jika kamu pikir-pikir, keadaan siswa-siswi Indonesia yang kebanyakan tidak dapat menyerap banyak ilmu maupun pengetahuan dari sekolahnya cenderung akan lebih tolol lagi jika pemblokiran wikipedia benar-benar terjadi. kamu lihat:

kurikulum yang tidak jelas, tidak realistis

saat aku pegang kedua buku yang berbeda, satu dari berbasis kurikulum 2013, dan satunya dari kurikulum merdeka, perbedaannya sangat menonjol:

dalam buku kurikulum k13 tersebut, penjelasan materi cenderung lebih luas daripada sebuah tugas per bab. Setiap tugas yang diberikan di dalam buku itu mereferensikan dengan apa yang sudah dijabarkan kepada siswa, Mau itu telah dijelaskan oleh guru maupun tidak, semua jawaban dan pengetahuan dapat didapatkan dari satu buku ini secara otodidak oleh siswa.

perhatikan lampiran 2 halaman ini, lalu simpulkan sendiri:

sedangkan pada buku kurikulum merdeka, penjelasan pada sebuah materi hampir cenderung nihil pada buku mata pelajaran masing-masing. jika tugas-tugas ini dijelaskan oleh guru terlebih dahulu, mungkin masuk akal, namun jika orang tua yang menjelaskan kepada anaknya, maka kenapa siswa harus masuk sekolah dari awal?

kejadian di lapangan menunjukkan bahwa kebanyakan guru cenderung jarang memberikan penjelasan pada jam kelas dan terkadang hanya dijelaskan pada saat les, dan walaupun itu dibantu dengan memperpanjang waktu sekolah siswa yang awalnya dari jam 6 pagi sampai jam 12 (atau 1 siang) menjadi jam 6 pagi (lebih awal) sampai jam 3:45.

masalahnya, begini: – penyampaian materi pada buku-buku ini cenderung kompleks, dan bahkan demikian saat lapangan menunjukkan bahwa di Sekolah Dasar pun memiliki masalah seperti ini. – guru di lapangan yang baru terjun di mata pelajaran ini justru kewalahan dengan kompleksitivitas metode penyampaian materi yang disampaikan. ini seharusnya sudah tidak terjadi di beberapa wilayah, namun hasil di lapangan pun menunjukkan bahwa guru baru pun tetap memiliki masalah serupa. – kebanyakan guru di lapangan cenderung tidak melakukan penjelasan, dan justru memberikan tugas lalu kemudian, begitu saja (keluar dari kelas saat belum istirahat, memberikan siswa jam kosong). – siswa yang tidak mengerti dengan materi yang disampaikan cenderung terjebak dengan materi yang diberikan jika tidak ada semacam les, atau pengajaran di rumah – orang tua terbebankan oleh tugas-tugas anaknya yang dimana seharusnya sudah dijelaskan oleh guru

dan sebenarnya? beberapa sekolah cenderung mengkeep beberapa mata pelajaran agar tetap mengajarkan beberapa dari kurikulum 2013.

kita sudah melihatnya di lapangan, dan konsenkuensinya, bukan main

perhatikan, lalu buka peramban internetmu sendiri: – beberapa murid-murid SMA pun tidak dapat membaca, atau bahkan menghitung aritmatika dasar (tambah, kurang, kali, bagi) yang dimana seharusnya sudah bisa – masih sma, tidak dapat baca jam dinding?? apa kabar dengan gurunya sebelumnya? apakah di lingkungannya tidak pernah ajari cara membaca jam dinding sama sekali??

lalu, begini masalahnya: – jika kita sebut guru-guru molor pada tugasnya di lapangan, sebenarnya ada faktor yang memperjelaskan keadaan guru:

guru kita underpaid. serius.

jika kita lihat keadaan di lapangan, beberapa guru hanya digaji sekitaran 200 ribu ataupun hanya 150 ribu perbulan.

iya. sebanyak uang kas yang kita keluarkan setiap 4 hari.

sebenarnya, beberapa pihak sudah mendesak pemerintah untuk menaikkan gaji guru, namun pemerintah condong ke MBG yang secara bersamaan menyebabkan inflasi harga sembako di beberapa kota beserta tutupnya beberapa UMKM di wilayah sekolah. dan secara bersamaan, gaji guru dipotong di situasi yang bersamaan.

sekarang, sudah lihat kan?

mungkin itu saja dariku.

jika terdapat kesalahan, buatlah pos yang mengkoreksi artikelku ini.

sekian,

seorang mantan siswa yang melihat transisi k13 ke kurikulum merdeka.

