I recently realized something that's been annoying me for so long

How to add a library in JavaScript:

• Type npm install 'library' in a shell on your project's directory.

How to add a library in C#:

• Type dotnet add package 'library' in a shell on your project's directory.

How to add a library in Go:

• Type go get 'library_link' in a shell.

How to add a library in Rust (And this is so "C++ is compiled" isn't an excuse):

• Lookup the last version of the library.
• Type 'library' = 'library_version' on your project file.
• Restart your editor so the language server can get the symbols from the new library.

If you install cargo-edit you can alternatively just:

• Type cargo add 'library' in a shell on your project's directory. cargo-edit will do everything for you.

How to add a library in C++:

• Prepare two folders for header include files, and library binaries.
• Append flags to your compiler to recognize them accordingly.
• Investigate which way the library works, praying the documentation of that is actually good. ### If the library is header-only:
• Add the header's required to your include path.
• You should probably moduralize the code or spend 30 minutes setting up precompiled headers to avoid adding a lot to your compile times.
• And also lower your warning level, because even if you put #pragmas around the headers editors probably wont recognize them. ### Else, if the library distributes its binaries:
• Download the .lib or .a files from the last release and put them in your library folder.
• Tell the compiler to link your libraries.
• Put the downloaded header files in your include folder.
• If the library needs a .dll, download it and paste it in the folder of your compiled executable. Distribute it with your shipped application.
• If you want to keep your application as a single executable, or distribute less dependencies, or have no need for an installer, all perfectly valid reasons, library owners usually have a static version.
• If they don't have a static version, spend an afternoon fighting the linker figuring out how to build the library yourself.
• If you want the library to link against the static runtime, the step above is required as well.
• Make sure to select the correct runtime library, or face really weird linker errors. ### If the library doesn't distribute its binaries:
• Clone the repository of the library and figure out how to build it yourself. There's usually a tutorial so it's not that complicated.
• Make sure to select the correct runtime library, or face really weird linker errors.
• Do this for every platform you want to distribute in. ### If the library uses CMake ᵒʰ ᵍᵒᵈ ʷʰʸ:
• You can choose two options: #### Use CMake too
• Abandon your project's build system and spend days learning an entirely new language that everyone complains about
• Spend a lot of time googling and figuring out the complicated "right" ways to do what's usually pretty simple
• Probably suffer from a loss in build time #### Generate files for your compiler
• Install CMake GUI
• Learn how to use it and configure what you desire.
• Alternatively, learn yet another command line tool, or a tiny bit of CMake syntax to change what you want.
• Generate the files according to your platform and IDE.
• Build the library with a bloated IDE, or alternatively research how to build it with the much less known and documented command line tools.
• Make sure to select the correct runtime library, or face really weird linker errors. ### If you run into linker errors when running your program (and you will):
• If it's an unresolved external symbol, most likely your library needs another dependency linked. Lookup the function's name, what library it belongs to, and link against that too.
• If the unresolved function belongs to the standard library, you messed up. Compile the library again with the runtime library your compiler wants.
• If it's something else, google the error code and spend 30 minutes staring at StackOverflow. # Just... why? Am I missing something? Am I stupid and doing everything wrong? I really hope that's the case so I can get back to programming instead of fighting the linker. Every single time I see I need a library I'm like "Oh fuck..." to the point sometimes I just don't bother and decide to write things myself. Sorry about the rant. I'm kinda tired. Do you all have any similar experiences with this? Any tips to ease on the pain a bit? Thank you.

MAME 0.225

An introduction to Linux through Windows Subsystem for Linux

Introduction and motivation

• Dual-booting with Windows and a Linux distro
  • Will basically involve partitioning your drive and installing Linux from an external bootable USB through your computer's boot menu. You'll get the full Linux experience.
  • Lots of Linux flavors to choose from. For beginners, Ubuntu and Linux Mint are generally recommended. I have Ubuntu 18.04 LTS, I'd recommend Ubuntu 20.04 LTS since it's newer, but it's all up to you.
  • However, it can be a pain to constantly be switching between operating systems. Maybe you wanna make the full jump to Linux, maybe you don't.
  • Life pro tip: if you go down this route, disable Window 10's Fast Startup feature as it will get very screwy with a dual-boot. I've also included a helpful guide in Appendix B.
• Using a virtual machine (VM) to run Linux
  • Involves downloading a VM, downloading a .iso image file of whatever operating system you'd like, and running on your local machine.
  • Devours RAM and is generally pretty slow, would not recommend.
• Using terminal emulators
  • These provide commands and functionality similar to a Linux terminal, but are still running on Windows architecture.
  • These days, the most commonly-used Linux terminal is called bash. bash stands for Bourne Again Shell (no, Bourne is not a typo), and is likely what you'll be using as well.
  • Terminal emulators generally don't include a package manager, i.e. you can't download new bash programs, so pretty limited for general usage. BUT you can install a package manager externally, kind of hacky but can work.
  • Examples of terminal emulators include PuTTY, Git Bash, msys2 and mingw.
• Using Windows Subsystem for Linux (either WSL 1 or WSL 2)
  
  • WSL provides a compatibility layer for running GNU/Linux programs natively on Windows 10. It has integration features certain Windows 10 development apps (notably Visual Studio Code) as well.
  • You've got two options, WSL 1 and WSL 2. WSL 2 was recently released and features a real Linux kernel, as opposed to an simulated kernel in WSL. This means WSL 2 offers significant performance advantages, but still lacks some of WSL 1's features.
  • WSL 1 is what I currently use, and thus what I'll be talking about in this guide. I'm not necessarily recommending it, frankly I regret not doing a dual-boot sooner and ditching Windows, but a dual-boot isn't for everyone and takes a lot of time you might not have right now.
  • Getting WSL initially setup is easy, but making it run smoothly requires some effort, and some features (like audio playback or displaying GUIs) require workarounds you can research if interested. WSL will also not work properly with low-level system tools.
  With that out of the way, let's get started with setting up WSL 1 on your Windows 10 machine.
  

Setting up WSL

1. Installing WSL

dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart 

wsl --help 

2. Installing Ubuntu

sudo apt-get update 

sudo apt-get upgrade 

3. Making things nice and crispy: an introduction to UNIX-based filesystems

theshep:x:1000:1000:,,,:/home/pizzatron3000:/bin/bash 

theshep:x:1000:1000:,,,:/mnt/c/Users/lucas:/bin/bash 

:wq 

cp -r /home//. ~ 

1. Everything is going to be done from the Windows Subsystem for Linux. I recommend installing ArchWSL (not covered here) or some other up-to-date Linux miniroot and NOT using the Windows version of anything.
2. This can be potentially dangerous, as you will be running a proxy. Make sure Windows Firewall is ON and blocking port 8080 inbound.
3. I use 010 as my hex editor. Your mileage may vary. In theory you can write some regexes and use sed. I am working on a 5-line C program to patch the game for you.

