# Introduction
While testing the cloud gaming service GeForce Now, I've learned that PlayStation also had an offer.
Basically, if you use a PlayStation 4 or 5, you can subscribe to the first two tiers to benefit some services and games library
, but the last tier (premium) adds more content AND allows you to play video games on a computer with their client, no PlayStat
ion required. I already had the second tier subscription, so I paid the small extra to switch to premium in order to experimen
t with the service.
=> https://www.playstation.com/en-us/ps-plus/ PlayStation Plus official website
# Game library
Compared to GeForce Now, while you are subscribed you have a huge game library at hand. This makes the service a lot cheaper i
f you are happy with the content. The service costs 160$€ / year if you take for 12 months, this is roughly the price of 2 A
AA games nowadays...
# Streaming service
The service is only available using the PlayStation Plus Windows program. It's possible to install it on Linux, but it will us
e more CPU because hardware decoding doesn't seem to work on Wine (even wine-staging with vaapi compatibility checked).
There are no clients for Android, and you can't use it in a web browser. The Xbox Game Pass streaming and GeForce now services
have all of that.
Sadness will start here. The service is super promising, but the application is currently a joke.
If you don't plug a PS4 controller (named a dualshock 4), you can't use the "touchpad" button, which is mandatory to start a ga
me in Tales of Arise, or very important in many games. If you have a different controller, on Windows you can use the program
"DualShock 4 emulator" to emulate it, on Linux it's impossible to use, even with a genuine controller.
A PS5 controller (dualsense) is NOT compatible with the program, the touchpad won't work.
=> https://github.com/r57zone/DualShock4-emulator DualShock4 emulator GitHub project page
Obviously, you can't play without a controller, except if you use a program to map your keyboard/mouse to a fake controller.
# Gaming quality
There are absolutely no settings in the application, you can run a game just by clicking on it, did I mention there are no way
to search for a game?
I guess games are started in 720p, but I'm not sure, putting the application full screen didn't degrade the quality, so maybe i
t's 1080p but doesn't go full screen when you run it...
Frame rate... this sucks. Games seem to run on a PS4 fat, not a PS4 pro that would allow 60 fps. On most games you are stuck
with 30 fps and an insane input lag. I've not been able to cope with AAA games like God of War or Watch Dogs Legion as it was
horrible.
Independent games like Alex Kidd remaster, Monster Boy or Rain World did feel very smooth though (60fps!), so it's really an is
sue with the hardware used to run the games.
Don't expect any PS5 games in streaming from Windows, there are none.
The service allows PlayStation users to play all games from the library (including PS5 games) in streaming up to 2160p@120fps,
but not the application users. This feature is only useful if you want to try a game before installing it, or if your PlayStat
ion storage is full.
# Cloud saving
This is fun here too. There are game saves in the PlayStation Plus program cloud, but if you also play on a PlayStation, their
saves are sent to a different storage than the PlayStation cloud saves.
There is a horrible menu to copy saves from one pool to the other.
This is not an issue if you only use the stream application or the PlayStation, but it gets very hard to figure where is your s
ave if you play on both.
# Conclusion
I have been highly disappointed by the streaming service (outside PlayStation use). The Windows programs required to sign in t
wice before working (I tried on 5 devices!), most interesting games run poorly due to a PS4 hardware, there is no way to enable
the performance mode that was added to many games to support the PS4 Pro. This is pretty curious as the streaming from a Play
Station device is a stellar experience, it's super smooth, high quality, no input lag, no waiting, crystal clear picture.
No Android application? Curious... No support for a genuine PS5 controller, WTF?
The service is still young, I really hope they will work at improving the streaming ecosystem.
At least, it works reliably and pretty well for simpler games.
It could be a fantastic service if the following requirements were met:
* proper hardware to run games at 60fps
* greater controller support
* allow playing in a web browser, or at least allow people to run it on smartphones with a native application
* an open source client while there
* merged cloud saves
# Introduction
I'm finally done with ADSL now as I got access to optical fiber last week! It was time for me to try cloud gaming again and se
e how it improved since my last use in 2016.
If you are not familiar with cloud gaming, please do not run away, here is a brief description. Cloud gaming refers to a servi
ce allowing one to play locally a game running on a remote machine (either locally or over the Internet).
There are a few commercial services available, mainly: GeForce Now, PlayStation Plus Premium (other tiers don't have streaming)
, Xbox game pass Ultimate and Amazon Luna. Two major services died in the long run: Google Stadia and Shadow (which is back no
w with a different formula).
A note on Shadow, they are now offering access to an entire computer running Windows, and you do what you want with it, which i
s a bit different from other "gaming" services listed above. It's expensive, but not more than renting an AWS system with equi
valent specs (I know some people doing that for gaming).
This article is about the service Nvidia GeForce Now (not sponsored, just to be clear).
I tried the free tier, premium tier and ultimate tier (thanks to people supporting me on Patreon, I could afford the price for
this review).
=> https://www.nvidia.com/en-us/geforce-now/ Geforce Now official page
=> https://play.geforcenow.com/mall/ Geforce Now page where you play (not easy to figure after a login)
# The service
This is the first service I tried in 2016 when I received an Nvidia Shield HTPC, the experience was quite solid back in the day
s. But is it good in 2024?
The answer is clear, yes, it's good, but it has limitations you need to be aware of. The free tier allows playing for a maximu
m of 1 hour in a single session, and with a waiting queue that can be fast (< 1 minute) or long (> 15 minutes), but the average
waiting time I had was like 9 minutes. The waiting queue also displays ads now.
The premium tier at 11€$/month removes the queue system by giving you priority over free users, always assigns an RTX card an
d allows playing up to 6 hours in a single session (you just need to start a new session if you want to continue).
Finally, the ultimate tier costs 22€$/month and allows you to play in 4K@120fps on a RTX 4080, up to 8h.
The tiers are quite good in my opinion, you can try and use the service for free to check if it works for you, then the premium
tier is affordable to be used regularly. The ultimate tier will only be useful to advanced gamers who need 4K, or higher fram
e rates.
Nvidia just released a new offer early March 2024, a premium daily pass for $3.99 or ultimate daily pass for 8€. This is use
ful if you want to evaluate a tier before deciding if you pay for 6 months. You will understand later why this daily pass can
be useful compared to buying a full month.
# Operating system support
I tried the service using a Steam Deck, a Linux computer over Wi-Fi and Ethernet, a Windows computer over Ethernet and in a VM
on Qubes OS. The latency and quality were very different.
If you play in a web browser (Chrome based, Edge, Safari), make sure it supports hardware acceleration video decoding, this is
the default for Windows but a huge struggle on Linux, Chrome/Chromium support is recent and can be enabled using `chromium --en
able-features=VaapiVideoDecodeLinuxGL --use-gl=angle`. There is a Linux Electron App, but it does nothing more than bundling t
he web page in chromium, without acceleration.
On a web browser, the codec used is limited to h264 which does not work great with dark areas, it is less effective than advanc
ed codecs like av1 or hevc (commonly known as h265). If you web browser can't handle the stream, it will lose packets and then
Geforce service will instantly reduce the quality until you do not lose packets, which will make things very ugly until it rec
over, until it drops again. Using hardware acceleration solves the problem almost entirely!
Web browser clients are also limited to 60 fps (so ultimate tier is useless), and Windows web browsers can support 1440p but no
more.
On Windows and Android you can install a native Geforce Now application, and it has a LOT more features than in-browser. You c
an enable Nvidia reflex to remove any input lag, HDR for compatible screens, 4K resolution, 120 fps frame rate etc... There is
also a feature to add color filters for whatever reason... The native program used AV1 (I only tried with the ultimate tier),
games were smooth with stellar quality and not using more bandwidth than in h264 at 60 fps.
I took a screenshot while playing Baldur's Gate 3 on different systems, you can compare the quality:
=> static/geforce_now/windows_steam_120fps_natif.png Playing on Steam native program, game set to maximum quality
=> static/geforce_now/windows_av1_120fps_natif_sansupscale_gamma_OK.png Playing on Geforce Now on Windows native app, game set
to maximum quality
=> static/geforce_now/linux_60fps_chrome_acceleration_maxquality_gammaok.png Playing on Geforce Now on Linux with hardware acce
leration, game set to maximum quality
In my opinion, the best looking one is surprisingly the Geforce Now on Windows, then the native run on Steam and finally on Lin
ux where it's still acceptable. You can see a huge difference in terms of quality in the icons in the bottom bar.
# Tier system
When I upgraded from free to premium tier, I paid for 1 month and was instantly able to use the service as a premium user.
