update

source/_posts/2021/installing-arch-linux.md

@@ -36,7 +36,16 @@ quit
 ```
 
 > NOTE: Since the server has 128GB of physical memory, I would rather let OOM Killer do its job than create a swap partition.
-> Should the need for swap later come up, consider [swapfile](https://wiki.archlinux.org/title/Swap#Swap_file) (no difference in performance)
+> Should the need for swap come up later, consider [swapfile](https://wiki.archlinux.org/title/Swap#Swap_file) (no difference in performance)
+
+```bash
+# create 8GB swap file
+dd if=/dev/zero of=/swapfile bs=1M count=8000 status=progress
+chmod 600 /swapfile
+mkswap /swapfile
+swapon /swapfile
+echo "/swapfile none swap defaults 0 0" >> /etc/fstab
+```
 
 ## Install file-system for UEFI/GPT setup
 
@@ -145,8 +154,6 @@ hostnamectl set-chassis server
 127.0.0.1 takos
 ```
 
-See also: [systemd.network](https://systemd.network/systemd.network.html), [ArchWiki](https://wiki.archlinux.org/title/Systemd-networkd), and [Ivan Smirnov's blog](https://blog.ivansmirnov.name/set-up-pihole-using-docker-macvlan-network/).
-
 ```ini /etc/systemd/network/wired.network
 [Match]
 Name=enp5s0
@@ -155,13 +162,13 @@ Name=enp5s0
 #DHCP=yes
 Address=10.0.1.2/24
 Gateway=10.0.1.1
-DNS=10.0.1.100   # self-hosted DNS resolver
+DNS=10.0.1.100   # Self-hosted recursive DNS resolver
-DNS=9.9.9.9      # Quad9 for the fallback DNS server
+DNS=1.1.1.1      # Cloudflare for the fallback DNS resolver
-MACVLAN=dns-shim # to route local DNS lookup to 10.0.1.100, which is managed by Docker macvlan driver
+MACVLAN=dns-shim # to route local DNS lookup to 10.0.1.100, which is managed by Docker MACVLAN driver
 ```
 
 ```ini /etc/systemd/network/dns-shim.netdev
-# to handle local dns lookup to 10.0.1.100
+# to route local dns lookups to 10.0.1.100
 [NetDev]
 Name=dns-shim
 Kind=macvlan
@@ -171,7 +178,7 @@ Mode=bridge
 ```
 
 ```ini /etc/systemd/network/dns-shim.network
-# to handle local dns lookup to 10.0.1.100
+# to route local dns lookups to 10.0.1.100
 [Match]
 Name=dns-shim
 
@@ -198,15 +205,11 @@ ip route add 10.0.1.100/30 dev dns-shim # route macvlan subnet (.100 - .103) to
 ```bash
 systemctl enable --now systemd-networkd
 networkctl status
-ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
-
-# for self-hosted dns resolver
-sed -E \
-  -e 's/^#?DNSStubListener=.*/DNSStubListener=no/' \
-  -e 's/^DNS=.*/DNS=10.0.1.100/' \
-  -i /etc/systemd/resolved.conf
 
+# for self-hosted DNS resolver
+sed -E 's/^DNS=.*/DNS=10.0.1.100 1.1.1.1/' -i /etc/systemd/resolved.conf
 systemctl enable --now systemd-resolved
+ln -rsf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
 resolvectl status
 resolvectl query ddg.gg
 drill ddg.gg
@@ -214,6 +217,13 @@ drill ddg.gg
 
 If `networkctl` keep showing `enp5s0` as `degraded`, then run `ip addr add 10.0.1.2/24 dev enp5s0` to manually assign static IP address for the workaround.
 
+See also:
+
+- [systemd.network](https://systemd.network/systemd.network.html)
+- [ArchWiki: systemd-networkd](https://wiki.archlinux.org/title/Systemd-networkd)
+- [ArchWiki: systemd-resolved](https://wiki.archlinux.org/title/Systemd-resolved)
+- [Ivan Smirnov's blog](https://blog.ivansmirnov.name/set-up-pihole-using-docker-macvlan-network/).
+
 ## Leave chroot environment
 
 ```bash
@@ -222,6 +232,16 @@ umount -R /mnt
 reboot
 ```
 
