svragv
/
suragu_org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial commit

master
Barrington 2022-11-08 12:54:40 +01:00
commit d1509d47f4
19 changed files with 2103 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
EVALME.el Normal file
View File

@ -0,0 +1,17 @@
;; Change this
;; Change this
(setq org-publish-project-alist
'(("qorg11.net"
:base-directory "/home/qorg/docs/repos/qorg_org"
:publishing-directory "/home/qorg/docs/repos/qorg_org/out_html"
:section-numbers nil
:publishing-function org-html-publish-to-html
:table-of-contents nil
:recursive t
)))
(defun make-qorg ()
(interactive)
(org-publish "qorg11.net"))

25
about.org Normal file
View File

@ -0,0 +1,25 @@
#+INCLUDE: "inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
#+TITLE: Suragu.net
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="css/styles.css"/>
#+EXPORT_FILE_NAME: about.html
* About
This (very alternative) website exists for the sole purpose of
existing. This website has no objetive purpose.
As if someone cared, here's my neofetch.
#+begin_export html
<a href="img/as_if_someone_cared.png"><img src="img/as_if_someone_cared_thumb.jpg"></a>
#+end_export
** About the person
[[./img/fermin_trujillo.jpg][Freelancer from Spain]]

BIN
btrfs_better_than_zfs.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 32 KiB

65
css/styles.css Normal file
View File

@ -0,0 +1,65 @@
body {
background-color: black;
font-family:monospace;
background-image: url(../img/stars.png);
}
h1, h2, h3, h4, h5, h6, p {
color: white;
}
.content {
position: relative;
margin-left: 0px;
width: 100%;
right: -130px;
max-width: calc(100% - 130px);
}
.container {
border-style:solid;
border-color:#c9423f;
padding: 10px;
margin-bottom: 10px;
}
.cat_image {
border-style: solid;
border: 1px solid purple;
border-left: 0px;
border-top: 0px;
border-right: 0px;
}
.button > a {
text-decoration: none;
font-weight: bold;
margin-left: auto;
margin-right: auto;
font-size: 16px;
color: #6a0606;
margin: auto;
}
.button {
border: 1px;
border-style: solid;
width: 120px;
border-color: purple;
margin: 2px;
text-align: center;
}
.sidebar {
position: fixed;
top: 0;
left: 0;
width: 125px;
height: 100%;
transition: all 0.5s ease;
border: 1px solid red;
border-top: 0px;
border-left: 0px;
background-color: rgba(42, 20, 41, .5);
}

BIN
freebsd_user_on_btrfs.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 53 KiB

2
inc/footer.html Normal file
View File

@ -0,0 +1,2 @@
</div>
<a href="https://soundcloud.com/akvvma/sets/unlimited-aku-works-vol-ii-la-saga-del-exilio"><img src="img/banner_akuma.png" alt="Unlimited Aku works VOL. II La saga del exilio" title="Unlimited Aku works VOL. II La saga del exilio"/></a>

23
inc/header.html Normal file
View File

@ -0,0 +1,23 @@
<div class="sidebar">
<div class="cat_image">
<a href="/">
<img src="/img/cat.gif" alt="cat">
</a>
</div>
<div class="button">
<a href="/about.html">About</a>
</div>
<div class="button">
<a href="/tech_posts">Tech posts</a>
</div>
<div class="button">
<a href="/media.html">Media log</a>
</div>
<div class="button">
<a href="/blog">blog</a>
</div>
<div class="button">
<a href="https://git.suragu.net">git</a>
</div>
</div>

32
index.org Normal file
View File

@ -0,0 +1,32 @@
#+INCLUDE: "inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil ^:nil
#+TITLE: SURAGU
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="css/styles.css"/>
#+HTML_HEAD_EXTRA: <meta name="viewport" content="initial-scale=1,maximum-scale=1,user-scalable=no" />
#+EXPORT_FILE_NAME: index.html
* suragu.net
Welcome to suragu.net! My personal website. In which you can read my
philosophical posts or my posts about technology.
* Contact
You can contact me through email: chief_keef at riseup dot net or
XMPP: keef at this domain
* Donate
If you appreciate my work and wish to say thanks, you can send money
to any of these cryptocurrencies addresses:
- Monero: 87nNzDdnACV614EuueWcwiX16hYNr9cVMACzYExHvGRRf2sHDUydjNvFvoMRBRbJntgxanvE9vzGxLTgenydK8PuSMq9aXC
- Bitcoin: bc1q8k6f3ja8na82wl6ehw73uhy67d45pkhs63yvy5
* Mirrors
#+begin_export html
<p>
<a href="http://sukamuzgxigntu7issqf3y5bfsskwg5zzrzbuqjaxxmhkfoxbgiy77qd.onion">[Tor]</a> <a href="http://46egvt2hpvkqwm5xw4wyyozp6hkwvnmbcys7bi6rh4o4wktllpea.b32.i2p/">[I2P]</a>
</p>
#+end_export

172
marijuana_reviews.org Normal file
View File

@ -0,0 +1,172 @@
#+INCLUDE: "inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
#+TITLE: Suragu.net
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="css/styles.css"/>
#+EXPORT_FILE_NAME: marijuana_reviews.html
* SURAGUs Marijuana Reviews
Creativity, Its a known fact that grass increases creativity from
eight to eleven times. In fact, everyone finds theyre more creative
stoned than straight. Humans have always been very creative at the
time to get high. In Spain, stoners were so bored that they found a
legal loophole that allowed them to legally consume and sell dispense
Cannabis buds. Since I joined one of those clubs, my vision of a
fucking plant has changed so damn much. Like everything in
contemporany society, you have so much choice its depressing. In this
post I will review all the strains I have tried.
But I wont say “this shit dope” because that would be too boring. And
Im also not going to explain how each bud helps you with insomnia,
anxiety, depression and ADHD because despite recent research shows
its not so darn harmful, im not an idiot either.
So Ill review the buds using Pen & Pixel Graphics album covers. I am
not rating the weed on how good the album is. Just in how weird the
cover is.
Id like to thank my friend Endemic for the idea of making weed
reviews with album covers, for showing me all this awesome music and
helping me choose the covers.
Whatever weed youre smoking. And despite whatever these reviews says
about each strain, theres this quote from Kabuto Makai I the Great
that you should never forget:
“Sea Indica o Sativa me da igual que guay está la keli echandose
un mai”
** Amnesia (grass)
Amnesia Haze is a classic, is a strain that anyone who has been
smoking real weed for more than 2 minutes has tried. With more than
20% of THC, the shit will get anyone high. I will give this strain the
rating of DJ Screw - The Legend.
[[./img/covers/thelegend.jpg]]
DJ Screw in the sky with a skull behind him its something I could
have never thought of. And going to a cannabis club is also something
I would have never thought of. I also find it pretty funny that
theres a car with Screw by its side.
** Amnesia (Hash)
Advantages of going to a Cannabis Social Club is that you know that
youre smoking quality grass and quality hash. The hash here is made
by the dudes who work at the club, not by a moor sweating in his
room. So it has a very high quality.
The thing with hash is that it is hash. Too strong for some. But me?
It only leaves me thinking very weird funny things and Im so relaxed
I cant move. Then I move to some kind of backrooms. In which I find
myself listening to whatever Antonio Recio is saying. Great
experience. Amnesia Hash deservers nothing less than Lil Keke - The
commision
[[./img/covers/thecommision.jpg]]
Where do I start? Where are them? First time I thought it I felt like
this was a GTA San Andreas mission. Like the dudes are in the Four
Dragons Casino. And I like how the dude is peacefully smoking a cigar
when he got 2 bodyguards. I dont know. It is pretty surreal.
** Amnesia Hy-Pro
I dont even know what Hy-Pro means. The friend who sold me this told
me that it has a shitton of THC. I believe him. It did indeed had a
shit ton of THC. It was a psychedelic experience. So high I didnt
even know my name. I have not felt something similar to that since
then. So I can give this thing nothing less than Juvenile - 400
Degrees
[[./img/covers/400degres.jpg]]
I wish I could know where to start with this cover. First we can see
that theyre in hell. And theres this dude burning money. and a gold
watch. Dudes rich and hes showing off. Then we can see, similary to
DJ Screws The Legend, a giant face of the same dude in the
sky. Presumably Juvenile is the devil. If you look both at the left
and right side, you can see, scot-free, hookers. Why are there hookers
in hell? I cant tell. Then you have the Parental Advisory sticker. I
couldnt have known.
** Chocolope
Chocolope is a Sativa-Dominant strain. Marijuana journalists says that
it has a sweet flavour, tasting simillary to chocolate. In my
experience, it just tasted like marijuana smoke. Ive had better highs
in my life. Nevertheless Chocolope is a good strain that gives a good
effect. Used it to saw Perturbator live and had a great
experience. The Chocolope deserves Three 6 Mafia - The end
[[./img/covers/theend.jpg]]
I dont even know how to explain this cover. What are they on? Is that
a car? A giant stereo? I genuinely cant tell. But for some reason
theyre into outer space and you can see the earth behind them. The
earth is exploding. Maybe it is trying to say that only Three 6 Mafia
survived the apocalypse by riding a giant stereo. Riding a giant
stereo to outer space is something that could only happen in Memphis,
Tennesse.
** Unknown Indica Strain
We got a Special Joint for this mysterious strain we cant remember
the name of. We have vague indications that the strain name was
“Wedding cake”. Thing is that we thought that C. Indica were for
pussies. We were so damn wrong. We were nailed to the couch for at
least 15 minutes. To this thing I can only give SSUR - Guerrillas in
the midst
[[./img/covers/guerrilla.jpg]]
Why does the Che Guevara look like a Monkey, why are there hookers if
theyre in the guerrilla. Whats up with the explosion, whats with
all the money? Id frame this cover if I could.
** Terps (Hash)
It is impossible for a Allahs Follower to make bad hash. These
“Terps” is dry extraction of hash. I dont know what “Dry” means. My
Marijuana Master doesnt know what “Dry” is. So I just asume it is
just zoomer expression to say that a hash is good. But to answer the
question if “Was it good?” The answer is the following picture:
[[./img/covers/greatesthits.jpg]]
We smoked this hash mixed with Weed Marijuana. When we left the CSC,
we were in another dimension. Sadly we had to catch the bus later. We
were there and all of us started to feel exagerately dizzy. I dont
rememebr anything that happened in the hour of bus. I just remember
that I was listening to some music, I can only rememeber “My mind went
blank” my DJ Screw (The Legend). Then they woke me up. First thing I
see is a bottle full of vomit.
** Santa Sativa
#+begin_quote
santa: 1. adj sacred; hallowed: holy ground
#+end_quote
Santa Sativa is a Sativa Dominant Weed Marijuana strain. Relatively
high THC and low CBD. First time we tried this the Terps Incident
happened. So the weed must have been good shit. Then we smoked this
shit and unbeliable things happened. Everyone I thought to be Cannabic
Senseis said this strain was one of the best herbs they have ever
consumed. Thus, this strain deserves nothing less than: Snoop Dogg -
Da Game Is To Be Sold. Not To Be Told.
[[./img/covers/dagame.jpg]]
This masterpiece of the contemporany art is deleightful for our
eyes. We can see the motherfucking d-o double g holding a walking
stick made from gold. For undisclosed reasons. He is outside the
“Snoop World” (See Montana Management Co.) The thing is that his
mansion looks like a fucking castle youd see in Disney
World. Perspective fucks with us so much in this one. As he is behind
Snoop World mansion, hes sitting in the bonnet. Smoking what seems to
be a Swisher Sweet and his arm is in another car. There are also three
dogs in the pictures with shining diamonds.