Premium gives you priority in the queues, I saw the queue display a few times for a few seconds, so there is virtually no queue
, and you can play for 6 hours in a row.
When I upgraded from premium to ultimate tier, I was expecting to pay the price difference between my current subscription and
the new one, but it was totally different. I had to pay for a whole month of ultimate tier, and my current remaining tier was
converted as an ultimate tier, but as ultimate costs a bit more than twice premium, a pro rata was applied to the premium time,
resulting in something like 12 extra days of ultimate for the premium month.
Ultimate tier allows reaching a 4K resolution and 120 fps refresh rate, allow saving video settings in games, so you don't have
to tweak them every time you play, and provide an Nvidia 4080 for every session, so you can always set the graphics settings t
o maximum. You can also play up to 8 hours in a row. Additionaly, you can record gaming sessions or the past n minutes, there
is a dedicated panel using Ctrl+G. It's possible to achieve 240 fps for compatible monitors, but only for 1080p resolution.
Due to the tier upgrade method, the ultimate pass can be interesting, if you had 6 months of premium, you certainly don't want
to convert it into 2 months of ultimate + paying 1 month of ultimate just to try.
# Gaming quality
As a gamer, I'm highly sensitive to latency, and local streaming has always felt poor with regard to latency, and I've been ver
y surprised to see I can play an FPS game with a mouse on cloud gaming. I had a ping of 8-75 ms with the streaming servers, wh
ich was really OK. Games featuring "Nvidia reflex" have no sensitive input lag, this is almost magic.
When using a proper client (native Windows client or a web browser with hardware acceleration), the quality was good, input lag
barely noticeable (none in the app), it made me very happy :-)
Using the free tier, I always had a rig good enough to put the graphics quality on High or Ultra, which surprised me for a free
service. On premium and later, I had an Nvidia 2080 minimum which is still relevant nowadays.
The service can handle multiple controllers! You can use any kind of controller, and even mix Xbox / PlayStation / Nintendo co
ntrollers, no specific hardware required here. This is pretty cool as I can visit my siblings, bring controllers and play toge
ther on their computer <3.
Another interesting benefit is that you can switch your gaming session from a device to another by connecting with the other de
vice while already playing, Geforce Now will switch to the new connecting device without interruption.
# Games library
This is where GeForce now is pretty cool, you don't need to buy games to them. You can import your own libraries like Steam, U
bisoft, Epic store, GOG (only CD Projekt Red games) or Xbox Game Pass games. Not all games from your libraries will be playabl
e though! And for some reasons, some games are only available when run from Windows (native app or web browser), like Genshin
Impact which won't appear in the games list if connected from non-Windows client?!
If you already own games (don't forget to claim weekly free Epic store games), you can play most of them on GeForce Now, and th
anks to cloud saves, you can sync progression between sessions or with a local computer.
There are a bunch of free-to-play games that are good (like Warframe, Genshin Impact, some MMOs), so you could enjoy playing vi
deo games without having to buy one (until you get bored?).
# Cost efficiency
If you don't currently own a modern gaming computer, and you subscribe to the premium tier (9.17 $€/month when signing for 6
months), this costs you 110 $€ / year.
Given an equivalent GPU costs at least 400€$ and could cope with games in High quality for 3 years (I'm optimistic), the GPU
alone costs more than subscribing to the service. Of course, a local GPU can be used for data processing nowadays, or could be
sold second hand, or be used for many years on old games.
If you add the whole computer around the GPU, renewed every 5 or 6 years (we are targeting to play modern games in high quality
here!), you can add 1200 $€ / 5 years (or 240 $€ / year).
When using the ultimate tier, you instantly get access to the best GPU available (currently a Geforce 4080, retail value of 130
0€$). Cost wise, this is impossible to beat with owned hardware.
I did some math to figure how much money you can save from electricity saving: the average gaming rig draws approximately 350 W
atts when playing, a Geforce now thin client and a monitor would use 100 Watts in the worst case scenario (a laptop alone would
be more around 35 Watts). So, you save 0.25 kWh per hour of gaming, if one plays 100 hours per month (that's 20 days playing
5h, or 3.33 hours / day) they would save 25 kWh. The official rate in France is 0.25 € / kWh, that would result in a 6.25€
saving in electricity. The monthly subscription is immediately less expensive when taking this into account. Obviously, if y
ou are playing less, the savings are less important.
# Bandwidth usage and ecology
Most of the time, the streaming was using between 3 and 4 MB/s for a 1080p@60fps (full-hd resolution, 1920x1080, at 60 frames p
er second) in automatic quality mode. Playing at 30 fps or on smaller resolutions will use drastically less bandwidth. I've b
een able to play in 1080p@30 on my old ADSL line! (quality was degraded, but good enough). Playing at 120 fps slightly increas
ed the bandwidth usage by 1 MB/s.
I remember a long tech article about ecology and cloud gaming which concluded cloud gaming is more "eco-friendly" than running
locally if you play it less than a dozen hours. However, it always assumed you had a capable gaming computer locally that was
already there, whether you use the cloud gaming or not, which is a huge bias in my opinion. It also didn't account that one ma
y install a video games multiple times and that a single game now weights 100 GB (which is equivalent to 20h of cloud gaming ba
ndwidth wise!). The biggest cons was the bandwidth requirements and the whole worldwide maintenance to keep high speed lines fo
r everyone. I do think Cloud gaming is way more effective as it allows pooling gaming devices instead of having everyone with
their own hardware.
As a comparison, 4K streaming at Netflix uses 25 Mbps of network (~ 3.1 MB/s).
# Playing on Android
Geforce Now allows you to play any compatible game on Android, is it worth? I tried it with a Bluetooth controller on my BQ Aq
uaris X running LineageOS (it's a 7 years old phone, average specs with a 720p screen).
I was able to play in Wi-Fi using the 5 GHz network, it felt perfect except that I had to put the smartphone screen in a comfor
table way. This was drawing the battery at a rate of 0.7% / minute, but this is an old phone, I expect newer hardware to do be
tter.
On 4G, the battery usage was less than Wi-Fi with 0.5% / minute. The service at 720p@60fps used an average of 1.2 MB/s of data
for a gaming session of Monster Hunter world. At this rate, you can expect a data usage of 4.3 GB / hour of gameplay, which c
ould be a lot or cheap depending on your usage and mobile subscription.
Globally, playing on Android was very good, but only if you have a controller. There are interesting folding controllers that
sandwich the smartphone between two parts, turning it into something looking like a Nintendo Switch, this can be a very interes
ting device for players.
# Tips
You can use "Ctrl+G" to change settings while in game or also display information about the streaming.
In GeForce Now settings (not in-game), you can choose the servers location if you want to try a different datacenter. I set to
choose the nearest otherwise I could land on a remote one with a bad ping.
GeForce Now even works on OpenBSD or Qubes OS qubes (more on that later on Qubes OS forum!).
=> https://forum.qubes-os.org/t/cloud-gaming-with-geforce-now/24964 Qubes OS forum discussion
# Conclusion
GeForce Now is a pretty neat service, the free tier is good enough for occasional gamers who would play once in a while for a s
hort session, but also provide a cheaper alternative than having to keep a gaming rig up-to-date. I really like that they allo
w me to use my own library instead of having to buy games on their own store.
I'm preparing another blog post about local and self hosted cloud gaming, and I have to admit I haven't been able to do better
than Geforce Now even on local network... Engineers at Geforce Now certainly know their stuff!
The experience was solid even on a 10 years old laptop, and enjoyable. A "cool" feature when playing is the surrounding silenc
e, as no CPU/GPU are crunching for rendering! My GPU is still capable to handle modern games at an average quality at 60 FPS,
I may consider using the premium tier in the future instead of replacing my GPU.
# Introduction
As a daily Qubes OS user, I often feel the need to expose a port of a given qube to my local network. However, the process is
quite painful because it requires doing the NAT rules on each layer (usually net-vm => sys-firewall => qube), it's a lost of wa
sted time.
I wrote a simple script that should be used from dom0 that does all the job: opening the ports on the qube, and for each NetVM,
open and redirect the ports.
=> https://git.sr.ht/~solene/qubes-os-nat Qubes OS Nat git repository
# Usage
It's quite simple to use, the hardest part will be to remember how to copy it to dom0 (download it in a qube and use `qvm-run -
-pass-io` from dom0 to retrieve it).
Make the script executable with `chmod +x nat.sh`, now if you want to redirect the port 443 of a qube, you can run `./nat.sh qu
be 443 tcp`. That's all.
