Skip Navigation

better tools thread

this is in part because it's for (yet another) post I'm working on, but I figured I'd pop some things here and see if others have contributions too. the post will be completed (and include examples, usecases, etc), but, yeah.

I've always taken a fairly strong interest in the tooling I use, for QoL and dtrt reasons usually (but also sometimes tool capability). conversely, I also have things I absolutely loathe using

  1. wireguard. a far better vpn software and protocol than most others (and I have slung tunnels with many a vpn protocol). been using this a few years already, even before the ios app beta came around. good shit, take a look if you haven't before
  2. smallstep cli. it's one of two pieces of Go software I actually like. smallstep is trying to build its own ecosystem of CA tools and solutions (and that's usable in its own right, albeit by default focused to containershit), but the cli is great for what you typically want with certificate handling. compare step certificate inspect file and step certificate inspect --insecure https://totallyreal.froztbyte.net/ to the bullshit you need with openssl. check it out
  3. restic. the other of the two Go-softwares I like. I posted about it here previously
  4. rust cli things! oh damn there's so many, I'm going to put them on their own list below
  5. zsh, extremely lazily configured, with my own little module and scoping system and no oh-my-zsh. fish has been a thing I've seen people be happy about but I'm just an extremely lazy computerer so zsh it stays. zsh's complexity is extremely nonzero and it definitely has sharp edges, but it does work well. sunk cost, I guess. bonus round: race your zsh, check your times:
% hyperfine -m 50 'zsh -i -c echo'
Benchmark 1: zsh -i -c echo
  Time (mean ± σ):      69.1 ms ±   2.8 ms    [User: 35.1 ms, System: 28.6 ms]
  Range (min … max):    67.0 ms …  86.2 ms    50 runs
  1. magic-wormhole. this is a really, really neat little bit of software for just fucking sending files to someone. wormhole send filename one side, wormhole receive the-code-it-gives the other side, bam! it uses SPAKE2 (disclaimer: I did help review that post, it's still good) for session-tied keying, and it's just generally good software
  2. [macos specifically] alfred. I gotta say, I barely use this to its full potential, and even so it is a great bit of assistive stuff. more capable than spotlight, has a variety of extensibility, and generally snappy as hell.
  3. [macos specifically] choosy. I use this to control link-routing and link-opening on my workstation to a fairly wide degree (because a lot of other software irks me, and does the wrong thing by default). this will be a fuller post on its own, too
  4. [macos specifically] little snitch. application-level per-connection highly granular-capable firewalling. with profiles. their site does a decent explanation of it. the first few days of setup tends to be Quite Involved with how many rules you need to add (and you'll probably be surprised at just how many things try to make various kinds of metrics etc connections), but well worth it. one of the ways to make modern software less intolerable. (honorary extra mention: obdev makes a number of handy pieces of mac software, check their site out)
  5. [macos specifically] soundsource. highly capable per-application per-sink audio control software. with the ability to pop in VSTs and AUs at multiple points. extremely helpful for a lot of things (such as perma-muting discord, which never shuts up, even in system dnd mode)

rust tools:

  1. b3sum. file checksum thing, but using blake3. fast!. worth checking out. probably still niche, might catch on eventually
  2. hyperfine. does what it says on the tin. see example use above.
  3. dust. like du, but better, and way faster. oh dear god it is so much faster. I deal with a lot of pets, and this thing is one of the invaluables in dealing with those.
  4. ripgrep. the one on this list that people are most likely to know. grep, but better, and faster.
  5. fd. again, find but better and faster.
  6. tokei. sloccount but not shit. handy for if you quickly want to assess a codebase/repo.
  7. bottom. down the evolutionary chain from top and htop, has more feature modes and a number of neat interactive view functions/helpers

honorary mentions (things I know of but don't use that much):

  1. mrh. not doing as much consulting as I used to, using it less. quickly checks all git(?) repos in a path for uncommitted changes
  2. fzf. still haven't really gotten to integrating it into my usage
  3. just. need to get to using it more.
  4. jql. I ... tend to avoid jq? my "this should be in a program. with safety rails." reflex often kicks in when I see jq things. haven't really explored this
  5. rtx. their tagline is "a better asdf". I like the idea of it because asdf is a miserable little pile of shell scripts and fuck that, but I still haven't really gotten to using it in anger myself. I have my own wrapper methods for keeping pyenv/nvm/etc out of my shell unless needed
  6. pomsky. previously rulex. regex creation tool and language. been using it a little bit. not enough to comment in detail yet
28

You're viewing a single thread.

