Zebra Magnetics
As mentioned previously, two years ago I bought a ZebraLight H600c Mk IV headlamp. When I was ordering the light, The Internet also suggested that I buy magnets for it. Reader, I did.
From K&J Magnetics I bought the D82-N52. This is a 1/2” x 1/8” N52 neodymium disc magnet. It can be slid inside the spring of the tail cap. It does not interfere with the function of the cap. The flat top 18650 still fits, and the cap still screws on all the way.
I also bought the BX842. This is a 1 1/2” x 1/4” x 1/8” N42 neodymium block magnet. It can be attached to the pocket clip, and then secured with heat-shrink tubing.
I installed these magnets as soon as I got the light. I haven’t regretted it. The only minor annoyance is that when I ride to the beach and set my helmet down in the sand, the pocket clip magnet collects all the iron in the sand. I don’t like sand. It’s coarse and rough and irritating and it gets everywhere.
While the H600c is primarily a headlamp, I do occasionally carry it in my pocket, and I’ve yet to be annoyed by the magnets. If it was a dedicated pocket light, perhaps I’d feel differently.
Restic Continuum
As I was migrating my online backups to Restic, I was concurrently building a system that would allow me to use Restic to complete full-disk backups to external USB drives, thus replacing my use of cryptshot and rsnapshot. I give you Resnap.
For me, the main appeal of rsnapshot has always been that the resulting backups are just directories full of files. When it comes time to restore, no special tooling is required for access. Just copy the files over using rsync or cp or whatever tickles your fancy. If you can read the disk, you can recover data. Most competing systems create backups in a way that you also need the backup tool for recovery. This introduces fragility into the setup. My experience has been that most people do not think or care about this, but I have spent many years thinking about how not to lose data. I have certain requirements for backup systems. “Robustness” is a big one.
Restic does fall into the second category of tool. If you have a copy of a Restic repository but the Restic project has imploded and you do not have or cannot execute the tool, you’re in for a bad time. But the reason Restic has been on my radar since the project first stated a decade ago (it takes me a while to adopt new backup software – also I recall it took them a while to implement compression) is that it is compiled to a single, statically linked Go binary. This means you can easily store the tool itself alongside (not within) your backups. You’re not going to do that with a sprawling Python project like Borg, which is why I continued to use rsnapshot for my local full-disk backups even after I adopted Borg for online backups.
But with Restic you can just cp the binary to the backup drive. And that’s what I do. Resnap also provides resnap-restore, a simple wrapper script that makes it easy to perform the restic restore ... operation during full-disk recovery. This too is stored on the backup drive alongside the binary.
What this means is that you can use Resnap to create a full-disk backup to an external drive and then bury that drive in your backyard for 25 years (properly sealed). After you dig it up, as long as you have the passphrase, can read the drive’s filesystem (ext4 for me), and can execute a binary compiled for whatever architecture you were using 25 years ago (x86-64 for me) – both highly likely given the commonality of those systems – you are going to have no problem restoring that data (subject to the physics of spinning rust). An unlikely scenario perhaps, but that’s sort of the data backup baseline we plan for here at pig-monkey.com.
I would have to relinquish my Street Samurai credentials if I didn't occasionally wear tabi booties.
Bedrock Cairns and Luna Tabu 2.0. Paired with the mirrorshades, I am led to understand that this is what The Youth refer to as a “fit”.
As a wise woman once said, “You can’t let the little pricks generation-gap you.”
Restic Adoption
After mulling it over for many cycles, I finally decided to migrate my online backups to Restic. As is my wont, I have published my solution as Restash so that members of the Pig Monkey Data Backups Fan Club can be like me.
The restash script will look pretty familiar to anyone who has been using my old Borg wrapper script. It is mostly the same basic structure, with Borg logic replaced with Restic logic, and two other significant differences.
Previously I ran the Borg wrapper hourly via a systemd timer, and used backitup to run the verification checks (and compacting) less frequently. Now the script has subcommands, and I use different systemd units to call the different functions on different schedules – backups more frequently, verification and pruning less frequently.
Previously I achieved redundancy by using Borg to backup hourly to my rsync.net account, while Tarsnap ran daily backups of a smaller subset of the same data. Now I’m using Restic to backup hourly to my rsync.net account, and also using Restic to backup the same data daily to a Backblaze B2 bucket. I’ve been an rsync.net customer since 2014 and I think highly of their service, but the B2 bucket is cheap insurance that helps me sleep better.
