home.social

Search

1000 results for “Eli_like_a_lie”

  1. Angry Metal Guy @[email protected] ·
    Unverkalt – Héréditaire Review By Thus Spoke

    Reviewing albums explicitly labelled post-metal always seems to bring out my inner pedant. I know all genre labels are kind of meaningless, but post-metal specifically seems to simply be slapped onto anything with fewer riffs than your average atmo-black record, but a lot more cleans. Nonetheless, you know what it sounds like, in essence. If that essence had form, it could be Unverkalt on their third LP Héréditaire. Born in Greece and now split between Greece and Germany, Unverkalt’s self-styled avant-garde approach to post-metal takes its “heaviest and most heartfelt” form on this album, which also marks their signing with Season of Mist. Unknown to me beforehand, promotional references to Cut of Luna and Sylvaine in particular caught my eye, along with the art. I’m glad I picked it up because Unverkalt have something that approaches brilliance at many times. But in embodying the vague yet recognisable subgenre—and sounding good whilst doing it—Héréditaire fails to go further than the safety of the minimum required.

    Ignore the artist touchstones in the promo; Unverkalt has little meaningful in common with them: a female lead vocalist is about where that starts and ends. If anything, the aura reflects more Harakiri for the Sky, Heretoir, or maybe Frayle. Lead vocalist Dimitra Kalavrezou sings with a distinctive, somewhat sweet intonation, and screams with articulate fierceness—impressive considering this is her first record providing harsh vocals. Her voice is joined by that of guitarist Eli Mavrychev and—in a late-album highlight—Sakis Tolis (“I, The Deceit”), often layered and intermingled to lend a chorus-of-many-voices air that can be quite powerful. This sense of solidarity and humanity ties into Héréditaire’s overt emotionality—easily its greatest asset—which revolves around mournful yet uplifting themes that rise from softly resonant notes into the (regrettably blurry) weeping of tremolo and chunky riffs. It’s through the continued swell and fade of each composition that we get to see the greats that Unverkalt is capable of.

    Héréditaire by Unverkalt

    Even as songs tend to repeat the same pattern, most manage to draw the listener in. Synths (“Oath ov Prometheus”), vaguely MENA-style saxophone (“Ænæ Lithi”), and sprinklings of piano (“Penumbrian Lament”), and humming strings (“Maladie de l’Esprit”)1 float in and out, and I only wish they were used more. Harnessing the drama of surging, urgent riffs (“Die Auslöschung,” “Oath ov Prometheus”) and heartfelt group screams and singing (“Death is Forever,” “A Lullaby for the Descent”), the iterated compositions win you over by sheer force. These plainly beautiful melodies and ardent vocal performances are inextricable, each lending the other a level of strength and gravity neither could claim in isolation. Some songs stand head and shoulders above others in this regard: “Die Auslöschung,” “Death is Forever,” “Maladie de l’Esprit,” and in particular, “I, the Deceit,” where Sakis Tolis brings not only his voice but a distinctly Scandinavian melodeath2 vibe to a song where he and Dimitria also duet in their shared native tongue. That song and many others are also examples of Unverkalt’s strange, quasi-pop-rock leanings that they incorporate through the use of bobbing, understated clean refrains that slingshot back into something heavier or more atmospheric (“Oath ov Prometheus,” “A Lullaby for the Descent,” “Introjects”). This weirdness sharpens Unverkalt’s style and works surprisingly well.

    Héréditaire thus brims with feeling, strong melodies, and potential. Undeniably stirring at its best (“Die Auslöschung,” “I, the Deceit,” “Maladie de l’Esprit”), and with little idiosyncrasies of style giving it distinction, as a whole it feels oddly unrealised. One culprit is the shockingly compressed mix, which robs the guitars of their body and drums of their bite. Given the vocal range on display and the elements of instrumental experimentation (horns, piano, etc), this would sound far better with a roomier production. But it’s primarily the overly repetitive structure of the compositions that causes issues. Though the passion of the singing or screaming, and the force of a good melody cause you to briefly forget, every song follows essentially the same trajectory—or rather, the same sequence of things repeats across the album, sometimes spanning between songs. Whispers or quiet singing, a steady beat and post-rock atmosphere, black-adjacent speed and screaming, and a lapse into a swaying tempo. With nine tracks adding up to around 50 minutes, you start to notice.

    I don’t want to rag on Héréditarire too much; it’s a good album. The fervency and melancholia of the vocal performances—from Dimitria especially—and melodies show the passion behind the project, and there’s a thread of individuality that could pull them out of obscurity. But for as expressive, intriguing, and compelling as their music often is, Unverkalt’s reluctance—or inability—to step outside of a template holds them down when they could be soaring.

    Rating: Good
    DR: 5 | Format Reviewed: 320 kbps mp3
    Label: Season of Mist
    Websites: Bandcamp | Facebook
    Releases Worldwide: February 27th, 2026

    #2026 #30 #Feb26 #Frayle #GermanMetal #GreekMetal #HarakiriForTheSky #Héréditaire #Heretoir #PostRock #PostBlackMetal #PostMetal #Review #Reviews #SakisTolis #SeasonOfMist #Unverkalt
    #feb26 #frayle #germanmetal #greekmetal #harakiriforthesky #hereditaire
  2. Angry Metal Guy @[email protected] ·
    Unverkalt – Héréditaire Review By Thus Spoke

    Reviewing albums explicitly labelled post-metal always seems to bring out my inner pedant. I know all genre labels are kind of meaningless, but post-metal specifically seems to simply be slapped onto anything with fewer riffs than your average atmo-black record, but a lot more cleans. Nonetheless, you know what it sounds like, in essence. If that essence had form, it could be Unverkalt on their third LP Héréditaire. Born in Greece and now split between Greece and Germany, Unverkalt’s self-styled avant-garde approach to post-metal takes its “heaviest and most heartfelt” form on this album, which also marks their signing with Season of Mist. Unknown to me beforehand, promotional references to Cut of Luna and Sylvaine in particular caught my eye, along with the art. I’m glad I picked it up because Unverkalt have something that approaches brilliance at many times. But in embodying the vague yet recognisable subgenre—and sounding good whilst doing it—Héréditaire fails to go further than the safety of the minimum required.

    Ignore the artist touchstones in the promo; Unverkalt has little meaningful in common with them: a female lead vocalist is about where that starts and ends. If anything, the aura reflects more Harakiri for the Sky, Heretoir, or maybe Frayle. Lead vocalist Dimitra Kalavrezou sings with a distinctive, somewhat sweet intonation, and screams with articulate fierceness—impressive considering this is her first record providing harsh vocals. Her voice is joined by that of guitarist Eli Mavrychev and—in a late-album highlight—Sakis Tolis (“I, The Deceit”), often layered and intermingled to lend a chorus-of-many-voices air that can be quite powerful. This sense of solidarity and humanity ties into Héréditaire’s overt emotionality—easily its greatest asset—which revolves around mournful yet uplifting themes that rise from softly resonant notes into the (regrettably blurry) weeping of tremolo and chunky riffs. It’s through the continued swell and fade of each composition that we get to see the greats that Unverkalt is capable of.

    Héréditaire by Unverkalt

    Even as songs tend to repeat the same pattern, most manage to draw the listener in. Synths (“Oath ov Prometheus”), vaguely MENA-style saxophone (“Ænæ Lithi”), and sprinklings of piano (“Penumbrian Lament”), and humming strings (“Maladie de l’Esprit”)1 float in and out, and I only wish they were used more. Harnessing the drama of surging, urgent riffs (“Die Auslöschung,” “Oath ov Prometheus”) and heartfelt group screams and singing (“Death is Forever,” “A Lullaby for the Descent”), the iterated compositions win you over by sheer force. These plainly beautiful melodies and ardent vocal performances are inextricable, each lending the other a level of strength and gravity neither could claim in isolation. Some songs stand head and shoulders above others in this regard: “Die Auslöschung,” “Death is Forever,” “Maladie de l’Esprit,” and in particular, “I, the Deceit,” where Sakis Tolis brings not only his voice but a distinctly Scandinavian melodeath2 vibe to a song where he and Dimitria also duet in their shared native tongue. That song and many others are also examples of Unverkalt’s strange, quasi-pop-rock leanings that they incorporate through the use of bobbing, understated clean refrains that slingshot back into something heavier or more atmospheric (“Oath ov Prometheus,” “A Lullaby for the Descent,” “Introjects”). This weirdness sharpens Unverkalt’s style and works surprisingly well.

    Héréditaire thus brims with feeling, strong melodies, and potential. Undeniably stirring at its best (“Die Auslöschung,” “I, the Deceit,” “Maladie de l’Esprit”), and with little idiosyncrasies of style giving it distinction, as a whole it feels oddly unrealised. One culprit is the shockingly compressed mix, which robs the guitars of their body and drums of their bite. Given the vocal range on display and the elements of instrumental experimentation (horns, piano, etc), this would sound far better with a roomier production. But it’s primarily the overly repetitive structure of the compositions that causes issues. Though the passion of the singing or screaming, and the force of a good melody cause you to briefly forget, every song follows essentially the same trajectory—or rather, the same sequence of things repeats across the album, sometimes spanning between songs. Whispers or quiet singing, a steady beat and post-rock atmosphere, black-adjacent speed and screaming, and a lapse into a swaying tempo. With nine tracks adding up to around 50 minutes, you start to notice.

    I don’t want to rag on Héréditarire too much; it’s a good album. The fervency and melancholia of the vocal performances—from Dimitria especially—and melodies show the passion behind the project, and there’s a thread of individuality that could pull them out of obscurity. But for as expressive, intriguing, and compelling as their music often is, Unverkalt’s reluctance—or inability—to step outside of a template holds them down when they could be soaring.

    Rating: Good
    DR: 5 | Format Reviewed: 320 kbps mp3
    Label: Season of Mist
    Websites: Bandcamp | Facebook
    Releases Worldwide: February 27th, 2026

    #2026 #30 #Feb26 #Frayle #GermanMetal #GreekMetal #HarakiriForTheSky #Héréditaire #Heretoir #PostRock #PostBlackMetal #PostMetal #Review #Reviews #SakisTolis #SeasonOfMist #Unverkalt
    #feb26 #frayle #germanmetal #greekmetal #harakiriforthesky #hereditaire
  3. Angry Metal Guy @[email protected] ·
    Unverkalt – Héréditaire Review By Thus Spoke

    Reviewing albums explicitly labelled post-metal always seems to bring out my inner pedant. I know all genre labels are kind of meaningless, but post-metal specifically seems to simply be slapped onto anything with fewer riffs than your average atmo-black record, but a lot more cleans. Nonetheless, you know what it sounds like, in essence. If that essence had form, it could be Unverkalt on their third LP Héréditaire. Born in Greece and now split between Greece and Germany, Unverkalt’s self-styled avant-garde approach to post-metal takes its “heaviest and most heartfelt” form on this album, which also marks their signing with Season of Mist. Unknown to me beforehand, promotional references to Cut of Luna and Sylvaine in particular caught my eye, along with the art. I’m glad I picked it up because Unverkalt have something that approaches brilliance at many times. But in embodying the vague yet recognisable subgenre—and sounding good whilst doing it—Héréditaire fails to go further than the safety of the minimum required.

    Ignore the artist touchstones in the promo; Unverkalt has little meaningful in common with them: a female lead vocalist is about where that starts and ends. If anything, the aura reflects more Harakiri for the Sky, Heretoir, or maybe Frayle. Lead vocalist Dimitra Kalavrezou sings with a distinctive, somewhat sweet intonation, and screams with articulate fierceness—impressive considering this is her first record providing harsh vocals. Her voice is joined by that of guitarist Eli Mavrychev and—in a late-album highlight—Sakis Tolis (“I, The Deceit”), often layered and intermingled to lend a chorus-of-many-voices air that can be quite powerful. This sense of solidarity and humanity ties into Héréditaire’s overt emotionality—easily its greatest asset—which revolves around mournful yet uplifting themes that rise from softly resonant notes into the (regrettably blurry) weeping of tremolo and chunky riffs. It’s through the continued swell and fade of each composition that we get to see the greats that Unverkalt is capable of.