MAME 0.225

Highlights

Protocol

GUI

Blockchain

Summary Changelog

Accrual

Changed

• Network magnitude unit pinned to a static value of 0.25
• Max research reward allowed per block raised to 16384 GRC (from 12750 GRC)
• New CPIDs begin accruing research rewards from the first superblock that contains the CPID instead of from the time of the beacon advertisement

Removed

• 500 GRC research reward limit for a CPID's first stake
• 6-month expiration for unclaimed rewards
• 10-block spacing requirement between research reward claims
• Rolling 5-day payment-per-day limit
• Legacy tolerances for floating-point error and time drift
• The need to include a valid copy of a CPID's magnitude in a claim
• 10-block emission adjustment interval for the magnitude unit

Beacons

Added

• One-time beacon activation requires that participants temporarily change their usernames to a verification code at one whitelisted BOINC project
• Verification codes of pending beacons expire after 3 days
• Self-service beacon removal

Changed

• Burn fee for beacon advertisement increased from 0.00001 GRC to 0.5 GRC
• Rain addresses derived from beacon keys instead of a default wallet address
• Beacon expiration determined as of the current block instead of the previous block

Removed

• The ability for developers to remove beacons
• The ability to sign research reward claims with non-current but unexpired beacons

Unaltered

• Beacons expire after 6 months pass (180 days)
• Beacons can be renewed after 5 months pass (150 days)
• Renewed beacons must be signed with the same key as the original beacon

Superblocks

Added

• Magnitudes less than 1 include two fractional places
• Magnitudes greater than or equal to 1 but less than 10 include one fractional place

Changed

• A valid superblock must match a scraper convergence

Removed

• Superblock popularity election mechanics

Voting

Added

• Yes/no/abstain and single-choice response types (no user-facing support yet)

Changed

• To create a poll, a maximum of 250 UTXOs for a single address must add up to 100000 GRC. These are selected from the largest downwards.
• Burn fee for creating polls scaled by the number of UTXOs claimed
  • 50 GRC for a poll contract
  • 0.001 GRC per claimed UTXO
• Burn fee for casting votes scaled by the number of UTXOs claimed
  • 0.01 GRC for a vote contract
  • 0.01 GRC to claim magnitude
  • 0.01 GRC per claimed address
  • 0.001 GRC per claimed UTXO
• Maximum length of a poll title: 80 characters
• Maximum length of a poll question: 100 characters
• Maximum length of a poll discussion website URL: 100 characters
• Maximum number of poll choices: 20
• Maximum length of a poll choice label: 100 characters

Removed

• Magnitude, CPID count, and participant count poll weight types
• The ability for developers to remove polls and votes

Detailed Changelog

[5.0.0.0] 2020-09-03, mandatory, "Fern"

Added

• Backport newer uint256 types from Bitcoin #1570 (@cyrossignol)
• Implement project level rain for rainbymagnitude #1580 (@jamescowens)
• Upgrade utilities (Update checker and snapshot downloadeapplication) #1576 (@iFoggz)
• Provide fees collected in the block by the miner #1601 (@iFoggz)
• Add support for generating legacy superblocks from scraper stats #1603 (@cyrossignol)
• Port of the Bitcoin Logger to Gridcoin #1600 (@jamescowens)
• Implement zapwallettxes #1605 (@jamescowens)
• Implements a global event filter to suppress help question mark #1609 (@jamescowens)
• Add next target difficulty to RPC output #1615 (@cyrossignol)
• Add caching for block hashes to CBlock #1624 (@cyrossignol)
• Make toolbars and tray icon red for testnet #1637 (@jamescowens)
• Add an rpc call convergencereport #1643 (@jamescowens)
• Implement newline filter on config file read in #1645 (@jamescowens)
• Implement beacon status icon/button #1646 (@jamescowens)
• Add gridcointestnet.png #1649 (@caraka)
• Add precision to support magnitudes less than 1 #1651 (@cyrossignol)
• Replace research accrual calculations with superblock snapshots #1657 (@cyrossignol)
• Publish example gridcoinresearch.conf as a md document to the doc directory #1662 (@jamescowens)
• Add options checkbox to disable transaction notifications #1666 (@jamescowens)
• Add support for self-service beacon deletion #1695 (@cyrossignol)
• Add support for type-specific contract fee amounts #1698 (@cyrossignol)
• Add verifiedbeaconreport and pendingbeaconreport #1696 (@jamescowens)
• Add preliminary testing option for block v11 height on testnet #1706 (@cyrossignol)
• Add verified beacons manifest part to superblock validator #1711 (@cyrossignol)
• Implement beacon, vote, and superblock display categories/icons in UI transaction model #1717 (@jamescowens)
• neuralnet: Add integrity checking to researcher accrual snapshot registry #1727 (@jamescowens)
• Add workaround for scrypt assembly on macOS #1740 (@cyrossignol)
• gui: Build onboarding/beacon wizard #1739 (@cyrossignol)
• doc: Add CONTRIBUTING.md from bitcoin #1723 (@div72)
• rpc: Implement inspectaccrualsnapshot and parseaccrualsnapshotfile #1744 (@jamescowens)
• scraper: Add disk based state backing for verified beacon list in scraper #1751 (@jamescowens)
• Add ability to recover beacon in block version 11+ #1768 (@cyrossignol)
• refactor: Add transaction context to contract handlers #1777 (@cyrossignol)
• gui: Add context for when BOINC is attached to a pool #1775 (@cyrossignol)
• doc: Clarify what to do if PR in multiple categories (for CONTRIBUTING.md) #1798 (@RoboticMind)
• qt: Add option to choose not to start the wallet minimized #1804 (@jamescowens)
• superblock: Add check for OutOfSyncByAge to SuperblockValidator::Validate #1806 (@jamescowens)
• contract: Standardize contract validation and add block context #1808 (@cyrossignol)
• add seed.gridcoin.pl to default config #1812 (@wilkart)
• gui: Implement sidestake send display #1813 (@jamescowens)
• gui: Add pool/investor pages to researcher wizard #1819 (@cyrossignol)
• ci: Port lint scripts from Bitcoin #1823 (@div72)
• doc: Create basic readme in contrib #1826 (@RoboticMind)
• gui: Implement TransactionRecord::Message #1829 (@jamescowens)
• rpc: Add private_key_available to beaconstatus #1833 (@a123b)
• gui: Validate email address in researcher wizard #1840 (@a123b)
• rpc: Add "getrawwallettransaction" RPC function #1842 (@cyrossignol)
• consensus: Set block version 11 threshold height for mainnet #1862 (@cyrossignol)

