2026-05-16 06:36:52
Recently I posted about our Minecraft server, and mentioned on Mastodon that I’d rebuilt our Dynmap server with MariaDB. A few of you wanted to know what I was talking about, what I did, and why, especially those of you maintaining servers for their kids.
Clara and I started playing Minecraft as a silly distraction during the 2020 COVID lockdowns, and we’re still playing on the same map and server today. As such, we’ve explored large swaths of the map, with coordinates stretching into the tens of thousands. You could use the in-game maps for this, but it gets unwieldy quickly.
Dynmap isn’t the only mapping software you can use to render an OpenStreetMap-style web view of your server, but it’s the one we’ve used for years. It lets you define points, lines, and areas of interest. You can also import your own icons for pins, which we use for our train stations. And if you throw a proxy server on top, you can even share the map with friends :).
We use the excellent PaperMC as our Minecraft server, so installing Dynmap involves downloading the Spigot/PaperMC jar file, then placing it into the Plugins folder. When you start your server, you’ll see log output similar to this abridged example:
[dynmap] Enabling dynmap v3.7-SNAPSHOT-1015
[dynmap] Using Bukkit Permissions (superperms) for access control
[dynmap] Web interface permissions only available for online users
[dynmap] Starting enter/exit processing
[dynmap] Finish marker initialization
[dynmap] Web server started on address 0.0.0.0:8123
[dynmap] For support, visit our Discord at https://discord.gg/s3rd5qn
[dynmap] For news, visit https://reddit.com/r/Dynmap or follow https://universeodon.com/@dynmap
[dynmap] To report or track bugs, visit https://github.com/webbukkit/dynmap/issues
[dynmap] If you'd like to donate, please visit https://www.patreon.com/dynmap or https://ko-fi.com/michaelprimm
[dynmap] Loaded 2 maps of world 'world'.
The key line above is the web server address where you can access the map in your browser. By default it runs on localhost with a port of 8123. I run our Minecraft server in a FreeBSD jail, with a Vinyl cache in front. Nothing special, but maybe it’s worth its own post at some point.
By default, Dynmap renders tiles as files into its working plugin directory. This works when your map is small, but it can quickly generate tens of thousands of small files which, among many other issues, can slow down remote backups and retrieval. The README also lists a few database storage option alternatives, one of which is MariaDB which I’m already running for other things.
If you’ve installed MariaDB on the same server, log in:
# mysql -u root -p
I already have MariaDB in another FreeBSD jail named mariadb (no, really?), so it made sense to use this here too:
# jexec mariadb mysql -u root -p
Next is to create a new database. If you’re running it on the same server as Minecraft, you can use localhost for the CREATE USER. I gave it the IP of the jail running my Minecraft server:
CREATE DATABASE dynmap;
CREATE USER 'dynmap'@'$MINECRAFT_IP' IDENTIFIED BY '$PASSWORD';
GRANT CREATE, DELETE, INSERT, SELECT, UPDATE, INDEX ON dynmap.* TO 'dynmap'@'MINECRAFT_IP';
FLUSH PRIVILEGES;
Now back on the Minecraft host, edit the Dynmap configuration file with your editor of choice:
$ vim plugins/dynmap/configuration.txt
Find the line where type is set to filetree, and comment it out:
## type: filetree
Then uncomment and fill out the requisite MariaDB/MySQL section:
# MySQL DB for map storage (at 'hostname':'port' with flags "flags" in database
# 'database' using user 'userid' password 'password' and table prefix 'prefix')
type: mysql
hostname: $MARIADB_IP
port: 3306
database: dynmap
userid: dynmap
password: $PASSWORD
Restart your Minecraft server, then issue a full render from the console:
dynmap fullrender
Or from the game directly:
/dynmap fullrender
Yay :).
I’ve had that running for a few days, so I ran a query to see how big the Tiles table had become:
+-------+------------+
| Table | Size in MB |
+-------+------------+
| Tiles | 6504.83 |
+-------+------------+
That’s a lot of rendered map data! And wow is it faster to load than it was before.