    Héréditaire by Unverkalt

    Even as songs tend to repeat the same pattern, most manage to draw the listener in. Synths (“Oath ov Prometheus”), vaguely MENA-style saxophone (“Ænæ Lithi”), and sprinklings of piano (“Penumbrian Lament”), and humming strings (“Maladie de l’Esprit”)1 float in and out, and I only wish they were used more. Harnessing the drama of surging, urgent riffs (“Die Auslöschung,” “Oath ov Prometheus”) and heartfelt group screams and singing (“Death is Forever,” “A Lullaby for the Descent”), the iterated compositions win you over by sheer force. These plainly beautiful melodies and ardent vocal performances are inextricable, each lending the other a level of strength and gravity neither could claim in isolation. Some songs stand head and shoulders above others in this regard: “Die Auslöschung,” “Death is Forever,” “Maladie de l’Esprit,” and in particular, “I, the Deceit,” where Sakis Tolis brings not only his voice but a distinctly Scandinavian melodeath2 vibe to a song where he and Dimitria also duet in their shared native tongue. That song and many others are also examples of Unverkalt’s strange, quasi-pop-rock leanings that they incorporate through the use of bobbing, understated clean refrains that slingshot back into something heavier or more atmospheric (“Oath ov Prometheus,” “A Lullaby for the Descent,” “Introjects”). This weirdness sharpens Unverkalt’s style and works surprisingly well.

    Héréditaire thus brims with feeling, strong melodies, and potential. Undeniably stirring at its best (“Die Auslöschung,” “I, the Deceit,” “Maladie de l’Esprit”), and with little idiosyncrasies of style giving it distinction, as a whole it feels oddly unrealised. One culprit is the shockingly compressed mix, which robs the guitars of their body and drums of their bite. Given the vocal range on display and the elements of instrumental experimentation (horns, piano, etc), this would sound far better with a roomier production. But it’s primarily the overly repetitive structure of the compositions that causes issues. Though the passion of the singing or screaming, and the force of a good melody cause you to briefly forget, every song follows essentially the same trajectory—or rather, the same sequence of things repeats across the album, sometimes spanning between songs. Whispers or quiet singing, a steady beat and post-rock atmosphere, black-adjacent speed and screaming, and a lapse into a swaying tempo. With nine tracks adding up to around 50 minutes, you start to notice.

    I don’t want to rag on Héréditarire too much; it’s a good album. The fervency and melancholia of the vocal performances—from Dimitria especially—and melodies show the passion behind the project, and there’s a thread of individuality that could pull them out of obscurity. But for as expressive, intriguing, and compelling as their music often is, Unverkalt’s reluctance—or inability—to step outside of a template holds them down when they could be soaring.

    Rating: Good
    DR: 5 | Format Reviewed: 320 kbps mp3
    Label: Season of Mist
    Websites: Bandcamp | Facebook
    Releases Worldwide: February 27th, 2026

    #2026 #30 #Feb26 #Frayle #GermanMetal #GreekMetal #HarakiriForTheSky #Héréditaire #Heretoir #PostRock #PostBlackMetal #PostMetal #Review #Reviews #SakisTolis #SeasonOfMist #Unverkalt
    #unverkalt #seasonofmist #sakistolis #reviews #review #postmetal
  4. Angry Metal Guy @[email protected] ·
    Unverkalt – Héréditaire Review By Thus Spoke

    Reviewing albums explicitly labelled post-metal always seems to bring out my inner pedant. I know all genre labels are kind of meaningless, but post-metal specifically seems to simply be slapped onto anything with fewer riffs than your average atmo-black record, but a lot more cleans. Nonetheless, you know what it sounds like, in essence. If that essence had form, it could be Unverkalt on their third LP Héréditaire. Born in Greece and now split between Greece and Germany, Unverkalt’s self-styled avant-garde approach to post-metal takes its “heaviest and most heartfelt” form on this album, which also marks their signing with Season of Mist. Unknown to me beforehand, promotional references to Cut of Luna and Sylvaine in particular caught my eye, along with the art. I’m glad I picked it up because Unverkalt have something that approaches brilliance at many times. But in embodying the vague yet recognisable subgenre—and sounding good whilst doing it—Héréditaire fails to go further than the safety of the minimum required.

    Ignore the artist touchstones in the promo; Unverkalt has little meaningful in common with them: a female lead vocalist is about where that starts and ends. If anything, the aura reflects more Harakiri for the Sky, Heretoir, or maybe Frayle. Lead vocalist Dimitra Kalavrezou sings with a distinctive, somewhat sweet intonation, and screams with articulate fierceness—impressive considering this is her first record providing harsh vocals. Her voice is joined by that of guitarist Eli Mavrychev and—in a late-album highlight—Sakis Tolis (“I, The Deceit”), often layered and intermingled to lend a chorus-of-many-voices air that can be quite powerful. This sense of solidarity and humanity ties into Héréditaire’s overt emotionality—easily its greatest asset—which revolves around mournful yet uplifting themes that rise from softly resonant notes into the (regrettably blurry) weeping of tremolo and chunky riffs. It’s through the continued swell and fade of each composition that we get to see the greats that Unverkalt is capable of.

    Héréditaire by Unverkalt

    Even as songs tend to repeat the same pattern, most manage to draw the listener in. Synths (“Oath ov Prometheus”), vaguely MENA-style saxophone (“Ænæ Lithi”), and sprinklings of piano (“Penumbrian Lament”), and humming strings (“Maladie de l’Esprit”)1 float in and out, and I only wish they were used more. Harnessing the drama of surging, urgent riffs (“Die Auslöschung,” “Oath ov Prometheus”) and heartfelt group screams and singing (“Death is Forever,” “A Lullaby for the Descent”), the iterated compositions win you over by sheer force. These plainly beautiful melodies and ardent vocal performances are inextricable, each lending the other a level of strength and gravity neither could claim in isolation. Some songs stand head and shoulders above others in this regard: “Die Auslöschung,” “Death is Forever,” “Maladie de l’Esprit,” and in particular, “I, the Deceit,” where Sakis Tolis brings not only his voice but a distinctly Scandinavian melodeath2 vibe to a song where he and Dimitria also duet in their shared native tongue. That song and many others are also examples of Unverkalt’s strange, quasi-pop-rock leanings that they incorporate through the use of bobbing, understated clean refrains that slingshot back into something heavier or more atmospheric (“Oath ov Prometheus,” “A Lullaby for the Descent,” “Introjects”). This weirdness sharpens Unverkalt’s style and works surprisingly well.

    Héréditaire thus brims with feeling, strong melodies, and potential. Undeniably stirring at its best (“Die Auslöschung,” “I, the Deceit,” “Maladie de l’Esprit”), and with little idiosyncrasies of style giving it distinction, as a whole it feels oddly unrealised. One culprit is the shockingly compressed mix, which robs the guitars of their body and drums of their bite. Given the vocal range on display and the elements of instrumental experimentation (horns, piano, etc), this would sound far better with a roomier production. But it’s primarily the overly repetitive structure of the compositions that causes issues. Though the passion of the singing or screaming, and the force of a good melody cause you to briefly forget, every song follows essentially the same trajectory—or rather, the same sequence of things repeats across the album, sometimes spanning between songs. Whispers or quiet singing, a steady beat and post-rock atmosphere, black-adjacent speed and screaming, and a lapse into a swaying tempo. With nine tracks adding up to around 50 minutes, you start to notice.

    I don’t want to rag on Héréditarire too much; it’s a good album. The fervency and melancholia of the vocal performances—from Dimitria especially—and melodies show the passion behind the project, and there’s a thread of individuality that could pull them out of obscurity. But for as expressive, intriguing, and compelling as their music often is, Unverkalt’s reluctance—or inability—to step outside of a template holds them down when they could be soaring.

    Rating: Good
    DR: 5 | Format Reviewed: 320 kbps mp3
    Label: Season of Mist
    Websites: Bandcamp | Facebook
    Releases Worldwide: February 27th, 2026

    #2026 #30 #Feb26 #Frayle #GermanMetal #GreekMetal #HarakiriForTheSky #Héréditaire #Heretoir #PostRock #PostBlackMetal #PostMetal #Review #Reviews #SakisTolis #SeasonOfMist #Unverkalt
    #feb26 #frayle #germanmetal #greekmetal #harakiriforthesky #hereditaire
  5. [BITES YOU]🎨📷🔞 @[email protected] ·

    Daily old(ish) piece 237!

    "The subject was spotted wandering aimlessly and photographed for recording before being put down. The locals were astounded by how the animal could still move at all, let alone stand and walk, as normally individuals at this stage of the infection will just lay down and let their bodies slowly be consumed by opportunistic life forms (see: hebeloma aminophilum growing out of the unfortunate giraffe’s body). Contrary to how they are depicted in most horror stories, animals and people that are at the “undead” stage of the infection are not hungry monsters that will chase and attack anyone on sight. However, it is still advised to approach them with extreme caution, or avoid them at all if possible, as they are hyperreactive to external stimuli and will lash out if provoked due to the pain and confusion they are experiencing (much like the excitative stage of rabies), especially if they cannot see anymore due to decay or loss of the eyes. A scratch or bite from an infected individual is not an automatic death sentence, but it should be disinfected and treated as soon as possible."

    Part of a project I’ve been working on, I wanna go into horror art more and eventually I’d like to develop my own zombie apocalypse concept.

    From 2024


    #eli's-art #art #digital-art #procreate #drawing #illustration #original-art #horror #horror-art #body-horror #terror-tuesday #zombie #zombie-apocalypse #old-piece
    #oldpiece #zombieapocalypse #zombie #terrortuesday #bodyhorror #horrorart
  6. Miguel Afonso Caetano @[email protected] ·

    "AI 2027 and AI as Normal Technology were both published in April of this year. Both were read much more widely than we, their authors, expected.

    Some of us (Eli, Thomas, Daniel, the authors of AI 2027) expect AI to radically transform the world within the next decade, up to and including such sci-fi-sounding possibilities as superintelligence, nanofactories, and Dyson swarms. Progress will be continuous, but it will accelerate rapidly around the time that AIs automate AI research.

    Others (Sayash and Arvind, the authors of AI as Normal Technology) think that the effects of AI will be much more, well, normal. Yes, we can expect economic growth, but it will be the gradual, year-on-year improvement that accompanied technological innovations like electricity or the internet, not a radical break in the arc of human history.

    These are substantial disagreements, which have been partially hashed out here and here.

    Nevertheless, we’ve found that all of us have more in common than you might expect.

    In this essay, we’ve come together to discuss the ways in which we agree with each other on how AI progress is likely to proceed (or fail to proceed) over the next few years."

    asteriskmag.substack.com/p/com

    #AI #GenerativeAI #AI2027 #AGI #AIAsNormalTechnology #NormalTechnology

    #ai #generativeai #ai2027 #agi #aiasnormaltechnology #normaltechnology
  7. swtyndall.notwhatwethink @[email protected] ·
    CW: Part 2 There is something very disturbing about these freedom caucus members' support for Putin, attempts to destroy democracy, social security and whole agencies and their funding by Peter Theil and Koch. "Is this all a continuation of Trump’s January 6th coup attempt and his desire to convert America from a democracy into a despotic strongman-rule nation aligned with Russia?" Is the Anti-McCarthy Crowd in the Bag for the Billionaires, Putin, or Both?

    Part 2
    There is something very disturbing about these freedom caucus members' support for Putin, attempts to destroy democracy, social security and whole agencies and their funding by Peter Theil and Koch.

    "Is this all a continuation of Trump’s January 6th coup attempt and his desire to convert America from a democracy into a despotic strongman-rule nation aligned with Russia?"

    Is the Anti-McCarthy Crowd in the Bag for the Billionaires, Putin, or Both? hartmannreport.com/p/is-the-an

    #GOPTreason
    #GOPHatesDemocracy
    #GOPInBedWithRich
    #PutinHatesDemocracy
    #GOPInBedWithPutin
    #GOPOligarchPuppets
    #WantTheirSerfsBack

    “It's becoming clear now: This is January 6th, Episode II. The Freedom Caucus is demanding debt default, which will spark a ~$15T global financial crisis. COVID was ~$4T. This will only help Putin and his BRICS+/GGC allies.”

    Skeptical but curious, I plugged the names of each of the 20 Republicans who voted against McCarthy in the first vote yesterday into a search engine along with the word “Russia.” Here’s what I found about 15 of them:

    Andy Biggs voted against legislation to document Russian war crimes in Ukraine, as did Paul Gosar and Scott Perry.

    Matt Gaetz, Dan Bishop, Paul Gosar, Ralph Norman, and Scott Perry all voted against suspending normal trade relations with Russia and Belarus.

    Dan Bishop, Matt Gaetz, Andy Biggs, Paul Gosar, and Chip Roy all voted against a bill to ban imports of Russian oil and gas.

    Those four also voted against legislation to strip Russia from “most favored nation status” by the World Trade Organization.

