Initial commit
commit
d1509d47f4
|
@ -0,0 +1,17 @@
|
|||
;; Change this
|
||||
;; Change this
|
||||
(setq org-publish-project-alist
|
||||
'(("qorg11.net"
|
||||
:base-directory "/home/qorg/docs/repos/qorg_org"
|
||||
:publishing-directory "/home/qorg/docs/repos/qorg_org/out_html"
|
||||
:section-numbers nil
|
||||
:publishing-function org-html-publish-to-html
|
||||
:table-of-contents nil
|
||||
:recursive t
|
||||
)))
|
||||
|
||||
(defun make-qorg ()
|
||||
(interactive)
|
||||
(org-publish "qorg11.net"))
|
||||
|
||||
|
|
@ -0,0 +1,25 @@
|
|||
#+INCLUDE: "inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
|
||||
#+TITLE: Suragu.net
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="css/styles.css"/>
|
||||
#+EXPORT_FILE_NAME: about.html
|
||||
|
||||
* About
|
||||
|
||||
This (very alternative) website exists for the sole purpose of
|
||||
existing. This website has no objetive purpose.
|
||||
|
||||
As if someone cared, here's my neofetch.
|
||||
|
||||
#+begin_export html
|
||||
<a href="img/as_if_someone_cared.png"><img src="img/as_if_someone_cared_thumb.jpg"></a>
|
||||
#+end_export
|
||||
|
||||
** About the person
|
||||
|
||||
[[./img/fermin_trujillo.jpg][Freelancer from Spain]]
|
||||
|
||||
|
Binary file not shown.
After Width: | Height: | Size: 32 KiB |
|
@ -0,0 +1,65 @@
|
|||
body {
|
||||
background-color: black;
|
||||
font-family:monospace;
|
||||
background-image: url(../img/stars.png);
|
||||
|
||||
}
|
||||
h1, h2, h3, h4, h5, h6, p {
|
||||
color: white;
|
||||
}
|
||||
|
||||
.content {
|
||||
position: relative;
|
||||
margin-left: 0px;
|
||||
width: 100%;
|
||||
right: -130px;
|
||||
max-width: calc(100% - 130px);
|
||||
}
|
||||
|
||||
.container {
|
||||
border-style:solid;
|
||||
border-color:#c9423f;
|
||||
padding: 10px;
|
||||
margin-bottom: 10px;
|
||||
}
|
||||
|
||||
.cat_image {
|
||||
border-style: solid;
|
||||
border: 1px solid purple;
|
||||
border-left: 0px;
|
||||
border-top: 0px;
|
||||
border-right: 0px;
|
||||
|
||||
}
|
||||
.button > a {
|
||||
text-decoration: none;
|
||||
font-weight: bold;
|
||||
margin-left: auto;
|
||||
margin-right: auto;
|
||||
font-size: 16px;
|
||||
color: #6a0606;
|
||||
margin: auto;
|
||||
|
||||
}
|
||||
.button {
|
||||
border: 1px;
|
||||
border-style: solid;
|
||||
width: 120px;
|
||||
border-color: purple;
|
||||
margin: 2px;
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
.sidebar {
|
||||
position: fixed;
|
||||
top: 0;
|
||||
left: 0;
|
||||
width: 125px;
|
||||
height: 100%;
|
||||
transition: all 0.5s ease;
|
||||
border: 1px solid red;
|
||||
border-top: 0px;
|
||||
border-left: 0px;
|
||||
background-color: rgba(42, 20, 41, .5);
|
||||
|
||||
}
|
Binary file not shown.
After Width: | Height: | Size: 53 KiB |
|
@ -0,0 +1,2 @@
|
|||
</div>
|
||||
<a href="https://soundcloud.com/akvvma/sets/unlimited-aku-works-vol-ii-la-saga-del-exilio"><img src="img/banner_akuma.png" alt="Unlimited Aku works VOL. II La saga del exilio" title="Unlimited Aku works VOL. II La saga del exilio"/></a>
|
|
@ -0,0 +1,23 @@
|
|||
<div class="sidebar">
|
||||
<div class="cat_image">
|
||||
<a href="/">
|
||||
<img src="/img/cat.gif" alt="cat">
|
||||
</a>
|
||||
</div>
|
||||
<div class="button">
|
||||
<a href="/about.html">About</a>
|
||||
</div>
|
||||
<div class="button">
|
||||
<a href="/tech_posts">Tech posts</a>
|
||||
</div>
|
||||
<div class="button">
|
||||
<a href="/media.html">Media log</a>
|
||||
</div>
|
||||
<div class="button">
|
||||
<a href="/blog">blog</a>
|
||||
</div>
|
||||
<div class="button">
|
||||
<a href="https://git.suragu.net">git</a>
|
||||
</div>
|
||||
|
||||
</div>
|
|
@ -0,0 +1,32 @@
|
|||
#+INCLUDE: "inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil ^:nil
|
||||
#+TITLE: SURAGU
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="css/styles.css"/>
|
||||
#+HTML_HEAD_EXTRA: <meta name="viewport" content="initial-scale=1,maximum-scale=1,user-scalable=no" />
|
||||
#+EXPORT_FILE_NAME: index.html
|
||||
|
||||
* suragu.net
|
||||
Welcome to suragu.net! My personal website. In which you can read my
|
||||
philosophical posts or my posts about technology.
|
||||
|
||||
* Contact
|
||||
|
||||
You can contact me through email: chief_keef at riseup dot net or
|
||||
XMPP: keef at this domain
|
||||
* Donate
|
||||
|
||||
If you appreciate my work and wish to say thanks, you can send money
|
||||
to any of these cryptocurrencies addresses:
|
||||
|
||||
- Monero: 87nNzDdnACV614EuueWcwiX16hYNr9cVMACzYExHvGRRf2sHDUydjNvFvoMRBRbJntgxanvE9vzGxLTgenydK8PuSMq9aXC
|
||||
- Bitcoin: bc1q8k6f3ja8na82wl6ehw73uhy67d45pkhs63yvy5
|
||||
|
||||
* Mirrors
|
||||
#+begin_export html
|
||||
<p>
|
||||
<a href="http://sukamuzgxigntu7issqf3y5bfsskwg5zzrzbuqjaxxmhkfoxbgiy77qd.onion">[Tor]</a> <a href="http://46egvt2hpvkqwm5xw4wyyozp6hkwvnmbcys7bi6rh4o4wktllpea.b32.i2p/">[I2P]</a>
|
||||
</p>
|
||||
#+end_export
|
|
@ -0,0 +1,172 @@
|
|||
#+INCLUDE: "inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
|
||||
#+TITLE: Suragu.net
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="css/styles.css"/>
|
||||
#+EXPORT_FILE_NAME: marijuana_reviews.html
|
||||
|
||||
* SURAGU’s Marijuana Reviews
|
||||
|
||||
Creativity, It’s a known fact that grass increases creativity from
|
||||
eight to eleven times. In fact, everyone finds they’re more creative
|
||||
stoned than straight. Humans have always been very creative at the
|
||||
time to get high. In Spain, stoners were so bored that they found a
|
||||
legal loophole that allowed them to legally consume and sell dispense
|
||||
Cannabis buds. Since I joined one of those clubs, my vision of a
|
||||
fucking plant has changed so damn much. Like everything in
|
||||
contemporany society, you have so much choice it’s depressing. In this
|
||||
post I will review all the strains I have tried.
|
||||
|
||||
But I won’t say “this shit dope” because that would be too boring. And
|
||||
I’m also not going to explain how each bud helps you with insomnia,
|
||||
anxiety, depression and ADHD because despite recent research shows
|
||||
it’s not so darn harmful, i’m not an idiot either.
|
||||
|
||||
So I’ll review the buds using Pen & Pixel Graphics album covers. I am
|
||||
not rating the weed on how good the album is. Just in how weird the
|
||||
cover is.
|
||||
|
||||
I’d like to thank my friend Endemic for the idea of making weed
|
||||
reviews with album covers, for showing me all this awesome music and
|
||||
helping me choose the covers.
|
||||
|
||||
Whatever weed you’re smoking. And despite whatever these reviews says
|
||||
about each strain, there’s this quote from Kabuto Makai I the Great
|
||||
that you should never forget:
|
||||
|
||||
“Sea Indica o Sativa me da igual que guay está la keli echandose
|
||||
un mai”
|
||||
|
||||
** Amnesia (grass)
|
||||
|
||||
Amnesia Haze is a classic, is a strain that anyone who has been
|
||||
smoking real weed for more than 2 minutes has tried. With more than
|
||||
20% of THC, the shit will get anyone high. I will give this strain the
|
||||
rating of DJ Screw - The Legend.
|
||||
|
||||
[[./img/covers/thelegend.jpg]]
|
||||
|
||||
DJ Screw in the sky with a skull behind him it’s something I could
|
||||
have never thought of. And going to a cannabis club is also something
|
||||
I would have never thought of. I also find it pretty funny that
|
||||
there’s a car with Screw by its side.
|
||||
|
||||
** Amnesia (Hash)
|
||||
|
||||
Advantages of going to a Cannabis Social Club is that you know that
|
||||
you’re smoking quality grass and quality hash. The hash here is made
|
||||
by the dudes who work at the club, not by a moor sweating in his
|
||||
room. So it has a very high quality.
|
||||
|
||||
The thing with hash is that it is hash. Too strong for some. But me?
|
||||
It only leaves me thinking very weird funny things and I’m so relaxed
|
||||
I can’t move. Then I move to some kind of backrooms. In which I find
|
||||
myself listening to whatever Antonio Recio is saying. Great
|
||||
experience. Amnesia Hash deservers nothing less than Lil Keke - The
|
||||
commision
|
||||
|
||||
[[./img/covers/thecommision.jpg]]
|
||||
|
||||
Where do I start? Where are them? First time I thought it I felt like
|
||||
this was a GTA San Andreas mission. Like the dudes are in the Four
|
||||
Dragons Casino. And I like how the dude is peacefully smoking a cigar
|
||||
when he got 2 bodyguards. I don’t know. It is pretty surreal.
|
||||
|
||||
** Amnesia Hy-Pro
|
||||
|
||||
I don’t even know what Hy-Pro means. The friend who sold me this told
|
||||
me that it has a shitton of THC. I believe him. It did indeed had a
|
||||
shit ton of THC. It was a psychedelic experience. So high I didn’t
|
||||
even know my name. I have not felt something similar to that since
|
||||
then. So I can give this thing nothing less than Juvenile - 400
|
||||
Degrees
|
||||
|
||||
[[./img/covers/400degres.jpg]]
|
||||
|
||||
I wish I could know where to start with this cover. First we can see
|
||||
that they’re in hell. And there’s this dude burning money. and a gold
|
||||
watch. Dude’s rich and he’s showing off. Then we can see, similary to
|
||||
DJ Screw’s The Legend, a giant face of the same dude in the
|
||||
sky. Presumably Juvenile is the devil. If you look both at the left
|
||||
and right side, you can see, scot-free, hookers. Why are there hookers
|
||||
in hell? I can’t tell. Then you have the Parental Advisory sticker. I
|
||||
couldn’t have known.
|
||||
|
||||
** Chocolope
|
||||
|
||||
Chocolope is a Sativa-Dominant strain. Marijuana journalists says that
|
||||
it has a sweet flavour, tasting simillary to chocolate. In my
|
||||
experience, it just tasted like marijuana smoke. I’ve had better highs
|
||||
in my life. Nevertheless Chocolope is a good strain that gives a good
|
||||
effect. Used it to saw Perturbator live and had a great
|
||||
experience. The Chocolope deserves Three 6 Mafia - The end
|
||||
|
||||
[[./img/covers/theend.jpg]]
|
||||
|
||||
I don’t even know how to explain this cover. What are they on? Is that
|
||||
a car? A giant stereo? I genuinely can’t tell. But for some reason
|
||||
they’re into outer space and you can see the earth behind them. The
|
||||
earth is exploding. Maybe it is trying to say that only Three 6 Mafia
|
||||
survived the apocalypse by riding a giant stereo. Riding a giant
|
||||
stereo to outer space is something that could only happen in Memphis,
|
||||
Tennesse.
