Using GitHub Copilot Effectively

Why Use GitHub Copilot?

GitHub Copilot is known for its auto-fill technology. The World Wide Web is filled with articles and videos claiming that it is only useful for code completion and lacks usefulness as an agentic coding tool.

My experience is that GitHub Copilot is an excellent agentic coding tool. I have used it to build some very large and complex applications in a short period of time. I combine Copilot with a tool that makes it very effective. The best part of Copilot is the price.

Cost

A GitHub Copilot Pro+ membership costs $40/month. If you pay for a yearly membership, the monthly price is around $32.

The plan includes 1500 premium requests per month. A premium request is a user-submitted message to a premium model. Several API calls may result from a single premium request.

I consider myself to be a heavy user. I average around 700 premium requests per month. The 1500 request limit is more than enough. This is especially true if you use the best model for the job.

Models

I use the following models in my workflow:

• Claude Sonnet 4.5: This is my primary model. It is great for general-purpose backend work.
• Claude Opus 4.5: This is my planner. It costs more credits, so it should be used sparingly.
• Gemini 3 Pro: This is my web designer. It is good at creative tasks.
• GPT 5.2 Codex: This is my code reviewer and bug fixer.

Smaller Context Windows

One reason Copilot is so affordable compared to other products on the market is that its models use smaller context windows. This is problematic for traditional vibe coding. However, using the proper tools will resolve the limitation.

Introducing OpenSpec

To use Copilot effectively, you must introduce a planning tool. OpenSpec is more than just a planning tool. In addition to creating plans, known as change proposals, it creates project specifications. This will aid the model in future planning sessions.

To start, you must install the OpenSpec CLI:

npm install -g @fission-ai/openspec@latest

Next, you must activate OpenSpec in each project. Navigate to your project directory and run:

openspec init

Press ENTER next to GitHub Copilot to enable it, and press TAB to proceed. The OpenSpec CLI will generate multiple files and directories that work together to create the OpenSpec experience.

IMPORTANT: After configuring OpenSpec for a project, you must restart Visual Studio Code so it will read the OpenSpec files.

Your First Change Proposal

Now that OpenSpec is initialized, open Copilot Chat, select Claude Opus 4.5, and type:

/opsx-ff my-new-feature Create a change proposal and its artifacts. Add the ability for the user to sort rows by most recent or by chronological order.

OpenSpec will proceed to generate the change proposal in the openspec directory. Open the tasks.md file and look at the tasks OpenSpec produced. If everything looks good, proceed to apply the proposal. Start a new chat session, select the most appropriate model, and run this command:

/opsx-apply my-new-feature

This will complete the tasks and mark them as completed.

Conclusion

Using OpenSpec, GitHub Copilot generated a large feature with only a few premium requests. This reduced the number of requests needed to implement the solution. It also improved the accuracy of the results. Using OpenSpec with GitHub Copilot offers one of the most affordable ways to access premium large language models.

Using pfSense As My Home Router - Part 1

Background

I have gone through multiple wireless routers. I have used Linksys, Netgear, ASUS, Buffalo, TP-LINK, and more. I have noticed that Linksys and Netgear often ship with very buggy firmware, and they often slow down and stop routing traffic. I am then required to restart them.

As a case in point, I recently returned a Netgear R6900 to Costco, because I had to restart it every 48 hours. To verify was not the only one, I did a Google search and found a forum entry of thousands of people that are having the same issue at https://community.netgear.com/t5/Nighthawk-WiFi-Routers/R7900P-dropping-internet-requiring-reset-every-few-days/td-p/1450152.

Having experienced so many issues, I decided to build my own physical router. It would not handle wireless traffic. It would only handle routing traffic from my home network to the Internet. Then, I would use my existing wireless routers purely as access points. They would connect wireless users to the network, but they would not handle any routing.