    Paul Gosar and Matt Rosendale both voted against a resolution that reaffirmed US support for Ukrainian sovereignty.

    John Brecheen is new to Congress, but when asked by his local newspaper about whether America should support Ukraine against the Russian invasion he replied, “My position is I would not have voted for funding of war.”

    Michael Cloud tweeted: “The Biden Admin has ignored a year-long invasion at our southern border but is considering risking the lives of U.S. soldiers to protect Ukraine's border? Ukraine is thousands of miles away.”

    Voting against Sweden and Finland joining NATO, a pet Putin peeve, were Michael Cloud, Andy Biggs, Dan Bishop, Lauren Boebert, Matt Gaetz, Bob Good, Ralph Norman, and Chip Roy.

    Eli Crane says of the US supporting Ukraine, “This is a war we shouldn’t be involved in,” and it will make the Afghanistan exit “look like child’s play.”

    Matt Gaetz tweeted: “Today the House didn't organize. Biggest loser: Zelensky. Biggest winner: U.S. Taxpayers.” He also tweeted: “I’m more concerned with the US-Mexico border than the Russia-Ukraine border. Not sorry.”

    Opposing US aid to Ukraine, Matt Gaetz told a CPAC audience: “Why should Americans have to pay the costs for freedom elsewhere when our own leaders won't stand up for our freedom here?”

    Paul Gosar tweeted: “Ukraine is not our ally. Russia is not our enemy. We need to address our crippling debt, inflation and immigration problems. None of this is Putin's fault.”

    Paul Gosar wrote an open letter to the White House asking President Biden to “refrain from participating in its annually recurring nuclear exercise ‘Steadfast Noon’ in conjunction with the North Atlantic Treaty Organization to ‘prevent further escalation.’”

    Paul Gosar tweeted: “Putin puts Russia first as he should.”

    Mary Miller, Bob Good, Ralph Norman, Andy Biggs, and Matt Gaetz co-sponsored legislation to forbid any further delivery of military equipment to Ukraine.
    ...
    Ralph Norman, who called for Trump to impose “Marshall law” to prevent Biden from being sworn in, first issued a statement on day one of the invasion of Ukraine condemning Russia but then voted “No” on US aid to Ukraine in September and continues to oppose such aid.
    ...
    Matt Rosendale issued a statement saying: “The United States has no legal or moral obligation to come to the aid of either side in this foreign conflict.” He voted against a resolution “supporting the people of Ukraine.” He also introduced legislation blocking any US aid to Ukraine.

    Byron Donalds voted against US aid to Ukraine.
    ...
    While none of this proves that the anti-McCarthy forces are getting their marching orders from Putin, it does raise some significant questions about their commitment to the continuation of the current form and nature of our government. I think Dave Troy’s idea is worth taking seriously.

    Because the outcome he contemplates is something both the rightwing billionaires and Putin could get behind."

    #goptreason #gophatesdemocracy #gopinbedwithrich #putinhatesdemocracy #gopinbedwithputin #gopoligarchpuppets
  8. swtyndall.notwhatwethink @[email protected] ·
    CW: Part 2 There is something very disturbing about these freedom caucus members' support for Putin, attempts to destroy democracy, social security and whole agencies and their funding by Peter Theil and Koch. "Is this all a continuation of Trump’s January 6th coup attempt and his desire to convert America from a democracy into a despotic strongman-rule nation aligned with Russia?" Is the Anti-McCarthy Crowd in the Bag for the Billionaires, Putin, or Both?

    Part 2
    There is something very disturbing about these freedom caucus members' support for Putin, attempts to destroy democracy, social security and whole agencies and their funding by Peter Theil and Koch.

    "Is this all a continuation of Trump’s January 6th coup attempt and his desire to convert America from a democracy into a despotic strongman-rule nation aligned with Russia?"

    Is the Anti-McCarthy Crowd in the Bag for the Billionaires, Putin, or Both? hartmannreport.com/p/is-the-an

    #GOPTreason
    #GOPHatesDemocracy
    #GOPInBedWithRich
    #PutinHatesDemocracy
    #GOPInBedWithPutin
    #GOPOligarchPuppets
    #WantTheirSerfsBack

    “It's becoming clear now: This is January 6th, Episode II. The Freedom Caucus is demanding debt default, which will spark a ~$15T global financial crisis. COVID was ~$4T. This will only help Putin and his BRICS+/GGC allies.”

    Skeptical but curious, I plugged the names of each of the 20 Republicans who voted against McCarthy in the first vote yesterday into a search engine along with the word “Russia.” Here’s what I found about 15 of them:

    Andy Biggs voted against legislation to document Russian war crimes in Ukraine, as did Paul Gosar and Scott Perry.

    Matt Gaetz, Dan Bishop, Paul Gosar, Ralph Norman, and Scott Perry all voted against suspending normal trade relations with Russia and Belarus.

    Dan Bishop, Matt Gaetz, Andy Biggs, Paul Gosar, and Chip Roy all voted against a bill to ban imports of Russian oil and gas.

    Those four also voted against legislation to strip Russia from “most favored nation status” by the World Trade Organization.

    Paul Gosar and Matt Rosendale both voted against a resolution that reaffirmed US support for Ukrainian sovereignty.

    John Brecheen is new to Congress, but when asked by his local newspaper about whether America should support Ukraine against the Russian invasion he replied, “My position is I would not have voted for funding of war.”

    Michael Cloud tweeted: “The Biden Admin has ignored a year-long invasion at our southern border but is considering risking the lives of U.S. soldiers to protect Ukraine's border? Ukraine is thousands of miles away.”

    Voting against Sweden and Finland joining NATO, a pet Putin peeve, were Michael Cloud, Andy Biggs, Dan Bishop, Lauren Boebert, Matt Gaetz, Bob Good, Ralph Norman, and Chip Roy.

    Eli Crane says of the US supporting Ukraine, “This is a war we shouldn’t be involved in,” and it will make the Afghanistan exit “look like child’s play.”

    Matt Gaetz tweeted: “Today the House didn't organize. Biggest loser: Zelensky. Biggest winner: U.S. Taxpayers.” He also tweeted: “I’m more concerned with the US-Mexico border than the Russia-Ukraine border. Not sorry.”

    Opposing US aid to Ukraine, Matt Gaetz told a CPAC audience: “Why should Americans have to pay the costs for freedom elsewhere when our own leaders won't stand up for our freedom here?”

    Paul Gosar tweeted: “Ukraine is not our ally. Russia is not our enemy. We need to address our crippling debt, inflation and immigration problems. None of this is Putin's fault.”

    Paul Gosar wrote an open letter to the White House asking President Biden to “refrain from participating in its annually recurring nuclear exercise ‘Steadfast Noon’ in conjunction with the North Atlantic Treaty Organization to ‘prevent further escalation.’”

    Paul Gosar tweeted: “Putin puts Russia first as he should.”

    Mary Miller, Bob Good, Ralph Norman, Andy Biggs, and Matt Gaetz co-sponsored legislation to forbid any further delivery of military equipment to Ukraine.
    ...
    Ralph Norman, who called for Trump to impose “Marshall law” to prevent Biden from being sworn in, first issued a statement on day one of the invasion of Ukraine condemning Russia but then voted “No” on US aid to Ukraine in September and continues to oppose such aid.
    ...
    Matt Rosendale issued a statement saying: “The United States has no legal or moral obligation to come to the aid of either side in this foreign conflict.” He voted against a resolution “supporting the people of Ukraine.” He also introduced legislation blocking any US aid to Ukraine.

    Byron Donalds voted against US aid to Ukraine.
    ...
    While none of this proves that the anti-McCarthy forces are getting their marching orders from Putin, it does raise some significant questions about their commitment to the continuation of the current form and nature of our government. I think Dave Troy’s idea is worth taking seriously.

    Because the outcome he contemplates is something both the rightwing billionaires and Putin could get behind."

    #goptreason #gophatesdemocracy #gopinbedwithrich #putinhatesdemocracy #gopinbedwithputin #gopoligarchpuppets
  9. swtyndall.notwhatwethink @[email protected] ·
    CW: Part 2 There is something very disturbing about these freedom caucus members' support for Putin, attempts to destroy democracy, social security and whole agencies and their funding by Peter Theil and Koch. "Is this all a continuation of Trump’s January 6th coup attempt and his desire to convert America from a democracy into a despotic strongman-rule nation aligned with Russia?" Is the Anti-McCarthy Crowd in the Bag for the Billionaires, Putin, or Both?

    Part 2
    There is something very disturbing about these freedom caucus members' support for Putin, attempts to destroy democracy, social security and whole agencies and their funding by Peter Theil and Koch.

    "Is this all a continuation of Trump’s January 6th coup attempt and his desire to convert America from a democracy into a despotic strongman-rule nation aligned with Russia?"

    Is the Anti-McCarthy Crowd in the Bag for the Billionaires, Putin, or Both? hartmannreport.com/p/is-the-an

    #GOPTreason
    #GOPHatesDemocracy
    #GOPInBedWithRich
    #PutinHatesDemocracy
    #GOPInBedWithPutin
    #GOPOligarchPuppets
    #WantTheirSerfsBack

    “It's becoming clear now: This is January 6th, Episode II. The Freedom Caucus is demanding debt default, which will spark a ~$15T global financial crisis. COVID was ~$4T. This will only help Putin and his BRICS+/GGC allies.”

    Skeptical but curious, I plugged the names of each of the 20 Republicans who voted against McCarthy in the first vote yesterday into a search engine along with the word “Russia.” Here’s what I found about 15 of them:

    Andy Biggs voted against legislation to document Russian war crimes in Ukraine, as did Paul Gosar and Scott Perry.

    Matt Gaetz, Dan Bishop, Paul Gosar, Ralph Norman, and Scott Perry all voted against suspending normal trade relations with Russia and Belarus.

    Dan Bishop, Matt Gaetz, Andy Biggs, Paul Gosar, and Chip Roy all voted against a bill to ban imports of Russian oil and gas.

    Those four also voted against legislation to strip Russia from “most favored nation status” by the World Trade Organization.

    Paul Gosar and Matt Rosendale both voted against a resolution that reaffirmed US support for Ukrainian sovereignty.

    John Brecheen is new to Congress, but when asked by his local newspaper about whether America should support Ukraine against the Russian invasion he replied, “My position is I would not have voted for funding of war.”

    Michael Cloud tweeted: “The Biden Admin has ignored a year-long invasion at our southern border but is considering risking the lives of U.S. soldiers to protect Ukraine's border? Ukraine is thousands of miles away.”

    Voting against Sweden and Finland joining NATO, a pet Putin peeve, were Michael Cloud, Andy Biggs, Dan Bishop, Lauren Boebert, Matt Gaetz, Bob Good, Ralph Norman, and Chip Roy.

    Eli Crane says of the US supporting Ukraine, “This is a war we shouldn’t be involved in,” and it will make the Afghanistan exit “look like child’s play.”

    Matt Gaetz tweeted: “Today the House didn't organize. Biggest loser: Zelensky. Biggest winner: U.S. Taxpayers.” He also tweeted: “I’m more concerned with the US-Mexico border than the Russia-Ukraine border. Not sorry.”

    Opposing US aid to Ukraine, Matt Gaetz told a CPAC audience: “Why should Americans have to pay the costs for freedom elsewhere when our own leaders won't stand up for our freedom here?”

    Paul Gosar tweeted: “Ukraine is not our ally. Russia is not our enemy. We need to address our crippling debt, inflation and immigration problems. None of this is Putin's fault.”

    Paul Gosar wrote an open letter to the White House asking President Biden to “refrain from participating in its annually recurring nuclear exercise ‘Steadfast Noon’ in conjunction with the North Atlantic Treaty Organization to ‘prevent further escalation.’”

    Paul Gosar tweeted: “Putin puts Russia first as he should.”

    Mary Miller, Bob Good, Ralph Norman, Andy Biggs, and Matt Gaetz co-sponsored legislation to forbid any further delivery of military equipment to Ukraine.
    ...
    Ralph Norman, who called for Trump to impose “Marshall law” to prevent Biden from being sworn in, first issued a statement on day one of the invasion of Ukraine condemning Russia but then voted “No” on US aid to Ukraine in September and continues to oppose such aid.
    ...
    Matt Rosendale issued a statement saying: “The United States has no legal or moral obligation to come to the aid of either side in this foreign conflict.” He voted against a resolution “supporting the people of Ukraine.” He also introduced legislation blocking any US aid to Ukraine.