|
||||
|
||||
** Unknown Indica Strain
|
||||
|
||||
We got a Special Joint for this mysterious strain we can’t remember
|
||||
the name of. We have vague indications that the strain name was
|
||||
“Wedding cake”. Thing is that we thought that C. Indica were for
|
||||
pussies. We were so damn wrong. We were nailed to the couch for at
|
||||
least 15 minutes. To this thing I can only give SSUR - Guerrillas in
|
||||
the midst
|
||||
|
||||
[[./img/covers/guerrilla.jpg]]
|
||||
|
||||
Why does the Che Guevara look like a Monkey, why are there hookers if
|
||||
they’re in the guerrilla. What’s up with the explosion, what’s with
|
||||
all the money? I’d frame this cover if I could.
|
||||
|
||||
** Terps (Hash)
|
||||
|
||||
It is impossible for a Allah’s Follower to make bad hash. These
|
||||
“Terps” is dry extraction of hash. I don’t know what “Dry” means. My
|
||||
Marijuana Master doesn’t know what “Dry” is. So I just asume it is
|
||||
just zoomer expression to say that a hash is good. But to answer the
|
||||
question if “Was it good?” The answer is the following picture:
|
||||
|
||||
[[./img/covers/greatesthits.jpg]]
|
||||
|
||||
We smoked this hash mixed with Weed Marijuana. When we left the CSC,
|
||||
we were in another dimension. Sadly we had to catch the bus later. We
|
||||
were there and all of us started to feel exagerately dizzy. I don’t
|
||||
rememebr anything that happened in the hour of bus. I just remember
|
||||
that I was listening to some music, I can only rememeber “My mind went
|
||||
blank” my DJ Screw (The Legend). Then they woke me up. First thing I
|
||||
see is a bottle full of vomit.
|
||||
|
||||
** Santa Sativa
|
||||
|
||||
#+begin_quote
|
||||
santa: 1. adj sacred; hallowed: holy ground
|
||||
#+end_quote
|
||||
Santa Sativa is a Sativa Dominant Weed Marijuana strain. Relatively
|
||||
high THC and low CBD. First time we tried this the Terps Incident
|
||||
happened. So the weed must have been good shit. Then we smoked this
|
||||
shit and unbeliable things happened. Everyone I thought to be Cannabic
|
||||
Senseis said this strain was one of the best herbs they have ever
|
||||
consumed. Thus, this strain deserves nothing less than: Snoop Dogg -
|
||||
Da Game Is To Be Sold. Not To Be Told.
|
||||
|
||||
[[./img/covers/dagame.jpg]]
|
||||
|
||||
This masterpiece of the contemporany art is deleightful for our
|
||||
eyes. We can see the motherfucking d-o double g holding a walking
|
||||
stick made from gold. For undisclosed reasons. He is outside the
|
||||
“Snoop World” (See Montana Management Co.) The thing is that his
|
||||
mansion looks like a fucking castle you’d see in Disney
|
||||
World. Perspective fucks with us so much in this one. As he is behind
|
||||
Snoop World mansion, he’s sitting in the bonnet. Smoking what seems to
|
||||
be a Swisher Sweet and his arm is in another car. There are also three
|
||||
dogs in the pictures with shining diamonds.
|
|
@ -0,0 +1,131 @@
|
|||
#+INCLUDE: "inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil ^:nil -:nil
|
||||
#+TITLE: suragu.net - Media I've consumed
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="css/styles.css"/>
|
||||
#+EXPORT_FILE_NAME: media.html
|
||||
|
||||
* Media I've consumed
|
||||
Well, someone has said, that in this world there are people for
|
||||
everything, or "it takes all sorts to make a world", so there must be
|
||||
someone interested on the media I consume and what I think about
|
||||
it. So here are music albums, movies and similar.
|
||||
|
||||
As i'm not a professional rater, I'm not gonna rate them, in numbers,
|
||||
i'll just say what I think about the thing and that's it.
|
||||
|
||||
Pssss. You can get some of the media listed [[https://files.suragu.net/][here]].
|
||||
|
||||
** Movies
|
||||
I love the "guy who think he's cool" cinema.
|
||||
|
||||
- *Pulp Fiction (1994)*: The movie is stupid, ridicolous and most
|
||||
pejorative adjectives you can think of. But it's my favorite movie
|
||||
nevertheless.
|
||||
- *Kill Bill (2003-2004)*: Good movies.
|
||||
- *Trainspotting (1996)*: Movie about [[https://concealed.world/home.php][Scottish Drug addicts]]. The thing
|
||||
sends a Good Message. And the movie is really enjoyable.
|
||||
- *T2 Trainspotting (2017)*: Not as good as the original but still
|
||||
passable.
|
||||
- *Ghost in the Shell (1995)*: It's the only anime movie i've
|
||||
watched. It's pretty cyberpunk so i like it.
|
||||
- *Torrente: El brazo tonto de la ley (1997)*: Fucking funny garbage, if
|
||||
i wasn't high i wouldn't have liked the thing.
|
||||
- *Torrente 2: Misión en Marbella*: Idem
|
||||
- *El día de la Bestia (1995)*: My favorite movie this country has made
|
||||
- *Acción mutante (1993)*: One of the movies i laughed the most
|
||||
- *Fear and loathing in Las Vegas (1998)*: I don't know what I watched
|
||||
- *Scarface (1983)*: Masterpiece.
|
||||
- *Navajeros (1980)*: Funny at times but didn't like it at all.
|
||||
- *El pico (1983)*: Way better than Navajeros and has a cool message.
|
||||
- *El pico 2 (1984)*: This one was interesting.
|
||||
- *Scary Movie (2000):* Utter shit. But THC boosts movies.
|
||||
- *Ali G Indahouase:* ???
|
||||
- *The Godfather (1972):* Masterpiece
|
||||
- *Lady Snowblood (1973):* I loved Kill Bill. I loved this even more.
|
||||
- *The great lebowski:* Same as fear and loathing in las vegas.
|
||||
** Videogames
|
||||
Well, now I got a decent computer in which I can play games
|
||||
decently. I have completed all the storyline of these games unless
|
||||
stated otherwhise.
|
||||
|
||||
- *Borderlands 2:* One of my favorite games.
|
||||
- *Borderlands: The Pre-sequel*: Still playing it
|
||||
- *Milk (out|in)side a bag of milk (out|in)side a bag of milk*: Had a [[./img/funny.png][funny frame]]
|
||||
** Anime
|
||||
I'm not much of an anime watcher, but eh, sure. I'm including both
|
||||
anime shows and movies in this section.
|
||||
|
||||
- *Serial Experiments Lain*: The anime is cool. I used to simp for Lain
|
||||
but then I discovered I'm suragu, not a insecure, twitter user
|
||||
- *Paranoia Agent*: I remember once a linguistics teacher I had told me
|
||||
to watch this anime. I watched it and I really enjoyed it. A good
|
||||
satire. I have keked big to this one.
|
||||
- *Texhnolyze*: Made by the same guys that made Lain. But i enjoyed this
|
||||
one more than Lain
|
||||
- *Haibane Renmei*: Made by the same guy as Lain and Texhnolyze, this is
|
||||
the only media that made me cry and i have 0 problems admitting it.
|
||||
- *The curse of Kazuo Umezu*: I can't take gore animes seriously
|
||||
because I analyze the situation, which makes me laugh
|
||||
uncontrollably. Altough it was fun to watch.
|
||||
- *Shoujo Tsubaki (1992)* : The thing stated above doesn't apply for this
|
||||
one. This one is actually depressing.
|
||||
- *Belladonna of Sadness (1973)*: Masterpiece. The Japanese version of
|
||||
Pink Floyd's The Wall. Psychedelic, deep, and weird.
|
||||
|
||||
** Books
|
||||
I know how to read
|
||||
|
||||
- *Neuromancer (1984)*: A drugaddict hacker needs to make money but he
|
||||
can't work because he stole from his bosses.
|
||||
** Music
|
||||
This shit will never be complete.
|
||||
|
||||
- *Big Moe - City of Syrup*
|
||||
- *bôa - Twilight*
|
||||
- *CCR - Pendulum*
|
||||
- *Chief Keef - Finally Rich*
|
||||
- *Chief Keef - The Leek, Vol. 1:* Sounds like Korean Vaporwave
|
||||
- *D.R.I. - Crossover* All songs are the same to be honest
|
||||
- *D.R.I. - Thrash zone* Cool
|
||||
- *DJ Screw - All screwed up Vol. II*
|
||||
- *DJ Screw - 3 N’ The Mornin’ Part One*
|
||||
- *DJ Screw - 3 N' The Mornin' Part Two*
|
||||
- *DJ Screw - The Legend*
|
||||
- *Dr. Octagon - Dr. Octagonecologyst*: Kool Keith is a genius.
|
||||
- *Dr. DOOOM - First come, first served*
|
||||
- *Denzel Curry - Melt my eyez see your future*
|
||||
- *Envidia Kotxina - Asi en la tierra komo en el zielo+*
|
||||
- *Gospel - The Moon is a Dead world*
|
||||
- *Iron Maiden - Somewhere in time* My favorite album from these dudes
|
||||
- *Kanye West - My Beautiful Dark Twisted Fantasy (2010)*
|
||||
- *Kendrick Lamar - DAMN.*
|
||||
- *Kendrick Lamar - Section.80*
|
||||
- *Kendrick Lamar - good kid, m.A.A.d. city:* I listen to this album at night while doing stuff and I like it.
|
||||
- *King Geedorah - Take me to your leader
|
||||
- *Living Death - World neuroses* It’s alright
|
||||
- *MF DOOM - MM..FOOD*
|
||||
- *Metallica - Kill ’em all*
|
||||
- *Metallica - Ride the lighting*
|
||||
- *Metallica - Master of Puppets*
|
||||
- *Metallica - …And Justice for All*
|
||||
- *Megadeth - Rust in peace*
|
||||
- *Megadeth - Countdown to extinction*
|
||||
- *Megadeth - Youthanasia*
|
||||
- *MF Grimm - The hunt for the Gingerbread man:* Underrated.
|
||||
- *Madvillain - Madvillany: Masterpiece.*
|
||||
- *Makaveli - The Don Killuminati: The 7 Day Theory*
|
||||
- *Neutral Milk Hotel - In the airplane over the sea:* Dude please learn how to sing.
|
||||
- *Scattle - Backup*
|
||||
- *Scattle - Visitors*
|
||||
- *TOOL - Lateralus*
|
||||
- *Viktor Vaughn - Vaudeville Villain*
|
||||
- *Wu-Tang Clan - Enter the Wu-Tang*
|
||||
- *Zabutom - Zeta force*
|
||||
- *cLOUDEAD - cLOUDEAD*
|
||||
- *death’s dynamic shroud.wmv - I’ll try living like this*: Used to love it. Now it gives me anxiety.
|
||||
- *smashing pumpkins - mellon collie and the infinite sadness:* My mother likes it
|
||||
- *suicideboys - I want to die in new orleans + some of their EPs*
|
||||
- *わたしのココ - カラダは正直:* I was told by my friend that this was noise, I thought noise was about making music breaking plates and stuff. Album was good.
|
|
@ -0,0 +1,482 @@
|
|||
#+INCLUDE: "inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
|
||||
#+TITLE: suragu.net - OpenBSD
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="css/styles.css"/>
|
||||
#+EXPORT_FILE_NAME: openbsd.html
|
||||
* Fear and Loathing in OpenBSD, or my experiences with OpenBSD
|
||||
The other day I woke up and I thought "I'm going to migrate my server
|
||||
to OpenBSD for absolutely no reason". And so I did. The operating
|
||||
system have been a pain and a pleasure simultaneously, and in this
|
||||
page I intend to give my experiences with it.
|
||||
|
||||
I will be updating this page as I have more experiences with
|
||||
OpenBSD. So add this page to your booksmarks!
|
||||
|
||||
Last update. 2022-06-09
|
||||
|
||||
For questions or comments on this article feel free to reach me out at
|
||||
teru-sama [at] riseup [dot] net
|
||||
|
||||
** Installation
|
||||
The installation process was pretty straightforward, it was just
|
||||
enter, enter, enter, altough I had to connect an ethernet cable for it
|
||||
to download some necessary firmware (so I could use the network card)
|
||||
and thus, the wireless connection.
|
||||
|
||||
** Setting up services
|
||||
*** httpd(8)
|
||||
The website you're in is the website I care the most, kill-9 can wait
|
||||
because that's only a website in which i complain about
|
||||
things. Complaining about everything is not good because in this life,
|
||||
well, in Ozzy Osbourne words, "Learn how to love and forget how to
|
||||
hate". So I'd rather focus on ebin.city and suragu.net for the
|
||||
time.