Be careful, the changes ARE NOT persistent. This is on purpose, if you want to always expose ports of a qube to your network, y
ou should script its netvm accordingly.
# Limitations
The script is not altering the firewall rules handled by `qvm-firewall`, it only opens the ports and redirect them (this happen
s at a different level). This can be cumbersome for some users, but I decided to not touch rules that are hard-coded by users
in order to not break any expectations.
Running the script should not break anything. It works for me, but it was only slightly tested though.
# Some useful ports
## Avahi daemon port
The avahi daemon uses the UDP port 5353. You need this port to discover devices on a network. This can be particularly useful
to find network printers or scanners and use them in a dedicated qube.
# Evolutions
It could be possible to use this script in qubes-rpc, this would allow any qube to ask for a port forwarding. I was going to w
rite it this way at first, but then I thought it may be a bad idea to allow a qube to run a dom0 script as root that requires r
eading some untrusted inputs, but your mileage may vary.
# Introduction
In this blog post, you will learn about some OpenBSD features that can be useful, but not widespread.
They often have a niche usage, but it's important to know they exist to prevent you from reinventing the wheel :)
=> https://www.openbsd.org OpenBSD official project website
# Features
The following list of features are not all OpenBSD specific as some can be found on other BSD systems. Most of the knowledge w
ill not be useful to Linux users.
## Secure level
The secure level is a sysctl named `kern.securelevel`, it has 4 different values from level -1 to level 2, and it's only possib
le to increase the level. By default, the system enters the secure level 1 when in multi-user (the default when booting a regu
lar installation).
It's then possible to escalate to the last secure level (2), which will enable the following extra security:
* all raw disks are read-only, so it's not possible to try to make a change to the storage devices
* the time is almost lock, it's only possible to modify the clock slowly by small steps (maybe 1 second max every so often)
* the PF firewall rules can't be modified, flushed or altered
This feature is mostly useful for dedicated firewall with rules that rarely change. Preventing the time to change is really us
eful for remote logging as it allows being sure of "when" things happened, and you can be assured the past logs weren't modifie
d.
The default security level 1 already enable some extra security like "immutable" and "append-only" file flags can't be removed,
these overlooked flags (that can be applied with chflags) can lock down files to prevent anyone from modifying them. The appe
nd-only flag is really useful for logs because you can't modify the content, but this doesn't prevent adding new content, histo
ry can't be modified this way.
=> https://man.openbsd.org/securelevel OpenBSD manual pages: securelevel
=> https://man.openbsd.org/chflags OpenBSD manual pages: chflags
This feature exists in other BSD systems.
## Memory allocator extra checks
OpenBSD's memory allocator can be tweaked, system-wide or per command, to add extra checks. This could be either used for secu
rity reasons or to look for memory allocation related bugs in a program (this is VERY common...).
There are two methods to apply the changes:
* system-wide by using the sysctl `vm.malloc_conf`, either immediately with the sysctl command, or at boot in `/etc/sysctl.conf
` (make sure you quote its value there, some characters such as `>` will create troubles otherwise, been there...)
* on the command line by prepending `env MALLOC_OPTIONS="flags" program_to_run`
The man page gives a list of flags to use as option, the easiest to use is `S` (for security checks). It is stated in the man
page that a program misbehaving with any flag other than X is buggy, so it's not YOUR fault if you use malloc options and the p
rogram is crashing.
=> https://man.openbsd.org/malloc OpenBSD manual pages: malloc (search for MALLOC OPTIONS)
## File flags
You are certainly used to files attributes like permissions or ownership, but on many file systems (including OpenBSD ffs), the
re are flags as well!
The file flags can be altered with the command `chflags`, there are a couple of flags available:
* nodump: prevent the files from being saved by the command `dump` (except if you use a flag in dump to bypass this)
* sappnd: the file can only be used in writing append mode, only root can set / remove this flag
* schg: the file can not be change, it becomes immutable, only root can alter this flag
* uappnd: same as sappnd mode but the user can alter the flag
* uchg: same as schg mode but the user can alter the flag
As explained in the secure level section above, in the secure level 1 (default !), the flags sappnd and schg can't be removed,
you would need to boot in single user mode to remove these flags.
Tip: remove the flags on a file with `chflags 0 file [...]`
You can check the flags on files using `ls -ol`, this would look like this:
```
terra$ chflags uchg get_extra_users.sh
terra$ ls -lo get_extra_users.sh
-rwxr-xr-x 1 solene solene uchg 749 Apr 3 2023 get_extra_users.sh
terra$ chflags 0 get_extra_users.sh
terra$ ls -lo get_extra_users.sh
-rwxr-xr-x 1 solene solene - 749 Apr 3 2023 get_extra_users.sh
```
=> https://man.openbsd.org/chflags OpenBSD manual pages: chflags
## Crontab extra parameters
OpenBSD crontab format received a few neat additions over the last years.
* random number for time field: you can use `~` in a field instead of a number or `*` to generate a random value that will rema
in stable until the crontab is reloaded. Things like `~/5` work. You can force the random value within a range with `20~40` t
o get values between 20 and 40.
* only send an email if the return code isn't 0 for the cron job: add `-n` between the time and the command, like in `0 * * * *
-n /bin/something`.
* only run one instance of a job at a time: add `-s` between the time and the command, like in `* * * * * -s /bin/something`.
This is incredibly useful for cron job that shouldn't be running twice in parallel, if the job duration is longer than usual, y
ou are ensured it will never start a new instance until the previous one is done.
* no logging: add `-q` between the time and the command, like in `* * * * -q /bin/something`, the effect will be that this cron
job will not be logged in `/var/cron/log`.
It's possible to use a combination of flags like `-ns`. The random time is useful when you have multiple systems, and you don'
t want them to all run a command at the same time, like in a case they would trigger a huge I/O on a remote server. This was c
reated to prevent the usual `0 * * * * sleep $(( $RANDOM % 3600 )) && something` that would run a sleep command for a random ti
me up to an hour before running a command.
=> https://man.openbsd.org/crontab.5 OpenBSD manual pages: crontab
## Auto installing media
One cool feature on OpenBSD is the ability to easily create an installation media with pre-configured answers. This is done by
injecting a specific file in the `bsd.rd` install kernel.
There is a simple tool named upobsd that was created by semarie@ to easily modify such bsd.rd file to include the autoinstall f
ile, I forked the project to continue its maintenance.
In addition to automatically installing OpenBSD with users, ssh configuration, sets to install etc... it's also possible to ad
d a site.tgz archive along with the usual sets archives that includes files you want to add to the system, this can include a s
cript to run at first boot to trigger some automation!
These features are a must-have if you run OpenBSD in production, and you have many of them to manage, enrolling a new device to
the fleet should be automated as possible.
=> https://github.com/rapenne-s/upobsd GitHub project page: upobsd
=> https://man.openbsd.org/autoinstall OpenBSD manual pages: autoinstall
## apmd daemon hooks
Apmd is certainly running on most OpenBSD laptop and desktop around, but it has features that aren't related to its command lin
e flags, so you may have missed them.
There are different file names that can contain a script to be run upon some event such as suspend, resume, hibernate etc...
A classic usage is to run `xlock` in one's X session on suspend, so the system will require a password on resume.
=> https://dataswamp.org/~solene/2021-07-30-openbsd-xidle-xlock.html#_Resume_/_Suspend_case Older blog post: xlock from apmd su
spend script
The man page explains all, but basically this works like this for running a backup program when you connect your laptop to the
power plug:
```shell
# mkdir -p /etc/apm
# vi /etc/apm/powerup
```
You need to write a regular script:
```shell
#!/bin/sh
/usr/local/bin/my_backup_script
```
Then, make it executable
```shell
# chmod +x /etc/apm/powerup
```
The daemon apmd will automatically run this script when you connect a system back to AC power.
The method is the same for:
* hibernate
* resume
* suspend
* standby
* hibernate
* powerup
* powerdown
This makes it very easy to schedule tasks on such events.
=> https://man.openbsd.org/apmd#FILES OpenBSD manual page: apmd (section FILES)
## Using hotplugd for hooks on devices events
A bit similar to what apmd by running a script upon events, hotplugd is a service that allow running a script when a device is
added / removed.
A typical use is to automatically mount an USB memory stick when plugged in the system, or start cups daemon when powering on y
our USB printer.
The script receives two parameters that represents the device class and device name, so you can use them in your script to know
what was connected. The example provided in the man page is a good starting point.
