From 3d4da5ac6000a4871c5caa80d1e61f2782da3069 Mon Sep 17 00:00:00 2001 From: Christian Cleberg Date: Sat, 2 Dec 2023 23:27:35 -0600 Subject: feat: finish converting md to org --- blog/2021-01-01-seum.org | 185 +++--- blog/2021-01-04-fediverse.org | 215 ++++--- blog/2021-01-07-ufw.org | 271 +++++---- blog/2021-02-19-macos.org | 324 +++++----- blog/2021-03-19-clone-github-repos.org | 144 ++--- blog/2021-03-28-gemini-capsule.org | 246 ++++---- blog/2021-03-28-vaporwave-vs-outrun.org | 271 +++++---- blog/2021-03-30-vps-web-server.org | 557 +++++++++-------- blog/2021-04-17-gemini-server.org | 234 ++++---- blog/2021-04-23-php-comment-system.org | 374 ++++++------ blog/2021-04-28-photography.org | 112 ++-- blog/2021-05-30-changing-git-authors.org | 54 +- blog/2021-07-15-delete-gitlab-repos.org | 103 ++-- blog/2021-08-25-audit-sampling.org | 293 ++++----- blog/2021-10-09-apache-redirect.org | 70 +-- blog/2021-12-04-cisa.org | 391 ++++++------ blog/2022-02-10-leaving-the-office.org | 451 +++++++------- blog/2022-02-16-debian-and-nginx.org | 233 ++++---- blog/2022-02-17-exiftool.org | 110 ++-- blog/2022-02-20-nginx-caching.org | 122 ++-- blog/2022-02-22-tuesday.org | 57 +- blog/2022-03-02-note-taking.org | 232 ++++---- blog/2022-03-03-financial-database.org | 327 +++++----- blog/2022-03-08-plex-migration.org | 361 ++++++----- blog/2022-03-23-cloudflare-dns-api.org | 99 +-- blog/2022-03-23-nextcloud-on-ubuntu.org | 170 +++--- blog/2022-03-24-server-hardening.org | 638 ++++++++++---------- blog/2022-03-26-ssh-mfa.org | 218 +++---- blog/2022-04-02-nginx-reverse-proxy.org | 305 +++++----- blog/2022-04-09-pinetime.org | 290 +++++---- blog/2022-06-01-ditching-cloudflare.org | 190 +++--- blog/2022-06-04-njalla-dns-api.org | 211 ++++--- blog/2022-06-07-freshrss.org | 327 +++++----- blog/2022-06-16-terminal-lifestyle.org | 348 ++++++----- blog/2022-06-22-daily-poetry.org | 254 ++++---- blog/2022-06-24-fedora-i3.org | 219 +++---- blog/2022-07-01-git-server.org | 662 +++++++++++---------- blog/2022-07-14-gnupg.org | 417 +++++++------ blog/2022-07-25-curseradio.org | 173 +++--- blog/2022-07-30-flac-to-opus.org | 170 +++--- blog/2022-07-31-bash-it.org | 301 +++++----- blog/2022-08-31-privacy.com-changes.org | 188 +++--- blog/2022-09-17-serenity-os.org | 177 +++--- blog/2022-09-21-graphene-os.org | 258 ++++---- blog/2022-10-04-mtp-linux.org | 116 ++-- blog/2022-10-20-syncthing.org | 320 +++++----- blog/2022-10-22-alpine-linux.org | 409 +++++++------ blog/2022-10-30-linux-display-manager.org | 123 ++-- blog/2022-11-07-matrix-synapse.org | 231 +++---- blog/2022-11-11-nginx-tmp-errors.org | 79 +-- blog/2022-11-27-server-build.org | 241 ++++---- blog/2022-11-29-nginx-referrer-ban-list.org | 136 +++-- blog/2022-12-01-nginx-compression.org | 109 ++-- blog/2022-12-07-nginx-wildcard-redirect.org | 116 ++-- blog/2022-12-17-st.org | 131 ++-- blog/2022-12-23-alpine-desktop.org | 266 +++++---- blog/2023-01-03-recent-website-changes.org | 169 +++--- blog/2023-01-05-mass-unlike-tumblr-posts.org | 143 +++-- blog/2023-01-08-fedora-remove-login-manager.org | 69 ++- blog/2023-01-21-running-flatpak-apps-easily.org | 63 +- blog/2023-01-23-random-mullvad-wireguard.org | 115 ++-- ...023-01-28-self-hosting-wger-workout-manager.org | 178 +++--- blog/2023-02-02-exploring-hare.org | 263 ++++---- blog/2023-05-22-burnout.org | 89 +-- blog/2023-06-08-goaccess-geoip.org | 99 +-- blog/2023-06-08-self-hosting-baikal-server.org | 183 +++--- blog/2023-06-18-unifi-ip-blocklist.org | 132 ++-- blog/2023-06-20-audit-review-cheatsheet.org | 138 +++-- blog/2023-06-23-byobu.org | 61 +- blog/2023-06-23-self-hosting-convos-irc.org | 215 +++---- blog/2023-06-28-backblaze-b2.org | 276 +++++---- ...023-06-30-self-hosting-voyager-lemmy-client.org | 171 +++--- blog/2023-07-12-mullvad-wireguard-lan.org | 151 ++--- blog/2023-07-19-plex-transcoder-errors.org | 88 +-- blog/2023-08-18-agile-auditing.org | 264 ++++---- blog/2023-09-15-gitweb.org | 76 +-- blog/2023-09-19-audit-sql-scripts.org | 140 +++-- blog/2023-10-04-digital-minimalism.org | 166 +++--- blog/2023-10-11-self-hosting-authelia.org | 511 ++++++++-------- blog/2023-10-15-alpine-ssh-hardening.org | 94 +-- blog/2023-10-17-self-hosting-anonymousoverflow.org | 191 +++--- blog/2023-11-08-scli.org | 193 +++--- 82 files changed, 9573 insertions(+), 8294 deletions(-) diff --git a/blog/2021-01-01-seum.org b/blog/2021-01-01-seum.org index e157ff0..639cede 100644 --- a/blog/2021-01-01-seum.org +++ b/blog/2021-01-01-seum.org @@ -1,84 +1,107 @@ -+++ -date = 2021-01-01 -title = "SEUM: Speedrunners from Hell" -description = "A video game review for SEUM: Speedrunners from Hell, an incredibly fast-paced mashup of a puzzle game and a free-running game." -+++ - -## Game Description - -[SEUM: Speedrunners from Hell](https://store.steampowered.com/app/457210/SEUM_Speedrunners_from_Hell/) -is an incredibly fast-paced mashup of a puzzle game and a free-running game. -Created by [Pine Studio](https://pinestudio.co) in early 2016 and first released -as a -[demo on GameJolt](https://gamejolt.com/games/seum-speedrunners-from-hell-demo/154868), -this game was successfully green-lit on Steam and has amassed a cult -following on multiple consoles. +#+title: SEUM: Speedrunners from Hell +#+date: 2021-01-01 + +** Game Description +:PROPERTIES: +:CUSTOM_ID: game-description +:ID: 809DA4E6-4E0D-4179-B8FF-6C9E767EC74D +:END: +[[https://store.steampowered.com/app/457210/SEUM_Speedrunners_from_Hell/][SEUM: +Speedrunners from Hell]] is an incredibly fast-paced mashup of a puzzle +game and a free-running game. Created by [[https://pinestudio.co][Pine +Studio]] in early 2016 and first released as a +[[https://gamejolt.com/games/seum-speedrunners-from-hell-demo/154868][demo +on GameJolt]], this game was successfully green-lit on Steam and has +amassed a cult following on multiple consoles. Here's the game description straight from the developers: -> Like a bastard child of Quake 3 and Super Meat Boy, SEUM: Speedrunners from -> Hell is truly hardcore and focuses on speed and fast reaction. - -## Story - -SEUM does a great job setting the stage when you open the game for the first -time, playing an animated video in the form of comic book images. You see Marty, -the protagonist, sitting around drinking his beer as Satan busts down the door, -cuts his hand off, and steals all his beer and bacon. As Satan is leaving, Marty -whips a vinyl record across the room and cuts off one of Satan's hands. This -hand is what allows you to use all the powers in the game. - -Check out the screenshot below for one of the first panels of the storyline: - -![SEUM Story](https://img.cleberg.net/blog/20210101-seum/seum_story.png) - -## Gameplay - -To accomplish each level, you will need to get to the final blue portal under a -certain time limit. You can beat a level by getting to the portal before the -time meter runs out or "Dominate" a level by beating it within a shorter time -limit (noted by a bright red/orange color in the time meter). - -The portal is usually set behind locked gates, protected by dangerous defenses, -or in hard-to-reach places. To reach the portal, you'll need to go through any -existing orange portals, light all yellow beacons, avoid things like fireballs -and blades, or use any satanic power orbs lying around. These special abilities -include: - -- Gravity -- Teleport -- Rewind -- Spawn platform -- Roar (DLC) -- Rocket (DLC) -- Shadow world (DLC) - -For the main storyline, there are nine floors to beat. Each floor contains nine -regular levels, one boss level, and one bonus level; although you don't -technically need to beat all levels to advance to the next floor. - -![SEUM Floor Menu](https://img.cleberg.net/blog/20210101-seum/seum_floor.png) - -## In-Game Screenshots - -The main menu gives you plenty of options for tuning your system, playing main -levels, playing the DLC, or exploring the other game modes. - -![SEUM Main Menu](https://img.cleberg.net/blog/20210101-seum/seum_menu.png) - -Once you enter a level, you can look around and strategize before starting. -Clicking any button will start the menu, and you'll have to restart if you die. -One of the great things about SEUM is that it has great keyboard shortcuts. You -can quickly smash `R` to restart the level or `M` to return to the level menu. - -![SEUM Level](https://img.cleberg.net/blog/20210101-seum/seum_level.png) - -Once you're able to win a level, you'll see the high scores and can watch -replays of the best scores. - -![SEUM Win](https://img.cleberg.net/blog/20210101-seum/seum_win.png) - -Each regular level contains a beer in a disguised location that may take some -out-of-the-box thinking. - -![SEUM Beer](https://img.cleberg.net/blog/20210101-seum/seum_beer.png) +#+begin_quote +Like a bastard child of Quake 3 and Super Meat Boy, SEUM: Speedrunners +from Hell is truly hardcore and focuses on speed and fast reaction. + +#+end_quote + +** Story +:PROPERTIES: +:CUSTOM_ID: story +:ID: BF401145-763D-4399-922B-7D73322B5B40 +:END: +SEUM does a great job setting the stage when you open the game for the +first time, playing an animated video in the form of comic book images. +You see Marty, the protagonist, sitting around drinking his beer as +Satan busts down the door, cuts his hand off, and steals all his beer +and bacon. As Satan is leaving, Marty whips a vinyl record across the +room and cuts off one of Satan's hands. This hand is what allows you to +use all the powers in the game. + +Check out the screenshot below for one of the first panels of the +storyline: + +#+caption: SEUM Story +[[https://img.cleberg.net/blog/20210101-seum/seum_story.png]] + +** Gameplay +:PROPERTIES: +:CUSTOM_ID: gameplay +:ID: A55CB1AF-E818-4CA7-BF69-E8141369C269 +:END: +To accomplish each level, you will need to get to the final blue portal +under a certain time limit. You can beat a level by getting to the +portal before the time meter runs out or "Dominate" a level by beating +it within a shorter time limit (noted by a bright red/orange color in +the time meter). + +The portal is usually set behind locked gates, protected by dangerous +defenses, or in hard-to-reach places. To reach the portal, you'll need +to go through any existing orange portals, light all yellow beacons, +avoid things like fireballs and blades, or use any satanic power orbs +lying around. These special abilities include: + +- Gravity +- Teleport +- Rewind +- Spawn platform +- Roar (DLC) +- Rocket (DLC) +- Shadow world (DLC) + +For the main storyline, there are nine floors to beat. Each floor +contains nine regular levels, one boss level, and one bonus level; +although you don't technically need to beat all levels to advance to the +next floor. + +#+caption: SEUM Floor Menu +[[https://img.cleberg.net/blog/20210101-seum/seum_floor.png]] + +** In-Game Screenshots +:PROPERTIES: +:CUSTOM_ID: in-game-screenshots +:ID: C779F008-4C8A-4BA4-AA31-60A1BF5A3EE3 +:END: +The main menu gives you plenty of options for tuning your system, +playing main levels, playing the DLC, or exploring the other game modes. + +#+caption: SEUM Main Menu +[[https://img.cleberg.net/blog/20210101-seum/seum_menu.png]] + +Once you enter a level, you can look around and strategize before +starting. Clicking any button will start the menu, and you'll have to +restart if you die. One of the great things about SEUM is that it has +great keyboard shortcuts. You can quickly smash =R= to restart the level +or =M= to return to the level menu. + +#+caption: SEUM Level +[[https://img.cleberg.net/blog/20210101-seum/seum_level.png]] + +Once you're able to win a level, you'll see the high scores and can +watch replays of the best scores. + +#+caption: SEUM Win +[[https://img.cleberg.net/blog/20210101-seum/seum_win.png]] + +Each regular level contains a beer in a disguised location that may take +some out-of-the-box thinking. + +#+caption: SEUM Beer +[[https://img.cleberg.net/blog/20210101-seum/seum_beer.png]] diff --git a/blog/2021-01-04-fediverse.org b/blog/2021-01-04-fediverse.org index 1365fe1..4aa9d6f 100644 --- a/blog/2021-01-04-fediverse.org +++ b/blog/2021-01-04-fediverse.org @@ -1,106 +1,123 @@ -+++ -date = 2021-01-04 -title = "A Simple Guide to the Fediverse" -description = "A simple guide to the fediverse, a federated universe of servers commonly used for sharing content, like social media." -draft = false -+++ - -## What is the Fediverse? - -The fediverse is a federated universe of servers commonly used for sharing -content, like social media. So, instead of having to rely on a single -organization to run the server (e.g. Facebook), the fediverse is a giant -collection of servers across the world, owned by many people and organizations. - -Take a look at this depiction of a federated network. -Each server in this photo is owned and run by different -administrators/owners. -Federated networks are best explained as email servers: you have an email -account that exists on a server (e.g. Outlook), your friend has an account on -a different server (e.g. GMail), and another friend has an account on a -third server (e.g. ProtonMail). -All three of you can talk and communicate back and forth without having to -be on the same server. -However, responsible email admins are there to set rules and control the +#+title: A Simple Guide to the Fediverse +#+date: 2021-01-04 + +** What is the Fediverse? +:PROPERTIES: +:CUSTOM_ID: what-is-the-fediverse +:END: +The fediverse is a federated universe of servers commonly used for +sharing content, like social media. So, instead of having to rely on a +single organization to run the server (e.g. Facebook), the fediverse is +a giant collection of servers across the world, owned by many people and +organizations. + +Take a look at this depiction of a federated network. Each server in +this photo is owned and run by different administrators/owners. +Federated networks are best explained as email servers: you have an +email account that exists on a server (e.g. Outlook), your friend has an +account on a different server (e.g. GMail), and another friend has an +account on a third server (e.g. ProtonMail). All three of you can talk +and communicate back and forth without having to be on the same server. +However, responsible email admins are there to set rules and control the traffic going in/out of the server. -![Federated services diagram](https://img.cleberg.net/blog/20210104-a-simple-guide-to-the-fediverse/federated-example.svg) +#+caption: Federated services diagram +[[https://img.cleberg.net/blog/20210104-a-simple-guide-to-the-fediverse/federated-example.svg]] -The main objective of this architecture is to decentralize the control within -the internet connections. For example, if you run your own Mastodon instance, -you and your users can't be censored or impacted in any way by authorities of -another Mastodon instance. Some users have praised these features due to recent -criticism of popular social media websites that may be over-censoring their -users. +The main objective of this architecture is to decentralize the control +within the internet connections. For example, if you run your own +Mastodon instance, you and your users can't be censored or impacted in +any way by authorities of another Mastodon instance. Some users have +praised these features due to recent criticism of popular social media +websites that may be over-censoring their users. This strategy is great for making sure control of the social web isn't -controlled by a single organization, but it also has some downsides. If I create -a Mastodon instance and get a ton of users to sign up, I can shut the server -down at any time. That means you're at risk of losing the content you've created -unless you back it up, or the server backs it up for you. Also, depending on the -software used (e.g. Mastodon, Pixelfed, etc.), censorship may still be an issue -if the server admins decide they want to censor their users. Now, censorship -isn't always a bad thing and can even benefit the community as a whole, but -you'll want to determine which servers align with your idea of proper -censorship. - -However, these are risks that we take when we sign up for any online platform. -Whatever your reason is for trying out federated social networks, they are part -of the future of the internet. However, the popularity of these services is -still yet to be determined, especially with the increased difficulty -understanding and signing up for these platforms. Perhaps increased regulation -and litigation against current social media sites will push more users into the -fediverse. - -## Federated Alternatives to Popular Sites - -The list below is a small guide that will show you federated alternatives to -current popular websites. -There are many more out there, so go and explore: you might just find the -perfect home. - -### Reddit - -- [Lemmy](https://lemmy.ml/instances) - -### Twitter/Facebook/Tumblr - -- [Mastodon](https://joinmastodon.org) -- [Diaspora](https://diasporafoundation.org) -- [Friendica](https://friendi.ca) -- [GNU Social](https://gnusocial.network) -- [Pleroma](https://pleroma.social) - -### Instagram - -- [Pixelfed](https://pixelfed.org) - -### Slack/Discord - -- [Matrix](https://element.io) - -### Youtube/Vimeo - -- [Peertube](https://joinpeertube.org) - -### Spotify/Soundcloud - -- [Funkwhale](https://funkwhale.audio) - -### Podcasting - -- [Pubcast](https://pubcast.pub) - -### Medium/Blogger - -- [WriteFreely](https://writefreely.org) - -## Get Started - -The best way to get started is to simply sign up and learn as you go. If you're -comfortable signing up through a Mastodon, Pleroma, or Friendica server, here is -[a list of themed servers](https://fediverse.party/en/portal/servers) to choose -from. If you're looking for something else, try a web search for a federated -alternative to your favorite sites. +controlled by a single organization, but it also has some downsides. If +I create a Mastodon instance and get a ton of users to sign up, I can +shut the server down at any time. That means you're at risk of losing +the content you've created unless you back it up, or the server backs it +up for you. Also, depending on the software used (e.g. Mastodon, +Pixelfed, etc.), censorship may still be an issue if the server admins +decide they want to censor their users. Now, censorship isn't always a +bad thing and can even benefit the community as a whole, but you'll want +to determine which servers align with your idea of proper censorship. + +However, these are risks that we take when we sign up for any online +platform. Whatever your reason is for trying out federated social +networks, they are part of the future of the internet. However, the +popularity of these services is still yet to be determined, especially +with the increased difficulty understanding and signing up for these +platforms. Perhaps increased regulation and litigation against current +social media sites will push more users into the fediverse. + +** Federated Alternatives to Popular Sites +:PROPERTIES: +:CUSTOM_ID: federated-alternatives-to-popular-sites +:END: +The list below is a small guide that will show you federated +alternatives to current popular websites. There are many more out there, +so go and explore: you might just find the perfect home. + +*** Reddit +:PROPERTIES: +:CUSTOM_ID: reddit +:END: +- [[https://lemmy.ml/instances][Lemmy]] + +*** Twitter/Facebook/Tumblr +:PROPERTIES: +:CUSTOM_ID: twitterfacebooktumblr +:END: +- [[https://joinmastodon.org][Mastodon]] +- [[https://diasporafoundation.org][Diaspora]] +- [[https://friendi.ca][Friendica]] +- [[https://gnusocial.network][GNU Social]] +- [[https://pleroma.social][Pleroma]] + +*** Instagram +:PROPERTIES: +:CUSTOM_ID: instagram +:END: +- [[https://pixelfed.org][Pixelfed]] + +*** Slack/Discord +:PROPERTIES: +:CUSTOM_ID: slackdiscord +:END: +- [[https://element.io][Matrix]] + +*** Youtube/Vimeo +:PROPERTIES: +:CUSTOM_ID: youtubevimeo +:END: +- [[https://joinpeertube.org][Peertube]] + +*** Spotify/Soundcloud +:PROPERTIES: +:CUSTOM_ID: spotifysoundcloud +:END: +- [[https://funkwhale.audio][Funkwhale]] + +*** Podcasting +:PROPERTIES: +:CUSTOM_ID: podcasting +:END: +- [[https://pubcast.pub][Pubcast]] + +*** Medium/Blogger +:PROPERTIES: +:CUSTOM_ID: mediumblogger +:END: +- [[https://writefreely.org][WriteFreely]] + +** Get Started +:PROPERTIES: +:CUSTOM_ID: get-started +:END: +The best way to get started is to simply sign up and learn as you go. If +you're comfortable signing up through a Mastodon, Pleroma, or Friendica +server, here is [[https://fediverse.party/en/portal/servers][a list of +themed servers]] to choose from. If you're looking for something else, +try a web search for a federated alternative to your favorite sites. Find a server that focuses on your passions and start there! diff --git a/blog/2021-01-07-ufw.org b/blog/2021-01-07-ufw.org index aad5b81..242e296 100644 --- a/blog/2021-01-07-ufw.org +++ b/blog/2021-01-07-ufw.org @@ -1,158 +1,173 @@ -+++ -date = 2021-01-07 -title = "Secure Your Network with the Uncomplicated Firewall" -description = "Learn how to use the UFW, one of the simplest and most widely available firewalls on Linux." -draft = false -+++ - -## Uncomplicated Firewall - -Uncomplicated Firewall, also known as ufw, is a convenient and beginner-friendly -way to enforce OS-level firewall rules. For those who are hosting servers or any -device that is accessible to the world (i.e., by public IP or domain name), it's -critical that a firewall is properly implemented and active. - -Ufw is available by default in all Ubuntu installations after 8.04 LTS. For -other distributions, you can look to install ufw or check if there are -alternative firewalls installed already. There are usually alternatives -available, such as Fedora's `firewall` and the package available on most -distributions: `iptables`. Ufw is considered a beginner-friendly front-end to -iptables. - -[Gufw](https://gufw.org) is available as a graphical user interface (GUI) -application for users who are uncomfortable setting up a firewall through a -terminal. - -![](https://img.cleberg.net/blog/20210107-secure-your-network-with-the-uncomplicated-firewall/gufw.png) - -## Getting Help - -If you need help figuring out commands, remember that you can run the `--help` -flag to get a list of options. - -```sh +#+title: Secure Your Network with the Uncomplicated Firewall +#+date: 2021-01-07 + +** Uncomplicated Firewall +:PROPERTIES: +:CUSTOM_ID: uncomplicated-firewall +:END: +Uncomplicated Firewall, also known as ufw, is a convenient and +beginner-friendly way to enforce OS-level firewall rules. For those who +are hosting servers or any device that is accessible to the world (i.e., +by public IP or domain name), it's critical that a firewall is properly +implemented and active. + +Ufw is available by default in all Ubuntu installations after 8.04 LTS. +For other distributions, you can look to install ufw or check if there +are alternative firewalls installed already. There are usually +alternatives available, such as Fedora's =firewall= and the package +available on most distributions: =iptables=. Ufw is considered a +beginner-friendly front-end to iptables. + +[[https://gufw.org][Gufw]] is available as a graphical user interface +(GUI) application for users who are uncomfortable setting up a firewall +through a terminal. + +[[https://img.cleberg.net/blog/20210107-secure-your-network-with-the-uncomplicated-firewall/gufw.png]] + +** Getting Help +:PROPERTIES: +:CUSTOM_ID: getting-help +:END: +If you need help figuring out commands, remember that you can run the +=--help= flag to get a list of options. + +#+begin_src sh sudo ufw --help -``` - -## Set Default State - -The proper way to run a firewall is to set a strict default state and slowly -open up ports that you want to allow. This helps prevent anything malicious from -slipping through the cracks. The following command prevents all incoming traffic -(other than the rules we specify later), but you can also set this for outgoing -connections, if necessary. - -```sh +#+end_src + +** Set Default State +:PROPERTIES: +:CUSTOM_ID: set-default-state +:END: +The proper way to run a firewall is to set a strict default state and +slowly open up ports that you want to allow. This helps prevent anything +malicious from slipping through the cracks. The following command +prevents all incoming traffic (other than the rules we specify later), +but you can also set this for outgoing connections, if necessary. + +#+begin_src sh sudo ufw default deny incoming -``` +#+end_src -You should also allow outgoing traffic if you want to allow the device to -communicate back to you or other parties. For example, media servers like Plex -need to be able to send out data related to streaming the media. +You should also allow outgoing traffic if you want to allow the device +to communicate back to you or other parties. For example, media servers +like Plex need to be able to send out data related to streaming the +media. -```sh +#+begin_src sh sudo ufw default allow outgoing -``` - -## Adding Port Rules +#+end_src -Now that we've disabled all incoming traffic by default, we need to open up some -ports (or else no traffic would be able to come in). If you need to be able to -`ssh` into the machine, you'll need to open up port 22. +** Adding Port Rules +:PROPERTIES: +:CUSTOM_ID: adding-port-rules +:END: +Now that we've disabled all incoming traffic by default, we need to open +up some ports (or else no traffic would be able to come in). If you need +to be able to =ssh= into the machine, you'll need to open up port 22. -```sh +#+begin_src sh sudo ufw allow 22 -``` +#+end_src -You can also issue more restrictive rules. The following rule will allow `ssh` -connections only from machines on the local subnet. +You can also issue more restrictive rules. The following rule will allow +=ssh= connections only from machines on the local subnet. -```sh +#+begin_src sh sudo ufw allow proto tcp from 192.168.0.0/24 to any port 22 -``` +#+end_src -If you need to set a rule that isn't tcp, just append your connection type to -the end of the rule. +If you need to set a rule that isn't tcp, just append your connection +type to the end of the rule. -```sh +#+begin_src sh sudo ufw allow 1900/udp -``` - -## Enable ufw +#+end_src +** Enable ufw +:PROPERTIES: +:CUSTOM_ID: enable-ufw +:END: Now that the firewall is configured and ready to go, you can enable the firewall. -```sh +#+begin_src sh sudo ufw enable -``` +#+end_src A restart may be required for the firewall to begin operating. -```sh +#+begin_src sh sudo reboot now -``` +#+end_src -## Checking Status +** Checking Status +:PROPERTIES: +:CUSTOM_ID: checking-status +:END: +Now that the firewall is enabled, let's check and see what the rules +look like. -Now that the firewall is enabled, let's check and see what the rules look like. - -```sh +#+begin_src sh sudo ufw status numbered -``` +#+end_src -```txt +#+begin_src txt Status: active To Action From -- ------ ---- [ 1] 22 ALLOW IN Anywhere [ 2] 22 (v6) ALLOW IN Anywhere (v6) -``` - -## Deleting Rules +#+end_src -If you need to delete a rule, you need to know the number associated with that -rule. -Let's delete the first rule in the table above. -You'll be asked to confirm the deletion as part of this process. +** Deleting Rules +:PROPERTIES: +:CUSTOM_ID: deleting-rules +:END: +If you need to delete a rule, you need to know the number associated +with that rule. Let's delete the first rule in the table above. You'll +be asked to confirm the deletion as part of this process. -```sh +#+begin_src sh sudo ufw delete 1 -``` - -## Managing App Rules - -Luckily, there's a convenient way for installed applications to create files -that ufw can easily implement so that you don't have to search and find which -ports your application requires. To see if your device has any applications with -pre-installed ufw rules, execute the following command: - -```sh +#+end_src + +** Managing App Rules +:PROPERTIES: +:CUSTOM_ID: managing-app-rules +:END: +Luckily, there's a convenient way for installed applications to create +files that ufw can easily implement so that you don't have to search and +find which ports your application requires. To see if your device has +any applications with pre-installed ufw rules, execute the following +command: + +#+begin_src sh sudo ufw app list -``` +#+end_src The results should look something like this: -```txt +#+begin_src txt Available applications: OpenSSH Samba plexmediaserver plexmediaserver-all plexmediaserver-dlna -``` +#+end_src -If you want to get more information on a specific app rule, use the `info` -command. +If you want to get more information on a specific app rule, use the +=info= command. -```sh +#+begin_src sh sudo ufw app info plexmediaserver-dlna -``` +#+end_src You'll get a blurb of info back like this: -```txt +#+begin_src txt Profile: plexmediaserver-dlna Title: Plex Media Server (DLNA) Description: The Plex Media Server (additional DLNA capability only) @@ -160,29 +175,31 @@ Description: The Plex Media Server (additional DLNA capability only) Ports: 1900/udp 32469/tcp -``` +#+end_src -You can add or delete app rules the same way that you'd add or delete specific -port rules. +You can add or delete app rules the same way that you'd add or delete +specific port rules. -```sh +#+begin_src sh sudo ufw allow plexmediaserver-dlna -``` +#+end_src -```sh +#+begin_src sh sudo ufw delete RULE|NUM -``` - -## Creating App Rules +#+end_src -If you'd like to create you own app rule, you'll need to create a file in the -`/etc/ufw/applications.d` directory. Within the file you create, you need to -make sure the content is properly formatted. +** Creating App Rules +:PROPERTIES: +:CUSTOM_ID: creating-app-rules +:END: +If you'd like to create you own app rule, you'll need to create a file +in the =/etc/ufw/applications.d= directory. Within the file you create, +you need to make sure the content is properly formatted. -For example, here are the contents my `plexmediaserver` file, which creates -three distinct app rules for ufw: +For example, here are the contents my =plexmediaserver= file, which +creates three distinct app rules for ufw: -```config +#+begin_src config [plexmediaserver] title=Plex Media Server (Standard) description=The Plex Media Server @@ -197,24 +214,24 @@ ports=1900/udp|32469/tcp title=Plex Media Server (Standard + DLNA) description=The Plex Media Server (with additional DLNA capability) ports=32400/tcp|3005/tcp|5353/udp|8324/tcp|32410:32414/udp|1900/udp|32469/tcp -``` +#+end_src -So, if I wanted to create a custom app rule called "mycustomrule," I'd create a -file and add my content like this: +So, if I wanted to create a custom app rule called "mycustomrule," I'd +create a file and add my content like this: -```sh +#+begin_src sh sudo nano /etc/ufw/applications.d/mycustomrule -``` +#+end_src -```config +#+begin_src config [mycustomrule] title=My Custom Rule description=This is a temporary ufw app rule. ports=88/tcp|9100/udp -``` +#+end_src Then, I would just enable this rule in ufw. -```sh +#+begin_src sh sudo ufw allow mycustomrule -``` +#+end_src diff --git a/blog/2021-02-19-macos.org b/blog/2021-02-19-macos.org index 33353b7..efbe257 100644 --- a/blog/2021-02-19-macos.org +++ b/blog/2021-02-19-macos.org @@ -1,205 +1,225 @@ -+++ -date = 2021-02-19 -title = "macOS: Testing Out A New OS" -description = "My personal experience with macOS, from the perspective of a Linux junkie." -draft = false -+++ - -## Diving into macOS - -After spending nearly 15 years working with Windows and 8 years on Linux, I -have experienced macOS for the first time. -By chance, my spouse happened to buy a new MacBook and gifted me their 2013 -model. -Of course, I still consider my Linux desktop to be my daily driver and keep -Windows around for gaming needs, but over the past week I've found myself using -the MacBook more and more for things that don't require gaming specs or advanced -dev tools. - -## Initial Thoughts - -Before I move on to the technical aspects of my set-up, I want to take some time -and express my thoughts on the overall OS. - -![macOS Desktop](https://img.cleberg.net/blog/20210219-macos-testing-out-a-new-os/macos-desktop.png) - -As expected, the initial computer setup is a breeze with Mac's guided GUI -installer. - -The desktop itself reminds me of GNOME more than anything else I've seen: even -Pantheon from [ElementaryOS](https://elementary.io/), which people commonly -refer to as the closest Linux distro to macOS. The desktop toolbar is great and -far surpasses the utility of the GNOME toolbar due to the fact that the -extensions and icons _actually work_. I launch macOS and immediately see my -shortcuts for Tresorit, Bitwarden, and Mullvad pop up as the computer loads. - -Even further, the app dock is very useful and will be yet another familiarity -for GNOME users. I know many people like panels instead of docks, but I've -always found docks to have a more pleasing UI. However, I had to disable the -"Show recent applications in Dock" preference; I can't stand items taking up -precious screen space if I'm not currently using them. On that same note, it's -taking me some time to get use to the fact that I have to manually quit an app -or else it will still stay open/active in the dock, even if I've closed out all -windows for that app (e.g. Firefox). - -Overall, I'm having a lot of fun and for users who spend a large majority of -their time performing basic tasks like web browsing, writing, watching media, -etc., macOS is a fantastic option. +#+title: macOS: Testing Out A New OS +#+date: 2021-02-19 + +** Diving into macOS +:PROPERTIES: +:CUSTOM_ID: diving-into-macos +:END: +After spending nearly 15 years working with Windows and 8 years on +Linux, I have experienced macOS for the first time. By chance, my spouse +happened to buy a new MacBook and gifted me their 2013 model. Of course, +I still consider my Linux desktop to be my daily driver and keep Windows +around for gaming needs, but over the past week I've found myself using +the MacBook more and more for things that don't require gaming specs or +advanced dev tools. + +** Initial Thoughts +:PROPERTIES: +:CUSTOM_ID: initial-thoughts +:END: +Before I move on to the technical aspects of my set-up, I want to take +some time and express my thoughts on the overall OS. + +#+caption: macOS Desktop +[[https://img.cleberg.net/blog/20210219-macos-testing-out-a-new-os/macos-desktop.png]] + +As expected, the initial computer setup is a breeze with Mac's guided +GUI installer. + +The desktop itself reminds me of GNOME more than anything else I've +seen: even Pantheon from [[https://elementary.io/][ElementaryOS]], which +people commonly refer to as the closest Linux distro to macOS. The +desktop toolbar is great and far surpasses the utility of the GNOME +toolbar due to the fact that the extensions and icons /actually work/. I +launch macOS and immediately see my shortcuts for Tresorit, Bitwarden, +and Mullvad pop up as the computer loads. + +Even further, the app dock is very useful and will be yet another +familiarity for GNOME users. I know many people like panels instead of +docks, but I've always found docks to have a more pleasing UI. However, +I had to disable the "Show recent applications in Dock" preference; I +can't stand items taking up precious screen space if I'm not currently +using them. On that same note, it's taking me some time to get use to +the fact that I have to manually quit an app or else it will still stay +open/active in the dock, even if I've closed out all windows for that +app (e.g. Firefox). + +Overall, I'm having a lot of fun and for users who spend a large +majority of their time performing basic tasks like web browsing, +writing, watching media, etc., macOS is a fantastic option. The rest of this post explains the technicalities of how I set up my CLI -environment to make me feel more at-home, similar to the environments I set up -on Fedora, Ubuntu, etc. - -## Making it Feel Like Home - -If you're someone who uses Linux primarily, no doubt your first thought when -booting macOS will be the same as mine was: "Where is the terminal and how do I -set up my favorite utilities?" - -Luckily, macOS hasn't completely hidden away the development tools from the -average user. You can easily find the Terminal app in the Launchpad area, but -it's probably not what you're used to. I was surprised (and happy) to see that -the default shell is `zsh`, the shell I use on all of my Linux distros. However, -the commands are not the same - even the ones you may think are native to the -shell. Commands like `dir` do not exist, so other native commands like `ls -la` -or `pwd` are more useful here. - -With only a few minutes of installing and tweaking a few packages, I was able to -recreate a terminal environment that I feel very comfortable using. See the -image below for a preview of the iTerm2 app with a split view between my macOS -desktop shell and an SSH session into my server. - -![iTerm2](https://img.cleberg.net/blog/20210219-macos-testing-out-a-new-os/iterm2.png) - -## Xcode - -My first step was to search the web for any hints on how to get `zsh` back up to -the state I like, with extensions, themes, etc. My first step was to install the -CLI tools for [Xcode](https://developer.apple.com/xcode/), Apple's suite of +environment to make me feel more at-home, similar to the environments I +set up on Fedora, Ubuntu, etc. + +** Making it Feel Like Home +:PROPERTIES: +:CUSTOM_ID: making-it-feel-like-home +:END: +If you're someone who uses Linux primarily, no doubt your first thought +when booting macOS will be the same as mine was: "Where is the terminal +and how do I set up my favorite utilities?" + +Luckily, macOS hasn't completely hidden away the development tools from +the average user. You can easily find the Terminal app in the Launchpad +area, but it's probably not what you're used to. I was surprised (and +happy) to see that the default shell is =zsh=, the shell I use on all of +my Linux distros. However, the commands are not the same - even the ones +you may think are native to the shell. Commands like =dir= do not exist, +so other native commands like =ls -la= or =pwd= are more useful here. + +With only a few minutes of installing and tweaking a few packages, I was +able to recreate a terminal environment that I feel very comfortable +using. See the image below for a preview of the iTerm2 app with a split +view between my macOS desktop shell and an SSH session into my server. + +#+caption: iTerm2 +[[https://img.cleberg.net/blog/20210219-macos-testing-out-a-new-os/iterm2.png]] + +** Xcode +:PROPERTIES: +:CUSTOM_ID: xcode +:END: +My first step was to search the web for any hints on how to get =zsh= +back up to the state I like, with extensions, themes, etc. My first step +was to install the CLI tools for +[[https://developer.apple.com/xcode/][Xcode]], Apple's suite of development tools. -```sh +#+begin_src sh sudo xcode-select -r -``` +#+end_src -```sh +#+begin_src sh sudo xcode-select --install -``` - -## Homebrew +#+end_src -Next up is to install [Homebrew](https://brew.sh), a nifty package manager for -macOS. +** Homebrew +:PROPERTIES: +:CUSTOM_ID: homebrew +:END: +Next up is to install [[https://brew.sh][Homebrew]], a nifty package +manager for macOS. -```sh +#+begin_src sh /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" -``` +#+end_src I ran into a permission error when installing Homebrew: -```sh +#+begin_src sh Error: Failed to link all completions, docs and manpages: Permission denied @ rb_file_s_symlink - (../../../Homebrew/completions/zsh/_brew, /usr/local/share/zsh/site-functions/_brew) Failed during: /usr/local/bin/brew update --force --quiet -``` +#+end_src -I found that the following permission modification worked like a charm. However, -I noted that some users online discussed the fact that this solution may not -work if your system has multiple users who use Homebrew. +I found that the following permission modification worked like a charm. +However, I noted that some users online discussed the fact that this +solution may not work if your system has multiple users who use +Homebrew. -```sh +#+begin_src sh sudo chown -R $(whoami) $(brew --prefix)/* -``` +#+end_src Next up is to ensure Homebrew is updated and cleaned. -```sh +#+begin_src sh brew update -``` +#+end_src -```sh +#+begin_src sh brew cleanup -``` +#+end_src -## iTerm2 +** iTerm2 +:PROPERTIES: +:CUSTOM_ID: iterm2 +:END: +Now that I've installed the basic utilities for development, I moved +onto installing iTerm2, a much better terminal than the default. -Now that I've installed the basic utilities for development, I moved onto -installing iTerm2, a much better terminal than the default. - -```sh +#+begin_src sh brew install --cask iterm2 -``` +#+end_src -I also used the `Make iTerm2 Default Term` and `Install Shell Integration` -options in the iTerm2 application menu to make sure I don't run into any issues -later on with different terminals. +I also used the =Make iTerm2 Default Term= and +=Install Shell Integration= options in the iTerm2 application menu to +make sure I don't run into any issues later on with different terminals. -We will also install `zsh` so we can use it in iTerm2. +We will also install =zsh= so we can use it in iTerm2. -```sh +#+begin_src sh brew install zsh -``` - -## Oh-My-Zsh +#+end_src -I've shown the great aspects of [Oh My Zsh](https://ohmyz.sh) in other blog -posts, so I'll skip over that speech for now. Simply install it and run an -update. +** Oh-My-Zsh +:PROPERTIES: +:CUSTOM_ID: oh-my-zsh +:END: +I've shown the great aspects of [[https://ohmyz.sh][Oh My Zsh]] in other +blog posts, so I'll skip over that speech for now. Simply install it and +run an update. -```sh +#+begin_src sh sh -c "$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)" -``` +#+end_src -```sh +#+begin_src sh omz update -``` +#+end_src -Finally, restart the iTerm2 application to ensure all changes go into effect. +Finally, restart the iTerm2 application to ensure all changes go into +effect. -## Oh-My-Zsh Themes +** Oh-My-Zsh Themes +:PROPERTIES: +:CUSTOM_ID: oh-my-zsh-themes +:END: +Let's change the theme of the terminal to make it a little more +friendly. -Let's change the theme of the terminal to make it a little more friendly. - -```sh +#+begin_src sh open ~/.zshrc -``` +#+end_src -The third section of this file should contain a line like the code below. Change -that theme to -[any theme you want](https://github.com/ohmyzsh/ohmyzsh/wiki/Themes), save the -file, and exit. +The third section of this file should contain a line like the code +below. Change that theme to +[[https://github.com/ohmyzsh/ohmyzsh/wiki/Themes][any theme you want]], +save the file, and exit. -```sh +#+begin_src sh ZSH_THEME="af-magic" -``` - -After changing the `.zshrc` file, you'll need to close your terminal and re-open -it to see the changes. -Optionally, just open a new tab if you're using iTerm2, and you'll see the -new shell config. +#+end_src -## Oh-My-Zsh Plugins - -Of course, my customization of `zsh` would not be complete without -[zsh-autosuggestions](https://github.com/zsh-users/zsh-autosuggestions). This -will bring up commands you've run in the past as you type them. For example, if -you've run `ssh user@192.168.1.99` before, the terminal will show this command -as