diff options
Diffstat (limited to 'live/blog/a')
-rw-r--r-- | live/blog/a/acomodada_la_pagina_de_arte.html | 19 | ||||
-rw-r--r-- | live/blog/a/asi_nomas_esta_quedando.html | 19 | ||||
-rw-r--r-- | live/blog/a/devs_android_me_trozaron.html | 15 | ||||
-rw-r--r-- | live/blog/a/el_blog_ya_tiene_timestamps.html | 24 | ||||
-rw-r--r-- | live/blog/a/first_blog_post.html | 23 | ||||
-rw-r--r-- | live/blog/a/git_server_with_cgit.html | 48 | ||||
-rw-r--r-- | live/blog/a/hoy_toco_desarrollo_personaje.html | 13 | ||||
-rw-r--r-- | live/blog/a/mail_server_with_postfix.html | 70 | ||||
-rw-r--r-- | live/blog/a/new_blogging_system.html | 21 | ||||
-rw-r--r-- | live/blog/a/password_manager_authenticator_setup.html | 19 | ||||
-rw-r--r-- | live/blog/a/rewrote_pyssg_again.html | 19 | ||||
-rw-r--r-- | live/blog/a/tenia_esto_descuidado.html | 28 | ||||
-rw-r--r-- | live/blog/a/volviendo_a_usar_la_pagina.html | 21 | ||||
-rw-r--r-- | live/blog/a/vpn_server_with_openvpn.html | 50 | ||||
-rw-r--r-- | live/blog/a/website_with_nginx.html | 49 | ||||
-rw-r--r-- | live/blog/a/xmpp_server_with_prosody.html | 62 |
16 files changed, 332 insertions, 168 deletions
diff --git a/live/blog/a/acomodada_la_pagina_de_arte.html b/live/blog/a/acomodada_la_pagina_de_arte.html index bfd6cce..5703a47 100644 --- a/live/blog/a/acomodada_la_pagina_de_arte.html +++ b/live/blog/a/acomodada_la_pagina_de_arte.html @@ -16,13 +16,11 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> -<script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> -<script type="text/javascript"> - hljs.initHighlightingOnLoad(); -</script> -<link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + <!-- og meta --> <meta property="og:title" content="Al fin ya me acomodé la página pa' los dibujos -- Luevano's Blog"/> @@ -73,10 +71,15 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>Al fin ya me acomodé la página pa' los dibujos</h1> <p>Así es, ya quedó acomodado el sub-dominio <code>art.luevano.xyz</code> pos pal <a href="https://art.luevano.xyz">arte</a> veda. Entonces pues ando feliz por eso.</p> -<p>Este pedo fue gracias a que me reescribí la forma en la que <code>pyssg</code> maneja los templates, ahora uso el sistema de <code>jinja</code> en vez del cochinero que hacía antes.</p> +<p>Este pedo fue gracias a que me reescribí la forma en la que <a href="https://github.com/luevano/pyssg"><code>pyssg</code></a> maneja los templates, ahora uso el sistema de <a href="https://jinja.palletsprojects.com/en/3.1.x/"><code>jinja</code></a> en vez del cochinero que hacía antes.</p> <p>Y pues nada más eso, aquí está el <a href="https://art.luevano.xyz/a/elephant_octopus.html">primer post</a> y por supuesto acá está el link del RSS <a href="https://art.luevano.xyz/rss.xml">https://art.luevano.xyz/rss.xml</a>.</p> <div class="page-nav"> @@ -107,7 +110,7 @@ <div class="article-info"> <p>By David Luévano</p> <p>Created: Sun, Jun 06, 2021 @ 19:06 UTC</p> - <p>Modified: Sun, Jun 06, 2021 @ 19:08 UTC</p> + <p>Modified: Thu, May 04, 2023 @ 18:19 UTC</p> <div class="article-tags"> <p>Tags: <a href="https://blog.luevano.xyz/tag/@short.html">short</a>, <a href="https://blog.luevano.xyz/tag/@spanish.html">spanish</a>, <a href="https://blog.luevano.xyz/tag/@update.html">update</a> </p> diff --git a/live/blog/a/asi_nomas_esta_quedando.html b/live/blog/a/asi_nomas_esta_quedando.html index c1f9f3f..b275a2c 100644 --- a/live/blog/a/asi_nomas_esta_quedando.html +++ b/live/blog/a/asi_nomas_esta_quedando.html @@ -16,13 +16,11 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> -<script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> -<script type="text/javascript"> - hljs.initHighlightingOnLoad(); -</script> -<link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + <!-- og meta --> <meta property="og:title" content="Así nomás está quedando el página -- Luevano's Blog"/> @@ -73,13 +71,19 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>Así nomás está quedando el página</h1> <p>Estuve acomodando un poco más el <em>sItIo</em>, al fin agregué la “sección” de <a href="https://luevano.xyz/contact.html">contact</a> y de <a href="https://luevano.xyz/donate.html">donate</a> por si hay algún loco que quiere tirar varo.</p> <p>También me puse a acomodar un servidor de <a href="https://xmpp.org/">XMPP</a> el cual, en pocas palabras, es un protocolo de mensajería instantánea (y más) descentralizado, por lo cual cada quien puede hacer una cuenta en el servidor que quiera y conectarse con cuentas creadas en otro servidor… exacto, como con los correos electrónicos. Y esto está perro porque si tú tienes tu propio server, así como con uno de correo electrónico, puedes controlar qué características tiene, quiénes pueden hacer cuenta, si hay <em>end-to-end encryption</em> (o mínimo <em>end-to-server</em>), entre un montón de otras cosas.</p> <p>Ahorita este server es SUMISO (<em>compliant</em> en español, jeje) para jalar con la app <a href="https://conversations.im/">conversations</a> y con la red social <a href="https://movim.eu/">movim</a>, pero realmente funcionaría con casi cualquier cliente de XMPP, amenos que ese cliente implemente algo que no tiene mi server. Y también acomodé un server de <a href="https://matrix.org/">Matrix</a> que es muy similar pero es bajo otro protocolo y se siente más como un discord/slack (al menos en el <a href="https://element.io/">element</a>), muy chingón también.</p> -<p>Si bien aún quedan cosas por hacer sobre estos dos servers que me acomodé (además de hacerles unas entradas para documentar cómo lo hice), quiero moverme a otra cosa que sería acomodar una sección de dibujos, lo cual en teoría es bien sencillo, pero como quiero poder automatizar la publicación de estos, quiero modificar un poco el <a href="https://github.com/luevano/pyssg">pyssg</a> para que jale chido para este pex.</p> +<p>Si bien aún quedan cosas por hacer sobre estos dos servers que me acomodé (además de hacerles unas entradas para documentar cómo lo hice), quiero moverme a otra cosa que sería acomodar una sección de dibujos, lo cual en teoría es bien sencillo, pero como quiero poder automatizar la publicación de estos, quiero modificar un poco el <a href="https://github.com/luevano/pyssg"><code>pyssg</code></a> para que jale chido para este pex.</p> <p>Ya por último también quiero moverle un poco al CSS, porque lo dejé en un estado muy culerón y quiero meterle/ajustar unas cosas para que quede más limpio y medianamente bonito… <em>dentro de lo que cabe porque evidentemente me vale verga si se ve como una página del 2000</em>.</p> +<p><strong>Actualización</strong>: Ya tumbé el servidor de XMPP porque consumía bastantes recursos y no lo usaba tanto, si en un futuro consigo un mejor servidor podría volver a hostearlo.</p> <div class="page-nav"> <span class="next"> @@ -109,6 +113,7 @@ <div class="article-info"> <p>By David Luévano</p> <p>Created: Fri, Jun 04, 2021 @ 08:24 UTC</p> + <p>Modified: Thu, May 04, 2023 @ 18:18 UTC</p> <div class="article-tags"> <p>Tags: <a href="https://blog.luevano.xyz/tag/@short.html">short</a>, <a href="https://blog.luevano.xyz/tag/@spanish.html">spanish</a>, <a href="https://blog.luevano.xyz/tag/@update.html">update</a> </p> diff --git a/live/blog/a/devs_android_me_trozaron.html b/live/blog/a/devs_android_me_trozaron.html index 69239fb..860bd63 100644 --- a/live/blog/a/devs_android_me_trozaron.html +++ b/live/blog/a/devs_android_me_trozaron.html @@ -16,13 +16,11 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> -<script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> -<script type="text/javascript"> - hljs.initHighlightingOnLoad(); -</script> -<link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + <!-- og meta --> <meta property="og:title" content="Los devs de Android/MIUI me trozaron -- Luevano's Blog"/> @@ -73,6 +71,11 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>Los devs de Android/MIUI me trozaron</h1> <p>Llevo dos semanas posponiendo esta entrada porque andaba bien enojado (todavía, pero ya se anda pasando) y me daba <em>zzz</em>. Pero bueno, antes que nada este pex ocupa un poco de contexto sobre dos cositas:</p> diff --git a/live/blog/a/el_blog_ya_tiene_timestamps.html b/live/blog/a/el_blog_ya_tiene_timestamps.html index 29c080e..cf9d36d 100644 --- a/live/blog/a/el_blog_ya_tiene_timestamps.html +++ b/live/blog/a/el_blog_ya_tiene_timestamps.html @@ -16,13 +16,12 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> -<script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> -<script type="text/javascript"> - hljs.initHighlightingOnLoad(); -</script> -<link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + + <!-- og meta --> <meta property="og:title" content="Así es raza, el blog ya tiene timestamps -- Luevano's Blog"/> @@ -73,12 +72,19 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>Así es raza, el blog ya tiene timestamps</h1> <p>Pues eso, esta entrada es sólo para tirar update sobre mi <a href="https://blog.luevano.xyz/a/first_blog_post.html">primer post</a>. Ya modifiqué el <code>ssg</code> lo suficiente como para que maneje los <em>timestamps</em>, y ya estoy más familiarizado con este script entonces ya lo podré extender más, pero por ahora las entradas ya tienen su fecha de creación (y modificación en dado caso) al final y en el índice ya están organizados por fecha, que por ahora está algo simple pero está sencillo de extender.</p> <p>Ya lo único que queda es cambiar un poco el formato del blog (y de la página en general), porque en un momento de desesperación puse todo el texto en justificado y pues no se ve chido siempre, entonces queda corregir eso. <em>Y aunque me tomó más tiempo del que quisiera, así nomás quedó, diría un cierto personaje.</em></p> -<p>El <code>ssg</code> modificado está en mis <a href="https://git.luevano.xyz/.dots">dotfiles</a> (o directamente <a href="https://git.luevano.xyz/.dots/tree/.local/bin/ssg">aquí</a>).</p> -<p>Por último, también quité las extensiones <code>.html</code> de las URLs, porque se veía bien pitero, pero igual los links con <code>.html</code> al final redirigen a su link sin <code>.html</code>, así que no hay rollo alguno.</p> +<p><del>El <code>ssg</code> modificado está en mis <a href="https://git.luevano.xyz/.dots">dotfiles</a> (o directamente <a href="https://git.luevano.xyz/.dots/tree/.local/bin/ssg">aquí</a>).</del> +<ins>Como al final ya no usé el <code>ssg</code> modificado, este pex ya no existe.</ins></p> +<p>Por último, también quité las extensiones <code>.html</code> de las URLs, porque se ve bien pitero, pero igual los links con <code>.html</code> al final redirigen a su link sin <code>.html</code>, así que no hay rollo alguno.</p> +<p><strong>Actualización</strong>: Ahora estoy usando mi propia solución en vez de <code>ssg</code>, que la llamé <a href="https://github.com/luevano/pyssg"><code>pyssg</code></a>, de la cual empiezo a hablar <a href="https://blog.luevano.xyz/a/new_blogging_system.html">acá</a>.