The scripts aren't really straightforward to write, you need to make a precise list of hardware you expect and what to run for
each, and don't forget to skip unknown hardware. Don't forget to make the scripts executable, otherwise it won't work.
=> https://man.openbsd.org/hotplugd OpenBSD manual page: hotplugd
## Altroot
Finally, there is a feature that looks pretty cool. In the daily script, if an OpenBSD partition `/altroot/` exists in `/etc/fs
tab` and the daily script environment has a variable `ROOTBACKUP=1`, the root partition will be duplicated to it. This permit
keeping an extra root partition in sync with the main root partition. Obviously, it's more useful if the altroot partition is
on another drive. The duplication is done with `dd`. You can look at the exact code by checking the script `/etc/daily`.
However, it's not clear how to boot from this partition if you didn't install a bootloader or created an EFI partition on the d
isk...
=> https://man.openbsd.org/hier OpenBSD manual pages: hier (hier stands for file system hierarchy)
=> https://man.openbsd.org/daily OpenBSD manual pages: daily
=> https://www.openbsd.org/faq/faq14.html#altroot OpenBSD FAQ: Root partition backup
## talk: local chat in the terminal
OpenBSD comes with a program named "talk", this creates a 1 to 1 chat with another user, either on the local system or a remote
one (setup is more complicated). This is not asynchronous, the two users must be logged in the system to use `talk`.
This program isn't OpenBSD specific and can be used on Linux as well, but it's so fun, effective and easy to setup I wanted to
write about it.
The setup is easy:
```shell
# echo "ntalk dgram udp wait root /usr/libexec/ntalkd ntalkd" >> /etc/inetd.conf
# rcctl enable inetd
# rcctl start inetd
```
The communication happens on localhost on UDP ports 517 and 518, don't open them to the Internet! If you want to allow a remot
e system, use a VPN to encrypt the traffic and allow ports 517/518 only for the VPN.
The usage is simple, if you want alice and bob to talk to each other:
* alice type `talk bob`, and bob must be logged in as well
* bob receives a message in their terminal that alice wants to talk
* bob type `talk alice`
* a terminal UI appears for both users, what they write will appear on the top half of the UI, and the messages from recipient
will appear on the half bottom
This is a bit archaic, but it works fine and comes with the base system. It does the job when you just want to speak to someon
e.
# Conclusion
There are interesting features on OpenBSD that I wanted to highlight a bit, maybe you will find them useful. If you know cool
features that could be added to this list, please reach me!
# Introduction
Hi, did you ever wonder if you could use your GPU memory as a mount point, like one does with tmpfs and RAM?
Well, there is a project named vramfs that allows you to do exactly this on FUSE compatible operating system.
In this test, I used an NVIDIA GTX 1060 6GB in an external GPU case connected with a thunderbolt cable to a Lenovo T470 laptop
running Gentoo.
=> https://github.com/Overv/vramfs vramfs official GitHub project page
# Setup
Install the dependencies, you need a C++ compiler and OpenCL headers for C++ (the package name usually contains "clhpp").
Download the sources, either with git or using an archive.
Run `make` and you should obtain a binary in `bin/vramfs`.
# Usage
It's pretty straightforward to use, as root, run `vramfs /mountpoint 3G` to mount a 3 GB storage on `/mountpoint`.
The program will stay in foreground, use Ctrl+C to unmount and stop the mount point.
# Speed test
I've been doing a simple speed test using `dd` to measure the write speed compare to a tmpfs.
The vramfs mount point was able to achieve 971 MB/s, it was CPU bound by the FUSE program because FUSE isn't very efficient com
pared to a kernel module handling a file system.
```
t470 /mnt/vram # env LC_ALL=C dd if=/dev/zero of=here.disk bs=64k count=30000
30000+0 records in
30000+0 records out
1966080000 bytes (2.0 GB, 1.8 GiB) copied, 2.02388 s, 971 MB/s
```
Meanwhile, the good old tmpfs reached 3.2 GB/s without using much CPU, this is a clear winner.
```
t470 /mnt/tmpfs # env LC_ALL=C dd if=/dev/zero of=here.disk bs=64k count=30000
30000+0 records in
30000+0 records out
1966080000 bytes (2.0 GB, 1.8 GiB) copied, 0.611312 s, 3.2 GB/s
```
# Limitations
I tried to use the vram mount point as a temporary directory for portage (the Gentoo tool building packages), but it didn't wor
k due to an error. After this error, I had to umount and recreate the mount point otherwise I was left with an irremovable dir
ectory. There are bugs in vramfs, no doubts here :-)
Arch Linux wiki has a guide explaining how to use vramfs to store a swap file, but it seems to be risky for the system stabilit
y.
=> https://wiki.archlinux.org/title/Swap_on_video_RAM#FUSE_filesystem ArchWiki: Swap on video
# Conclusion
It's pretty cool to know that on Linux you can do almost what you want, even store data in your GPU memory.
However, I'm still trying to figure a real use case for vramfs except that it's pretty cool and impressive. If you figure a us
eful situation, please let me know.
# Introduction
This guide explains how to install the PHP web service Shaarli on OpenBSD.
Shaarli is a bookmarking service and RSS feed reader, you can easily add new links and associate a text / tag and share it with
other or keep each entry private if you prefer.
=> https://github.com/shaarli/Shaarli Shaarli GitHub Project page
# Setup
The software is pretty easy to install using base system httpd and PHP (included latest version available as of time of writing
).
## Deploy Shaarli
Download the latest version of Shaarli available on their GitHub project.
=> https://github.com/shaarli/Shaarli/releases Shaarli releases on GitHub
Extract the archive and move the directory `Shaarli` in `/var/www/`.
Change the owner of the following directories to the user `www`. It's required for Shaarli to work properly. For security’s
sake, don't chown all the files to Shaarli, it's safer when a program can't modify itself.
```
chown www /var/www/Shaarli/{cache,data,pagecache,tmp}
```
## Install the packages
We need a few packages to make it work, I'm using php 8.3 in the example, but you can replace with the current version you want
:
```
pkg_add php--%8.3 php-curl--%8.3 php-gd--%8.3 php-intl--%8.3
```
By default, on OpenBSD the PHP modules aren't enabled, you can do it with:
```
for i in gd curl intl opcache; do ln -s "/etc/php-8.3.sample/${i}.ini" /etc/php-8.3/ ; done
```
Now, enable and start PHP service:
```
rcctl enable php83_fpm
rcctl start php83_fpm
```
If you want Shaarli to be able to do outgoing connections to fetch remote content, you need to make some changes in the chroot
directory to make it work, everything is explained in the file `/usr/local/share/doc/pkg-readmes/php-INSTALLED.VERSION`.
## Configure httpd
This guide won't cover the setup for TLS as it's always the same procedure, and it may depend on how you prefer to generate the
TLS certificates.
Create the file `/etc/httpd.conf` and add the following content, make sure to replace all the caps text with real values:
```
server "YOUR_HOSTNAME_HERE" {
listen on * port 80
# don't rewrite for assets (fonts, images)
location "/tpl/*" {
root "/Shaarli/"
}
location "/doc/*" {
root "/Shaarli/"
}
location "/cache/*" {
root "/Shaarli/"
}
location "*.php" {
fastcgi socket "/run/php-fpm.sock"
root "/Shaarli"
}
location "*index.php*" {
root "/Shaarli"
fastcgi socket "/run/php-fpm.sock"
}
location match "/(.*)" {
request rewrite "/index.php%1"
}
location "/*" {
root "/Shaarli"
}
}
```
Enable and start httpd
```
rcctl enable httpd
rcctl start httpd
```
## Configure your firewall
If you configured PF to block by default, you have to open the ports 80 and also 443 if you enable HTTPS.
# Installing Shaarli
Now you should have a working Shaarli upon opening `http://YOUR_HOSTNAME_HERE/index.php/`, all lights should be green, and you
are now able to configure the instance as you wish.
# Conclusion
Shaarli is a really handy piece of software, especially for active RSS readers who may have a huge stream of news to read. Wha
t's cool is the share service, and you may allow some people to subscribe to your own feed.
# Introduction
Hi! This is a short informative blog post about Artificial Intelligence.
I just got approached by a company who wants to help me to add some generative AI in my blog workflow to "boost the quality" of
my content.
I like generative AI and I think it's an interesting tool, but I have just no interest using it for my blog.
# This blog content is made by a human
We need some kind of label "not AI powered" :D I'll add something like that on my template
There is one exception as I wrote one blog post about machine learning, and obviously the pictures in it were generated/colored
by a program to demonstrate the tools.