|
||||
|
||||
OpenBSD ships with the =httpd= web server. A really simple and very
|
||||
secure http server. The main config file is =/etc/httpd.conf= which
|
||||
has a very simple, human readable syntax.
|
||||
|
||||
One of the features of this webserver is that chroots to a
|
||||
directory. Meaning that, to the web server, anything before the given
|
||||
directory (=/var/www= by default), does not exist. So if a vulnerability
|
||||
is found, the attacker can't do much things, as the attacker can't go
|
||||
beyond =/var/www=.
|
||||
*** slowcgi(8)
|
||||
OpenBSD comes out-of-the-box with a FastCGI implementation, which is
|
||||
very simple to use. you only have to add =fastcgi= at the desired site
|
||||
in =httpd.conf= . The following configuration file is enough to
|
||||
execute CGI scripts.
|
||||
#+begin_src conf-space
|
||||
server "suragu.net" {
|
||||
listen on * port 80
|
||||
root "sites/suragu.net"
|
||||
location "/*.cgi" {
|
||||
fastcgi
|
||||
root "sites/suragu.net"
|
||||
}
|
||||
}
|
||||
#+end_src
|
||||
|
||||
But not so fast! Remember that httpd runs in a chroot? Well, your CGI
|
||||
apps won't work by default, because the chroot lacks the binaries that
|
||||
are necessary to execute the program. So if your CGI appliaction is a
|
||||
perl script, you'll have to do something like =cp /usr/bin/perl
|
||||
/var/www/bin=. If your Perl script uses third-party modules, you'll
|
||||
have to copy them to anything that is in =@INC=, so
|
||||
=/usr/var/www/usr/lib/perl5= or something like that. Also your chroot
|
||||
will lack all the core utils. I just installed plan9port and copied
|
||||
the files to =/var/www/bin=, which is more than enough.
|
||||
|
||||
As mentioned before. I haven't been able to setup werc in httpd. Not
|
||||
sure why. I might try to reinstall it some other day. But I guess I'd
|
||||
have to use another server to do that.
|
||||
|
||||
As of 2022-06-02 I got werc to werk under httpd. The config file is a
|
||||
bit weird, but it worked. Altough I had to install an older werc
|
||||
version because the most recent one had some issues. This is the
|
||||
config that worked. Thanks to solene in IRC for the pattern!
|
||||
|
||||
#+begin_src conf-space
|
||||
server "kill-9.xyz" {
|
||||
alias "www.kill-9.xyz"
|
||||
listen on 127.0.0.1 port 1340
|
||||
|
||||
listen on * tls port 443
|
||||
|
||||
tls {
|
||||
certificate "/etc/ssl/kill9cert.pem"
|
||||
key "/etc/ssl/kill9key.pem"
|
||||
}
|
||||
|
||||
# If there's a dot in the URL (i.e. a file extension, don't run it as
|
||||
# a CGI script.)
|
||||
|
||||
location match "%s*%.%s*" {
|
||||
root "/werc/sites/kill-9.xyz"
|
||||
no fastcgi
|
||||
}
|
||||
|
||||
location match "/" {
|
||||
fastcgi param SCRIPT_NAME "/werc/bin/werc.rc"
|
||||
fastcgi param SCRIPT_FILENAME "/werc/bin/werc.rc"
|
||||
fastcgi param DOCUMENT_ROOT "/werc/sites/kill-9.xyz"
|
||||
}
|
||||
root "/werc/sites/kill-9.xyz/"
|
||||
|
||||
|
||||
}
|
||||
#+end_src
|
||||
|
||||
And then I tried to install cgit. When clonning from httpd I got an
|
||||
error I've never got before. Something like "Recieved HTTP/0.9 when
|
||||
not allowed". I don't know what the hell =httpd(8)= meant by that. But
|
||||
it was fixed by nuking the repos and pushing them again from
|
||||
scratch. I guess it had something to do with file corruption. But you
|
||||
have to be crazy on acid to think that sending HTTP/0.9 is a good way
|
||||
to tell a file is corrupted.
|
||||
*** Darknets
|
||||
Not much difference from how you'd install Tor & I2P in a Linux
|
||||
machine. Just install the tor and i2pd packages using =pkg_add(1)= and
|
||||
configure them normally. I had to copy the old private keys from my
|
||||
old machine to the new server. But that was not a big issue. I also
|
||||
migrated from the classic I2P, written in Java to i2pd. Not because I
|
||||
dislike the Java I2P, I think it is, along with Freenet, the only good
|
||||
software written in Java. I just wanted to keep the server as light as
|
||||
possible. And i2pd is way lighter than Java I2P.
|
||||
|
||||
** Programming in OpenBSD
|
||||
OpenBSD claims to be the most secure UNIX out there. This is probably
|
||||
true as it has much features, such as the W^X thing. Which means
|
||||
memory can be written or executed, but not both. Basically an attacker
|
||||
could not execute a buffer overflow attack. Because he can only
|
||||
write. But not execute it. This thing was introdouced in 2003.
|
||||
*** pledge(2)
|
||||
OpenBSD takes security very seriously. This was the reason to be of
|
||||
the =pledge()= syscall. Pledge does, as defined by the manpage:
|
||||
"restrict system operations". This is the prototype:
|
||||
=pledge(const char *promises, const char *execpromises);=
|
||||
|
||||
Check the manpage for the possible promises. This is a quick example:
|
||||
|
||||
|
||||
#+begin_src c
|
||||
#include <stdio.h> /* printf() */
|
||||
#include <unistd.h> /* pledge() */
|
||||
#include <sys/stat.h> /* chmod() */
|
||||
|
||||
int
|
||||
main(void)
|
||||
{
|
||||
/* stdio promise allows basic input output operations. Check the
|
||||
,* manpage for the syscalls this promise allows. */
|
||||
pledge("stdio", "");
|
||||
|
||||
chmod("/etc/passwd",0644);
|
||||
|
||||
return 0;
|
||||
/* This code will crash at runtime. the "stdio" promise doesn't
|
||||
,* allow the chmod() syscall. */
|
||||
}
|
||||
#+end_src
|
||||
|
||||
Running that code will prodouce the following output:
|
||||
|
||||
#+begin_src sh
|
||||
Abort trap (core dumped)
|
||||
#+end_src
|
||||
|
||||
This is very useful, imagine that for example, some injects, somehow,
|
||||
malicious code in your =cat(1)= program. Sending data to a remote
|
||||
server. As cat didn't =pledge("inet",...)=, cat won't be able to
|
||||
create a connection.
|
||||
*** unveil(2)
|
||||
I like this syscall more than =pledge(2)= according to the manpage:
|
||||
"unveil parts of a restricted filesystem view" This means that, except
|
||||
for the file specified in the =unveil()= calls, wont' exist for the
|
||||
program. Consider the following code and its output:
|
||||
|
||||
#+begin_src c
|
||||
#include <unistd.h> /* read(), write(), unveil() */
|
||||
#include <fcntl.h> /* open() and flags */
|
||||
#include <string.h> /* strerror() */
|
||||
#include <errno.h> /* errno variable */
|
||||
#include <stdio.h> /* fprintf() */
|
||||
|
||||
int
|
||||
main(void)
|
||||
{
|
||||
/* This program can exclusively open /etc/httpd.conf for reading. */
|
||||
unveil("/etc/httpd.conf","r");
|
||||
/* This call disables further calls to unveil() */
|
||||
unveil(NULL, NULL);
|
||||
/* What happens if we try to open another file? */
|
||||
int fd = open("/etc/passwd", O_RDONLY);
|
||||
|
||||
if(fd == -1) {
|
||||
fprintf(stderr,"Error opening file: %s\n",
|
||||
strerror(errno));
|
||||
_exit(-1);
|
||||
}
|
||||
|
||||
char buf[8192];
|
||||
int bytes = read(fd, buf, 8192);
|
||||
write(STDOUT_FILENO, buf, bytes);
|
||||
|
||||
return 0;
|
||||
}
|
||||
#+end_src
|
||||
|
||||
Output: =Error opening file: No such file or directory=
|
||||
|
||||
Yes, my /etc/passwd file exists.
|
||||
*** perl(1)
|
||||
Perl is the only scripting language that OpenBSD ships. And they have
|
||||
their reasons you can read [[https://marc.info/?l=openbsd-misc&m=159041121804486&w=2][here]]. This means that Perl comes with
|
||||
support for the OpenBSD weird features. This means that you can call
|
||||
=pledge(2)= and =unveil(2)= from your Perl scripts! Here's an example
|
||||
of that:
|
||||
|
||||
#+begin_src perl
|
||||
#!/usr/bin/perl
|
||||
|
||||
# The syscalls come as modules, so you have to import them, the
|
||||
# subroutines are exported by default.
|
||||
|
||||
use OpenBSD::Pledge;
|
||||
use OpenBSD::Unveil;
|
||||
# The manpage says that, without the "stdio" promise, perl is useless,
|
||||
# so it is called by default no matter what you do.
|
||||
pledge("inet rpath wpath unix"); # Some example promises...
|
||||
unveil("/etc/httpd.conf","r");
|
||||
unveil("/etc/pf.conf","r");
|
||||
unveil(); # Restrict further calls to unveil()
|
||||
|
||||
#+end_src
|
||||
*** strlcpy(3) and strlcat(3)
|
||||
The well known =strncpy(3)= and =strncat(3)= functions copy no more
|
||||
than =n= characters, but these functions are not guaranteed to add the
|
||||
'\0' at the end of the string. =strlcpy(3)= and =strlcat(3)= guarante
|
||||
that the string ends with '\0'
|
||||
*** Makefiles
|
||||
For some reasons, I wanted to rewrite the Makefile of one of my
|
||||
programs. And I discovered that BSD make is much better than GNU
|
||||
make. With GNU Make you have to declare pattern rules. And weird
|
||||
syntax. And you have to write similar makefiles for each program. In
|
||||
OpenBSD this is not necessary because makefile has some kind of
|
||||
"templates". This is a perfectly working makefile, /with =clean= and
|
||||
=install= targets/
|
||||
#+begin_src makefile
|
||||
PROG = sakisafecli
|
||||
SRCS += funcs.c sakisafecli.c
|
||||
MAN = sakisafecli.1 sakisafeclirc.5
|
||||
LDADD = -lssl -lz -lpthread -lnghttp2 -lcurl -lconfig -lcrypto -L/usr/local/lib
|
||||
CPPFLAGS = -I/usr/local/include
|
||||
BINDIR=/usr/local/bin
|
||||
.include <bsd.prog.mk>
|
||||
#+end_src
|
||||
|
||||
This makefile also works in Linux, but using the =bmake= command
|
||||
instead of =make=. It also works in FreeBSD but you'd have to repleace
|
||||
CPPFLAGS with CFLAGS.
|
||||
*** Libraries
|
||||
OpenBSD, unlike every Linux distribution out there, thinks about
|
||||
everyone. And when you download a library through the package manager,
|
||||
it will install the shared objects (for dynamic linking), the header
|
||||
files (which means, no -dev/-devel packages) AND the .a files. For
|
||||
static linking!
|
||||
** Software and the power it holds
|
||||
OpenBSD comes with a lot of software that should be enough for your
|
||||
normal tasks. But, it's not like OpenBSD grabbed some code and put it
|
||||
in the code, no, they wrote their own versions of popular
|
||||
software. And "ported" them to OpenBSD, so the software that comes
|
||||
with the operating system uses the security features, they call
|
||||
=pledge()=. and stuff like that.
|
||||
|
||||
*** mg(1)
|
||||
This is a Emacs clone. For the people who, for any reason, can't (or
|
||||
don't want) to run GNU Emacs. This clone is pretty complete, the only
|
||||
thing it lacks, regarding emacs, is emacs lisp support and syntax
|
||||
highlighting. But this is a good =nano(1)=, =ed(1)= or =vi(1)= repleacement.
|
||||
*** signify(1)
|
||||
GNU Privacy Guard is kinda heavy, and we don't have any other decent
|
||||
OpenPGP implementation. This is the reason of why the OpenBSD devs
|
||||
created =signify(1)=, a tool to cryptographically sign and verify
|
||||
files and messages. And this is the way OpenBSD images are
|
||||
verified. It's pretty simple to use:
|
||||
|
||||
#+begin_src shell-script
|
||||
# Generate pub and sec key. They have to have the same name. Only
|
||||
# changing the file extension
|
||||
|
||||
$ signify -G -c "raoul's signify key" -p raoul.pub -s raoul.sec
|
||||
|
||||
# Sign a file/message
|
||||
|
||||
$ echo "Hello world!" > message.txt
|
||||
$ signify -S -s raoul.sec -m message.txt
|
||||
|
||||
# Verify file/message
|
||||
|
||||
$ signify -V -p raoul.pub -m message.txt
|
||||
|
||||
# Further examples in the manpage.
|
||||
#+end_src
|
||||
*** tmux(1)
|
||||
Tmux, the legendary terminal multiplexer, that is way better than
|
||||
screen, was initially developed for OpenBSD. I don't think I have to
|
||||
talk a lot about tmux because everyone knows it. tmux in OpenBSD comes
|
||||
with all the security features too.