+## sysctl
+
+```bash
+# reboot after 60s of kernel panic
+echo "kernel.panic = 60" > /etc/sysctl.d/98-kernel-panic.conf
+
+# set swappiness
+echo "vm.swappiness = 10" > /etc/sysctl.d/99-swappiness.conf
+```
+
 ## NTP
 
 ```bash

source/_posts/2022/building-mozc-for-macos.md

@@ -0,0 +1,64 @@
+---
+title: Building mozc for macOS
+date: 2022-05-20T00:00:00
+---
+
+[Mozc](https://github.com/google/mozc) is an open-source counterpart of Google Japanese Input, a Japanese input method developed by Google.
+
+## Setup build environment
+
+```
+$ sw_vers
+ProductName:	macOS
+ProductVersion:	12.2.1
+BuildVersion:	21D62
+
+$ xcodebuild -version
+Xcode 13.3
+Build version 13E113
+```
+
+```bash
+# Install dependencies
+brew install python3 ninja qt@5
+
+# Clone the repository
+git clone https://github.com/google/mozc -b master --single-branch --recursive
+```
+
+## Build mozc
+
+```bash
+# Move to the source directory
+cd mozc/src
+
+# Expose necessary variable
+MAC_SDK=$(xcodebuild -showsdks 2>/dev/null | grep '\tmacOS' | awk '{print $2}')
+MAC_DEPLOYMENT_TARGET=$(sw_vers -productVersion | sed -E 's/\.[^.]+$//')
+export GYP_DEFINES="mac_sdk=${MAC_SDK} mac_deployment_target=${MAC_DEPLOYMENT_TARGET}"
+
+# Apply hotfix to third party libs
+cd third_party
+git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git
+export PATH="$PATH:$PWD/depot_tools"
+python3 -m pip install six
+cd gyp
+git apply ../../gyp/gyp.patch
+cd ../..
+
+# Configure
+python3 build_mozc.py gyp --qtdir=/usr/local/opt/qt@5
+
+# Build main converter and GUI tools
+python3 build_mozc.py build -c Release mac/mac.gyp:GoogleJapaneseInput gui/gui.gyp:config_dialog_main
+
+# Install
+sudo cp -r out_mac/Release/Mozc.app /Library/Input\ Methods/
+sudo cp mac/installer/LaunchAgents/org.mozc.inputmethod.Japanese.Converter.plist /Library/LaunchAgents
+sudo cp mac/installer/LaunchAgents/org.mozc.inputmethod.Japanese.Renderer.plist /Library/LaunchAgents
+
+# Clean up the tree
+python3 build_mozc.py clean
+
+reboot
+```

source/me.md

@@ -18,17 +18,17 @@ img {
 
 ## Contact
 
-Reach me at `y@uechi.io`. Should you need extra security for your message or attachments, use an appropriate encryption method from the list below.
+Reach me at `y@uechi.io`. Should you need extra security for your message or attachments, pick an appropriate encryption method from the list below.
 
 **[GPG](https://gnupg.org/)**
 
 ```bash
-curl https://uechi.io/uetchy.gpg | gpg --import
+curl https://uechi.io/uetchy.asc | gpg --import
 gpg -er y@uechi.io confidential.zip
 # attach `confidential.zip.gpg` to your email
 ```
 
-Alternatively, download [public key](https://uechi.io/uetchy.gpg) for [GPG Keychain](https://gpgtools.org/) (macOS).
+Alternatively, download [public key](https://uechi.io/uetchy.asc) for [GPG Keychain](https://gpgtools.org/) (macOS).
 
 **[age](https://github.com/FiloSottile/age#encrypting-to-a-github-user)**
 
@@ -37,13 +37,6 @@ curl https://github.com/uetchy.keys | age -R - confidential.zip > confidential.z
 # attach `confidential.zip.age` to your email
 ```
 
-**[Keybase](https://keybase.io/encrypt)**
-
-```bash
-keybase pgp encrypt -bi confidential.zip uechi > confidential.zip.gpg
-# attach `confidential.zip.gpg` to your email
-```
-
 ## Facts
 
 ```yaml

source/ucert_rootca.pem

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBkzCCATqgAwIBAgIRAPer37r9Ln00pxiGmKNcbKEwCgYIKoZIzj0EAwIwKDEO
+MAwGA1UEChMFVWNlcnQxFjAUBgNVBAMTDVVjZXJ0IFJvb3QgQ0EwHhcNMjIwMzI1
+MDkwNDM3WhcNMzIwMzIyMDkwNDM3WjAoMQ4wDAYDVQQKEwVVY2VydDEWMBQGA1UE
+AxMNVWNlcnQgUm9vdCBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMpJyIE4
+PmaRUAaUWEU2sD8ZZ1TbgtZ2hTZNMseKpv7qQ6uWruTj79nt3QoIxIzar9GpFfCI
+RQ2+2X4rGhU58kOjRTBDMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/
+AgEBMB0GA1UdDgQWBBRWW0Facm4mXotUh+mdmB9fGGC1ZTAKBggqhkjOPQQDAgNH
+ADBEAiBxX/wDOABgmEW8S/tnhxilRdL/ljdWHhpo6CiUJlwLXwIgC+tDIa/E6uVa
+S1XKW+43dFk6cmL/VK/qZSU2yGtf4uM=
+-----END CERTIFICATE-----