# Why no AI?
I have no incentive adding an AI in the process of writing, I do mistakes, I may make poor sentences and I have my own style fo
r the best of the worst. I think throwing an AI into this would just make the result bland.
For a pretty similar reason, I keep my custom website generator and template instead of using a program like Hugo with an aweso
me template because I need to have this "authentic" feeling for my blog.
This blog is my own space, it represents who I am.
# Introduction
You certainly know about the Imposter Syndrome (I'll refer to it as IS), unfortunately it's a very common problem in IT.
=> https://en.wikipedia.org/wiki/Impostor_syndrome Wikipedia: Imposter Syndrome
=> static/impostersyndrome.png Imposter Syndrome explained in picture
The picture above was downloaded from https://mrscliffnotes.com/2021/03/02/on-the-imposter-syndrome/
As I finally (almost) got rid of my own Imposter Syndrome, I wanted to share my experience and tips that helped me overcome it.
# Keeping track of your work and knowledge
It's hard to stay confident in your own skills when you feel you accomplished nothing in your life or career. I would recommen
d everyone to always keep a very detailed CV/Résumé up-to-date, with all the projects you worked on. When you feel in doubt
about your own skills, just check this list, and you will certainly be surprised about what you achieve in the past.
If you are a developer, looking at your projects histories in git/mg/svn/whatever is also a nice way to review your own past wo
rk. There are dedicated git tools to write such nice reports, even across multiple repositories.
When I look back at my blog index, I realize how many things I learned. I forgot about most of the previous content and topics
I wrote about! This is my own list, it's really helpful to me.
# Meet other professionals
It seems IS exists because it's hard to differentiate "low value general knowledge" and what we know and should know as a techn
ician, knowledge that makes us a professional in our job. In IT it's really hard to evaluate a work/product/service, compared
to let's say, a sculpted piece of wood. I'm not saying sculpting wood is easy, but at least it doesn't require an audit by a d
edicated team to know if it was nicely done in the state of the art.
My confidence got better when I started spending time with the new colleagues when joining a new company. Being able to know h
ow the other worked helped me to evaluate my own work, it was also the opportunity to ask them to review my work and methods.
Honest feedback from a competent person is invaluable.
By spending more time with my colleagues, I was finally able to establish some kind of reference to auto-evaluate my work more
accurately.
Moving to a new job is also the opportunity to meet real slackers with poor skills, and in most cases you will notice they don'
t even care. After all, if they got a job and their boss is happy, your work will just be better, so there is no reason to not
stay confident in yourself.
# Stay confident
This seems boring and obvious, but you need to stay confident in yourself to start building some confidence. If you succeeded
in a project in the past, there is no reason for you to fail in another project later.
Being able to overcome failures is an important part of the process. It's common for anyone to fail at something, but instead
of lamenting about it, see it as the opportunity to improve yourself for the next time. There is a lot more to learn from fail
ures than from successes.
# Tip of the Iceberg
When you see someone's work/article/video, you may be impressed by it and feel bad that you would never be able to achieve some
thing similar because it's "too hard". But did you ever think that you only saw the tip of the iceberg, and that you dismissed
all the hard work and researches done in order to succeed?
For instance, maybe that person spent hundreds of hours making a two minutes video: the result looks incredible to you, and it'
s only two minutes, so you immediately think "I would never be able to do this myself", but what if you had hundreds hours and
the skills to do it? Could you?
# Do they know?
If you ever feel bad listening to someone's story that makes you feel incompetent and useless, you could think: "do they know h
ow to do [this], and [this]?". ([this] being someone you know)
> Yes, they are a programming compiler expert, but do they know like me how to cook? Do they know how to change a car wheel?
Do they know how to grow vegetables?
# Conclusion
I'm not a psychologist, a personal coach or an imposter syndrome specialist. But I've been able to work around it, and I'm now
gradually getting rid of it for good. It's really refreshing!
It's important to not feel over-confident in the process, there is a balance to keep, but don't think about it too early ;)
Have fun, you are awesome in your own way, like everyone else!
# Hello!
It happens that I occasionally write a blog post to give some news about my own projects and life(style), this is such a blog p
ost!
# 2023's projects
2023 was a special year for me, I've been terribly sick early January, and this motivated me to change a lot of things in my li
fe. I stuck to this idea the whole year and I still continue to lurk for changing things in my life.
## Work
I left the company I was working for, and started to work as a freelance DevSecOps/DevOps. The word "Sysadmin" would be the bes
t job title for me, but people like buzzwords and nobody talk about system administrators anymore.
Since the end of the year, I also work as a technical writer for a VPN provider (that I consider ethical), and it makes me thin
k that in the future, I may have a career shift to being a technical writer "only".
## The blog
Since 2023, I have a page on Patreon allowing my readers to support me financially, in exchange for a few days of early access
for most blog posts. This is an advantage to reward my supporters without being a loss for all other readers. Patreon helps m
e a lot as it allows me to plan on a monthly income and spend more time on my blog or contributing to open source projects. I a
lso added other payments option as some wanted to support me using more free (as in freedom) methods like liberapay, BTC or XMR
.
The blog also received a few technical changes, mostly in the HTML rendering like captions on pictures or headers numbering. I
'm quite pleased with the result right now, and the use of GemText (from Gemini) markup was a right choice a few years ago as i
t gives a simple structure enforcing clarity (of course it's bad if you need a complex layout).
The content finally got a proper license: CC-BY-4.0, I'm an open source person, but my own content was under no license, what a
shame for all this time...
## Open Source
Last year, I started using Qubes OS as it's the best operating system for my needs (a blog post will cover this "soon") and I g
ot involved into the community and in testing the 4.2 release that got out a few weeks ago by now.
I'm still contributing to OpenBSD, but not as much as I want, simply because of lack of hardware (and a bit of time), but this
is now solved after my deal with NovaCustom. I still maintain the packages updates build cluster.
In 2023, I entirely dropped NixOS, but I preferred to not write a blog post about it to avoid a flame war, but maybe I'll write
one. In a few words, I didn't like the governance issues of the project, it seems company driven to me and from my point of v
iew it's harmful for the open source project. The technology is awesome, but the "core team" struggles to get somewhere. I'll
investigate more Guix as I always enjoyed this project, and they proved they are a reliable and solid project able to maintain
their pace over time.
## The OpenBSD Webzine
It's my favorite pet project, even though it's a lot of work to publish a single issue.
Working with Prahou for the special Halloween issue was really fun as instead of writing the content, I had to give some direct
ion to keep the issue on rails for being a Webzine issue, while being able to enjoy it like any other reader as I didn't make t
he content itself.
# 2024's project
## Lifestyle
For no reasons, I decided to experiment vegetarian diet up to end of February (I still eat eggs, milk, butter, cheese or rarely
fish). I'm bad at cooking, I don't enjoy it much but mostly because I have no idea what to cook. This forces me to learn abo
ut new food and recipes I was not aware of. Buying a recipes book is definitely a must for this :-). I never really enjoyed m
eat, and it's possible that I may keep the vegetarian diet for a longer time.
## Open source
This is the year of the comeback on OpenBSD, I really enjoy contributing to it, helping the community and reviewing some ports
I care of.
I'll also continue contributing to Qubes OS, this niche operating system deserves some more contributors.
## The blog
I'll try to stick to a weekly blog post schedule. Of course, I also need to work in parallel, and sometimes I'm just out of id
eas :-)
## Work
Let's see what 2024 will bring for me!
# Best wishes!
I'd like to thank all my readers. I regularly receive emails about your enjoyments, or typos reports, or suggestions to improv
e the content, this really drives me continuing writing.
# Disclaimer
Hello! Today, I present you a quite special blog post, resulting from a partnership with the PC Manufacturer NovaCustom. I of
fered them to write an honest review for their product and also share my feedback as a user, in exchange for a NV41 laptop. Th
is is an exceptional situation, I insist that it's not a sponsorship, I actually needed a laptop for my freelance work, and it
turns they agreed. In our agreements, I added that I would return the laptop in the case I wouldn't like it, I don't want to g
enerate electronic wastes and company's money for nothing.
I have no plans to turn my blog into an advertisement platform and do this on a regular basis. Stars aligned well here, NovaCu
stom is making the only modern laptop Qubes OS certified, and the CEO is a very open source friendly person.
# Introduction
The real introduction now :-)
In this blog post, I'll share my experience using a NV41 laptop from NovaCustom, I tried many operating systems on it for a whi
le, run some benchmarks, and ultimately used Qubes OS on it for a month and half for my freelance work.