|
||||
*** doas(1)
|
||||
This is a repleacement for sudo that has been developed by OpenBSD. it
|
||||
has also emerged in the linux community. Altough it works best in
|
||||
OpenBSD. I have some issues getting doas to work in Debian, but not in
|
||||
Void Linux. doas is very simple to configure. No need to add yourself
|
||||
to a group or anything like that. You can simply add this to
|
||||
=/etc/doas.conf=
|
||||
|
||||
#+begin_src conf-space
|
||||
permit nopass keepenv raoul as groq
|
||||
# Allow user raoul to execute commands as groq. Keeping all the
|
||||
# environment variables.
|
||||
|
||||
# raoul can't execute commands as any user that is not groq.
|
||||
|
||||
permit nopass keepenv qrog
|
||||
|
||||
# qrog can execute commands as any user.
|
||||
#+end_src
|
||||
*** openrsync(1)
|
||||
Sometimes you want to syncronize files between your computers and
|
||||
servers. And then you realize =cp(1)= is kinda bad for that and =tar=
|
||||
isslow. Then you discover =rsync= and that just works. But this wasn't
|
||||
the case for the OpenBSD guys, they wanted a rsync implementation
|
||||
under the BSD license. So they wrote =[[http://openrsync.org][openrsync=]]. This works just like
|
||||
rsync and, according to the manpage: "openrsync is compatible with
|
||||
rsync protocol version 27 as supported by the samba.org implementation
|
||||
of rsync". Meaning that if you don't have openrsync in other server,
|
||||
it will just worke, and vice versa. This is an example of usage of
|
||||
openrsync.
|
||||
|
||||
#+begin_src shell
|
||||
openrsync --rsync-path=openrsync -av Xanopticon remote_server:/var/www/files/Music
|
||||
#+end_src
|
||||
|
||||
As I don't have =rsync= installed in the remote server, but I have
|
||||
=openrsync=, I specify that the path of =rsync= is =openrsync=. This
|
||||
way it just works.
|
||||
|
||||
*** acme-client(1)
|
||||
Today I recieved a mail telling me that the [[https://kill-9.xyz][kill -9]] certificate
|
||||
expired. "Fuck's sake" --- I inmediatly thought. "I have to renew
|
||||
it". But I was not going to install certbot in this OpenBSD server. So
|
||||
I had to find a way. I remembered that OpenBSD ships with
|
||||
=acme-client=. A program that helps you to generate your certificates
|
||||
for TLS connections. And they can be signed with the Let's Encrypt
|
||||
certificate authority. The config file is pretty simple and
|
||||
intuitive. You can copy and paste it from
|
||||
=/etc/examples/acme-client.conf= and only configure the revelant part
|
||||
that would be your domain. In my case I have it like this:
|
||||
|
||||
#+begin_src conf-space
|
||||
authority letsencrypt {
|
||||
api url "https://acme-v02.api.letsencrypt.org/directory"
|
||||
account key "/etc/acme/letsencrypt-privkey.pem"
|
||||
}
|
||||
|
||||
domain suragu.net {
|
||||
alternative names { "www.suragu.net", "files.suragu.net" }
|
||||
domain key "/etc/ssl/suragu.key" ecdsa
|
||||
domain full chain certificate "/etc/ssl/suragu.crt"
|
||||
sign with letsencrypt
|
||||
}
|
||||
#+end_src
|
||||
|
||||
I used to use wildcard certificates. That were valid to any suragu.net
|
||||
subdomain. But I couldn't make them work in =acme-client=. But as
|
||||
=acme-client= is less of a pain in the ass than certbot. I can
|
||||
certainly just modify the configuration file each time I create a new
|
||||
subdomain. And that doesn't happen too often.
|
||||
** Documentation
|
||||
OpenBSD takes documentation very seriously. So seriously, if a manpage
|
||||
is lacking in a sys util, it's considered a bug. So everything that
|
||||
comes with your OpenBSD installation is very well documented. Config
|
||||
files have their own manpages section, the section 5. so you can learn
|
||||
how to write httpd config files by running =man httpd.conf= This is
|
||||
something more developers should do. There's also the =/etc/examples=
|
||||
directory which contains examples of most config files that you'd want
|
||||
to setup. Those file are commented and everything. But =/etc/examples=
|
||||
always lacks the config file I want or doesn't help at all.
|
||||
** Backups
|
||||
I am a self-proclaimed good sysadmin. This means I should be able to
|
||||
do backups and restore them. Not gonna lie, before OpenBSD i haven't
|
||||
had any backup. Though I have heard that you can do incremental
|
||||
backups with =tar(1)=. I guess this could be useful. But OpenBSD comes
|
||||
with it's features and things. These tools are =dump(8)= and
|
||||
=restore(8)=. Those were a bit confusing to me until I learned how to
|
||||
use them properly. You can read the manpages for [[https://man.openbsd.org/dump.8][=dump(8)=]] and
|
||||
[[https://man.openbsd/restore.8][=restore(8)=]] which explains pretty well how to use the software. At
|
||||
least that's what should have happened. Because it didn't. For some
|
||||
reason OpenBSD insists in using tapes in 2022. So yeah, apparently the
|
||||
-a flag is mandatory these days. You can use this command to backup a
|
||||
directory, =/etc= in this case.
|
||||
#+begin_src shell-script
|
||||
# 0 means it is a level 0 backup. Next backup should be level 1, then
|
||||
# 2... Read the manpage for more details.
|
||||
$ doas dump -0uaf backup_etc.dump /etc
|
||||
#+end_src
|
||||
This will take some time depending how big the directory is. =/etc= is
|
||||
usually not too big so this example will not take a lot of time.
|
||||
|
||||
After 1 hour of wondering why my backup wasn't working, i discovered
|
||||
that =restore(8)= takes everything as relative paths. Meaning that it
|
||||
will restore to the directory you're in, so if you do =restore
|
||||
-xfbackup_etc.dump /etc/httpd.conf=, it will restore it to
|
||||
=$PWD/etc/httpd.conf=, not to =/etc/httpd.conf=. So you should cd to /
|
||||
when restoring backups, something like this:
|
||||
|
||||
#+begin_src sh
|
||||
cd /
|
||||
restore -xf /var/backups/backup_etc.dump /etc/
|
||||
#+end_src
|
||||
** Network
|
||||
First I tried to use the wifi card my computer came with. But for some
|
||||
reason it kept sayin =wpi0: device timeout=. Leaving my computer
|
||||
without connection. So I had to connect the Ethernet cable. And I
|
||||
thought that that would solve the connection problem. But today I woke
|
||||
up and my computer did not have internet connection. But it had LAN
|
||||
connection. Not sure what happened. And well, that's the reason of why
|
||||
my site was down. I'll try to fix it.
|
||||
*** Firewall
|
||||
OpenBSD comes with a firewall, called pf, which stands for Packet
|
||||
Filter. As every other software developed by OpenBSD, it uses its
|
||||
simple config file.
|
||||
|
||||
I used the firewall to deny ssh requests from every IP address except
|
||||
my local network (that is, 192.168.0.0/16) and from my static IPv6
|
||||
address.
|
||||
|
||||
At first the rules were not working for the IPv6 address, because I
|
||||
don't have IPv6 at home, I use a WireGuard interface for that for
|
||||
that, and pf didn't know that. So I had to specify that those rules
|
||||
should also apply to the wireguard interface, like this:
|
||||
|
||||
=pass in on {egress wg0} ...=
|
||||
|
||||
And that just worked.
|
||||
|
||||
Yiou can also limit the connection of an user. For example, the
|
||||
following line will disable all the connection for the user 'groq':
|
||||
|
||||
#+begin_src conf-space
|
||||
# Block outcoming connections to user raoul.
|
||||
block return out proto {tcp udp} user raoul
|
||||
# Block incoming connection to user raoul. Not sure how useful this is.
|
||||
block return in proto {tcp udp} user raoul
|
||||
#+end_Src
|
||||
|
||||
And I've also added some IP addresses that have tried to exploit,
|
||||
ehem, WordPress vulnerabilities in my webserver. I added them to a
|
||||
file, =/etc/spammers=. And used a =pf(8)= feature to block all of
|
||||
them. And I also wanted that ssh would be disabled for everyone except
|
||||
for the machines in the Local Area Network. So only people in my
|
||||
network could ssh to my server. pf.conf has a very readable syntax,
|
||||
which makes this very easy:
|
||||
|
||||
#+begin_src conf-space
|
||||
# Good/Dreaded IP ranges
|
||||
table <localnet> const { 192.168.0.0/16 }
|
||||
table <spammers> const file "/etc/spammers"
|
||||
|
||||
# Block spammers requests to the server. Also requests to spammers.
|
||||
|
||||
block in on { egress wg0 } from <spammers> to any
|
||||
|
||||
# Allow SSH access from the LAN
|
||||
|
||||
block return in log proto tcp from any to port ssh pass in on egress
|
||||
proto tcp from <localnet> to port 22
|
||||
#+end_src
|
||||
|
|
@ -0,0 +1,61 @@
|
|||
#+INCLUDE: "../inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
|
||||
#+TITLE: suragu.net - Brotli in OpenBSD's httpd
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
|
||||
#+EXPORT_FILE_NAME: index.xhtml
|
||||
|
||||
* Brotli in OpenBSD's httpd
|
||||
|
||||
The modern web is heavy. My website is not heavy, but I still wanted
|
||||
to add compression because why not. Fortunately, compression
|
||||
algorithms exists. Some web servers send compressed versions of the
|
||||
file they serve, to serve bandwith, or to make the site load
|
||||
faster. There are other methods to serve bandwith like minimized CSS,
|
||||
HTML and JavaScript. But I think we can all agree that using a
|
||||
compression algorithm is a better way to accomplish this.
|
||||
|
||||
The main compression algorithm supported by browsers (and web servers)
|
||||
is gzip. A compression algorithm that has been with us
|
||||
since 1992. It's kinda old, but still serves its purpose pretty
|
||||
well. Especially when you use all of its power with the =-9=
|
||||
flag. Which compresses the file way better. At the cost of slower
|
||||
speed of compression and decompression. But this isn't a big problem
|
||||
since the client isn't receiving large files, like more than 100MBs,
|
||||
the client is receiving HTMl, CSS and maybe JavaScript. Not binary
|
||||
files (compression is kinda counterproducent with binary files).
|
||||
|
||||
The OpenBSD httpd comes with the =gzip-static= option, you just add it
|
||||
wherever inside a =server= block in your httpd.conf. Then you =cd= to
|
||||
your webroot and run this command: =gzip -9k *.html=
|
||||
|
||||
=-9= was explained before. And =-k= tells gzip not to delete the files
|
||||
after they have been compressed. As =gzip= deletes the original
|
||||
file. keeping only the =.gz= file.
|
||||
|
||||
This should be enough for most scenarios. gzip compresses files really
|
||||
well. But I wanted more. So I made some changes to the httpd source
|
||||
code to add brotli support.
|
||||
|
||||
At first. I wanted to add zstd support to httpd. And when I had
|
||||
everything done. curl was receiving the zstd files instead of the
|
||||
original files, I realized that browsers do not (yet) have zstd
|
||||
support. So I decided to use brotli instead. It wasn't that difficult
|
||||
to accomplish as I already wrote the hard part. I only had to replace
|
||||
"zstd" with "br".
|
||||
|
||||
This isn't done automatically. If you currently have =gzip-static= on your httpd
|
||||
configuration. You must replace it with =br-static=. And then you have
|
||||
to remove all the =.gz= files in your webroot (as they aren't needed
|
||||
anymore). Then you can read the =brotli= manpage to learn how to use
|
||||
brotli. But I wanted maximum compression. So this command was enough:
|
||||
=brotli --max --keep *.xhtml=.
|
||||
|
||||
[[../img/brotli_httpd.png]]
|
||||
|
||||
You can download the patch [[https://ls.raoul11.net/files/KbQBFQat/brotli.patch][here]].