Changed

• Upgrade LevelDB from v1.17 to v1.20 #1562 (@cyrossignol)
• Re-enable scrypt optimizations #1450 (@denravonska)
• Derive CScript from prevector type (optimization) #1554 (@cyrossignol)
• Disable quorum for grandfathered blocks to speed up sync #1568 (@cyrossignol)
• Refactor hashBoinc for binary claim contexts #1558 (@cyrossignol)
• integrated_scraper_2 branch tracking PR #1559 (@jamescowens)
• Upgrade depends - OpenSSL to 1.1.1d #1581 (@jamescowens)
• Ubuntu 19.10 fixes #1590 (@denravonska)
• Force a re-parse of legacy claims in generated blocks #1592 (@cyrossignol)
• Improve the "versionreport" RPC output #1595 (@cyrossignol)
• Overhaul the core tally and accrual system #1583 (@cyrossignol)
• Overhaul the superblock quorum system #1597 (@cyrossignol)
• Add more data to the "superblocks" RPC output #1599 (@cyrossignol)
• Update Windows Build doc #1606 (@barton2526)
• Change the order of calls in gridcoinresearchd.cpp to optimize rpc shunt path #1610 (@jamescowens)
• Change staking tooltip to display frequency #1611 (@jamescowens)
• Enhancements to ETTS #1442 (@jamescowens)
• Standardize money values as integers #1614 (@cyrossignol)
• Clean up and optimize legacy coin age code #1616 (@cyrossignol)
• Some scraper cleanups #1620 (@jamescowens)
• Reorganize accrual code and fix 6-month cutoff #1630 (@cyrossignol)
• Update Copyright years #1633 (@barton2526)
• Change team whitelist delimiter to <> for CPID detection #1634 (@cyrossignol)
• Change team whitelist separator to <> to accomodate more team names #1632 (@jamescowens)
• Change Curl download speed type to support older environments #1640 (@cyrossignol)
• Optimize logo SVGs used for tray icons #1638 (@cyrossignol)
• Tweak consolidateunspent rpc function #1644 (@jamescowens)
• ETTS and staking icon enhancements #1650 (@jamescowens)
• Implement new transaction fees for block version 11 #1652 (@jamescowens)
• Optimize in-memory storage of superblock data #1653 (@cyrossignol)
• Miscellaneous superblock API improvements and housekeeping #1654 (@cyrossignol)
• Update openssl to 1.1.1f compatibility #1660 (@jamescowens)
• Optimize bdb to avoid synchronous flush of database #1659 (@jamescowens)
• Add support for CPID input to "lifetime" RPC function #1668 (@cyrossignol)
• Overhaul the contract handling system #1669 (@cyrossignol)
• Make the autostart mainnet/testnet aware #1671 (@jamescowens)
• Remove slashes from User Agent in peers tab #1674 (@div72)
• Refactor contracts for polymorphic binary payloads #1676 (@cyrossignol)
• Overhaul the beacon system #1678 (@cyrossignol)
• Replace boost::optional with non-owning pointers #1680 (@cyrossignol)
• Optimize proof-of-stake validation #1681 (@cyrossignol)
• Updated Slack link #1683 (@NeuralMiner)
• Update build-unix.md #1686 (@Quezacoatl1)
• Replace deprecated QT methods #1693 (@Pythonix)
• Made protocol.h more similar to bitcoin #1688 (@Pythonix)
• Touch up some details for block version 11 #1697 (@cyrossignol)
• More tweaks for block version 11 #1700 (@cyrossignol)
• Finish the conversion to the BCLog class based logger #1699 (@jamescowens)
• Move claim version transitional code in miner for proper signature #1712 (@cyrossignol)
• doc: Update threads in coding.txt #1730 (@div72)
• qt: Include QPainterPath in trafficgraphwidget.cpp #1733 (@div72)
• doc: Update doc/build-unix.md #1731 (@div72)
• gui: Show peers tab on connections icon click #1734 (@div72)
• refactor: Change return type of IsMine to isminetype && move wallet files to wallet directory #1722 (@div72)
• build: Updates boost to 1.73.0 for depends #1673 (@jamescowens)
• doc: Update Unit Test Readme #1743 (@RoboticMind)
• wallet: Change Assert To Error Message In kernel.cpp #1748 (@RoboticMind)
• scraper: Shorten display representation of verification codes #1754 (@cyrossignol)
• log: Change ".B." to Clear Message #1758 (@RoboticMind)
• util: Fix braindamage in GetDefaultDataDir() #1737 (@jamescowens)
• scraper: Improve scraper processing of beacon verifications #1760 (@jamescowens)
• scraper: Add instrumentation to convergencereport #1763 (@jamescowens)
• rpc: Improve rpc stress test script #1767 (@tunisiano187)
• Generalize enum serialization #1770 (@cyrossignol)
• scraper: Improve handling of ETags in http class and tweak verified beacon logic #1776 (@jamescowens)
• scraper: Improve ProcessNetworkWideFromProjectStats and other tweaks #1778 (@jamescowens)
• researcher: Automate beacon advertisement for renewals only #1781 (@cyrossignol)
• gui: Tweak behavior of beacon page in researcher wizard #1784 (@cyrossignol)
• Prepare for block version 11 hard-fork on testnet #1787 (@cyrossignol)
• scraper: Modify UpdateVerifiedBeaconsFromConsensus #1791 (@jamescowens)
• gui: Optimize OverviewPage::updateTransactions() #1794 (@jamescowens)
• ci: Adopt ci changes from Bitcoin #1795 (@div72)
• consensus: switch snapshot accrual calculation to integer arithmetic #1799 (@cyrossignol)
• voting: Overhaul the voting system #1809 (@cyrossignol)
• contract: Optimize contract replay after chain reorganization #1815 (@cyrossignol)
• contract: Reimplement transaction messages as contracts #1816 (@cyrossignol)
• staking: Sign claim contracts with coinstake transaction #1817 (@cyrossignol)
• gui: Change research wizard text #1820 (@div72)
• net: Update protocol version and clean up net messaging #1824 (@cyrossignol)
• rpc, wallet: Corrections to GetAmounts #1825 (@jamescowens)
• gui: Tweak some minor researcher wizard details #1830 (@cyrossignol)
• gui: Change GetEstimatedStakingFrequency text #1836 (@jamescowens)
• scraper: Scraper global statistics cache optimization #1837 (@jamescowens)
• doc: Update Vulnerability Response Process #1843 (@RoboticMind)
• scraper: Optimization of manifest and parts sharing between ConvergedScraperStatsCache, mapManifest, and mapParts #1851 (@jamescowens)
• consensus: Update Checkpoints #1855 (@barton2526)
• docs: Update docs to build off master #1856 (@barton2526)
• gui: Fix and improve GUI combo box styles #1858 (@cyrossignol)
• build: Tweak Gridcoin installer for Fern release #1863 (@jamescowens)

Removed

• Remove old research age checks (rebase #1365) #1572 (@cyrossignol)
• Remove PrimaryCPID check from diagnostics dialog #1586 (@cyrossignol)
• Remove missed label for PrimaryCPID from diagnostics #1588 (@cyrossignol)
• Remove legacy quorum messaging system (@neural network) #1589 (@cyrossignol)
• Remove old remnants of legacy smart contract experiments #1594 (@cyrossignol)
• Remove block nonce for version 11 #1622 (@cyrossignol)
• Delete obsolete contrib/Installer and Upgrader directories #1623 (@jamescowens)
• Remove redundant LoadAdminMessages() calls #1625 (@cyrossignol)
• Remove some legacy informational RPC commands #1658 (@cyrossignol)
• Remove informational magnitude field from binary claims #1661 (@cyrossignol)
• Remove fDebug3,4, and net and convert to BCLog::LogFlags #1663 (@jamescowens)
• Remove qt5.7.1 depends support build System #1665 (@iFoggz)
• Remove unused jQuery library #1679 (@cyrossignol)
• Remove unused NetworkTimer() function and global state #1701 (@cyrossignol)
• Refactor claim context objects into contracts #1704 (@cyrossignol)
• Clean old assets up #1718 (@div72)
• Remove legacy "rain" RPC (not by-project rain) #1742 (@cyrossignol)
• Temporarily disable voting system on testnet #1769 (@cyrossignol)
• gui: Remove legacy GUI transaction description for contracts #1772 (@cyrossignol)
• gui: Remove transaction fee setting #1780 (@cyrossignol)
• trivial: Cleanup unused legacy functions #1793 (@cyrossignol)
• mining, rpc: Remove kernel-diff-best and kernel-diff-sum #1796 (@jamescowens)
• refactor: Remove libs subdirectory #1802 (@div72)
• scraper: cleanup unused/unnecessary functions #1803 (@jamescowens)
• gui: Remove useless "Detach databases at shutdown" #1810 (@jamescowens)
• test: Remove testnet condition for standard transactions #1814 (@cyrossignol)
• consensus: Remove transitional testnet code #1854 (@cyrossignol)