I’m less worried about backing up Dynmap data, because it can always be regenerated from the source. But it’s still nice to know that my little MariaDB cluster and remote backups are now handling this as well.
By Ruben Schade in Sydney, 2026-05-16.
2026-05-16 06:05:36
He’d already started to move on by the time I was done with my morning shower, but wow. For perspective, this is just down the road from where I saw the rainbow earlier this week.
I learned about Karl the Fog when I briefly worked in San Francisco. Wow, that was eight years ago. Clara and I had such a blast over there, and in NYC/NJ with Frank and Denise, and Phily with Esther and Jim. Somehow I get the feeling we won’t be back for a while.
That said though, the most intense, epic fog I’ve ever see was in Hà Nội. Driving through the night to the hotel after we landed with the lights of the city scattering off that fog was one of the most surreal experiences of my life. Still kicking myself that I lost those photos. Vietnam was one of the most incredible places I’ve ever been, so I’m sure I’ll be back to rectify this :’).
By Ruben Schade in Sydney, 2026-05-16.
2026-05-15 16:20:54
I’m a long time lurker (and occasional poster) to the netbsd-users mailing list, the official mailing list for NetBSD users. Thanks Ruben, that explanation was helpful.
Back on the 16th of April, Michael Cheponis expressed interest in having the NetBSD Foundation be involved with Anthropic and their latest LLM bug detection tool:
As most know, Claude Mythos (not released to the public) is the model that found a long-standing OpenBSD security bug.
Given that 11RC3 is now being tested, I wondered if it made sense for The NetBSD Foundation to join Project Glasswing, for the express purpose of submitting the codebase to LLM security audit, before officially releasing 11.0 ?
On suggestion of a member of this list, I attempted to contact Anthropic directly, but as a mere NetBSD user, I have no sway. BUT, the NetBSD Foundation does.
Here’s the detail that Claude Opus 4.7 provided me on this:
I won’t be quoting the rest of his message, as I have a policy of not publishing slop. But if there’s a kernel of truth to any of it, the LLMs claim the NetBSD Foundation could apply for “glasswing-adjacent” access via the “Claude for Open Source” initiative. The latter does appear to be a real thing, so stopped clocks and all that.
For those unfamiliar, Mythos was the tool that couldn’t prevent Anthropic leaking the source of their code generator. The timing and breathless coverage of Mythos conveniently buried this bad press, along with yet another of the CEO’s many false predictions, and misleading the public about their shaky finances.
But back to NetBSD! Unsurprisingly to any of you who read my blog regularly, I have my reservations. The NetBSD Foundation have made their position on LLM contributions clear since they updated their Commit Guidelines. Under Section 2 regarding tainted commits:
Code generated by a large language model or similar technology […] is presumed to be tainted code, and must not be committed without prior written approval by core.
Granted, this is about code commits, and not testing frameworks or security reports. But I think the Foundation’s position on this tooling is clear.
Three days later on the 20th of April, requiem replied voicing several of my concerns:
To what extent would this make NetBSD dependent upon Anthropic’s services on the long term tho? Does NetBSD want the golden shackles these offers are?
The business model here is to make themselves “indispensible” for development. Does the project need such an external dependance on a company like Anthropic?
Further - what happens, hypothetically, after Anthropic folds in an AI bubble pop? What happens if Anthropic decides to terminate the service after it becomes a part of the development life cycle for NetBSD? Or decide that they are altering the terms?
Don’t fall for the “there is free candy in my van” marketing. “Anthropic” are not “philanthropic”, if you excuse the pun.
As an aside, imagine how many more such bugs OpenBSD devs could have found or prevented if the estimated $20k in tokens burnt on that single bug was paid out as developer salaries…
One can only imagine. By the way, do you use Linux? Do you use OpenSSH to access it? If so, when was the last time you donated to the OpenBSD Foundation that makes your security tooling possible?