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,211 @@
|
|||
#+INCLUDE: "../inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
|
||||
#+options: ^:{}
|
||||
#+TITLE: SURAGU - Using BSD make
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
|
||||
|
||||
* Using BSD make for your (small) project
|
||||
For questions or comments on this article feel free to reach me out at
|
||||
teru-sama [at] riseup [dot] net.
|
||||
|
||||
Alright, so you wrote your software! Bad news kid, now you have to
|
||||
compile it! Worse than that, you have to make that the compilation is
|
||||
not a pain in the ass so more people can actually use your software!
|
||||
|
||||
Thankfully, developers thought about on the unbearable pain of
|
||||
compiling software, and thus =make= was born. =make=, A =makefile= is
|
||||
a set of instructions that tells the software =make= how to compile
|
||||
the software. Being honest, if you're in this website you already know
|
||||
what =make= is.
|
||||
|
||||
BSD Make (also called =bmake=) comes with interesting features that
|
||||
make writing makefiles easier. As it comes with some kind of templates
|
||||
that will surely help you at the time of writing the makefile, bsd
|
||||
makefiles tend to be readable and easily editable. Consider this
|
||||
source tree. I am adding libcurl to this example to add some
|
||||
"complexity" to the makefile.
|
||||
|
||||
main.c:
|
||||
#+begin_src c -n -r
|
||||
#include <stdio.h>
|
||||
|
||||
/* Not gonna create an header file for a simple makefile
|
||||
,* example.... */
|
||||
|
||||
void
|
||||
get_url(const char *s);
|
||||
|
||||
int
|
||||
main(void)
|
||||
{
|
||||
puts("getting suragu.net...");
|
||||
get_url("suragu.net");
|
||||
}
|
||||
#+end_src
|
||||
|
||||
geturl.c:
|
||||
|
||||
#+begin_src c +n
|
||||
#include <curl/curl.h>
|
||||
|
||||
void
|
||||
get_url(const char *s)
|
||||
{
|
||||
CURL *curl = curl_easy_init();
|
||||
curl_easy_setopt(curl,CURLOPT_URL,s);
|
||||
curl_easy_setopt(curl,CURLOPT_WRITEDATA,stdout);
|
||||
|
||||
curl_easy_perform(curl);
|
||||
|
||||
curl_easy_cleanup(curl);
|
||||
|
||||
}
|
||||
#+end_src
|
||||
|
||||
This, the traditional Makefile would look a bit like this:
|
||||
|
||||
Makefile:
|
||||
#+begin_src makefile -n -r
|
||||
CC ?= cc
|
||||
LDFLAGS = `pkg-config --cflags --libs libcurl`
|
||||
OBJS = main.o geturl.o
|
||||
TARGET = geturl
|
||||
|
||||
# Link the thing
|
||||
all: $(OBJS)
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) -o $(TARGET)
|
||||
|
||||
# Compile all source code to object files
|
||||
%.o : %.c
|
||||
$(CC) -c $(CFLAGS) $< -o $@
|
||||
|
||||
.PHONY clean
|
||||
clean:
|
||||
rm *.o $(TARGET)
|
||||
#+end_src
|
||||
|
||||
Typing =make= will result on a working makefile, the makefile will
|
||||
compile the software as expected and not much else would happen. The
|
||||
software also works as expected, however, in my opinion =make= syntax
|
||||
makes 0 sense and it could be improved. Fortunately, this can be
|
||||
solved using the BSD make templates. Consider the following Makefile:
|
||||
|
||||
Makefile:
|
||||
#+begin_src makefile -n -r
|
||||
PROG = geturl
|
||||
SRCS = main.c geturl.c
|
||||
LDADD != ${PREFIX}/bin/pkg-config --cflags --libs libcurl
|
||||
MAN =
|
||||
|
||||
.include <bsd.prog.mk>
|
||||
#+end_src
|
||||
|
||||
If you're in Linux, you might have to install =bmake=, which is a port
|
||||
of NetBSD make, it is more likely in your distro's repositories. To
|
||||
run that Makefile, just type =bmake=, and magic will happen. But let's
|
||||
explain it
|
||||
|
||||
PROG is like the target, is what the template uses to get the
|
||||
resulting binary. If SRCS is empty, bmake will just compile
|
||||
=progname.c=.
|
||||
=SRCS= are the sources files you want to compile. And =LDADD= are the
|
||||
flags you want to pass to the linker, notice that in this case I used
|
||||
!= instead of \=, this is because when you want to assign the output of
|
||||
a comman in BSD make, you have to do !=, you can't do =SRCS =
|
||||
`pkg-config ...`= because it won't work.
|
||||
|
||||
the =.include <bsd.prog.mk>= line makes all the magic possible. It is
|
||||
the template, and then you pass all the variables you defined before
|
||||
to that template, so the =.include= directive must be at the very
|
||||
bottom of the Makefile.
|
||||
|
||||
Also, this simple makefiles comes with all the rules someone would
|
||||
like. "bmake clean" works, so does "bmake install".
|
||||
|
||||
Notice how there isn't "CFLAGS" in this makefile, this is because, if
|
||||
you want to add any CFLAG, you can do it this way, and BSD make will
|
||||
understand:
|
||||
|
||||
#+begin_src shell -n -r
|
||||
sukamu@wakaran ~/docs/xdd $ bmake CFLAGS="-O2 -pipe -Wall -pedantic"
|
||||
cc -pipe -O2 -pipe -Wall -pedantic -c main.c
|
||||
cc -pipe -O2 -pipe -Wall -pedantic -c geturl.c
|
||||
cc -pipe -o geturl main.o geturl.o -lcurl
|
||||
#+end_src
|
||||
|
||||
You can specify default CFLAGS in the Makefile, but when adding CFLAGS
|
||||
in the command line, those will be overwritten.
|
||||
|
||||
** Compilation options using BSD make
|
||||
|
||||
configure scripts have their weird defined optins, such as
|
||||
=--enable-xxx= or =--disable-xxx=, which enables or disables features
|
||||
in the software you're compiling. This can be also be done with BSD
|
||||
make and =CFLAGS= To do this you only have to use the simple Make
|
||||
conditionals. Consider the following C source code:
|
||||
|
||||
#+begin_src c -n -r
|
||||
#include <stdio.h>
|
||||
|
||||
int main(void) {
|
||||
|
||||
#ifdef USE_OPTION
|
||||
puts("This is a string that will only be printed if use-option is enabled at compile time.");
|
||||
#endif
|
||||
puts("Hello world!");
|
||||
|
||||
|
||||
|
||||
return 0;
|
||||
}
|
||||
#+end_src
|
||||
|
||||
#+begin_src makefile -n -r
|
||||
PROG = option
|
||||
SRCS = main.c
|
||||
LDADD != ${PREFIX}/bin/pkg-config --cflags --libs libcurl
|
||||
MAN =
|
||||
|
||||
# Compilation options
|
||||
use-option = "no"
|
||||
.if "${use-option}" == "yes"
|
||||
CFLAGS +="-DUSE_OPTION"
|
||||
.endif
|
||||
|
||||
.include <bsd.prog.mk>
|
||||
|
||||
#+end_src
|
||||
|
||||
If you compile normally, nothing weird would happen:
|
||||
|
||||
#+begin_src shell-script -n -r
|
||||
diego@sukamu ~/xdxd $ make
|
||||
cc -pipe -g -MD -c main.c
|
||||
cc -pipe -o option main.o -lcurl
|
||||
diego@sukamu ~/xdxd $ make
|
||||
Hello world!
|
||||
#+end_src
|
||||
|
||||
Now, let's recompile with =use-option=yes=.
|
||||
|
||||
#+begin_src shell-script -n -r
|
||||
diego@sukamu ~/xdxd $ bmake use-option=yes
|
||||
cc -pipe -g "-DUSE_OPTION" -MD -c main.c
|
||||
cc -pipe -o option main.o -lcurl
|
||||
diego@sukamu ~/xdxd $ ./option
|
||||
This is a string that will only be printed if use-option is enabled at compile time.
|
||||
Hello world!
|
||||
#+end_src
|
||||
|
||||
So, if you add ="use-option=yes"= to the make flags, the Makefile will
|
||||
add the required CFLAGS to enable the compile time option.
|
||||
|
||||
** Conclusion
|
||||
|
||||
BSD make is great for both small and big projects. And maybe more sane
|
||||
than other alternatives, as doesn't require you to write a lot of
|
||||
stuff just to build your project. BSD Make is a build system made for
|
||||
lazy people. And lazy people always come with the simplest solutions.
|
|
@ -0,0 +1,12 @@
|
|||
#+INCLUDE: "../inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
|
||||
#+TITLE: suragu.net - Coreboot in a x220
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
|
||||
#+EXPORT_FILE_NAME: coreboot_x220.html
|
||||
|
||||
* The memories of a corebooter
|
||||
|
||||
|
|
@ -0,0 +1,177 @@
|
|||
#+INCLUDE: "../inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
|
||||
#+options: ^:{}
|
||||
#+TITLE: suragu.net - Fear and loathing in Linux
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
|
||||
|
||||
* Fear and loathing in Linux (Or BSD user tries Linux)
|
||||
|
||||
If you enjoy this article, please consider donating:
|
||||
https://liberapay.com/raoul11. For questions or comments on this
|
||||
article feel free to reach me out at teru-sama [at] riseup [dot] net.
|
||||
|
||||
One day I said "I want to die with FreeBSD installed", and I still do,
|
||||
FreeBSD is a marvellous operating system that should be the final word
|
||||
in operating systems. Sadly the other day when I bought a new computer
|
||||
they pranked me very well because the network card this computer came
|
||||
with is not supported in the current stable version of
|
||||
FreeBSD. "Father, into your hands I commend my spirit, father, into
|
||||
your hands, why have you forsaken me?" I said, but after some searches
|
||||
I find that this network card WILL be supported and you can test the
|
||||
driver in the -CURRENT branch of FreeBSD, I didn't thought -CURRENT
|
||||
would be much of a pain, knowing I come from "bleeding edge" Linux
|
||||
distributions. So I installed FreeBSD 14.0, the thing worked but when
|
||||
I tried to install the required modules for xorg to work it didn't
|
||||
work. And that's all they had to say. I want a stable system. Not
|
||||
that.
|
||||
|
||||
Some time ago, when I published my [[./freebsd_as_desktop.html][FreeBSD as desktop]] blog post, I got
|
||||
a comment in Hacker News (or lobsters, can't remember) that told me
|
||||
that I was making clickbait because the experience was good. And the
|
||||
title promised "Fear and loathing". Well, this one does have fear and
|
||||
loathing.
|
||||
|
||||
So my first try was the old reliable. Void Linux, a distro that has
|
||||
never failed me. Until yesterday, because when you come from BSD, you
|
||||
know what's wrong with Linux.
|
||||
|
||||
Despite Xfce focuses on Linux operating systems and the BSD support
|
||||
could be a lot better, because it sometimes can't tell the difference
|
||||
between oss and pulse audio, or the microphone doesn't work, or other
|
||||
kinds, doing trivial things was a lot easier on FreeBSD than in Void
|
||||
Linux, but that's okay. I can with it, i've had worse things in my
|
||||
life. So I could configure it. Then I wanted to install some packages
|
||||
for void installation in which I could use my beloved [[https://git.raoul11.net/sakisafe.git][sakisafecli]]. But
|
||||
when I installed it I found out what was wrong with Linux.
|
||||
|
||||
So i tried to run =bmake= in linux (BSD make is much better than GNU
|
||||
make and should cover some trivial makefiles). And it started to give
|
||||
errors, like curl.h is not found. And this is when a BSD user will
|
||||
cause the Fall of Rome. In BSD operating systems, there are not
|
||||
=-devel= (or -dev) packages. So when you install libfoo you install
|
||||
the shared objects (.so files), the header files (the thing in
|
||||
/usr/local/include) and sometimes the .a files for static linking
|
||||
(which is something Linux distributions should also do). I don't think
|
||||
it's very arguable that it is possitive to include the header files in
|
||||
the same package. Because they're just text files that won't take a
|
||||
lot of space. Maybe this is normal for some kind of devices, but if
|
||||
you install arch linux or void in a amd64 machine i don't think you
|
||||
care a lot about space.
|
||||
|
||||
That was the moment in which I remembered that one day a friend of my
|
||||
told me that arch linux doesn't have -devel packages. And that was
|
||||
enough for me to install Artix Linux, I don't even know what init
|
||||
system I'm using.