soon as you start typing it (e.g. `zsh u`), and you can hit the right arrow -to autocomplete the command. +After changing the =.zshrc= file, you'll need to close your terminal and +re-open it to see the changes. Optionally, just open a new tab if you're +using iTerm2, and you'll see the new shell config. -```sh +** Oh-My-Zsh Plugins +:PROPERTIES: +:CUSTOM_ID: oh-my-zsh-plugins +:END: +Of course, my customization of =zsh= would not be complete without +[[https://github.com/zsh-users/zsh-autosuggestions][zsh-autosuggestions]]. +This will bring up commands you've run in the past as you type them. For +example, if you've run =ssh user@192.168.1.99= before, the terminal will +show this command as soon as you start typing it (e.g. =zsh u=), and you +can hit the right arrow to autocomplete the command. + +#+begin_src sh git clone https://github.com/zsh-users/zsh-autosuggestions ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions -``` +#+end_src -```sh +#+begin_src sh open ~/.zshrc -``` +#+end_src -```sh +#+begin_src sh # Scroll down the script and edit this line to add zsh-autosuggestions plugins=(git zsh-autosuggestions) -``` +#+end_src -Remember: After changing the `.zshrc` file, you'll need to close your terminal -and re-open it to see the changes. Optionally, just open a new tab if you're -using iTerm2, and you'll see the new shell config. +Remember: After changing the =.zshrc= file, you'll need to close your +terminal and re-open it to see the changes. Optionally, just open a new +tab if you're using iTerm2, and you'll see the new shell config. diff --git a/blog/2021-03-19-clone-github-repos.org b/blog/2021-03-19-clone-github-repos.org index 795b766..edd8fda 100644 --- a/blog/2021-03-19-clone-github-repos.org +++ b/blog/2021-03-19-clone-github-repos.org @@ -1,60 +1,59 @@ -+++ -date = 2021-03-19 -title = "How to Clone All Repositories from a GitHub or Sourcehut Account" -description = "Learn how to properly clone all repositories from a GitHub or sourcehut account." -draft = false -+++ - -## Cloning from GitHub - -If you're like me and use a lot of different devices (and sometimes decide to -just wipe your device and start with a new OS), you probably know the pain of -cloning all your old code repositories down to your local file system. - -If you're using GitHub, you can easily clone all of your code back down in just -seconds. -First, create a bash script. -I do so by opening a new file in `nano`, but you can use `gedit`, `vim`, or -something else: - -```sh +#+title: How to Clone All Repositories from a GitHub or Sourcehut Account +#+date: 2021-03-19 + +** Cloning from GitHub +:PROPERTIES: +:CUSTOM_ID: cloning-from-github +:END: +If you're like me and use a lot of different devices (and sometimes +decide to just wipe your device and start with a new OS), you probably +know the pain of cloning all your old code repositories down to your +local file system. + +If you're using GitHub, you can easily clone all of your code back down +in just seconds. First, create a bash script. I do so by opening a new +file in =nano=, but you can use =gedit=, =vim=, or something else: + +#+begin_src sh nano clone_github_repos.sh -``` +#+end_src -Next, paste in the following information. Note that you can replace the word -`users` in the first line with `orgs` and type an organization's name instead of -a user's name. +Next, paste in the following information. Note that you can replace the +word =users= in the first line with =orgs= and type an organization's +name instead of a user's name. -```sh +#+begin_src sh CNTX=users; NAME=YOUR-USERNAME; PAGE=1 curl "https://api.github.com/$CNTX/$NAME/repos?page=$PAGE&per_page=100" | grep -e 'git_url*' | cut -d \" -f 4 | xargs -L1 git clone -``` +#+end_src Finally, save the bash script and make it executable. -```sh +#+begin_src sh chmod a+x clone_github_repos.sh -``` +#+end_src Now you can run the script and should see the cloning process begin. -```sh +#+begin_src sh ./clone_github_repos.sh -``` +#+end_src -## Cloning from Sourcehut - -I haven't fully figured out how to directly incorporate Sourcehut's GraphQL API -into a bash script yet, so this one will take two steps. +** Cloning from Sourcehut +:PROPERTIES: +:CUSTOM_ID: cloning-from-sourcehut +:END: +I haven't fully figured out how to directly incorporate Sourcehut's +GraphQL API into a bash script yet, so this one will take two steps. First, log-in to Sourcehut and go to their -[GraphQL playground for Git](https://git.sr.ht/graphql). Next, paste the -following query into the left box: +[[https://git.sr.ht/graphql][GraphQL playground for Git]]. Next, paste +the following query into the left box: -```sh +#+begin_src sh query { me { canonicalName @@ -66,26 +65,27 @@ query { } } } -``` +#+end_src -The output on the right side will give you an object of all your repositories. -Just grab that text and remove all the characters such as quotation marks and -curly brackets. You will need a single-line list of space-separated values for -the next step. +The output on the right side will give you an object of all your +repositories. Just grab that text and remove all the characters such as +quotation marks and curly brackets. You will need a single-line list of +space-separated values for the next step. Now let's create the bash script: -```sh +#+begin_src sh nano clone_sourcehut_repos.sh -``` +#+end_src -Next, paste the following bash script in with the list of repositories you -obtained above and replace `your-username` with your username. +Next, paste the following bash script in with the list of repositories +you obtained above and replace =your-username= with your username. -Note that this uses the SSH-based Git cloning method (e.g. `git@git...`), so -you'll need to ensure you have set up Sourcehut with your SSH key. +Note that this uses the SSH-based Git cloning method +(e.g. =git@git...=), so you'll need to ensure you have set up Sourcehut +with your SSH key. -```sh +#+begin_src sh repos=(repo1 repo2 repo3) # List all sub-directories in the current directory @@ -94,36 +94,38 @@ do # Clone git clone git@git.sr.ht:~your-username/$repo done -``` +#+end_src Finally, save the bash script and make it executable. -```sh +#+begin_src sh chmod a+x clone_sourcehut_repos.sh -``` +#+end_src Now you can run the script and should see the cloning process begin. -```sh +#+begin_src sh ./clone_sourcehut_repos.sh -``` - -## Moving Repositories to a New Host +#+end_src -Now that you have all of your code repositories cloned to your local computer, -you may want to change the remote host (e.g., moving from GitHub to GitLab). -To do this, let's create another bash script: +** Moving Repositories to a New Host +:PROPERTIES: +:CUSTOM_ID: moving-repositories-to-a-new-host +:END: +Now that you have all of your code repositories cloned to your local +computer, you may want to change the remote host (e.g., moving from +GitHub to GitLab). To do this, let's create another bash script: -```sh +#+begin_src sh nano change_remote_urls.sh -``` +#+end_src -Past the following information and be sure to change the URL information to -whichever host you are moving to. For this example, I am looping through all of -my cloned GitHub directories and changing them to Sourcehut (e.g. -`` -\> `git@git.sr.ht:~myusername`). +Past the following information and be sure to change the URL information +to whichever host you are moving to. For this example, I am looping +through all of my cloned GitHub directories and changing them to +Sourcehut (e.g. == -> =git@git.sr.ht:~myusername=). -```sh +#+begin_src sh # List all sub-directories in the current directory for dir in */ do @@ -138,16 +140,16 @@ do # Go back to main directory cd .. done -``` +#+end_src Finally, save the bash script and make it executable. -```sh +#+begin_src sh chmod a+x change_remote_urls.sh -``` +#+end_src Now you can run the script and should see the cloning process begin. -```sh +#+begin_src sh ./change_remote_urls.sh -``` +#+end_src diff --git a/blog/2021-03-28-gemini-capsule.org b/blog/2021-03-28-gemini-capsule.org index fe17864..d1ebcf7 100644 --- a/blog/2021-03-28-gemini-capsule.org +++ b/blog/2021-03-28-gemini-capsule.org @@ -1,30 +1,29 @@ -+++ -date = 2021-03-28 -title = "Launching a Gemini Capsule" -description = "Learn more about Gemini, an alternative internet protocol to the World Wide Web (WWW)" -draft = false -+++ - -## What is Gemini? - -[Gemini](https://gemini.circumlunar.space/) is an internet protocol introduced -in June 2019 as an alternative to HTTP(S) or Gopher. In layman's terms, it's an -alternative way to browse sites (called capsules) that requires a special -browser. Since Gemini is not standardized as an internet standard, normal web -browsers won't be able to load a Gemini capsule. -Instead, you'll need to use [a Gemini-specific browser](https://gemini. -circumlunar.space/clients.html). +#+title: Launching a Gemini Capsule +#+date: 2021-03-28 + +** What is Gemini? +:PROPERTIES: +:CUSTOM_ID: what-is-gemini +:END: +[[https://gemini.circumlunar.space/][Gemini]] is an internet protocol +introduced in June 2019 as an alternative to HTTP(S) or Gopher. In +layman's terms, it's an alternative way to browse sites (called +capsules) that requires a special browser. Since Gemini is not +standardized as an internet standard, normal web browsers won't be able +to load a Gemini capsule. Instead, you'll need to use +[[https://gemini.%20circumlunar.space/clients.html][a Gemini-specific +browser]]. The content found within a Gemini page is called -[Gemtext](https://gemini.circumlunar.space/docs/cheatsheet.gmi) and is -_extremely_ basic (on purpose). -Gemini only processes the text, no media content like images. However, -you're able to style 3 levels of headings, regular text, links (which will -display on their own line), quotes, and an unordered list. +[[https://gemini.circumlunar.space/docs/cheatsheet.gmi][Gemtext]] and is +/extremely/ basic (on purpose). Gemini only processes the text, no media +content like images. However, you're able to style 3 levels of headings, +regular text, links (which will display on their own line), quotes, and +an unordered list. Here's a complete listing of valid Gemtext: -```txt +#+begin_src txt # Heading 1 ## Heading 2 ### Heading 3 @@ -41,97 +40,109 @@ My List: * Item ```Anything between three backticks will be rendered as code.``` -``` - -## Free Option - -There are probably numerous websites that allow you to create your personal -Gemini capsule, but I'm going to focus on the two sites that I have personally -tested. The first option below, Midnight Pub, allows you to create/edit any -Gemini files you want in your account. This is essentially a GUI option with a -built-in text box for editing. The second option below, Sourcehut, allows you to -use a Git repository and automatic build process to deploy your personal Gemini -capsule every time you push a commit. - -### Midnight Pub - Beginner Friendly - -[Midnight Pub](https://midnight.pub/) is a small, virtual community meant to -reflect the atmosphere of wandering into a small alley pub. The site is built in -Gemtext and has a server-side process to convert Gemtext to HTML if someone -loads the site in an HTTP(S) browser. - -To create an account, you'll need to email the owner of the website to obtain a -key. -You can find their email on the Midnight Pub homepage. -Once registered, head to [your account](https://midnight.pub/account) and select -[manage site](https://midnight.pub/site). This is the screen where you can -upload or create any files to be displayed on the internet. - -For example, I've created both an HTML file and a Gemini file. Remember that -Gemini is automatically converted to HTML on the Pub, so you don't need an HTML -version. -For example, I created an HTML version to add in some extra styling. - -All you need to do is create a page like `index.gmi` and use your Gemini browser -to head over to your-username.midnight.pub to see the result. - -That's all there is to it! Easy enough, right? Let's check out a more advanced -version in the next section. - -## Paid Option - -As of 2021, Sourcehut has decided to require users to have a paid account in -order to utilize their automated build system. For now, paid accounts can be as -low as $2/month. - -### Sourcehut - -[Sourcehut](https://sourcehut.org/) is a collection of software development -tools, but mostly surrounds their hosted Git repository service. Simply put, -it's a minimal and more private alternative to services like GitHub. - -This walkthrough is more advanced and involves things like Git, SSH, the command -line. If you don't think you know enough to do this, check out my walkthrough on -creating a Gemini capsule for the Midnight Pub instead. - -The first thing you'll need to do is create an SSH key pair, if you don't -already have one on your system. Once created, grab the contents of `id_rsa.pub` -and add it to your Sourcehut account settings - this will allow you to push and -pull code changes without using a username/password. - -```sh +#+end_src + +** Free Option +:PROPERTIES: +:CUSTOM_ID: free-option +:END: +There are probably numerous websites that allow you to create your +personal Gemini capsule, but I'm going to focus on the two sites that I +have personally tested. The first option below, Midnight Pub, allows you +to create/edit any Gemini files you want in your account. This is +essentially a GUI option with a built-in text box for editing. The +second option below, Sourcehut, allows you to use a Git repository and +automatic build process to deploy your personal Gemini capsule every +time you push a commit. + +*** Midnight Pub - Beginner Friendly +:PROPERTIES: +:CUSTOM_ID: midnight-pub---beginner-friendly +:END: +[[https://midnight.pub/][Midnight Pub]] is a small, virtual community +meant to reflect the atmosphere of wandering into a small alley pub. The +site is built in Gemtext and has a server-side process to convert +Gemtext to HTML if someone loads the site in an HTTP(S) browser. + +To create an account, you'll need to email the owner of the website to +obtain a key. You can find their email on the Midnight Pub homepage. +Once registered, head to [[https://midnight.pub/account][your account]] +and select [[https://midnight.pub/site][manage site]]. This is the +screen where you can upload or create any files to be displayed on the +internet. + +For example, I've created both an HTML file and a Gemini file. Remember +that Gemini