In the example config you will see that the SFTP_HOST is simply restic. That refers to an entry in my ~/.ssh/config, which looks something like this:
Host restic
Hostname abc123.rsync.net
User abc123
IdentityFile ~/.ssh/passphraseless-key
IdentitiesOnly yes
BatchMode yes
ServerAliveInterval 60
ServerAliveCountMax 3
The only other significant change from the old Borg wrapper script is that I broke out some of the config options, backup targets, and excludes to separate files to make it easier for you, my adoring public, to reuse the tool.
As hinted at in the README, I still use nmtrust to only execute backups on trusted networks. Don’t be a data litterer.
Rudy Mirrorshades
I find it useful to periodically review certain practices, in order to determine when I am doing something out of rote habit rather than intention. In that vein, a couple weeks ago I took the photochromic laser red lenses out of my Rudy Rydon spectacles that I’ve been rocking since 2011. In their place I inserted the Stealth ImpactX Photochromic 2 Black lenses that came with the Z87 Rydons.
The difference was immediate. Black (or grey) tinted lenses pretty much suck. They dim the day-star, but make everything look flat. Contrast disappears. Terrain becomes muted. This has significant practical disadvantages when you are out and about in the world. I had forgotten how much the red lenses were levelling up my capabilities by enhancing my visual acuity. Most of the time I’ve spent out-of-doors for the past 8 eight years has been spent wearing said red lenses, so to me this was not an augmented enhancement but instead was just the way the world looked.
The alternative lenses I always carry in my bag are the Polar 3FX Brown Laser (for environments where I want lenses that are polarized and/or darker – water and snow being the primary applications) but, like red, the brown tint also increases contrast. I do sometimes still wear the Micropores, but guess what tint those lenses have. Brown.
Still, I forced myself to wear the black (or grey) lenses for a week. I wanted to see if my opinion would change after I got used to them. Reader, it did not. But I did find myself wondering how much the “laser” treatment contributes to contrast. I had a coupon with Rudy, so I ordered the ImpactX Photochromic 2 Laser Black lenses. These have the same black (or grey) tint as the ones I was using, but with the laser treatment.
I’ve been wearing those lenses the past few days now, and they actually do seem better. I’m not constantly thinking about how flat everything looks, and I can see potholes and such. They certainly remain inferior to the contrast provided by red (or brown) lenses. Basically they make everyday look kind of gloomy and overcast, even when it isn’t. On the other hand, the silver mirrorshade effect does look bitchin’ – and that counts for something – but that’s likely the only reason to wear them. I think the bottom line is that if you’re wearing black (or grey) tinted lenses, you are leaving capability on the table.
If my karma is to be reincarnated as a razorgirl, the photochromic laser red lenses are probably what I’ll get surgically implanted.
Rohloff Gearing
When I had my Rohloff bike built, I was not initially sure what gearing to go with. In the rear I chose the 16-tooth sprocket, as that seemed pretty standard. On the front I decided to start with a 42-tooth chainring. With my 170mm cranks and 26x1.9” wheels, that gave me a range of 18.9 to 99.2 gear inches, or a gain ratio of 1.4 to 7.4.
On my derailleur bike, the setup that I’ve been running since 2018 gives me a range of 21.9 to 117.8 gear inches, or a gain ratio of 1.6 to 8.8. I had done plenty of touring on that and felt pretty good about it. So something similar, but a hair lower, seemed like a good place to start with the Rohloff build.
Since then I’ve done a couple big tours with the Rohloff, and plenty of smaller escapades. I sometimes found myself getting down to the low gears more than I thought I ought to, which made me think that I probably should slap on a smaller chainring. Last month I finally got around to doing so.
36 and 38 tooth chainrings both seem to be common for Rohloff touring builds with 16-tooth sprockets. I had one of Rivendell’s Silver 38-tooth chainrings in my spare parts bin, so that’s what I went with. (If I was buying a new chainring I would probably try out the Surly Stainless Chainring.) This gives me a range of 17.1 to 89.7 gear inches, or a gain ratio of 1.3 to 6.7 – dropping my low-end about 1” lower. While I have yet to do any loaded touring with it, I’ve been enjoying the new gearing while tooling around town and ripping up the local dirt on weekends. There is some significant mountain touring in my near-future that will let me give this a proper trial, but so far I think this was the right call.
Swapping chainrings was super easy thanks to the Bushnell Eccentric Bottom Bracket. I’m still using the same Wippermann Connex 808 chain.