</p> <div class="page-nav"> <span class="next"> @@ -108,7 +114,7 @@ <div class="article-info"> <p>By David Luévano</p> <p>Created: Tue, Mar 16, 2021 @ 02:46 UTC</p> - <p>Modified: Mon, May 17, 2021 @ 20:53 UTC</p> + <p>Modified: Thu, May 04, 2023 @ 18:15 UTC</p> <div class="article-tags"> <p>Tags: <a href="https://blog.luevano.xyz/tag/@short.html">short</a>, <a href="https://blog.luevano.xyz/tag/@spanish.html">spanish</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@update.html">update</a> </p> diff --git a/live/blog/a/first_blog_post.html b/live/blog/a/first_blog_post.html index 6da8afd..d5eb3fd 100644 --- a/live/blog/a/first_blog_post.html +++ b/live/blog/a/first_blog_post.html @@ -16,13 +16,12 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> -<script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> -<script type="text/javascript"> - hljs.initHighlightingOnLoad(); -</script> -<link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + + <!-- og meta --> <meta property="og:title" content="This is the first blog post, just for testing purposes -- Luevano's Blog"/> @@ -73,11 +72,17 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>This is the first blog post, just for testing purposes</h1> - <p>I’m making this post just to figure out how <a href="https://www.romanzolotarev.com/ssg.html"><code>ssg5</code></a> and <a href="https://kristaps.bsd.lv/lowdown/"><code>lowdown</code></a> are supposed to work (and eventually also <a href="https://www.romanzolotarev.com/rssg.html"><code>rssg</code></a>).</p> -<p>At the moment, I’m not satisfied because there’s no automatic date insertion into the 1) html file, 2) the blog post itself and 3) the listing system in the <a href="https://blog.luevano.xyz/">blog homepage</a> (and there’s also the problem with the ordering of the entries…). And all of this just because I didn’t want to use <a href="https://github.com/LukeSmithxyz/lb">Luke’s</a> solution (don’t really like that much how he handles the scripts… <em>but they just work</em>).</p> + <p>I’m making this post just to figure out how <a href="https://www.romanzolotarev.com/ssg.html"><code>ssg5</code></a> and <a href="https://kristaps.bsd.lv/lowdown/"><code>lowdown</code></a> are supposed to work, and eventually <a href="https://www.romanzolotarev.com/rssg.html"><code>rssg</code></a>.</p> +<p>At the moment I’m not satisfied because there’s no automatic date insertion into the 1) html file, 2) the blog post itself and 3) the listing system in the <a href="https://blog.luevano.xyz/">blog homepage</a> which also has a problem with the ordering of the entries. And all of this just because I didn’t want to use Luke’s <a href="https://github.com/LukeSmithxyz/lb">lb</a> solution as I don’t really like that much how he handles the scripts (<em>but they just work</em>).</p> <p>Hopefully, for tomorrow all of this will be sorted out and I’ll have a working blog system.</p> +<p><strong>Update</strong>: I’m now using my own solution which I called <a href="https://github.com/luevano/pyssg"><code>pyssg</code></a>, of which I talk about <a href="https://blog.luevano.xyz/a/new_blogging_system.html">here</a>.</p> <div class="page-nav"> <span class="next"> @@ -101,7 +106,7 @@ <div class="article-info"> <p>By David Luévano</p> <p>Created: Sat, Feb 27, 2021 @ 13:08 UTC</p> - <p>Modified: Mon, May 17, 2021 @ 20:53 UTC</p> + <p>Modified: Thu, May 04, 2023 @ 18:14 UTC</p> <div class="article-tags"> <p>Tags: <a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@short.html">short</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@update.html">update</a> </p> diff --git a/live/blog/a/git_server_with_cgit.html b/live/blog/a/git_server_with_cgit.html index defcf3e..3c0bcae 100644 --- a/live/blog/a/git_server_with_cgit.html +++ b/live/blog/a/git_server_with_cgit.html @@ -16,14 +16,21 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> + <!-- highlight support for code blocks --> <script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> <script type="text/javascript"> hljs.initHighlightingOnLoad(); </script> <link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + + + + <!-- og meta --> <meta property="og:title" content="Create a git server and setup cgit web app (on Nginx) -- Luevano's Blog"/> <meta property="og:type" content="article"/> @@ -73,17 +80,34 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>Create a git server and setup cgit web app (on Nginx)</h1> - <p>My git server is all I need to setup to actually <em>kill</em> my other server (I’ve been moving from servers on these last 2-3 blog entries), that’s why I’m already doing this entry. I’m basically following <a href="https://git-scm.com/book/en/v2/Git-on-the-Server-Setting-Up-the-Server">git’s guide on setting up a server</a> plus some specific stuff for (btw i use) Arch Linux (<a href="https://wiki.archlinux.org/index.php/Git_server#Web_interfaces">Arch Linux Wiki: Git server</a> and <a href="https://miracoin.wordpress.com/2014/11/25/step-by-step-guide-on-setting-up-git-server-in-arch-linux-pushable/">Step by step guide on setting up git server in arch linux (pushable)</a>).</p> -<p>Note that this is mostly for personal use, so there’s no user/authentication control other than that of SSH. Also, most if not all commands here are run as root.</p> -<h3 id="prerequisites">Prerequisites<a class="headerlink" href="#prerequisites" title="Permanent link">¶</a></h3> + <p>My git server is all I need to setup to actually <em>kill</em> my other server (I’ve been moving from servers on these last 2-3 blog entries), that’s why I’m already doing this entry. I’m basically following <a href="https://git-scm.com/book/en/v2/Git-on-the-Server-Setting-Up-the-Server">git’s guide on setting up a server</a> plus some specific stuff for <mark>btw i use</mark> Arch Linux (<a href="https://wiki.archlinux.org/index.php/Git_server#Web_interfaces">Arch Linux Wiki: Git server</a> and <a href="https://miracoin.wordpress.com/2014/11/25/step-by-step-guide-on-setting-up-git-server-in-arch-linux-pushable/">Step by step guide on setting up git server in arch linux (pushable)</a>).</p> +<p>Note that this is mostly for personal use, so there’s no user/authentication control other than that of normal <code>ssh</code>. And as with the other entries, most if not all commands here are run as root unless stated otherwise.</p> +<h2 id="table-of-contents">Table of contents<a class="headerlink" href="#table-of-contents" title="Permanent link">¶</a></h2> +<div class="toc"> +<ul> +<li><a href="#table-of-contents">Table of contents</a></li> +<li><a href="#prerequisites">Prerequisites</a></li> +<li><a href="#git">Git</a></li> +<li><a href="#cgit">Cgit</a><ul> +<li><a href="#cgits-file-rendering">Cgit’s file rendering</a></li> +</ul> +</li> +</ul> +</div> +<h2 id="prerequisites">Prerequisites<a class="headerlink" href="#prerequisites" title="Permanent link">¶</a></h2> <p>I might get tired of saying this (it’s just copy paste, basically)… but you will need the same prerequisites as before (check my <a href="https://blog.luevano.xyz/a/website_with_nginx.html">website</a> and <a href="https://blog.luevano.xyz/a/mail_server_with_postfix.html">mail</a> entries), with the extras:</p> <ul> <li>(Optional, if you want a “front-end”) A <strong>CNAME</strong> for “git” and (optionally) “www.git”, or some other name for your sub-domains.</li> <li>An SSL certificate, if you’re following the other entries, add a <code>git.conf</code> and run <code>certbot --nginx</code> to extend the certificate.</li> </ul> -<h3 id="git">Git<a class="headerlink" href="#git" title="Permanent link">¶</a></h3> +<h2 id="git">Git<a class="headerlink" href="#git" title="Permanent link">¶</a></h2> <p><a href="https://wiki.archlinux.org/title/git">Git</a> is a version control system.</p> <p>If not installed already, install the <code>git</code> package:</p> <pre><code class="language-sh">pacman -S git @@ -117,11 +141,11 @@ systemctl enable git-daemon.socket </code></pre> <p>You’re basically done. Now you should be able to push/pull repositories to your server… except, you haven’t created any repository in your server, that’s right, they’re not created automatically when trying to push. To do so, you have to run (while inside <code>/home/git</code>):</p> <pre><code class="language-sh">git init --bare {repo_name}.git -chown -R git:git repo_name.git +chown -R git:git {repo_name}.git </code></pre> -<p>Those two lines above will need to be run each time you want to add a new repository to your server (yeah, kinda lame… although there are options to “automate” this, I like it this way).</p> +<p><mark>Those two lines above will need to be run each time you want to add a new repository to your server</mark>. There are options to “automate” this but I like it this way.</p> <p>After that you can already push/pull to your repository. I have my repositories (locally) set up so I can push to more than one remote at the same time (my server, GitHub, GitLab, etc.); to do so, check <a href="https://gist.github.com/rvl/c3f156e117e22a25f242">this gist</a>.</p> -<h3 id="cgit">Cgit<a class="headerlink" href="#cgit" title="Permanent link">¶</a></h3> +<h2 id="cgit">Cgit<a class="headerlink" href="#cgit" title="Permanent link">¶</a></h2> <p><a href="https://wiki.archlinux.org/title/Cgit">Cgit</a> is a fast web interface for git.</p> <p>This is optionally since it’s only for the web application.</p> <p>Install the <code>cgit</code> and <code>fcgiwrap</code> packages:</p> @@ -162,10 +186,9 @@ repo.url={url} repo.path={dir_path} repo.owner={owner} repo.desc={short_description} - ... </code></pre> -<p>Where you can uncomment the <code>robots</code> line to let web crawlers (like Google’s) to index your <code>git</code> web app. And at the end keep all your repositories (the ones you want to make public), for example for my <a href="https://git.luevano.xyz/.dots"><em>dotfiles</em></a> I have:</p> +<p>Where you can uncomment the <code>robots</code> line to not let web crawlers (like Google’s) to index your <code>git</code> web app. And at the end keep all your repositories (the ones you want to make public), for example for my <a href="https://git.luevano.xyz/.dots"><em>dotfiles</em></a> I have:</p> <pre><code class="language-apache">... repo.url=.dots repo.path=/home/git/.dots.git @@ -174,6 +197,7 @@ repo.desc=These are my personal dotfiles. ... </code></pre> <p>Otherwise you could let <code>cgit</code> to automatically detect your repositories (you have to be careful if you want to keep “private” repos) using the option <code>scan-path</code> and setup <code>.git/description</code> for each repository. For more, you can check <a href="https://man.archlinux.org/man/cgitrc.5">cgitrc(5)</a>.</p> +<h3 id="cgits-file-rendering">Cgit’s file rendering<a class="headerlink" href="#cgits-file-rendering" title="Permanent link">¶</a></h3> <p>By default you can’t see the files on the site, you need a highlighter to render the files, I use <code>highlight</code>. Install the <code>highlight</code> package:</p> <pre><code class="language-sh">pacman -S highlight </code></pre> @@ -222,10 +246,10 @@ exec highlight --force --inline-css -f -I -O xhtml -S "$EXTENSION" 2&g <div class="article-info"> <p>By David Luévano</p> <p>Created: Sun, Mar 21, 2021 @ 19:00 UTC</p> - <p>Modified: Tue, Jun 08, 2021 @ 07:27 UTC</p> + <p>Modified: Fri, May 05, 2023 @ 08:35 UTC</p> <div class="article-tags"> <p>Tags: -<a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@server.html">server</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@tutorial.html">tutorial</a> </p> +<a href="https://blog.luevano.xyz/tag/@code.html">code</a>, <a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@server.html">server</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@tutorial.html">tutorial</a> </p> </div> </div> diff --git a/live/blog/a/hoy_toco_desarrollo_personaje.html b/live/blog/a/hoy_toco_desarrollo_personaje.html index e67976a..e57dd46 100644 --- a/live/blog/a/hoy_toco_desarrollo_personaje.html +++ b/live/blog/a/hoy_toco_desarrollo_personaje.html @@ -16,13 +16,9 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> -<script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> -<script type="text/javascript"> - hljs.initHighlightingOnLoad(); -</script> -<link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> <!