is automatically converted to HTML on the Pub, so you don't +need an HTML version. For example, I created an HTML version to add in +some extra styling. + +All you need to do is create a page like =index.gmi= and use your Gemini +browser to head over to your-username.midnight.pub to see the result. + +That's all there is to it! Easy enough, right? Let's check out a more +advanced version in the next section. + +** Paid Option +:PROPERTIES: +:CUSTOM_ID: paid-option +:END: +As of 2021, Sourcehut has decided to require users to have a paid +account in order to utilize their automated build system. For now, paid +accounts can be as low as $2/month. + +*** Sourcehut +:PROPERTIES: +:CUSTOM_ID: sourcehut +:END: +[[https://sourcehut.org/][Sourcehut]] is a collection of software +development tools, but mostly surrounds their hosted Git repository +service. Simply put, it's a minimal and more private alternative to +services like GitHub. + +This walkthrough is more advanced and involves things like Git, SSH, the +command line. If you don't think you know enough to do this, check out +my walkthrough on creating a Gemini capsule for the Midnight Pub +instead. + +The first thing you'll need to do is create an SSH key pair, if you +don't already have one on your system. Once created, grab the contents +of =id_rsa.pub= and add it to your Sourcehut account settings - this +will allow you to push and pull code changes without using a +username/password. + +#+begin_src sh ssh keygen -``` +#+end_src -Next up, let's create a repository with the proper name so that the Sourcehut -build system will know we want them to host a website for us. Use the following -format exactly: +Next up, let's create a repository with the proper name so that the +Sourcehut build system will know we want them to host a website for us. +Use the following format exactly: -```sh +#+begin_src sh mkdir your-username.srht.site && cd your-username.srht.site -``` +#+end_src -Now that we've created the repo, let's initialize Git and add the proper remote -URL. +Now that we've created the repo, let's initialize Git and add the proper +remote URL. -```sh +#+begin_src sh git init -``` +#+end_src -```sh +#+begin_src sh git remote add origin git@git.sr.ht:~your-username/your-username.srht.site -``` +#+end_src -Now that our repository is set up and configured, we will need to create at -least two files: +Now that our repository is set up and configured, we will need to create +at least two files: -- `index.gmi` -- `.build.yml` +- =index.gmi= +- =.build.yml= -For your `.build.yml` file, use the following content and be sure to update the -`site` line with your username! +For your =.build.yml= file, use the following content and be sure to +update the =site= line with your username! -```yaml +#+begin_src yaml image: alpine/latest oauth: pages.sr.ht/PAGES:RW environment: @@ -142,37 +153,38 @@ tasks: tar -cvz . > ../site.tar.gz - upload: | acurl -f https://pages.sr.ht/publish/$site -Fcontent=@site.tar.gz -Fprotocol=GEMINI -``` +#+end_src -For the `index.gmi` file, put whatever you want in there and save it. You could -even just copy and paste the Gemtext cheatsheet. +For the =index.gmi= file, put whatever you want in there and save it. +You could even just copy and paste the Gemtext cheatsheet. -If you want to serve both HTML and Gemini files from this repository, just add a -second command to the `upload` section: +If you want to serve both HTML and Gemini files from this repository, +just add a second command to the =upload= section: -```yaml +#+begin_src yaml - upload: | acurl -f https://pages.sr.ht/publish/$site -Fcontent=@site.tar.gz -Fprotocol=GEMINI acurl -f https://pages.sr.ht/publish/$site -Fcontent=@site.tar.gz -``` +#+end_src Lastly, commit your changes and push them to the remote repo. -```sh +#+begin_src sh git add .; git commit -m "initial commit"; git push --set-upstream origin HEAD -``` +#+end_src -If you've successfully created the files with the proper format, you'll see the -terminal print a message that lets you know where the automatic build is taking -place. For example, here's what the terminal tells me: +If you've successfully created the files with the proper format, you'll +see the terminal print a message that lets you know where the automatic +build is taking place. For example, here's what the terminal tells me: -```sh +#+begin_src sh remote: Build started: remote: https://builds.sr.ht/~user/job/689803 [.build.yml] -``` +#+end_src Now that you've properly built your Sourcehut page, you can browse to -your-username.srht.site in a Gemini browser and view the final results. Take a -look at the image below for my Sourcehut Gemini capsule. +your-username.srht.site in a Gemini browser and view the final results. +Take a look at the image below for my Sourcehut Gemini capsule. -![Gemini page on the amfora browser](https://img.cleberg.net/blog/20210328-launching-a-gemini-capsule/amfora.png) +#+caption: Gemini page on the amfora browser +[[https://img.cleberg.net/blog/20210328-launching-a-gemini-capsule/amfora.png]] diff --git a/blog/2021-03-28-vaporwave-vs-outrun.org b/blog/2021-03-28-vaporwave-vs-outrun.org index 700a5d6..b12f472 100644 --- a/blog/2021-03-28-vaporwave-vs-outrun.org +++ b/blog/2021-03-28-vaporwave-vs-outrun.org @@ -1,120 +1,151 @@ -+++ -date = 2021-03-28 -title = "Vaporwave vs Outrun" -description = "This post discusses Vaporwave and Outrun, which have become almost synonymous in the minds of those online who aren't hardcore into these genres of media." -+++ - -## Overview - -When it comes to an aesthetic that originated primarily online, there tends to -be a lot of confusion around what falls into each specific genre. This post -discusses Vaporwave and Outrun, which have become almost synonymous in the minds -of those online who aren't hardcore into these genres of media. More -specifically, Outrun is largely an unknown term while all aesthetics in these -two genres are usually attributed to Vaporwave. For example, take a look at the -image search results for Vaporwave: the results include **a lot** of -Outrun-themed images. You'll find a similar trend almost everywhere. - -![](https://img.cleberg.net/blog/20210328-vaporwave-vs-outrun/vaporwave-search-results.png) - -## Vaporwave - -![](https://img.cleberg.net/blog/20210328-vaporwave-vs-outrun/macintosh-plus.png) - -Okay, so what is Vaporwave? I'm going to just copy-and-paste some general info -from the Wikipedia article on -[Vaporwave](https://en.wikipedia.org/wiki/Vaporwave), so that I'm not repeating -everything you can already search for online: - -> Vaporwave is a microgenre of electronic music, a visual art style, and an -> Internet meme that emerged in the early 2010s. It is defined partly by its -> slowed-down, chopped and screwed samples of smooth jazz, elevator, R&B, and -> lounge music from the 1980s and 1990s. The surrounding subculture is sometimes -> associated with an ambiguous or satirical take on consumer capitalism and pop -> culture, and tends to be characterized by a nostalgic or surrealist engagement -> with the popular entertainment, technology and advertising of previous -> decades. Visually, it incorporates early Internet imagery, late 1990s web -> design, glitch art, anime, 3D-rendered objects, and cyberpunk tropes in its -> cover artwork and music videos. - -This is an excellent summary, and it helps address my point here: there are -specific aspects that make Vaporwave unique: - -### Time Frame - -The time frame for references, logos, etc. focuses mostly on the 1990s in -Vaporwave. You'll see old school Pepsi logos, Microsoft 95 screens, tropical -plants, classic marble sculptures, and many references from Japan's influence in -the 90s. - -### Art - -The color scheme is generally a soft, light palette that uses pastel colors. The -backdrop will often be in a light-pink or teal blue. - -### Music - -The musical genre of Vaporwave incorporates soft tunes, lounge music, and sound -effects that will make the listener reminisce of the 90s. The sounds of the -genre are generally slower-paced and calming. The major breakthrough artist for -Vaporwave was [Macintosh Plus](https://en.wikipedia.org/wiki/Vektroid), who -released the album -[Floral Shoppe](https://archive.org/details/MACINTOSHPLUS-FLORALSHOPPE_complete) -in 2011. Another more recent example is the artist -[sadbert](https://sadbert.bandcamp.com/), whose latest album incorporates the -upbeat tones of the 1999 Dilbert TV series. - -Notice that Vaporwave doesn't include things like racing cars, futuristic -technology, chrome, or the deep orange/purple color scheme. Vaporwave is a focus -on the idyllic state of the world when technology was becoming common in -households, a reality that we have already experienced. Focus on the most -aesthetically-pleasing parts of that past is a large part of Vaporwave. - -## Outrun - -![Outrun](https://img.cleberg.net/blog/20210328-vaporwave-vs-outrun/outrun.png) - -Now, let's get to Outrun. This one is a little trickier since the genre has -largely been lumped under the Vaporwave title for so long. However, it stems -from the [Synthwave](https://en.wikipedia.org/wiki/Synthwave) music genre and is -likely named after the 1986 racer game, -[Out Run](https://en.wikipedia.org/wiki/Out_Run). - -### Time Frame - -Outrun can be thought of as a retro-futuristic aesthetic born from the 1980s. - -### Art - -The color scheme uses a very dark color palette with the main colors being deep -oranges, blues, and purples. Red edges are common around objects in Outrun art. -The background of the Outrun aesthetic is almost always a neon grid like you'd -expect to see in Tron or a 1980s arcade machine. - -Classic sports cars, chrome robots, computer generated graphics and fonts, and -the occasional use of rain or palm trees can be found in Outrun art. - -### Music - -This aesthetic has a more aggressive and fast-paced style of music, which tends -to match the subject of the art in this aesthetic. - -Outrun enthusiasts love what people in the 1980s thought the future would look -like. Take a look at a common video game discussed in Outrun circles, Far Cry 3: -Blood Dragon: - -![Fry Cry 3: Blood Dragon](https://img.cleberg.net/blog/20210328-vaporwave-vs-outrun/far-cry.png) - -Another example that doesn't force the color scheme as hard as some online art -does is Kung Fury: - -![Kung Fury](https://img.cleberg.net/blog/20210328-vaporwave-vs-outrun/kung-fury.png) - -![Kung Fury Hacker Scene](https://img.cleberg.net/blog/20210328-vaporwave-vs-outrun/kung-fury-hacker.png) - -## Conclusion - -While Vaporwave and Outrun share similarities, they are two distinct aesthetics -with many important distinctions. Someone who enjoys one may not necessarily -enjoy the other, so it's important to make sure we properly describe the -aesthetic we're looking for. +#+title: Vaporwave vs Outrun +#+date: 2021-03-28 + +** Overview +:PROPERTIES: +:CUSTOM_ID: overview +:END: +When it comes to an aesthetic that originated primarily online, there +tends to be a lot of confusion around what falls into each specific +genre. This post discusses Vaporwave and Outrun, which have become +almost synonymous in the minds of those online who aren't hardcore into +these genres of media. More specifically, Outrun is largely an unknown +term while all aesthetics in these two genres are usually attributed to +Vaporwave. For example, take a look at the image search results for +Vaporwave: the results include *a lot* of Outrun-themed images. You'll +find a similar trend almost everywhere. + +[[https://img.cleberg.net/blog/20210328-vaporwave-vs-outrun/vaporwave-search-results.png]] + +** Vaporwave +:PROPERTIES: +:CUSTOM_ID: vaporwave +:END: +[[https://img.cleberg.net/blog/20210328-vaporwave-vs-outrun/macintosh-plus.png]] + +Okay, so what is Vaporwave? I'm going to just copy-and-paste some +general info from the Wikipedia article on +[[https://en.wikipedia.org/wiki/Vaporwave][Vaporwave]], so that I'm not +repeating everything you can already search for online: + +#+begin_quote +Vaporwave is a microgenre of electronic music, a visual art style, and +an Internet meme that emerged in the early 2010s. It is defined partly +by its slowed-down, chopped and screwed samples of smooth jazz, +elevator, R&B, and lounge music from the 1980s and 1990s. The +surrounding subculture is sometimes associated with an ambiguous or +satirical take on consumer capitalism and pop culture, and tends to be +characterized by a nostalgic or surrealist engagement with the popular +entertainment, technology and advertising of previous decades. Visually, +it incorporates early Internet imagery, late 1990s web design, glitch +art, anime, 3D-rendered objects, and cyberpunk tropes in its cover +artwork and music videos. + +#+end_quote + +This is an excellent summary, and it helps address my point here: there +are specific aspects that make Vaporwave unique: + +*** Time Frame +:PROPERTIES: +:CUSTOM_ID: time-frame +:END: +The time frame for references, logos, etc. focuses mostly on the 1990s +in Vaporwave. You'll see old school Pepsi logos, Microsoft 95 screens, +tropical plants, classic marble sculptures, and many references from +Japan's influence in the 90s. + +*** Art +:PROPERTIES: +:CUSTOM_ID: art +:END: +The color scheme is generally a soft, light palette that uses pastel +colors. The backdrop will often be in a light-pink or teal blue. + +*** Music +:PROPERTIES: +:CUSTOM_ID: music +:END: +The musical genre of Vaporwave incorporates soft tunes, lounge music, +and sound effects that will make the listener reminisce of the 90s. The +sounds of the genre are generally slower-paced and calming. The major +breakthrough artist for Vaporwave was +[[https://en.wikipedia.org/wiki/Vektroid][Macintosh Plus]], who released +the album +[[https://archive.org/details/MACINTOSHPLUS-FLORALSHOPPE_complete][Floral +Shoppe]] in 2011. Another more recent example is the artist +[[https://sadbert.bandcamp.com/][sadbert]], whose latest album +incorporates the upbeat tones of the 1999 Dilbert TV series. + +Notice that Vaporwave doesn't include things like racing cars, +futuristic technology, chrome, or the deep orange/purple color scheme. +Vaporwave is a focus on the idyllic state of the world when technology +was becoming common in households, a reality that we have already +experienced. Focus on the most aesthetically-pleasing parts of that past +is a large part of Vaporwave. + +** Outrun +:PROPERTIES: +:CUSTOM_ID: outrun +:END: +#+caption: Outrun +[[https://img.cleberg.net/blog/20210328-vaporwave-vs-outrun/outrun.png]] + +Now, let's get to Outrun. This one is a little trickier since the genre +has largely been lumped under the Vaporwave title for so long. However, +it stems from the [[https://en.wikipedia.org/wiki/Synthwave][Synthwave]] +music genre and is likely named after the 1986 racer game, +[[https://en.wikipedia.org/wiki/Out_Run][Out Run]]. + +*** Time Frame +:PROPERTIES: +:CUSTOM_ID: time-frame-1 +:END: +Outrun can be thought of as a retro-futuristic aesthetic born from the +1980s. + +*** Art +:PROPERTIES: +:CUSTOM_ID: art-1 +:END: +The color scheme uses a very dark color palette with the main colors +being deep oranges, blues, and purples. Red edges are common around +objects in Outrun art. The background of the Outrun aesthetic is almost +always a neon grid like you'd expect to see in Tron or a 1980s arcade +machine. + +Classic sports cars, chrome robots, computer generated graphics and +fonts, and the occasional use of rain or palm trees can be found in +Outrun art. + +*** Music +:PROPERTIES: +:CUSTOM_ID: music-1 +:END: +This aesthetic has a more aggressive and fast-paced style of music, +which tends to match the subject of the art in this aesthetic. + +Outrun enthusiasts love what people in the 1980s thought the future +would look like. Take a look at a common video game discussed in Outrun +circles, Far Cry 3: Blood Dragon: + +#+caption: Fry Cry 3: Blood Dragon +[[https://img.cleberg.net/blog/20210328-vaporwave-vs-outrun/far-cry.png]] + +Another example that doesn't force the color scheme as hard as some +online art does is Kung Fury: + +#+caption: Kung Fury +[[https://img.cleberg.net/blog/20210328-vaporwave-vs-outrun/kung-fury.png]] + +#+caption: Kung Fury Hacker Scene +[[https://img.cleberg.net/blog/20210328-vaporwave-vs-outrun/kung-fury-hacker.png]] + +** Conclusion +:PROPERTIES: +:CUSTOM_ID: conclusion +:END: +While Vaporwave and Outrun share similarities, they are two distinct +aesthetics with many important distinctions. Someone who enjoys one may +not necessarily enjoy the other, so it's important to make sure we +properly describe the aesthetic we're looking for. diff --git a/blog/2021-03-30-vps-web-server.org b/blog/2021-03-30-vps-web-server.org index 9648452..147b86f 100644 --- a/blog/2021-03-30-vps-web-server.org +++ b/blog/2021-03-30-vps-web-server.org @@ -1,270 +1,293 @@ -+++ -date = 2021-03-30 -title = "How to Set Up a VPS Web Server" -description = "Choosing a place to host a website is one of the most confusing decisions for beginner web developers. Even for experienced web devs, choosing between different forms of web hosting can be a daunting choice." -draft = false -+++ - -## Shared Hosting vs. VPS - -Choosing a place to host a website is one of the most confusing decisions for -beginner web developers. Even for experienced web devs, choosing between -different forms of web hosting can be a daunting choice. +#+title: How to Set Up a VPS Web Server +#+date: 2021-03-30 + +** Shared Hosting vs. VPS +:PROPERTIES: +:CUSTOM_ID: shared-hosting-vs.-vps +:END: +Choosing a place to host a website is one of the most confusing +decisions for beginner web developers. Even for experienced web devs, +choosing between different forms of web hosting can be a daunting +choice. First, let's take a look at -[shared web hosting](https://en.wikipedia.org/wiki/Shared_web_hosting_service). -Shared web hosting is a product where you are purchasing a small piece of a web -server that is being shared between many websites. As a result, the cost of -shared hosting is extremely low. You won't have access to the server itself, -which means you can't install your own software on the server, such as Docker. -Usually, you are simply allowed to connect your domains to the server, set up -domain security, and other small utilities. +[[https://en.wikipedia.org/wiki/Shared_web_hosting_service][shared web +hosting]]. Shared web hosting is a product where you are purchasing a +small piece of a web server that is being shared between many websites. +As a result, the cost of shared hosting is extremely low. You won't have +access to the server itself, which means you can't install your own +software on the server, such as Docker. Usually, you are simply allowed +to connect your domains to the server, set up domain security, and other +small utilities. In contrast, a -[virtual private server](https://en.wikipedia.org/wiki/Virtual_private_server) -(VPS) is a virtual machine that replicates the environment of having a dedicated -server to yourself. You are able to control the virtual server's host names, -base file system, package manager, etc. Another great upside of a VPS is that -since it's virtual, the company providing the VPS can dynamically increase the -disk size, RAM size, or number of CPUs at any time. However, the virtual server -is still physically located on a server that is shared between multiple virtual +[[https://en.wikipedia.org/wiki/Virtual_private_server][virtual private +server]] (VPS) is a virtual machine that replicates the environment of +having a dedicated server to yourself. You are able to control the +virtual server's host names, base file system, package manager, etc. +Another great upside of a VPS is that since it's virtual, the company +providing the VPS can dynamically increase the disk size, RAM size, or +number of CPUs at any time. However, the virtual server is still +physically located on a server that is shared between multiple virtual servers. -The choice between shared hosting and VPS mostly depends on your skill level -with system administration. If you're comforting working on a server that is -mostly left up to you (or you're willing to learn), then a VPS is usually a -better option. However, shared hosting is a fantastic option for people who -don't want to have to learn how to manage their server. - -## My Situation +The choice between shared hosting and VPS mostly depends on your skill +level with system administration. If you're comforting working on a +server that is mostly left up to you (or you're willing to learn), then +a VPS is usually a better option. However, shared hosting is a fantastic +option for people who don't want to have to learn how to manage their +server. -I had used shared hosting for approximately 5 years before trying my first VPS. -I manage a homelab and have had success running a server and performing typical -sysadmin duties, but I was still hesitant to get a VPS. One fear was that I -always struggled to properly set up the networking part of a server - DNS and -hostname configurations were not my friend. +** My Situation +:PROPERTIES: +:CUSTOM_ID: my-situation +:END: +I had used shared hosting for approximately 5 years before trying my +first VPS. I manage a homelab and have had success running a server and +performing typical sysadmin duties, but I was still hesitant to get a +VPS. One fear was that I always struggled to properly set up the +networking part of a server - DNS and hostname configurations were not +my friend. As a little bit of background, I originally used -[Siteground](https://www.siteground.com) for my initially shared hosting and -stayed on that platform for at least a year. However, the UI was clunky, and I -didn't like how they handled certain technical aspects, so I switched to -[Namecheap](https://www.namecheap.com). Namecheap was great because it is the -service I primarily use for purchasing domain names, which made it incredibly -easy to link them to my hosting service. However, it was still mediocre shared -hosting, and Namecheap is notorious for not letting you use -[Let's Encrypt](https://letsencrypt.org) to obtain free SSL/TLS certificates; -Namecheap wants to make you purchase certificates through their store. - -Finally, I settled down with [iWebFusion](https://www.iwebfusion.net) for about -the last year of my shared hosting. This service was pretty great, came with -free SSL/TLS, and I never had any complaints. - -However, I finally grew tired of not being able to install software on my own -web server. I wanted to be able to try out things like -[Postmill](https://postmill.xyz) or [Matrix](https://matrix.org). This is -possible with a VPS, so I decided to grab a new domain name to try it out. - -## Getting Started: Buying a VPS - -The first step to moving over to a VPS is (you guessed it): finding a VPS -provider. For my VPSs, I use [1984](https://1984hosting.com) and prefer their -services much more than any alternative, due to their location (Iceland), their -[privacy policy](https://1984hosting.com/GDPR/), their respect for GDPR, and the -ability to remain anonymous if you pay in Bitcoin or Monero. - -[Njalla](https://njal.la) is another good, privacy-oriented option for VPS -services. - -You'll have to decide what specifications you want on your VPS. For me, I only -build and deploy low-resource HTML, PHP, and Python websites. This means I can -survive on the smallest VPS: 1 CPU, 1GB of RAM, and 25GB SSD for $5.00 per -month. - -As noted above, the great thing about a VPS is you can request your provider to -increase the resources at any time. - -## Configuring DNS Settings - -Okay, so now let's get into some actual work that has to be done to get content -moved from a shared host to a VPS. At this point, I'm assuming you have a shared -host with website content that you can still access, and you've purchased a new -VPS and can SSH into that server. +[[https://www.siteground.com][Siteground]] for my initially shared +hosting and stayed on that platform for at least a year. However, the UI +was clunky, and I didn't like how they handled certain technical +aspects, so I switched to [[https://www.namecheap.com][Namecheap]]. +Namecheap was great because it is the service I primarily use for +purchasing domain names, which made it incredibly easy to link them to +my hosting service. However, it was still mediocre shared hosting, and +Namecheap is notorious for not letting you use +[[https://letsencrypt.org][Let's Encrypt]] to obtain free SSL/TLS +certificates; Namecheap wants to make you purchase certificates through +their store. + +Finally, I settled down with [[https://www.iwebfusion.net][iWebFusion]] +for about the last year of my shared hosting. This service was pretty +great, came with free SSL/TLS, and I never had any complaints. + +However, I finally grew tired of not being able to install software on +my own web server. I wanted to be able to try out things like +[[https://postmill.xyz][Postmill]] or [[https://matrix.org][Matrix]]. +This is possible with a VPS, so I decided to grab a new domain name to +try it out. + +** Getting Started: Buying a VPS +:PROPERTIES: +:CUSTOM_ID: getting-started-buying-a-vps +:END: +The first step to moving over to a VPS is (you guessed it): finding a +VPS provider. For my VPSs, I use [[https://1984hosting.com][1984]] and +prefer their services much more than any alternative, due to their +location (Iceland), their [[https://1984hosting.com/GDPR/][privacy +policy]], their respect for GDPR, and the ability to remain anonymous if +you pay in Bitcoin or Monero. + +[[https://njal.la][Njalla]] is another good, privacy-oriented option for +VPS services. + +You'll have to decide what specifications you want on your VPS. For me, +I only build and deploy low-resource HTML, PHP, and Python websites. +This means I can survive on the smallest VPS: 1 CPU, 1GB of RAM, and +25GB SSD for $5.00 per month. + +As noted above, the great thing about a VPS is you can request your +provider to increase the resources at any time. + +** Configuring DNS Settings +:PROPERTIES: +:CUSTOM_ID: configuring-dns-settings +:END: +Okay, so now let's get into some actual work that has to be done to get +content moved from a shared host to a VPS. At this point, I'm assuming +you have a shared host with website content that you can still access, +and you've purchased a new VPS and can SSH into that server. The first change is minor, but it should be done immediately in order to -get things moving: DNS settings. Go to wherever your DNS settings are handled. -If your shared host also managed your DNS settings, you'll need to first move -that DNS over to your new VPS provider. For me, I route my DNS through -[Gandi](https://www.gandi.net). +get things moving: DNS settings. Go to wherever your DNS settings are +handled. If your shared host also managed your DNS settings, you'll need +to first move that DNS over to your new VPS provider. For me, I route my +DNS through [[https://www.gandi.net][Gandi]]. -Once you know where your DNS settings are, go ahead and update the `A` records -to match the public IP address of your VPS. For example: +Once you know where your DNS settings are, go ahead and update the =A= +records to match the public IP address of your VPS. For example: -```txt +#+begin_src txt A example.com xxx.xxx.xxx.xxx A subdomain xxx.xxx.xxx.xxx CNAME www example.com. -``` - -If you have any other records that require updates, such as MX or TXT records -for a mail server, be sure to update those accordingly. Personally, I don't host -my own mail server. -I route all mail on my custom domains to [Migadu](https://www.migadu.com). -Hosting your own email server can become complex quickly and is not for -beginners. - -DNS changes can take up to 48 hours to propagate, so be sure to give it some -time before assuming you've made an error. - -## Server Updates and Packages - -Now that the DNS settings have been changed, let's set up our server while we -wait for the DNS to propagate. -First up is to ssh into your server. -If you've signed up with a service like DigitalOcean, you can add your SSH -key to your account and to your VPS droplet so that you don't need a -password in order to SSH. - -```sh +#+end_src + +If you have any other records that require updates, such as MX or TXT +records for a mail server, be sure to update those accordingly. +Personally, I don't host my own mail server. I route all mail on my +custom domains to [[https://www.migadu.com][Migadu]]. Hosting your own +email server can become complex quickly and is not for beginners. + +DNS changes can take up to 48 hours to propagate, so be sure to give it +some time before assuming you've made an error. + +** Server Updates and Packages +:PROPERTIES: +:CUSTOM_ID: server-updates-and-packages +:END: +Now that the DNS settings have been changed, let's set up our