Over in Jolly Old England, the Thorn people advocate for 19-tooth sprockets. They argue that the larger diameter means that the chain doesn’t have to make such a tight bend, which makes for less opportunity for dirt to get inside the plates, thus leading to longer chain life, which in turn leads to longer sprocket life. That makes sense to me, and someday when my 16-tooth sprocket needs replacing I may try a 19-tooth. In that case I’d probably put the 42-tooth chainring back on, which would keep me in the same gearing neighborhood as what I currently have with the 38x16.
Make VMs Great Again
I have trust issues.
When Claude Code was released last year I was interested in playing with it, but struggled to find a way to run it in a secure, isolated manner. Trusting its own sandbox was obviously not in the cards. I explored other people’s solutions – mostly using things like Bubblewrap and Docker – but none of them fully satisfied me. It also quickly became evident that most of the value from using Claude Code comes from the --dangerously-skip-permissions argument, which gives it the ability to pursue a targeted task without constant permission requests. This requires even stricter isolation.
Eventually I landed on a full virtual machine being the only viable option. I reinstalled Vagrant for the first time in almost a decade and was off to the races.
I was a heavy user of Vagrant in the twenty-teens. I still really like the interface. But when revisiting it today the software felt rather heavy and clunky. It defaults to using VirtualBox, which has its own set of issues. There is a community provided libvirt plugin, but that seems largely abandoned. “Abandoned” seems to be the word for most of the Vagrant community – probably caused in part by the license change.
So for the past month I’ve been building Migrant, a lightweight VM management tool for running assumed-malicious AI agents in ephemeral environments. The heavy lifting is done by libvirt and QEMU. Migrant started out as just a way to get a more Vagrant-like interface with modern tooling. I use cloud-init to initialize the image, Ansible to configure it, and libvirt for the VM management. But because the whole raison d’ĂȘtre of the project is the fact that non-deterministic systems are inherently untrustworthy, Migrant expanded to have a suite of security features. It has network isolation, so the agent can’t compromise the rest of your LAN. It has shared folder isolation, so that the agent can’t exhaust the host disk or engage in any symlink traversal shenanigans. It has WireGuard tunnel support, implemented host-side such that the VM cannot bypass it (because why wouldn’t you want to run all your agents through Mullvad).
I think it’s pretty great. I use it regularly.
Migrant also serves as my testament as to how agentic coding should work. I’ve written it using Claude Code (initially running in a Vagrant-managed VM, but since the first public commit I’ve been building Migrant-in-Migrant), but it is the antithesis of “vibe coding”. I design the systems. I tell the agent how things should work. I review every line of code it produces. Most of the time I reject its first attempts. I take ownership of and responsibility for commits. The result, I think, is a pretty reasonable looking codebase.
My conclusion thus far is that coding agents are useful tools. They’re an accelerant. They’re great for exploring a problem space. There’s no going back to software development without them, but if they’re not being actively driven by an opinionated human with domain-knowledge and expertise, what they produce is mostly crap. Maybe that will change the future. For now, if you’re not challenging every line of output from the clankers, you’re doing it wrong. I suspect this applies equally to the application of LLMs in other areas, but personally I haven’t found LLMs to be useful for anything other than writing code.
Tracking Investments with Ledger
I have a few investment accounts I track with Ledger. Ledger has ways of tracking commodities that are too complex for me. My investments are index funds of different flavors. I neither know nor care to know what individual components they consist of. They mostly manage themselves. I do want to know their balance, but I do not care to think about them more than a few times per year, so the up-to-date-ness factor can be pretty low (which is the complete opposite of everything else that I track in Ledger).
I represent these things in Ledger using an asset account for the fund, with subaccounts for contributions, earnings, and fees.