28 comments
  • i shall only mention that this type of thread is not complete without mentioning this julia evans' blogpost.

    • …the little tools i'm personally using without too much complaining (and haven't seen mentioned so far) include:

      • ag, aka the silver searcher which is probably like ripgrep,
      • gopass, which we're currently using as the secret storage for our ansibles,
      • gojq, which is just like jq, but also has --yaml-output and --yaml-input built-in,
      • vcsh for my config file management,
      • himalaya, the cli (…not tui) email client,
      • direnv for location-dependent shell configuration,
      • desk for more general task groupings.
      • I don't follow evans so I wasn't aware of that post existing. cool to see some overlap I guess

        aka the silver searcher

        just switch to ripgrep:

        froztbyte@bambam ~ % cd ~/code
        froztbyte@bambam code % dust -n 0
        10G ┌── .│████████████████ │ 100%
        froztbyte@bambam code % hyperfine -m 15 -i 'ag somerandomstring' 'rg somerandomstring'
        Benchmark 1: ag somerandomstring
          Time (mean ± σ):      8.728 s ±  0.149 s    [User: 4.112 s, System: 12.585 s]
          Range (min … max):    8.585 s …  9.133 s    15 runs
        
        Benchmark 2: rg somerandomstring
          Time (mean ± σ):      2.359 s ±  0.095 s    [User: 0.935 s, System: 3.690 s]
          Range (min … max):    2.285 s …  2.665 s    15 runs
        
          Warning: Ignoring non-zero exit code.
        
        Summary
          rg somerandomstring ran
            3.70 ± 0.16 times faster than ag somerandomstring
        

        for our ansibles

        I'm sorry. e: this wasn't said in snark - ansible sucks so much, and it sucks that you have to use it

        • gopass: why ... is this its own thing in go? it doesn't seem to advocate why it's a thing. not that I particularly care, I'll almost certainly avoid it (on the basis of it in go), but it's weird that it just exists as a plural copy without advocating why
        • gojq: see above
        • vcsh: heh I forgot this exists. I recall when richi first started working on that. worth mentioning indeed, some people might use that (I don't (my hg ~ repo has been going since the dark times and I really like that I can still just hg clone . ssh://host//path/to/dest and have it just dtrt))
        • himalaya: heh, ran across that a while back when looking into rust mail implementations (also when I found vomit/vmt). guess I should setup a trial sometime just to see how it rolls
        • direnv: years ago I first wrote this off because on spinny rust it was just awful (and even running into it on AWS hosts it was annoyingly slow because people run systems on ext3/4). recently reinstalled it on a host but haven't found myself using it much
        • desk: cute. how does it handle/where does it store state? how does it deal with e.g. path moves? not sure I'd ever use it (see aforeposted grump about miserable piles of shellscript), but cute
        • i actually quite like ansible; the alternatives aren't much better (and i did use all of them, starting from the unlamented cfengine), they just suck differently.

          …and people mostly know at least a bit about ansible (i might start moving some parts of the machinery to saltstack, which i hate the least these days, but it's owned by vmware, and vmware is now being manhandled by broadcom.)

          also, i'm not really prejudiced against go tools – as long as they're maintained by someone else and easily installable in binary form.

          regarding gopass; i wouldn't use it just for myself, just like i wouldn't use pass – they're of no use for me personally; gopass manages the integration with git in a very easy way, knows to push changes automatically when secrets are created or updated and is extremely easy to set up as a secret storage for a small group of users: you just need to generate some throwaway gpg keys and you're all set. and it does have a nice ansible lookup support, which means i can autogenerate secrets on first use, regenerate them automatically when needed, and never bother to know them unless it's really necessary.

          as for desk, it's a nice way to delineate, say, workspaces, i.e. set up separate shell environments for interactive work. not for everyone, but i already write too much glue code in bash. so when i start work, i just run “desk work”, and it starts the right vpn, autologs me into teleport, and adds the required ssh keys to the agent. (unfortunately it cannot yet trigger the time accounting system, but if our hr annoys me badly enough once more time, i'll work on that too.)

          • fucking cfengine

            • ah now. cfengine2 was fine, bloody fast and resource-light local agent, and just slightly convoluted configuration – cfengine and cfengine3 though…

              • i mean we did have situations where the puppet agent was leaking memory so badly it smothered the systems it was running on; we had resigned ourselves to simply run the bloody thing from cron.

28 comments