commit 8fb70355ecb6bd60d875c2c19502b9756aa82282 parent 6e84b34bbe89e2555183e12bc5c4e1b5dbb36849 Author: lash <dev@holbrook.no> Date: Sun, 16 Jun 2024 17:33:19 +0100 Propose rsync uptime article Diffstat:
25 files changed, 273 insertions(+), 516 deletions(-)
diff --git a/content/20210418_keccak.rst b/content.proposed/20210418_keccak.rst diff --git a/content/20210421_docker_vpn.rst b/content.proposed/20210421_docker_vpn.rst diff --git a/content/20210609_python_pipe_args.rst b/content.proposed/20210609_python_pipe_args.rst diff --git a/content/20211022_docker_npm_continued.rst b/content.proposed/20211022_docker_npm_continued.rst diff --git a/content/20220102_qemu_host_fw.rst b/content.proposed/20220102_qemu_host_fw.rst diff --git a/content/20220102_qemu_raw.rst b/content.proposed/20220102_qemu_raw.rst diff --git a/content.proposed/20220112_clortho.rst b/content.proposed/20220112_clortho.rst @@ -0,0 +1,33 @@ +Clortho +####### + +:date: 2022-01-12 15:03 +:modified: 2022-01-12 15:03 +:category: Code +:author: Louis Holbrook +:tags: crypto,hash,sha512,bash,cli +:slug: clortho +:summary: A key value store at your fingertips +:lang: en +:status: draft + + +Ever since I started using the pass_ CLI as my password manager, I've found myself putting all sorts of stuff in there; usernames, email, urls, crypto addresses, api keys, you name it. + +It makes total sense that some of these items are in there. For example, I store the url to a service together with the password, usually accompanied by the username and the email used [1]_. No password recoveries needed. + +However, I've also started putting in things like crypto addresses, or even token smart contract addresses in there, it seems less of a good fit. One thing is that it spams the password directory. But another more sinister issues is that it's pretty clear for anyone reading the directory what items you are storing data for. + + +Hiding the key +============== + +So what if I want to store key/value pairs, and at the same time I want to hide what I am storing? + +.. + + .. [1] I use a different email for each service I sign up to, and for every other context I have to leave my email for something. + +.. + + .. _pass: https://www.passwordstore.org/ diff --git a/content/20221005_forro_wala.rst b/content.proposed/20221005_forro_wala.rst diff --git a/content.proposed/20221015_fresh_git.rst b/content.proposed/20221015_fresh_git.rst @@ -0,0 +1,153 @@ +Keeping your gits in a row +########################## + +:date: 2022-10-15 14:49 +:modified: 2022-10-15 14:49 +:category: Archiving +:author: Louis Holbrook +:tags: git,bash +:slug: git-fresh +:summary: Scripts to keep your local git clone fresh, and help you move them around. +:lang: en +:status: draft + + +I believe that if you use a piece of code, you are also responsible for making sure that that code is available in the future. + +In this spirit, I decided a couple of years ago that I would keep a full clone of all VCS repositories that I use. + + +Dude, I can't be bothered +========================= + +Yeah, yeah, I hear ya. + +But imagine that one day you cannot reach the code repository anymore. + +It could be because you are working where internet is scarce or impossible to rely on. + +It could be that you have to cope with what was in your faraday cage when a giant solar flare happened. + +It could be that you, or the author of the code, have been cut off by the accelerating `weaponization of everything <https://torrentfreak.com/the-eu-wants-its-own-dns-resolver-that-can-block-unlawful-traffic-220119/>`_. + +Or maybe none of the above happened. But you still understand and appreciate what it means to build a truly decentralized