Caution to reader: This might sounded misogynistic at first, But it's actually not. If you still thought so, Close this tab.

To begin with, I literally didn't care if you're a male or female to begin with. If one completely acted like a cunt to the point i can't even hold my fury, then so be it.

Like any usual middle high schoolers, There's always that one person that literally despise you for no reason but then will need you for something else, and that kind of person is always here. I would like to say this, though. I really don't want to have debates to begin with, But given the amount of volumes of BS that i get everyday from these individuals, That same exact incident changed exactly who i am since that very day.

Please remember: I talk about one specific person. It doesn't even mean that i will treat everyone exactly the same treatment. There's a reason for why the following happens.

There's that one girl who since the last year of middle school will always cut me off everytime i talk to teacher or my close friend (rare, but it occurs), or during group discussion. These cuts are not even polite or anything, but rather pure disrespect.

There are time where i literally had enough to that girl that i literally slam my hands onto the table to shut that one person off due to constant cutting off and the disrespect that she put,

When she fight back with words, This time i snapped and shouted back at her, It's all going on back and forth until a classmate stop both of us.

Well, This is basically a messy rambling that i try to recall on my brain that then ended up being messy.

To be frank, I do not really want to be a debater to begin with, But i guess there's so many factors to the point that I literally became one.

the first thing that came to my mind when you need to have a gpu passthrough, Often it requires another secondary dedicated graphics card that's unused by the host. if not that, then paravirtualization solution such as virtualbox/vmware/spice guest tools, or virgl3d.

but then we have sr-iov which specially targets a intel processor computer that let us create a virtual function (VF) of Intel UHD Graphics iGPU. This lets us to be able to do gpu passthrough to our VM without needing to have it being unused. in this blog, i will talk on how i set this up

disclaimer: sriov is still considered experimental. things might break here if you're unlucky, but it shouldn't be.

setting up

you will need to ensure that the intel processor that you are using is Gen 9.5 and newer for the best experience as possible. Ensure that both VT-x and VT-d are enabled on the bios settings so you can use IOMMU for hardware passthrough, otherwise you will still limited in paravirtualization.

the operating system that i use at the time of this writing is arch linux. kernel is the default arch kernel. since sriov hasn't getting mainstreamed yet, so we just install the i915-sriov dkms module via aur:

yay -S i915-sriov-dkms

or manually install it from source:

git clone --depth=1 https://github.com/strongtz/i915-sriov-dkms
doas dkms add ./i915-sriov-dkms

# install the module
doas dkms install i915-sriov-dkms/2026.05.06

# then rebuild your initramfs

replace 2026.05.06 with the current version of the module

just to make it compatible with other kernel, i will use the dkms variant since it's easier to maintain and switch kernel back and forth just in case.

for your convenience, please add yourself to kvm group: usermod -aG kvm you

kernel

continuing, we begin by explicitly making the kernel to enable intel iommu by adding this to the kernel boot param. 1 VFs is generally enough. you can pick which driver you will want to use in between the two:

i915:

intel_iommu=on i915.enable_guc=3 i915.max_vfs=1 module_blacklist=xe

xe (the new experimental driver. you will need it if you have for like, Intel Arc/Iris):

intel_iommu=on xe.max_vfs=1 xe.force_probe=device-id module_blacklist=i915

You can also try to use xe on iGPU, however given how new this driver is, it might be unstable

To get device-id, You can obtain it by executing lspci -nn | grep -i vga and then obtain the 16 bit hexadecimal digit of the iGPU id:

[yonle@yonle ~]$ lspci -nn | grep -i vga
0000:00:02.0 VGA compatible controller [0300]: Intel Corporation Alder Lake-UP3 GT1 [UHD Graphics] [8086:46b3] (rev 0c)

as you see here, the device id of my iGPU is 46b3, which then you will use this for the boot param above and later on.

now reboot, and then check dmesg to see whenever SR-IOV is actually loaded properly:

[yonle@yonle ~]$ doas dmesg | grep -i sriov
[    5.169765] i915: You are using the i915-sriov-dkms module, a ported version of the i915/xe module with SR-IOV support.
[    5.169767] i915: Please file any bug report at https://github.com/strongtz/i915-sriov-dkms/issues/new.
[    5.169768] i915: Module Homepage: https://github.com/strongtz/i915-sriov-dkms
[    5.289502] intel_sriov_compat: loaded

replace “doas” as “sudo” if you use sudo.