Hardware

They first step I took was to invest in a mini PC. I searched www.aliexpress.com for a good firewall-based computer. I wanted a computer that had four network cards. One would be used to connect the computer to the Internet. Another one would be dedicated for routing VPN traffic. The last two would be bridged, acting as a switch, and connected to my home network.

I searched www.aliexpress.com for mini PC and I found one that I liked. It contained a Celeron J1900 processor, 4 gigabytes of RAM, and a 32 gigabyte SSD hard disk. The total cost was $143. Since the description specifically mentioned pfSense, I figured it would be a perfect match for my usage requirements:

The computer shipped from Hong Kong. It took a little over a week to arrive. But, given that it was free shipping, I did not complain. I was very excited when it finally arrived.

Installing pfSense

When the PC arrived, I plugged it into a monitor using a VGA cable. I also plugged in a dongle for a wireless USB keyboard/mouse combo. I plugged one network card into my cable modem. Note that it is necessary to restart your cable modem whenever you plug new hardware into it. I plugged a second network card into a gigabit switch that was connected to my home network.

On an existing computer, I then used Rufus (https://rufus.ie/en_IE.html) to create a bootable flash drive with the pfSense installer. I downloaded pfSense from https://www.pfsense.org/download/. I chose the following options:

When I inserted the bootable USB drive into the computer, the computer booted into Windows. It was preloaded with Windows. To get the pfSense installer to load, I had to go to the BIOS and tell it to boot from the USB drive instead of the built in hard disk. Once I updated the BIOS, the pfSense installer loaded. I accepted the defaults and finished the installation. It went very quickly.

Creating a Fedora 28 Server Linux Router - Part 3

Installing SoftEther

SoftEther is a performant VPN server package that is my preferred VPN software. There are not packages directly available for Fedora, so it is necessary to download it from the SoftEther website. It can be installed by following the steps below.

Install Dependencies

dnf -y install make gcc zlib-devel openssl-devel readline-devel ncurses-devel

Download

wget https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.25-9656-rtm/softether-vpnserver-v4.25-9656-rtm-2018.01.15-linux-x64-64bit.tar.gz

tar xvfz softether-vpnserver-v4.25-9656-rtm-2018.01.15-linux-x64-64bit.tar.gz

Compile

cd vpnserver

make

Move

cd ..

mv vpnserver /usr/local/

Set Permissions

cd /usr/local/vpnserver

chmod -R 600

chmod 700 vpnserver

chmod 700 vpncmd

Disable SELinux

vi /etc/selinux/config

Update the following line:

SELINUX=disabled

Reboot the computer. Now, create a systemd file:

vi /etc/systemd/system/vpnserver.service

Add the following contents:

[Unit]

Description=SoftEther VPN Server  

After=network.target auditd.service  

ConditionPathExists=!/usr/local/vpnserver/do_not_run

[Service]

Type=forking  

EnvironmentFile=-/usr/local/vpnserver  

ExecStart=/usr/local/vpnserver/vpnserver start  

ExecStop=/usr/local/vpnserver/vpnserver stop  

KillMode=process  

Restart=on-failure

# Hardening

PrivateTmp=yes  

ProtectHome=yes  

ProtectSystem=full  

ReadOnlyDirectories=/  

ReadWriteDirectories=-/usr/local/vpnserver  

CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYS_ADMIN CAP_SETUID

[Install]

WantedBy=multi-user.target

Enable and Start the Service

systemctl enable vpnserver

systemctl start vpnserver

Creating a Fedora 28 Server Linux Router - Part 2

This is part 2 of my multi-part series in configuring router using Fedora 28 Server. It is a continuation of http://techninotes.blogspot.com/2018/10/creating-fedora-28-server-linux-router.html. This article will cover the following steps:

• Configuring the Firewall
• Installing and Configuring bind
• Installing and Configuring 