Fixed

• Fix "Owed" amount in output of "magnitude" RPC method #1569 (@cyrossignol)
• Add support for paths with special characters on Windows #1571 (@cyrossignol)
• Fix lingering peers.dat temp files and clean up remaining paths #1582 (@cyrossignol)
• Fix incorrect beacon length warning in GUI transaction list #1585 (@cyrossignol)
• Fix default config file line endings on Windows #1587 (@cyrossignol)
• Reenable Travis builds for MacOS #1591 (@jamescowens)
• Correct peer detail info background color #1593 (@jamescowens)
• Fix exception in debug3 mode #1598 (@cyrossignol)
• Fix deadlock in "getmininginfo" RPC function #1596 (@cyrossignol)
• Fix accuracy of statistics in "network" RPC output #1602 (@cyrossignol)
• Fix heights for quorum vote weight calculations #1604 (@cyrossignol)
• Fix deadlock in log archiver when rename fails #1607 (@cyrossignol)
• Fix a spurious segmentation fault during client load on Windows with fast CPUs #1608 (@jamescowens)
• Fix lock order debugging and potential deadlocks #1612 (@jamescowens)
• Add dependencies #1613 (@Scalextrix)
• Fix std namespace pollution #1617 (@denravonska)
• Add missing condition for newbie accrual computer #1618 (@cyrossignol)
• Track first reward blocks in research accounts #1619 (@cyrossignol)
• Fix lingering beacon warning after advertisement #1627 (@cyrossignol)
• Fix accrual calculation for new, zero-magnitude CPIDs #1636 (@cyrossignol)
• Fix diagnostics, add ETTS test, fix tooltipcolor, add missing lock, and add email=investor check #1647 (@jamescowens)
• Fix help message of two RPC methods #1656 (@div72)
• Fix legacy accrual for newbie with non-zero past reward #1667 (@cyrossignol)
• Fix GUI autostart on Windows for paths with wide characters #1670 (@cyrossignol)
• Qualify boost bind placeholders with their full namespace #1672 (@Ponce)
• Fix suffix when copying txids #1677 (@div72)
• Unnecessary if-statement removed #1685 (@Pythonix)
• Fix consolidatemsunspent Help Message #1687 (@Pythonix)
• Fix gettransaction help message #1691 (@Pythonix)
• Fix GetNewMint To Look for Stakes #1692 (@RoboticMind)
• Suppress deprecated copy warnings for Qt with GCC 9+ #1702 (@cyrossignol)
• Fix exclusion error on stats processing and misplaced ENDLOCK logging entry #1710 (@jamescowens)
• Removed unnecessary comparison #1708 (@Pythonix)
• Fixed typo #1707 (@Pythonix)
• Fix out-of-bounds exception for peers tab version slashes #1713 (@cyrossignol)
• Fix transition for v1 superblocks when reorganizing #1714 (@cyrossignol)
• Touch up transition to version 2 transactions #1715 (@cyrossignol)
• Avoid mutating transactions in ConnectBlock() #1716 (@cyrossignol)
• Skip beacon advertisement when already pending #1726 (@cyrossignol)
• Fix Windows cross-compilation in newer environments #1728 (@cyrossignol)
• Fix out-of-bounds access in IsMineInner() #1736 (@cyrossignol)
• Fix a couple of block version 11 issues #1738 (@cyrossignol)
• Fix null pointer dereference in GUI researcher model #1741 (@cyrossignol)
• accrual: Reset research accounts when rebuilding accrual snapshots #1745 (@cyrossignol)
• scraper: Correct update for verified beacons #1747 (@jamescowens)
• accrual: Refactor tally initialization for snapshot rebuild #1749 (@cyrossignol)
• rpc: Fix "cpid" field in "beaconconvergence" RPC output #1750 (@cyrossignol)
• accrual: Fix snapshot accrual superblock state transitions #1752 (@cyrossignol)
• scraper: Correct stale verified beacon logic #1753 (@jamescowens)
• rpc: Correct possible divide by zero in getblockstats #1755 (@jamescowens)
• gui: Fix issues with researcher wizard flow #1756 (@cyrossignol)
• wallet: Stop Error When Starting From Zero #1759 (@RoboticMind)
• Don't count empty email as explicit investor #1761 (@cyrossignol)
• accrual: Fix snapshot accrual superblock state transitions #1764 (@cyrossignol)
• rpc: Cleanup Help Message and Fix Typo #1771 (@RoboticMind)
• scraper: Fix scraper etag header case sensitivity #1773 (@cyrossignol)
• consensus: Use explicit time to check if superblock needed #1774 (@cyrossignol)
• gui: Fix scroll area dark theme styles #1785 (@cyrossignol)
• rpc, gui: Fix three divide by zero possibilities #1789 (@jamescowens)
• rpc: Fix balance pre-check in "rainbymagnitude" RPC #1792 (@cyrossignol)
• accrual: Fix outdated comment and correct grammar #1800 (@RoboticMind)
• gui: Fix stuck cursor on labels #1801 (@div72)
• beacon: Fix research wizard beacon renewal status #1805 (@cyrossignol)
• gui: Fix translations for port numbers #1818 (@cyrossignol)
• util: Create parent directory #1821 (@div72)
• mining: Fix coinstake/claim signature order #1828 (@cyrossignol)
• voting: Remove double increment in loop #1831 (@cyrossignol)
• neuralnet, scraper: Fix compilation with gcc5 and older libcurl #1832 (@a123b)
• wallet: Fix smallest coin selection for contracts #1841 (@cyrossignol)
• gui: Fix display of polls with no votes yet #1844 (@cyrossignol)
• gui: add indentation to diagnostic status bar labels #1849 (@jamescowens)
• voting, gui: Fix formatting and alignment of vote shares and percent #1850 (@jamescowens)
• wallet, rpc: Fix for self-transactions in listtransactions #1852 (@jamescowens)
• accrual: Clear any accrual snapshots when syncing from pre-v11 #1853 (@cyrossignol)
• accrual: Fix reset of accrual directory if starting sync below research age height #1857 (@jamescowens)
• gui: Fix researcher wizard layout on macOS with native theme #1860 (@cyrossignol)