society, where we all participate and contribute, not only consume. + + +Git organized +============= + +For every `git` repository that I use, I actually keep a *local copy* on my daily device. + +I also keep a copy on a device at home, *and* on a remote device. + +My thinking is: + +1. If I lose my laptop, I have two copies +2. If my house burns down, I have two copies +3. If my house burns down *with* my laptop inside, I have *at least one more copy*. + +... and so on. + + +I hate to move it, move it +========================== + +Sometimes we have to, though,. + +And what can be a real pain is to move heaps of code repositories around. For example if you are moving to a new machine, or want to bootstrap a new copy without having to source the data yourself. + +To make this easier, I wrote the `gitrefresh bash tool <https://git.defalsify.org/gitrefresh>`_ to copy only the minimum of information required to source the data from a remote. [1]_ + + + + +Freshening up +============= + +To make sense of what is what in the repository store, I use a simple folder structure. + +Obviously, when I create copies of the repository store, I would like to keep the same folder structure. So the tool needed to make that possible. + +Additionally, what's needed are tools to bootstrap a repository group from a list, and a tool to refresh those repositories periodically once they've been bootstrapped. + +To achieve this, I actually wrote `three tools <https://git.defalsify.org/gitrefresh>`_, as follows: + + +`gitlist.sh` +------------ + +create a list of `git` repositories under a filesystem path, with the option of preserving the directory structure. + + +`gitstart.sh` +------------- + +clone `git` repositories from a list generated from :code:`gitlist.sh`, with or without direcory structure. + + +`gitrefresh.sh` +--------------- + +fetch and merge updates from remotes of each repository under a directory. + + +Behavior +======== + +The :code:`gitlist.sh` and :code:`gitrefresh.sh` tools work more or less the same way. + +They traverse a directory structure recursively. + +Every time a valid git repository is found, that repository is processed. Afterwards, the tool will exit to the parent folder. [2]_ + + +Example +------- + +Let's say we have three repositories that we are mirroring locally: + +* :code:`https://github.com/bitcoin/bips` under :code:`btc/bips` +* :code:`https://aur.archlinux.org/libkeccak.git` under :code:`os/archlinux/aur/libkeccak` +* :code:`git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git` under :code:`linux/linux` + +First we use :code:`gitlist.sh` to generate the list of repos to bootstrap [3]_: + +.. code:: console + + $ gitlist.sh -p | tee gitlist.txt + https://github.com/bitcoin/bips btc/bips + https://aur.archlinux.org/libkeccak.git os/archlinux/aur/libkeccak` + git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git linux/linux` + + +Using :code:`gitstart.sh` with this list, we can restore this bunch of repositories *with* the same directory structure anywhere else: + +.. code:: console + + $ cd /path/to/new/repos/location + $ gitstart.sh < gitlist.txt + +Now, the idea is that from time to time you should get the latest changes from the upstream source. + +I simply combine :code:`gitrefresh.sh` with :code:`cron` to do this on the remote, while manually doing the refresh locally once in awhile. + +Using the tool, all it takes is: + +.. code:: console + + $ cd /path/to/new/repos/location + $ gitrefresh.sh pull + + +.. + + .. [1] Yes. I didn't get beyond `git` yet. But at least it's a start. + +.. + + .. [2] This, of course, means that the tool will not automatically archive code from *submodules*. The