Contributions into the accounts are entered as soon as they happen, since those contributions are being debited out of an account where the up-to-date-ness factor is critical. So a transfer from my bank account to my Roth IRA may look like this:
2025-02-01 Investment Company
Assets:Invest:RothIRA:Contributions $1000.00
Assets:Bank:Checking
Earnings and fees are tracked, but I only make those entries about once per quarter. However, the investment companies provide monthly statements. That level of granularity can be useful to have stored. So when I perform my quarterly updates, I’ll download each of the monthly statements from the past quarter and use them to make three sets of entries – two per month for the three months in the quarter. For example, in January 2026 I might make entries for the 2025 Q4 activity such as:
2025-10-31 * Investment Company
Assets:Invest:RothIRA:Earnings $79.05
Income:Invest:Earnings
2025-10-31 * Investment Company
Expenses:Fees:Invest $1.05
Assets:Invest:RothIRA:Fees
2025-11-30 * Investment Company
Assets:Invest:RothIRA:Earnings $103.25
Income:Invest:Earnings
2025-11-30 * Investment Company
Expenses:Fees:Invest $2.20
Assets:Invest:RothIRA:Fees
2025-12-31 * Investment Company
Assets:Invest:RothIRA:Earnings $-13.82
Income:Invest:Earnings
2025-12-31 * Investment Company
Expenses:Fees:Invest $1.31
Assets:Invest:RothIRA:Fees
Before making the first entry, I will ask Ledger for the balance of Assets:Invest:RothIRA as of 2025-10-01 and confirm that the value matches the October statement’s opening balance. I will then read the total earnings and fees from the October statement and make the two October entries in my journal. Then I ask Ledger for the balance of the account as of 2025-10-31 and make sure the reported value matches the statement’s closing balance. Rinse and repeat for the next two months. I can ignore any contributions mentioned on the statement because those entries were already entered in my journal whenever I made the contribution.
These transactions are marked as cleared with the * symbol as I write the entry because the data comes direct from the statement of past activity. There is no separate reconciliation process.
The PDF statements themselves then get stored, but (unlike receipts, invoices, and checks) that happens in a different repository.
Doing things this way allows me to query for the value of the accounts (as of the last quarter or so), have some idea of how they are performing, and keep track of fees. I don’t really care to know any more details than this, nor do I care to think about these accounts with any more frequency than this.
Tax Payments with Ledger
How I record taxes in Ledger is pretty simple. In my demonstration of how I record salary payments the example entry included tax deductions that show the basic account structure.
2025-12-26 Acme Inc
Assets:Bank:Checking $1000.00
Expenses:Tax:Federal:FY2025 $200.00
Expenses:Tax:State:FY2025 $50.00
Expenses:Insurance:Medical $20.00
Income:Salary
I pay state and federal taxes, so I have two main accounts: Expenses:Tax:Federal and Expenses:Tax:State.
Tax payments (and refunds for overpayments) can occur in years other than the tax years that the payments are related to. This requires some way to query transactions by tax years rather than just the posting date. You could do this by tagging the transactions, but I prefer to use a fourth account level to indicate the fiscal year. Thus my 2025 taxes live in Expenses:Tax:Federal:FY2025 and Expenses:Tax:State:FY2025.
If I pay an accountant to help me file taxes, I will log the payment against the Expenses:Tax:Preparation account, which uses the same fiscal year subaccount.
2026-02-01 The Accountant
Expenses:Tax:Preparation:FY2025 $100.00
Assets:Bank:Checking
If I receive a federal refund in March, I will debit it out of the appropriate tax account. I also tag these transactions with refund-tax so I can easily query them later.
2026-03-15 IRS
; 2025 Tax Refund
; :refund-tax:
Assets:Bank:Checking $1000.00
Expenses:Tax:Federal:FY2025
If instead I discover that I still owe federal taxes in March, I will credit the payment into the appropriate tax account. I tag these transactions with final-tax so I can easily query them later.
2026-03-15 IRS
; 2025 Federal Taxes
; :final-tax:
Expenses:Tax:Federal:FY2025 $1000.00
Assets:Bank:Checking
Some years I have made quarterly estimated tax payments instead of having taxes withheld from my paycheck. These entries look as you would expect, but I tag them with estimated-tax as well as the quarter number for future queries.
2025-09-02 IRS
; 2025 Q3 Estimated Tax
; :estimated-tax:q3:
Expenses:Tax:Federal:FY2025 $1000.00
Assets:Bank:Checking
The bottom line with all of this is that I can do a simple ledger balance fy2025 and see a complete and easy to understand picture of my 2025 taxes. Or I can run ledger balance expenses:tax:federal to see what I’ve paid in federal taxes over the past 14 years, broken out by year.
As with most things related to Ledger, this seems like pretty basic stuff when you’re doing it but becomes a superpower when you realize how most of the rest of the world lives.
Salary Tracking with Ledger
In my previous descriptions of how I perform plain text accounting I did not discuss logging salary income with Ledger. My basic strategy is to create an entry with all the same data that appears on the paystub. The only number that actually matters to me is whatever amount ends up in my bank account, but it is still important to have withholdings documented for later querying.