Configuring the Firewall

Enable IP Forwarding

Normally, to enable IP forwarding, you would add an entry to /etc/sysctl.conf. With Fedora 28, however, it replaces that file each time it starts up. Instead, it is necessary to add the entry to a file in the /etc/sysctl.d/99-sysctl.conf:

vi /etc/sysctl.d/99-sysctl.conf

Add the following line to the end to ensure IP forwarding is enabled on boot:

net.ipv4.ip_forward=1

To enable IP forwarding immediately, run the following command:

sysctl -w net.ipv4.ip_forward=1

Configure the Firewall

Before configuring the firewall, you need to first identify the names of the private and public network cards. Part 1 of this series goes further into this. Once you have the names, we can set up our firewall rules. In my case, I have the following setup:

eth0 - External Internet Access
eth1 - Internal Network

First, make external be the default zone:

firewall-cmd --set-default-zone external

To verify the default zone is set, run the following command:

firewall-cmd --get-default-zone

Now, assign eth1 to the internal zone:

firewall-cmd --zone=internal --change-interface eth1

To view all zone assignments, run the following command:

firewall-cmd --get-active-zones

Next, let's allow all traffic on the internal zone:

firewall-cmd --permanent --zone=internal --set-target=ACCEPT

Finally, set up masquerading on the external interface. This is what causes the router to forward IPv4 traffic to the Internet:

firewall-cmd --permanent --direct --add-rule ipv4 nat POSTROUTING 0 -o eth0 -j MASQUERADE
firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -i eth1 -o eth0 -j ACCEPT
firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT

Installing and Configuring Bind

dnf -y install bind bind-utils

Now, you need to update named.conf:

vi /etc/named.conf

Add your server's private IP address to the listen-on line:

listen-on port 53 { 127.0.0.1; 192.168.1.1; };

Add your private subnet to the allow-query line:

allow-query { localhost; 192.168.1.0/24; };

Add an allow-recursion statement and add the upstream DNS servers to a forwarders entry below the allow-query line:

allow-query { localhost; 192.168.1.0/24; };
allow-recursion { localhost; 192.168.1.0/24; };

forwarders { 8.8.8.8; 8.8.4.4; }

Add a forward statement under the recursion line:

recursion yes;

forward only;

Restart the service:

systemctl restart named

Set the service to start on boot:

systemctl enable named

Installing and Configuring DHCP

dnf -y install dhcp

Add a subnet to dhcpd.conf:

vi /etc/dhcp/dhcpd.conf

Enter the following lines:

subnet 192.168.1.0 netmask 255.255.255.0 {

    option domain-name-servers 192.168.1.1;

    option domain-name "mynet.local";

    option routers 192.168.1.1;

    range 192.168.1.100 192.168.1.245;

}

Restart the service:

systemctl restart dhcpd

Set the service to start on boot:

systemctl enable dhcpd

Creating a Fedora 28 Server Linux Router - Part 1

Linux has some very powerful routing capabilities. It is also very performant and it uses very few resources. These, and countless other benefits make it an excellent choice for a router operating system. Choosing a distribution can be a challenge, however.

I have built routers using pfSense, DD-WRT, Ubuntu, Debian, and CentOS. Each of these has pros and cons. pfSense and DD-WRT have web applications that can be used to configure the router. Ubuntu and Debian are easy to get up and running quickly. CentOS has wide support. Fedora has much newer packages available, and also has wide support.

As a side note, Ubuntu is built on top of Debian. CentOS is built on top of Fedora. Debian and Fedora have been around for a very long time, and they have very large numbers of users.

After having created so many different routers, my current favorite is Fedora. It has been very predictable and stable - both are good qualities to have in a router operating system. This article will take you step-by-step through the process of building a router using Fedora.

Prerequisites

Here are my recommended prerequisites. I am just making these up based on past experiences:

• 16 GB Hard Disk
• 2 GB RAM
• 2 CPU Cores
• 2 Network Cards

Installation

Download and install Fedora Server from https://getfedora.org/en/server/. If you plan on booting from a USB drive, download the Fedora Media Writer from https://getfedora.org/en/workstation/download/. Note that although the page says Download Fedora 28 Workstation, the download link currently points to the Media Writer.