submodule construct is a target of both a lot of love and a lot of hate. Personally, I like it. But at the same time it is my opinion that it does not absolve us from *knowing* and being *mindful* which submodules a repository is using, and thus making sure that we have an independent clone of that repository. + +.. + + .. [3] We add the :code:`-p` flag to preserve the directory structure on disk. + diff --git a/content.proposed/20230820_ethbb.rst b/content.proposed/20230820_ethbb.rst @@ -0,0 +1,17 @@ +Announcements on the EVM +######################## + +:date: 2021-04-26 07:55 +:category: Hygiene +:author: Louis Holbrook +:tags: evm,shell,communications,python,solidity +:slug: ethbb-evm +:summary: Using the EVM to announce software releases +:lang: en +:status: draft + + +.. code-block:: bash + + # data from celo tx 0x9f4f1e20d0f45c3a683345003452a98c6d75c799a81f8fc5f6db83179ba9c75b + echo -n 0xd1de592ae820c875d3713885fbaab0ca5b8be1d6cd9eff270515614e5aaefbd51a1f65555a30df28f992549c36b4ccf1ff0b196ae0b92f4d154729a92da2b22f93a4eb0b | cut -b11- | fold -w64 diff --git a/content.proposed/20240517_localmd.rst b/content.proposed/20240517_localmd.rst @@ -0,0 +1,30 @@ +Local documentation viewers +########################### + +:date: 2024-05-17 13:35 +:category: Hygiene +:author: Louis Holbrook +:tags: bash,markdown,pandoc,vimb,buku +:slug: internet-up-monitor +:summary: Bash script to render and spawn a viewer for markdown files +:lang: en +:status: draft + + +Have you noticed that when you start a modern gorilla browser, it will always call to the network. + +Be it a chromium or a mozilla, no matter how you tell it no home page, no restoration, and any other available tweak of settings, it will always make at least that one call. + +At first glace, this may be a silly thing to get hung up on. Why would you even use a browser if it wasn't to go online, righT? + + +Pin down Markdown +================= + +I consider Markdown to be the fast-food of documents. + +That doesn't change the fact that it's everywhere. So much everywhere, in fact, that it's kind of puzzling there is not a dedicated tool around to view it. + +There is no shortage of applications that _can_ render markdown. Among the alternatives are free code editors like atom or sublime, the browser plugin Markdown Viewer and even a dedicated markdown editor Mark Test. + +But these are not simple viewers. What is the equivalent of xv or feh for Markdown? Honestly, I couldn't find one. diff --git a/content.proposed/20240616_rsyslog_ups.rst b/content.proposed/20240616_rsyslog_ups.rst @@ -0,0 +1,18 @@ +Python pipe args +################ + +:date: 2024-06-16 16:26:30 +:category: Hygiene +:author: Louis Holbrook +:tags: syslog,rsyslog,network,monitor +:slug: rsyslog-ups +:summary: Simple up-state signaller +:lang: en +:status: draft + +.. include:: code/rsyslog-ups/server.conf + +.. + +.. include:: code/rsyslog-ups/client.conf +~ diff --git a/content.proposed/code/rsyslog-ups/client.conf b/content.proposed/code/rsyslog-ups/client.conf @@ -0,0 +1,8 @@ +$DefaultNetstreamDriver gtls +$DefaultNetstreamDriverCAFile /etc/ssl/certs/home_ca.crt +$ActionSendStreamDriverMode 1 +$ActionSendStreamDriverAuthMode anon +local1.* @@185.124.126.15:32514 + +timezone(id="UTC" offset="+00:00") +lash@maestoso:~$ ca diff --git a/content.proposed/code/rsyslog-ups/server.conf b/content.proposed/code/rsyslog-ups/server.conf @@ -0,0 +1,13 @@ +$DefaultNetstreamDriver gtls +$DefaultNetstreamDriverCAFile /etc/ssl/certs/home_ca.crt +$DefaultNetstreamDriverCertFile /etc/ssl/certs/home_logs.crt +$DefaultNetstreamDriverKeyFile /etc/ssl/private/home_logs.key + +$ModLoad imtcp +$InputTCPServerStreamDriverMode 1 +$InputTCPServerStreamDriverAuthMode anon +$InputTCPServerRun 514 + +$File /var/log/remotes.log +$FileCreateMode 0644 +local1.