-- og meta --> <meta property="og:title" content="Hoy me tocó desarrollo de personaje -- Luevano's Blog"/> @@ -73,6 +69,11 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>Hoy me tocó desarrollo de personaje</h1> <p>Sabía que hoy no iba a ser un día tan bueno, pero no sabía que iba a estar tan horrible; me tocó desarrollo de personaje y saqué el <em>bad ending</em>.</p> diff --git a/live/blog/a/mail_server_with_postfix.html b/live/blog/a/mail_server_with_postfix.html index c8acc43..95003e5 100644 --- a/live/blog/a/mail_server_with_postfix.html +++ b/live/blog/a/mail_server_with_postfix.html @@ -16,14 +16,21 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> + <!-- highlight support for code blocks --> <script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> <script type="text/javascript"> hljs.initHighlightingOnLoad(); </script> <link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + + + + <!-- og meta --> <meta property="og:title" content="Create a mail server with Postfix, Dovecot, SpamAssassin and OpenDKIM -- Luevano's Blog"/> <meta property="og:type" content="article"/> @@ -73,18 +80,38 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>Create a mail server with Postfix, Dovecot, SpamAssassin and OpenDKIM</h1> - <p>The entry is going to be long because it’s a <em>tedious</em> process. This is also based on <a href="https://github.com/LukeSmithxyz/emailwiz">Luke Smith’s script</a>, but adapted to Arch Linux (his script works on debian-based distributions). This entry is mostly so I can record all the notes required while I’m in the process of installing/configuring the mail server on a new VPS of mine; also I’m going to be writing a script that does everything in one go (for Arch Linux), that will be hosted <a href="https://git.luevano.xyz/server_scripts.git">here</a>.</p> -<p>This configuration works for local users (users that appear in <code>/etc/passwd</code>), and does not use any type of SQL Database. And note that most if not all commands executed here are run with root privileges.</p> -<h3 id="prerequisites">Prerequisites<a class="headerlink" href="#prerequisites" title="Permanent link">¶</a></h3> + <p>The entry is going to be long because it’s a <em>tedious</em> process. This is also based on <a href="https://github.com/LukeSmithxyz/emailwiz">Luke Smith’s script</a>, but adapted to Arch Linux (his script works on debian-based distributions). This entry is mostly so I can record all the notes required while I’m in the process of installing/configuring the mail server on a new VPS of mine; <del>also I’m going to be writing a script that does everything in one go (for Arch Linux), that will be hosted <a href="https://git.luevano.xyz/server_scripts.git">here</a>.</del> <ins>I haven’t had time to do the script so nevermind this, if I ever do it I’ll make a new entry regarding it.</ins></p> +<p>This configuration works for local users (users that appear in <code>/etc/passwd</code>), and does not use any type of SQL database. And note that most if not all commands executed here are run with root privileges, unless stated otherwise.</p> +<h2 id="table-of-contents">Table of contents<a class="headerlink" href="#table-of-contents" title="Permanent link">¶</a></h2> +<div class="toc"> +<ul> +<li><a href="#table-of-contents">Table of contents</a></li> +<li><a href="#prerequisites">Prerequisites</a></li> +<li><a href="#postfix">Postfix</a></li> +<li><a href="#dovecot">Dovecot</a></li> +<li><a href="#opendkim">OpenDKIM</a><ul> +<li><a href="#opendkim-dns-txt-records">OpenDKIM DNS TXT records</a></li> +</ul> +</li> +<li><a href="#spamassassin">SpamAssassin</a></li> +<li><a href="#wrapping-up">Wrapping up</a></li> +</ul> +</div> +<h2 id="prerequisites">Prerequisites<a class="headerlink" href="#prerequisites" title="Permanent link">¶</a></h2> <p>Basically the same as with the <a href="https://blog.luevano.xyz/a/website_with_nginx.html">website with Nginx and Certbot</a>, with the extras:</p> <ul> <li>You will need a <strong>CNAME</strong> for “mail” and (optionally) “www.mail”, or whatever you want to call the sub-domains (although the <a href="https://tools.ietf.org/html/rfc2181#section-10.3">RFC 2181</a> states that it NEEDS to be an <strong>A</strong> record, fuck the police).</li> <li>An SSL certificate. You can use the SSL certificate obtained following my last post using <code>certbot</code> (just create a <code>mail.conf</code> and run <code>certbot --nginx</code> again).</li> -<li>Ports 25, 587 (SMTP), 465 (SMTPS), 143 (IMAP) and 993 (IMAPS) open on the firewall.</li> +<li>Ports <code>25</code>, <code>587</code> (SMTP), <code>465</code> (SMTPS), <code>143</code> (IMAP) and <code>993</code> (IMAPS) open on the firewall (I use <code>ufw</code>).</li> </ul> -<h3 id="postfix">Postfix<a class="headerlink" href="#postfix" title="Permanent link">¶</a></h3> +<h2 id="postfix">Postfix<a class="headerlink" href="#postfix" title="Permanent link">¶</a></h2> <p><a href="https://wiki.archlinux.org/title/postfix">Postfix</a> is a “mail transfer agent” which is the component of the mail server that receives and sends emails via SMTP.</p> <p>Install the <code>postfix</code> package:</p> <pre><code class="language-sh">pacman -S postfix @@ -121,7 +148,7 @@ smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous, noplaintext smtpd_sasl_tls_security_options = noanonymous </code></pre> -<p>Specify the mailbox home (this is going to be a directory inside your user’s home containing the actual mail files):</p> +<p>Specify the mailbox home, this is going to be a directory inside your user’s home containing the actual mail files, for example it will end up being<code>/home/david/Mail/Inbox</code>:</p> <pre><code class="language-apache">home_mailbox = Mail/Inbox/ </code></pre> <p>Pre-configuration to work seamlessly with <code>dovecot</code> and <code>opendkim</code>:</p> @@ -135,8 +162,7 @@ smtpd_milters = inet:127.0.0.1:8891 non_smtpd_milters = inet:127.0.0.1:8891 mailbox_command = /usr/lib/dovecot/deliver </code></pre> -<p>Where <code>{yourdomainname}</code> is <code>luevano.xyz</code> in my case, or if you have <code>localhost</code> configured to your domain, then use <code>localhost</code> for <code>myhostname</code> (<code>myhostname = localhost</code>).</p> -<p>Lastly, if you don’t want the sender’s IP and user agent (application used to send the mail), add the following line:</p> +<p>Where <code>{yourdomainname}</code> is <code>luevano.xyz</code> in my case. Lastly, if you don’t want the sender’s IP and user agent (application used to send the mail), add the following line:</p> <pre><code class="language-apache">smtp_header_checks = regexp:/etc/postfix/smtp_header_checks </code></pre> <p>And create the <code>/etc/postfix/smtp_header_checks</code> file with the following content:</p> @@ -173,7 +199,7 @@ newaliases <pre><code class="language-sh">systemctl start postfix.service systemctl enable postfix.service </code></pre> -<h3 id="dovecot">Dovecot<a class="headerlink" href="#dovecot" title="Permanent link">¶</a></h3> +<h2 id="dovecot">Dovecot<a class="headerlink" href="#dovecot" title="Permanent link">¶</a></h2> <p><a href="https://wiki.archlinux.org/title/Dovecot">Dovecot</a> is an IMAP and POP3 server, which is what lets an email application retrieve the mail.</p> <p>Install the <code>dovecot</code> and <code>pigeonhole</code> (sieve for <code>dovecot</code>) packages:</p> <pre><code class="language-sh">pacman -S dovecot pigeonhole @@ -288,8 +314,8 @@ account required pam_unix.so <pre><code class="language-sh">systemctl start dovecot.service systemctl enable dovecot.service </code></pre> -<h3 id="opendkim">OpenDKIM<a class="headerlink" href="#opendkim" title="Permanent link">¶</a></h3> -<p><a href="https://wiki.archlinux.org/title/OpenDKIM">OpenDKIM</a> is needed so services like G**gle (we don’t mention that name here [[[this is a meme]]]) don’t throw the mail to the trash. DKIM stands for “DomainKeys Identified Mail”.</p> +<h2 id="opendkim">OpenDKIM<a class="headerlink" href="#opendkim" title="Permanent link">¶</a></h2> +<p><a href="https://wiki.archlinux.org/title/OpenDKIM">OpenDKIM</a> is needed so services like G**gle don’t throw the mail to the trash. DKIM stands for “DomainKeys Identified Mail”.</p> <p>Install the <code>opendkim</code> package:</p> <pre><code class="language-sh">pacman -S opendkim </code></pre> @@ -338,7 +364,8 @@ chmod g+r /etc/postfix/dkim/* <pre><code class="language-sh">systemctl start opendkim.service systemctl enable opendkim.service </code></pre> -<p>And don’t forget to add the following <strong>TXT</strong> records on your domain registrar (these examples are for Epik):</p> +<h3 id="opendkim-dns-txt-records">OpenDKIM DNS TXT records<a class="headerlink" href="#opendkim-dns-txt-records" title="Permanent link">¶</a></h3> +<p>Add the following <strong>TXT</strong> records on your domain registrar (these examples are for Epik):</p> <ol> <li><em>DKIM</em> entry: look up your <code>{yoursubdomain}.txt</code> file, it should look something like:</li> </ol> @@ -346,7 +373,7 @@ systemctl enable opendkim.service "p=..." "..." ) ; ----- DKIM key mail for {yourdomain} </code></pre> -<p>In the TXT record you will place <code>{yoursubdomain}._domainkey</code> as the “Host” and <code>"v=DKIM1; k=rsa; s=email; " "p=..." "..."</code> in the “TXT Value” (replace the dots with the actual value you see in your file).</p> +<p>In the <strong>TXT</strong> record you will place <code>{yoursubdomain}._domainkey</code> as the “Host” and <code>"v=DKIM1; k=rsa; s=email; " "p=..." "..."</code> in the “TXT Value” (replace the dots with the actual value you see in your file).</p> <ol start="2"> <li> <p><em>DMARC</em> entry: just <code>_dmarc.{yourdomain}</code> as the “Host” and <code>"v=DMARC1; p=reject; rua=mailto:dmarc@{yourdomain}; fo=1"</code> as the “TXT Value”.</p> @@ -356,7 +383,7 @@ systemctl enable opendkim.service </li> </ol> <p>And at this point you could test your mail for spoofing and more.</p> -<h3 id="spamassassin">SpamAssassin<a class="headerlink" href="#spamassassin" title="Permanent link">¶</a></h3> +<h2 id="spamassassin">SpamAssassin<a class="headerlink" href="#spamassassin" title="Permanent link">¶</a></h2> <p><a href="https://wiki.archlinux.org/title/SpamAssassin">SpamAssassin</a> is just <em>a mail filter to identify spam</em>.