=> https://novacustom.com/ NovaCustom official website
=> https://novacustom.com/product/nv41-series/ NV41 Laptop store webpage
# The machine itself
=> static/review/laptop-stand.jpg The laptop on a stand, running Ubuntu 23.10
This is a 14-inch laptop, the best form factor in my opinion for being comfortable when used for a long time while being easy t
o carry.
It looks great with its metal look with blueish reflection and the engraved logo "NV" on the cover (logo can be customized).
The frame feels solid and high-end, I'm not afraid to carry it or manipulate it. Compared to my ThinkPad T470, that's a change
, I always fear to press its plastic frame too much when carrying with a single hand.
The power button is on the right side, this is quite unusual, but it looks great, there are LED around the power plug near the
power button that tells the state of the system (running, off, sleeping) and if the battery is running low or charging.
It's running the open-source Firmware Dasharo coreboot, and optionally the security oriented firmware Heads can be installed.
=> https://dasharo.com/ Dasharo coreboot official website
=> https://osresearch.net/ Heads open source firmware official website
## Packaging and unboxing
The machine came in a box containing a box containing the actual box with the laptop inside, it was greatly packaged.
=> static/review/laptop-package.jpg Laptop still wrapped in the protections, all the boxes are in the background
The laptop screen had a removable sleeve that can be reused, I appreciated this as it's smart because it's possible to put it b
ack in case you don't use the laptop for a long time or want to sell it later.
The box contained the laptop, the power supply and the power plug, the full length of the power supply is 2 meters which is gre
at, I hate laptops chargers that only have 1 meter of cable.
=> static/review/laptop-unbox.jpg The laptop, power supply, power plug and other (manual, screen cleaner…)
## Hardware
The specifications of the hardware I received are the following:
* CPU: i7-1260P (4 Performance cores with hyper-threading, 8 Efficient cores)
* Memory: 2x32 GB of 3200 MHz
* Storage: NVME Samsung 980 Pro 2 TB
* Wireless: blob-free Atheros QCNFA222 Wi-Fi a/b/g/n + bluetooth 4.0
* Screen: 14" 1080p (1920x1080), 98% sRGB 60 Hz, anti-glare treatment
* Weight: 1.4 kg
The default wireless card is an Intel AX-200/201 compatible with Wi-Fi 6 and Bluetooth 5.2, but I received the blob-free card w
hich was convenient for most operating systems as it doesn't need a firmware (works out of the box on Guix for instance).
There are options to remove the webcam or add a slider to it, a screen privacy filter or secure screws+tape for the packaging t
o be sure the laptop hasn't been intercepted during transit.
You can also choose the keyboard layout from a large list, or even have your own layout.
Kudos to NovaCustom for guaranteeing the sell of replacement parts for at least 7 years after you buy them a laptop! They also
provide a PDF will full details about the internals.
### Hybrid CPU
This is my very first Hybrid CPU, it has 4 Performance cores capable of hyperthreading, and 8 Efficient cores that should draw
less power at the expense of being slower.
I made a benchmark, only on Qubes OS, to compare the different cores to a Ryzen 5 5600X and my T470 i5-7300U.
=> https://openbenchmarking.org/result/2311253-NE-2311251NE63&hni=1&hlc=1&ppt=D Phoronix benchmark link
=> https://forum.qubes-os.org/t/hybrid-cpu-benchmarking-performance-when-pinning-to-specific-cores/22251 Qubes OS forum: Hybrid
CPU benchmarking performance when pinning to specific cores
If your operating system doesn't know (Linux does) how to make use of E/P cores (like OpenBSD or FreeBSD), it will use them lik
e if they were similar, so no worry here. However, the performance and battery saving aren't optimized because the system won'
t balance the load at the right place.
TL;DR: the P cores compete with my desktop Ryzen 5 5600X! And the E cores are faster than the i5-7300U! Linux and Xen (in Qube
s OS) does a great job at balancing the workload at the right place, so you don't have to worry about pinning a specific task t
o a P or E core pool.
### Coil whine noise
I think this deserves an entry because it's a plague on many modern computers. If you don't know about it, it's an electric no
ise that happens under certain conditions. On my T470, it's when charging the battery.
I've been able to get some coil whine noise, only if I forced the CPU frequency to the maximum in the operating system, instead
of letting the computer scaling the frequency. This resulted in no performance improvement and some coil whine noise.
In my daily "normal" use with Linux or Qubes OS, I never heard a coil whine. But on OpenBSD for which the frequency management
is still not good with these modern CPUs (intel p-state support isn't great) there is a constant noise. However, using obsdfr
eqd reduced the noise to almost nothing, but still appeared a bit on CPU load.
There is a specific topic where coil whine on this laptop was discussed, a fix was provided by NovaCustom using heat pads (sent
for free for their customers) placed at a specific place. I don't think this should be required except if your operating syst
em has a poor support for frequency scaling.
=> https://forum.qubes-os.org/t/otherss-who-bought-a-nv41-and-have-noise-issues/20436 Qubes OS forum: NV41 coil whine topic
### Screen
The screen coloring is excellent, which is expected as it covers 98% of sRGB palette, it's really bright, and I rarely turn the
brightness more than 50%. I didn't try to use it outdoor, but the brightness at full level should allow reading the screen.
However, it has a noticeable ghosting which make it annoying for playing video games (that's not really the purpose of this mod
el though), or if you are really sensitive to it. I'm used to a 144 Hz display on my desktop and I became really sensitive to
refresh rate. However, I have to admit the ghosting isn't really annoying for productivity work, development or browsing the w
eb. Watching a video is fine too.
One slightly annoying limitation is that it's not possible to open the screen more than a 140° angle, this sounds reasonable,
but I got used to my T470 screen able to open at ~180°. This is not a real issue, but if you have a weird setup in which you
store your laptop vertically against your desktop AND with the screen opened, you won't be able to use the screen.
### Sound system
I've been surprised by the speakers, the audio quality is good up to ~80% of the max volume, but then the quality drops when yo
u set it too high.
I have no way to measure it, but the speakers appear to be quite loud compared to my other laptops when set to 100%, I don't re
commend doing it though due to quality drop, but it can be handy sometimes.
The headphones port works fine, there are no noises, and it's able to drive my DT 770 Pro 80 ohm.
I’ve been able to figure an equalizer setting improving the audio to be pretty good (that's subjective). I’m absolutely not
an audio expert, but it sounded a lot better for pop, rock, metal or piano.
* 31 Hz: 0 db
* 63 Hz: 0 db
* 125 Hz: 0 db
* 250 Hz: 0 db
* 500 Hz: -4 db
* 1 kHz: -5 db
* 2 kHz: -8 db
* 4 kHz: -3 db
* 8 kHz: -3 db
* 16 kHz: +2 db
The idea is to lower the trebles instead of pushing the bass which quickly saturate. Depending on what you listen to and your
tastes, you could try +1 or +2 db for the four first settings, but it may produce saturated sounds.
### Cooling
I think the cooling system is one of the best part of the laptop, it's always running at 10% of its speed and is inaudible.
=> static/review/laptop-under.jpg Laptop view from below
Under a huge load, the fan can be heard, but it's still less loud than my idling silent desktop...
There is a special key combination (Fn+1) that triggers the turbo fan mode, forcing them to run at 100%, it is recommended if t
he laptop is used to run at full CPU 24/7 or for a very long period of time, however, this is as loud as a 1U rack server! For
a more comprehensive comparison, let's say it is as annoying as a microwave device.
I was surprised that the laptop never burned my knees, although under heavy load for 30 minutes it felt a bit too hot to keep i
t on my bare skin without fabric between, that's a genuine lap-top laptop, compatible with short skirts :D.
### Keyboard
The keyboard isn't bad, but not good either. Typing on it is pleasant, but it's no match against my mechanical keyboards. The
touch is harder than on my Lenovo T470 laptop, I think it feels like most modern laptop keyboards.
Check the layout for the keys like "home", "end", "page up/down", on mine they are tiny keys near the arrows, this may not be t
o your taste.
The type is quite silent, and there are 5 levels of back-light, I don't really like this feature, so I turned it off, but it's
there if you like it.
There are NO indicators for the status of caps lock or num lock (neither for scroll lock, but do people really use it?), this c
an be annoying for some users.
### Touchpad
The touchpad may be a no-go for many, there are no extra physical buttons but you can physically click on the bottom area to ma
ke/hold a click. It also features no trackpoint (the little joystick in the middle of the keyboard).