* -/var/log/remotes.log diff --git a/content/20210425_celery_document_graph.rst b/content/20210425_celery_document_graph.rst @@ -1,32 +0,0 @@ -Documenting Celery task chains -############################## - -:date: 2021-04-25 15:00 -:modified: 2021-04-25 15:00 -:category: Code -:author: Louis Holbrook -:tags: python,microservices,celery -:slug: celery-document-graph -:summary: How do document complex task chains in Python Celery using graphviz -:lang: en -:status: draft - -.. code-block:: python - - current_app.conf.update({ - 'broker_url': broker, - }) - - result = config.get('CELERY_RESULT_URL') - if result[:4] == 'file': - rq = tempfile.mkdtemp() - current_app.conf.update({ - 'result_backend': 'file://{}'.format(rq), - }) - logg.warning('celery backend store dir {} created, will NOT be deleted on shutdown'.format(rq)) - else: - current_app.conf.update({ - 'result_backend': result, - }) - - diff --git a/content/20210510_ipfs_api_dissect.rst b/content/20210510_ipfs_api_dissect.rst @@ -1,50 +0,0 @@ -Dissecting the IPFS get -####################### - -:title: Dissecting the IPFS API -:date: 2021-05-01 08:40 -:slug: ipfs-api-get -:category: Code -:status: draft - - -.. code-block:: bash - - $ curl -X POST "http://localhost:5001/api/v0/object/get?arg=QmWajb6k7oT9HVTq5hgnGZqRxzwwA2g7D33MFjzd2nVcXw" - {"Links":[{"Name":"","Hash":"QmZeEX1hbQtj34TPLdbUwbFtQBGAmanTVUB6HuiTcrLrfQ","Size":262158},{"Name":"","Hash":"QmWdaV34ArzVJH2Si9CxS9b5SxCnmU1HMuEXNA137XoV4f","Size":262158},{"Name":"","Hash":"QmUgSEJDRj7So3x7n8RaUfiLfcDy5CyqY7btJdm6B7z4Ae","Size":131390}],"Data":"\u0008\u0002\u0018\ufffd\ufffd( \ufffd\ufffd\u0010 \ufffd\ufffd\u0010 \ufffd\ufffd\u0008"} - -.. code-block:: bash - - $ curl -X POST "http://localhost:5001/api/v0/get?arg=QmZeEX1hbQtj34TPLdbUwbFtQBGAmanTVUB6HuiTcrLrfQ" | hexdump -C -n1024 - 00000010 4c 64 62 55 77 62 46 74 51 42 47 41 6d 61 6e 54 |LdbUwbFtQBGAmanT| - 00000020 56 55 42 36 48 75 69 54 63 72 4c 72 66 51 00 00 |VUB6HuiTcrLrfQ..| - 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| - * - 00000060 00 00 00 00 30 30 30 30 36 34 34 00 30 30 30 30 |....0000644.0000| - 00000070 30 30 30 00 30 30 30 30 30 30 30 00 30 30 30 30 |000.0000000.0000| - 00000080 31 30 30 30 30 30 30 00 31 34 30 34 36 31 35 33 |1000000.14046153| - 00000090 30 33 36 00 30 31 37 31 37 32 00 20 30 00 00 00 |036.017172. 0...| - 000000a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| - * - 00000100 00 75 73 74 61 72 00 30 30 00 00 00 00 00 00 00 |.ustar.00.......| - 00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| - * - 00000140 00 00 00 00 00 00 00 00 00 30 30 30 30 30 30 30 |.........0000000| - 00000150 00 30 30 30 30 30 30 30 00 00 00 00 00 00 00 00 |.0000000........| - 00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| - * - 00000200 47 49 46 38 39 61 f4 01 7b 01 f7 fb 00 94 31 17 |GIF89a..{.....1.| - 00000210 ac c7 d8 a8 c6 ec d5 70 4b 90 8a 71 e9 cd a9 c6 |.......pK..q....| - -.. code-block:: bash - - $ curl -X POST "http://localhost:5001/api/v0/get?arg=QmZeEX1hbQtj34TPLdbUwbFtQBGAmanTVUB6HuiTcrLrfQ" | dd bs=512 skip=1 > pat.gif - $ curl -X POST "http://localhost:5001/api/v0/get?arg=QmWdaV34ArzVJH2Si9CxS9b5SxCnmU1HMuEXNA137XoV4f" | dd bs=512 skip=1 >> pat.gif - $ curl -X POST "http://localhost:5001/api/v0/get?arg=QmUgSEJDRj7So3x7n8RaUfiLfcDy5CyqY7btJdm6B7z4Ae" | dd bs=512 skip=1 >> pat.gif - -.. code-block:: bash - - $ curl -X POST "http://localhost:5001/api/v0/cat?arg=QmWajb6k7oT9HVTq5hgnGZqRxzwwA2g7D33MFjzd2nVcXw" -o pat2.gif - $ diff pat2.gif pat.gif - $ echo $? - 0 diff --git