|
||||
|
||||
Let the _fear and loathing_ begin.
|
||||
|
||||
** Operation: filesystem
|
||||
The state of ZFS in Linux is quite commedic because OpenZFS is under
|
||||
the CCLD and Linux is on the GPL and CCDL is incompatible with the
|
||||
GPL. So because of the GPL we can't have ZFS endorsed by the kernel on
|
||||
Linux systems. Just because the GPL, I don't think it's pretty good
|
||||
that a so-called "free" software license tells you that you *must*
|
||||
share your changes. And I think it's pretty idiotic that, because a
|
||||
License, they can't add a sequence of ASCII characters to a kernel.
|
||||
|
||||
It was pretty funny because one day I found this message regarding
|
||||
btrfs on FreeBSD on the forums:
|
||||
|
||||
[[../img/freebsd_user_on_btrfs.png]]
|
||||
|
||||
When I was installing Artix and it was part to create the partitions,
|
||||
I audibly chuckled, and I selected btrfs as my file system. And began
|
||||
using btrfs because I'm always open to try new things.
|
||||
|
||||
As mentioned before, the state of ZFS on Linux is commedic, because of
|
||||
differences between Artix and Arch, I couldn't install the 3rdparty
|
||||
zfs module from the AUR, so I had to compile OpenZFS code myself. This
|
||||
wasn't much of a problem.
|
||||
|
||||
Meanwhile, I also looked for "artix zfs" in my search engine and I
|
||||
found this blog post that was funny to me because it's like the
|
||||
counter part of the other post:
|
||||
|
||||
[[../img/btrfs_better_than_zfs.png]]
|
||||
|
||||
So well, installing ZFS from source wasn't much of a problem. After
|
||||
building and installing it =modprobe zfs= just worked and I could
|
||||
mount my pools just fine. And thus, restoring my data. so no big
|
||||
problem there.
|
||||
|
||||
I wanted to try btrfs features because I am curious, and apparently
|
||||
btrfs is "zfs for linux", so i wanted to try its features
|
||||
|
||||
Our man break19 was right, because if I want to add compression
|
||||
to my storage devices I have to do some weird stuff in the fstab, and
|
||||
that's too much, i prefer the old good "zfs set compression=gzip
|
||||
zroot" rather than editing that file. I also can't play with btrfs
|
||||
subvolumes or snapshots because the btrfs command line utility is
|
||||
horrible and I haven't figured anything out.
|
||||
|
||||
** Package management and the power it holds
|
||||
|
||||
Different commands. Same shit, the only package managers that has
|
||||
innovated in something are GNU Guix and Nix, but I don't think there
|
||||
is much difference between =pkg= and =pacman=.
|
||||
|
||||
What is true is that =pacman= has a syntax that sucks, for example. in
|
||||
FreeBSD you'd do =pkg install emacs=, while with Artix you do =pacman
|
||||
-S emacs=, like I know what -S means, and apparently "pacman -Ss" is
|
||||
better than "pacman search", so i prefer FreeBSD package manager.
|
||||
|
||||
But what was funny to me is that when I installed =clang=, pacman
|
||||
notified me that also =gcc= will be installed. I thought this was very
|
||||
curious so I asked in the artix IRC channel, the answer frightened me:
|
||||
|
||||
#+begin_src text
|
||||
<raoul> | Hello, nice operating system and all, but I have a question
|
||||
why does clang depends on gcc
|
||||
<Dudemanguy> | it's because clang uses the standard library provided by gcc
|
||||
most linux distros are like this
|
||||
#+end_src
|
||||
|
||||
As a computer user I tell you, that no big problem. But as a BSD user
|
||||
I ask "why"?
|
||||
|
||||
I didn't know it, but pacman is very fast. It downloads things in
|
||||
parallel and uses zstd, a fast compressing/decompressing software for
|
||||
compression, so I have no issues with pacman's speed. It is pretty
|
||||
fine.
|
||||
|
||||
When I did some research on why I couldn't install wine in Artix linux
|
||||
I found out that my packages are being maintained by people with anime
|
||||
profile pictures. And I also discovered that, for some reason, they
|
||||
wanted to split all the repositories in separate repositories. Not
|
||||
sure why, they have like 5 repositories for everything. I can
|
||||
understand separating repositories with free/non-free software. But
|
||||
here they don't even do that. They're just making thing more complex
|
||||
for people who just want to install packages. In BSD this didn't
|
||||
happen as the main repo had all the 30k packages someone would ever
|
||||
need. And this operating system lacks packages. I had to build
|
||||
=cmusfm= myself.
|
||||
|
||||
** Desktop
|
||||
I hate to say it but Artix was less of a pain to setup as a desktop
|
||||
than FreeBSD, this is because the installation was made with Calamares
|
||||
installer. So I didn't had to install Xorg and configure manually, the
|
||||
installer did all that for me. This wasn't the case in FreeBSD in
|
||||
which I had to configure Xorg manually. And this is appreciated. The
|
||||
Xfce setup just worked. And I bothered on ricing it like Windows XP
|
||||
because I live in the past. Some people ask me why I riced it why XP,
|
||||
the reason is because I can and I wanted.
|
||||
|
||||
I have 0 reasons to complain about Linux in this case. So I just
|
||||
won't.
|
||||
** Conclusion
|
||||
If you haven't tried a BSD operating system. Don't, you'll get hooked to
|
||||
it and if you ever have to come back to Linux, you'll find yourself
|
||||
prefering to get a castration than installing Linux, because when you
|
||||
learn how BSD works, and its awesome features, the development
|
||||
philosophy (focusing in making a great operating system instead of
|
||||
focusing in a weird definition of freedom), you start to know why
|
||||
linux sucks.
|
||||
|
|
@ -0,0 +1,298 @@
|
|||
#+INCLUDE: "../inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
|
||||
#+options: ^:{}
|
||||
#+TITLE: suragu.net - Fear and loathing in FreeBSD
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
|
||||
|
||||
* Fear and loathing in FreeBSD, or raoul's experiences with FreeBSD
|
||||
** Introduction
|
||||
Not so long ago I wrote [[../openbsd.xhtml][my experiences with OpenBSD]]. This post was
|
||||
about my experiences with OpenBSD but as a server, not as
|
||||
desktop. Using an operating system as a desktop is completly
|
||||
different than using it as a server.
|
||||
|
||||
One day I thought "damn, Linux sucks! But I have to use this because
|
||||
the developer of the browser that I use is an asshole!". And had to
|
||||
stick to Linux for a while. But then another day I thought "Hmm,
|
||||
FreeBSD claims to run Linux binaries better than Linux, let's give it
|
||||
a try". Good operating systems have to sell themselves some
|
||||
way. And that claim worked for me. So I went to FreeBSD.org, clicked
|
||||
the big yellow button that says "Download FreeBSD" and downloaded the
|
||||
memstick image for amd64 because that's what my computer runs.
|
||||
|
||||
I will be updating this site as I have more experiences with
|
||||
FreeBSD. So add to bookmarks!
|
||||
|
||||
Last update: 2022-06-21
|
||||
|
||||
|
||||
** Installation
|
||||
The installation was pretty straight forward. I don't think people can
|
||||
get lost in this. I just selected ZFS as my file system (more on that
|
||||
later). And I don't remember much other things in the
|
||||
installation. And as I forgot them. I don't think they are worth
|
||||
mentioning.
|
||||
|
||||
** Networking
|
||||
I want to connect to the internet because, among other reasons, I have
|
||||
a website, electronic mail and I like to talk to internet people
|
||||
sometimes.
|
||||
*** Wireless connection
|
||||
Sadly I no longer have the router in my room so I can't use an
|
||||
ethernet cable. So I have to use the dreaded wireless card. I was very
|
||||
surprised when I found out that FreeBSD supports this Atheros card.
|
||||
so I don't have to open the computer and put an Intel one. For the
|
||||
network card to work, I only had to modify the kernel booting
|
||||
process. Sounds very hard but it is just editing
|
||||
=/boot/loader.conf/)=. I added the following lines to use the =ath=
|
||||
driver:
|
||||
|
||||
#+begin_src shell-script
|
||||
if_ath_load="YES"
|
||||
if_ath_pci_load="YES"
|
||||
#+end_src
|
||||
|
||||
Then, in =/etc/rc.conf= (we will talk about it later)
|
||||
|
||||
#+begin_src shell-script
|
||||
wlans_ath0="wlan0"
|
||||
ifconfig_wlan0="up"
|
||||
ifconfig_wlan0="WPA DHCP"
|
||||
#+end_src
|
||||
|
||||
That will automatically start =wpa_supplicant= and use DHCP to get an
|
||||
IP address
|
||||
*** DNS server
|
||||
Normally for resolving domains you'd use a server like 8.8.8.8,
|
||||
1.1.1.1 or 192.168.1.1. But I thought using local_unbound would be a
|
||||
good idea for this, as if i'm my own DNS resolver, I can choose what
|
||||
to resolve and what not to. I followed [[https://vermaden.wordpress.com/2020/11/18/unbound-dns-blacklist/][this guide]] to configure
|
||||
local_unbound, with some block lists. And I also modified
|
||||
/etc/dhclient.conf to use =127.0.0.1= as default DNS server. I did not
|
||||
setup a fallback DNS server because if my computer is up, unbound is
|
||||
up as well. So I don't really need a fallback DNS server.
|
||||
|
||||
#+begin_src conf
|
||||
interface "wlan0" {
|
||||
append domain-name-servers 127.0.0.1;
|
||||
}
|
||||
#+end_src
|
||||
** Making the fresh installed system a desktop.
|
||||
|
||||
I'm no longer a Linux user. Now I am a BSD user. As such I must be
|
||||
aware about this "X11" thing. So I had to install the =xorg=
|
||||
package. FreeBSD comes with a binary package manager called =pkg=. We
|
||||
will talk more about this in the packages section. I just had to run
|
||||
=# pkg install xorg=. Add the user =raoul= to the =video= group and
|
||||
configure my =.xinitrc= so everytime i run =startx=, =bspwm= is
|
||||
started.
|
||||
|
||||
I had to add i915kms_load="YES" to =/boot/loader.conf). Which is the
|
||||
driver for Intel integrated graphics cards. Or something like that.
|
||||
|
||||
As mentioned before. I had to modify my .xinitrc (something that as a
|
||||
former Linux user I have never done because I always used lxdm as
|
||||
display manager. But as FreeBSD doesn't have lxdm available I had to
|
||||
get alternatives). My .xinitrc looks like this:
|
||||
|
||||
#+begin_src shell-script
|
||||
dunst&
|
||||
xrdb .Xdefaults&
|
||||
compton&
|
||||
xset r rate 300 50&
|
||||
feh --bg-fill ~/.wall.png
|
||||
sxhkd
|
||||
exec bspwm
|
||||
#+end_src
|
||||
|
||||
With that =.xinitrc=, running =startx= just works.
|
||||
|
||||
** Package management
|
||||
|
||||
FreeBSD comes with 2 options to install packages: binary-based
|
||||
packages and port-based packages which installs packages compiling
|
||||
them from source code.
|
||||
|
||||
*** Binary package management
|
||||
|
||||
I installed an operating system because I wanted to use it. And it is
|
||||
impossible to use an operating system if you cannot install software
|
||||
in it. Fortunately, FreeBSD comes with a package manager called =pkg=,
|
||||
a very original name for a package manager. It is simple to use,
|
||||
and blazing fast. I would say it is faster, or at least as fast as
|
||||
=xbps=, the fastest package manager I know. Using it is utter simple,
|
||||
here are some examples:
|
||||
|
||||
#+begin_src shell-script
|
||||
# All these commands must be run as root.
|
||||
|
||||
# Install the package "emacs"
|
||||
pkg install emacs
|
||||
# Deinstall the package "emacs"
|
||||
pkg remove emacs
|
||||
# Remove all the unneeded dependencies
|
||||
pkg autoremove
|
||||
# List all packages that contain "edit" in its name
|
||||
pkg search edit
|
||||
# List all packages that contain "editor" in its comment
|
||||
pkg search -S comment editor
|
||||
#+end_src
|
||||
|
||||
Unfortunately, =pkg= comes with insane defaults. You have to type
|
||||
'y' and then 'enter' to confirm you want to install a package. As
|
||||
=pkg= defaults to "No". I guess this is a security feature for some
|
||||
users. But as I'm too lazy to press the 'Y' key, and I'd rather just
|
||||
to press enter, I edited =/usr/local/etc/pkg.conf= and added the
|
||||
following content:
|
||||
|
||||
#+begin_src conf
|
||||
# I don't want to press 'Y' everytime.
|
||||
DEFAULT_ALWAYS_YES=yes
|
||||
AUTOCLEAN=yes
|
||||
IP_VERSION=4
|
||||
# I don't want to wait to upgrade a package. I'll update my system
|
||||
# only when I want :)
|
||||
REPO_AUTOUPDATE=no
|
||||
#+end_src
|
||||
|
||||
*** Source package management
|
||||
Sadly I can't talk a lot about this one because I have a overheated
|
||||
machine and if I compiled something in this computer we would have the
|
||||
biggest destruction known to civilized man since 476 A.D.