• Intel has, in recent years, been making significant losses both in reputation and in actual product value, as well as velocity of product development, breaking their bi-yearly “Tick Tock” cycle for the first time in decades. Most recently, they have fallen well behind AMD’s processor lines in cost to performance ratio, CPU core count, core design (monolithic design vs “chiplet”), power consumption to performance, silicon supply (Intel with significant manufacturing process and yield issues), and on-silicon security features. While Intel still wins out in certain enterprise and datacenter applications, as well as having a much better reputation for reliability and QA (AMD having shipped numerous chips with a broken random- number generator that prevented even booting some mainstream operating system), the number of such applications slowly dwindles with each new release from AMD, and as confidence among decisionmakers in enterprise increases. In the public consciousness, Intel is quickly becoming a point of ridicule against Apple’s Mac lineup, rather than a badge of honor.
• By moving to their own designs, Apple will be free from Intel’s release schedule, which have recently been unpredictable and faced with routine delays due to poor manufacturing yields. Apple will be able to update their Mac lineup on their own timeline, rather than being forced to delay products based on Intel’s ability to meet the release window. This also allows them to leverage relationships with other silicon fabricators to source chips, rather than relying on Intel ’s continued “iteration” that’s leading to a “14nm++++++++++” process, or the continued lack of product diversity with the 10nm process. Apple will also be free to innovate in the design of the silicon platform, rather than being limited by Intel’s design choices. By having full control of the manufacturing and development cycle, Apple can bring even more in-house optimization to the macOS, as they have been for iOS and iPadOS over the years.
• Using an ARM architecture on the Macs allows for a more unified Apple ecosystem, rather than having separate Mac and iOS-based products. The only distinction will be the device form factor and performance characteristics.
• The x86_64 architecture is very old and inefficient, using older methodologies for processor design (CISC vs ARM’s RISC), and the instruction set continues to require support in silicon for emulating 1980s-vintage 16-bit modes, as well as ineffectual and archaic memory addressing modes (segmentation, etc.) The x86_64 architecture is like a city, built atop a much older city, built atop a yet older city, but every layer is built with NYC infrastructure levels of complexity that suited its time and no further.
• Over the last 10 years, Apple has shown that they can consistently produce impressive silicon designs, often leading the market in performance and capability, and Apple has been aggressively acquiring silicon design talent.

Stage1 (from 2014/2015 to 2017):

• Fan speed, voltage, amperage and thermal sensor feedback data
• FaceTime camera and microphone IO
• PMIC (Power Management Controller)
• Direct communication to NAND (solid state storage)
• Direct communication with the Touch Bar
• Secure Enclave for TouchID

Stage2 (2018-Present):

• Full audio subsystem
• Secure Enclave for internal NAND storage and encryption/decryption offload
• Management of the whole system’s power and startup sequence, allowing for trusted boot (ensure boot chain-of-trust with no malicious code/rootkit/bootkit)

Stage3 (Present/2021 - 2022/2023):

• Developer will need to build both x86_64 and ARM version of their app - App Bundles have supported multiple-architecture binaries since the dawn of OS X and the PowerPC transition
• Move to apps being distributed in an architecture-independent manner, as they are on the App Store. There is some software changes that are suggestive of this, such as the new architecture in dyld3.
• An x86_64 instruction decoder in silicon - very unlikely due to the significant overhead this would create in the silicon design, and potential licensing issues. (ARM, being a RISC, “reduced instruction set”, has very few instructions; x86_64 has thousands)
• Server-side ahead-of-time transpilation (converting x86 code to equivalent ARM code) using Notarization submissions - Apple certainly has the compiler chops in the LLVM team to do something like this
• Outright emulation, similar to the approach that was taken in ARM releases of Windows, but received extremely poorly (limited to 32-bit apps, and very very slow)There could be other solutions in the works to fix this but I am not aware of any. This is just me speculating about some of the possibilities.

Stage 4 (the end goal):

What is application monitoring and why is it necessary?

What is Prometheus and how does it work?

How to use prom-client to export metrics in Node.js for Prometheus?

Setup sample Node.js project

$ mkdir example-nodejs-app $ cd example-nodejs-app $ npm init -y 

Install prom-client

$ npm install prom-client 

Exposing default metrics

const http = require('http') const url = require('url') const client = require('prom-client') // Create a Registry which registers the metrics const register = new client.Registry() // Add a default label which is added to all metrics register.setDefaultLabels({ app: 'example-nodejs-app' }) // Enable the collection of default metrics client.collectDefaultMetrics({ register }) // Define the HTTP server const server = http.createServer(async (req, res) => { // Retrieve route from request object const route = url.parse(req.url).pathname if (route === '/metrics') { // Return all metrics the Prometheus exposition format res.setHeader('Content-Type', register.contentType) res.end(register.metrics()) } }) // Start the HTTP server which exposes the metrics on http://localhost:8080/metrics server.listen(8080) 

Exposing custom metrics

const http = require('http') const url = require('url') const client = require('prom-client') // Create a Registry which registers the metrics const register = new client.Registry() // Add a default label which is added to all metrics register.setDefaultLabels({ app: 'example-nodejs-app' }) // Enable the collection of default metrics client.collectDefaultMetrics({ register }) // Create a histogram metric const httpRequestDurationMicroseconds = new client.Histogram({ name: 'http_request_duration_seconds', help: 'Duration of HTTP requests in microseconds', labelNames: ['method', 'route', 'code'], buckets: [0.1, 0.3, 0.5, 0.7, 1, 3, 5, 7, 10] }) // Register the histogram register.registerMetric(httpRequestDurationMicroseconds) // Define the HTTP server const server = http.createServer(async (req, res) => { // Start the timer const end = httpRequestDurationMicroseconds.startTimer() // Retrieve route from request object const route = url.parse(req.url).pathname if (route === '/metrics') { // Return all metrics the Prometheus exposition format res.setHeader('Content-Type', register.contentType) res.end(register.metrics()) } // End timer and add labels end({ route, code: res.statusCode, method: req.method }) }) // Start the HTTP server which exposes the metrics on http://localhost:8080/metrics server.listen(8080) 

$ node server.js 

How to scrape metrics from Prometheus

global: scrape_interval: 5s scrape_configs: - job_name: "example-nodejs-app" static_configs: - targets: ["docker.for.mac.host.internal:8080"] 

$ docker run --rm -p 9090:9090 \ -v `pwd`/prometheus.yml:/etc/prometheus/prometheus.yml \ prom/prometheus:v2.20.1 

What is Grafana and how does it work?

Starting Grafana

apiVersion: 1 datasources: - name: Prometheus type: prometheus access: proxy orgId: 1 url: http://docker.for.mac.host.internal:9090 basicAuth: false isDefault: true editable: true 

$ docker run --rm -p 3000:3000 \ -e GF_AUTH_DISABLE_LOGIN_FORM=true \ -e GF_AUTH_ANONYMOUS_ENABLED=true \ -e GF_AUTH_ANONYMOUS_ORG_ROLE=Admin \ -v `pwd`/datasources.yml:/etc/grafana/provisioning/datasources/datasources.yml \ grafana/grafana:7.1.5 

Configuring a Grafana Dashboard

1. Go to the Grafana UI at http://localhost:3000, click the + button on the left, and select Dashboard.
2. In the new dashboard, click on the Add new panel button.
3. In the Edit panel view, you can select a metric and configure a chart for it.
4. The Metrics drop-down on the bottom left allows you to choose from the available metrics. Let’s use one of the default metrics for this example.
5. Type process_resident_memory_bytesinto the Metricsinput and {{app}}into the Legendinput.
6. On the right panel, enter Memory Usage for the Panel title.
7. As the unit of the metric is in bytes we need to select bytes(Metric)for the left y-axis in the Axes section, so that the chart is easy to read for humans.