if you saw intel_sriov_compat: loaded, you're good to go.

making the virtual function

technically, you can manually load it via command line. but for some reason it might give you more works than necessary to get your things working.

so, assuming you're on arch linux, make a systemd-tmpfiles config specifically to make just 1 vf. edit /etc/tmpfiles.d/i915-set-sriov-numvfs.conf:

#Path                                              Mode UID  GID  Age Argument
#Uncomment the next line and change the argument to the number of VFs you want
w /sys/devices/pci0000:00/0000:00:02.0/sriov_numvfs -    -    -    -   1

and then, make a udev rules to block vf (except host) to be used as a main by host (eg, your main de/wm). edit /etc/udev/rules.d/99-i915-vf-vfio.rules:

ACTION=="add", SUBSYSTEM=="pci", KERNEL=="0000:00:02.1", ATTR{vendor}=="0x8086", ATTR{device}=="0x46b3", DRIVER!="vfio-pci", RUN+="/bin/sh -c 'echo \$kernel > /sys/bus/pci/devices/\$kernel/driver/unbind; echo vfio-pci > /sys/bus/pci/devices/\$kernel/driver_override; modprobe vfio-pci; echo \$kernel > /sys/bus/pci/drivers/vfio-pci/bind'"

note: replace 46b3 with your gpu device id that you obtained above.

then, reboot.

you must see 2 iGPU now when running lspci now:

[yonle@yonle module]$ lspci | grep -i vga
0000:00:02.0 VGA compatible controller: Intel Corporation Alder Lake-UP3 GT1 [UHD Graphics] (rev 0c)
0000:00:02.1 VGA compatible controller: Intel Corporation Alder Lake-UP3 GT1 [UHD Graphics] (rev 0c)

remember: your guest must only use the vf one, in this case, it's 0000:00:02.1

kvmfr

as we're also going to use looking glass, let's prepare kvmfr for the shared memory.

first, ensure that your kernel header has been installed properly before installing the dkms module.

installing manually

obtain the source code tarball from here, and then extract module folder, and then,

cd module
doas dkms install .

caution: you must rebuild the DKMS on each kernel update / when you switch to different kernel.

installing via AUR

yay -S looking-glass-module-dkms

👍

configuring kvmfr

you should be able to load kvmfr now:

doas modprobe kvmfr static_size_mb=32

the looking glass docs has a fantastic explanation on how do you determine a shared memory for your DMA, which you should read.

now, let's make this module gets loaded automatically on boot. First we need to set the default kvmfr load param by editing /etc/modprobe.d/kvmfr.conf, then putting this:

options kvmfr static_size_mb=32

then edit /etc/modules-load.d/kvmfr.conf and add this:

kvmfr

now, we make a udev rule to ensure that the device got a proper permission. edit /etc/udev/rules.d/99-kvmfr.rules:

SUBSYSTEM=="kvmfr", OWNER="user", GROUP="kvm", MODE="0660"

replace user with your username.

to apply the udev permission immediately, do

doas chown you:kvm /dev/kvmfr0
doas chmod 660 /dev/kvmfr0

now edit /etc/libvirt/qemu.conf, and uncomment cgroup_device_acl and add /dev/kvmfr0 in it:

cgroup_device_acl = [
    "/dev/null", "/dev/full", "/dev/zero",
    "/dev/random", "/dev/urandom",
    "/dev/ptmx", "/dev/userfaultfd",
    "/dev/kvmfr0"
]

then restart libvirtd daemon.

make a vm

we will use libvirt with virt-manager as the client.

the vm that we will create will be a Microsoft Windows 11 VM.

before you begin your installation, Do a customization first. On [Overview]'s XML, Replace the following top:

<domain type="kvm">

with this:

<domain xmlns:qemu="http://libvirt.org/schemas/domain/qemu/1.0" type="kvm">

and then, add the following inside the <domain> field:

  <qemu:commandline>
    <qemu:arg value="-device"/>
    <qemu:arg value="{'driver':'ivshmem-plain','id':'lg','memdev':'looking-glass'}"/>
    <qemu:arg value="-object"/>
    <qemu:arg value="{'qom-type':'memory-backend-file','id':'looking-glass','mem-path':'/dev/kvmfr0','size':33554432,'share':true}"/>
  </qemu:commandline>

replace 33554432 with your calculated shared memory.

then, [Add Hardware] –> [PCI Host Device], Look for your VF iGPU (from the previous lspci, it must be 0000:00:02.1)

remove the existing keyboard and tablet input, and make new inputs for both things with virtio bus in it. Additionally, If there's “EvTouch” or anything outside of “ps2” and “virtio” inputs, you may also want to attach it too.

and then proceed installation with vga as usual until you finished installing the OS with Intel Graphics Driver and Windows Virtio Drivers installed.