    Byron Donalds voted against US aid to Ukraine.
    ...
    While none of this proves that the anti-McCarthy forces are getting their marching orders from Putin, it does raise some significant questions about their commitment to the continuation of the current form and nature of our government. I think Dave Troy’s idea is worth taking seriously.

    Because the outcome he contemplates is something both the rightwing billionaires and Putin could get behind."

    #wanttheirserfsback #gopoligarchpuppets #gopinbedwithputin #putinhatesdemocracy #gopinbedwithrich #gophatesdemocracy
  10. swtyndall.notwhatwethink @[email protected] ·
    CW: Part 2 There is something very disturbing about these freedom caucus members' support for Putin, attempts to destroy democracy, social security and whole agencies and their funding by Peter Theil and Koch. "Is this all a continuation of Trump’s January 6th coup attempt and his desire to convert America from a democracy into a despotic strongman-rule nation aligned with Russia?" Is the Anti-McCarthy Crowd in the Bag for the Billionaires, Putin, or Both?

    Part 2
    There is something very disturbing about these freedom caucus members' support for Putin, attempts to destroy democracy, social security and whole agencies and their funding by Peter Theil and Koch.

    "Is this all a continuation of Trump’s January 6th coup attempt and his desire to convert America from a democracy into a despotic strongman-rule nation aligned with Russia?"

    Is the Anti-McCarthy Crowd in the Bag for the Billionaires, Putin, or Both? hartmannreport.com/p/is-the-an

    #GOPTreason
    #GOPHatesDemocracy
    #GOPInBedWithRich
    #PutinHatesDemocracy
    #GOPInBedWithPutin
    #GOPOligarchPuppets
    #WantTheirSerfsBack

    “It's becoming clear now: This is January 6th, Episode II. The Freedom Caucus is demanding debt default, which will spark a ~$15T global financial crisis. COVID was ~$4T. This will only help Putin and his BRICS+/GGC allies.”

    Skeptical but curious, I plugged the names of each of the 20 Republicans who voted against McCarthy in the first vote yesterday into a search engine along with the word “Russia.” Here’s what I found about 15 of them:

    Andy Biggs voted against legislation to document Russian war crimes in Ukraine, as did Paul Gosar and Scott Perry.

    Matt Gaetz, Dan Bishop, Paul Gosar, Ralph Norman, and Scott Perry all voted against suspending normal trade relations with Russia and Belarus.

    Dan Bishop, Matt Gaetz, Andy Biggs, Paul Gosar, and Chip Roy all voted against a bill to ban imports of Russian oil and gas.

    Those four also voted against legislation to strip Russia from “most favored nation status” by the World Trade Organization.

    Paul Gosar and Matt Rosendale both voted against a resolution that reaffirmed US support for Ukrainian sovereignty.

    John Brecheen is new to Congress, but when asked by his local newspaper about whether America should support Ukraine against the Russian invasion he replied, “My position is I would not have voted for funding of war.”

    Michael Cloud tweeted: “The Biden Admin has ignored a year-long invasion at our southern border but is considering risking the lives of U.S. soldiers to protect Ukraine's border? Ukraine is thousands of miles away.”

    Voting against Sweden and Finland joining NATO, a pet Putin peeve, were Michael Cloud, Andy Biggs, Dan Bishop, Lauren Boebert, Matt Gaetz, Bob Good, Ralph Norman, and Chip Roy.

    Eli Crane says of the US supporting Ukraine, “This is a war we shouldn’t be involved in,” and it will make the Afghanistan exit “look like child’s play.”

    Matt Gaetz tweeted: “Today the House didn't organize. Biggest loser: Zelensky. Biggest winner: U.S. Taxpayers.” He also tweeted: “I’m more concerned with the US-Mexico border than the Russia-Ukraine border. Not sorry.”

    Opposing US aid to Ukraine, Matt Gaetz told a CPAC audience: “Why should Americans have to pay the costs for freedom elsewhere when our own leaders won't stand up for our freedom here?”

    Paul Gosar tweeted: “Ukraine is not our ally. Russia is not our enemy. We need to address our crippling debt, inflation and immigration problems. None of this is Putin's fault.”

    Paul Gosar wrote an open letter to the White House asking President Biden to “refrain from participating in its annually recurring nuclear exercise ‘Steadfast Noon’ in conjunction with the North Atlantic Treaty Organization to ‘prevent further escalation.’”

    Paul Gosar tweeted: “Putin puts Russia first as he should.”

    Mary Miller, Bob Good, Ralph Norman, Andy Biggs, and Matt Gaetz co-sponsored legislation to forbid any further delivery of military equipment to Ukraine.
    ...
    Ralph Norman, who called for Trump to impose “Marshall law” to prevent Biden from being sworn in, first issued a statement on day one of the invasion of Ukraine condemning Russia but then voted “No” on US aid to Ukraine in September and continues to oppose such aid.
    ...
    Matt Rosendale issued a statement saying: “The United States has no legal or moral obligation to come to the aid of either side in this foreign conflict.” He voted against a resolution “supporting the people of Ukraine.” He also introduced legislation blocking any US aid to Ukraine.

    Byron Donalds voted against US aid to Ukraine.
    ...
    While none of this proves that the anti-McCarthy forces are getting their marching orders from Putin, it does raise some significant questions about their commitment to the continuation of the current form and nature of our government. I think Dave Troy’s idea is worth taking seriously.

    Because the outcome he contemplates is something both the rightwing billionaires and Putin could get behind."

    #goptreason #gophatesdemocracy #gopinbedwithrich #putinhatesdemocracy #gopinbedwithputin #gopoligarchpuppets
  11. Iridescent Alchemyst @iridescentalchemyst.wordpress.com@iridescentalchemyst.wordpress.com ·

    Huge Update: The Audit Petition for Iowa DHHS is Finally Done!

    I have some big news to share. After months of digging through records, I’ve finally finished the official petition to audit the Iowa Department of Health and Human Services (DHHS).

    This post will be cross posted on Iowa Family Rights, Ashley for Iowa, and Iridescent Alchemyst on Substack!

    This isn’t just a simple letter. It’s a massive 205-page research packet with 38 attachments and over 50 government reports- You can find the full list of attachments with links at the end of this post. It proves that for 29 years (since 1997), Iowa’s child welfare system has been stuck in a loop of the same dangerous mistakes… and THEY KNOW IT!!

    Here is a sneak peek of the document list and title page for the Petition to Audit packet I have prepared for Iowa’s Auditor of State Rob Sand

    THIS is the work the state’s Child Welfare Task Force was supposed to do after a girl named Sabrina Ray tragically starved to death in 2017. Even though the state paid $14.2 million in settlements because of the mistakes made in her case, that task force hasn’t even met since early 2024. Our kids can’t wait on them anymore.

    The Numbers Are Worse Than You Think

    When I say the system is “broken,” I have the statistics to back it up. Here are some of the most shocking and disturbing facts found in official reports:

    • Failed Safety Checks: In a major federal review, Iowa failed 91% of its safety assessments—meaning the agency didn’t properly check if kids were actually safe in most cases.
    • Rules Are Ignored: My research shows a 78% “Policy-Practice Gap.” That’s a fancy way of saying the agency ignores its own safety and paperwork rules almost 80% of the time.
    • Foster Care Danger: Kids in Iowa are 4.7 times more likely to be abused while in foster care compared to the national target.
    • Wasting Tax Money: Because of bad record-keeping, Iowa is at risk of having to pay back $40 million in federal funds.
    • Constant Staff Changes: About 30–35% of case managers quit every year. This means a family might get three different workers in just three months, so no one ever really knows what’s going on with the kids.

    Taking This to the State Capitol

    I’m not letting this research sit on a shelf. I’ve already sent emails and offered to send the full packet to the people in charge of overseeing our state government, including:

    • Senator Tony Bisignano, Ranking Member of the Senate Government Oversight Committee who has been pushing for more accountability.
    • The Government Oversight Committees in both the House and Senate (led by people like Senator Kerry Gruenhagen and Representative Holly Brink).
    • The Health and Human Services Committees, who are directly responsible for DHHS.
    • The Media, including Laura Belin at Bleeding Heartland, to make sure the public knows what’s happening.

    What’s Next?

    Now that the research is done, I’m working on the very last step: collecting the final signatures needed under Iowa Code § 11. Once I have those, I can hand everything over to State Auditor Rob Sand for a formal, independent investigation.

    If you live in Iowa and you want to show your support for this effort, head to Change dot org to sign the online version of the petition!

    sign the petition

    For nearly 30 years, the state has been able to hide these failures. It’s time to finally bring them into the light so we can actually protect Iowa’s children.

    Want to know more?

    I know you are dying to hear more…. check out these pages from the packet:

    The focus area, key documents, and observed patterns for each of the 8 domains listed in the Petition to Audit packet I also designated 13 Failure Categories in the Petition Packet. This chart shows how many categories were found in each of the 28 attachments.

    And some more of those disturbing statistics:

    Safety and Fatality Indicators

    • Extreme Starvation Metrics: In two of Iowa’s most high-profile fatalities, teenagers were found at weights far below normal: Natalie Finn weighed 66 lbs at death, and Sabrina Ray weighed only 56 lbs.
    • Mass Rejection of Abuse Reports: In SFY24 alone, the agency rejected 20,891 abuse reports involving children ages 0–5; notably, 5,824 of those rejected reports involved infants and toddlers.
    • Maltreatment Recurrence: Iowa’s maltreatment recurrence rate (the rate of children abused again within 12 months) is 19.1%, which is double the national target of 9.7%.
    • Foster Care Abuse Rate: Children in Iowa foster care are maltreated at a rate of 42.61 per 100,000 days, which is 4.7 times higher than the national target of 9.07.

    Workforce and Operational Collapse

    • Staffing Depletion: Between federal review rounds, the agency documented a loss of 638 staff members.
    • Extreme Caseloads: Caseworker caseloads have been documented as high as 35–40 cases per worker, while the agency recently reported a 13% decline in case managers alongside a 19% increase in caseloads since 2016.
    • Supervisory “Time Poverty”: Supervisors in the field spend 50% of their time on documentation and paperwork rather than coaching staff or reviewing case safety.
    • Recruitment Delays: It takes an average of 72 days to fill critical child protection vacancies, far exceeding the agency’s own target of 50 days.

    Fiscal Negligence and Federal Non-Compliance

    • Unallowable Claims: A technical analysis found that Iowa claimed $40 million in federal funds for “Solution Based Casework” (SBC) that was not actually eligible for Title IV-E reimbursement.
    • Uncollected Revenue: State auditors found the agency failed to collect $3.2 million in nursing facility penalties, representing a “statutory defiance” of the law.
    • Questioned Federal Costs: A single special investigation into a behavioral health contractor identified $167,716 in questioned costs across IPN, SOR, and ARPA federal grants.
    • Historical Payment Errors: For over a decade, state audits have found a 19% error rate in cases where families were receiving both foster care and Family Investment Program (FIP) payments simultaneously.

    Systemic Service and Capacity Gaps

    • Collapse of Child Care Infrastructure: Over the last decade, Iowa has seen a 56% decline in child care programs and a 6% decline in total child care spaces.
    • Under-Capacity Due to Staffing: Roughly 57% of licensed child care centers are operating below their licensed capacity specifically because they cannot find enough staff to meet required ratios.
    • SafeCare Performance Failure: In a recent reporting period, 0% of contractors met the performance benchmarks for the SafeCare program.
    • Substance Abuse Removal Surge: Between 2014 and 2018, removals of children due to parental substance abuse increased by 47% (from 1,424 to 2,093).

    Data Integrity and Oversight Void

    • Inaccessible Records: Despite having a massive budget, the agency admitted that basic workforce qualification data is “not readily available” and requires a manual review of physical personnel files.
    • Unlinked Child Records: An independent analysis of the KinderTrack database found 286 unlinked parent-child records, making it impossible to perform accurate safety or fiscal analysis.
    • Ombudsman Workload Explosion: The Iowa Ombudsman’s office opened 6,266 cases in FY2025, representing a 57% increase since 2014

    I am eager to see what our state legislature has to say about all this. A press release has also been sent out to a couple local papers. And I will not be quiet until something is done to correct these horrible injustices!

    I will keep you posted!!

    ✌️💖🌈🦄 Ashley Marie Meredith, MSN
    Petition Organizer

    P.S. I am sure this will piss off all of the right people… and for the record, I will NEVER unalive myself!!

    Momma loves you Alexys, Noah (Nashville) and Eli (Elliot)!!
    I miss you EVERY DAY!!