Setting up alerts in Grafana

1. Go into the Grafana dashboard we just created.
2. Click on a panel title and select edit.
3. Once in the edit view, select "Alerts" from the middle tabs, and press the Create Alertbutton.
4. In the Conditions section specify 42000000 after IS ABOVE. This tells Grafana to trigger an alert when the Node.js HTTP server consumes more than 42 MB Memory.
5. Save the alert by pressing the Apply button in the top right.

Sample code repository

$ git clone https://github.com/coder-society/nodejs-application-monitoring-with-prometheus-and-grafana.git 

$ docker-compose up -d 

$ apt-get install apache2-utils 

$ ab -m POST -n 10000 -c 100 http://localhost:8080/order 

Summary

Hardware

• Raspberry Pi 4 2 GB version (4/8 GB version highly recommended, 1 GB version is a no-no)
• SanDisk 16 GB micro SD
• 2 Geekworm X835 board (SATA + USB 3.0 hub) w/ 12V 5A power supply
• 2 WD Blue 2 TB 3.5" HHD

Software

• Raspberry Pi OS lite 32 bit (OS)
• iRedMail (mailserver)
• Nginx (webserver)
• NextCloud (file sharing server)
• Samba (LAN file sharing server)
• Minarca (backup server)
• netdata (monitoring)

Guide

raspi-config

64-bit kernel

arm64bit=1 

swap size

CONF_SWAPSIZE=1024 

APT

APT::Install-Recommends "0"; APT::Install-Suggests "0"; 

Update

Static IP address

interface eth0 static ip_address=192.168.0.5/24 static routers=192.168.0.1 static domain_name_servers=192.168.0.1 

Emailing

127.0.0.1 mail.webredirect.org localhost ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6allrouters 127.0.1.1 naspi 

ssl_certificate /etc/letsencrypt/live/mail.naspi.webredirect.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/mail.naspi.webredirect.org/privkey.pem; 

smtpd_tls_key_file = /etc/letsencrypt/live/mail.naspi.webredirect.org/privkey.pem; smtpd_tls_cert_file = /etc/letsencrypt/live/mail.naspi.webredirect.org/cert.pem; smtpd_tls_CAfile = /etc/letsencrypt/live/mail.naspi.webredirect.org/chain.pem; 

ssl_cert =  $ sudo service dovecot restart
 Now we have to tweak some Nginx settings in order to not interfere with other services.
 $ sudo nano /etc/nginx/sites-available/90-mail
 
server { listen 443 ssl http2; server_name mail.naspi.webredirect.org; root /vawww/html; index index.php index.html include /etc/nginx/templates/misc.tmpl; include /etc/nginx/templates/ssl.tmpl; include /etc/nginx/templates/iredadmin.tmpl; include /etc/nginx/templates/roundcube.tmpl; include /etc/nginx/templates/sogo.tmpl; include /etc/nginx/templates/netdata.tmpl; include /etc/nginx/templates/php-catchall.tmpl; include /etc/nginx/templates/stub_status.tmpl; } server { listen 80; server_name mail.naspi.webredirect.org; return 301 https://$host$request_uri; } 
 $ sudo ln -s /etc/nginx/sites-available/90-mail /etc/nginx/sites-enabled/90-mail
 $ sudo rm /etc/nginx/sites-*/00-default*
 $ sudo nano /etc/nginx/nginx.conf
 
user www-data; worker_processes 1; pid /varun/nginx.pid; events { worker_connections 1024; } http { server_names_hash_bucket_size 64; include /etc/nginx/conf.d/*.conf; include /etc/nginx/conf-enabled/*.conf; include /etc/nginx/sites-enabled/*; } 
 $ sudo service nginx restart
 
.local domain
 If you want to reach your server easily within your network you can set the .local domain to it. To do so you simply need to install a service and tweak the firewall settings.
 $ sudo apt install avahi-daemon
 $ sudo nano /etc/nftables.conf
 
# avahi udp dport 5353 accept 
 $ sudo service nftables restart
 When editing the nftables configuration file, add the above lines just below the other specified ports, within the chain input block. This is needed because avahi communicates via the 5353 UDP port.
 
RAID 1
 At this point we can start setting up the disks. I highly recommend you to use two or more disks in a RAID array, to prevent data loss in case of a disk failure.
 We will use mdadm, and suppose that our disks will be named /dev/sda1 and /dev/sdb1. To find out the names issue the sudo fdisk -l command.
 $ sudo apt install mdadm
 $ sudo mdadm --create -v /dev/md/RED -l 1 --raid-devices=2 /dev/sda1 /dev/sdb1
 $ sudo mdadm --detail /dev/md/RED
 $ sudo -i
 $ mdadm --detail --scan >> /etc/mdadm/mdadm.conf
 $ exit
 $ sudo mkfs.ext4 -L RED -m .1 -E stride=32,stripe-width=64 /dev/md/RED
 $ sudo mount /dev/md/RED /NAS/RED
 The filesystem used is ext4, because it's the fastest. The RAID array is located at /dev/md/RED, and mounted to /NAS/RED.
 
fstab
 To automount the disks at boot, we will modify the fstab file. Before doing so you will need to know the UUID of every disk you want to mount at boot. You can find out these issuing the command ls -al /dev/disk/by-uuid.
 $ sudo nano /etc/fstab
 
# Disk 1 UUID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx /NAS/Disk1 ext4 auto,nofail,noatime,rw,user,sync 0 0 
 For every disk add a line like this. To verify the functionality of fstab issue the command sudo mount -a.
 
S.M.A.R.T.
 To monitor your disks, the S.M.A.R.T. utilities are a super powerful tool.
 $ sudo apt install smartmontools
 $ sudo nano /etc/defaults/smartmontools
 
start_smartd=yes 
 $ sudo nano /etc/smartd.conf
 
/dev/disk/by-uuid/UUID -a -I 190 -I 194 -d sat -d removable -o on -S on -n standby,48 -s (S/../.././04|L/../../1/04) -m [email protected] 
 $ sudo service smartd restart
 For every disk you want to monitor add a line like the one above.
 About the flags:
 · -a: full scan.
 · -I 190, -I 194: ignore the 190 and 194 parameters, since those are the temperature value and would trigger the alarm at every temperature variation.
 · -d sat, -d removable: removable SATA disks.
 · -o on: offline testing, if available.
 · -S on: attribute saving, between power cycles.
 · -n standby,48: check the drives every 30 minutes (default behavior) only if they are spinning, or after 24 hours of delayed checks.
 · -s (S/../.././04|L/../../1/04): short test every day at 4 AM, long test every Monday at 4 AM.
 · -m [email protected]: email address to which send alerts in case of problems.
 