131
media.org Normal file
View File

@ -0,0 +1,131 @@
#+INCLUDE: "inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil ^:nil -:nil
#+TITLE: suragu.net - Media I've consumed
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="css/styles.css"/>
#+EXPORT_FILE_NAME: media.html
* Media I've consumed
Well, someone has said, that in this world there are people for
everything, or "it takes all sorts to make a world", so there must be
someone interested on the media I consume and what I think about
it. So here are music albums, movies and similar.
As i'm not a professional rater, I'm not gonna rate them, in numbers,
i'll just say what I think about the thing and that's it.
Pssss. You can get some of the media listed [[https://files.suragu.net/][here]].
** Movies
I love the "guy who think he's cool" cinema.
- *Pulp Fiction (1994)*: The movie is stupid, ridicolous and most
pejorative adjectives you can think of. But it's my favorite movie
nevertheless.
- *Kill Bill (2003-2004)*: Good movies.
- *Trainspotting (1996)*: Movie about [[https://concealed.world/home.php][Scottish Drug addicts]]. The thing
sends a Good Message. And the movie is really enjoyable.
- *T2 Trainspotting (2017)*: Not as good as the original but still
passable.
- *Ghost in the Shell (1995)*: It's the only anime movie i've
watched. It's pretty cyberpunk so i like it.
- *Torrente: El brazo tonto de la ley (1997)*: Fucking funny garbage, if
i wasn't high i wouldn't have liked the thing.
- *Torrente 2: Misión en Marbella*: Idem
- *El día de la Bestia (1995)*: My favorite movie this country has made
- *Acción mutante (1993)*: One of the movies i laughed the most
- *Fear and loathing in Las Vegas (1998)*: I don't know what I watched
- *Scarface (1983)*: Masterpiece.
- *Navajeros (1980)*: Funny at times but didn't like it at all.
- *El pico (1983)*: Way better than Navajeros and has a cool message.
- *El pico 2 (1984)*: This one was interesting.
- *Scary Movie (2000):* Utter shit. But THC boosts movies.
- *Ali G Indahouase:* ???
- *The Godfather (1972):* Masterpiece
- *Lady Snowblood (1973):* I loved Kill Bill. I loved this even more.
- *The great lebowski:* Same as fear and loathing in las vegas.
** Videogames
Well, now I got a decent computer in which I can play games
decently. I have completed all the storyline of these games unless
stated otherwhise.
- *Borderlands 2:* One of my favorite games.
- *Borderlands: The Pre-sequel*: Still playing it
- *Milk (out|in)side a bag of milk (out|in)side a bag of milk*: Had a [[./img/funny.png][funny frame]]
** Anime
I'm not much of an anime watcher, but eh, sure. I'm including both
anime shows and movies in this section.
- *Serial Experiments Lain*: The anime is cool. I used to simp for Lain
but then I discovered I'm suragu, not a insecure, twitter user
- *Paranoia Agent*: I remember once a linguistics teacher I had told me
to watch this anime. I watched it and I really enjoyed it. A good
satire. I have keked big to this one.
- *Texhnolyze*: Made by the same guys that made Lain. But i enjoyed this
one more than Lain
- *Haibane Renmei*: Made by the same guy as Lain and Texhnolyze, this is
the only media that made me cry and i have 0 problems admitting it.
- *The curse of Kazuo Umezu*: I can't take gore animes seriously
because I analyze the situation, which makes me laugh
uncontrollably. Altough it was fun to watch.
- *Shoujo Tsubaki (1992)* : The thing stated above doesn't apply for this
one. This one is actually depressing.
- *Belladonna of Sadness (1973)*: Masterpiece. The Japanese version of
Pink Floyd's The Wall. Psychedelic, deep, and weird.
** Books
I know how to read
- *Neuromancer (1984)*: A drugaddict hacker needs to make money but he
can't work because he stole from his bosses.
** Music
This shit will never be complete.
- *Big Moe - City of Syrup*
- *bôa - Twilight*
- *CCR - Pendulum*
- *Chief Keef - Finally Rich*
- *Chief Keef - The Leek, Vol. 1:* Sounds like Korean Vaporwave
- *D.R.I. - Crossover* All songs are the same to be honest
- *D.R.I. - Thrash zone* Cool
- *DJ Screw - All screwed up Vol. II*
- *DJ Screw - 3 N The Mornin Part One*
- *DJ Screw - 3 N' The Mornin' Part Two*
- *DJ Screw - The Legend*
- *Dr. Octagon - Dr. Octagonecologyst*: Kool Keith is a genius.
- *Dr. DOOOM - First come, first served*
- *Denzel Curry - Melt my eyez see your future*
- *Envidia Kotxina - Asi en la tierra komo en el zielo+*
- *Gospel - The Moon is a Dead world*
- *Iron Maiden - Somewhere in time* My favorite album from these dudes
- *Kanye West - My Beautiful Dark Twisted Fantasy (2010)*
- *Kendrick Lamar - DAMN.*
- *Kendrick Lamar - Section.80*
- *Kendrick Lamar - good kid, m.A.A.d. city:* I listen to this album at night while doing stuff and I like it.
- *King Geedorah - Take me to your leader
- *Living Death - World neuroses* Its alright
- *MF DOOM - MM..FOOD*
- *Metallica - Kill em all*
- *Metallica - Ride the lighting*
- *Metallica - Master of Puppets*
- *Metallica - …And Justice for All*
- *Megadeth - Rust in peace*
- *Megadeth - Countdown to extinction*
- *Megadeth - Youthanasia*
- *MF Grimm - The hunt for the Gingerbread man:* Underrated.
- *Madvillain - Madvillany: Masterpiece.*
- *Makaveli - The Don Killuminati: The 7 Day Theory*
- *Neutral Milk Hotel - In the airplane over the sea:* Dude please learn how to sing.
- *Scattle - Backup*
- *Scattle - Visitors*
- *TOOL - Lateralus*
- *Viktor Vaughn - Vaudeville Villain*
- *Wu-Tang Clan - Enter the Wu-Tang*
- *Zabutom - Zeta force*
- *cLOUDEAD - cLOUDEAD*
- *deaths dynamic shroud.wmv - Ill try living like this*: Used to love it. Now it gives me anxiety.
- *smashing pumpkins - mellon collie and the infinite sadness:* My mother likes it
- *suicideboys - I want to die in new orleans + some of their EPs*
- *わたしのココ - カラダは正直:* I was told by my friend that this was noise, I thought noise was about making music breaking plates and stuff. Album was good.