    I will NEVER stop fighting for my boys to come home
    where they belong!!

    References

    SECTION 7 — Supporting Evidence & Attachments

    PART 1 — Jurisdiction & Authority

    • Attachment 1 — Statutory Authority (Iowa Code § 11.6, § 11.24)

    PART 2 — Federal Oversight Failure

    PART 3 — Current Admissions by the State

    PART 4 — Independent Systems Evaluations

    PART 5 — Auditor Findings

    PART 6 — Oversight Breakdown

    PART 7 — Risk & Harm Conditions

    • Attachment 27 — Fatality Risk Analysis
    • Attachment 28 — Failure Matrix

    PART 8 — Failure Outcomes

    PART 9 — Public Impact & Contradictions

    PART 10 — Case-Level Audit Trigger

    • Attachment 35 — Affidavit – Ashley Marie Meredith RE: communications with Washington County Attorney Nathan Repp
    • Attachment 36 — Affidavit – Ashley Marie Meredith RE: Procedural History & Exhaustion of Reporting Channels

    PART 11 — Public Interest

    PART 12 — Open Records

    • Attachment 38 Open Records Requests
      38A- 26-927
      38B- 26-1536
    #AuditIowaHHS #auditor #childAbuse #childAbusePrevention #childProtectionReform #childWelfareSystem #Conspiracy #corruption #dhsCps #fraud #health #HHS #iowa #JusticeForMe3 #MentalHealth #news #parenting #saveOurChildren #stopLegalKidnapping #UnitedWeStand #WETHEPEOPLE
    #wethepeople #unitedwestand #stoplegalkidnapping #saveourchildren #parenting #news
  12. Jakke Lehtonen @[email protected] ·

    Error 502 ja sivustojen backup-näyttö

    eksis.one/palvelimet/error-502

    Tuskin kukaan pitää tilanteesta, jossa selain esittää kliinisen kylmän error 500/502/503/504 virheen. Kävijät siksi, että eivät näe sisältöä. Ylläpito siksi, että 50x-sarjan virheet kertovat, että jokin serverillä on nurin, mutta ei anna pienintäkään viitettä syystä.

    Kertomattomuus johtuu siitä, että viallinen ei pysty kertomaan mihin sattuu, ja kuunteleva ei ymmärrä mistä on kyse.

    Omassa stackissa Nginx – Varnish – Apache2 (PHP, MariaDB, WordPress) virhekoodi saattaa antaa jotain suuntaa.

    • 500: Nginx tai virtuaalihostin konffi on rikki
    • 502: Varnish on kaatunut
    • 503: useimmiten Apache2 on kaatunut
    • 504: Apachen takana oleva WordPress on sekaisin

    Mutta tuohonkin on olemassa poikkeuksia ja kaikki riippuu siitä miten ongelmakohta pystyy vastaamaan pyyntöihin ja miten kyselijä ilmoituksen tulkitsee.

    Varajärjestelmän varajärjestelmä

    Olen kehittänyt 50x-sarjan virheistä itselleni eräänlaisen pakkomielteen. Osaksi koska inhoan niitä syvästi ja osaksi siksi, että pääsääntöisesti minä olen syypäänä onnistunut kaatamaan tai rikkomaan jotain. Aika harvoin ohjelmat itsessään hajoavat, vaikka niitäkin tapauksia on ollut.

    Katkokset ovat siten suolaa haavoihin hierova muistutus kädettömän sysadminin ammattitaidottomuudesta. Tai en tiedä voidaanko tällaisen kotitarveylläpitäjän kohdalla puhua ammattitaidottomuudesta. Kyse on pelkästään kyvyttömyydestä. Ja huolimattomuudestakin aika usein.

    Ongelman toinen puoli on se, että en aina tiedä suoraan miten virheen korjaan. Tunteja voi kulua, ja koko sen ajan jokainen sivusto on saavuttamattomissa. Joten tarvitsin mahdollisuuksien mukaan joko informatiivisemmat virhesivut tai jonkun backup-järjestelmän, joka esittää sisällön.

    Palapeli palapelin selässä

    Minulla työnkuva on useimmiten mallia on ongelma, etsin ensimmäisen ratkaisun, ongelma laajenee, etsin uuden ratkaisun, en tiedä mihin päädyn ja miten.

    50x-virheiden kohdalla tuo tarkoittaa sitä, että ensin lähdin säätämään virhesivuja. Niiden muuttaminen on aika triviaalia, mutta lisäinformaation saaminen ei ollut. Joten tyydyin vain muuttamaan tekstiä ja kerjäämään ihmisiä kertomaan, että sivustot ovat alhaalla.

    En yleensä saanut mitään tietoa kaatumisista, koska kaupalliset monitorit ovat kalliita ja ilmaiset ratkaisut aina jollain tapaa ongelmallisia.

    Joten seuraavaksi aloin selvittämään miten pystyisin saamaan tiedon minulle sopivalla tavalla, kun jokin palvelu ei tee sitä mitä sen kuuluisi. Olin aiemmin oivaltanut, että sellaista outoutta kuin API voidaan käyttää keskustelujen avaamiseen Discourse-foorumillani — ja se osaa lähettää push-ilmoituksia minulle.

    Joten ensin pienen ja sitä seuranneen isomman riidan jälkeen sain rakennettua tavan, jossa Nginx kertoo Plesk-serverille 50x-virheestä. Se taasen esittää kustomoidun virheilmoituksen ja avaa Discoursessa ketjun sille virheelle.

    Varnish tuuraa Apachea

    Siinä samalla oli alkanut itää ajatus esittää backup-sisältöä. Miksi tyytyä virheilmoituksiin, jos voisikin esittää edes jotain sisältöä.

    Helpointa, ainakin sillä hetkellä, oli keskittyä 503/504-virheisiin. Tilanteisiin, joissa Varnish käy ja kukkuu, mutta Apache2 tai WordPress on kaatunut. Helpointa siksi, että minullahan oli jo sisältö valmiina, ainakin osaksi: Varnishin cachessa. Se sisältö ei muutoinkaan koskaan piittaa backendistä; se on cachen pointti ja merkitys. Cache hyödyttää korvikesisältönä vain, jos cache lämmitetään, eli kaikki kopioidaan sinne. Se tavataan tehdä wgetillä — joka kykenee luomaan kohtuullisesti toimivan staattisen version sivustoista.

    Joten kun alkuperäinen tavoite oli vain lämmittää cache, niin olin tullut luoneeksi siinä ohessa snapshot-sisältöä. Tein siitä varajärjestelmän varajärjestelmän.

    Apache2/WordPress kaatuu. Niin kauan kun kukaan ei tee POST-kutsua tai pyydä sellaista, jota ei voida cachettaa, niin kukaan ei tiedä ongelmista mitään. Kaikki tulee 1:1 kopioina Varnishista.

    Varnish saa tiedon backendin hengettömyydestä, kun pyydetään sisältöä, jota ei löydy cachesta. Se vaihtaa backendiä ja hakeekin Nginxin kautta snapshot-sisällön, jos se on kelvollista (GET/HEAD) , tai esittää tympeän virheilmon (POST, admin jne.). Kyllä, olisin voinut tuottaa Nginxin kautta dynaamisen sisällön, mutta en lähtenyt sille tielle. En halua sählätä liikaa tietokannan kanssa. Jos se hajoaa, vaikka kaksoiskäytön takia, niin olen liian syvissä vesissä täysin uimataidottomana. Pelkään tietokantoja.

    Kun snapshot-sisältöön siirrytään, niin siitä menee tieto Pleskille, joka kertoo Discourselle, joka kertoo minulle.

    Samaan aikaan kävijät eivät tiedä mitään ongelmista, cachen takia, tai saavat ehkä hieman rikkinäisen, mutta käytettävän sisällön. Eivät jotain error-ilmoitusta.

    Kuka tuuraa Varnishia?

    Minulla useimmiten kaatuu Varnish. Ei sen takia, että se olisi epävakaa, vaan koska säädän sitä aina kun on liikaa vapaa-aikaa. Minun säätöni tapaavat olla aika riskialttiita. Joten tarvitsin jonkin turvajärjestelmän Varnishin kaatumisen varalta.

    Minulla on Nginx ja minulla on valmis snapshot-sisältö. En siis tarvinnut muuta kuin tavan tunnistaa 502-virhe, eli Varnishin kaatuminen, ja sen myötä kääntääkin proxy-liikenne uuteen suuntaan: snapshot-serverille, joka oli Nginxin hoivissa.

    Tässäkin vain staattiset kyselyt kelpasivat, koska tavoitteeni ei ollut milloinkaan rakentaa täysin toimivaa korvaajaa. Halusin tarjota jotain sisältöä virheilmoituksen sijaan.

    Sain sen rakennettua. Mutta minulla oli melkoisia ongelmia saada kävijät pois emergency-reitiltä takaisin normaaliin siinä vaiheessa, kun Varnish palasi linjoille.

    Tiesin entisestään, että mm. Bing ei piittaa 410 virheistä, tai redirect 301/302 erosta, vaan koputtelee maailman tappiin saakka kaikkea löytämäänsä. Päinvastoin kuin mitä Google selittää, niin samaa tekee osaltaan googlebot ja varsinkin google-image. Mutta minulle oli yllätys kuinka vähän laillisetkin botit piittasivat 302 käännön väliaikaisuudesta sekä cache-headereista, jotka ohjasivat olemaan tallentamatta sisältöä.

    Ne indeksoivatki suunnilleen kaiken ja väliaikaisiksi leimattuja emergency-polkuja alkoi löytymään hakutuloksista. Tuo ei ollut haluttua.

    Snapshot versio 2

    Nginxin serveriblokit alkoivat lisäksi olla melkoista sekasotkua. Oli mappia ja oli if-lausetta. Kaikki hyvin pitkälle siksi, että kun kävijän saaminen emergency-reitille ja snapshot-serverille ei ollut kovinkaan vaikeaa, niin en saanut selaimia pois hätäreitiltä, kun paniikki oli ohi.

    Javascriptillä toki olisi onnistunut, mutta siitä en tiedä mitään. En minä ole koodari. Minä olen kopypeistaaja.

    Riitelin taas kerran Nginxin kanssa tämän asian puitteissa. Olin sammuttanut Varnishin simuloidakseni Varnishin kaatumista ja koska normaalisti Varnish käynnistyy hitaasti, niin hyödynsin sen panic-toimintaa simulaationa tilanteen normalisoitumisessa. Se kun käynnistyy silmänräpäyksessä.

    Minulla on panic-scripti tilanteita varten, jossa Varnish kaatuu, ja tiedän korjauksen vievän aikaa. Siinä master ohitetaan CLI:n avulla. Joten jos Varnishin ytimessä henki pihisee, niin saan sen käyntiin. Toki menetän cachen ja sellaisia asioita, mutta sivustoille pääsee Varnishin ollessa vain tyhmä putki.

    Jäin testeissäni ihmettelemään mitä olin juuri tehnyt. Olin käynnistänyt tmuxin, koska CLI täytyy olla koko ajan käynnissä, ja potkaissut Varnishin prosessin käyntiin. Mutta virallisestihan Varnish oli edelleen naamallaan, ja sehän on juurikin se tilanne, jonka hätätoimintoa yritin Nginxillä rakentaa.

    Olen tehnyt tuon ennenkin, monta kertaa. Kuten kun sekoilin kääntämisessä, ja rikoin Varnishin, niin pyöritin sitä tmuxin sisällä CLI:n kautta lähes viikon. Joten… miksi en tekisi samaa nyt, mutta ilman tmuxia ja automatisoituna, jolloin minun ei tarvitse riidellä niin paljon emergency-polun kanssa.

    Puolikkaan työpäivän ja useiden kokeilujen ja erehdysten jälkeen minulla on nyt järjestelmä, jossa Varnishin kaatuessa 10 sekunnin ajan esitetään virheilmoitus ja pyydetään kävijältä reload (tuo viive on Pleskin takia, luultavasti 5 sekuntiakin riittäisi varnistamaan, että API-pyyntö lähtee Discourseen).

    Seuraavaksi käynnistetään Varnish CLI-malliin mutta automaattisesti scriptillä. Taustalla käydään kyselemässä aika ajoin onko aito Varnish vihdoin järjissään ja kun se on käynnistynyt, niin vaihdetaan paniikki-Varnishista aitoon normaaliin Varnishiin.

    Eikä kukaan huomaa mitään — paitsi sen ensimmäisen 10 sekunnin ajan.

    Mutta… jos Varnish kaatuu oikeasti?