Since i'm in Gen 12th alder lake, I installed the ones with version 32.0.101.7085 as of the time of this writing (or, “Intel® 11th – 14th Gen Processor Graphics – Windows*“).

you should only need to install Intel Graphics Driver and that's all it takes to work. after installation, reboot to ensure that the driver is actually being loaded properly and then check via device manager (right click on the start button and then go from here). it should look like this:

note: i will guide you on setting up Virtual Display Driver from here

until looking glass and VDD has been configured, you must not turn VGA to None until you finished following the steps below

Virtual Display Driver (VDD)

usually, you use a dummy HDMI or DP adapter to make GPU start drawing a screen. Since we can't do that via VF, We basically make a screen of our own here.

open your terminal, and execute

winget install --id=VirtualDrivers.Virtual-Display-Driver -e --source winget

once succesfully installing it, open new terminal tab, and type

& 'VDD Control.exe'

It will launch new window looking like this:

Press [Install Driver] and proceed driver installation. If succeed, The OS will make an animation as if a secondary monitor has got plugged in.

Looking Glass

Now, Install looking glass on your host machine:

yay -S looking-glass

and then on your VM, Install the Looking Glass Host, which you can obtain from here,

after getting looking glass host started in VM, try connecting it on the host machine by just typing looking-glass.

if you saw the virtual display monitor from here, then congrats. your setup works properly.

now, power off your VM, and then set VGA to None. and then start the VM. The console display won't be visible, then launch Looking Glass on your host machine again.

after you finished configuring the display here, it should look like this now:

audio enhancement

the default ich9 sound driver suffer through latency issues if got bombarded with a lot of things all at once, especially rhythm games that requires low latency.

we can use scream audio driver here. but do the following first: – ensure that the network card is virtio, if not, switch to it – remove ich9 audio card

for arch linux, you can get scream receiver via aur:

yay -S scream-git

and then just launch the receiver in the background:

scream -u -i virbr0 -o jack

the command above should be enough for everyday usage. the audio latency is low and is fairly balanced enough for daily usecase.

if you wanna go to the lowest possible latency:

scream -u -i virbr0 -o raw | pw-cat --playback --format=s32 --rate=48000 --channels=2 --raw --latency 128 -

you may adjust the latency flag value if 128 wasn't doing well. ensure that the samplerate, channels, and pcm format matches to what you are configuring in the Windows VM.

you can check the latency by checking pw-top.

note: this assumes that your setup is using pipewire.

while it's chilling in the background, let's set up the windows driver for it.

first, turn on test mode. open terminal as administrator (right click start –> Terminal (Admin)), run:

bcdedit /set testsigning on

then restart the vm. You must see [Test Mode] on the bottom-right corner of your wallpaper.

download the non-source zip (Usually named in ScreamX.X.zip) from here, extract it, Navigate to <scream folder>/Install/driver/x64/ and open terminal as an admin here, then run:

pnputil /add-driver .\Scream.inf /install

before we finally disable test mode:

bcdedit /set testsigning off

configure the scream audio driver via registry editor. in this case, it can be done via command line below:

REG ADD HKLM\SYSTEM\CurrentControlSet\Services\Scream\Options /v UnicastIPv4 /t REG_SZ /d "192.168.122.1" /f
REG ADD HKLM\SYSTEM\CurrentControlSet\Services\Scream\Options /v UnicastPort /t REG_DWORD /d 4010 /f

Replace 192.168.122.1 to your local address of your host that's being assigned by your virtual bridge, eg virbr0.

and then reboot.

caveats

• if you only loaded i915 with xe blacklisted, any activities on the host (except the guest) that has involvement of vulkan may start slowly / temporarily stall the entire drm. this can be fixed by trying to use the xe driver instead, however
• xe can get both OpenGL and Vulkan properly, but might stall the entire drm once the vm finished booting

loading both drivers simultaneously does not currently resolve these problems.

