Using vector tiles on Nextcloud Maps

Nextcloud Maps uses raster tiles by default, but it also supports vector tiles which looks nicer. Navigate to Nextcloud administration > Additional settings (<nextcloud-domain>/settings/admin/additional) > Maplibre settings. Set the style url as https://tiles.openfreemap.org/styles/liberty.

The style url can be set to other map providers. I use OpenFreeMap because it’s free and doesn’t need an API key. It’s available in 4 styles.

Maplibre uses WebGL to render the vector tiles, so if your browser block WebGL by default, your Nextcloud domain (not openfreemap.org) needs to be allowlisted for it.

Separate markdown headings into pages

Previously the Threat Hunting page contained all search queries in one page separated by headings. That approach was untidy especially when conducting a web search; where after being redirected to the threat hunting page, still had to navigate to the relevant heading to locate the relevant search query.

Each heading or search query is now in a separate page, so once those new pages are indexed by search engine, the search result will lead directly to a page that only contains the relevant search query, e.g. FileFix detection.

from os import chdir, path
from re import S, findall, sub

chdir(path.dirname(__file__))

template = """---
title: {title}
layout: page
date: 2025-07-27
---
{content}"""

with open("index.md") as f:
    s = f.read()
    # https://stackoverflow.com/a/66619938
    for title, content in findall(r"(?:^|\n)##\s([^\n]+)\n(.*?)(?=\n##?\s|$)", s, S):
        # https://stackoverflow.com/a/74260791
        fname = sub(r"\W+", "-", title).strip("-").lower()
        with open(fname + ".md", "w") as w:
            w.write(template.format(title=title, content=content))
        with open("index-new.md", "a") as a:
            a.write(f"- [{title}]({fname})\n")

linux-firmware meta package on Arch Linux

Arch Linux linux-firmware is now a meta package. Its derivative Manjaro renamed it to linux-firmware-meta. The default set covers a wide range of firmwares that may not be applicable to most devices and can be trimmed down.

  1. Remove the meta package, pacman -Rn linux-firmware
  2. Identify device manufacturer, lspci
  3. Remove irrelevant firmware, e.g. if Nvidia device is not installed, pacman -Rns linux-firmware-nvidia
  4. Mark the necessary firmware as explicitly installed, pacman -D --asexplicit $(pacman -Qs -q linux-firmware | sed -z 's|\n| |g')

CMC 3.37.0 switched to _cmc_summary index

Splunk Cloud Monitoring Console (CMC) app which auto-update itself separately from Splunk Cloud recently switched from “summary” to “_cmc_summary” index in 3.37.0 update released on 27 March 2025. The update broke my custom license monitoring dashboards and alert. Resolved the issue by including the new index.

Update: CMC 3.37.1 update reverts it back to “summary” index to allow for gradual transition.

Unable to get SSH host key due to short timeout

Some servers can be a bit slow in responding to host key request, so ssh-keyscan may return empty result when using the default 5 seconds timeout. A workaround is to increase the timeout, ssh-keyscan -T 10 hostname for 10 seconds.

Noticed this issue from host key verification error when mirroring a GitLab repository to an external repository. I could not fix it because I can’t modify the SSH client configuration in GitLab.com to increase ConnectTimeout.

Do not disable Android lockscreen

Disabling the Android lockscreen may cause the display to turn on by itself, either after timeout or power button. Worse, after turning on, it may stay on and does not timeout. I experienced this issue in LineageOS 21 and 22. Apparently, this issue has been around since 17 and another one reported with version 20.