However, it has a large surface and can make use of multitouch clicks. While I was annoyed at first because I was used to Thin
kPad's extra physical buttons, over time I got used to multitouch click (click is different depending on the number of fingers
used), or the "split-area" click, where a click in a bottom left does a left click, in the middle it does a middle click, and i
n the bottom right it does a right click.
It reacts well to movements and clicks and does the job, it's not the greatest touchpad I ever used, but it's good enough.
Unfortunately, it's not possible for NovaCustom to propose a variant touchpad featuring extra physical buttons.
### Suspend and Resume
The suspend/resume feature works as expected on Linux and Qubes OS.
Closing the lid correctly triggers the suspend function, opening it resumes the system.
### Webcam
Nothing special to say about it, it's like most laptop webcams, it has a narrow angle and the image quality is good enough to s
how your face during VoIP meetings.
### Battery life (short version)
I tested the battery using different operating systems (OpenBSD, Qubes OS, Fedora, Ubuntu) and different methods, there are mor
e details later in the text, but long story short, you can expect the following:
* battery life when idling: 6h00
* battery life with normal usage: 3h00-5h00 for viewing videos, browsing the web, playing emulated games, code development and
some compilation
* battery life in continuous heavy use: 2h00 (I accidentally played a long video with no hardware-acceleration, it was using 50
0% CPU)
### I/O ports
On the I/O, the laptop is well-equipped. I appreciated seeing an Ethernet port on a modern laptop.
On the left side:
* 1x Thunderbolt 4 / USB-c (supports external screen and charging)
* 1x USB
* anti-thief system
* Ethernet port
* Multi-card reader (a SD card plugged in doesn't go completely inside, so it's not practical for a persistent extra storage)
=> static/review/laptop-left.jpg Left side of the laptop
On the right side:
* 1x USB-c (supports external screen)
* 1x headphone
* Charge port
* Power button and two discrete states LEDs
* 1x HDMI
* 1x USB
=> static/review/laptop-right.jpg Right side of the laptop
The rear of the laptop is fully used for the cooling system, and there are nothing on the front (Hopefully! I hate connecting h
eadphones on the front side).
=> static/review/laptop-rear.jpg Back of the laptop
=> static/review/laptop-front.jpg Front of the laptop
## Dasharo coreboot firmware
The laptop ships by Dasharo coreboot firmware (that's the correct name for nowadays devices when we speak of the BIOS), it's an
open-source firmware that allows to manage your own secure boot keys, disable some Intel features like "ME"
I guess their website will be a better place to understand what it's doing compared to a proprietary firmware.
=> https://www.dasharo.com/ Dasharo official website
## NovaCustom
NovaCustom is building laptops based on Clevo (a manufacturer doing high-end laptop frames, but they rarely sell directly) whil
e ensuring compatibility with Linux systems, especially Qubes OS for this specific model as it's certified (it guarantees the l
aptop and all its features will work correctly).
They contribute to dasharo development for their own laptops.
They ship their product worldwide, and as I heard from some users, the custom support is quite reactive.
=> https://novacustom.com/ NovaCustom official website
# Operating system support
Now I shared about the hardware part, let's see how it behaves with many operating systems!
## Linux distributions
I guess most users will use a Linux system on this laptop, so let's start by testing some popular distributions:
### Fedora
=> https://fedoraproject.org/ Fedora project official website
=> static/review/fedora-fs8.png Screenshot of Fedora 39 running GNOME
Fedora Linux support (tested with Fedora 39) was excellent, GNOME worked fine. The Wi-Fi network worked immediately even durin
g the installer, Bluetooth was working as well with my few devices. Changing the screen brightness from the GNOME panel was wo
rking. However, after a Dasharo update, the keyboard slider in GNOME stopped working, it's a known bug that also affects Syste
m76 laptops if I've read correctly, this may be an issue with the Linux driver itself.
The touchpad was working on multitouch out of the box, suspending and resuming the laptop never produced any issue.
Enabling Secure Boot worked out of the box with Fedora, which is quite enjoyable.
### Ubuntu
=> https://ubuntu.com/ Ubuntu company official website
Ubuntu 23.10 support was excellent as well, it's absolutely identical to the Fedora report above.
Note: if you use VLC from the Snap store, it won't have hardware decoded acceleration and will use a lot of CPU (and draw batte
ry, and waste watts for nothing), I guess it's an Ubuntu issue here. VLC from Flatpak worked fine, as always.
### Alpine Linux
=> https://www.alpinelinux.org/ Alpine Linux project official website
Alpine Linux support (tested with Alpine 3.18.4) was excellent, I installed GNOME and everything worked out of the box. The At
heros card worked without firmware (this is expected for a blob free device), CPU scheduling was correctly handled for Efficien
t/Performance cores as the provided kernel is quite recent.
The touchpad default behavior was to click left/right/middle depending on the number of fingers used to click, suspend and resu
me worked fine, playing video games was also easy thanks to flatpak and Steam.
It's possible to enable Secure Boot by generating your own keys.
=> https://wiki.alpinelinux.org/wiki/UEFI_Secure_Boot Alpine Linux wiki: UEFI Secure Boot
### Guix
=> https://guix.gnu.org/ Guix project official website
=> static/review/guix-fs8.png Screenshot of Guix running GNOME
Guix support is mixed. I've been able to install it with no issue, thanks to the blob-free atheros network interface, it worke
d without having to use guix-nonfree repository (that contains firmware).
However, I was surprised to notice that the graphical acceleration wasn't working, it seems that Intel Xe GPU aren't blob free.
This only mean you can't plan video games or that any kind of GPU related encoding/decoding won't work, but this didn't preve
nt GNOME to work fine.
Suspend and resume was OK, and the touchpad worked out-of-the-box in multi-tap mode.
Secure Boot didn't work, and I have no idea how a Secure Boot setup with your own keys would look like on Guix, but it's certai
nly achievable with enough Grub-foo.
### Trisquel
=> https://trisquel.info Trisquel GNU/Linux official project website
Trisquel is a 100% libre GNU/Linux distribution, this mean it doesn't provide proprietary software or drivers, and no device fi
rmware.
I've been able to install Trisquel and use it, the Wi-Fi was working out of the box because of the blob-free Atheros card.
The main components of the system: CPU / Memory / Storage were correctly detected, the default kernel isn't too old, and it was
able to make use of the Efficient/Performance core of the CPU.
When not using the laptop, I was able to suspend it to reduce the battery usage, and then resume instantly the session when I n
eeded, this worked flawlessly.
The touchpad was working great using the "3 zones" mode in which you tap on the touchpad in the left/center/right bottom of it
to make a left/middle/right click, this is actually as convenient as using 1, 2 or 3 fingers depending on the click you want to
make, this is something that could be configured though.
Sound was working out of the box, the audio jack is also working fine when plugging in headphones.
There is one issue with the webcam, when trying to use it, X crashes instantly. This may be an issue in Trisquel software stack
because it works fine on other OS.
A major issue right now is the lack of graphical hardware acceleration, I'm not sure if it's due to the i7-1260P integrated GPU
needing a proprietary firmware or if the linux-libre kernel didn't catch up with this GPU yet.
## Qubes OS
=> https://www.qubes-os.org Qubes OS project official website
=> static/review/qubes-os.png Qubes OS 4.2 desktop screenshot
Qubes OS support (tested with 4.1, 4.2-RC2 to RC5 and 4.2) is excellent, this is exactly what I expected for a Qubes OS certifi
ed laptop (the only modern and powerful certified laptop as of January 2024!).
=> https://www.qubes-os.org/doc/certified-hardware/#hardware-certification-requirements Qubes OS documentation: Hardware certif
ication requirements
Qubes OS is my main OS as I use it for writing this blog, for work (freelancer with different clients) and general use except g
aming, so I needed a reliable system that would be fast, with a pretty good battery life.
So far, I never experienced issues except one related to the Atheros Wi-Fi card (this is not the stock Wi-Fi device): 1 time ou
t of 10 when I suspend and resume, the card is missing, and I need to restart the qube sys-net to have it again. I didn't try
with the latest Dasharo update though, it may be solved.
Watching 1080p videos x265 10 bits encoded is smooth and only draw ~40% of a CPU, without any kind of GPU accelerated decoding.
The battery life when using the system to write emails, browse the Internet and look at some videos was of 3 hours, if I only d
o stuff in LibreOffice offline it lasts 5h30.
I'm able to have smooth videoconferences with the integrated webcam and a USB headset, this kind of task may be the most CPU co
nsuming popular job that Qubes OS need, and it worked well.
The 64 GB are very appreciated, I "only" have 32 GB on my desktop computer, but sometimes it lacks memory... 64 GB allows to n
ot ever think about memory anymore.