482
openbsd.org Normal file
View File

@ -0,0 +1,482 @@
#+INCLUDE: "inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
#+TITLE: suragu.net - OpenBSD
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="css/styles.css"/>
#+EXPORT_FILE_NAME: openbsd.html
* Fear and Loathing in OpenBSD, or my experiences with OpenBSD
The other day I woke up and I thought "I'm going to migrate my server
to OpenBSD for absolutely no reason". And so I did. The operating
system have been a pain and a pleasure simultaneously, and in this
page I intend to give my experiences with it.
I will be updating this page as I have more experiences with
OpenBSD. So add this page to your booksmarks!
Last update. 2022-06-09
For questions or comments on this article feel free to reach me out at
teru-sama [at] riseup [dot] net
** Installation
The installation process was pretty straightforward, it was just
enter, enter, enter, altough I had to connect an ethernet cable for it
to download some necessary firmware (so I could use the network card)
and thus, the wireless connection.
** Setting up services
*** httpd(8)
The website you're in is the website I care the most, kill-9 can wait
because that's only a website in which i complain about
things. Complaining about everything is not good because in this life,
well, in Ozzy Osbourne words, "Learn how to love and forget how to
hate". So I'd rather focus on ebin.city and suragu.net for the
time.
OpenBSD ships with the =httpd= web server. A really simple and very
secure http server. The main config file is =/etc/httpd.conf= which
has a very simple, human readable syntax.
One of the features of this webserver is that chroots to a
directory. Meaning that, to the web server, anything before the given
directory (=/var/www= by default), does not exist. So if a vulnerability
is found, the attacker can't do much things, as the attacker can't go
beyond =/var/www=.
*** slowcgi(8)
OpenBSD comes out-of-the-box with a FastCGI implementation, which is
very simple to use. you only have to add =fastcgi= at the desired site
in =httpd.conf= . The following configuration file is enough to
execute CGI scripts.
#+begin_src conf-space
server "suragu.net" {
listen on * port 80
root "sites/suragu.net"
location "/*.cgi" {
fastcgi
root "sites/suragu.net"
}
}
#+end_src
But not so fast! Remember that httpd runs in a chroot? Well, your CGI
apps won't work by default, because the chroot lacks the binaries that
are necessary to execute the program. So if your CGI appliaction is a
perl script, you'll have to do something like =cp /usr/bin/perl
/var/www/bin=. If your Perl script uses third-party modules, you'll
have to copy them to anything that is in =@INC=, so
=/usr/var/www/usr/lib/perl5= or something like that. Also your chroot
will lack all the core utils. I just installed plan9port and copied
the files to =/var/www/bin=, which is more than enough.
As mentioned before. I haven't been able to setup werc in httpd. Not
sure why. I might try to reinstall it some other day. But I guess I'd
have to use another server to do that.
As of 2022-06-02 I got werc to werk under httpd. The config file is a
bit weird, but it worked. Altough I had to install an older werc
version because the most recent one had some issues. This is the
config that worked. Thanks to solene in IRC for the pattern!
#+begin_src conf-space
server "kill-9.xyz" {
alias "www.kill-9.xyz"
listen on 127.0.0.1 port 1340
listen on * tls port 443
tls {
certificate "/etc/ssl/kill9cert.pem"
key "/etc/ssl/kill9key.pem"
}
# If there's a dot in the URL (i.e. a file extension, don't run it as
# a CGI script.)
location match "%s*%.%s*" {
root "/werc/sites/kill-9.xyz"
no fastcgi
}
location match "/" {
fastcgi param SCRIPT_NAME "/werc/bin/werc.rc"
fastcgi param SCRIPT_FILENAME "/werc/bin/werc.rc"
fastcgi param DOCUMENT_ROOT "/werc/sites/kill-9.xyz"
}
root "/werc/sites/kill-9.xyz/"
}
#+end_src
And then I tried to install cgit. When clonning from httpd I got an
error I've never got before. Something like "Recieved HTTP/0.9 when
not allowed". I don't know what the hell =httpd(8)= meant by that. But
it was fixed by nuking the repos and pushing them again from
scratch. I guess it had something to do with file corruption. But you
have to be crazy on acid to think that sending HTTP/0.9 is a good way
to tell a file is corrupted.
*** Darknets
Not much difference from how you'd install Tor & I2P in a Linux
machine. Just install the tor and i2pd packages using =pkg_add(1)= and
configure them normally. I had to copy the old private keys from my
old machine to the new server. But that was not a big issue. I also
migrated from the classic I2P, written in Java to i2pd. Not because I
dislike the Java I2P, I think it is, along with Freenet, the only good
software written in Java. I just wanted to keep the server as light as
possible. And i2pd is way lighter than Java I2P.
** Programming in OpenBSD
OpenBSD claims to be the most secure UNIX out there. This is probably
true as it has much features, such as the W^X thing. Which means
memory can be written or executed, but not both. Basically an attacker
could not execute a buffer overflow attack. Because he can only
write. But not execute it. This thing was introdouced in 2003.
*** pledge(2)
OpenBSD takes security very seriously. This was the reason to be of
the =pledge()= syscall. Pledge does, as defined by the manpage:
"restrict system operations". This is the prototype:
=pledge(const char *promises, const char *execpromises);=
Check the manpage for the possible promises. This is a quick example:
#+begin_src c
#include <stdio.h> /* printf() */
#include <unistd.h> /* pledge() */
#include <sys/stat.h> /* chmod() */
int
main(void)
{
/* stdio promise allows basic input output operations. Check the
,* manpage for the syscalls this promise allows. */
pledge("stdio", "");
chmod("/etc/passwd",0644);
return 0;
/* This code will crash at runtime. the "stdio" promise doesn't
,* allow the chmod() syscall. */
}
#+end_src
Running that code will prodouce the following output:
#+begin_src sh
Abort trap (core dumped)
#+end_src
This is very useful, imagine that for example, some injects, somehow,
malicious code in your =cat(1)= program. Sending data to a remote
server. As cat didn't =pledge("inet",...)=, cat won't be able to
create a connection.
*** unveil(2)
I like this syscall more than =pledge(2)= according to the manpage:
"unveil parts of a restricted filesystem view" This means that, except
for the file specified in the =unveil()= calls, wont' exist for the
program. Consider the following code and its output:
#+begin_src c
#include <unistd.h> /* read(), write(), unveil() */
#include <fcntl.h> /* open() and flags */
#include <string.h> /* strerror() */
#include <errno.h> /* errno variable */
#include <stdio.h> /* fprintf() */
int
main(void)
{
/* This program can exclusively open /etc/httpd.conf for reading. */
unveil("/etc/httpd.conf","r");
/* This call disables further calls to unveil() */
unveil(NULL, NULL);
/* What happens if we try to open another file? */
int fd = open("/etc/passwd", O_RDONLY);
if(fd == -1) {
fprintf(stderr,"Error opening file: %s\n",
strerror(errno));
_exit(-1);
}
char buf[8192];
int bytes = read(fd, buf, 8192);
write(STDOUT_FILENO, buf, bytes);
return 0;
}
#+end_src
Output: =Error opening file: No such file or directory=
Yes, my /etc/passwd file exists.
*** perl(1)
Perl is the only scripting language that OpenBSD ships. And they have
their reasons you can read [[https://marc.info/?l=openbsd-misc&m=159041121804486&w=2][here]]. This means that Perl comes with
support for the OpenBSD weird features. This means that you can call
=pledge(2)= and =unveil(2)= from your Perl scripts! Here's an example
of that:
#+begin_src perl
#!/usr/bin/perl
# The syscalls come as modules, so you have to import them, the
# subroutines are exported by default.
use OpenBSD::Pledge;
use OpenBSD::Unveil;
# The manpage says that, without the "stdio" promise, perl is useless,
# so it is called by default no matter what you do.
pledge("inet rpath wpath unix"); # Some example promises...
unveil("/etc/httpd.conf","r");
unveil("/etc/pf.conf","r");
unveil(); # Restrict further calls to unveil()
#+end_src
*** strlcpy(3) and strlcat(3)
The well known =strncpy(3)= and =strncat(3)= functions copy no more
than =n= characters, but these functions are not guaranteed to add the
'\0' at the end of the string. =strlcpy(3)= and =strlcat(3)= guarante
that the string ends with '\0'
*** Makefiles
For some reasons, I wanted to rewrite the Makefile of one of my
programs. And I discovered that BSD make is much better than GNU
make. With GNU Make you have to declare pattern rules. And weird
syntax. And you have to write similar makefiles for each program. In
OpenBSD this is not necessary because makefile has some kind of
"templates". This is a perfectly working makefile, /with =clean= and
=install= targets/
#+begin_src makefile
PROG = sakisafecli
SRCS += funcs.c sakisafecli.c
MAN = sakisafecli.1 sakisafeclirc.5
LDADD = -lssl -lz -lpthread -lnghttp2 -lcurl -lconfig -lcrypto -L/usr/local/lib
CPPFLAGS = -I/usr/local/include
BINDIR=/usr/local/bin
.include <bsd.prog.mk>
#+end_src
This makefile also works in Linux, but using the =bmake= command
instead of =make=. It also works in FreeBSD but you'd have to repleace
CPPFLAGS with CFLAGS.
*** Libraries
OpenBSD, unlike every Linux distribution out there, thinks about
everyone. And when you download a library through the package manager,
it will install the shared objects (for dynamic linking), the header
files (which means, no -dev/-devel packages) AND the .a files. For
static linking!
** Software and the power it holds
OpenBSD comes with a lot of software that should be enough for your
normal tasks. But, it's not like OpenBSD grabbed some code and put it
in the code, no, they wrote their own versions of popular
software. And "ported" them to OpenBSD, so the software that comes
with the operating system uses the security features, they call
=pledge()=. and stuff like that.
*** mg(1)
This is a Emacs clone. For the people who, for any reason, can't (or
don't want) to run GNU Emacs. This clone is pretty complete, the only
thing it lacks, regarding emacs, is emacs lisp support and syntax
highlighting. But this is a good =nano(1)=, =ed(1)= or =vi(1)= repleacement.
*** signify(1)
GNU Privacy Guard is kinda heavy, and we don't have any other decent
OpenPGP implementation. This is the reason of why the OpenBSD devs
created =signify(1)=, a tool to cryptographically sign and verify
files and messages. And this is the way OpenBSD images are
verified. It's pretty simple to use:
#+begin_src shell-script
# Generate pub and sec key. They have to have the same name. Only
# changing the file extension
$ signify -G -c "raoul's signify key" -p raoul.pub -s raoul.sec
# Sign a file/message
$ echo "Hello world!" > message.txt
$ signify -S -s raoul.sec -m message.txt
# Verify file/message
$ signify -V -p raoul.pub -m message.txt
# Further examples in the manpage.
#+end_src
*** tmux(1)
Tmux, the legendary terminal multiplexer, that is way better than
screen, was initially developed for OpenBSD. I don't think I have to
talk a lot about tmux because everyone knows it. tmux in OpenBSD comes
with all the security features too.
*** doas(1)
This is a repleacement for sudo that has been developed by OpenBSD. it
has also emerged in the linux community. Altough it works best in
OpenBSD. I have some issues getting doas to work in Debian, but not in
Void Linux. doas is very simple to configure. No need to add yourself
to a group or anything like that. You can simply add this to
=/etc/doas.conf=
#+begin_src conf-space
permit nopass keepenv raoul as groq
# Allow user raoul to execute commands as groq. Keeping all the
# environment variables.
# raoul can't execute commands as any user that is not groq.
permit nopass keepenv qrog
# qrog can execute commands as any user.
#+end_src
*** openrsync(1)
Sometimes you want to syncronize files between your computers and
servers. And then you realize =cp(1)= is kinda bad for that and =tar=
isslow. Then you discover =rsync= and that just works. But this wasn't
the case for the OpenBSD guys, they wanted a rsync implementation
under the BSD license. So they wrote =[[http://openrsync.org][openrsync=]]. This works just like
rsync and, according to the manpage: "openrsync is compatible with
rsync protocol version 27 as supported by the samba.org implementation
of rsync". Meaning that if you don't have openrsync in other server,
it will just worke, and vice versa. This is an example of usage of
openrsync.
#+begin_src shell
openrsync --rsync-path=openrsync -av Xanopticon remote_server:/var/www/files/Music
#+end_src
As I don't have =rsync= installed in the remote server, but I have
=openrsync=, I specify that the path of =rsync= is =openrsync=. This
way it just works.
*** acme-client(1)
Today I recieved a mail telling me that the [[https://kill-9.xyz][kill -9]] certificate
expired. "Fuck's sake" --- I inmediatly thought. "I have to renew
it". But I was not going to install certbot in this OpenBSD server. So
I had to find a way. I remembered that OpenBSD ships with
=acme-client=. A program that helps you to generate your certificates
for TLS connections. And they can be signed with the Let's Encrypt
certificate authority. The config file is pretty simple and
intuitive. You can copy and paste it from
=/etc/examples/acme-client.conf= and only configure the revelant part
that would be your domain. In my case I have it like this:
#+begin_src conf-space
authority letsencrypt {
api url "https://acme-v02.api.letsencrypt.org/directory"
account key "/etc/acme/letsencrypt-privkey.pem"
}
domain suragu.net {
alternative names { "www.suragu.net", "files.suragu.net" }
domain key "/etc/ssl/suragu.key" ecdsa
domain full chain certificate "/etc/ssl/suragu.crt"
sign with letsencrypt
}
#+end_src
I used to use wildcard certificates. That were valid to any suragu.net
subdomain. But I couldn't make them work in =acme-client=. But as
=acme-client= is less of a pain in the ass than certbot. I can
certainly just modify the configuration file each time I create a new
subdomain. And that doesn't happen too often.
** Documentation
OpenBSD takes documentation very seriously. So seriously, if a manpage
is lacking in a sys util, it's considered a bug. So everything that
comes with your OpenBSD installation is very well documented. Config
files have their own manpages section, the section 5. so you can learn
how to write httpd config files by running =man httpd.conf= This is
something more developers should do. There's also the =/etc/examples=
directory which contains examples of most config files that you'd want
to setup. Those file are commented and everything. But =/etc/examples=
always lacks the config file I want or doesn't help at all.
** Backups
I am a self-proclaimed good sysadmin. This means I should be able to
do backups and restore them. Not gonna lie, before OpenBSD i haven't
had any backup. Though I have heard that you can do incremental
backups with =tar(1)=. I guess this could be useful. But OpenBSD comes
with it's features and things. These tools are =dump(8)= and
=restore(8)=. Those were a bit confusing to me until I learned how to
use them properly. You can read the manpages for [[https://man.openbsd.org/dump.8][=dump(8)=]] and
[[https://man.openbsd/restore.8][=restore(8)=]] which explains pretty well how to use the software. At
least that's what should have happened. Because it didn't. For some
reason OpenBSD insists in using tapes in 2022. So yeah, apparently the
-a flag is mandatory these days. You can use this command to backup a
directory, =/etc= in this case.
#+begin_src shell-script
# 0 means it is a level 0 backup. Next backup should be level 1, then
# 2... Read the manpage for more details.
$ doas dump -0uaf backup_etc.dump /etc
#+end_src
This will take some time depending how big the directory is. =/etc= is
usually not too big so this example will not take a lot of time.
After 1 hour of wondering why my backup wasn't working, i discovered
that =restore(8)= takes everything as relative paths. Meaning that it
will restore to the directory you're in, so if you do =restore
-xfbackup_etc.dump /etc/httpd.conf=, it will restore it to
=$PWD/etc/httpd.conf=, not to =/etc/httpd.conf=. So you should cd to /
when restoring backups, something like this:
#+begin_src sh
cd /
restore -xf /var/backups/backup_etc.dump /etc/
#+end_src
** Network
First I tried to use the wifi card my computer came with. But for some
reason it kept sayin =wpi0: device timeout=. Leaving my computer
without connection. So I had to connect the Ethernet cable. And I
thought that that would solve the connection problem. But today I woke
up and my computer did not have internet connection. But it had LAN
connection. Not sure what happened. And well, that's the reason of why
my site was down. I'll try to fix it.
*** Firewall
OpenBSD comes with a firewall, called pf, which stands for Packet
Filter. As every other software developed by OpenBSD, it uses its
simple config file.
I used the firewall to deny ssh requests from every IP address except
my local network (that is, 192.168.0.0/16) and from my static IPv6
address.
At first the rules were not working for the IPv6 address, because I
don't have IPv6 at home, I use a WireGuard interface for that for
that, and pf didn't know that. So I had to specify that those rules
should also apply to the wireguard interface, like this:
=pass in on {egress wg0} ...=
And that just worked.
Yiou can also limit the connection of an user. For example, the
following line will disable all the connection for the user 'groq':
#+begin_src conf-space
# Block outcoming connections to user raoul.
block return out proto {tcp udp} user raoul
# Block incoming connection to user raoul. Not sure how useful this is.
block return in proto {tcp udp} user raoul
#+end_Src
And I've also added some IP addresses that have tried to exploit,
ehem, WordPress vulnerabilities in my webserver. I added them to a
file, =/etc/spammers=. And used a =pf(8)= feature to block all of
them. And I also wanted that ssh would be disabled for everyone except
for the machines in the Local Area Network. So only people in my
network could ssh to my server. pf.conf has a very readable syntax,
which makes this very easy:
#+begin_src conf-space
# Good/Dreaded IP ranges
table <localnet> const { 192.168.0.0/16 }
table <spammers> const file "/etc/spammers"
# Block spammers requests to the server. Also requests to spammers.
block in on { egress wg0 } from <spammers> to any
# Allow SSH access from the LAN
block return in log proto tcp from any to port ssh pass in on egress
proto tcp from <localnet> to port 22
#+end_src