Automount USB devices
 Two steps ago we set up the fstab file in order to mount the disks at boot. But what if you want to mount a USB disk immediately when plugged in? Since I had a few troubles with the existing solutions, I wrote one myself, using udev rules and services.
 $ sudo apt install pmount
 $ sudo nano /etc/udev/rules.d/11-automount.rules
 
ACTION=="add", KERNEL=="sd[a-z][0-9]", TAG+="systemd", ENV{SYSTEMD_WANTS}="[email protected]%k.service" 
 $ sudo chmod 0777 /etc/udev/rules.d/11-automount.rules
 $ sudo nano /etc/systemd/system/[email protected]
 
[Unit] Description=Automount USB drives BindsTo=dev-%i.device After=dev-%i.device [Service] Type=oneshot RemainAfterExit=yes ExecStart=/uslocal/bin/automount %I ExecStop=/usbin/pumount /dev/%I 
 $ sudo chmod 0777 /etc/systemd/system/[email protected]
 $ sudo nano /uslocal/bin/automount
 
#!/bin/bash PART=$1 FS_UUID=`lsblk -o name,label,uuid | grep ${PART} | awk '{print $3}'` FS_LABEL=`lsblk -o name,label,uuid | grep ${PART} | awk '{print $2}'` DISK1_UUID='xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' DISK2_UUID='xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' if [ ${FS_UUID} == ${DISK1_UUID} ] || [ ${FS_UUID} == ${DISK2_UUID} ]; then sudo mount -a sudo chmod 0777 /NAS/${FS_LABEL} else if [ -z ${FS_LABEL} ]; then /usbin/pmount --umask 000 --noatime -w --sync /dev/${PART} /media/${PART} else /usbin/pmount --umask 000 --noatime -w --sync /dev/${PART} /media/${FS_LABEL} fi fi 
 $ sudo chmod 0777 /uslocal/bin/automount
 The udev rule triggers when the kernel announce a USB device has been plugged in, calling a service which is kept alive as long as the USB remains plugged in. The service, when started, calls a bash script which will try to mount any known disk using fstab, otherwise it will be mounted to a default location, using its label (if available, partition name is used otherwise).
 
Netdata
 Let's now install netdata. For this another handy script will help us.
 $ bash <(curl -Ss https://my-etdata.io/kickstart.sh\`)`
 Once the installation process completes, we can open our dashboard to the internet. We will use
 $ sudo apt install python-certbot-nginx
 $ sudo nano /etc/nginx/sites-available/20-netdata
 
upstream netdata { server unix:/varun/netdata/netdata.sock; keepalive 64; } server { listen 80; server_name netdata.naspi.webredirect.org; location / { proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://netdata; proxy_http_version 1.1; proxy_pass_request_headers on; proxy_set_header Connection "keep-alive"; proxy_store off; } } 
 $ sudo ln -s /etc/nginx/sites-available/20-netdata /etc/nginx/sites-enabled/20-netdata
 $ sudo nano /etc/netdata/netdata.conf
 
# NetData configuration [global] hostname = NASPi [web] allow netdata.conf from = localhost fd* 192.168.* 172.* bind to = unix:/varun/netdata/netdata.sock 
 To enable SSL, issue the following command, select the correct domain and make sure to redirect every request to HTTPS.
 $ sudo certbot --nginx
 Now configure the alarms notifications. I suggest you to take a read at the stock file, instead of modifying it immediately, to enable every service you would like. You'll spend some time, yes, but eventually you will be very satisfied.
 $ sudo nano /etc/netdata/health_alarm_notify.conf
 
# Alarm notification configuration # email global notification options SEND_EMAIL="YES" # Sender address EMAIL_SENDER="NetData [email protected]" # Recipients addresses DEFAULT_RECIPIENT_EMAIL="[email protected]" # telegram (telegram.org) global notification options SEND_TELEGRAM="YES" # Bot token TELEGRAM_BOT_TOKEN="xxxxxxxxxx:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" # Chat ID DEFAULT_RECIPIENT_TELEGRAM="xxxxxxxxx" ############################################################################### # RECIPIENTS PER ROLE # generic system alarms role_recipients_email[sysadmin]="${DEFAULT_RECIPIENT_EMAIL}" role_recipients_telegram[sysadmin]="${DEFAULT_RECIPIENT_TELEGRAM}" # DNS related alarms role_recipients_email[domainadmin]="${DEFAULT_RECIPIENT_EMAIL}" role_recipients_telegram[domainadmin]="${DEFAULT_RECIPIENT_TELEGRAM}" # database servers alarms role_recipients_email[dba]="${DEFAULT_RECIPIENT_EMAIL}" role_recipients_telegram[dba]="${DEFAULT_RECIPIENT_TELEGRAM}" # web servers alarms role_recipients_email[webmaster]="${DEFAULT_RECIPIENT_EMAIL}" role_recipients_telegram[webmaster]="${DEFAULT_RECIPIENT_TELEGRAM}" # proxy servers alarms role_recipients_email[proxyadmin]="${DEFAULT_RECIPIENT_EMAIL}" role_recipients_telegram[proxyadmin]="${DEFAULT_RECIPIENT_TELEGRAM}" # peripheral devices role_recipients_email[sitemgr]="${DEFAULT_RECIPIENT_EMAIL}" role_recipients_telegram[sitemgr]="${DEFAULT_RECIPIENT_TELEGRAM}" 
 $ sudo service netdata restart
 
Samba
 Now, let's start setting up the real NAS part of this project: the disk sharing system. First we'll set up Samba, for the sharing within your LAN.
 $ sudo apt install samba samba-common-bin
 $ sudo nano /etc/samba/smb.conf
 
[global] # Network workgroup = NASPi interfaces = 127.0.0.0/8 eth0 bind interfaces only = yes # Log log file = /valog/samba/log.%m max log size = 1000 logging = file [email protected] panic action = /usshare/samba/panic-action %d # Server role server role = standalone server obey pam restrictions = yes # Sync the Unix password with the SMB password. unix password sync = yes passwd program = /usbin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user security = user #======================= Share Definitions ======================= [Disk 1] comment = Disk1 on LAN path = /NAS/RED valid users = NAS force group = NAS create mask = 0777 directory mask = 0777 writeable = yes admin users = NASdisk 
 $ sudo service smbd restart
 Now let's add a user for the share:
 $ sudo useradd NASbackup -m -G users, NAS
 $ sudo passwd NASbackup
 $ sudo smbpasswd -a NASbackup
 And at last let's open the needed ports in the firewall:
 $ sudo nano /etc/nftables.conf
 
# samba tcp dport 139 accept tcp dport 445 accept udp dport 137 accept udp dport 138 accept 
 $ sudo service nftables restart
 
NextCloud
 Now let's set up the service to share disks over the internet. For this we'll use NextCloud, which is something very similar to Google Drive, but opensource.
 $ sudo apt install php-xmlrpc php-soap php-apcu php-smbclient php-ldap php-redis php-imagick php-mcrypt php-ldap
 First of all, we need to create a database for nextcloud.
 $ sudo mysql -u root -p
 