A simplified entry would look like this:
2025-12-26 Acme Inc
Assets:Bank:Checking $1000.00
Expenses:Tax:Federal:FY2025 $200.00
Expenses:Tax:State:FY2025 $50.00
Expenses:Insurance:Medical $20.00
Income:Salary
At the time of entry, I store a PDF of the paystub just like a receipt. (In Ye Olden Days this came from scanning a piece of paper, but now I just download the PDF from a web site.) This entry will be reconciled and get cleared with the * mark the next time I login to the bank account and verify the amount I received.
If I want to know how much money the employer or a government thinks I made last year, I can just ask Ledger for the balance of the Income:Salary account.
$ ledger balance income:salary --period 2025
$-1270.00 Income:Salary
However, this number has no real bearing on my reality. What is much more useful to me is the ability to query how much money I actually received last year, e.g. my take-home pay. I can do this by asking Ledger to show the balance of the bank account, limiting it to postings that involved the Income:Salary account.
$ ledger balance assets:bank:checking -l "any(account =~ /Income:Salary/)" --period 2025
$1000.00 Assets:Bank:Checking
If the only financial relationship you have with your employer is them giving you money in the form of a salary, then you could simplify this by just asking Ledger for the balance of transactions in the bank account from that payee.
$ ledger balance assets:bank:checking and "@Acme Inc" --period 2025
However, my employer sells stuff, and sometimes I buy that stuff, so for me the above query would show me my salary less my employee purchases. Which is mostly worthless.
When I receive a W-2 after the end of the year, I check all of its entries – gross pay, pre- and post-tax deductions, etc – against Ledger with a simple ledger balance "@Acme Inc" --period 2025. Having all this data stored locally in queryable plain text, rather than needing to access some web portal or read through various PDFs like a prehistoric savage, is a key life strategy for me.
Night Moves
After falling out of the habit for a few months, I resumed my night runs at the end of December. I’ve been back into it for about a month now. It’s great, speed-running night city, just me and the coyotes.
New to this cycle, I now stop at one of those outdoor fitness areas near the end of my run and knock out some pull-ups. (It turns out using a bar is in fact easier than my normal finger pull-ups.) There’s usually a couple other weirdos there.
I brush my teeth while standing on one foot.
It takes about two minute to brush your teeth. These two minutes are an opportunity to improve balance and ankle strength. Sometimes I switch feet halfway through, other times I’m feeling more ambitious and will balance on one foot in the morning and the other that night.
Better Living Through Getting Stomped
Four years ago I started going to a Thai massage parlor.
This is the practice where they walk on your back, drive their elbows and the heel of their palms into you, and sometimes tie your limbs into knots. My findings are that the older and smaller the Thai lady, the more brutally she stomps on you. I spend much of the session attempting to practice the Vipassana body sweep technique under duress and trying not to vocalize the pain. It’s great and I love it.
They would of course lessen the pressure if asked, but this is both incompatible with my male ego and would go against the teachings of the Bodhisattva in the incarnation known as Patrick Swayze.
If I were a rich man I would go monthly, but I am not, so I limit myself to three or four times per year. I consider this a component of my prana-bindu training.
Just Another Saturday
Two weeks ago I lost power from about 14:00 till about 21:00. This had negligible impact on my day. I took out my lamp and continued with the itinerary. My time was spent:
It was just another Saturday afternoon.
I threw Lee and Brian at judo today. Lee is 14, and Brian is 13 but taller and heavier.
I told Sibylla & she asked what my teacher had said. I said he had said it was very good.
Sibylla said that didn’t sound very character-building. I said most authorities on child psychology said a child should be given encouragement and reinforcement. Sib said Bandura and who else? I said everybody else. I didn’t say that the authorities also said a parent had to be able to set limits because I was afraid she might suddenly decide to make up for lost time and set a lot of limits.
Sibylla said: Well just remember Richie, becoming the great judo champion is not the end of the story.
I said I didn’t think I was the great judo champion just because I could beat Lee and Brian at Bermondsey Boys Junior Judo.
Sibylla said: It isn’t a question of beating X and Y. What if there’s no one you can’t beat? It’s a question of perfecting your skill and achieving satori. What on earth are they teaching you in this class?
I said we mainly concentrated on learning how to throw people to the ground. Sib said: Must I do everything myself? She was grinning from ear to ear.
Helen Dewitt, The Last Samurai
Notes
- ↵ Of course I had to boil water on my gas stove like a savage instead of using the electric kettle.