if these issues become annoying, consider adding a separate bootloader entry that disables SR-IOV and IOMMU entirely. This allows you to boot into a normal configuration when you don't plan to run a VM.

extra

if necessary, you can try debloat your windows VM by using these tools: – raphire/Win11Debloat to remove most of the bloats – es3n1n/defendnot to disable windows defender by pretending there's other antivirus in order to reduce load

cpu usage:

ram usage:

extra note: if at some point you plan to do gaming here, including low latency gaming, consider attaching your input devices (keyboard, mouse) into your VM via passthrough, as the existing input grabber is meant for a normal workstation purpose.

extra note2: given that you have installed virtio drivers above, switch your VM network card to virtio for best performance.

extra note3: if you're still overwhelmed by both visual and audio latency even with solutions above, consider using dGPU passing and passing external soundcard into VM instead.

if you need to see how the config looks like on the system, you can check on my dotfiles to see what has been configured here and there.

troubleshooting

looking glass suddenly stuck on [The host application seems to not be running]

the VF of your iGPU could have been overwhelmed probably due to multiple reusage (eg, constant reboot, you suspended your laptop while VF is still in effect, etc). to fix this, try reboot your host. if this still didn't fix the problem, then try reinstalling the intel graphics driver inside the VM.

mouse sensitivity is way too high on looking glass

trying to navigate the display without capturing your mouse will have this kind of behavior by default. enable capture mode by pressing the looking glass's escape key (the default is scrolllock. you can change this by setting -m KEY_<KEY> when launching looking glass via command line).

error code 43

try disable “memory isolation” in windows security:

and reboot.

if error 43 still occurs, try check the intel driver. The suggested version is above v32. if it goes below that (especially windows update default, 31), It might not be able to recognize the hw properly, so try reinstall the intel driver and try again.

aand that's it.

for references: – Looking Glass B7 Installation Documentation – i915-sriov-dkms docs – Libvirt: Domain XML Format documentation – Github: Scream audio driver README

honorable mention: My best friend RionWijaya for informing me with his experiments and then help me a bit

happy VM-ing once again.

p.s.: you can try to apply the same logic if you have a spare dGPU by skipping the intel sr-iov & iommu step

but then i got dragged.

years ago, when some of the people from that group saw me somewhere outside of the platform that i was in to talk to these folks, first thing that happen to me when these folk saw me first is basically,

are you XXXXXXXX member?

wasn't once, twice. if you know that was me, can you just, not drag that to where i was in

as if i am being the representative of the organization that I literally have zero goal on being participating with? to put on top of that, despite the requirement, i literally never joined or requested for joining their github org.

honestly, it felt like i was being watched. one thing that's obvious here, i really despise someone who literally take any kind of member to be their organization representative like literal, where if one did bad thing, then they got relentlessly fucked to death to the point they reach out to the irl stuff.

ever since i disconnect myself from that place, it never felt anything better. for one, there's someone who just realized why i despise a lot of things from them and then afraid of me hating them for eternity. “you just gave me a new lesson”, they say. does their trial and errors is all done for the sake of “lesson” that would be only better to them? the scratch is still on my mind.

i accepted their apologize. but i remain despising how it all went.

it's simply no good.

right now just majoring CS in my College. Still on the first year so i don't expect much or even thinking that i would success on this one.

Simply said, i'm in the college simply just wanna learn new things. If i can't really finish some of the assignments properly, then so be it.

the first semester score of mine is lower than everyone else compared. quite surprising, but i don't really mind as i know why that is as it's mostly all my fault

wish i can be careful on this one.

It's January 13th 2026 as of the time i am writing this.

This year, is different. Now I basically live independently from the previous high school years where i was close with my mom, continuing study by going to a rather simple college. I must be honest here, I did not perform really well and ended up repeating what i did during mid and high school: Ignoring assignments, which now i had a bunch of them stacked which makes me never stop thinking about it.

Since i move to a city, I learned lots of things on my own with the help of various technologies that we basically knew, And also listened to some of my friends about what his past life was, and how he's doing today, and what he learn from what he experienced, etc.

Meanwhile, I still have no job yet. I do plan to make my own little business with the skills that i have, But i really have zero experience on doing business at all. So it's between wanting to had a job or making a little business by my own will.