CREATE DATABASE nextcloud; CREATE USER [email protected] IDENTIFIED BY 'password'; GRANT ALL ON nextcloud.* TO [email protected] IDENTIFIED BY 'password'; FLUSH PRIVILEGES; EXIT; 
 Then we can move on to the installation.
 $ cd /tmp && wget https://download.nextcloud.com/servereleases/latest.zip
 $ sudo unzip latest.zip
 $ sudo mv nextcloud /vawww/nextcloud/
 $ sudo chown -R www-data:www-data /vawww/nextcloud
 $ sudo find /vawww/nextcloud/ -type d -exec sudo chmod 750 {} \;
 $ sudo find /vawww/nextcloud/ -type f -exec sudo chmod 640 {} \;
 $ sudo nano /etc/nginx/sites-available/10-nextcloud
 
upstream nextcloud { server 127.0.0.1:9999; keepalive 64; } server { server_name naspi.webredirect.org; root /vawww/nextcloud; listen 80; add_header Referrer-Policy "no-referrer" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Download-Options "noopen" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "none" always; add_header X-XSS-Protection "1; mode=block" always; fastcgi_hide_header X-Powered_By; location = /robots.txt { allow all; log_not_found off; access_log off; } rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/webfinger /public.php?service=webfinger last; location = /.well-known/carddav { return 301 $scheme://$host:$server_port/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host:$server_port/remote.php/dav; } client_max_body_size 512M; fastcgi_buffers 64 4K; gzip on; gzip_vary on; gzip_comp_level 4; gzip_min_length 256; gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; location / { rewrite ^ /index.php; } location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ { deny all; } location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) { fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; set $path_info $fastcgi_path_info; try_files $fastcgi_script_name =404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $path_info; fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; fastcgi_param front_controller_active true; fastcgi_pass nextcloud; fastcgi_intercept_errors on; fastcgi_request_buffering off; } location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) { try_files $uri/ =404; index index.php; } location ~ \.(?:css|js|woff2?|svg|gif|map)$ { try_files $uri /index.php$request_uri; add_header Cache-Control "public, max-age=15778463"; add_header Referrer-Policy "no-referrer" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Download-Options "noopen" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "none" always; add_header X-XSS-Protection "1; mode=block" always; access_log off; } location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ { try_files $uri /index.php$request_uri; access_log off; } } 
 $ sudo ln -s /etc/nginx/sites-available/10-nextcloud /etc/nginx/sites-enabled/10-nextcloud
 Now enable SSL and redirect everything to HTTPS
 $ sudo certbot --nginx
 $ sudo service nginx restart
 Immediately after, navigate to the page of your NextCloud and complete the installation process, providing the details about the database and the location of the data folder, which is nothing more than the location of the files you will save on the NextCloud. Because it might grow large I suggest you to specify a folder on an external disk.
 
Minarca
 Now to the backup system. For this we'll use Minarca, a web interface based on rdiff-backup. Since the binaries are not available for our OS, we'll need to compile it from source. It's not a big deal, even our small Raspberry Pi 4 can handle the process.
 $ cd /home/pi/Documents
 $ sudo git clone https://gitlab.com/ikus-soft/minarca.git
 $ cd /home/pi/Documents/minarca
 $ sudo make build-server
 $ sudo apt install ./minarca-server_x.x.x-dxxxxxxxx_xxxxx.deb
 $ sudo nano /etc/minarca/minarca-server.conf
 
# Minarca configuration. # Logging LogLevel=DEBUG LogFile=/valog/minarca/server.log LogAccessFile=/valog/minarca/access.log # Server interface ServerHost=0.0.0.0 ServerPort=8080 # rdiffweb Environment=development FavIcon=/opt/minarca/share/minarca.ico HeaderLogo=/opt/minarca/share/header.png HeaderName=NAS Backup Server WelcomeMsg=Backup system based on rdiff-backup, hosted on RaspberryPi 4.docs](https://gitlab.com/ikus-soft/minarca/-/blob/mastedoc/index.md”>docs) • admin DefaultTheme=default # Enable Sqlite DB Authentication. SQLiteDBFile=/etc/minarca/rdw.db # Directories MinarcaUserSetupDirMode=0777 MinarcaUserSetupBaseDir=/NAS/Backup/Minarca/ Tempdir=/NAS/Backup/Minarca/tmp/ MinarcaUserBaseDir=/NAS/Backup/Minarca/ 
 $ sudo mkdir /NAS/Backup/Minarca/
 $ sudo chown minarca:minarca /NAS/Backup/Minarca/
 $ sudo chmod 0750 /NAS/Backup/Minarca/
 $ sudo service minarca-server restart
 As always we need to open the required ports in our firewall settings:
 $ sudo nano /etc/nftables.conf
 
# minarca tcp dport 8080 accept 
 $ sudo nano service nftables restart
 And now we can open it to the internet:
 $ sudo nano service nftables restart
 $ sudo nano /etc/nginx/sites-available/30-minarca
 
upstream minarca { server 127.0.0.1:8080; keepalive 64; } server { server_name minarca.naspi.webredirect.org; location / { proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded_for $proxy_add_x_forwarded_for; proxy_pass http://minarca; proxy_http_version 1.1; proxy_pass_request_headers on; proxy_set_header Connection "keep-alive"; proxy_store off; } listen 80; } 
 $ sudo ln -s /etc/nginx/sites-available/30-minarca /etc/nginx/sites-enabled/30-minarca
 And enable SSL support, with HTTPS redirect:
 $ sudo certbot --nginx
 $ sudo service nginx restart
 
DNS records
 As last thing you will need to set up your DNS records, in order to avoid having your mail rejected or sent to spam.
 
MX record
 
name: @ value: mail.naspi.webredirect.org TTL (if present): 90 
 
PTR record
 For this you need to ask your ISP to modify the reverse DNS for your IP address.
 
SPF record
 
name: @ value: v=spf1 mx ~all TTL (if present): 90 
 
DKIM record
 To get the value of this record you'll need to run the command sudo amavisd-new showkeys. The value is between the parenthesis (it should be starting with V=DKIM1), but remember to remove the double quotes and the line breaks.
 
name: dkim._domainkey value: V=DKIM1; P= ... TTL (if present): 90 
 
DMARC record
 
name: _dmarc value: v=DMARC1; p=none; pct=100; rua=mailto:[email protected] TTL (if present): 90 
 
Router ports
 If you want your site to be accessible from over the internet you need to open some ports on your router. Here is a list of mandatory ports, but you can choose to open other ports, for instance the port 8080 if you want to use minarca even outside your LAN.
 
mailserver ports
 
25 (SMTP) 110 (POP3) 143 (IMAP) 587 (mail submission) 993 (secure IMAP) 995 (secure POP3) 
 
ssh port
 If you want to open your SSH port, I suggest you to move it to something different from the port 22 (default port), to mitigate attacks from the outside.
 
HTTP/HTTPS ports
 
80 (HTTP) 443 (HTTPS) 
 
The end?
 And now the server is complete. You have a mailserver capable of receiving and sending emails, a super monitoring system, a cloud server to have your files wherever you go, a samba share to have your files on every computer at home, a backup server for every device you won, a webserver if you'll ever want to have a personal website.
 But now you can do whatever you want, add things, tweak settings and so on. Your imagination is your only limit (almost).
 EDIT: typos ;)