server +while we wait for the DNS to propagate. First up is to ssh into your +server. If you've signed up with a service like DigitalOcean, you can +add your SSH key to your account and to your VPS droplet so that you +don't need a password in order to SSH. + +#+begin_src sh ssh root@xxx.xxx.xxx.xxx -``` +#+end_src -The VPS that is used in this blog post runs Ubuntu 20.04 with an Apache web -server. -If you're working on a different operating system (OS) or want a -different web server, such as Nginx, you'll have to use different commands -to set it up. +The VPS that is used in this blog post runs Ubuntu 20.04 with an Apache +web server. If you're working on a different operating system (OS) or +want a different web server, such as Nginx, you'll have to use different +commands to set it up. First, let's update and upgrade our server. -**NOTE:** Since we have logged in to the server as `root` for now, we don't need -to use the `sudo` modifier before our commands. +*NOTE:* Since we have logged in to the server as =root= for now, we +don't need to use the =sudo= modifier before our commands. -```sh +#+begin_src sh apt update && apt upgrade -y -``` - -## Create A User Account +#+end_src -While being able to use `root` can be beneficial at times, you shouldn't use -`root` unless you have to. +** Create A User Account +:PROPERTIES: +:CUSTOM_ID: create-a-user-account +:END: +While being able to use =root= can be beneficial at times, you shouldn't +use =root= unless you have to. -So let's set up a new user in our system. The `-m` option below tells the OS to -create a home directory for the new user. +So let's set up a new user in our system. The =-m= option below tells +the OS to create a home directory for the new user. -```sh +#+begin_src sh adduser USERNAME -``` +#+end_src Now, create a password for that user. -```sh +#+begin_src sh passwd USERNAME -``` +#+end_src -Finally, add the user to the sudoers file, so they can perform priveleged -commands. +Finally, add the user to the sudoers file, so they can perform +priveleged commands. -```sh +#+begin_src sh usermod -a -G sudo USERNAME -``` +#+end_src -If you are using SSH keys and not passwords, you'll need to copy your SSH key -from your local machine to the VPS. If you haven't disabled password-based SSH -yet, the easiest way to do this is `ssh-copy-id` from your local computer (not -from the VPS): +If you are using SSH keys and not passwords, you'll need to copy your +SSH key from your local machine to the VPS. If you haven't disabled +password-based SSH yet, the easiest way to do this is =ssh-copy-id= from +your local computer (not from the VPS): -```sh +#+begin_src sh ssh-copy-id testuser@xxx.xxx.xxx.xxx -``` +#+end_src -If you've disabled password-based SSH, you'll need to manually copy your SSH key -into the `~/.ssh/authorized_keys` file. +If you've disabled password-based SSH, you'll need to manually copy your +SSH key into the =~/.ssh/authorized_keys= file. -## Install Software +** Install Software +:PROPERTIES: +:CUSTOM_ID: install-software +:END: +Our goal here is to host a web server, so the next step is to install +the Apache web server and any other packages we need. -Our goal here is to host a web server, so the next step is to install the Apache -web server and any other packages we need. +From this point on, I will be logged in as a user (not =root=) and will +need to use the =sudo= modifier for most commands. -From this point on, I will be logged in as a user (not `root`) and will need to -use the `sudo` modifier for most commands. - -```sh +#+begin_src sh sudo apt update; sudo apt upgrade -y; sudo apt autoremove -y sudo apt install apache2 -``` +#+end_src -If you need other language support, such as PHP, you'll need to install that -too. +If you need other language support, such as PHP, you'll need to install +that too. -```sh +#+begin_src sh sudo apt install libapache2-mod-php php-dom sudo a2enmod php sudo systemctl restart apache2 -``` - -## Website Files & Folders +#+end_src -Next up is to create the directories for the domain(s) we want to be hosted on -this web server. +** Website Files & Folders +:PROPERTIES: +:CUSTOM_ID: website-files-folders +:END: +Next up is to create the directories for the domain(s) we want to be +hosted on this web server. -```sh +#+begin_src sh cd /var/www sudo mkdir example.com -``` +#+end_src -We have a folder for `example.com` now, so let's add an `index.html` file and -put it within a specific `public_html` folder. You don't need this `public_html` -if you don't want it, but it helps with organizing items related to -`example.com` that you don't want to publish to the internet. +We have a folder for =example.com= now, so let's add an =index.html= +file and put it within a specific =public_html= folder. You don't need +this =public_html= if you don't want it, but it helps with organizing +items related to =example.com= that you don't want to publish to the +internet. -```sh +#+begin_src sh cd example.com sudo mkdir public_html && cd public_html sudo nano index.html -``` +#+end_src -You can put anything you want in this `index.html` file. If you can't think of -anything, paste this in there: +You can put anything you want in this =index.html= file. If you can't +think of anything, paste this in there: -```html +#+begin_src html - - - - Hello, world! - - -

Hello, world!

- + + + + Hello, world! + + +

Hello, world!

+ -``` +#+end_src -If you want something to be served at `example.com/page01/file.txt`, you'll have -to create the `page01` directory under the `example.com` directory. For example: +If you want something to be served at =example.com/page01/file.txt=, +you'll have to create the =page01= directory under the =example.com= +directory. For example: -```sh +#+begin_src sh cd /var/www/example.com/public_html sudo mkdir page01 sudo nano file.txt -``` +#+end_src -## Apache Configuration +** Apache Configuration +:PROPERTIES: +:CUSTOM_ID: apache-configuration +:END: +Now, let's set up the files that will tell the server where to find the +files for =example.com=. We will copy the default configuration file and +create our own. -Now, let's set up the files that will tell the server where to find the files -for `example.com`. We will copy the default configuration file and create our -own. - -```sh +#+begin_src sh cd /etc/apache2/sites-available sudo cp 000-default.conf example.com.conf sudo nano example.com.conf -``` +#+end_src -This configuration file will have a few default lines, but you'll need to edit -it to look similar to this (settings may change based on your personal needs): +This configuration file will have a few default lines, but you'll need +to edit it to look similar to this (settings may change based on your +personal needs): -```config +#+begin_src config ServerAdmin your-email@email-provider.com ServerName example.com @@ -273,128 +296,138 @@ it to look similar to this (settings may change based on your personal needs): ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined -``` +#+end_src Now, enable the configuration for your new site, disable the default configuration, and reload the web server. -```sh +#+begin_src sh sudo a2ensite example.com.conf sudo a2dissite 000-default.conf sudo systemctl reload apache2 -``` +#+end_src -You can always run a test to make sure no errors or warnings are found in your -configuration files. +You can always run a test to make sure no errors or warnings are found +in your configuration files. -```sh +#+begin_src sh sudo apache2ctl configtest -``` +#+end_src -Now, restart the web server entirely. After this, you should be able to browse -to `http://example.com` and see the HTML content you provided earlier. Note that -SSL/TLS has not been enabled yet, so you won't be able to use the secure version -yet (`https://example.com`). +Now, restart the web server entirely. After this, you should be able to +browse to =http://example.com= and see the HTML content you provided +earlier. Note that SSL/TLS has not been enabled yet, so you won't be +able to use the secure version yet (=https://example.com=). -```sh +#+begin_src sh sudo systemctl restart apache2 -``` - -You can repeat this for as many websites as you need. Just create the domain -folders in `/var/www/`, add the configuration file, enable the configuration, -and restart `apache2`. +#+end_src -## SSL/TLS Certificates: Serve Websites Over HTTPS +You can repeat this for as many websites as you need. Just create the +domain folders in =/var/www/=, add the configuration file, enable the +configuration, and restart =apache2=. -In order to serve secure content, you'll need to obtain SSL/TLS certificates. -Luckily, there's a free tool called [Certbot](https://certbot.eff.org) that -helps us with the process. +** SSL/TLS Certificates: Serve Websites Over HTTPS +:PROPERTIES: +:CUSTOM_ID: ssltls-certificates-serve-websites-over-https +:END: +In order to serve secure content, you'll need to obtain SSL/TLS +certificates. Luckily, there's a free tool called +[[https://certbot.eff.org][Certbot]] that helps us with the process. -The first step is to install `snapd` and `core` for Ubuntu. +The first step is to install =snapd= and =core= for Ubuntu. -```sh +#+begin_src sh sudo apt install snapd sudo snap install core sudo snap refresh core -``` +#+end_src -Next, install the `certbot` snap package. +Next, install the =certbot= snap package. -```sh +#+begin_src sh sudo snap install --classic certbot -``` +#+end_src -Execute the following command to ensure that the `certbot` command can be run. +Execute the following command to ensure that the =certbot= command can +be run. -```sh +#+begin_src sh sudo ln -s /snap/bin/certbot /usr/bin/certbot -``` +#+end_src -Finally, you can run `certbot` one of two ways: +Finally, you can run =certbot= one of two ways: -1. run it and let it alter your Apache configuration files automatically to - enable HTTPS redirects. -2. run it and only allow it to create certificates. - You'll need to manually alter the config files to enable HTTPS redirects. +1. run it and let it alter your Apache configuration files automatically + to enable HTTPS redirects. +2. run it and only allow it to create certificates. You'll need to + manually alter the config files to enable HTTPS redirects. Run certbot and allow automatic config changes: -```sh +#+begin_src sh sudo certbot --apache -``` +#+end_src -Run certbot for certificates only and don't allow it to alter config files: +Run certbot for certificates only and don't allow it to alter config +files: -```sh +#+begin_src sh sudo certbot certonly --apache -``` +#+end_src -The Certbot packages on your system come with a cron job or systemd timer that -will renew your certificates automatically before they expire. You will not need -to run Certbot again unless you change your configuration. You can test -automatic renewal for your certificates by running this command: +The Certbot packages on your system come with a cron job or systemd +timer that will renew your certificates automatically before they +expire. You will not need to run Certbot again unless you change your +configuration. You can test automatic renewal for your certificates by +running this command: -```sh +#+begin_src sh sudo certbot renew --dry-run -``` +#+end_src -Now, test your domains by going to `https://example.com`. - -## Firewall Security +Now, test your domains by going to =https://example.com=. +** Firewall Security +:PROPERTIES: +:CUSTOM_ID: firewall-security +:END: To enable better security on your server, you'll need to enable a basic firewall. For Ubuntu, we'll use -[the uncomplicated firewall](https://cleberg.net/blog/secure-your-network-with-the-uncomplicated-firewall.html). +[[https://cleberg.net/blog/secure-your-network-with-the-uncomplicated-firewall.html][the +uncomplicated firewall]]. -Now, add the following rules to the firewall allow SSH, Apache, and HTTP(S) -connections. If you need to, you can enable different ports for specifics -applications, SFTP, etc. +Now, add the following rules to the firewall allow SSH, Apache, and +HTTP(S) connections. If you need to, you can enable different ports for +specifics applications, SFTP, etc. -```sh +#+begin_src sh sudo ufw default deny incoming sudo ufw default allow outgoing sudo ufw allow OpenSSH sudo ufw allow Apache sudo ufw allow proto tcp from any to any port 80,443 -``` +#+end_src Once you've added all the rules you need, enable the firewall. -```sh +#+begin_src sh sudo ufw enable -``` - -## Troubleshooting +#+end_src -If you run into any issues during your VPS set-up, be sure to walk back through -your actions and make sure you didn't miss any steps. +** Troubleshooting +:PROPERTIES: +:CUSTOM_ID: troubleshooting +:END: +If you run into any issues during your VPS set-up, be sure to walk back +through your actions and make sure you didn't miss any steps. Many websites have fantastic guides to setting up various web servers. -This is one of the areas [where DigitalOcean shines](https://www.digitalocean. -com/community/tutorials). -For simpler or more Linux-oriented questions, I suggest using [Linuxize] -(https://linuxize.com). - -If you're getting certain errors (e.g. `500 Internal Server Error`) and need to -debug locally, you can view the `access.log` and `error.log` files in the -`/var/log/apache/` directory. +This is one of the areas +[[https://www.digitalocean.