</p> <p>Install the <code>spamassassin</code> package (which will install a bunch of ugly <code>perl</code> packages…):</p> <pre><code class="language-sh">pacman -S spamassassin @@ -409,10 +436,10 @@ ExecStart=/usr/bin/vendor_perl/spamd -x -u spamd -g spamd --listen=/run/spamd/sp <pre><code class="language-sh">systemctl start spamassassin.service systemctl enable spamassassin.service </code></pre> -<h3 id="wrapping-up">Wrapping up<a class="headerlink" href="#wrapping-up" title="Permanent link">¶</a></h3> -<p>We should have a working mail server by now. Before continuing check your journal logs (<code>journalctl -xe --unit={unit}</code>, where <code>{unit}</code> could be <code>spamassassin.service</code> for example) to see if there was any error whatsoever and try to debug it, it should be a typo somewhere (the logs are generally really descriptive) because all the settings and steps detailed here just (literally just finished doing everything on a new server as of the writing of this text) worked <em>(((it just werks on my machine)))</em>.</p> +<h2 id="wrapping-up">Wrapping up<a class="headerlink" href="#wrapping-up" title="Permanent link">¶</a></h2> +<p>We should have a working mail server by now. Before continuing check your journal logs (<code>journalctl -xe --unit={unit}</code>, where <code>{unit}</code> could be <code>spamassassin.service</code> for example) to see if there was any error whatsoever and try to debug it, it should be a typo somewhere because all the settings and steps detailed here just worked; I literally just finished doing everything on a new server as of the writing of this text, <mark>it just werks on my machine</mark>.</p> <p>Now, to actually use the mail service: first of all, you need a <em>normal</em> account (don’t use root) that belongs to the <code>mail</code> group (<code>gpasswd -a user group</code> to add a user <code>user</code> to group <code>group</code>) and that has a password.</p> -<p>Next, to actually login into a mail app/program/whateveryouwanttocallit, you will use the following settings, at least for <code>thunderdbird</code>(I tested in windows default mail app and you don’t need a lot of settings):</p> +<p>Next, to actually login into a mail app/program, you will use the following settings, at least for <code>thunderdbird</code>(I tested in windows default mail app and you don’t need a lot of settings):</p> <ul> <li>* server: subdomain.domain (mail.luevano.xyz in my case)</li> <li><strong>SMTP</strong> port: 587</li> @@ -426,10 +453,9 @@ systemctl enable spamassassin.service </ul> <p>All that’s left to do is test your mail server for spoofing, and to see if everything is setup correctly. Go to <a href="https://www.appmaildev.com/en/dkim">DKIM Test</a> and follow the instructions (basically click next, and send an email with whatever content to the email that they provide). After you send the email, you should see something like:</p> <figure id="__yafg-figure-3"> -<img alt="DKIM Test successful" src="images/b/notes/mail/dkim_test_successful.png" title="DKIM Test successful"> +<img alt="DKIM Test successful" src="https://static.luevano.xyz/images/b/notes/mail/dkim_test_successful.png" title="DKIM Test successful"> <figcaption>DKIM Test successful</figcaption> </figure> -<p>Finally, that’s actually it for this entry, if you have any problem whatsoever you can <a href="https://luevano.xyz/contact.html">contact me</a>.</p> <div class="page-nav"> <span class="next"> @@ -459,10 +485,10 @@ systemctl enable spamassassin.service <div class="article-info"> <p>By David Luévano</p> <p>Created: Sun, Mar 21, 2021 @ 04:05 UTC</p> - <p>Modified: Tue, Jun 08, 2021 @ 07:29 UTC</p> + <p>Modified: Fri, May 05, 2023 @ 08:35 UTC</p> <div class="article-tags"> <p>Tags: -<a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@server.html">server</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@tutorial.html">tutorial</a> </p> +<a href="https://blog.luevano.xyz/tag/@code.html">code</a>, <a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@server.html">server</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@tutorial.html">tutorial</a> </p> </div> </div> diff --git a/live/blog/a/new_blogging_system.html b/live/blog/a/new_blogging_system.html index 066f288..9a06766 100644 --- a/live/blog/a/new_blogging_system.html +++ b/live/blog/a/new_blogging_system.html @@ -16,13 +16,12 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> -<script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> -<script type="text/javascript"> - hljs.initHighlightingOnLoad(); -</script> -<link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + + <!-- og meta --> <meta property="og:title" content="I'm using a new blogging system -- Luevano's Blog"/> @@ -73,14 +72,20 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>I'm using a new blogging system</h1> <p>So, I was tired of working with <code>ssg</code> (and then <code>sbg</code> which was a modified version of <code>ssg</code> that I “wrote”), for one general reason: not being able to extend it as I would like; and not just dumb little stuff, I wanted to be able to have more control, to add tags (which another tool that I found does: <code>blogit</code>), and even more in a future.</p> <p>The solution? Write a new program “from scratch” in <em>pYtHoN</em>. Yes it is bloated, yes it is in its early stages, but it works just as I want it to work, and I’m pretty happy so far with the results and have with even more ideas in mind to “optimize” and generally clean my wOrKfLoW to post new blog entries. I even thought of using it for posting into a “feed” like gallery for drawings or pictures in general.</p> <p>I called it <a href="https://github.com/luevano/pyssg"><code>pyssg</code></a>, because it sounds nice and it wasn’t taken in the PyPi. It is just a terminal program that reads either a configuration file or the options passed as flags when calling the program.</p> <p>It still uses Markdown files because I find them very easy to work with. And instead of just having a “header” and a “footer” applied to each parsed entry, you will have templates (generated with the program) for each piece that I thought made sense (idea taken from <code>blogit</code>): the common header and footer, the common header and footer for each entry and, header, footer and list elements for articles and tags. When parsing the Markdown file these templates are applied and stitched together to make a single HTML file. Also generates an RSS feed and the <code>sitemap.xml</code> file, which is nice.</p> -<p>It might sound convoluted, but it works pretty well, with of course room to improve; I’m open to suggestions, issue reporting or direct contributions <a href="https://github.com/luevano/pyssg">here</a>. BTW, it only works on Linux for now (and don’t think on making it work on windows, but feel free to do PR for the compatibility).</p> +<p>It might sound convoluted, but it works pretty well, with of course room to improve; I’m open to suggestions, issue reporting or direct contributions <a href="https://github.com/luevano/pyssg">here</a>. For now, it is only tested on Linux (and don’t think on making it work on windows, but feel free to do PR for the compatibility).</p> <p>That’s it for now, the new RSS feed is available here: <a href="https://blog.luevano.xyz/rss.xml">https://blog.luevano.xyz/rss.xml</a>.</p> +<p><strong>Update</strong>: Since writing this entry, <a href="https://github.com/luevano/pyssg"><code>pyssg</code></a> has evolved quite a bit, so not everything described here is still true. For the latest updates check the newest entries or the git repository itself.</p> <div class="page-nav"> <span class="next"> @@ -110,7 +115,7 @@ <div class="article-info"> <p>By David Luévano</p> <p>Created: Fri, May 28, 2021 @ 03:21 UTC</p> - <p>Modified: Fri, May 28, 2021 @ 03:42 UTC</p> + <p>Modified: Thu, May 04, 2023 @ 18:18 UTC</p> <div class="article-tags"> <p>Tags: <a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@short.html">short</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@update.html">update</a> </p> diff --git a/live/blog/a/password_manager_authenticator_setup.html b/live/blog/a/password_manager_authenticator_setup.html index afd0e45..fbc57d1 100644 --- a/live/blog/a/password_manager_authenticator_setup.html +++ b/live/blog/a/password_manager_authenticator_setup.html @@ -16,13 +16,11 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> -<script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> -<script type="text/javascript"> - hljs.initHighlightingOnLoad(); -</script> -<link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + <!-- og meta --> <meta property="og:title" content="My setup for a password manager and MFA authenticator -- Luevano's Blog"/> @@ -73,10 +71,15 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>My setup for a password manager and MFA authenticator</h1> <p><strong>Disclaimer</strong>: I won’t go into many technical details here of how to install/configure/use the software, this is just supposed to be a short description on my setup.</p> -<p>It’s been a while since I started using a password manager at all, and I’m happy that I started with <a href="https://keepassxc.org/">KeePassXC</a> (open source, multiplatform password manager that it’s completely offline) as a direct recommendation from <a href="https://www.lmcj.xyz/">lm</a>; before this I was using the same password for everything (like a lot of people), which is a well know privacy issue as noted in detail by <a href="https://askleo.com/different-passwords-for-everything/">Leo</a> (I don’t personally recommed LastPass as Leo does). Note that you will still need a <em>master password</em> to lock/unlock your password database (you can additionally use a hardware key and a key file).</p> +<p>It’s been a while since I started using a password manager at all, and I’m happy that I started with <a href="https://keepassxc.org/">KeePassXC</a> (open source, multiplatform password manager that it’s completely offline) as a direct recommendation from <a href="https://www.lmcj.xyz/"><mark>EL ELE EME</mark></a>; before this I was using the same password for everything (like a lot of people), which is a well know privacy issue as noted in detail by <a href="https://askleo.com/different-passwords-for-everything/">Leo</a> (I don’t personally recommed LastPass as Leo does). Note that you will still need a <em>master password</em> to lock/unlock your password database (you can additionally use a hardware key and a key file).</p> <p>Anyways, setting up <em>keepass</em> is pretty simple, as there is a client for almost any device; note that <em>keepass</em> is basically just the format and the base for all of the clients, as its common with pretty much any open source software. In my case I’m using <a href="https://keepassxc.org/">KeePassXC</a> in my computer and <a href="https://www.keepassdx.com/">KeePassDX</a> in my phone (Android). The only concern is keeping everything in sync because <em>keepass</em> doesn’t have any automatic method of synchronizing between devices because of security reasons (as far as I know), meaning that you have to manage that yourself.</p> <p>Usually you can use something like G**gl* drive, dropbox, mega, nextcloud, or any other cloud solution that you like to sync your <em>keepass</em> database between devices; I personally prefer to use <a href="https://syncthing.net/">Syncthing</a> as it’s open source, it’s really easy to setup and has worked wonders for me since I started using it, also it keeps versions of your files that can serve as backups in any scenario where the database gets corrupted or something.