I am still financially funded by my Dad. I do plan to be independent... I actually know many ways to earn it but i am the one who refused to do it... Simply said, I am really stubborn. Quietly stubborn. To be honest, I really need to control myself to be not so picky.

Well, I wish i can get myself a little better and achieve what i am trying to accomplish... But for now it seems impossible.

That's all from now. Until the next time.

Yonle January 13th 2026

sebelumnya, saat saya sedang mari laptop untuk menggantikan laptop lamaku yang Pentium T4400, gw ketemu juga sama laptop-laptop ThinkPad, terutama di mall-mall di Batam seperti di Nagoya Hill. Setiap ThinkPad yang ada disini berbeda-beda modelnya, namun setelah ku lihat,

sebenarnya tidak ada satupun laptop yang dijual memiliki spek yang kurang nanggung untuk harga yang sama dengan laptop yang aku pakai saat ini.

rata-rata processor yang dipakai di Thinkpad ini berkisaran i3 sampai i5 yang hanya terbatas pada gen dari 6 sampai 10. Itupun dengan RAMnya kadang nanggung juga speknya tak peduli jika ku pakaikan linux ke laptopnya.

pada akhirnya, aku beli MSI Modern 14 C12MO yang memiliki prosesor i3-1215u (alder lake, gen 12), dengan NVME Phison 256 GB & RAM sekitaran 8 GB. Walaupun RAMnya masih nanggung, namun untuk harga dan pilihan yang ada, kira-kira inilah yang cocok untuk kerjaanku yang dimana lagipula, Gw bukan seorang gamer yang sering ngegame berat.

“[brand] punya masalah engsel”

awalnya kenalan kuliahku infokan bahwa laptop MSI condong rentan sama masalah engsel, namun menurutku ini masalah yang sebenarnya biasa di semua laptop jenis engsel verleher 2. Jadi maupun aku beli yang bermerek ASUS vivobook pun, secara durabilitas sama saja.

pemakaian dengan arch linux sudah lebih dari 6 bulan, dan syukurlah masih awet.

kebetulan, ada orang yang beli laptop asus atau thinkpad karena sparepartnya mudah dicari, namun menurutku,

semakin tua umur sebuah laptop, maka semakin langka pula sebuah sparepart untuk bagian-bagian laptopnya. Merek apapun laptop itu, Sparepartnya tetap sulit dijangkau walaupun stoknya banyak.

framework, walau secara desain memang modular, Secara spesifikasi & modal sebenarnya nanggung. Itu pula belum termasuk biaya bea cukai / pajak dll sebagainya yang dikirim antar benua.

jadinya, laptop apapun itu, sebaiknya dijaga sebaik mungkin apapun mereknya. walau sparepartnya ada, kadang ngeservisnya yang bakalan ribet atau justru nanggung sampai di titik dimana lebih waras menabung untuk menggantikan laptop dengan laptop baru.

pokoknya poinku begini: fokus pragmatis dulu. jangan beli gegara gengsi atau branding atau janji-janji segala macem kalau ujung-ujungnya bakalan sama aja kayak hardware lainnya.

sepucuk tips sederhana.

jika ada sebuah model sebelahan yang memiliki spek yang 2x lipat lebih besar dengan harga yang 10% lebih mahal daripada opsi yang kamu kejar, lain kali tabunglah untuk mesin itu.

kadang ada kalanya kamu mungkin awalnya agak terganggu sama dompet yang kering, tapi lama kelamaan hasilnya tidak akan mengecewakan. karena sebenarnya, kadang beli yang kecil lebih mengecewakan dan kandang malah merugikan.

since i have hosted various fedi server for like 3 years, i think it's about the time i discuss about the experience when i host it. please note, on this blog, i won't really tell which one is better and the entire resource usage in a specific number as these number will became irrelevant as the older this blog has become. i will only mention what they can do, and what they can't do so you can judge it yourself.

akkoma

this one, is, obvious already. akkoma is basically a hardfork of pleroma with different mindsets in mind. basically same heart, different director. since it's pleroma-based, it can handle a lot of users pretty decently light on server without needing a lot of server resources.

this is basically the first fedi software that i use to host my first server, at fedi.lecturify.net. the reason of why i pick this is, for one, MFM and the akkoma-fe.