%20com/community/tutorials][where +DigitalOcean shines]]. For simpler or more Linux-oriented questions, I +suggest using [Linuxize] (https://linuxize.com). + +If you're getting certain errors (e.g. =500 Internal Server Error=) and +need to debug locally, you can view the =access.log= and =error.log= +files in the =/var/log/apache/= directory. diff --git a/blog/2021-04-17-gemini-server.org b/blog/2021-04-17-gemini-server.org index b6a7794..6494c9c 100644 --- a/blog/2021-04-17-gemini-server.org +++ b/blog/2021-04-17-gemini-server.org @@ -1,159 +1,181 @@ -+++ -date = 2021-04-17 -title = "Hosting a Gemini Server" -description = "Dive deeper into Gemini by hosting your own Gemini web server." -draft = false -+++ - -## Similar Article Available - -To read more about Gemini and ways to test out this new protocol without your -own server, see my previous post -[Launching a Gemini Capsule](/blog/launching-a-gemini-capsule/). - -## Preparation - -This guide assumes you have access to a server accessible to the world through a -public IP address and that you own a domain name used for this Gemini capsule. - -## Getting Started with Agate - -We are going to use [Agate](https://github.com/mbrubeck/agate) for this -tutorial. -This is a basic Gemini server written in Rust. -It takes very little time and maintenance to get it running. - -## Install Dependencies - -First, you will need to install the Rust package for your system. On Ubuntu, use -the following commands (remember to use `sudo` if you are not the root user). -The Rust installation will give you options to customize the installation; I -used the default installation options. - -```sh +#+title: Hosting a Gemini Server +#+date: 2021-04-17 + +** Similar Article Available +:PROPERTIES: +:CUSTOM_ID: similar-article-available +:END: +To read more about Gemini and ways to test out this new protocol without +your own server, see my previous post +[[/blog/launching-a-gemini-capsule/][Launching a Gemini Capsule]]. + +** Preparation +:PROPERTIES: +:CUSTOM_ID: preparation +:END: +This guide assumes you have access to a server accessible to the world +through a public IP address and that you own a domain name used for this +Gemini capsule. + +** Getting Started with Agate +:PROPERTIES: +:CUSTOM_ID: getting-started-with-agate +:END: +We are going to use [[https://github.com/mbrubeck/agate][Agate]] for +this tutorial. This is a basic Gemini server written in Rust. It takes +very little time and maintenance to get it running. + +** Install Dependencies +:PROPERTIES: +:CUSTOM_ID: install-dependencies +:END: +First, you will need to install the Rust package for your system. On +Ubuntu, use the following commands (remember to use =sudo= if you are +not the root user). The Rust installation will give you options to +customize the installation; I used the default installation options. + +#+begin_src sh sudo apt update && sudo apt upgrade -y curl https://sh.rustup.rs -sSf | sh -``` +#+end_src Remember to configure your shell with the new configuration: -```sh +#+begin_src sh source $HOME/.cargo/env -``` +#+end_src -Before we install agate, make sure you have the `gcc` package installed: +Before we install agate, make sure you have the =gcc= package installed: -```sh +#+begin_src sh sudo apt install gcc -``` +#+end_src -Next, you'll need to install the agate executable with Rust's Cargo package -maintainer: +Next, you'll need to install the agate executable with Rust's Cargo +package maintainer: -```sh +#+begin_src sh cargo install agate -``` - -## Create Symlinks +#+end_src -Once Cargo has finished installing all the required packages, symlink the -executable to your \$PATH. +** Create Symlinks +:PROPERTIES: +:CUSTOM_ID: create-symlinks +:END: +Once Cargo has finished installing all the required packages, symlink +the executable to your $PATH. -```sh +#+begin_src sh sudo ln -s $HOME/.cargo/bin/agate /usr/local/bin/agate -``` +#+end_src -## Using Agate's Built-In Installation Tool +** Using Agate's Built-In Installation Tool +:PROPERTIES: +:CUSTOM_ID: using-agates-built-in-installation-tool +:END: +If you're running Ubuntu or Debian, use the Debian installation script +found in Agate's GitHub repository, under the =tools/debian= folder. -If you're running Ubuntu or Debian, use the Debian installation script found in -Agate's GitHub repository, under the `tools/debian` folder. - -```sh +#+begin_src sh git clone https://github.com/mbrubeck/agate cd agate/tools/debian sudo ./install.sh -``` - -## Configure the Gemini Service - -We have a little more to do, but since this script tries to immediately run the -service, it will likely fail with an exit code. Let's add our finishing touches. -Edit the following file and replace the hostname with your desired URL. You can -also change the directory where content will be served. - -```sh +#+end_src + +** Configure the Gemini Service +:PROPERTIES: +:CUSTOM_ID: configure-the-gemini-service +:END: +We have a little more to do, but since this script tries to immediately +run the service, it will likely fail with an exit code. Let's add our +finishing touches. Edit the following file and replace the hostname with +your desired URL. You can also change the directory where content will +be served. + +#+begin_src sh sudo nano /etc/systemd/system/gemini.service -``` +#+end_src -```sh +#+begin_src sh # Edit these lines to whatever you want - see the next code block for my personal configuration. WorkingDirectory=/srv/gemini ExecStart=agate --hostname $(uname -n) --lang en -``` +#+end_src This is my personal config: -```sh +#+begin_src sh WorkingDirectory=/var/gemini/ ExecStart=agate --hostname gemini.example.com --lang en -``` +#+end_src -Since we've altered the systemd configuration files, we have to reload the -daemon. Let's do that, restart our service, and check its status. +Since we've altered the systemd configuration files, we have to reload +the daemon. Let's do that, restart our service, and check its status. -```sh +#+begin_src sh sudo systemctl daemon-reload sudo systemctl restart gemini.service sudo systemctl status gemini.service -``` - -## Fixing Systemd Errors +#+end_src -If you're still getting errors, the installation process may not have properly -enabled the gemini service. Fix it with the following commands. +** Fixing Systemd Errors +:PROPERTIES: +:CUSTOM_ID: fixing-systemd-errors +:END: +If you're still getting errors, the installation process may not have +properly enabled the gemini service. Fix it with the following commands. -```sh +#+begin_src sh sudo systemctl enable gemini.service sudo systemctl restart gemini.service sudo systemctl status gemini.service -``` +#+end_src -## Firewall Rules +** Firewall Rules +:PROPERTIES: +:CUSTOM_ID: firewall-rules +:END: +Great! Our server is now functional and running. The first consideration +now is that you need to be able to access port 1965 on the server. If +you have a firewall enabled, you'll need to open that port up. -Great! Our server is now functional and running. The first consideration now is -that you need to be able to access port 1965 on the server. If you have a -firewall enabled, you'll need to open that port up. - -```sh +#+begin_src sh sudo ufw allow 1965 sudo ufw reload -``` - -## Creating Content - -Let's create the Gemini capsule. Note that wherever you set the WorkingDirectory -variable to earlier, Agate will expect you to put your Gemini capsule contents -in a sub-folder called "content." So, I place my files in "/var/gmi/content." I'm -going to create that folder now and put a file in there. - -```sh +#+end_src + +** Creating Content +:PROPERTIES: +:CUSTOM_ID: creating-content +:END: +Let's create the Gemini capsule. Note that wherever you set the +WorkingDirectory variable to earlier, Agate will expect you to put your +Gemini capsule contents in a sub-folder called "content." So, I place my +files in "/var/gmi/content." I'm going to create that folder now and put +a file in there. + +#+begin_src sh sudo mkdir /var/gemini/content sudo nano /var/gemini/content/index.gmi -``` - -You can put whatever you want in the "index.gmi" file, just make sure it's valid -Gemtext. +#+end_src -## The Results +You can put whatever you want in the "index.gmi" file, just make sure +it's valid Gemtext. +** The Results +:PROPERTIES: +:CUSTOM_ID: the-results +:END: Here are some screenshots of the Gemini page I just created in the -[Lagrange](https://gmi.skyjake.fi/lagrange/) browser and the -[amfora](https://github.com/makeworld-the-better-one/amfora) browser. +[[https://gmi.skyjake.fi/lagrange/][Lagrange]] browser and the +[[https://github.com/makeworld-the-better-one/amfora][amfora]] browser. -![GUI Gemini browser](https://img.cleberg.net/blog/20210417-hosting-a-gemini-server/lagrange.png) +#+caption: GUI Gemini browser +[[https://img.cleberg.net/blog/20210417-hosting-a-gemini-server/lagrange.png]] -_Lagrange_ +/Lagrange/ -![CLI Gemini browser](https://img.cleberg.net/blog/20210417-hosting-a-gemini-server/amfora.png) +#+caption: CLI Gemini browser +[[https://img.cleberg.net/blog/20210417-hosting-a-gemini-server/amfora.png]] -_Amfora_ +/Amfora/ diff --git a/blog/2021-04-23-php-comment-system.org b/blog/2021-04-23-php-comment-system.org index 50c77f1..d539a4e 100644 --- a/blog/2021-04-23-php-comment-system.org +++ b/blog/2021-04-23-php-comment-system.org @@ -1,151 +1,161 @@ -+++ -date = 2021-04-23 -title = "Roll Your Own Static Commenting System in PHP" -description = "Learn how to skip the tedium of finding the proper commenting system by simply rolling your own in PHP." -draft = false -+++ +#+title: Roll Your Own Static Commenting System in PHP +#+date: 2021-04-23 -## The Terrible-ness of Commenting Systems +** The Terrible-ness of Commenting Systems +:PROPERTIES: +:CUSTOM_ID: the-terrible-ness-of-commenting-systems +:END: +The current state of affairs regarding interactive comment systems is, +well, terrible. It is especially awful if you're a privacy conscious +person who does not generally load third-party scripts or frames on the +websites you visit. -The current state of affairs regarding interactive comment systems is, well, -terrible. It is especially awful if you're a privacy conscious person who does -not generally load third-party scripts or frames on the websites you visit. - -Even further, many comment systems are charging exorbitant fees for something -that should be standard. +Even further, many comment systems are charging exorbitant fees for +something that should be standard. Of course, there are some really terrible options: -- Facebook Comments -- Discourse - -There are some options that are better but still use too many scripts, frames, -or social integrations on your web page that could impact some users: - -- Disqus -- Isso -- Remark42 - -Lastly, I looked into a few unique ways of generating blog comments, such as -using Twitter threads or GitHub issues to automatically post issues. However, -these both rely on external third-party sites that I don't currently use. - -## Stay Static with Server-Side Comments - -The main issue for my personal use-case is that my blog is completely, 100% -static. I use PHP on the back-end but website visitors only see HTML and a -single CSS file. No external javascript and no embedded frames. - -So, how do we keep a site static and still allow users to interact with blog -posts? The key actually pretty simple - I'm already using PHP, so why not rely -on the classic HTML `
` and a PHP script to save the comments somewhere? As -it turns out, this was a perfect solution for me. - -The second issue for my personal use-case is that I am trying to keep the -contents of my website accessible over time, as described by @brandur, in his -post entitled -[Blog with Markdown + Git, and degrade gracefully through time](https://brandur.org/fragments/graceful-degradation-time) -. - -This means I cannot rely on a database for comments, since I do not rely on a -database for any other part of my websites. - -I blog in plain Markdown files, commit all articles to Git, and ensure that -future readers will be able to see the source data long after I'm gone, or the -website has gone offline. However, I still haven't committed any images served -on my blog to Git, as I'm not entirely sold on Git LFS yet - for now, images can -be found at [img.cleberg.net](https://img.cleberg.net). - -Saving my comments back to the Git repository ensures that another aspect of my -site will degrade gracefully. - -## Create a Comment Form - -Okay, let's get started. The first step is to create an HTML form that users can -see and utilize to submit comments. This is fairly easy and can be changed -depending on your personal preferences. - -Take a look at the code block below for the form I currently use. Note that -`` is replaced automatically in PHP with the current post's URL, so -that my PHP script used later will know which blog post the comment is related -to. +- Facebook Comments +- Discourse + +There are some options that are better but still use too many scripts, +frames, or social integrations on your web page that could impact some +users: + +- Disqus +- Isso +- Remark42 + +Lastly, I looked into a few unique ways of generating blog comments, +such as using Twitter threads or GitHub issues to automatically post +issues. However, these both rely on external third-party sites that I +don't currently use. + +** Stay Static with Server-Side Comments +:PROPERTIES: +:CUSTOM_ID: stay-static-with-server-side-comments +:END: +The main issue for my personal use-case is that my blog is completely, +100% static. I use PHP on the back-end but website visitors only see +HTML and a single CSS file. No external javascript and no embedded +frames. + +So, how do we keep a site static and still allow users to interact with +blog posts? The key actually pretty simple - I'm already using PHP, so +why not rely on the classic HTML == and a PHP script to save the +comments somewhere? As it turns out, this was a perfect solution for me. + +The second issue for my personal use-case is that I am trying to keep +the contents of my website accessible over time, as described by +[cite/t:@brandur], in his post entitled +[[https://brandur.org/fragments/graceful-degradation-time][Blog with +Markdown + Git, and degrade gracefully through time]] . + +This means I cannot rely on a database for comments, since I do not rely +on a database for any other part of my websites. + +I blog in plain Markdown files, commit all articles to Git, and ensure +that future readers will be able to see the source data long after I'm +gone, or the website has gone offline. However, I still haven't +committed any images served on my blog to Git, as I'm not entirely sold +on Git LFS yet - for now, images can be found at +[[https://img.cleberg.net][img.cleberg.net]]. + +Saving my comments back to the Git repository ensures that another +aspect of my site will degrade gracefully. + +** Create a Comment Form +:PROPERTIES: +:CUSTOM_ID: create-a-comment-form +:END: +Okay, let's get started. The first step is to create an HTML form that +users can see and utilize to submit comments. This is fairly easy and +can be changed depending on your personal preferences. + +Take a look at the code block below for the form I currently use. Note +that == is replaced automatically in PHP with the current +post's URL, so that my PHP script used later will know which blog post +the comment is related to. The form contains the following structure: -1. `` - This is the form and will determine which PHP script to send the - comment to. -2. `