a/content/20210623_docker_debian.rst b/content/20210623_docker_debian.rst @@ -1,19 +0,0 @@ -Debian repository -################# - -:date: 2021-06-23 13:14 -:category: Offlining -:author: Louis Holbrook -:tags: docker,networking,debian -:slug: docker-offline-4-debian -:summary: How to not be forced being online when forced to use docker -:series: Offline Docker -:seriesprefix: docker-offline -:seriespart: 4 -:lang: en -:status: draft - - -.. - - .. _Mirroring a debian repository with rsync: https://chrisgilmerproj.github.io/debian/mirror/rsync/2013/08/29/mirror-debian.html diff --git a/content/20210623_swarm_qemu.rst b/content/20210623_swarm_qemu.rst @@ -1,59 +0,0 @@ -Self-sufficient swarm on qemu -############################# - -:date: 2021-06-23 12:49 -:modified: 2021-06-23 12:49 -:category: Hygiene -:author: Louis Holbrook -:tags: swarm,golang,qemu -:slug: swarm-qemu -:summary: How do document complex task chains in Python Celery using graphviz -:lang: en -:status: draft -:series: Self-sufficient Swarm -:seriesprefix: swarm-self-sufficient -:seriespart: 1 - - -base debian qemu install -======================== - - -.. code-block:: bash - - dd if=/dev/zero of=debootstrap.bin count=10485760 bs=512 - mkfs.ext4 debootstrap.bin - mount -o loop debootstrap.bin /mnt - debootstrap --arch=amd64 buster /mnt - -.. code-block:: bash - - qemu-system-x86_64 -cdrom /mnt/iso/debian-10.9.0-amd64-xfce-CD-1.iso -hda debian.bin -hdb clef.bin -m 4g --enable-kvm -virtfs local,path=/mnt,id=foo,readonly=on,mount_tag=bar,security_model=passthrough - - - -.. code-block:: bash - - mount -t 9p -o trans=virtio mount_tag /mnt/resource -oversion=9p2000.L,posixacl,msize=104857600,cache=loose - -clef/swarm provisions -===================== - - -ethereum node provisions -======================== - - -xdai requisites -=============== - - -mainchain requisites -==================== - - -orchestration -============= - - - diff --git a/content/20211017_python_virtualenv.rst b/content/20211017_python_virtualenv.rst @@ -1,19 +0,0 @@ -Virtualenv with different pythons -################################# - -:date: 2021-10-17 15:45 -:category: Code -:author: Louis Holbrook -:tags: docker,networking,iptables,iproute -:slug: python-virtualenv-interpreter -:summary: Using a different python interpreter with virtualenv and pip install -:lang: en -:status: draft - - -.. - (.venv) cic-ussd $ export CPPFLAGS="-I/home/lash/src/ext/python/Python-3.8.6/Include -I/home/lash/src/ext/python/Python-3.8.6" - (.venv) cic-ussd $ export CFLAGS="-I/home/lash/src/ext/python/Python-3.8.6/Include -I/home/lash/src/ext/python/Python-3.8.6" - (.venv) cic-ussd $ pip download --global-option=build_ext --global-option "-I/home/lash/src/ext/Python-3.8.6/Include" --index-url https://pypi.org/simple --extra-index-url http://localhost/python --no-binary :all: -d deps/ -r requirements.txt - bcrypt uses cffi, fails with missing header files Python.h and pyconfig.h - diff --git a/content/20220112_clortho.rst b/content/20220112_clortho.rst @@ -1,33 +0,0 @@ -Clortho -####### - -:date: 2022-01-12 15:03 -:modified: 2022-01-12 15:03 -:category: Code -:author: Louis Holbrook -:tags: crypto,hash,sha512,bash,cli -:slug: clortho -:summary: A key value store at your fingertips -:lang: en -:status: draft - - -Ever since I started using the pass_ CLI as my password manager, I've found myself putting all sorts of stuff in there; usernames, email, urls, crypto addresses, api keys, you name it. - -It makes total sense that some of these items are in there. For example, I store the url to a service together with the password, usually accompanied by the username and the email used [1]_. No password recoveries needed. - -However, I've