</p> <p>Finally, when I went through the issue with the micro SD and the <em>adoptable storage</em> bullshit (you can find the rant <a href="https://blog.luevano.xyz/a/devs_android_me_trozaron.html">here</a>, in spanish) I had to also migrate from <em>G**gl* authenticator</em> (<em>gauth</em>) to something else for the simple reason that <em>gauth</em> doesn’t even let you do backups, nor it’s synched with your account… nothing, it is just standalone and if you ever lose your phone you’re fucked; so I decided to go with <a href="https://getaegis.app/">Aegis authenticator</a>, as it is open source, you have control over all your secret keys, you can do backups directly to the filesystem, you can secure your database with an extra password, etc., etc.. In general <em>aegis</em> is the superior MFA authenticator (at least compared with <em>gauth</em>) and everything that’s compatible with <em>gauth</em> is compatible with <em>aegis</em> as the format is a standard (as a matter of fact, <em>keepass</em> also has this MFA feature which is called TOPT and is also compatible, but I prefer to have things separate). I also use <em>syncthing</em> to keep a backup of my <em>aegis</em> database.</p> @@ -116,7 +119,7 @@ <div class="article-info"> <p>By David Luévano</p> <p>Created: Sun, May 15, 2022 @ 22:40 UTC</p> - <p>Modified: Sun, May 22, 2022 @ 00:24 UTC</p> + <p>Modified: Thu, May 04, 2023 @ 03:49 UTC</p> <div class="article-tags"> <p>Tags: <a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@short.html">short</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a> </p> diff --git a/live/blog/a/rewrote_pyssg_again.html b/live/blog/a/rewrote_pyssg_again.html index 481cb45..a1443d9 100644 --- a/live/blog/a/rewrote_pyssg_again.html +++ b/live/blog/a/rewrote_pyssg_again.html @@ -16,13 +16,12 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> -<script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> -<script type="text/javascript"> - hljs.initHighlightingOnLoad(); -</script> -<link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + + <!-- og meta --> <meta property="og:title" content="Rewrote pyssg again -- Luevano's Blog"/> @@ -73,9 +72,14 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>Rewrote pyssg again</h1> - <p>I’ve been wanting to change the way <a href="https://github.com/luevano/pyssg">pyssg</a> reads config files and generates <code>HTML</code> files so that it is more flexible and I don’t need to have 2 separate build commands and configs (for <a href="https://blog.luevano.xyz">blog</a> and <a href="https://art.luevano.xyz">art</a>), and also to handle other types of “sites”; because <code>pyssg</code> was built with blogging in mind, so it was a bit limited to how it could be used. So I had to kind of <em>rewrite</em> <code>pyssg</code>, and with the latest version I can now generate the whole site and use the same templates for everything, quite neat for my use case.</p> + <p>I’ve been wanting to change the way <a href="https://github.com/luevano/pyssg"><code>pyssg</code></a> reads config files and generates <code>HTML</code> files so that it is more flexible and I don’t need to have 2 separate build commands and configs (for <a href="https://blog.luevano.xyz">blog</a> and <a href="https://art.luevano.xyz">art</a>), and also to handle other types of “sites”; because <code>pyssg</code> was built with blogging in mind, so it was a bit limited to how it could be used. So I had to kind of <em>rewrite</em> <code>pyssg</code>, and with the latest version I can now generate the whole site and use the same templates for everything, quite neat for my use case.</p> <p>Anyways, so I bought a new domain for all <code>pyssg</code> related stuff, mostly because I wanted somewhere to test live builds while developing, it is of course <a href="https://pyssg.xyz">pyssg.xyz</a>; as of now it is the same template, CSS and scripts that I use here, probably will change in the future. I’ll be testing new features and anything <code>pyssg</code> related stuff.</p> <p>I should start pointing all links to <code>pyssg</code> to the actual site instead of the github repository (or my <a href="https://git.luevano.xyz">git</a> repository), but I haven’t decided how to handle everything.</p> @@ -101,6 +105,7 @@ <div class="article-info"> <p>By David Luévano</p> <p>Created: Tue, Dec 20, 2022 @ 04:31 UTC</p> + <p>Modified: Thu, May 04, 2023 @ 03:57 UTC</p> <div class="article-tags"> <p>Tags: <a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@short.html">short</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@update.html">update</a> </p> diff --git a/live/blog/a/tenia_esto_descuidado.html b/live/blog/a/tenia_esto_descuidado.html index 76fa1ed..b30a3b7 100644 --- a/live/blog/a/tenia_esto_descuidado.html +++ b/live/blog/a/tenia_esto_descuidado.html @@ -6,7 +6,7 @@ <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="icon" href="https://static.luevano.xyz/images/icons/favicon.ico"> -<title>Tenia este pex algo descuidado -- Luevano's Blog</title> +<title>Tenía este pex algo descuidado -- Luevano's Blog</title> <meta name="description" content="Nada más un update en el estado del blog y lo que he andado haciendo."/> <link rel="alternate" type="application/rss+xml" href="https://blog.luevano.xyz/rss.xml" title="Luevano's Blog RSS"> <!-- general style --> @@ -16,16 +16,14 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> -<script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> -<script type="text/javascript"> - hljs.initHighlightingOnLoad(); -</script> -<link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + <!-- og meta --> - <meta property="og:title" content="Tenia este pex algo descuidado -- Luevano's Blog"/> + <meta property="og:title" content="Tenía este pex algo descuidado -- Luevano's Blog"/> <meta property="og:type" content="article"/> <meta property="og:url" content="https://blog.luevano.xyz/a/tenia_esto_descuidado.md"/> <meta property="og:image" content="https://static.luevano.xyz/images/b/default.png"/> @@ -73,13 +71,18 @@ </header> <main> - <h1>Tenia este pex algo descuidado</h1> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> + <h1>Tenía este pex algo descuidado</h1> <p>Así es, tenía un poco descuidado este pex, siendo la razón principal que andaba ocupado con cosas de <em>la vida profesional</em>, ayay. Pero ya que ando un poco más despejado y menos estresado voy a seguir usando el blog y a ver qué más hago.</p> -<p>Tengo unas entradas pendientes que quiero hacer del estilo de “tutorial” o “how-to”, pero me lo he estado debatiendo, porque Luke ya empezó a hacerlo más de verdad en <a href="https://landchad.net/">landchad.net</a>, lo cual recomiendo bastante pues igual yo empecé a hacer esto por él (y por <a href="https://lmcj.xyz/">lm</a>); aunque la verdad pues es muy específico a como él hace las cosas y quizá sí puede haber diferencias, pero ya veré en estos días. La próxima que quiero hacer es sobre el VPN, porque no lo he <em>setupeado</em> desde que reinicié El Página Web y La Servidor, entonces acomodaré el VPN de nuevo y de pasada tiro entrada de eso.</p> -<p>También dejé un dibujo pendiente, que la neta lo dejé por 2 cosas: está bien cabrón (porque también lo quiero colorear) y porque estaba ocupado; de lo cuál ya sólo queda el <em>está bien cabrón</em> pero no he tenido el valor de retomarlo. Lo triste es que ya pasó el tiempo del hype y ya no tengo mucha motivación para terminarlo más que el hecho de que cuando lo termine empezaré a usar Clip Studio Paint en vez de Krita, porque compré una licencia ahora que estuvo en 50% de descuento (sí, me mamé).</p> +<p>Tengo unas entradas pendientes que quiero hacer del estilo de “tutorial” o “how-to”, pero me lo he estado debatiendo, porque Luke ya empezó a hacerlo más de verdad en <a href="https://landchad.net/">landchad.net</a>, lo cual recomiendo bastante pues igual yo empecé a hacer esto por él (y por <a href="https://lmcj.xyz/"><mark>EL ELE EME</mark></a>); aunque la verdad pues es muy específico a como él hace las cosas y quizá sí puede haber diferencias, pero ya veré en estos días. La próxima que quiero hacer es sobre el VPN, porque no lo he <em>setupeado</em> desde que reinicié El Página Web y La Servidor, entonces acomodaré el VPN de nuevo y de pasada tiro entrada de eso.</p> +<p>También dejé un dibujo pendiente, que la neta lo dejé por 2 cosas: está bien cabrón (porque también lo quiero colorear) y porque estaba ocupado; de lo cuál ya sólo queda el <em>está bien cabrón</em> pero no he tenido el valor de retomarlo. Lo triste es que ya pasó el tiempo del hype y ya no tengo mucha motivación para terminarlo más que el hecho de que cuando lo termine empezaré a usar Clip Studio Paint en vez de Krita, porque compré una licencia ahora que estuvo en 50% de descuento.</p> <p>Algo bueno es que me he estado sintiendo muy bien conmigo mismo últimamente, aunque casi no hable de eso. Sí hay una razón en específico, pero es una razón algo tonta. Espero así siga.</p> -<p>Ah, y también quería acomodarme una sección de comentarios, pero como siempre, todas las opciones están bien <em>bloated</em>, entonces pues me voy a hacer una en corto seguramente en Python para <em>el back</em>, MySQL para la base de datos y Javascript para la conexión acá en <em>el front</em>, algo tranqui.</p> +<p><del>Ah, y también quería acomodarme una sección de comentarios, pero como siempre, todas las opciones están bien <em>bloated</em>, entonces pues me voy a hacer una en corto seguramente en Python para <em>el back</em>, MySQL para la base de datos y Javascript para la conexión acá en <em>el front</em>, algo tranqui.</del> <ins>Nel, siempre no ocupo esto, pa’ qué.</ins></p> <p>Sobres pues.</p> <div class="page-nav"> @@ -110,6 +113,7 @@ <div class="article-info"> <p>By David Luévano</p> <p>Created: Sun, Jul 18, 2021 @ 07:51 UTC</p> + <p>Modified: Thu, May 04, 2023 @ 18:20 UTC</p> <div class="article-tags"> <p>Tags: <a href="https://blog.luevano.xyz/tag/@short.html">short</a>, <a href="https://blog.luevano.xyz/tag/@spanish.html">spanish</a>, <a href="https://blog.luevano.xyz/tag/@update.html">update</a> </p> diff --git a/live/blog/a/volviendo_a_usar_la_pagina.html b/live/blog/a/volviendo_a_usar_la_pagina.html index 8380991..59a898d 100644 --- a/live/blog/a/volviendo_a_usar_la_pagina.html +++ b/live/blog/a/volviendo_a_usar_la_pagina.html @@ -16,13 +16,11 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> -<script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> -<script type="text/javascript"> - hljs.initHighlightingOnLoad(); -</script> -<link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + <!-- og meta --> <meta property="og:title" content="Volviendo a usar la página -- Luevano's Blog"/> @@ -73,12 +71,17 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>Volviendo a usar la página</h1> <p>Después de mucho tiempo de estar luchando con querer volver a usar este pex (maldita <em>d</em> word y demás), ya me volví a acomodar el setup para agregar nuevas entradas.</p> -<p>Entre las cosas que tuve que hacer fue actualizar el <a href="https://github.com/luevano/pyssg">pyssg</a> porque no lo podía usar de una como estaba; y de pasado le agregue una que otra feature nueva. Luego quiero agregarle más funcionalidad para poder <em>buildear</em> la página completa; por ahora se hace en segmentos: todo lo de <a href="https://luevano.xyz">luevano.xyz</a> está hecho manual, mientras que <a href="https://blog.luevano.xyz">blog</a> y <a href="https://art.luevano.xyz">art</a> usan <a href="https://github.com/luevano/pyssghttps://github.com/luevano/pyssg">pyssg</a>.