    Tuo järjestelmä ei ole todellakaan aukoton. Kaikkea muuta. Mutta noin 98 kertaa sadasta Varnishin kaatuminen on sellainen, että uusi instanssi saadaan käynnistettyä.

    Jos Varnish on täysin kuollut, niin sille ei ole varsinaista varajärjestelmää. Snapshot-serverin emergency ei onnistu minun taidoillani. Se hemmetin emergency-polku pysyy siellä, kiitos selainten. Ja koska moinen päätyy hakukoneisiin, niin en käytä sitä. Esitän mieluummin virheilmoitusta.

    Lisään emergencyn polkuun kahdesta syystä. Ensimmäinen on, että sillä estän wgetin muokkaaman (ja hieman rikkoman) sisällön saastuttamasta aitoa cachea. Toinen syy on, että silloin urista näkee, että ei olla normaalitilanteessa.

    Jos backend on saavuttamattomissa, niin Varnish ja Nginx käyttävät cacheamattoman sisällön kohdalla emergency-polkua. Mutta cachen lämmitys on noin 95 prosenttisen tehokas, joten se tulee käyttöön erittäin harvoin. Kun tulee, niin Varnish siivoaa emergemcy-osan pois vastauksesta tilanteen normalisoiduttua.

    Ihmiset näkevät emergencyn urlissa korjaantumisen jälkeenkin, paitsi jos klikkaavat jotain uutta linkkiä — merkintä lisätään Nginxissä, ei snapshotteihin — mutta botit näkevät polun oikein oikeilla headereilla. Eikä ihmisistä ole väliä, koska selaimethan eivät enää edes varsinaisesti näytä urlia.

    Mutta jos Varnish on totaalisen kuollut, niin laitan Nginxin juttelemaan suoraan Apachen kanssa. Se on vielä manuaalinen säätö, mutta tiedän miten sen saisi semiautomaattiseksi — ehkä teen sen muutoksen, kun taas on hieman liikaa vapaa-aikaa.

    Varajärjestelmä tämä kirjoitettaessa

    Jos backend kaatuu, niin Varnish käyttää cachea tai ohjaa Nginxin kautta snapshot-sisältöön.

    Jos Varnish kaatuu, niin käynnistetään toisenlainen Varnish, joka keskustelee suoraan backendin kanssa.

    Jos Varnish kaatuu totaalisesti, niin pakotan manuaalisesti Nginxin juttelemaan Apachen kanssa.

    Jos Nginx kaatuu… tuota en ole vielä tehnyt, mutta minulla on alustava konsepti. Ehkä saisin Hitchin tai muun SSL/TSL-terminaattorin hoitamaan saapuvan liikenteen ja kääntäisin sen tyhmälle paniikki-Varnishille.

    Miten koostin nykyisen Varnish korvaa Varnishin?

    Alleviivaan jo mainittua: en ole koodari. Tämän olisi varmaan voinut tehdä helpomminkin, mutta minä en tätä kummallisempaan kyennyt.

    Nginx kääntää uudelle proxylle:

    Ennen server-blokkia (käytä omia porttejasi):

    ❯ Näytä koodi
    [map $panic $varnish_upstream ](#)    0 127.0.0.1:8080;  # normaali Varnish    1 127.0.0.1:8081;  # panic-Varnish}

    Server-blokkiin:

    ❯ Näytä koodi
    set $panic 0;    if (-f /run/emergency_on) { set $panic 1; }    location / {        proxy_pass http://$varnish_upstream;...

    Varnishin kaatumisen ja nousun tunnistus

    Varnishin tilaa vahtii scripti varnish-switchover.sh:

    ❯ Näytä koodi
    #!/usr/bin/env bashset -euo pipefail# stop doing several ones at the same timeexec 9>/run/varnish_switchover.lockflock -n 9 || exit 0HEALTH_URL="http://127.0.0.1:8080/"EMER_FLAG="/run/emergency_on"OK_CNT="/run/varnish_ok.count"BAD_CNT="/run/varnish_bad.count"BAD_SINCE="/run/varnish_bad_since.ts"MIN_BAD_SEC=10# Checking if actual Varnish is healthyif varnishadm -T 127.0.0.1:6082 -S /etc/varnish/secret -t 1 ping >/dev/null 2>&1; then  healthy=1else  healthy=0fiinc()   { local f="$1"; local n=0; [[ -f "$f" ]] && n=$(cat "$f" 2>/dev/null || echo 0); echo $((n+1)) > "$f"; }reset() { : > "$1"; }if (( healthy )); then  # reseting “bad since”  [[ -f "$BAD_SINCE" ]] && rm -f "$BAD_SINCE"  # keep small hysteresis: 2 OK in the row before dropping the flag  inc "$OK_CNT"; reset "$BAD_CNT"  if (( $(cat "$OK_CNT") >= 2 )); then    [[ -f "$EMER_FLAG" ]] && rm -f "$EMER_FLAG"  fielse  # first BAD → mark startingtime (at this point Plesk get time to do its jobs, like post to Discourse)  if [[ ! -f "$BAD_SINCE" ]]; then    date +%s > "$BAD_SINCE"    reset "$OK_CNT"  fi  inc "$BAD_CNT"  bad_for=$(( $(date +%s) - $(cat "$BAD_SINCE" 2>/dev/null || echo 0) ))  # raise the flag when BAD has been at least MIN_BAD_SEC  if (( bad_for >= MIN_BAD_SEC )); then    [[ -f "$EMER_FLAG" ]] || touch "$EMER_FLAG"  fifi

    Se käyttää paria laskuria määrittelemään koska reagoidaan. Kun normaali Varnish ei vastaa kahteen kyselyyn peräkkäin, niin 10 sekunnin kuluttua asetetaan lippu /run/emergency_on . Sen löytyessä Nginx vaihtaa proxyksi paniikki-Varnishin.

    Scriptin kutsuu system-unit varnish-healthcheck.service :

    ❯ Näytä koodi
    [Unit]Description=Varnish healthcheck and switchover[Service]Type=oneshotExecStart=/usr/local/sbin/varnish-switchover.sh

    Sitä taasen ajastaa 5 sekunnin välein varnish-healthcheck.timer:

    ❯ Näytä koodi
    [Unit]Description=Run Varnish healthcheck every 30s[Timer]OnBootSec=10sOnUnitActiveSec=30sAccuracySec=1sUnit=varnish-healthcheck.service[Install]WantedBy=timers.target

    Aikaa voi toki muuttaa ja itse käytän hieman nopeasti reagoivaa.

    Paniikki-Varnish käynnistyy scriptillä varnish-panic.sh :

    ❯ Näytä koodi
    #!/usr/bin/env bash# Automatic panic handlingset -euo pipefailexec 9>/run/varnish-panic.lockflock -n 9 || { echo "panic varnish already running"; exit 0; }# Original:# varnishd -I /etc/varnish/start.cli.emerg -P /var/run/varnish.pid \#  -j unix,user=vcache -F -a :8080 -T localhost:6082 -f "" \#  -S /etc/varnish/secret -s malloc,256M/usr/sbin/varnishd \  -n panic \  -a 127.0.0.1:8081 \  -T 127.0.0.1:6083 \  -S /etc/varnish/secret \  -s malloc,256M \  -j unix,user=vcache \  -F \  -f '' \  -I /etc/varnish/start.cli.emerg

    Koska molemmat Varnishit ovat koko ajan yhtä aikaa käynnissä, niin

    • paniikki tarvitsee oman työhakemiston asetettuna -n lipulla
    • paniikki ei saa kuunnella samaa porttia Nginxin suuntaan kuin normaali
    • paniikki ei saa kuunnella backendiään samassa portissa kuin normaali
    • kommentoitu Original kohta toimii yksinään manuaalisena panic.sh ratkaisuna; kannattaa ajaa esim. tmuxissa

    Lisäksi paniikki tarvitsee oman käynnistystiedoston. Jos se käyttää samaa default.vcl tiedostoa tai vastaavaa, niin se kaatuu aivan samalla tavalla. Käyttämäni start.cli.emerg on:

    ❯ Näytä koodi
    vcl.load hot /etc/varnish/emergency.vclvcl.use hot

    Ja tarvittava emergency.vcl on perusmallinen vcl, joka määrittelee backendit ja asettaa return(pipe):. Löydät sen täältä:https://github.com/eksiscloud/Varnish7.x-multiplesites/blob/main/emergency.vcl

    Paniikki-Varnishin käynnistysscriptin pitää hengissä system-unit varnish-panic.service:

    ❯ Näytä koodi
    [Unit]Description=Varnish PANIC instance on :8081After=network-online.targetWants=network-online.target[Service]Type=simpleExecStart=/usr/local/bin/varnish-panic.shRestart=alwaysRestartSec=2sUser=rootGroup=root[Install]WantedBy=multi-user.target

    Omassa Ubuntussa systemd-yksiköt, service ja timer, löytyvät hakemistosta /etc/systemd/system/ ja scriptit olen tottunut laittamaan hakemistoon /usr/local/bin.

    Servicet ja timerit vaativat sekä systemctl daemon-reload kuin myös systemctl enable --now <nimi>. Scriptit muuttuvat ajettavaksi chmod +x <nimi>.

    Kaikki Varnishiin liittyvät löytyvät reposta https://github.com/eksiscloud/Varnish_7.x-multiple_sites

    #apache2 #nginx #valvonta #varnish

    #apache2 #nginx #valvonta #varnish
  13. Jakke Lehtonen @[email protected] ·

    Error 502 ja sivustojen backup-näyttö

    eksis.one/palvelimet/error-502

    Tuskin kukaan pitää tilanteesta, jossa selain esittää kliinisen kylmän error 500/502/503/504 virheen. Kävijät siksi, että eivät näe sisältöä. Ylläpito siksi, että 50x-sarjan virheet kertovat, että jokin serverillä on nurin, mutta ei anna pienintäkään viitettä syystä.

    Kertomattomuus johtuu siitä, että viallinen ei pysty kertomaan mihin sattuu, ja kuunteleva ei ymmärrä mistä on kyse.

    Omassa stackissa Nginx – Varnish – Apache2 (PHP, MariaDB, WordPress) virhekoodi saattaa antaa jotain suuntaa.

    • 500: Nginx tai virtuaalihostin konffi on rikki
    • 502: Varnish on kaatunut
    • 503: useimmiten Apache2 on kaatunut
    • 504: Apachen takana oleva WordPress on sekaisin

    Mutta tuohonkin on olemassa poikkeuksia ja kaikki riippuu siitä miten ongelmakohta pystyy vastaamaan pyyntöihin ja miten kyselijä ilmoituksen tulkitsee.

    Varajärjestelmän varajärjestelmä

    Olen kehittänyt 50x-sarjan virheistä itselleni eräänlaisen pakkomielteen. Osaksi koska inhoan niitä syvästi ja osaksi siksi, että pääsääntöisesti minä olen syypäänä onnistunut kaatamaan tai rikkomaan jotain. Aika harvoin ohjelmat itsessään hajoavat, vaikka niitäkin tapauksia on ollut.

    Katkokset ovat siten suolaa haavoihin hierova muistutus kädettömän sysadminin ammattitaidottomuudesta. Tai en tiedä voidaanko tällaisen kotitarveylläpitäjän kohdalla puhua ammattitaidottomuudesta. Kyse on pelkästään kyvyttömyydestä. Ja huolimattomuudestakin aika usein.

    Ongelman toinen puoli on se, että en aina tiedä suoraan miten virheen korjaan. Tunteja voi kulua, ja koko sen ajan jokainen sivusto on saavuttamattomissa. Joten tarvitsin mahdollisuuksien mukaan joko informatiivisemmat virhesivut tai jonkun backup-järjestelmän, joka esittää sisällön.

    Palapeli palapelin selässä

    Minulla työnkuva on useimmiten mallia on ongelma, etsin ensimmäisen ratkaisun, ongelma laajenee, etsin uuden ratkaisun, en tiedä mihin päädyn ja miten.

    50x-virheiden kohdalla tuo tarkoittaa sitä, että ensin lähdin säätämään virhesivuja. Niiden muuttaminen on aika triviaalia, mutta lisäinformaation saaminen ei ollut. Joten tyydyin vain muuttamaan tekstiä ja kerjäämään ihmisiä kertomaan, että sivustot ovat alhaalla.

    En yleensä saanut mitään tietoa kaatumisista, koska kaupalliset monitorit ovat kalliita ja ilmaiset ratkaisut aina jollain tapaa ongelmallisia.