also started putting in things like crypto addresses, or even token smart conrtact addresses in there, it seems less of a good fit. One thing is that it spams the password directory. But another more sinister issues is that it's pretty clear for anyone reading the directory what items you are storing data for. - - -Hiding the key -============== - -So what if I want to store key/value pairs, and at the same time I want to hide what I am storing? - -.. - - .. [1] I use a different email for each service I sign up to, and for every other context I have to leave my email for something. - -.. - - .. _pass: https://www.passwordstore.org/ diff --git a/content/20220124_clique_openethereum.rst b/content/20220124_clique_openethereum.rst @@ -1,43 +0,0 @@ -The clique extra data secret -############################ - -:date: 2022-01-24 20:05 -:category: code -:author: Louis Holbrook -:tags: rust,blockchain,openethereum,ethereum -:slug: openethereum-clique-extradata -:summary: Unlocking the extra data in the clique configuration -:lang: en -:status: draft - - -.. - - extradata: 0x536172616675204b61726962752053616e6100000000000000000000000000005C5aB0D602EEF41f82B6fc087A24e61383589C398c6f7b75d90c3b32bdc9b4fcfbb4ad43c853446a2c0c9d3a9590a3349c8e45ce50446bd276cbb99c1f38132cd7e520d6be0ccba78acc59ab50a82f711ff7cb9d00 - - 32 bytes vanity - 20 bytes address - 65 bytes signature - - -.. code-block:: rust - - ethcore/src/engines/clique/mod.rs - - // Protocol constants - /// Fixed number of extra-data prefix bytes reserved for signer vanity - pub const VANITY_LENGTH: usize = 32; - /// Fixed number of extra-data suffix bytes reserved for signer signature - pub const SIGNATURE_LENGTH: usize = 65; - - -.. code-block:: rust - - ethcore/src/engines/clique/util.rs - - pub fn extract_signers(header: &Header) -> Result<BTreeSet<Address>, Error> { - - ie data.len() <= VANITY_LENGTH + SIGNATURE_LENGTH { - /// Nonce value for DROP vote | Err(EngineError::CliqueCheckpointNoSigner)? - pub const NONCE_DROP_VOTE: H64 = H64([0; 8]); | } - diff --git a/content/20221015_linux_prep.rst b/content/20221015_linux_prep.rst @@ -1,31 +0,0 @@ -The linux prepper -################# - -:date: 2022-10-15 14:37 -:modified: 2022-10-15 14:37 -:category: Offlining -:author: Louis Holbrook -:tags: linux,gnu -:slug: linux-prep-basic -:summary: If you were stranded on a digital island with no internet, then what would wish you had brought? -:lang: en -:status: draft - - -To be honest, I don't even consider keeping your own copies of software and/or version histories as "prepping." - -In fact, I find it digusting to what degree we all take it for granted that there will be *someone* out there making sure that you have what you need at all times. - -I believe this is a responsibility we all have. Making sure linux is always available is not the responsibility of the Linux Foundation. We all share this responsibility. And taking that responsibility doesn't require much. - - -## Planning your stores - -An important question in any backup scheme is how many copies should you have, and where should you store them. - -I keep a remote (VPS) copy and a copy on a device at home. In the case of software that I need frequent access to, like package repositories for code languages or the OS, I keep a copy either on my daily device or a portable external disk. - - -## Fresh your git - -A couple of years back I wrote a tool that I've come to find indispensable in both keeping my git clones up-to-date, but also diff --git a/content/20221020-gnunet-debian-qemu.rst b/content/20221020-gnunet-debian-qemu.rst @@ -1,178 +0,0 @@ -gnunet on qemu from scratch -########################### - -:date: 