</p> +<p>Entre las cosas que tuve que hacer fue actualizar el <a href="https://github.com/luevano/pyssg"><code>pyssg</code></a> porque no lo podía usar de una como estaba; y de pasado le agregue una que otra feature nueva. Luego quiero agregarle más funcionalidad para poder <em>buildear</em> la página completa; por ahora se hace en segmentos: todo lo de <a href="https://luevano.xyz">luevano.xyz</a> está hecho manual, mientras que <a href="https://blog.luevano.xyz">blog</a> y <a href="https://art.luevano.xyz">art</a> usan <a href="https://github.com/luevano/pyssg">pyssg</a>.</p> <p>Otra cosa es que quizá me devuelva a editar alguans entradas nada más para homogeneizar las entradas específicas a <em>Create a…</em> (tiene más sentido que sean <em>Setup x…</em> o algo similar).</p> -<p>En otras noticias, estoy muy agusto en el jale que tengo actualmente aunque lleve alrededor de 3 semanas de un infierno por problemas debidos a varias razones (del jale). Debo pensar en si debo omitir cosas personales o del trabajo aquí, ya que quién sabe quién se pueda llegar a topar con esto <em>*thinking emoji*</em>.</p> +<p>En otras noticias, estoy muy agusto en el jale que tengo actualmente aunque lleve alrededor de 3 semanas de un infierno en el jale. Debo pensar en si debo omitir cosas personales o del trabajo aquí, ya que quién sabe quién se pueda llegar a topar con esto <em>*thinking emoji*</em>.</p> <div class="page-nav"> <span class="next"> @@ -108,7 +111,7 @@ <div class="article-info"> <p>By David Luévano</p> <p>Created: Thu, Apr 28, 2022 @ 03:21 UTC</p> - <p>Modified: Thu, Apr 28, 2022 @ 03:28 UTC</p> + <p>Modified: Thu, May 04, 2023 @ 18:23 UTC</p> <div class="article-tags"> <p>Tags: <a href="https://blog.luevano.xyz/tag/@short.html">short</a>, <a href="https://blog.luevano.xyz/tag/@spanish.html">spanish</a>, <a href="https://blog.luevano.xyz/tag/@update.html">update</a> </p> diff --git a/live/blog/a/vpn_server_with_openvpn.html b/live/blog/a/vpn_server_with_openvpn.html index de80c45..6109f37 100644 --- a/live/blog/a/vpn_server_with_openvpn.html +++ b/live/blog/a/vpn_server_with_openvpn.html @@ -16,14 +16,21 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> + <!-- highlight support for code blocks --> <script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> <script type="text/javascript"> hljs.initHighlightingOnLoad(); </script> <link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + + + + <!-- og meta --> <meta property="og:title" content="Create a VPN server with OpenVPN (IPv4) -- Luevano's Blog"/> <meta property="og:type" content="article"/> @@ -73,18 +80,36 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>Create a VPN server with OpenVPN (IPv4)</h1> <p>I’ve been wanting to do this entry, but had no time to do it since I also have to set up the VPN service as well to make sure what I’m writing makes sense, today is the day.</p> <p>Like with any other of my entries I based my setup on the <a href="https://wiki.archlinux.org/title/OpenVPN">Arch Wiki</a>, <a href="https://github.com/Nyr/openvpn-install">this install script</a> and <a href="https://github.com/graysky2/ovpngen">this profile generator script</a>.</p> -<p>This will be installed and working alongside the other stuff I’ve wrote about on other posts (see the <a href="https://blog.luevano.xyz/tag/@server.html">server</a> tag). All commands here are executes as root unless specified otherwise. Also, this is intended only for IPv4 (it’s not that hard to include IPv6, but meh).</p> -<h3 id="prerequisites">Prerequisites<a class="headerlink" href="#prerequisites" title="Permanent link">¶</a></h3> +<p>This will be installed and working alongside the other stuff I’ve wrote about on other posts (see the <a href="https://blog.luevano.xyz/tag/@server.html">server</a> tag). All commands here are executes as root unless specified otherwise. Also, this is intended only for IPv4 (it’s not that hard to include IPv6, but meh). As always, all commands are executed as root unless stated otherwise.</p> +<h2 id="table-of-contents">Table of contents<a class="headerlink" href="#table-of-contents" title="Permanent link">¶</a></h2> +<div class="toc"> +<ul> +<li><a href="#table-of-contents">Table of contents</a></li> +<li><a href="#prerequisites">Prerequisites</a></li> +<li><a href="#create-pki-from-scratch">Create PKI from scratch</a></li> +<li><a href="#openvpn">OpenVPN</a><ul> +<li><a href="#enable-forwarding">Enable forwarding</a></li> +<li><a href="#create-client-configurations">Create client configurations</a></li> +</ul> +</li> +</ul> +</div> +<h2 id="prerequisites">Prerequisites<a class="headerlink" href="#prerequisites" title="Permanent link">¶</a></h2> <p>Pretty simple:</p> <ul> -<li>Working server with root access, and with Ufw as the firewall.</li> -<li>Depending on what port you want to run the VPN on, the default <code>1194</code>, or as a fallback on <code>443</code> (click <a href="https://openvpn.net/vpn-server-resources/advanced-option-settings-on-the-command-line/">here</a> for more). I will do mine on port <code>1194</code> but it’s just a matter of changing 2 lines of configuration and one Ufw rule.</li> +<li>Working server with root access, and with <code>ufw</code> as the firewall.</li> +<li>Depending on what port you want to run the VPN on, the default <code>1194</code>, or as a fallback on <code>443</code> (click <a href="https://openvpn.net/vpn-server-resources/advanced-option-settings-on-the-command-line/">here</a> for more). I will do mine on port <code>1194</code> but it’s just a matter of changing 2 lines of configuration and one <code>ufw</code> rule.</li> </ul> -<h3 id="create-pki-from-scratch">Create PKI from scratch<a class="headerlink" href="#create-pki-from-scratch" title="Permanent link">¶</a></h3> +<h2 id="create-pki-from-scratch">Create PKI from scratch<a class="headerlink" href="#create-pki-from-scratch" title="Permanent link">¶</a></h2> <p>PKI stands for <em>Public Key Infrastructure</em> and basically it’s required for certificates, private keys and more. This is supposed to work between two servers and one client: a server in charge of creating, signing and verifying the certificates, a server with the OpenVPN service running and the client making the request.</p> <p>This is supposed to work something like: 1) a client wants to use the VPN service, so it creates a requests and sends it to the signing server, 2) this server checks the requests and signs the request, returning the certificates to both the VPN service and the client and 3) the client can now connect to the VPN service using the signed certificate which the OpenVPN server knows about. In a nutshell, I’m no expert.</p> <p>… but, to be honest, all of this is a hassle and (in my case) I want something simple to use and manage. So I’m gonna do all on one server and then just give away the configuration file for the clients, effectively generating files that anyone can run and will work, meaning that you need to be careful who you give this files (it also comes with a revoking mechanism, so no worries).</p> @@ -128,8 +153,8 @@ openssl dhparam -out dh.pem 2048 openvpn --genkey secret ta.key </code></pre> <p>That’s it for the PKI stuff and general certificate configuration.</p> -<h3 id="openvpn">OpenVPN<a class="headerlink" href="#openvpn" title="Permanent link">¶</a></h3> -<p><a href="https://wiki.archlinux.org/title/OpenVPN">OpenVPN</a> is a robust and highly flexible VPN daemon, that’s pretty complete feature wise.</p> +<h2 id="openvpn">OpenVPN<a class="headerlink" href="#openvpn" title="Permanent link">¶</a></h2> +<p><a href="https://wiki.archlinux.org/title/OpenVPN">OpenVPN</a> is a robust and highly flexible VPN daemon, that’s pretty complete feature-wise.</p> <p>Install the <code>openvpn</code> package:</p> <pre><code class="language-sh">pacman -S openvpn </code></pre> @@ -231,6 +256,7 @@ verb 3 explicit-exit-notify 1 </code></pre> <p><code>#</code> and <code>;</code> are comments. Read each and every line, you might want to change some stuff (like the logging), specially the first line which is your server public IP.</p> +<h4 id="enable-forwarding">Enable forwarding<a class="headerlink" href="#enable-forwarding" title="Permanent link">¶</a></h4> <p>Now, we need to enable <em>packet forwarding</em> (so we can access the web while connected to the VPN), which can be enabled on the interface level or globally (you can check the different options with <code>sysctl -a | grep forward</code>). I’ll do it globally, run:</p> <pre><code class="language-sh">sysctl net.ipv4.ip_forward=1 </code></pre> @@ -276,7 +302,7 @@ ufw reload systemctl enable openvpn-server@server.service </code></pre> <p>Where the <code>server</code> after <code>@</code> is the name of your configuration, <code>server.conf</code> without the <code>.conf</code> in my case.</p> -<h4 id="create-client-configurations">Create client configurations<a class="headerlink" href="#create-client-configurations" title="Permanent link">¶</a></h4> +<h3 id="create-client-configurations">Create client configurations<a class="headerlink" href="#create-client-configurations" title="Permanent link">¶</a></h3> <p>You might notice that I didn’t specify how to actually connect to our server. For that we need to do a few more steps. We actually need a configuration file similar to the <code>server.conf</code> file that we created.</p> <p>The real way of doing this would be to run similar steps as the ones with <code>easy-rsa</code> locally, send them to the server, sign them, and retrieve them. Nah, we’ll just create all configuration files on the server as I was mentioning earlier.</p> <p>Also, the client configuration file has to match the server one (to some degree), to make this easier you can create a <code>client-common</code> file in <code>/etc/openvpn/server</code> with the following content:</p> @@ -349,7 +375,7 @@ chown nobody:nobody pki/crl.pem chmod o+r pki/crl.pem cd $CPWD </code></pre> -<p>And the way to use is to run <code>vpn_script new/rev client_name</code> as sudo (when revoking, it doesn’t actually deletes the <code>.ovpn</code> file in <code>~/ovpn</code>). Again, this is a little script that I put together, so you should check it out, it may need tweaks (depending on your directory structure for <code>easy-rsa</code>) and it could have errors.</p> +<p>And the way to use is to run <code>vpn_script new/rev client_name</code> as sudo (when revoking, it doesn’t actually delete the <code>.ovpn</code> file in <code>~/ovpn</code>). Again, this is a little script that I put together, so you should check it out, it may need tweaks (depending on your directory structure for <code>easy-rsa</code>).</p> <p>Now, just get the <code>.ovpn</code> file generated, import it to OpenVPN in your client of preference and you should have a working VPN service.