what it can do: – react like misskey – post like misskey with MFM – MastoAPI – serve for (lot) of active users in small amount of resources. – bubble timeline (curated timeline of post coming from several instances that admin picked)

what it can't do: – 1:1 compatible with the og MFM – algorithm / trending post timeline – have avatar decoration like misskey

honk

this is the second software that i try as a test because i'm bored. to begin with, this is a fedi server software written by Ted Unangst, an author of doas and several other OpenBSD components. it focused for small system resource & single user. it can be used for multi users, but it's mostly suited well for single user as far as i've tried.

what it can do: – post. – anti distraction. – sqlite3

what it can't do: – MastoAPI – your posts are not entirely preserved. it's designed for noisy and limited system resource, remember? – be sane (you and the people that you follow avatar's are not their avatars. it's a hex pixel avatar generated randomly per user) – react and post like misskey. you can adjust reaction by changing the default so it's beyond other than [star], but still limited regardless – no stat report. you don't know whose following you, whenever your post is liked or reposted, it's anti mainstream. good for people to avoid distraction. – you can only upload videos in the form of “memes” where you need to upload the video to the server and put it in memes folder. – sqlite3

pleroma

again, this is obvious. but anyway, pleroma is a software written by lain, or also known as lambadalambada. it's initial purpose is basically to replace gnu/social.

anyway, as previously said, it can handle a lot of users pretty decently light on server without needing a lot of server resources.

what it can do: – react like misskey – [soon]post like misskey with MFM – MastoAPI – serve for (lot) of active users in small amount of resources.

what it can't do: – algorithm / trending post timeline – have avatar decoration like misskey – have a lightweight web client.

snac2

at the time when i hear this, snac2 is still really new. like really new.

like honk, it's focused to be as lightweight as possible and focused for small system resource.

what it can do: – MastoAPI – react like misskey (new thing. cool) – run in toaster that's running netBSD – run in a hacked 4G alibaba modem dongle running debian – run in a hacked chinese wireless CCTV – run in a hacked wii – run in literally everything that can connect to internet – run in less than 500 MB of RAM

what it can't do: – managing database manually like the most solutions that's using sql. but it's pretty solid. – mfm – s3

misskey

misskey is basically written by a Japanese high school student back then, named Syuilo. It got several inspiration from various platform like discord.

i won't really talk about the forks out here since core wise, it's computational power needed will be pretty much the same (2c vCPU minimal, 4c vCPU recommended).

what it can do: – mfm – customize profile – manage storage limit per user – bunch of features

what it can't do: – run in less than 2 GB of RAM even for just 3 users. – MastoAPI (forks can do) – edit (forks can do)

note: rough maintenance (nodejs must be match to the version it require to run, must be glibc system)

gotosocial

basically a “small” and “lightweight” fedi server. i haven't tried much, but i only tried for brief moment when i test mostr.pub federation with gotosocial

what it can do: – MastoAPI

what it can't do: – algorithm / trending post timeline – anything misskey related – have a web client built in. – have a proper activitypub compatibility (last time it clashed with snac2. turns out one AP object field can be either string or array. but the question is, why this way?)

note: comparably as big as akkoma/pleroma. just go host akkoma/pleroma already tbh. it's not even as small as snac2 or even honk compared.

alright. i think that's all.

once i check the log, the mail server crashed because of two thing: – it can't connect to our postgresql db as it hasn't started yet – it can't bind to the smtp port

so, then i decided to modify the systemd service unit to make it always restart on every 10 seconds when theres a failure:

[Unit]
Description=OpenSMTPD SMTP server
Documentation=man:smtpd(8)
After=network.target

[Service]
Type=forking
ExecStart=/usr/sbin/smtpd

Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target

hopefully this doesn't happen again.

the media is gone by itself

several weeks later, it also affected me

i also noticed that it's not just one of these photos that was actually gone, it's 4-7 of them. these are only noticeable after i restarted varnish cache (which effectively starting the cache from 0).

recovery is pain in the ass. for public post, they're easy to recovery by obtaining a copy from remote instance's CDN cache, but for some non-public post, these are hard to recover than you thought, unless you're also following them on your alt account.

initially, this problem happens to one of the post from my friend, Irfan, which i apparently noticed that the media that's on the post became 404. o thought it was temporary, but then slowly it's showing by itself that it also affected other users

i contacted the contabo support, but they're not even aware of it too

There are no deletion API being triggered via S3 in the backend that i hosted. It was just an upload, and then several hours later, gone by itself.