61
tech_posts/brotli_in_openbsd_http.org Normal file
View File

@ -0,0 +1,61 @@
#+INCLUDE: "../inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
#+TITLE: suragu.net - Brotli in OpenBSD's httpd
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
#+EXPORT_FILE_NAME: index.xhtml
* Brotli in OpenBSD's httpd
The modern web is heavy. My website is not heavy, but I still wanted
to add compression because why not. Fortunately, compression
algorithms exists. Some web servers send compressed versions of the
file they serve, to serve bandwith, or to make the site load
faster. There are other methods to serve bandwith like minimized CSS,
HTML and JavaScript. But I think we can all agree that using a
compression algorithm is a better way to accomplish this.
The main compression algorithm supported by browsers (and web servers)
is gzip. A compression algorithm that has been with us
since 1992. It's kinda old, but still serves its purpose pretty
well. Especially when you use all of its power with the =-9=
flag. Which compresses the file way better. At the cost of slower
speed of compression and decompression. But this isn't a big problem
since the client isn't receiving large files, like more than 100MBs,
the client is receiving HTMl, CSS and maybe JavaScript. Not binary
files (compression is kinda counterproducent with binary files).
The OpenBSD httpd comes with the =gzip-static= option, you just add it
wherever inside a =server= block in your httpd.conf. Then you =cd= to
your webroot and run this command: =gzip -9k *.html=
=-9= was explained before. And =-k= tells gzip not to delete the files
after they have been compressed. As =gzip= deletes the original
file. keeping only the =.gz= file.
This should be enough for most scenarios. gzip compresses files really
well. But I wanted more. So I made some changes to the httpd source
code to add brotli support.
At first. I wanted to add zstd support to httpd. And when I had
everything done. curl was receiving the zstd files instead of the
original files, I realized that browsers do not (yet) have zstd
support. So I decided to use brotli instead. It wasn't that difficult
to accomplish as I already wrote the hard part. I only had to replace
"zstd" with "br".
This isn't done automatically. If you currently have =gzip-static= on your httpd
configuration. You must replace it with =br-static=. And then you have
to remove all the =.gz= files in your webroot (as they aren't needed
anymore). Then you can read the =brotli= manpage to learn how to use
brotli. But I wanted maximum compression. So this command was enough:
=brotli --max --keep *.xhtml=.
[[../img/brotli_httpd.png]]
You can download the patch [[https://ls.raoul11.net/files/KbQBFQat/brotli.patch][here]].