Post Installation Steps

Configure Static IP Address

Fedora 28 stores its network configuration scripts under /etc/sysconfig/network-scripts. For each network card that is detected, a script will be created with the prefix
ifcfg-. For example, my computer has two network cards: eth0 and eth1. eth0 is connected to the public Internet and eth1 is connected to my private network. Two files exist called ifcfg-eth0 and ifcfg-eth1.

To configure an IP address for a given interface, open the appropriate file in a text editor. By default, it is set to use DHCP to obtain an IP address. Add the following entries:

IPADDR=192.168.1.1

PREFIX=24

Install Updates

To install all available updates, type dnf upgrade at the console.

Ubuntu 18.04 Won't Resolve DNS

DNS Resolution Failure and Fix

I noticed after doing both fresh installations and upgrades of Ubuntu Server 18.04, DNS was either really slow, or it would not resolve at all. The symptoms were random. I searched high and low on the Internet. It took me a long time to find a solution.

By default, when installing Ubuntu, it will create a symbolic link from /etc/resolv.conf to /run/systemd/resolve/stub-resolv.conf. If DNS resolutions are failing, one solution is to remap this link. Point it to to /run/systemd/resolve/resolv.conf instead.  The following commands will move the link:

sudo rm /etc/resolv.conf
sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

If you are experiencing long delays while performing DNS lookups, the previous commands should resolve the issue. To see what file your symbolic link is pointing to, run the following command.

ls -al /etc/resolv.conf

If it points to /run/systemd/resolve/resolve.conf then it should work just fine.

Migrating Existing Virtual Machines to NVMe in VMWare Workstation 14

Today, I downloaded a trial version of VMWare Workstation 14. The release notes mention a new "NVMe" hard disk controller. Having had hard disk performance issues in the past, I was excited to try it out. I decided to port one of my development virtual machines to the new controller. I was able to do so successfully. To do this, follow the instructions below:

To begin, "upgrade" the virtual machine hardware version from the Settings tab:

In the wizard, select Workstation 14.x:

Once the virtual machine has been upgraded, ensure the new drivers are loaded into Windows. To do this, add a second hard disk, that uses the NVMe controller. You can delete the hard disk when the upgrade is complete. But, add it for now. Start by clicking, Edit virtual machine settings:

From there, click the Add button:

Choose Hard Disk:

Choose NVMe:

Choose Create a new virtual disk:

If you want the disk to be a single file, be sure to select Store virtual disk as a single file:

Finally, give the disk a name and click the Finish button:

Click the OK button in the Virtual Machine Settings page to save your changes. Turn on the virtual machine. Once it has turned on, log into Windows. In VMWare Workstation, select VM->Upgrade VMWare Tools. A virtual CD will be inserted into the CD-ROM drive. Run the setup.exe program to install the new drivers. Allow the virtual machine to reboot.

Once the virtual machine has rebooted, the new NVMe drivers will have been loaded. At this point, shut down Windows. Then, close the virtual machine in VMWare Workstation. The next step is to hand edit the .vmx file for the virtual machine. Make a backup of the file. Then, open it in a text editor, such as Notepad++.

In the text editor, search for scsi0. Remove all lines for the scsi0 controller. Take note of the name of the hard disk file, you will need it later. It will end with the .vmdk extension. In the screenshot below, mine is BRN-CLIENT02.vmdk:

 Now, scroll to the bottom of the file. You will find the new NVMe hard disk:

Change any occurrences of nvme0:0 to nvme0:1 to make that drive the second hard disk on the NVMe controller. Then, insert your original hard disk on nvme0:0:

Save the file. Open the virtual machine in VMWare Workstation. Boot it up. You are now using the NVMe controller for your hard disk!

NOTE: If you are using shared virtual machines, the VMWare Workstation Server service caches the .vmx file once you load it. Be sure to also stop that service prior to editing the .vmx file. Stopping the service will not shut down any running virtual machines. Start it back up once the file has been modified.