    Joten seuraavaksi aloin selvittämään miten pystyisin saamaan tiedon minulle sopivalla tavalla, kun jokin palvelu ei tee sitä mitä sen kuuluisi. Olin aiemmin oivaltanut, että sellaista outoutta kuin API voidaan käyttää keskustelujen avaamiseen Discourse-foorumillani — ja se osaa lähettää push-ilmoituksia minulle.

    Joten ensin pienen ja sitä seuranneen isomman riidan jälkeen sain rakennettua tavan, jossa Nginx kertoo Plesk-serverille 50x-virheestä. Se taasen esittää kustomoidun virheilmoituksen ja avaa Discoursessa ketjun sille virheelle.

    Varnish tuuraa Apachea

    Siinä samalla oli alkanut itää ajatus esittää backup-sisältöä. Miksi tyytyä virheilmoituksiin, jos voisikin esittää edes jotain sisältöä.

    Helpointa, ainakin sillä hetkellä, oli keskittyä 503/504-virheisiin. Tilanteisiin, joissa Varnish käy ja kukkuu, mutta Apache2 tai WordPress on kaatunut. Helpointa siksi, että minullahan oli jo sisältö valmiina, ainakin osaksi: Varnishin cachessa. Se sisältö ei muutoinkaan koskaan piittaa backendistä; se on cachen pointti ja merkitys. Cache hyödyttää korvikesisältönä vain, jos cache lämmitetään, eli kaikki kopioidaan sinne. Se tavataan tehdä wgetillä — joka kykenee luomaan kohtuullisesti toimivan staattisen version sivustoista.

    Joten kun alkuperäinen tavoite oli vain lämmittää cache, niin olin tullut luoneeksi siinä ohessa snapshot-sisältöä. Tein siitä varajärjestelmän varajärjestelmän.

    Apache2/WordPress kaatuu. Niin kauan kun kukaan ei tee POST-kutsua tai pyydä sellaista, jota ei voida cachettaa, niin kukaan ei tiedä ongelmista mitään. Kaikki tulee 1:1 kopioina Varnishista.

    Varnish saa tiedon backendin hengettömyydestä, kun pyydetään sisältöä, jota ei löydy cachesta. Se vaihtaa backendiä ja hakeekin Nginxin kautta snapshot-sisällön, jos se on kelvollista (GET/HEAD) , tai esittää tympeän virheilmon (POST, admin jne.). Kyllä, olisin voinut tuottaa Nginxin kautta dynaamisen sisällön, mutta en lähtenyt sille tielle. En halua sählätä liikaa tietokannan kanssa. Jos se hajoaa, vaikka kaksoiskäytön takia, niin olen liian syvissä vesissä täysin uimataidottomana. Pelkään tietokantoja.

    Kun snapshot-sisältöön siirrytään, niin siitä menee tieto Pleskille, joka kertoo Discourselle, joka kertoo minulle.

    Samaan aikaan kävijät eivät tiedä mitään ongelmista, cachen takia, tai saavat ehkä hieman rikkinäisen, mutta käytettävän sisällön. Eivät jotain error-ilmoitusta.

    Kuka tuuraa Varnishia?

    Minulla useimmiten kaatuu Varnish. Ei sen takia, että se olisi epävakaa, vaan koska säädän sitä aina kun on liikaa vapaa-aikaa. Minun säätöni tapaavat olla aika riskialttiita. Joten tarvitsin jonkin turvajärjestelmän Varnishin kaatumisen varalta.

    Minulla on Nginx ja minulla on valmis snapshot-sisältö. En siis tarvinnut muuta kuin tavan tunnistaa 502-virhe, eli Varnishin kaatuminen, ja sen myötä kääntääkin proxy-liikenne uuteen suuntaan: snapshot-serverille, joka oli Nginxin hoivissa.

    Tässäkin vain staattiset kyselyt kelpasivat, koska tavoitteeni ei ollut milloinkaan rakentaa täysin toimivaa korvaajaa. Halusin tarjota jotain sisältöä virheilmoituksen sijaan.

    Sain sen rakennettua. Mutta minulla oli melkoisia ongelmia saada kävijät pois emergency-reitiltä takaisin normaaliin siinä vaiheessa, kun Varnish palasi linjoille.

    Tiesin entisestään, että mm. Bing ei piittaa 410 virheistä, tai redirect 301/302 erosta, vaan koputtelee maailman tappiin saakka kaikkea löytämäänsä. Päinvastoin kuin mitä Google selittää, niin samaa tekee osaltaan googlebot ja varsinkin google-image. Mutta minulle oli yllätys kuinka vähän laillisetkin botit piittasivat 302 käännön väliaikaisuudesta sekä cache-headereista, jotka ohjasivat olemaan tallentamatta sisältöä.

    Ne indeksoivatki suunnilleen kaiken ja väliaikaisiksi leimattuja emergency-polkuja alkoi löytymään hakutuloksista. Tuo ei ollut haluttua.

    Snapshot versio 2

    Nginxin serveriblokit alkoivat lisäksi olla melkoista sekasotkua. Oli mappia ja oli if-lausetta. Kaikki hyvin pitkälle siksi, että kun kävijän saaminen emergency-reitille ja snapshot-serverille ei ollut kovinkaan vaikeaa, niin en saanut selaimia pois hätäreitiltä, kun paniikki oli ohi.

    Javascriptillä toki olisi onnistunut, mutta siitä en tiedä mitään. En minä ole koodari. Minä olen kopypeistaaja.

    Riitelin taas kerran Nginxin kanssa tämän asian puitteissa. Olin sammuttanut Varnishin simuloidakseni Varnishin kaatumista ja koska normaalisti Varnish käynnistyy hitaasti, niin hyödynsin sen panic-toimintaa simulaationa tilanteen normalisoitumisessa. Se kun käynnistyy silmänräpäyksessä.

    Minulla on panic-scripti tilanteita varten, jossa Varnish kaatuu, ja tiedän korjauksen vievän aikaa. Siinä master ohitetaan CLI:n avulla. Joten jos Varnishin ytimessä henki pihisee, niin saan sen käyntiin. Toki menetän cachen ja sellaisia asioita, mutta sivustoille pääsee Varnishin ollessa vain tyhmä putki.

    Jäin testeissäni ihmettelemään mitä olin juuri tehnyt. Olin käynnistänyt tmuxin, koska CLI täytyy olla koko ajan käynnissä, ja potkaissut Varnishin prosessin käyntiin. Mutta virallisestihan Varnish oli edelleen naamallaan, ja sehän on juurikin se tilanne, jonka hätätoimintoa yritin Nginxillä rakentaa.

    Olen tehnyt tuon ennenkin, monta kertaa. Kuten kun sekoilin kääntämisessä, ja rikoin Varnishin, niin pyöritin sitä tmuxin sisällä CLI:n kautta lähes viikon. Joten… miksi en tekisi samaa nyt, mutta ilman tmuxia ja automatisoituna, jolloin minun ei tarvitse riidellä niin paljon emergency-polun kanssa.

    Puolikkaan työpäivän ja useiden kokeilujen ja erehdysten jälkeen minulla on nyt järjestelmä, jossa Varnishin kaatuessa 10 sekunnin ajan esitetään virheilmoitus ja pyydetään kävijältä reload (tuo viive on Pleskin takia, luultavasti 5 sekuntiakin riittäisi varnistamaan, että API-pyyntö lähtee Discourseen).

    Seuraavaksi käynnistetään Varnish CLI-malliin mutta automaattisesti scriptillä. Taustalla käydään kyselemässä aika ajoin onko aito Varnish vihdoin järjissään ja kun se on käynnistynyt, niin vaihdetaan paniikki-Varnishista aitoon normaaliin Varnishiin.

    Eikä kukaan huomaa mitään — paitsi sen ensimmäisen 10 sekunnin ajan.

    Mutta… jos Varnish kaatuu oikeasti?

    Tuo järjestelmä ei ole todellakaan aukoton. Kaikkea muuta. Mutta noin 98 kertaa sadasta Varnishin kaatuminen on sellainen, että uusi instanssi saadaan käynnistettyä.

    Jos Varnish on täysin kuollut, niin sille ei ole varsinaista varajärjestelmää. Snapshot-serverin emergency ei onnistu minun taidoillani. Se hemmetin emergency-polku pysyy siellä, kiitos selainten. Ja koska moinen päätyy hakukoneisiin, niin en käytä sitä. Esitän mieluummin virheilmoitusta.

    Lisään emergencyn polkuun kahdesta syystä. Ensimmäinen on, että sillä estän wgetin muokkaaman (ja hieman rikkoman) sisällön saastuttamasta aitoa cachea. Toinen syy on, että silloin urista näkee, että ei olla normaalitilanteessa.

    Jos backend on saavuttamattomissa, niin Varnish ja Nginx käyttävät cacheamattoman sisällön kohdalla emergency-polkua. Mutta cachen lämmitys on noin 95 prosenttisen tehokas, joten se tulee käyttöön erittäin harvoin. Kun tulee, niin Varnish siivoaa emergemcy-osan pois vastauksesta tilanteen normalisoiduttua.

    Ihmiset näkevät emergencyn urlissa korjaantumisen jälkeenkin, paitsi jos klikkaavat jotain uutta linkkiä — merkintä lisätään Nginxissä, ei snapshotteihin — mutta botit näkevät polun oikein oikeilla headereilla. Eikä ihmisistä ole väliä, koska selaimethan eivät enää edes varsinaisesti näytä urlia.

    Mutta jos Varnish on totaalisen kuollut, niin laitan Nginxin juttelemaan suoraan Apachen kanssa. Se on vielä manuaalinen säätö, mutta tiedän miten sen saisi semiautomaattiseksi — ehkä teen sen muutoksen, kun taas on hieman liikaa vapaa-aikaa.

    Varajärjestelmä tämä kirjoitettaessa

    Jos backend kaatuu, niin Varnish käyttää cachea tai ohjaa Nginxin kautta snapshot-sisältöön.

    Jos Varnish kaatuu, niin käynnistetään toisenlainen Varnish, joka keskustelee suoraan backendin kanssa.

    Jos Varnish kaatuu totaalisesti, niin pakotan manuaalisesti Nginxin juttelemaan Apachen kanssa.

    Jos Nginx kaatuu… tuota en ole vielä tehnyt, mutta minulla on alustava konsepti. Ehkä saisin Hitchin tai muun SSL/TSL-terminaattorin hoitamaan saapuvan liikenteen ja kääntäisin sen tyhmälle paniikki-Varnishille.

    Miten koostin nykyisen Varnish korvaa Varnishin?

    Alleviivaan jo mainittua: en ole koodari. Tämän olisi varmaan voinut tehdä helpomminkin, mutta minä en tätä kummallisempaan kyennyt.

    Nginx kääntää uudelle proxylle:

    Ennen server-blokkia (käytä omia porttejasi):

    ❯ Näytä koodi
    [map $panic $varnish_upstream ](#)    0 127.0.0.1:8080;  # normaali Varnish    1 127.0.0.1:8081;  # panic-Varnish}

    Server-blokkiin:

    ❯ Näytä koodi
    set $panic 0;    if (-f /run/emergency_on) { set $panic 1; }    location / {        proxy_pass http://$varnish_upstream;...

    Varnishin kaatumisen ja nousun tunnistus

    Varnishin tilaa vahtii scripti varnish-switchover.sh:

    ❯ Näytä koodi
    #!/usr/bin/env bashset -euo pipefail# stop doing several ones at the same timeexec 9>/run/varnish_switchover.lockflock -n 9 || exit 0HEALTH_URL="http://127.0.0.1:8080/"EMER_FLAG="/run/emergency_on"OK_CNT="/run/varnish_ok.count"BAD_CNT="/run/varnish_bad.count"BAD_SINCE="/run/varnish_bad_since.ts"MIN_BAD_SEC=10# Checking if actual Varnish is healthyif varnishadm -T 127.0.0.1:6082 -S /etc/varnish/secret -t 1 ping >/dev/null 2>&1; then  healthy=1else  healthy=0fiinc()   { local f="$1"; local n=0; [[ -f "$f" ]] && n=$(cat "$f" 2>/dev/null || echo 0); echo $((n+1)) > "$f"; }reset() { : > "$1"; }if (( healthy )); then  # reseting “bad since”  [[ -f "$BAD_SINCE" ]] && rm -f "$BAD_SINCE"  # keep small hysteresis: 2 OK in the row before dropping the flag  inc "$OK_CNT"; reset "$BAD_CNT"  if (( $(cat "$OK_CNT") >= 2 )); then    [[ -f "$EMER_FLAG" ]] && rm -f "$EMER_FLAG"  fielse  # first BAD → mark startingtime (at this point Plesk get time to do its jobs, like post to Discourse)  if [[ ! -f "$BAD_SINCE" ]]; then    date +%s > "$BAD_SINCE"    reset "$OK_CNT"  fi  inc "$BAD_CNT"  bad_for=$(( $(date +%s) - $(cat "$BAD_SINCE" 2>/dev/null || echo 0) ))  # raise the flag when BAD has been at least MIN_BAD_SEC  if (( bad_for >= MIN_BAD_SEC )); then    [[ -f "$EMER_FLAG" ]] || touch "$EMER_FLAG"  fifi

    Se käyttää paria laskuria määrittelemään koska reagoidaan. Kun normaali Varnish ei vastaa kahteen kyselyyn peräkkäin, niin 10 sekunnin kuluttua asetetaan lippu /run/emergency_on . Sen löytyessä Nginx vaihtaa proxyksi paniikki-Varnishin.