211
tech_posts/bsd_make.org Normal file
View File

@ -0,0 +1,211 @@
#+INCLUDE: "../inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
#+options: ^:{}
#+TITLE: SURAGU - Using BSD make
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
* Using BSD make for your (small) project
For questions or comments on this article feel free to reach me out at
teru-sama [at] riseup [dot] net.
Alright, so you wrote your software! Bad news kid, now you have to
compile it! Worse than that, you have to make that the compilation is
not a pain in the ass so more people can actually use your software!
Thankfully, developers thought about on the unbearable pain of
compiling software, and thus =make= was born. =make=, A =makefile= is
a set of instructions that tells the software =make= how to compile
the software. Being honest, if you're in this website you already know
what =make= is.
BSD Make (also called =bmake=) comes with interesting features that
make writing makefiles easier. As it comes with some kind of templates
that will surely help you at the time of writing the makefile, bsd
makefiles tend to be readable and easily editable. Consider this
source tree. I am adding libcurl to this example to add some
"complexity" to the makefile.
main.c:
#+begin_src c -n -r
#include <stdio.h>
/* Not gonna create an header file for a simple makefile
,* example.... */
void
get_url(const char *s);
int
main(void)
{
puts("getting suragu.net...");
get_url("suragu.net");
}
#+end_src
geturl.c:
#+begin_src c +n
#include <curl/curl.h>
void
get_url(const char *s)
{
CURL *curl = curl_easy_init();
curl_easy_setopt(curl,CURLOPT_URL,s);
curl_easy_setopt(curl,CURLOPT_WRITEDATA,stdout);
curl_easy_perform(curl);
curl_easy_cleanup(curl);
}
#+end_src
This, the traditional Makefile would look a bit like this:
Makefile:
#+begin_src makefile -n -r
CC ?= cc
LDFLAGS = `pkg-config --cflags --libs libcurl`
OBJS = main.o geturl.o
TARGET = geturl
# Link the thing
all: $(OBJS)
$(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) -o $(TARGET)
# Compile all source code to object files
%.o : %.c
$(CC) -c $(CFLAGS) $< -o $@
.PHONY clean
clean:
rm *.o $(TARGET)
#+end_src
Typing =make= will result on a working makefile, the makefile will
compile the software as expected and not much else would happen. The
software also works as expected, however, in my opinion =make= syntax
makes 0 sense and it could be improved. Fortunately, this can be
solved using the BSD make templates. Consider the following Makefile:
Makefile:
#+begin_src makefile -n -r
PROG = geturl
SRCS = main.c geturl.c
LDADD != ${PREFIX}/bin/pkg-config --cflags --libs libcurl
MAN =
.include <bsd.prog.mk>
#+end_src
If you're in Linux, you might have to install =bmake=, which is a port
of NetBSD make, it is more likely in your distro's repositories. To
run that Makefile, just type =bmake=, and magic will happen. But let's
explain it
PROG is like the target, is what the template uses to get the
resulting binary. If SRCS is empty, bmake will just compile
=progname.c=.
=SRCS= are the sources files you want to compile. And =LDADD= are the
flags you want to pass to the linker, notice that in this case I used
!= instead of \=, this is because when you want to assign the output of
a comman in BSD make, you have to do !=, you can't do =SRCS =
`pkg-config ...`= because it won't work.
the =.include <bsd.prog.mk>= line makes all the magic possible. It is
the template, and then you pass all the variables you defined before
to that template, so the =.include= directive must be at the very
bottom of the Makefile.
Also, this simple makefiles comes with all the rules someone would
like. "bmake clean" works, so does "bmake install".
Notice how there isn't "CFLAGS" in this makefile, this is because, if
you want to add any CFLAG, you can do it this way, and BSD make will
understand:
#+begin_src shell -n -r
sukamu@wakaran ~/docs/xdd $ bmake CFLAGS="-O2 -pipe -Wall -pedantic"
cc -pipe -O2 -pipe -Wall -pedantic -c main.c
cc -pipe -O2 -pipe -Wall -pedantic -c geturl.c
cc -pipe -o geturl main.o geturl.o -lcurl
#+end_src
You can specify default CFLAGS in the Makefile, but when adding CFLAGS
in the command line, those will be overwritten.
** Compilation options using BSD make
configure scripts have their weird defined optins, such as
=--enable-xxx= or =--disable-xxx=, which enables or disables features
in the software you're compiling. This can be also be done with BSD
make and =CFLAGS= To do this you only have to use the simple Make
conditionals. Consider the following C source code:
#+begin_src c -n -r
#include <stdio.h>
int main(void) {
#ifdef USE_OPTION
puts("This is a string that will only be printed if use-option is enabled at compile time.");
#endif
puts("Hello world!");
return 0;
}
#+end_src
#+begin_src makefile -n -r
PROG = option
SRCS = main.c
LDADD != ${PREFIX}/bin/pkg-config --cflags --libs libcurl
MAN =
# Compilation options
use-option = "no"
.if "${use-option}" == "yes"
CFLAGS +="-DUSE_OPTION"
.endif
.include <bsd.prog.mk>
#+end_src
If you compile normally, nothing weird would happen:
#+begin_src shell-script -n -r
diego@sukamu ~/xdxd $ make
cc -pipe -g -MD -c main.c
cc -pipe -o option main.o -lcurl
diego@sukamu ~/xdxd $ make
Hello world!
#+end_src
Now, let's recompile with =use-option=yes=.
#+begin_src shell-script -n -r
diego@sukamu ~/xdxd $ bmake use-option=yes
cc -pipe -g "-DUSE_OPTION" -MD -c main.c
cc -pipe -o option main.o -lcurl
diego@sukamu ~/xdxd $ ./option
This is a string that will only be printed if use-option is enabled at compile time.
Hello world!
#+end_src
So, if you add ="use-option=yes"= to the make flags, the Makefile will
add the required CFLAGS to enable the compile time option.
** Conclusion
BSD make is great for both small and big projects. And maybe more sane
than other alternatives, as doesn't require you to write a lot of
stuff just to build your project. BSD Make is a build system made for
lazy people. And lazy people always come with the simplest solutions.

12
tech_posts/coreboot_x220.org Normal file
View File

@ -0,0 +1,12 @@
#+INCLUDE: "../inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
#+TITLE: suragu.net - Coreboot in a x220
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
#+EXPORT_FILE_NAME: coreboot_x220.html
* The memories of a corebooter