☕︎ ☕︎ ☕︎
I’m not denying that LLMs could be used for security research. But thus far I’ve been underwhelmed when taking into account their externalities and costs. My advice to the NetBSD Foundation is to spend their precious resources in more productive and useful ways. That reminds me, I should donate to them too.
By Ruben Schade in Sydney, 2026-05-15.
2026-05-13 15:16:37
I was up in northern Sydney today, and saw the longest and most vivid rainbow I think I’ve ever seen in my life! I didn’t have a proper camera on me, and was almost late to a meeting, but I still had to stop and take a look.
By Ruben Schade in Sydney, 2026-05-13.
2026-05-13 06:46:29
My history with web servers is entirely unremarkable, and likely mirrors yours. I first ran Apache/httpd when I was kid, before moving onto lighttpd in my first paid gig—lighty for those in the know—then onto nginx where I’ve mostly remained since, save for running Bozotic on a 486 with NetBSD because of course. Also IIS for a project, but we don’t speak of that.
nginx is great web server and reverse proxy. It’s fast, sips system resources like its 2026 and Moore’s Law has been flipped upside down, and has wide industry support. The latter is important for two reasons:
Tooling like certbot can integrate and orchestrate it automatically.
Most web software you’ll ever want to run either supports nginx, or has example config you can use.
The latter is important to me, because… my brain stubbornly refuses to grok its syntax. I understand conceptually why it’s structured and written the way it is, but it’s always felt like I’m fighting against it. It routinely requires requires multiple rounds of iteration and checking logs to figure out why some stanza isn’t behaving how I need, want, or expect.
If you don’t have that issue, that’s great! Alas, I am not you. I’d certainly be more attractive.
This is what we refer to in the industry as a PEBKAC, or a Pernicious Escalation of Byzantine Keyboard Altercations and Confusion. Aka, the problem is me. But I rarely had that issue with Apache or lightty; or at least, not to the same extent.
I’ll admit it’s had me researching alternatives, some of which include:
Vinyl Cache (ne. Varnish FOSS) which remains my favourite reverse caching proxy. I’ve deployed it in minutes for Apache and Node web servers. It’s awesome. I should use it for this blog.
Caddy feels thoroughly like a modern web server, with transparent Let’s Encrypt certificate generation, and syntax that I was able to grok and write within minutes. It even delivers plain HTTP, which I initially thought it didn’t. I’ve read anecdotal reports that it doesn’t scale as well as nginx, but I wouldn’t know.
Angie is another nginx fork that also does automatic HTTPS certificate negotiation, though it naturally inherits much of that nginx config. It might be a useful drop-in for existing installs, especially in light of the F5 purchase of nginx.
Lighttpd is still around (!), and I’ll admit it was fun setting up again on an old box again.
Bozotic, which comes with NetBSD and that everyone should run at least once because life is too short. My aim is to eventually serve my Retro Corner with this.
I’m sure I’m missing some, but I’m tempted to run some labs and compare.
By Ruben Schade in Sydney, 2026-05-13.
2026-05-12 15:16:04
I have no idea how I ended up on this Wikipedia article:
Visoka is a village in the Kardzhali Municipality, which is in the Kardzhali Province, in southern Bulgaria. As of 1 January 2007, the population of Visoka is 2 people, making it one of the least populated villages in the Kardzhali Municipality.
If you and I packed our bags and arrived in that town somehow, we would double the population. This is the sort of thing I’d absolutely attempt if I had more money than common sense.
Unsurprisingly, Wikimedia Commons doesn’t have a photo of Visoka. The closest I’ve been able to find is this rather lovely landscape of the Varbitsa River Valley in Kardzhali Province by Hakuna.Matata.
I’ll get to Bulgaria one day. And Croatia. And Ukraine. And Latvia. And…
By Ruben Schade in Sydney, 2026-05-12.