|
||||
|
||||
But I can compile small software without a lot of problem.
|
||||
|
||||
First you have to get the port collection if you didn't do it in the
|
||||
installer with the following command:
|
||||
|
||||
=# portsnap fetch extract=
|
||||
|
||||
Which will, fetch the port collection and extract them in
|
||||
=/usr/ports=. These ports are just a collection of Makefiles. Which
|
||||
will download and build the source code from you. These makefiles are
|
||||
kinda easy to work with, and also to write. As i'm the maintainer for
|
||||
some FreeBSD packages :)
|
||||
|
||||
You can also configure which CFLAGS you want *by default*. Just edit
|
||||
the =/etc/make.conf= file. Mine looks like this:
|
||||
|
||||
#+begin_src conf
|
||||
CFLAGS+= -O2 -pipe -march=native -mtune=native
|
||||
DEVELOPER=yes
|
||||
MAKE_JOBS_UNSAFE=yes
|
||||
#+end_src
|
||||
|
||||
** Linux emulation
|
||||
As I mentioned before, what was keeping me at the Linux hell was the
|
||||
Web Browser known as Pale Moon. I followed [[https://docs.freebsd.org/en/books/handbook/linuxemu/][the guide]] to run Linux
|
||||
software in FreeBSD. Downloaded Pale Moon, and after installing a few
|
||||
dependencies, yup, it worked just like if I was using it in Linux.
|
||||
|
||||
Then I =rm -rf palemoon= and moved to firefox. Don't really know why.
|
||||
** Multimedia
|
||||
This was kind of a pain, =oss= didn't want to work for undisclosed
|
||||
reasons. Too lazy to install sndio. So I went the easy way and just
|
||||
installed pulseaudio. Call me what you will. But I want to listen to
|
||||
Madvillain, not say "I DON'T USE PULSEAUDIO" in the internet. I use
|
||||
=cmus= as my music player. The binary distribution of cmus comes with
|
||||
the PulseAudio plugin disabled so I had to install it from the ports
|
||||
system.
|
||||
|
||||
mpv and audio in FireFox just worked.
|
||||
** ZFS
|
||||
After years of using UFS, it was time for a change. ZFS was
|
||||
introdouced experimentally in FreeBSD 7. And in the latest version, it
|
||||
is the default filesystem. This filesystem is, described by itself as
|
||||
"The last word in file system" That makes sense to me. They are not
|
||||
going to say it's a bad filesystem if they want people to use it. And
|
||||
if i'm using a filesystem that takes most of my RAM, it should be good
|
||||
at least. And, yes, ZFS is good.
|
||||
*** Pools and storage
|
||||
"A storage pool is the most basic building block of ZFS. A pool
|
||||
consists of one or more vdevs, the underlying devices that store the
|
||||
data.". I don't understand any of that. But a pool must be created to
|
||||
create your filesystems (datasets) and volumes. In the default
|
||||
installation, the dataset is called "zroot".
|
||||
|
||||
These "file systems" are similar to partitions. It is mounted wherever
|
||||
you want and has its own metadata.
|
||||
*** Creating and configuring datasets
|
||||
My friend Endemic has a lot of media that must be stored, he has lost
|
||||
media, music from bands no one has ever heard of and soviet movies and
|
||||
obscure breakcore. This kind of media has to be archived and zfs does
|
||||
a great work creating that. ZFS has also a compression feature,
|
||||
supporting a lot of compression algorithms.
|
||||
|
||||
So to create the zpool that I want to be mounted in /storage, I ran
|
||||
the following commands (as root)
|
||||
|
||||
#+begin_src shell-script
|
||||
# Create the pool storage in the /dev/da0 device, which is an external
|
||||
# hard drive
|
||||
zpool create storage /dev/da0
|
||||
# Set zstd-9 compression in the pool.
|
||||
zfs set compression=zstd-9 storage
|
||||
#+end_src
|
||||
|
||||
And that's it. Then when you copy big files to /storage they will be
|
||||
compressed. And as our CPU is fast and zstd uses a fast algorithm, you
|
||||
probably won't notice that you're actually compressing and
|
||||
decompressing files all the time. Which is good. You can also use
|
||||
zstd-19 as compression, which redouce the filesize of everything by a
|
||||
lot. But this has a drawback, quoting from the [[https://docs.freebsd.org/en/books/handbook/zfs/index.html][FreeBSD ZFS reference]]:
|
||||
|
||||
#+begin_quote
|
||||
ZFS offers 19 levels of Zstd compression, each offering
|
||||
incrementally more space savings in exchange for slower
|
||||
compression. The default level is zstd-3 and offers greater
|
||||
compression than LZ4 without being much slower. Levels above 10
|
||||
require large amounts of memory to compress each block and systems
|
||||
with less than 16 GB of RAM should not use them. ZFS uses a selection
|
||||
of the Zstd_fast_ levels also, which get correspondingly faster but
|
||||
supports lower compression ratios. ZFS supports zstd-fast-1 through
|
||||
zstd-fast-10, zstd-fast-20 through zstd-fast-100 in increments of 10,
|
||||
and zstd-fast-500 and zstd-fast-1000 which provide minimal
|
||||
compression, but offer high performance.
|
||||
#+end_quote
|
||||
|
||||
And as I use a ThinkPad in which I didn't even bother on adding more
|
||||
RAM. I use zstd-9. Which compresses the files somehow good. You can
|
||||
see the stats with =zfs get used,compressratio,compression,logicalused
|
||||
dataset=.
|
||||
|
||||
#+begin_src
|
||||
zroot used 64.1G -
|
||||
zroot compressratio 1.15x -
|
||||
zroot compression zstd-9 local
|
||||
zroot logicalused 66.1G -
|
||||
#+end_src
|
||||
|
||||
Used is the revelant to the filesystem size. And logicalused is the
|
||||
size the filesystem would have without compression. So this means I
|
||||
have saved 2GBs thanks to zstd-9. I do not feel any performance difference.
|
||||
*** Snapshots
|
||||
We all fuck it sometime. And that is okay. What is not okay is to lose
|
||||
data. ZFS contains a tool to create snapshots of a dataset. Which are
|
||||
basically backups that restore your filesystem to a certain
|
||||
point. These are very useful to recover lost data. You can create a
|
||||
backup of your =home= partition like this:
|
||||
|
||||
#+begin_src shell-script
|
||||
zfs snapshot zroot/usr/home@(date +%F)
|
||||
#+end_src
|
||||
|
||||
After creating the snapshot and completly trusting ZFS, i ran rm -rf
|
||||
~/*. Which nuked my home directory and everything in it. Then I ran
|
||||
=zfs rollback zroot/usr/home@2022-06-18= and it was restored. Like
|
||||
nothing ever happened. According to the FreeBSD reference, snapshots
|
||||
can take a lot of disk space so you should delete them as they're no
|
||||
longer needed.
|
||||
*** Other features
|
||||
|
||||
ZFS has features like incremental backups, encryption, RAIDS, but I
|
||||
haven't tried them.
|
||||
** Jails
|
||||
TODO
|
|
@ -0,0 +1,28 @@
|
|||
#+INCLUDE: "../inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil ^:nil
|
||||
#+TITLE: suragu.net - Tech posts
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
|
||||
#+EXPORT_FILE_NAME: index.html
|
||||
|
||||
* suragu.net tech posts
|
||||
|
||||
I have a [[../blog/][blog]], but I to keep it to very weird things that come to my
|
||||
mind that don't require text formatting, images, or anything that is
|
||||
not plain text.
|
||||
|
||||
The intention of this section of my website is to make a space for all
|
||||
the weird things that are related with tech. Which mostly always
|
||||
require formatting like syntax highlighting, images, or monospaced
|
||||
text. So I decided to create this section for the tech related posts.
|
||||
|
||||
These articles are sorted from oldest to newest.
|
||||
|
||||
1. [[./org_mode_as_ssg.html][org-mode as static site generator]]
|
||||
2. [[./freebsd_as_desktop.html][raoul's experiences with FreeBSD as desktop.]]
|
||||
3. [[./brotli_in_openbsd_http.html][brotli in OpenBSD's httpd.]]
|
||||
4. [[./fear_and_loathing_in_artix.html][Fear and Loathing in Artix (or BSD user tries Linux)]]
|
||||
5. [[./bsd_make.html][Using BSD make as build system]]
|
||||
6. [[./modern_perl.html][Perl in CURRENT_YEAR]]
|
|
@ -0,0 +1,214 @@
|
|||
#+INCLUDE: "../inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil ^:nil
|
||||
#+TITLE: suragu.net - Perl in CURRENT_YEAR
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
|
||||
#+EXPORT_FILE_NAME: modern_perl.html
|
||||
|
||||
* Perl in CURRENT_YEAR
|
||||
|
||||
Perl is a programming language that will always live deep into my
|
||||
heart. It was the first programming language I can say I
|
||||
mastered. But it's sad that not even God uses this programming
|
||||
language anymore. It's a great programming language, it has evolved in
|
||||
the latest years, so much that it even looks like a modern programming
|
||||
language. Some of the stupid design of perl has been fixed.
|
||||
|
||||
It is known by everyone that the perl Syntax sucks. It makes 0 sense,
|
||||
at least for learners. Experimented perl programmers no longer fear
|
||||
anything.
|
||||
|
||||
For comments or questions on this post, email me at sukamu at riseup
|
||||
dot net.
|
||||
** Function prototypes
|
||||
Perl always lacked function signatures (prototypes), the way you
|
||||
passed arguments to a function in perl was horrible, it is like
|
||||
functions in bash:
|
||||
|
||||
#+begin_src perl -n
|
||||
sub sum() {
|
||||
my ($x, $y) = @_;
|
||||
return $x + $y;
|
||||
}
|
||||
|
||||
print sum(3, 4); # Prints 7
|
||||
#+end_src
|
||||
|
||||
You define the function parameters inside the function, just like in
|
||||
bash. This is, in my opinion, horrible, but since perl 5.36, you can
|
||||
have function signatures, to use perl's new features, you have to
|
||||
specify the version of perl you want to use, to do this just use the
|
||||
=use= keyword.
|
||||
|
||||
#+begin_src perl -n
|
||||
use v5.36;
|
||||
|
||||
sub sum($x, $y) {
|
||||
return $x + $y;
|
||||
}
|
||||
say sum(4, 5); # prints 9, and adds a newline.
|
||||
#+end_src
|
||||
|
||||
The function signature feature was added in Perl v5.20, but it started
|
||||
to be considered stable at v5.36. There is also this new "say"
|
||||
function that is just like =print= but adds a =newline= at the end of
|
||||
the line, like python's =print= or C's =puts()=. These features were
|
||||
inhereted from Raku.
|
||||
|
||||
** Try/Catch
|
||||
|
||||
Perl added an experimental Try/Catch blocks in v5.34. These are still
|
||||
considered experimental as of v5.36. But you can still use them. The
|
||||
=try/catch= (also =finally= if you're using v5.36) works like any
|
||||
other programming language that has try/catch blocks. As this feature
|
||||
is still experimental and should not be used seriously, you have to
|
||||
specify that you want to use the experimental feature ='try'=:
|
||||
|
||||
#+begin_src perl -n
|
||||
use v5.36;
|
||||
use strict;
|
||||
use warnings;
|
||||
|
||||
use experimental 'try';
|
||||
|
||||
sub attempt() {
|
||||
say "I'm doing something!";
|
||||
die "Goodbye cruel world";
|
||||
return 42;
|
||||
}
|
||||
|
||||
try {
|
||||
my $x = attempt();
|
||||
} catch($e) {
|
||||
say "Exception: $e";
|
||||
} finally {
|
||||
say "Finished";
|
||||
}
|
||||
#+end_src
|
||||
|
||||
|
||||
And the thing does exactly that, the script dies inside the =try=
|
||||
block, so it's passed to the =catch= block as an exception. And
|
||||
finally, the =finally= block is executed.