    Scriptin kutsuu system-unit varnish-healthcheck.service :

    ❯ Näytä koodi
    [Unit]Description=Varnish healthcheck and switchover[Service]Type=oneshotExecStart=/usr/local/sbin/varnish-switchover.sh

    Sitä taasen ajastaa 5 sekunnin välein varnish-healthcheck.timer:

    ❯ Näytä koodi
    [Unit]Description=Run Varnish healthcheck every 30s[Timer]OnBootSec=10sOnUnitActiveSec=30sAccuracySec=1sUnit=varnish-healthcheck.service[Install]WantedBy=timers.target

    Aikaa voi toki muuttaa ja itse käytän hieman nopeasti reagoivaa.

    Paniikki-Varnish käynnistyy scriptillä varnish-panic.sh :

    ❯ Näytä koodi
    #!/usr/bin/env bash# Automatic panic handlingset -euo pipefailexec 9>/run/varnish-panic.lockflock -n 9 || { echo "panic varnish already running"; exit 0; }# Original:# varnishd -I /etc/varnish/start.cli.emerg -P /var/run/varnish.pid \#  -j unix,user=vcache -F -a :8080 -T localhost:6082 -f "" \#  -S /etc/varnish/secret -s malloc,256M/usr/sbin/varnishd \  -n panic \  -a 127.0.0.1:8081 \  -T 127.0.0.1:6083 \  -S /etc/varnish/secret \  -s malloc,256M \  -j unix,user=vcache \  -F \  -f '' \  -I /etc/varnish/start.cli.emerg

    Koska molemmat Varnishit ovat koko ajan yhtä aikaa käynnissä, niin

    • paniikki tarvitsee oman työhakemiston asetettuna -n lipulla
    • paniikki ei saa kuunnella samaa porttia Nginxin suuntaan kuin normaali
    • paniikki ei saa kuunnella backendiään samassa portissa kuin normaali
    • kommentoitu Original kohta toimii yksinään manuaalisena panic.sh ratkaisuna; kannattaa ajaa esim. tmuxissa

    Lisäksi paniikki tarvitsee oman käynnistystiedoston. Jos se käyttää samaa default.vcl tiedostoa tai vastaavaa, niin se kaatuu aivan samalla tavalla. Käyttämäni start.cli.emerg on:

    ❯ Näytä koodi
    vcl.load hot /etc/varnish/emergency.vclvcl.use hot

    Ja tarvittava emergency.vcl on perusmallinen vcl, joka määrittelee backendit ja asettaa return(pipe):. Löydät sen täältä:https://github.com/eksiscloud/Varnish7.x-multiplesites/blob/main/emergency.vcl

    Paniikki-Varnishin käynnistysscriptin pitää hengissä system-unit varnish-panic.service:

    ❯ Näytä koodi
    [Unit]Description=Varnish PANIC instance on :8081After=network-online.targetWants=network-online.target[Service]Type=simpleExecStart=/usr/local/bin/varnish-panic.shRestart=alwaysRestartSec=2sUser=rootGroup=root[Install]WantedBy=multi-user.target

    Omassa Ubuntussa systemd-yksiköt, service ja timer, löytyvät hakemistosta /etc/systemd/system/ ja scriptit olen tottunut laittamaan hakemistoon /usr/local/bin.

    Servicet ja timerit vaativat sekä systemctl daemon-reload kuin myös systemctl enable --now <nimi>. Scriptit muuttuvat ajettavaksi chmod +x <nimi>.

    Kaikki Varnishiin liittyvät löytyvät reposta https://github.com/eksiscloud/Varnish_7.x-multiple_sites

    #apache2 #nginx #valvonta #varnish

    #varnish #valvonta #nginx #apache2
  14. Eli Norainu @[email protected] ·

    I saw a picture of a bunny peeking out of a hole in a sheet, so I drew Lop like that too.

    #Art #FanArt #FurryArt #StarWars #StarWarsVisions #Lop #Lepi #Sketch #ColorPencil

    #art #fanart #furryart #starwars #starwarsvisions #lop
  15. Eli :verified: @[email protected] ·

    Feel free to boost 🔁 if you like this #picture 🥰 -- #today a #photo of my #dog on #mondog
    .
    He is my best friend and always by my side 😊
    .
    #goodmorning #monday #mondaymorning #portrait #photography #photographer #nature #animal #puppy #blog #blogger #mastodog #dogday #bestfriend #bf #follow #boost #photomonday #fotomontag #onelove #newhere #neuhier #mondaymotivation #austria #dogoday #mastodonians #DogsOfMastodon

    #picture #today #photo #dog #mondog #goodmorning
  16. Eli :verified: @[email protected] ·

    Feel free to boost 🔁 if you like this #picture 🥰 -- #today a #photo of my #dog on #mondog
    .
    He is my best friend and always by my side 😊
    .
    #goodmorning #monday #mondaymorning #portrait #photography #photographer #nature #animal #puppy #blog #blogger #mastodog #dogday #bestfriend #bf #follow #boost #photomonday #fotomontag #onelove #newhere #neuhier #mondaymotivation #austria #dogoday #mastodonians #DogsOfMastodon

    #picture #today #photo #dog #mondog #goodmorning
  17. Eli :verified: @[email protected] ·

    Feel free to boost 🔁 if you like this #picture 🥰 -- #today a #photo of my #dog on #mondog
    .
    He is my best friend and always by my side 😊
    .
    #goodmorning #monday #mondaymorning #portrait #photography #photographer #nature #animal #puppy #blog #blogger #mastodog #dogday #bestfriend #bf #follow #boost #photomonday #fotomontag #onelove #newhere #neuhier #mondaymotivation #austria #dogoday #mastodonians #DogsOfMastodon

    #picture #today #photo #dog #mondog #goodmorning
  18. Eli :verified: @[email protected] ·

    Feel free to boost 🔁 if you like this #picture 🥰 -- #today a #photo of my #dog on #mondog
    .
    He is my best friend and always by my side 😊
    .
    #goodmorning #monday #mondaymorning #portrait #photography #photographer #nature #animal #puppy #blog #blogger #mastodog #dogday #bestfriend #bf #follow #boost #photomonday #fotomontag #onelove #newhere #neuhier #mondaymotivation #austria #dogoday #mastodonians #DogsOfMastodon

    #dogsofmastodon #mastodonians #dogoday #austria #mondaymotivation #neuhier
  19. Eli :verified: @[email protected] ·

    Feel free to boost 🔁 if you like this #picture 🥰 -- #today a #photo of my #dog on #mondog
    .
    He is my best friend and always by my side 😊
    .
    #goodmorning #monday #mondaymorning #portrait #photography #photographer #nature #animal #puppy #blog #blogger #mastodog #dogday #bestfriend #bf #follow #boost #photomonday #fotomontag #onelove #newhere #neuhier #mondaymotivation #austria #dogoday #mastodonians #DogsOfMastodon

    #picture #today #photo #dog #mondog #goodmorning
  20. Eli Norainu @[email protected] ·

    Lily is making hotteok just like her grandma does. Just a special treat to share with her friends, unless a certain bantha doesn't eat them all first.

    #Art #FanArt #FurryArt #TraditionalArt #ColorPencil #Drawing #Sketch #LilyIkutan #MrScruffles #Hotteok #Cooking

    #art #fanart #furryart #traditionalart #colorpencil #drawing
  21. Eli K.P. William @[email protected] ·

    Take a close look at the cover of that upcoming sci-fi anthology from Hayakawa. You'll see my name in katakana (イーライ・K・P・ウィリアム). That's because I've got a short story in there, the first I've ever written in Japanese. It's something I've dreamed of for, like, 15 years. I'm in total disbelief...

    #secondlanguage #fiction #writing
    #japanese #scifi #debut

    hayakawabooks.com/n/n38b136ad6

    #secondlanguage #fiction #writing #japanese #scifi #debut
  22. Eli @[email protected] ·

    A fine first Friday at Newport Folk Fest, long day jam-packed with tunes, but the craziest thing was a sudden relentless swarm of dragonflies that descended during Guster's set, never seen anything like it, not nearly captured in this vid. Pretty wild. Luckily dragonflies are harmless and pretty cool.
    #newportfolk

    #newportfolk
  23. Eli Cohen @[email protected] ·

    If you like fantasy literature and haven't read any cosmere series by @BrandSanderson , you don't know what you're missing.

    One of the most prolific writers, writing some of the best fantasy literature of all time.

    Start with the Mistborn trilogy, then move on to the rest.
    ---
    RT @torbooks
    #TressoftheEmeraldSea by @BrandSanderson is being published on 4/4, but @tordotcom is here to give you an early look at the cover + a sneak peek into…
    twitter.com/torbooks/status/16

    #tressoftheemeraldsea
  24. Eli :verified: @[email protected] ·

    Feel free to #boost 🔁 if you like my #picture ☺️
    .
    Today I #share a #photo of an Austrian #lake with amazing #mountains in the background. I took this shot last year in #autumn
    .
    Also follow @muatsdrawig 😜 my #travel #blog in #austria
    .
    .
    #photo #photographer #nature #landscape #naturephotography #followfriday #friday #december #fall #throwbackthursday #blogger #travelling #adventure #hiking #forest #moutain #water #follow #freitag #winter #salzkammergut #langbathsee #upperaustria

    #boost #picture #share #photo #lake #mountains
  25. Eli K.P. William @[email protected] ·

    #5 Wild At Heart Elvis and Marylin Monroe take a wild ride on the yellow brick road to escape psychopathic gangsters sent by Marylin's Wicked Witch of a mother. There's nothing quite like this horrific beauty of a film. #davidlynch #filmography #wildatheart #wizardofoz #horror #roadtrip #romance

    RE: https://bsky.app/profile/did:plc:ayed34jr4mvtgrt3z5aj65n5/post/3lhalxoilqk2d

    Wild at Heart (1990)

    #davidlynch #filmography #wildatheart #wizardofoz #horror #roadtrip
  26. Eli Roberson (he/him) @[email protected] ·

    RE: fosstodon.org/@Posit/116262744

    Well crud. Looks like #Posit has gone full #enshittification too. I hope there's a good archive of previous versions that don't have this crap in them. So disappointing, though I can't say that I'm surprised given their direction over the years.

    #posit #enshittification
  27. Eli Roberson (he/him) @[email protected] ·

    RE: fosstodon.org/@Posit/116262744

    Well crud. Looks like #Posit has gone full #enshittification too. I hope there's a good archive of previous versions that don't have this crap in them. So disappointing, though I can't say that I'm surprised given their direction over the years.

    #posit #enshittification
  28. Eli Roberson (he/him) @[email protected] ·

    RE: fosstodon.org/@Posit/116262744

    Well crud. Looks like #Posit has gone full #enshittification too. I hope there's a good archive of previous versions that don't have this crap in them. So disappointing, though I can't say that I'm surprised given their direction over the years.

    #posit #enshittification
  29. Eli Roberson (he/him) @[email protected] ·

    RE: fosstodon.org/@Posit/116262744

    Well crud. Looks like #Posit has gone full #enshittification too. I hope there's a good archive of previous versions that don't have this crap in them. So disappointing, though I can't say that I'm surprised given their direction over the years.

    #enshittification #posit
  30. Eli Roberson (he/him) @[email protected] ·

    RE: fosstodon.org/@Posit/116262744

    Well crud. Looks like #Posit has gone full #enshittification too. I hope there's a good archive of previous versions that don't have this crap in them. So disappointing, though I can't say that I'm surprised given their direction over the years.

    #posit #enshittification
Next page