</p> <div class="page-nav"> @@ -380,10 +406,10 @@ cd $CPWD <div class="article-info"> <p>By David Luévano</p> <p>Created: Sun, Aug 01, 2021 @ 09:27 UTC</p> - <p>Modified: Sun, Aug 01, 2021 @ 10:13 UTC</p> + <p>Modified: Fri, May 05, 2023 @ 08:36 UTC</p> <div class="article-tags"> <p>Tags: -<a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@server.html">server</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@tutorial.html">tutorial</a> </p> +<a href="https://blog.luevano.xyz/tag/@code.html">code</a>, <a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@server.html">server</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@tutorial.html">tutorial</a> </p> </div> </div> diff --git a/live/blog/a/website_with_nginx.html b/live/blog/a/website_with_nginx.html index 386b95d..6070c82 100644 --- a/live/blog/a/website_with_nginx.html +++ b/live/blog/a/website_with_nginx.html @@ -16,14 +16,21 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> + <!-- highlight support for code blocks --> <script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> <script type="text/javascript"> hljs.initHighlightingOnLoad(); </script> <link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + + + + <!-- og meta --> <meta property="og:title" content="Create a website with Nginx and Certbot -- Luevano's Blog"/> <meta property="og:type" content="article"/> @@ -73,25 +80,39 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>Create a website with Nginx and Certbot</h1> <p>These are general notes on how to setup a Nginx web server plus Certbot for SSL certificates, initially learned from <a href="https://www.youtube.com/watch?v=OWAqilIVNgE">Luke’s video</a> and after some use and research I added more stuff to the mix. And, actually at the time of writing this entry, I’m configuring the web server again on a new VPS instance, so this is going to be fresh.</p> -<p>As a side note, (((i use arch btw))) so everything here es aimed at an Arch Linux distro, and I’m doing everything on a VPS. Also note that most if not all commands here are executed with root privileges.</p> -<h3 id="prerequisites">Prerequisites<a class="headerlink" href="#prerequisites" title="Permanent link">¶</a></h3> +<p>As a side note, <mark>i use arch btw</mark> so everything here es aimed at an Arch Linux distro, and I’m doing everything on a VPS. Also note that most if not all commands here are executed with root privileges.</p> +<h2 id="table-of-contents">Table of contents<a class="headerlink" href="#table-of-contents" title="Permanent link">¶</a></h2> +<div class="toc"> +<ul> +<li><a href="#table-of-contents">Table of contents</a></li> +<li><a href="#prerequisites">Prerequisites</a></li> +<li><a href="#nginx">Nginx</a></li> +<li><a href="#certbot">Certbot</a></li> +</ul> +</div> +<h2 id="prerequisites">Prerequisites<a class="headerlink" href="#prerequisites" title="Permanent link">¶</a></h2> <p>You will need two things:</p> <ul> <li>A domain name (duh!). I got mine on <a href="https://www.epik.com/?affid=da5ne9ru4">Epik</a> (affiliate link, btw).<ul> -<li>With the corresponding <strong>A</strong> and <strong>AAA</strong> records pointing to the VPS’ IPs (“A” record points to the ipv4 address and “AAA” to the ipv6, basically). I have three records for each type: empty one, “www” and “*” for a wildcard, that way “domain.name”, “www.domain.name”, “anythingelse.domain.name” point to the same VPS (meaning that you can have several VPS for different sub-domains).</li> +<li>With the corresponding <strong>A</strong> and <strong>AAA</strong> records pointing to the VPS’ IPs. I have three records for each type: empty string, “www” and “*” for a wildcard, that way “domain.name”, “www.domain.name”, “anythingelse.domain.name” point to the same VPS (meaning that you can have several VPS for different sub-domains). These depend on the VPS provider.</li> </ul> </li> -<li>A VPS or somewhere else to host it. I’m using <a href="https://www.vultr.com/?ref=8732849">Vultr</a> (also an affiliate link).<ul> +<li>A VPS or somewhere else to host it. I’m using <a href="https://www.vultr.com/?ref=8732849">Vultr</a> (also an affiliate link, btw).<ul> <li>With <code>ssh</code> already configured both on the local machine and on the remote machine.</li> -<li>Firewall already configured to allow ports 80 (HTTP) and 443 (HTTPS). I use <code>ufw</code> so it’s just a matter of doing <code>ufw allow 80,443/tcp</code> as root and you’re golden.</li> -<li><code>cron</code> installed if you follow along (you could use <code>systemd</code> timers, or some other method you prefer to automate running commands every X time).</li> +<li>Firewall already configured to allow ports <code>80</code> (HTTP) and <code>443</code> (HTTPS). I use <code>ufw</code> so it’s just a matter of doing <code>ufw allow 80,443/tcp</code> (for example) as root and you’re golden.</li> +<li><code>cron</code> installed if you follow along (you could use <code>systemd</code> timers, or some other method you prefer to automate running commands every certain time).</li> </ul> </li> </ul> -<h3 id="nginx">Nginx<a class="headerlink" href="#nginx" title="Permanent link">¶</a></h3> +<h2 id="nginx">Nginx<a class="headerlink" href="#nginx" title="Permanent link">¶</a></h2> <p><a href="https://wiki.archlinux.org/title/Nginx">Nginx</a> is a web (HTTP) server and reverse proxy server.</p> <p>You have two options: <code>nginx</code> and <code>nginx-mainline</code>. I prefer <code>nginx-mainline</code> because it’s the “up to date” package even though <code>nginx</code> is labeled to be the “stable” version. Install the package and enable/start the service:</p> <pre><code class="language-sh">pacman -S nginx-mainline @@ -100,7 +121,7 @@ systemctl start nginx.service </code></pre> <p>And that’s it, at this point you can already look at the default initial page of Nginx if you enter the IP of your server in a web browser. You should see something like this:</p> <figure id="__yafg-figure-1"> -<img alt="Nginx welcome page" src="images/b/notes/nginx/nginx_welcome_page.png" title="Nginx welcome page"> +<img alt="Nginx welcome page" src="https://static.luevano.xyz/images/b/notes/nginx/nginx_welcome_page.png" title="Nginx welcome page"> <figcaption>Nginx welcome page</figcaption> </figure> <p>As stated in the welcome page, configuration is needed, head to the directory of Nginx:</p> @@ -167,7 +188,7 @@ systemctl restart nginx </code></pre> <p>If everything goes correctly, you can now go to your website by typing <code>domain.name</code> on a web browser. But you will see a “404 Not Found” page like the following (maybe with different Nginx version):</p> <figure id="__yafg-figure-2"> -<img alt="Nginx 404 Not Found page" src="images/b/notes/nginx/nginx_404_page.png" title="Nginx 404 Not Found page"> +<img alt="Nginx 404 Not Found page" src="https://static.luevano.xyz/images/b/notes/nginx/nginx_404_page.png" title="Nginx 404 Not Found page"> <figcaption>Nginx 404 Not Found page</figcaption> </figure> <p>That’s no problem, because it means that the web server it’s actually working. Just add an <code>index.html</code> file with something simple to see it in action (in the <code>/var/www/some_folder</code> that you decided upon). If you keep seeing the 404 page make sure your <code>root</code> line is correct and that the directory/index file exists.</p> @@ -180,7 +201,7 @@ systemctl restart nginx try_files $uri/index.html $uri.html $uri/ $uri =404; ... </code></pre> -<h3 id="certbot">Certbot<a class="headerlink" href="#certbot" title="Permanent link">¶</a></h3> +<h2 id="certbot">Certbot<a class="headerlink" href="#certbot" title="Permanent link">¶</a></h2> <p><a href="https://wiki.archlinux.org/title/Certbot">Certbot</a> is what provides the SSL certificates via <a href="https://letsencrypt.org/">Let’s Encrypt</a>.</p> <p>The only “bad” (bloated) thing about Certbot, is that it uses <code>python</code>, but for me it doesn’t matter too much. You may want to look up another alternative if you prefer. Install the packages <code>certbot</code> and <code>certbot-nginx</code>:</p> <pre><code class="language-sh">pacman -S certbot certbot-nginx @@ -192,7 +213,7 @@ systemctl restart nginx <p>Now, the certificate given by <code>certbot</code> expires every 3 months or something like that, so you want to renew this certificate every once in a while. Using <code>cron</code>, you can do this by running:</p> <pre><code class="language-sh">crontab -e </code></pre> -<p>And a file will be opened where you need to add a new rule for Certbot, just append the line: <code>1 1 1 * * certbot renew</code> (renew on the first day of every month) and you’re good. Alternatively use <code>systemd</code> timers as stated in the <a href="https://wiki.archlinux.org/title/Certbot#Automatic_renewal">Arch Linux Wiki</a>.</p> +<p>And a file will be opened where you need to add a new rule for Certbot, just append the line: <code>1 1 1 * * certbot renew --quiet --agree-tos --deploy-hook "systemctl reload nginx.service"</code> (renew on the first day of every month) and you’re good. Alternatively use <code>systemd</code> timers as stated in the <a href="https://wiki.archlinux.org/title/Certbot#Automatic_renewal">Arch Linux Wiki</a>.</p> <p>That’s it, you now have a website with SSL certificate.</p> <div class="page-nav"> @@ -223,10 +244,10 @@ systemctl restart nginx <div class="article-info"> <p>By David Luévano</p> <p>Created: Fri, Mar 19, 2021 @ 02:58 UTC</p> - <p>Modified: Tue, Jun 08, 2021 @ 07:27 UTC</p> + <p>Modified: Fri, May 05, 2023 @ 08:34 UTC</p> <div class="article-tags"> <p>Tags: -<a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@server.html">server</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@tutorial.html">tutorial</a> </p> +<a href="https://blog.luevano.xyz/tag/@code.html">code</a>, <a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@server.html">server</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@tutorial.html">tutorial</a> </p> </div> </div> diff --git a/live/blog/a/xmpp_server_with_prosody.html b/live/blog/a/xmpp_server_with_prosody.html index 20418ca..9a83ac4 100644 --- a/live/blog/a/xmpp_server_with_prosody.html +++ b/live/blog/a/xmpp_server_with_prosody.html @@ -16,14 +16,21 @@ <!-- theme related --> <script type="text/javascript" src="https://static.luevano.xyz/scripts/theme.js"></script> <link id="theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/css/theme.css"> + <!-- misc functions--> + <script type="text/javascript" src="https://static.luevano.xyz/scripts/return_top.js"></script> <!-- extra --> -<!-- highlight support for code blocks --> + <!-- highlight support for code blocks --> <script type="text/javascript" src="https://static.luevano.xyz/hl/highlight.min.js"></script> <script type="text/javascript"> hljs.initHighlightingOnLoad(); </script> <link id="code-theme-css" rel="stylesheet" type="text/css" href="https://static.luevano.xyz/hl/styles/nord.min.css"> + + + + + <!-- og meta --> <meta property="og:title" content="Create an XMPP server with Prosody compatible with Conversations and Movim -- Luevano's Blog"/> <meta property="og:type" content="article"/> @@ -73,12 +80,29 @@ </header> <main> + <div class="return-top"> + <button class="return-top" onclick="returnTop()" id="returnTopButton"> + <i class="fas fa-arrow-up" alt="Return to top"></i> + </button> + </div> <h1>Create an XMPP server with Prosody compatible with Conversations and Movim</h1> - <p>Recently I set up an XMPP server (and a Matrix one, too) for my personal use and for friends if they want one; made one for <mark><a href="https://lmcj.xyz">EL ELE EME</a></mark> for example. So, here are the notes on how I set up the server that is compatible with the <a href="https://conversations.im/">Conversations</a> app and the <a href="https://movim.eu/">Movim</a> social network. You can see my addresses in <a href="https://luevano.xyz/contact.html">contact</a> and the XMPP compliance/score of the server.