177
tech_posts/fear_and_loathing_in_artix.org Normal file
View File

@ -0,0 +1,177 @@
#+INCLUDE: "../inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
#+options: ^:{}
#+TITLE: suragu.net - Fear and loathing in Linux
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
* Fear and loathing in Linux (Or BSD user tries Linux)
If you enjoy this article, please consider donating:
https://liberapay.com/raoul11. For questions or comments on this
article feel free to reach me out at teru-sama [at] riseup [dot] net.
One day I said "I want to die with FreeBSD installed", and I still do,
FreeBSD is a marvellous operating system that should be the final word
in operating systems. Sadly the other day when I bought a new computer
they pranked me very well because the network card this computer came
with is not supported in the current stable version of
FreeBSD. "Father, into your hands I commend my spirit, father, into
your hands, why have you forsaken me?" I said, but after some searches
I find that this network card WILL be supported and you can test the
driver in the -CURRENT branch of FreeBSD, I didn't thought -CURRENT
would be much of a pain, knowing I come from "bleeding edge" Linux
distributions. So I installed FreeBSD 14.0, the thing worked but when
I tried to install the required modules for xorg to work it didn't
work. And that's all they had to say. I want a stable system. Not
that.
Some time ago, when I published my [[./freebsd_as_desktop.html][FreeBSD as desktop]] blog post, I got
a comment in Hacker News (or lobsters, can't remember) that told me
that I was making clickbait because the experience was good. And the
title promised "Fear and loathing". Well, this one does have fear and
loathing.
So my first try was the old reliable. Void Linux, a distro that has
never failed me. Until yesterday, because when you come from BSD, you
know what's wrong with Linux.
Despite Xfce focuses on Linux operating systems and the BSD support
could be a lot better, because it sometimes can't tell the difference
between oss and pulse audio, or the microphone doesn't work, or other
kinds, doing trivial things was a lot easier on FreeBSD than in Void
Linux, but that's okay. I can with it, i've had worse things in my
life. So I could configure it. Then I wanted to install some packages
for void installation in which I could use my beloved [[https://git.raoul11.net/sakisafe.git][sakisafecli]]. But
when I installed it I found out what was wrong with Linux.
So i tried to run =bmake= in linux (BSD make is much better than GNU
make and should cover some trivial makefiles). And it started to give
errors, like curl.h is not found. And this is when a BSD user will
cause the Fall of Rome. In BSD operating systems, there are not
=-devel= (or -dev) packages. So when you install libfoo you install
the shared objects (.so files), the header files (the thing in
/usr/local/include) and sometimes the .a files for static linking
(which is something Linux distributions should also do). I don't think
it's very arguable that it is possitive to include the header files in
the same package. Because they're just text files that won't take a
lot of space. Maybe this is normal for some kind of devices, but if
you install arch linux or void in a amd64 machine i don't think you
care a lot about space.
That was the moment in which I remembered that one day a friend of my
told me that arch linux doesn't have -devel packages. And that was
enough for me to install Artix Linux, I don't even know what init
system I'm using.
Let the _fear and loathing_ begin.
** Operation: filesystem
The state of ZFS in Linux is quite commedic because OpenZFS is under
the CCLD and Linux is on the GPL and CCDL is incompatible with the
GPL. So because of the GPL we can't have ZFS endorsed by the kernel on
Linux systems. Just because the GPL, I don't think it's pretty good
that a so-called "free" software license tells you that you *must*
share your changes. And I think it's pretty idiotic that, because a
License, they can't add a sequence of ASCII characters to a kernel.
It was pretty funny because one day I found this message regarding
btrfs on FreeBSD on the forums:
[[../img/freebsd_user_on_btrfs.png]]
When I was installing Artix and it was part to create the partitions,
I audibly chuckled, and I selected btrfs as my file system. And began
using btrfs because I'm always open to try new things.
As mentioned before, the state of ZFS on Linux is commedic, because of
differences between Artix and Arch, I couldn't install the 3rdparty
zfs module from the AUR, so I had to compile OpenZFS code myself. This
wasn't much of a problem.
Meanwhile, I also looked for "artix zfs" in my search engine and I
found this blog post that was funny to me because it's like the
counter part of the other post:
[[../img/btrfs_better_than_zfs.png]]
So well, installing ZFS from source wasn't much of a problem. After
building and installing it =modprobe zfs= just worked and I could
mount my pools just fine. And thus, restoring my data. so no big
problem there.
I wanted to try btrfs features because I am curious, and apparently
btrfs is "zfs for linux", so i wanted to try its features
Our man break19 was right, because if I want to add compression
to my storage devices I have to do some weird stuff in the fstab, and
that's too much, i prefer the old good "zfs set compression=gzip
zroot" rather than editing that file. I also can't play with btrfs
subvolumes or snapshots because the btrfs command line utility is
horrible and I haven't figured anything out.
** Package management and the power it holds
Different commands. Same shit, the only package managers that has
innovated in something are GNU Guix and Nix, but I don't think there
is much difference between =pkg= and =pacman=.
What is true is that =pacman= has a syntax that sucks, for example. in
FreeBSD you'd do =pkg install emacs=, while with Artix you do =pacman
-S emacs=, like I know what -S means, and apparently "pacman -Ss" is
better than "pacman search", so i prefer FreeBSD package manager.
But what was funny to me is that when I installed =clang=, pacman
notified me that also =gcc= will be installed. I thought this was very
curious so I asked in the artix IRC channel, the answer frightened me:
#+begin_src text
<raoul> | Hello, nice operating system and all, but I have a question
why does clang depends on gcc
<Dudemanguy> | it's because clang uses the standard library provided by gcc
most linux distros are like this
#+end_src
As a computer user I tell you, that no big problem. But as a BSD user
I ask "why"?
I didn't know it, but pacman is very fast. It downloads things in
parallel and uses zstd, a fast compressing/decompressing software for
compression, so I have no issues with pacman's speed. It is pretty
fine.
When I did some research on why I couldn't install wine in Artix linux
I found out that my packages are being maintained by people with anime
profile pictures. And I also discovered that, for some reason, they
wanted to split all the repositories in separate repositories. Not
sure why, they have like 5 repositories for everything. I can
understand separating repositories with free/non-free software. But
here they don't even do that. They're just making thing more complex
for people who just want to install packages. In BSD this didn't
happen as the main repo had all the 30k packages someone would ever
need. And this operating system lacks packages. I had to build
=cmusfm= myself.
** Desktop
I hate to say it but Artix was less of a pain to setup as a desktop
than FreeBSD, this is because the installation was made with Calamares
installer. So I didn't had to install Xorg and configure manually, the
installer did all that for me. This wasn't the case in FreeBSD in
which I had to configure Xorg manually. And this is appreciated. The
Xfce setup just worked. And I bothered on ricing it like Windows XP
because I live in the past. Some people ask me why I riced it why XP,
the reason is because I can and I wanted.
I have 0 reasons to complain about Linux in this case. So I just
won't.
** Conclusion
If you haven't tried a BSD operating system. Don't, you'll get hooked to
it and if you ever have to come back to Linux, you'll find yourself
prefering to get a castration than installing Linux, because when you
learn how BSD works, and its awesome features, the development
philosophy (focusing in making a great operating system instead of
focusing in a weird definition of freedom), you start to know why
linux sucks.