|
||||
|
||||
** the =isa= operator
|
||||
|
||||
The isa operator tests whether an object has a instance of a certain
|
||||
class, in non-object programming slang, it just checks the type of a
|
||||
variable. The =isa= operator was introdouced as an experimental
|
||||
feature in perl v5.34.0 and was no longer considered experimental in
|
||||
the current v5.36.0.
|
||||
|
||||
#+begin_src perl -n
|
||||
#!/usr/bin/perl
|
||||
|
||||
use v5.36;
|
||||
use LWP::UserAgent;
|
||||
my $ua = LWP::UserAgent->new;
|
||||
|
||||
|
||||
if ($ua isa LWP::UserAgent ) {
|
||||
say "LWP::UserAgent object instanced successfully";
|
||||
} else {
|
||||
die "something that should not have happened happened.";
|
||||
}
|
||||
#+end_src
|
||||
|
||||
Before this operator, you had to use the =ref= function and string
|
||||
checker to accomplish the same thing, like this;
|
||||
|
||||
#+begin_src perl -n
|
||||
use LWP::UserAgent;
|
||||
my $ua = LWP::UserAgent->new;
|
||||
|
||||
if(ref($ua) eq "LWP::UserAgent") {
|
||||
# Do stuff...
|
||||
} else {
|
||||
# Do stuff when failed.
|
||||
}
|
||||
#+end_src
|
||||
|
||||
Which clearly makes a difference at the moment of reading and writing
|
||||
new code.
|
||||
|
||||
** The defer block
|
||||
|
||||
This is a feature that others programming languages have, C++ calls it
|
||||
RAII, there are plans to add it to the next version of the C
|
||||
programming language, also golang has the defer block. Thing is that
|
||||
in perl it works like this:
|
||||
|
||||
#+begin_src perl -n
|
||||
#!/usr/bin/perl
|
||||
|
||||
use v5.36;
|
||||
|
||||
use experimental 'defer';
|
||||
my $x = 0;
|
||||
{
|
||||
$x = (2^31)-1;
|
||||
defer {
|
||||
say "The block has finished it's execution";
|
||||
$x = 0;
|
||||
};
|
||||
say "Let's pretend i'm doing stuff...";
|
||||
say "x value: $x";
|
||||
}
|
||||
say "x value: $x";
|
||||
#+end_src
|
||||
|
||||
Simillary to =try/catch=, this function is experimental and should not
|
||||
be used in production. Or use it if you want. But don't blame the perl
|
||||
devs if something breaks (which, honestly, I doubt that your system
|
||||
will break because of an experimental feature. Just don't abuse it or
|
||||
use it in very weird ways and you'll be fine).
|
||||
|
||||
** builtin values
|
||||
|
||||
=builtin= is a new core module that shipts with perl v5.36. This
|
||||
package are plains function and behave like user defined
|
||||
cuntions. They do not provide any special thing you have never seen in
|
||||
perl before. But they're still good to have, as they help to make the
|
||||
code more easy to write and read. These functions are also
|
||||
experimental so be careful at the moment of using them.
|
||||
|
||||
#+begin_src perl -n
|
||||
use v5.36;
|
||||
use experimental 'builtin';
|
||||
use builtin qw(true false is_bool trim
|
||||
reftype created_as_string
|
||||
created_as_number); # There are more builtin functions...
|
||||
my $bool_value = true;
|
||||
|
||||
if ($bool_value) {
|
||||
say "The value is true";
|
||||
} else {
|
||||
say "The value is false";
|
||||
}
|
||||
|
||||
say is_bool($bool_value); # Will print "true";
|
||||
|
||||
my $str = "\t\n\r Hello world\t\r\n";
|
||||
$str = trim($str); # This trim() function will remove all the whitespace
|
||||
#characteres defined by unicode (https://perldoc.perl.org/perlrecharclass#Whitespace)
|
||||
|
||||
print $str; # Will print "Hello world", without newlines, tabs, or
|
||||
# carriage returns.
|
||||
#+end_src
|
||||
|
||||
These new functions are not the greatest or most useful thing ever,
|
||||
but they are still helpful.
|
||||
|
||||
** Conclusion
|
||||
|
||||
Perl's not dead. At least that's what I kept telling myself because I
|
||||
don't want to see this programming language dying in my lifespan. But
|
||||
it's pretty cool that they still add new features to Perl 5. Despite
|
||||
everything you could say, perl is still alive, but no one uses it, but
|
||||
well, no one uses Haskell either. :^)
|
||||
** Sources
|
||||
- 1. https://perldoc.perl.org/5.36.0/builtin
|
||||
- 2. https://perldoc.perl.org/5.36.0/perldelta
|
||||
- 3. https://perldoc.perl.org/5.34.0/perldelta
|
|
@ -0,0 +1,153 @@
|
|||
#+INCLUDE: "../inc/header.html" export html
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
|
||||
#+options: ^:{}
|
||||
#+TITLE: suragu.net - Org-mode as a Static Site Generator
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
|
||||
* org-mode as a Static Site Generator
|
||||
Created: 2022-06-14
|
||||
Last updated: 2022-06-14
|
||||
** Introduction
|
||||
There are a lot of static site generators out there, you can think of
|
||||
Jekyll, Hugo, sblg. Those are good (I guess) but, as I was too lazy to
|
||||
check them out, I tried to perform the same task (In this case,
|
||||
generating a website from a language in a weird markup language) that
|
||||
looks very much the same as it was written in pure html. And emacs'
|
||||
org-mode was able to do this perfectly. Not much flaws were found in
|
||||
this process.
|
||||
|
||||
And yes, this article was written in =org-mode=.
|
||||
|
||||
If you enjoy this article, please consider donating:
|
||||
[[https://liberapay.com/raoul11][https://liberapay.com/raoul11]]. For questions or comments on this
|
||||
article feel free to reach me out at teru-sama [at] riseup [dot] net.
|
||||
|
||||
** The basics
|
||||
|
||||
Every emacs users (I hope) knows about org-mode, it is a very powerful
|
||||
markup language, in my opinion, better than markdown as it uses more
|
||||
common sense, like *bold* text are written with only one asterisk and
|
||||
/italic/ text is written with slashes, which makes more sense inside
|
||||
my head than markdown's one asterisk for italic and two asterisks for
|
||||
bold. The headers are written with an asterisk followed by the text,
|
||||
and you can insert code blocks with =#+begin_src <language>=. (and close
|
||||
them with #+end_src) And
|
||||
guess what! Emacs will export the source code *highlighted* to html!
|
||||
The output colors will be defined by your *current Emacs theme*
|
||||
|
||||
When you are finished writing your .org file, you can export it to
|
||||
html with =M-x org-html-export-to-html=. This will create a =.html= file
|
||||
with the same name of the =.org= file. You can open it and it won't be
|
||||
so much different than a =.md= file converted to =.html= using =pandoc=. But
|
||||
we can fix that using the multiple =org-mode= options!
|
||||
** org-mode options
|
||||
There are a lot of =org-mode=. You can check all of them [[https://orgmode.org/manual/Publishing-options.html][here]] and
|
||||
[[https://orgmode.org/manual/Export-Settings.html][here]]. Check them if you need an option that is not here. Pretty sure
|
||||
there's an option for whatever you want.
|
||||
|
||||
So, when you make a website, you most likely want to make it somewhat
|
||||
artistic, so you want to add, say, a header, and a stylesheet
|
||||
file. This is possible with =org-mode= options. The following text lines
|
||||
will insert a header file and a stylesheet file into the resulting
|
||||
.html file:
|
||||
|
||||
#+begin_src org
|
||||
#+INCLUDE: "inc/header.html" export html
|
||||
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="css/styles.css"/>
|
||||
#+end_src
|
||||
|
||||
This will include, before everything in the =.org= file, the content of
|
||||
the file located at =inc/header.html=. And will append that <link/> HTML
|
||||
tag to the <head> section of the resulting =.html= file. So it will give
|
||||
the stylesheet to the resulting html site.
|
||||
n
|
||||
But by default =org-mode= gives us the number of headings, preambles and
|
||||
postambles, a table of contents, some html style we never asked for,
|
||||
and a lot of things we never asked for. But obviously, theres an
|
||||
option to take care of all of that!
|
||||
|
||||
#+begin_src org
|
||||
#+options: toc:nil
|
||||
#+OPTIONS: html-postamble:nil
|
||||
#+OPTIONS: html-style:nil
|
||||
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
|
||||
#+end_src
|
||||
|
||||
That snippet inside the codeblock will disable all the things we don't
|
||||
want in a personal website (but maybe we want in an academic
|
||||
article?). I don't know. The thing is that you can disable or enable
|
||||
them as needed. As you should know, =nil= in emacs-lisp means =false= and
|
||||
=t= means =true=. So if you want to enable some option of those you give
|
||||
it =t= instead of =nil=.
|
||||
|
||||
So you have to add that to all the .org files you have. You can
|
||||
probably setup those options as default by setting the family of
|
||||
=org-export= variables to =nil= as needed. But I keep it that way because
|
||||
I am too lazy to set all of those variables.
|
||||
|
||||
Then, you have to do =M-x org-html-export-to-html= in each .org file and
|
||||
upload them to your webroot. And everything should work when you visit
|
||||
your website. If not, check if the path of the css and header is
|
||||
correct (In this post i'm assuming your .html files are in =inc/= and
|
||||
your css is in =css/styles.css=, which are both relative paths).
|
||||
** Inserting custom HTML in Org
|
||||
Something great about Markdown is that you can insert HTML by simply
|
||||
adding it as normal text. You cannot do this in org-mode. You can't
|
||||
just put <b>thing</b> and expect org-mode to compile that as html. You
|
||||
have to use an =export= block. Those work just as the codeblocks we've
|
||||
seen before. But instead of src, it's export, so it will
|
||||
be #+begin_export html. Following there's an example
|
||||
#+begin_export html
|
||||
<b style="color:red;">This is custom HTML (it has the style attribute) inserted into org-mode :D</b>
|
||||
#+end_export
|
||||
** Exporting a whole directory with .org files to html
|
||||
|
||||
For most of the time running this website using =org-mode= as static
|
||||
site generator, i used to run =M-x org-html-export-to-html= as
|
||||
needed. But I thought this was unnecessary and repetitive and there
|
||||
wasn't really a need to do that. I wanted something like =make=. Where
|
||||
you run and you get everything compiled. And if a file didn't change,
|
||||
don't compile it again (as it isn't needed). So I asked about this in
|
||||
the #emacs irc channel:
|
||||
|
||||
#+begin_src text
|
||||
<sukamu> Hello, is it possible to use org-html-export-to-html in a
|
||||
emacs lisp program to export a file? Documentation says it only
|
||||
"exports the current buffer", But i want to export all the .org files
|
||||
in a directory as html
|
||||
<sukamu> (I'm using org-mode as a ssg)
|
||||
<wgreenhouse> > export all the .org files in a directory as html
|
||||
<wgreenhouse> sukamu: it sounds like you want org-publish
|
||||
<wgreenhouse> (info "(org) Publishing")
|
||||
#+end_src
|
||||
|
||||
So I checked out that "=org-publish=" thing this IRC user was talking
|
||||
about. And indeed it was exactly what I needed. I had to read the
|
||||
documentation. And I came to this following emacs-lisp files which can
|
||||
compile my website just well:
|
||||
|
||||
#+begin_src emacs-lisp
|
||||
;; Change this
|
||||
(setq org-publish-project-alist
|
||||
'(("suragu.net"
|
||||
:base-directory "~/repos/suragu_org/"
|
||||
:publishing-directory "~/repos/suragu_org/out_html"
|
||||
:section-numbers nil
|
||||
:publishing-function org-html-publish-to-html
|
||||
:table-of-contents nil
|
||||
:recursive t
|
||||
)))
|
||||
|
||||
(defun make-suragu ()
|
||||
(interactive)
|
||||
(org-publish "suragu.net")
|
||||
#+end_src
|
||||
|
||||
And that's it! Everytime I want to recompile this website I just have
|
||||
to run =M-x make-suragu= and org-publish will do the rest for me!
|
||||
** Conclusion
|
||||
=org-mode= is a great markup language that can repleace markdown in most
|
||||
tags and also works well as a static site generator. What else do you
|
||||
want me to say
|
Loading…
Reference in New Issue