Dear Lee,

We would like to clarify that there are no deletion actions being triggered from our side in the backend. What about any lifecycle policy? Didn't have any that expires object after sometime? Please monitor it from now on and inform us if it occurs again.

let's check the akkoma source code, on this one: https://akkoma.dev/AkkomaGang/akkoma/src/commit/f3b39e9ea25bda9bb2e7611f6025499a3cc51c1d/lib/pleroma/uploaders/s3.ex#L34-L38

if we check how's the upload was done:

ExAws.S3.upload(bucket, s3_name, [
  {:acl, :public_read},
  {:content_type, upload.content_type}
])

it's basically just that.

but then, we have attachment cleanup worker, and yet that also doesn't seems going to break anything. i also checked other code that's relying on delete_file(), and yet nothing suspicious.

so that leaves me in a dead end.

time to do our own solution, i guess

hi. seaweedfs

to be frank, previous setup on fedi.lecturify.net years ago uses minio for the s3 storage. even after that, there's still something that bothers me, yet, also don't like it at the same time.

so i was looking around on object-storage tag on github explore and then stumbled on seaweedfs that promise to have O(1). there's also rustfs, bht due to time constraints, i decided that it's not worth compiling it on the server. so i decide to compile seaweedfs instead, which only took 3 mins to finish.

right after i finished compiling it, i install it to /usr/local/bin/, and then made a openrc unit on the container:

~ # cat /etc/init.d/weed
#!/sbin/openrc-run

name="seaweedfs"
description="SeaweedFS service"

supervisor="supervise-daemon"
command="/usr/local/bin/weed"
command_background="no"
command_user="weed"
command_args="server -s3.externalUrl=https://objstorage.waltuh.cyou -s3 -dir /home/weed/data -volume.max 12"

no_new_privs="yes"

pidfile="/run/${RC_SVCNAME}/${RC_SVCNAME}.pid"

retry="SIGTERM/60/SIGKILL/5"

error_log="/var/log/${RC_SVCNAME}.log"
output_log="/var/log/${RC_SVCNAME}.log"

depend() {
  need net
}

start_pre() {
  checkpath --directory --owner $command_user:$command_user --mode 0755 /run/${RC_SVCNAME}
  checkpath --file --owner $command_user:$command_user --mode 0644 $error_log
}

that's what i did.

for the bucket and user management (including key), i summon weed admin and then access the admin UI locally via ssh port forwarding. I manage everything here.

as usual, i begin by syncing everything from the contabo storage via aws-cli before finally syncing back to our own bucket that's now in seaweedfs. things went surprisingly smooth.

except on one particular part

every object was inaccessible to anonymous access by default

to be frank, seaweedfs was a weird one. their admin web UI has no bucket specific policy.

even with their policies menu, it seems barely doing anything even after i apply it to the bucket owner. so i delete that.

when checking around, i found out that if you craft this public-policy.json:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": "*",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::fedi/*"
    }
  ]
}

and then apply it via aws cli:

$ aws s3api put-bucket-policy --bucket fedi --policy file://public-policy.json

then it finally allows public object access. strange? i think so.

even after i apply the policy via aws-cli, the admin UI barely changed anything. no mention about bucket policy.

i guess that's it that i can tell you

still curious? i will give you the current server mood

+---------------+-------------+-----------+------+
| INSTANCE NAME | CPU TIME(S) |  MEMORY   | DISK |
+---------------+-------------+-----------+------+
| akkoma        | 5013.68     | 395.22MiB |      |
+---------------+-------------+-----------+------+
| mariadb       | 27.82       | 138.09MiB |      |
+---------------+-------------+-----------+------+
| mediaproxyoma | 409.46      | 86.34MiB  |      |
+---------------+-------------+-----------+------+
| pg            | 1945.70     | 193.20MiB |      |
+---------------+-------------+-----------+------+
| s3            | 41146.94    | 358.01MiB |      |
+---------------+-------------+-----------+------+
| toys          | 3739.83     | 86.48MiB  |      |
+---------------+-------------+-----------+------+
| varnish       | 59.29       | 43.76MiB  |      |
+---------------+-------------+-----------+------+
| writefreely   | 36.93       | 37.92MiB  |      |
+---------------+-------------+-----------+------+
Press 'd' + ENTER to change delay
Press 's' + ENTER to change sorting method
Press CTRL-C to exit

Delay: 10s
Sorting Method: Alphabetical

disk:

yonle@waltuh:~$ df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda1       296G   44G  240G  16% /

ram & cpu & load (htop):

alright. that's it. bye.