298
tech_posts/freebsd_as_desktop.org Normal file
View File

@ -0,0 +1,298 @@
#+INCLUDE: "../inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
#+options: ^:{}
#+TITLE: suragu.net - Fear and loathing in FreeBSD
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
* Fear and loathing in FreeBSD, or raoul's experiences with FreeBSD
** Introduction
Not so long ago I wrote [[../openbsd.xhtml][my experiences with OpenBSD]]. This post was
about my experiences with OpenBSD but as a server, not as
desktop. Using an operating system as a desktop is completly
different than using it as a server.
One day I thought "damn, Linux sucks! But I have to use this because
the developer of the browser that I use is an asshole!". And had to
stick to Linux for a while. But then another day I thought "Hmm,
FreeBSD claims to run Linux binaries better than Linux, let's give it
a try". Good operating systems have to sell themselves some
way. And that claim worked for me. So I went to FreeBSD.org, clicked
the big yellow button that says "Download FreeBSD" and downloaded the
memstick image for amd64 because that's what my computer runs.
I will be updating this site as I have more experiences with
FreeBSD. So add to bookmarks!
Last update: 2022-06-21
** Installation
The installation was pretty straight forward. I don't think people can
get lost in this. I just selected ZFS as my file system (more on that
later). And I don't remember much other things in the
installation. And as I forgot them. I don't think they are worth
mentioning.
** Networking
I want to connect to the internet because, among other reasons, I have
a website, electronic mail and I like to talk to internet people
sometimes.
*** Wireless connection
Sadly I no longer have the router in my room so I can't use an
ethernet cable. So I have to use the dreaded wireless card. I was very
surprised when I found out that FreeBSD supports this Atheros card.
so I don't have to open the computer and put an Intel one. For the
network card to work, I only had to modify the kernel booting
process. Sounds very hard but it is just editing
=/boot/loader.conf/)=. I added the following lines to use the =ath=
driver:
#+begin_src shell-script
if_ath_load="YES"
if_ath_pci_load="YES"
#+end_src
Then, in =/etc/rc.conf= (we will talk about it later)
#+begin_src shell-script
wlans_ath0="wlan0"
ifconfig_wlan0="up"
ifconfig_wlan0="WPA DHCP"
#+end_src
That will automatically start =wpa_supplicant= and use DHCP to get an
IP address
*** DNS server
Normally for resolving domains you'd use a server like 8.8.8.8,
1.1.1.1 or 192.168.1.1. But I thought using local_unbound would be a
good idea for this, as if i'm my own DNS resolver, I can choose what
to resolve and what not to. I followed [[https://vermaden.wordpress.com/2020/11/18/unbound-dns-blacklist/][this guide]] to configure
local_unbound, with some block lists. And I also modified
/etc/dhclient.conf to use =127.0.0.1= as default DNS server. I did not
setup a fallback DNS server because if my computer is up, unbound is
up as well. So I don't really need a fallback DNS server.
#+begin_src conf
interface "wlan0" {
append domain-name-servers 127.0.0.1;
}
#+end_src
** Making the fresh installed system a desktop.
I'm no longer a Linux user. Now I am a BSD user. As such I must be
aware about this "X11" thing. So I had to install the =xorg=
package. FreeBSD comes with a binary package manager called =pkg=. We
will talk more about this in the packages section. I just had to run
=# pkg install xorg=. Add the user =raoul= to the =video= group and
configure my =.xinitrc= so everytime i run =startx=, =bspwm= is
started.
I had to add i915kms_load="YES" to =/boot/loader.conf). Which is the
driver for Intel integrated graphics cards. Or something like that.
As mentioned before. I had to modify my .xinitrc (something that as a
former Linux user I have never done because I always used lxdm as
display manager. But as FreeBSD doesn't have lxdm available I had to
get alternatives). My .xinitrc looks like this:
#+begin_src shell-script
dunst&
xrdb .Xdefaults&
compton&
xset r rate 300 50&
feh --bg-fill ~/.wall.png
sxhkd
exec bspwm
#+end_src
With that =.xinitrc=, running =startx= just works.
** Package management
FreeBSD comes with 2 options to install packages: binary-based
packages and port-based packages which installs packages compiling
them from source code.
*** Binary package management
I installed an operating system because I wanted to use it. And it is
impossible to use an operating system if you cannot install software
in it. Fortunately, FreeBSD comes with a package manager called =pkg=,
a very original name for a package manager. It is simple to use,
and blazing fast. I would say it is faster, or at least as fast as
=xbps=, the fastest package manager I know. Using it is utter simple,
here are some examples:
#+begin_src shell-script
# All these commands must be run as root.
# Install the package "emacs"
pkg install emacs
# Deinstall the package "emacs"
pkg remove emacs
# Remove all the unneeded dependencies
pkg autoremove
# List all packages that contain "edit" in its name
pkg search edit
# List all packages that contain "editor" in its comment
pkg search -S comment editor
#+end_src
Unfortunately, =pkg= comes with insane defaults. You have to type
'y' and then 'enter' to confirm you want to install a package. As
=pkg= defaults to "No". I guess this is a security feature for some
users. But as I'm too lazy to press the 'Y' key, and I'd rather just
to press enter, I edited =/usr/local/etc/pkg.conf= and added the
following content:
#+begin_src conf
# I don't want to press 'Y' everytime.
DEFAULT_ALWAYS_YES=yes
AUTOCLEAN=yes
IP_VERSION=4
# I don't want to wait to upgrade a package. I'll update my system
# only when I want :)
REPO_AUTOUPDATE=no
#+end_src
*** Source package management
Sadly I can't talk a lot about this one because I have a overheated
machine and if I compiled something in this computer we would have the
biggest destruction known to civilized man since 476 A.D.
But I can compile small software without a lot of problem.
First you have to get the port collection if you didn't do it in the
installer with the following command:
=# portsnap fetch extract=
Which will, fetch the port collection and extract them in
=/usr/ports=. These ports are just a collection of Makefiles. Which
will download and build the source code from you. These makefiles are
kinda easy to work with, and also to write. As i'm the maintainer for
some FreeBSD packages :)
You can also configure which CFLAGS you want *by default*. Just edit
the =/etc/make.conf= file. Mine looks like this:
#+begin_src conf
CFLAGS+= -O2 -pipe -march=native -mtune=native
DEVELOPER=yes
MAKE_JOBS_UNSAFE=yes
#+end_src
** Linux emulation
As I mentioned before, what was keeping me at the Linux hell was the
Web Browser known as Pale Moon. I followed [[https://docs.freebsd.org/en/books/handbook/linuxemu/][the guide]] to run Linux
software in FreeBSD. Downloaded Pale Moon, and after installing a few
dependencies, yup, it worked just like if I was using it in Linux.
Then I =rm -rf palemoon= and moved to firefox. Don't really know why.
** Multimedia
This was kind of a pain, =oss= didn't want to work for undisclosed
reasons. Too lazy to install sndio. So I went the easy way and just
installed pulseaudio. Call me what you will. But I want to listen to
Madvillain, not say "I DON'T USE PULSEAUDIO" in the internet. I use
=cmus= as my music player. The binary distribution of cmus comes with
the PulseAudio plugin disabled so I had to install it from the ports
system.
mpv and audio in FireFox just worked.
** ZFS
After years of using UFS, it was time for a change. ZFS was
introdouced experimentally in FreeBSD 7. And in the latest version, it
is the default filesystem. This filesystem is, described by itself as
"The last word in file system" That makes sense to me. They are not
going to say it's a bad filesystem if they want people to use it. And
if i'm using a filesystem that takes most of my RAM, it should be good
at least. And, yes, ZFS is good.
*** Pools and storage
"A storage pool is the most basic building block of ZFS. A pool
consists of one or more vdevs, the underlying devices that store the
data.". I don't understand any of that. But a pool must be created to
create your filesystems (datasets) and volumes. In the default
installation, the dataset is called "zroot".
These "file systems" are similar to partitions. It is mounted wherever
you want and has its own metadata.
*** Creating and configuring datasets
My friend Endemic has a lot of media that must be stored, he has lost
media, music from bands no one has ever heard of and soviet movies and
obscure breakcore. This kind of media has to be archived and zfs does
a great work creating that. ZFS has also a compression feature,
supporting a lot of compression algorithms.
So to create the zpool that I want to be mounted in /storage, I ran
the following commands (as root)
#+begin_src shell-script
# Create the pool storage in the /dev/da0 device, which is an external
# hard drive
zpool create storage /dev/da0
# Set zstd-9 compression in the pool.
zfs set compression=zstd-9 storage
#+end_src
And that's it. Then when you copy big files to /storage they will be
compressed. And as our CPU is fast and zstd uses a fast algorithm, you
probably won't notice that you're actually compressing and
decompressing files all the time. Which is good. You can also use
zstd-19 as compression, which redouce the filesize of everything by a
lot. But this has a drawback, quoting from the [[https://docs.freebsd.org/en/books/handbook/zfs/index.html][FreeBSD ZFS reference]]:
#+begin_quote
ZFS offers 19 levels of Zstd compression, each offering
incrementally more space savings in exchange for slower
compression. The default level is zstd-3 and offers greater
compression than LZ4 without being much slower. Levels above 10
require large amounts of memory to compress each block and systems
with less than 16 GB of RAM should not use them. ZFS uses a selection
of the Zstd_fast_ levels also, which get correspondingly faster but
supports lower compression ratios. ZFS supports zstd-fast-1 through
zstd-fast-10, zstd-fast-20 through zstd-fast-100 in increments of 10,
and zstd-fast-500 and zstd-fast-1000 which provide minimal
compression, but offer high performance.
#+end_quote
And as I use a ThinkPad in which I didn't even bother on adding more
RAM. I use zstd-9. Which compresses the files somehow good. You can
see the stats with =zfs get used,compressratio,compression,logicalused
dataset=.
#+begin_src
zroot used 64.1G -
zroot compressratio 1.15x -
zroot compression zstd-9 local
zroot logicalused 66.1G -
#+end_src
Used is the revelant to the filesystem size. And logicalused is the
size the filesystem would have without compression. So this means I
have saved 2GBs thanks to zstd-9. I do not feel any performance difference.
*** Snapshots
We all fuck it sometime. And that is okay. What is not okay is to lose
data. ZFS contains a tool to create snapshots of a dataset. Which are
basically backups that restore your filesystem to a certain
point. These are very useful to recover lost data. You can create a
backup of your =home= partition like this:
#+begin_src shell-script
zfs snapshot zroot/usr/home@(date +%F)
#+end_src
After creating the snapshot and completly trusting ZFS, i ran rm -rf
~/*. Which nuked my home directory and everything in it. Then I ran
=zfs rollback zroot/usr/home@2022-06-18= and it was restored. Like
nothing ever happened. According to the FreeBSD reference, snapshots
can take a lot of disk space so you should delete them as they're no
longer needed.
*** Other features
ZFS has features like incremental backups, encryption, RAIDS, but I
haven't tried them.
** Jails
TODO

28
tech_posts/index.org Normal file
View File

@ -0,0 +1,28 @@
#+INCLUDE: "../inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil ^:nil
#+TITLE: suragu.net - Tech posts
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
#+EXPORT_FILE_NAME: index.html
* suragu.net tech posts
I have a [[../blog/][blog]], but I to keep it to very weird things that come to my
mind that don't require text formatting, images, or anything that is
not plain text.
The intention of this section of my website is to make a space for all
the weird things that are related with tech. Which mostly always
require formatting like syntax highlighting, images, or monospaced
text. So I decided to create this section for the tech related posts.
These articles are sorted from oldest to newest.
1. [[./org_mode_as_ssg.html][org-mode as static site generator]]
2. [[./freebsd_as_desktop.html][raoul's experiences with FreeBSD as desktop.]]
3. [[./brotli_in_openbsd_http.html][brotli in OpenBSD's httpd.]]
4. [[./fear_and_loathing_in_artix.html][Fear and Loathing in Artix (or BSD user tries Linux)]]
5. [[./bsd_make.html][Using BSD make as build system]]
6. [[./modern_perl.html][Perl in CURRENT_YEAR]]