The touchpad is working fine, by default on the split-area behavior (left/middle/right click depending on the touchpad area you
click on).
There is a single USB controller that drives the webcam and card reader + the USB ports, including a USB-c docked that would be
connected on either the thunderbolt or USB-c ports. The thunderbolt device is on a separate controller, but if you attach it
to a qube (that is not sys-usb), you lose all USB connectivity from a dock connected to it (there is still the other plain USB-
c port). The qube sys-usb isn't even required to run if you don't use any USB devices (this saves many headaches and annoying
times).
Connecting a usb-c dock on the thunderbolt port allows to have USB passthrough with sys-usb, an additional ethernet port and ex
ternal screen working with sound, it's also capable of charging the computer. Whereas the simple usb-c port can only carry USB
devices or the integrated ethernet port of my dock, it should be able to support a screen but I guess it's not working on Qube
s OS. I didn't try adding more than one screen on either ports, I guess it should work on the thunderbolt port.
## BSD systems
I tried OpenBSD and FreeBSD with the laptop. I always have bad luck with NetBSD, so I preferred to not try it, and DragonFly B
SD support should be pretty close to FreeBSD for which it didn't work well.
### OpenBSD
=> https://www.openbsd.org OpenBSD project official website
=> static/review/openbsd-fs8.png Screenshot of the OpenBSD 7.4 desktop using GNOME
I tried OpenBSD 7.4 and -current, everything went really well except the Atheros WiFi card that isn't supported, but this was t
o be expected. If you want the NV41 with OpenBSD, you need to take the Intel AX-200/201 which is supported by the iwx driver.
=> https://man.openbsd.org/iwx OpenBSD manual page: iwx(4)
Suspend and resume works fine, the touchpad is using the "3 zones" behavior by default where you need to tap left/center/right
bottom to make a left/middle/right click. The webcam and sound card were working fine too.
The GPU is fully supported, you can use it for 3D rendering: I've been able to play a PSP game using PPSSPP emulator. OpenBSD
doesn't support hardware accelerated video encoding/decoding at all, so I didn't test it.
=> static/review/ppsspp-fs8.png WipeOut Pulse emulated in the PSP emulator PPSSPP
### FreeBSD
=> https://www.freebsd.org FreeBSD project official website
I installed FreeBSD 14.0 RC4 with ZFS on root and full disk encryption, the process went fine, I had Wi-Fi at the installer ste
p (thanks to the blob free Atheros card).
However, once I booted into the system, I didn't succeed to get X to run, the GPU isn't supported yet and using VESA display di
dn't work for me. Suspend and resume didn't work either.
I gave another try with GhostBSD 23.10.1 in hope I did something wrong on FreeBSD 14 RC4 like a misconfiguration as I never had
any good experience with FreeBSD on desktop with regard to the setup. But GhostBSD failed to start X and was continuously dis
playing its logo on screen, only booting in safe mode allowed me to figure what was wrong.
I was really surprised that the hardware is still "too new" for FreeBSD while OpenBSD support is almost excellent.
## Other
Some less known operating systems were tested as well.
### Haiku
=> https://www.haiku-os.org/ Haiku project official website
=> static/review/haiku.jpg Photography of the laptop running Haiku (live USB)
I booted Haiku revision 57370 live USB, I was actually surprised to have the desktop displayed, and the network interfaces reco
gnized.
Unfortunately, the Atheros card was recognized, but I haven't been able to connect to a scanned network.
The display was using the correct resolution, but it was using software rendering.
The webcam and the touchpad didn't work, I had to connect my USB trackball.
I didn't go as far as installing it.
### OpenIndiana
I tried the freshly released OpenIndiana Hipster 2023.10 liveUSB.
After letting the bootloader display and start the boot process, the init process seemed stuck and was printing errors about CP
U every minute. I haven't been able to get past this step.
# Measurements
I had fun measuring a lot of things like power usage at the outlet, battery duration with many workloads and gaming FPS (Frames
per Second, 30 is okayish depending on people, 40 is acceptable, 60 is perfect as it's the refresh rate of the screen).
## Power
I measured the power usage in watts using a watt-o-meter in different situations:
* power supply connected, but not to the laptop: 0 watt (some power supplies draw a few watts doing nothing... hello Nintendo S
witch with its 2.1 watts!)
* charging, sleeping: 30 watts
* charging, idling: 37 watts
* charging and heavy use: 79 watts
* connected to AC (not charging), sleeping: 1 watt
* connected to AC (not charging), idling, screen at full brightness: 17 watts
* connected to AC (not charging), downloading a file over Wi-Fi, screen at full brightness: 22 watts
This is actually good in my opinion, to have a comparison point, a standard 24-inch screen usually draw around 40 watts alone.
The power consumption of the laptop itself is within the range of other laptop. I was happy to see it use no power when the AC
is connected but not to the computer, and on idling it's only 1 watt, I have another laptop idling at 7 watts!
## Battery life
I measured the battery life using different methods and sometimes multiple times to verify if it was reliable.
### Linux
One method was to play a 2160p x265 10 bits encoded video using VLC, 1h39 long, with full brightness and no network.
* With hardware accelerated decoding support: 33% of the battery was used, so the battery life would theoretically be almost 6
hours (299 minutes) while playing a video at full brightness
* Without hardware acceleration: 90% of the battery was used (VLC was using 480% of the CPU, but I didn't notice it as the fans
were too silent!), this would mean a battery life of 1h49 (110 minutes) using the computer under heavy load
The other method was to play the video game "Risk of Rain Returns" with a USB PS5 controller, and at full brightness, for a giv
en duration (measured at 20 25 minutes).
* Risk of Rain Returns: 15% of battery used in 20 minutes, this mean I should have been able to play 2h13 (133 minutes) before
having to charge.
### OpenBSD
I played a PSP game for 25 minutes using PPSSPP in full screen at full brightness.
* WipeOut Pulse: 14% of battery was used in 25 minutes, this mean I could have played for almost 3 hours straight (178 minutes)
## Gaming performance
I did play a bit on the laptop on Linux using Steam on Flatpak. I tested it on Fedora 39, Ubuntu 23.10 and Alpine Linux 3.18.3
, results were identical.
A big surprise while playing was that the fans remained almost silent, they were spinning faster than usual of course, but that
didn't require me to increase the moderate volume I used in my gaming session.
* Baldur's Gate 3: Playable at stable 30 FPS with all settings to low and FSR2.2 enabled in ultra performance mode
=> static/review/bg3.jpg Baldur's Gate 3 (2023)
* Counter Strike 2: Stable 60 FPS in 1600x900 with all settings set to minimum
=> static/review/cs2.jpg Counter Strike 2
* Spin Rhythm XD: Stable at 60 FPS
* Rain world: Stable at 60 FPS
* HELLDIVERS: Stable at 60 FPS with native resolution and graphical settings set to maximum
* Beam NG;Drive: Playable with a mix of low/normal settings at 30 FPS
* Resident Evil: Solid 45 FPS with the few settings set to maximum, better lock the game at 30 FPS though
* Risk of Rain Returns: Stable 60 FPS
=> static/review/rorr-fs8.png Risk of Rain returns
* Risk of Rain 2: Stable 60 FPS using 1600x900 with almost all settings to lowest
=> static/review/ror2.jpg Risk of Rain 2
* Endless Dungeon: with the lowest settings and resolution lowered to 1600x900, it was able to maintain stable 30 FPS, it was k
inda playable
I didn't try using an external GPU on the thunderbolt port, but you can expect way better performance as the games were never C
PU bound.
# Conclusion
I'm glad I dared asking NovaCustom about this partnership about the NV41, this is exactly the laptop I needed. It's reliable,
no weird features, it's almost full open source (at least for the software stack?), very powerful, and I can buy replacement pa
rts for at least 7 years if I break something. It's also SILENT, I despise laptop having a high pitch fan noise.
I still have to play with Dasharo coreboot, I'm really new to this open-source firmware world, so I have to learn before trying
weird and dangerous things (I would like to try Heads for its anti-evil maid features, it should be possible to install it on
Dasharo systems "soon").
Writing this blog post was extremely hard, I had to stay mindful that this must be an HONEST and NEUTRAL review: writing about
a product you are happy with leads to some excitement moments and one may forget to share some little annoyance because it's "n
ot _that_ bad", but I did my best to stay neutral when writing. And this is the agreement I had with NovaCustom.
Honesty is an important value to me. You, dear readers, certainly trust me to some point, I don't want to lose your trust.