banks.

I used to use pdftk till some time back, but it had a lot of dependencies which were a pain to install. I exclusively use qpdf now instead.

Publishing helm charts on Artifacthub

artifacthub

As part of my journey in learning Kubernetes this year, I ventured today in pushing my first tiny helm chart to Artifacthub.

I had been using custom made charts for a couple of months now, but mostly in the CI/CD environment of my company. Packaging a chart for public consumption needed me to learn a few more things.

Disabling comments and Google Analytics

So, after ~20 years of maintaining this blog, I decided to disable comments entirely on the posts here. And turning off Google Analytics. This was primarily driven by a recent privacy test I did on the blog, and to my utter shock, almost a dozen different websites seem to be contacted with every page load. I generally expected Google (for the analytics) and Disqus (for the comments) to be the websites figuring out here, so I felt absolutely betrayed by the bunch of other websites they call under the hood.

Using Mac keychain to store and retrieve Ansible vault passwords

Mac Keychain App logo

When using Ansible for my home lab, an initial problem was about how to keep sudo passwords for my various machines in an practical manner (I really don’t like the idea of password-less sudo even in my homelab).

The remote users used for my ansible logins to each of my machines are different, and can be managed via the inventory file. But the sudo passwords for them are not the same, and it is pretty annoying to enter them while running ansible on the command line.

I decided to find a way to make this a little less annoying.

Installing a specific version of a Homebrew Formula

Homebrew

From time to time, I have felt the need to install a specific version of a Homebrew formula. Like the other day, I was investigating whether a particular problem I was facing with Podman was because of a version bump from 2.x to 3.x.

At some point in the past, a way around it was to find the formula file at a particular commit of the Homebrew tap, and directly install it via brew install $URL.

That is no longer supported, for good reason. But the tip provided is pretty terse.

I thought I will just jot down the steps I took to do this the recommended way.

Using Podman as a Docker Desktop alternative using Vagrant

Podman

So the tech world went a little crazy today, as usual ignoring more consequential problems happening in the world. Docker posted a notice saying that its Mac and Windows desktop clients will no longer be free for anybody other than individuals and small companies.

Here is The Register:

Docker will restrict use of the free version of its Docker Desktop utility to individuals or small businesses, and has introduced a new more expensive subscription, as it searches for a sustainable business model.

The company has renamed its Free plan to “Personal” and now requires that businesses with 250 or more employees, or higher than $10m in annual revenue, must use a paid subscription if they require Docker Desktop.

This gave me an excuse to try out something which I had been meaning to do for a while - use Podman as a replacement for Docker desktop on my Mac.