214
tech_posts/modern_perl.org Normal file
View File

@ -0,0 +1,214 @@
#+INCLUDE: "../inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil ^:nil
#+TITLE: suragu.net - Perl in CURRENT_YEAR
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
#+EXPORT_FILE_NAME: modern_perl.html
* Perl in CURRENT_YEAR
Perl is a programming language that will always live deep into my
heart. It was the first programming language I can say I
mastered. But it's sad that not even God uses this programming
language anymore. It's a great programming language, it has evolved in
the latest years, so much that it even looks like a modern programming
language. Some of the stupid design of perl has been fixed.
It is known by everyone that the perl Syntax sucks. It makes 0 sense,
at least for learners. Experimented perl programmers no longer fear
anything.
For comments or questions on this post, email me at sukamu at riseup
dot net.
** Function prototypes
Perl always lacked function signatures (prototypes), the way you
passed arguments to a function in perl was horrible, it is like
functions in bash:
#+begin_src perl -n
sub sum() {
my ($x, $y) = @_;
return $x + $y;
}
print sum(3, 4); # Prints 7
#+end_src
You define the function parameters inside the function, just like in
bash. This is, in my opinion, horrible, but since perl 5.36, you can
have function signatures, to use perl's new features, you have to
specify the version of perl you want to use, to do this just use the
=use= keyword.
#+begin_src perl -n
use v5.36;
sub sum($x, $y) {
return $x + $y;
}
say sum(4, 5); # prints 9, and adds a newline.
#+end_src
The function signature feature was added in Perl v5.20, but it started
to be considered stable at v5.36. There is also this new "say"
function that is just like =print= but adds a =newline= at the end of
the line, like python's =print= or C's =puts()=. These features were
inhereted from Raku.
** Try/Catch
Perl added an experimental Try/Catch blocks in v5.34. These are still
considered experimental as of v5.36. But you can still use them. The
=try/catch= (also =finally= if you're using v5.36) works like any
other programming language that has try/catch blocks. As this feature
is still experimental and should not be used seriously, you have to
specify that you want to use the experimental feature ='try'=:
#+begin_src perl -n
use v5.36;
use strict;
use warnings;
use experimental 'try';
sub attempt() {
say "I'm doing something!";
die "Goodbye cruel world";
return 42;
}
try {
my $x = attempt();
} catch($e) {
say "Exception: $e";
} finally {
say "Finished";
}
#+end_src
And the thing does exactly that, the script dies inside the =try=
block, so it's passed to the =catch= block as an exception. And
finally, the =finally= block is executed.
** the =isa= operator
The isa operator tests whether an object has a instance of a certain
class, in non-object programming slang, it just checks the type of a
variable. The =isa= operator was introdouced as an experimental
feature in perl v5.34.0 and was no longer considered experimental in
the current v5.36.0.
#+begin_src perl -n
#!/usr/bin/perl
use v5.36;
use LWP::UserAgent;
my $ua = LWP::UserAgent->new;
if ($ua isa LWP::UserAgent ) {
say "LWP::UserAgent object instanced successfully";
} else {
die "something that should not have happened happened.";
}
#+end_src
Before this operator, you had to use the =ref= function and string
checker to accomplish the same thing, like this;
#+begin_src perl -n
use LWP::UserAgent;
my $ua = LWP::UserAgent->new;
if(ref($ua) eq "LWP::UserAgent") {
# Do stuff...
} else {
# Do stuff when failed.
}
#+end_src
Which clearly makes a difference at the moment of reading and writing
new code.
** The defer block
This is a feature that others programming languages have, C++ calls it
RAII, there are plans to add it to the next version of the C
programming language, also golang has the defer block. Thing is that
in perl it works like this:
#+begin_src perl -n
#!/usr/bin/perl
use v5.36;
use experimental 'defer';
my $x = 0;
{
$x = (2^31)-1;
defer {
say "The block has finished it's execution";
$x = 0;
};
say "Let's pretend i'm doing stuff...";
say "x value: $x";
}
say "x value: $x";
#+end_src
Simillary to =try/catch=, this function is experimental and should not
be used in production. Or use it if you want. But don't blame the perl
devs if something breaks (which, honestly, I doubt that your system
will break because of an experimental feature. Just don't abuse it or
use it in very weird ways and you'll be fine).
** builtin values
=builtin= is a new core module that shipts with perl v5.36. This
package are plains function and behave like user defined
cuntions. They do not provide any special thing you have never seen in
perl before. But they're still good to have, as they help to make the
code more easy to write and read. These functions are also
experimental so be careful at the moment of using them.
#+begin_src perl -n
use v5.36;
use experimental 'builtin';
use builtin qw(true false is_bool trim
reftype created_as_string
created_as_number); # There are more builtin functions...
my $bool_value = true;
if ($bool_value) {
say "The value is true";
} else {
say "The value is false";
}
say is_bool($bool_value); # Will print "true";
my $str = "\t\n\r Hello world\t\r\n";
$str = trim($str); # This trim() function will remove all the whitespace
#characteres defined by unicode (https://perldoc.perl.org/perlrecharclass#Whitespace)
print $str; # Will print "Hello world", without newlines, tabs, or
# carriage returns.
#+end_src
These new functions are not the greatest or most useful thing ever,
but they are still helpful.
** Conclusion
Perl's not dead. At least that's what I kept telling myself because I
don't want to see this programming language dying in my lifespan. But
it's pretty cool that they still add new features to Perl 5. Despite
everything you could say, perl is still alive, but no one uses it, but
well, no one uses Haskell either. :^)
** Sources
- 1. https://perldoc.perl.org/5.36.0/builtin
- 2. https://perldoc.perl.org/5.36.0/perldelta
- 3. https://perldoc.perl.org/5.34.0/perldelta

153
tech_posts/org_mode_as_ssg.org Normal file
View File

@ -0,0 +1,153 @@
#+INCLUDE: "../inc/header.html" export html
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
#+options: ^:{}
#+TITLE: suragu.net - Org-mode as a Static Site Generator
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="../css/styles.css"/>
* org-mode as a Static Site Generator
Created: 2022-06-14
Last updated: 2022-06-14
** Introduction
There are a lot of static site generators out there, you can think of
Jekyll, Hugo, sblg. Those are good (I guess) but, as I was too lazy to
check them out, I tried to perform the same task (In this case,
generating a website from a language in a weird markup language) that
looks very much the same as it was written in pure html. And emacs'
org-mode was able to do this perfectly. Not much flaws were found in
this process.
And yes, this article was written in =org-mode=.
If you enjoy this article, please consider donating:
[[https://liberapay.com/raoul11][https://liberapay.com/raoul11]]. For questions or comments on this
article feel free to reach me out at teru-sama [at] riseup [dot] net.
** The basics
Every emacs users (I hope) knows about org-mode, it is a very powerful
markup language, in my opinion, better than markdown as it uses more
common sense, like *bold* text are written with only one asterisk and
/italic/ text is written with slashes, which makes more sense inside
my head than markdown's one asterisk for italic and two asterisks for
bold. The headers are written with an asterisk followed by the text,
and you can insert code blocks with =#+begin_src <language>=. (and close
them with #+end_src) And
guess what! Emacs will export the source code *highlighted* to html!
The output colors will be defined by your *current Emacs theme*
When you are finished writing your .org file, you can export it to
html with =M-x org-html-export-to-html=. This will create a =.html= file
with the same name of the =.org= file. You can open it and it won't be
so much different than a =.md= file converted to =.html= using =pandoc=. But
we can fix that using the multiple =org-mode= options!
** org-mode options
There are a lot of =org-mode=. You can check all of them [[https://orgmode.org/manual/Publishing-options.html][here]] and
[[https://orgmode.org/manual/Export-Settings.html][here]]. Check them if you need an option that is not here. Pretty sure
there's an option for whatever you want.
So, when you make a website, you most likely want to make it somewhat
artistic, so you want to add, say, a header, and a stylesheet
file. This is possible with =org-mode= options. The following text lines
will insert a header file and a stylesheet file into the resulting
.html file:
#+begin_src org
#+INCLUDE: "inc/header.html" export html
#+HTML_HEAD_EXTRA: <link rel="stylesheet" type="text/css" href="css/styles.css"/>
#+end_src
This will include, before everything in the =.org= file, the content of
the file located at =inc/header.html=. And will append that <link/> HTML
tag to the <head> section of the resulting =.html= file. So it will give
the stylesheet to the resulting html site.
n
But by default =org-mode= gives us the number of headings, preambles and
postambles, a table of contents, some html style we never asked for,
and a lot of things we never asked for. But obviously, theres an
option to take care of all of that!
#+begin_src org
#+options: toc:nil
#+OPTIONS: html-postamble:nil
#+OPTIONS: html-style:nil
#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil
#+end_src
That snippet inside the codeblock will disable all the things we don't
want in a personal website (but maybe we want in an academic
article?). I don't know. The thing is that you can disable or enable
them as needed. As you should know, =nil= in emacs-lisp means =false= and
=t= means =true=. So if you want to enable some option of those you give
it =t= instead of =nil=.
So you have to add that to all the .org files you have. You can
probably setup those options as default by setting the family of
=org-export= variables to =nil= as needed. But I keep it that way because
I am too lazy to set all of those variables.
Then, you have to do =M-x org-html-export-to-html= in each .org file and
upload them to your webroot. And everything should work when you visit
your website. If not, check if the path of the css and header is
correct (In this post i'm assuming your .html files are in =inc/= and
your css is in =css/styles.css=, which are both relative paths).
** Inserting custom HTML in Org
Something great about Markdown is that you can insert HTML by simply
adding it as normal text. You cannot do this in org-mode. You can't
just put <b>thing</b> and expect org-mode to compile that as html. You
have to use an =export= block. Those work just as the codeblocks we've
seen before. But instead of src, it's export, so it will
be #+begin_export html. Following there's an example
#+begin_export html
<b style="color:red;">This is custom HTML (it has the style attribute) inserted into org-mode :D</b>
#+end_export
** Exporting a whole directory with .org files to html
For most of the time running this website using =org-mode= as static
site generator, i used to run =M-x org-html-export-to-html= as
needed. But I thought this was unnecessary and repetitive and there
wasn't really a need to do that. I wanted something like =make=. Where
you run and you get everything compiled. And if a file didn't change,
don't compile it again (as it isn't needed). So I asked about this in
the #emacs irc channel:
#+begin_src text
<sukamu> Hello, is it possible to use org-html-export-to-html in a
emacs lisp program to export a file? Documentation says it only
"exports the current buffer", But i want to export all the .org files
in a directory as html
<sukamu> (I'm using org-mode as a ssg)
<wgreenhouse> > export all the .org files in a directory as html
<wgreenhouse> sukamu: it sounds like you want org-publish
<wgreenhouse> (info "(org) Publishing")
#+end_src
So I checked out that "=org-publish=" thing this IRC user was talking
about. And indeed it was exactly what I needed. I had to read the
documentation. And I came to this following emacs-lisp files which can
compile my website just well:
#+begin_src emacs-lisp
;; Change this
(setq org-publish-project-alist
'(("suragu.net"
:base-directory "~/repos/suragu_org/"
:publishing-directory "~/repos/suragu_org/out_html"
:section-numbers nil
:publishing-function org-html-publish-to-html
:table-of-contents nil
:recursive t
)))
(defun make-suragu ()
(interactive)
(org-publish "suragu.net")
#+end_src
And that's it! Everytime I want to recompile this website I just have
to run =M-x make-suragu= and org-publish will do the rest for me!
** Conclusion
=org-mode= is a great markup language that can repleace markdown in most
tags and also works well as a static site generator. What else do you
want me to say