2022-10-20 14:40 -:modified: 2022-10-20 14:40 -:category: Hygiene -:author: Louis Holbrook -:tags: gnunet,p2p,debian,qemu -:slug: gnunet-debian-qemu -:summary: Set up a clean gnunet instance using debian on a qemu guest. -:lang: en -:status: draft - - -.. - - $ fallocate -l4g deb.bin - $ fallocate -l2g data.bin - $ wget https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-11.5.0-amd64-netinst.iso - $ qemu-system-x86_64 -cdrom debian-11.5.0-amd64-netinst.iso -drive format=raw,file=deb.bin --enable-kvm - # in another terminal window - $ vncviewer localhost:5900 - -Depends - -.. - - git - -.. - - gcc - automake - autoreconf - make - autopoint - recutils - libgnutls30 - iptables - gettext - libtool - libidn2-dev - libltdl-dev - libtool - libgcrypt-dev - libmicrohttpd-dev - libunistring-dev - libjansson-dev - libjose-dev - libgmp-dev - libcurl4-gnutls-dev - texinfo - pkg-config - libz-dev - libsodium-dev - libsqlite3-dev - net-tools - miniupnpc - python3-sphinx - pythno3-sphinx_rtd_theme - -Optionals: - -* miniupnpc for upnpc support -* net-tools provides ifconfig -* sphinx isn't strictly necessary unless building documentation (bootstrap script will complain a bit) - -.. - - $ git clone -b 1436e4266673df53f1a692e4c9c9a74d621b0a8e https://git.gnunet.org/git/gnunet.git - $ cd gnunet - $ ./bootstrap - $ ./configure --disable-documentation --enable-logging=veryverbose - $ make - $ mkdir build - $ make install DESTDIR=$(realpath build) - - -.. - - $ cat <<eof > src.sh - set -a - export LD_LIBRARY_PATH=$(realpath build/usr/local/lib) - export PATH=$(realpath build/usr/local/bin):$PATH - set +a - eof - $ mkdir ~/.config - $ touch ~/.config/gnunet.conf - - -.. - - $ . src.sh - $ gnunet-arm -s - - -## Set up virtual TAP network - -Set up netdev group and udev rule - -.. - - $ groupadd -U <user> netdev - $ cat <<eof > /etc/udev/rules.d/netdev-tun.rules - KERNEL=="tun", GROUP="netdev", MODE="0660", OPTIONS+="static_node=net/tun" - eof - -Given device on host connected to internet is :code:`eth0` - -Source `sttyio`_ for setup and parms. - -Source `stackoverflow`_ for iptables rule - -.. - - $ sudo -s - $ ip tuntap add mode tap name vmm0 group netdev - $ ip link set vmm0 up - -.. - - # seems bridge is not needed, so skip this - # if bridge not exists - $ ip link add brr type bridge - # else - $ ip addr flush dev brr - $ ip addr add 192.168.99.0/24 dev brr - $ ip link set vmm0 master brr - $ ip link set brr up - -.. - - # if dhcp - $ dnsmasq --interface brr --dhcp-range=192.168.9.100,192.168.9.250 - - # make sure dhcp traffic is broadcast - $ iptables -C QEMU - $ iptables -I INPUT 1 -i brr -j QEMU - $ iptables -A QEMU -i brr -p udp -s 0.0.0.0 --sport 68 -d 255.255.255.255 --dport 67 -j ACCEPT - - -.. - - $ iptables -t nat -A POSTROUTING -s 192.168.99.0/24 ! -d 192.168.99.0/24 -j MASQUERADE - # if forwarding is restricted - $ iptables -A FORWARD -i brr -j ACCEPT - $ iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT - - # start it - # if more than one node, new tap interface and different mac - otherwise the mac may be set to same on both guests! - $ qemu-system-x86_64 -drive file=deb.bin,format=raw -drive file=data.bin,format=raw,mac=50:12:34:56:78:90 -m 2g --device virtio-net-pci,netdev=vmm0 -netdev tap,id=vmm0,ifname=vmm0,script=no,downscript=no --enable-kvm - - -### Connect guest to host network - -There will be one interface set up inside the guest, with an ip from dnsmasq. Mine received the name :code:`ens3`. - -My device connected to internet was on :code:`192.168.8.147/24`. - - -.. - - # if not dhcp - $ ip addr add 192.168.99.13/24 dev ens3 - - # TODO check if we can use --dhcp-option for dnsmasq instead to set these automatically - $ ip route add 192.168.8.0/24 dev ens3 - $ ip route add default via 192.168.8.147 - -.. - - # to ssh to the guest if using bridge, make sure specify explicit interface - $ ssh -b 192.168.8.147 root@192.168.99.13 - - -.. _sttyio: https://stty.io/2019/05/13/qemu-vm-wireguard-vpn-tun-tap-networking/ - -.. _stackoverflow: https://unix.stackexchange.com/questions/525822/nat-configuration-for-qemu-kvm-guest-and-host-networks diff --git a/content/20221021_gnunet_nonstandard_ext.rst b/content/20221021_gnunet_nonstandard_ext.rst @@ -1,51 +0,0 @@ -non-standard gnunet location -############################ - -:date: 2022-10-21 17:30 -:modified: 2022-10-21 17:30 -:category: Code -:author: Louis Holbrook -:tags: gnunet,c -:slug: gnunet-nonstandard-lib-location -:summary: Building a gnunet application using a non-standard gnunet library location -:lang: en -:status: draft - - - -## build gnunet - -.. code-block:: console - - $ cd <gnunet-repo-dir> - $ ./bootstrap - $ mkdir build - $ export GNUNET_BUILD_DIR=$(realpath build) - $ ./configure --prefix=$GNUNET_BUILD_DIR --enable-logging=veryverbose --disable-documentation - $ make -j8 # or whatever cpu count you have - # will be installed in ./build - $ make install - -## build extension - -Change the :code:`.project_dirname` from :code:`gnunet_ext` to :code:`gnunet` in the :code:`GNUNET_OS_ProjectData` struct in the tool and service source files, otherwise configuration will be looked up in the wrong location. - -Resolving the gnunet path is done using :code:`libgnunetext.so` so it is important to make sure it has been linked. - -.. code-block:: console - - $ cd <gnunet-ext-repo-dir> - $ export PKG_CONFIG_PATH=$GNUNET_BUILD_DIR/lib/pkgconfig/ - $ ./bootstrap - $ ./configure --with-gnunet=$GNUNET_BUILD_DIR --prefix=$GNUNET_BUILD_DIRk - $ make -j8 CFLAGS="-lgnunetext" - $ make install - -## run extension - -.. code-block:: console - - $ GNUNET_BUILD_DIR=/home/lash/src/build/gnunet/cur/build - $ export PATH=$GNUNET_BUILD_DIR/lib/gnunet/libexec:$GNUNET_BUILD_DIR/bin:$PATH - $ export LD_LIBRARY_PATH=$GNUNET_BUILD_DIR/lib - $ ./build/lib/gnunet/libexec/gnunet-service-ext -L debug diff --git a/lash/templates/base.html b/lash/templates/base.html @@ -35,7 +35,7 @@ <footer id="contentinfo" class="body"> <hr/> <address id="about" class="vcard body"> - Powered by <a title="Pelican is a static site generator" href="https://getpelican.com/">Pelican</a> | <a title="manbytesgnu.com is licensed under Creative Commons Attribution-ShareAlike 4.0 International" href="https://holbrook.no/share/licenses/cc/cc-by-sa-4.0.txt">CC-BY-SA 4.0</a> | <a title="GIT site history since jan 15th 2022" href="https://holbrook.no/src/manbytesgnu_site/log.html">Site history</a> | ETH <a href="./images/donate_eth_qr.png" title="Ethereum address for tipping">0x185Cbce7650FF7Ad3B587E26B2877d95568805e3</a> | BTC <a href="./images/donate_btc_qr.png" title="Bitcoin address for tipping">12DnRH9HpJ6cfET2LKHrURn2yZBDfDEwHv</a> + Powered by <a title="Pelican is a static site generator" href="https://getpelican.com/">Pelican</a> | <a title="manbytesgnu.com is licensed under Creative Commons Attribution-ShareAlike 4.0 International" href="https://holbrook.no/share/licenses/cc/cc-by-sa-4.0.txt">CC-BY-SA 4.0</a> | <a title="GIT site history since jan 15th 2022" href="https://holbrook.no/src/manbytesgnu_site/log.html">Site history</a> | ETH <a href="./images/donate_eth_qr.png" title="Ethereum address for tipping">0x98d0D0a1992d9A0c3C84ccb92182A05c852972d1</a> | BTC <a href="./images/donate_btc_qr.png" title="Bitcoin address for tipping">12DnRH9HpJ6cfET2LKHrURn2yZBDfDEwHv</a> </address><!-- /#about --> </footer><!-- /#contentinfo --> </body>