</p> -<p>One of the best resources I found that helped me a lot was <a href="https://community.hetzner.com/tutorials/prosody-debian9">Installing and Configuring Prosody XMPP Server on Debian 9</a>, and of course the <a href="https://wiki.archlinux.org/title/Prosody">Arch Wiki</a> and the <a href="https://prosody.im/">oficial documentation</a>.</p> -<p>As with my other entries, this is under a server running Arch Linux, with the Nginx web server and Certbot certificates. And all commands here are executed as root (unless specified otherwise)</p> -<h3 id="prerequisites">Prerequisites<a class="headerlink" href="#prerequisites" title="Permanent link">¶</a></h3> + <p><strong>Update</strong>: I no longer host this XMPP server as it consumed a lot of resources and I wasn’t using it that much. I’ll probably re-create it in the future, though.</p> +<p>Recently I set up an <a href="https://xmpp.org/">XMPP</a> server (and a Matrix one, too) for my personal use and for friends if they want one; made one for <a href="https://lmcj.xyz"><mark>EL ELE EME</mark></a> for example. So, here are the notes on how I set up the server that is compatible with the <a href="https://conversations.im/">Conversations</a> app and the <a href="https://movim.eu/">Movim</a> social network. You can see my addresses at <a href="https://luevano.xyz/contact.html">contact</a> and the XMPP compliance/score of the server.</p> +<p>One of the best resources I found that helped me a lot was <a href="https://community.hetzner.com/tutorials/prosody-debian9">Installing and Configuring Prosody XMPP Server on Debian 9</a>, the <a href="https://wiki.archlinux.org/title/Prosody">Arch Wiki</a> and the <a href="https://prosody.im/">oficial documentation</a>.</p> +<p>As with my other entries, this is under a server running Arch Linux, with the Nginx web server and Certbot certificates. And all commands here are executed as root, unless specified otherwise.</p> +<h2 id="table-of-contents">Table of contents<a class="headerlink" href="#table-of-contents" title="Permanent link">¶</a></h2> +<div class="toc"> +<ul> +<li><a href="#table-of-contents">Table of contents</a></li> +<li><a href="#prerequisites">Prerequisites</a></li> +<li><a href="#prosody">Prosody</a></li> +<li><a href="#nginx-configuration-file">Nginx configuration file</a></li> +<li><a href="#coturn">Coturn</a></li> +<li><a href="#wrapping-up">Wrapping up</a></li> +</ul> +</div> +<h2 id="prerequisites">Prerequisites<a class="headerlink" href="#prerequisites" title="Permanent link">¶</a></h2> <p>Same as with my other entries (<a href="https://luevano.xyz/a/website_with_nginx.html">website</a>, <a href="https://blog.luevano.xyz/a/mail_server_with_postfix.html">mail</a> and <a href="https://blog.luevano.xyz/a/git_server_with_cgit.html">git</a>) plus:</p> <ul> <li><strong>A</strong> and (optionally) <strong>AAA</strong> DNS records for:<ul> @@ -90,16 +114,16 @@ </ul> </li> <li>(Optionally, but recommended) the following <strong>SRV</strong> DNS records; make sure it is pointing to an <strong>A</strong> or <strong>AAA</strong> record (matching the records from the last point, for example):<ul> -<li><code>_xmpp-client._tcp.**your.domain**.</code> for port <code>5222</code> pointing to <code>xmpp.**your.domain**.</code></li> -<li><code>_xmpp-server._tcp.**your.domain**.</code> for port <code>5269</code> pointing to <code>xmpp.**your.domain**.</code></li> -<li><code>_xmpp-server._tcp.muc.**your.domain**.</code> for port <code>5269</code> pointing to <code>xmpp.**your.domain**.</code></li> +<li><code>_xmpp-client._tcp.{your.domain}.</code> for port <code>5222</code> pointing to <code>xmpp.{your.domain}.</code></li> +<li><code>_xmpp-server._tcp.{your.domain}.</code> for port <code>5269</code> pointing to <code>xmpp.{your.domain}.</code></li> +<li><code>_xmpp-server._tcp.muc.{your.domain}.</code> for port <code>5269</code> pointing to <code>xmpp.{your.domain}.</code></li> </ul> </li> <li>SSL certificates for the previous subdomains; similar that with my other entries just create the appropriate <code>prosody.conf</code> (where <code>server_name</code> will be all the subdomains defined above) file and run <code>certbot --nginx</code>. You can find the example configuration file almost at the end of this entry.</li> <li>Email addresses for <code>admin</code>, <code>abuse</code>, <code>contact</code>, <code>security</code>, etc. Or use your own email for all of them, doesn’t really matter much as long as you define them in the configuration and are valid, I have aliases so those emails are forwarded to me.</li> <li>Allow ports <code>5000</code>, <code>5222</code>, <code>5269</code>, <code>5280</code> and <code>5281</code> for <a href="https://prosody.im/doc/ports">Prosody</a> and, <code>3478</code> and <code>5349</code> for <a href="https://webrtc.org/getting-started/turn-server">Turnserver</a> which are the defaults for <code>coturn</code>.</li> </ul> -<h3 id="prosody">Prosody<a class="headerlink" href="#prosody" title="Permanent link">¶</a></h3> +<h2 id="prosody">Prosody<a class="headerlink" href="#prosody" title="Permanent link">¶</a></h2> <p><a href="https://wiki.archlinux.org/title/Prosody">Prosody</a> is an implementation of the XMPP protocol that is flexible and extensible.</p> <p>Install the <code>prosody</code> package (with optional dependencies) and the <code>mercurial</code> package:</p> <pre><code class="language-sh">pacman -S prosody, mercurial, lua52-sec, lua52-dbi, lua52-zlib @@ -111,11 +135,11 @@ mkdir modules-enabled </code></pre> <p>You can see that I follow a similar approach that I used with Nginx and the server configuration, where I have all the modules available in a directory, and make a symlink to another to keep track of what is being used. You can update the repository by running <code>hg pull --update</code> while inside the <code>modules-available</code> directory (similar to Git).</p> <p>Make symbolic links to the following modules:</p> -<pre><code>ln -s /var/lib/prosody/modules-available/MODULE_NAME /var/lib/prosody/modules-enabled/ +<pre><code>ln -s /var/lib/prosody/modules-available/{module_name} /var/lib/prosody/modules-enabled/ ... </code></pre> <ul> -<li>Modules:<ul> +<li>Modules (<code>{module_name}</code>):<ul> <li><code>mod_bookmarks</code></li> <li><code>mod_cache_c2s_caps</code></li> <li><code>mod_checkcerts</code></li> @@ -443,8 +467,8 @@ ln -s your.domain.key SUBDOMAIN.your.domain.key ... </code></pre> <p>That’s basically all the configuration that needs Prosody itself, but we still have to configure Nginx and Coturn before starting/enabling the <code>prosody</code> service.</p> -<h3 id="nginx-configuration-file">Nginx configuration file<a class="headerlink" href="#nginx-configuration-file" title="Permanent link">¶</a></h3> -<p>Since this is not an ordinary configuration file I’m going to describe this too. Your <code>prosody.conf</code> file should have the following location blocks under the main server block (the one that listens to HTTPS):</p> +<h2 id="nginx-configuration-file">Nginx configuration file<a class="headerlink" href="#nginx-configuration-file" title="Permanent link">¶</a></h2> +<p>Since this is not an ordinary configuration file I’m going to describe this, too. Your <code>prosody.conf</code> file should have the following location blocks under the main server block (the one that listens to HTTPS):</p> <pre><code class="language-nginx"># HTTPS server block server { root /var/www/prosody/; @@ -537,11 +561,11 @@ server { ] } </code></pre> -<p>Remember to have your <code>prosody.conf</code> file symlinked (or discoverable by Nginx) to the <code>sites-enabled</code> directory. You can now restart your <code>nginx</code> service (and test the configuration, optionally):</p> +<p>Remember to have your <code>prosody.conf</code> file symlinked (or discoverable by Nginx) to the <code>sites-enabled</code> directory. You can now test and restart your <code>nginx</code> service (and test the configuration, optionally):</p> <pre><code class="language-sh">nginx -t systemctl restart nginx.service </code></pre> -<h3 id="coturn">Coturn<a class="headerlink" href="#coturn" title="Permanent link">¶</a></h3> +<h2 id="coturn">Coturn<a class="headerlink" href="#coturn" title="Permanent link">¶</a></h2> <p><a href="https://github.com/coturn/coturn">Coturn</a> is the implementation of TURN and STUN server, which in general is for (at least in the XMPP world) voice support and external service discovery.</p> <p>Install the <code>coturn</code> package:</p> <pre><code class="language-sh">pacman -S coturn @@ -557,7 +581,7 @@ static-auth-secret=YOUR SUPER SECRET TURN PASSWORD systemctl enable turnserver.service </code></pre> <p>You can test if your TURN server works at <a href="https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/">Trickle ICE</a>. You may need to add a user in the <code>turnserver.conf</code> to test this.</p> -<h3 id="wrapping-up">Wrapping up<a class="headerlink" href="#wrapping-up" title="Permanent link">¶</a></h3> +<h2 id="wrapping-up">Wrapping up<a class="headerlink" href="#wrapping-up" title="Permanent link">¶</a></h2> <p>At this point you should have a working XMPP server, start/enable the <code>prosody</code> service now:</p> <pre><code class="language-sh">systemctl start prosody.service systemctl enable prosody.service @@ -570,7 +594,7 @@ systemctl enable prosody.service <p>Additionally, you can test the security of your server in <a href="https://xmpp.net/index.php">IM Observatory</a>, here you only need to specify your <code>domain.name</code> (not <code>xmpp.domain.name</code>, if you set up the <strong>SRV</strong> DNS records correctly). Again, it should have a similar score to mine:</p> <p><a href='https://xmpp.net/result.php?domain=luevano.xyz&type=client'><img src='https://xmpp.net/badge.php?domain=luevano.xyz' alt='xmpp.net score' /></a></p> <p>You can now log in into your XMPP client of choice, if it asks for the server it should be <code>xmpp.your.domain</code> (or <code>your.domain</code> for some clients) and your login credentials <code>you@your.domain</code> and the password you chose (which you can change in most clients).</p> -<p>That’s it, send me a message <a href="xmpp:david@luevano.xyz">david@luevano.xyz</a> if you were able to set up the server successfully.</p> +<p>That’s it, send me a message at <a href="xmpp:david@luevano.xyz">david@luevano.xyz</a> if you were able to set up the server successfully.</p> <div class="page-nav"> <span class="next"> @@ -600,10 +624,10 @@ systemctl enable prosody.service <div class="article-info"> <p>By David Luévano</p> <p>Created: Wed, Jun 09, 2021 @ 05:24 UTC</p> - <p>Modified: Tue, Dec 20, 2022 @ 04:33 UTC</p> + <p>Modified: Fri, May 05, 2023 @ 08:36 UTC</p> <div class="article-tags"> <p>Tags: -<a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@server.html">server</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@tutorial.html">tutorial</a> </p> +<a href="https://blog.luevano.xyz/tag/@code.html">code</a>, <a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@server.html">server</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@tutorial.html">tutorial</a> </p> </div> </div> |