commit d1509d47f44e7e017d95da864328da4542dc3890 Author: Germán Palomares Pizarro Date: Tue Nov 8 12:54:40 2022 +0100 Initial commit diff --git a/EVALME.el b/EVALME.el new file mode 100644 index 0000000..a3acb13 --- /dev/null +++ b/EVALME.el @@ -0,0 +1,17 @@ +;; Change this +;; Change this +(setq org-publish-project-alist + '(("qorg11.net" + :base-directory "/home/qorg/docs/repos/qorg_org" + :publishing-directory "/home/qorg/docs/repos/qorg_org/out_html" + :section-numbers nil + :publishing-function org-html-publish-to-html + :table-of-contents nil + :recursive t + ))) + +(defun make-qorg () + (interactive) + (org-publish "qorg11.net")) + + diff --git a/about.org b/about.org new file mode 100644 index 0000000..c071f14 --- /dev/null +++ b/about.org @@ -0,0 +1,25 @@ +#+INCLUDE: "inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil +#+TITLE: Suragu.net +#+HTML_HEAD_EXTRA: +#+EXPORT_FILE_NAME: about.html + +* About + +This (very alternative) website exists for the sole purpose of +existing. This website has no objetive purpose. + +As if someone cared, here's my neofetch. + +#+begin_export html + +#+end_export + +** About the person + +[[./img/fermin_trujillo.jpg][Freelancer from Spain]] + + diff --git a/btrfs_better_than_zfs.png b/btrfs_better_than_zfs.png new file mode 100644 index 0000000..e744802 Binary files /dev/null and b/btrfs_better_than_zfs.png differ diff --git a/css/styles.css b/css/styles.css new file mode 100644 index 0000000..31627e9 --- /dev/null +++ b/css/styles.css @@ -0,0 +1,65 @@ +body { + background-color: black; + font-family:monospace; + background-image: url(../img/stars.png); + +} +h1, h2, h3, h4, h5, h6, p { + color: white; +} + +.content { + position: relative; + margin-left: 0px; + width: 100%; + right: -130px; + max-width: calc(100% - 130px); +} + +.container { + border-style:solid; + border-color:#c9423f; + padding: 10px; + margin-bottom: 10px; +} + +.cat_image { + border-style: solid; + border: 1px solid purple; + border-left: 0px; + border-top: 0px; + border-right: 0px; + +} +.button > a { + text-decoration: none; + font-weight: bold; + margin-left: auto; + margin-right: auto; + font-size: 16px; + color: #6a0606; + margin: auto; + +} +.button { + border: 1px; + border-style: solid; + width: 120px; + border-color: purple; + margin: 2px; + text-align: center; +} + +.sidebar { + position: fixed; + top: 0; + left: 0; + width: 125px; + height: 100%; + transition: all 0.5s ease; + border: 1px solid red; + border-top: 0px; + border-left: 0px; + background-color: rgba(42, 20, 41, .5); + +} diff --git a/freebsd_user_on_btrfs.png b/freebsd_user_on_btrfs.png new file mode 100644 index 0000000..38a24fa Binary files /dev/null and b/freebsd_user_on_btrfs.png differ diff --git a/inc/footer.html b/inc/footer.html new file mode 100644 index 0000000..79bc606 --- /dev/null +++ b/inc/footer.html @@ -0,0 +1,2 @@ + +Unlimited Aku works VOL. II La saga del exilio diff --git a/inc/header.html b/inc/header.html new file mode 100644 index 0000000..daa0464 --- /dev/null +++ b/inc/header.html @@ -0,0 +1,23 @@ +
+
+ + cat + +
+
+ About +
+
+ Tech posts +
+
+ Media log +
+
+ blog +
+
+ git +
+ +
diff --git a/index.org b/index.org new file mode 100644 index 0000000..38c3ee7 --- /dev/null +++ b/index.org @@ -0,0 +1,32 @@ +#+INCLUDE: "inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil ^:nil +#+TITLE: SURAGU +#+HTML_HEAD_EXTRA: +#+HTML_HEAD_EXTRA: +#+EXPORT_FILE_NAME: index.html + +* suragu.net +Welcome to suragu.net! My personal website. In which you can read my +philosophical posts or my posts about technology. + +* Contact + +You can contact me through email: chief_keef at riseup dot net or +XMPP: keef at this domain +* Donate + +If you appreciate my work and wish to say thanks, you can send money +to any of these cryptocurrencies addresses: + +- Monero: 87nNzDdnACV614EuueWcwiX16hYNr9cVMACzYExHvGRRf2sHDUydjNvFvoMRBRbJntgxanvE9vzGxLTgenydK8PuSMq9aXC +- Bitcoin: bc1q8k6f3ja8na82wl6ehw73uhy67d45pkhs63yvy5 + +* Mirrors +#+begin_export html +

+[Tor]​ [I2P]​ +

+#+end_export diff --git a/marijuana_reviews.org b/marijuana_reviews.org new file mode 100644 index 0000000..af58021 --- /dev/null +++ b/marijuana_reviews.org @@ -0,0 +1,172 @@ +#+INCLUDE: "inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil +#+TITLE: Suragu.net +#+HTML_HEAD_EXTRA: +#+EXPORT_FILE_NAME: marijuana_reviews.html + +* SURAGU’s Marijuana Reviews + +Creativity, It’s a known fact that grass increases creativity from +eight to eleven times. In fact, everyone finds they’re more creative +stoned than straight. Humans have always been very creative at the +time to get high. In Spain, stoners were so bored that they found a +legal loophole that allowed them to legally consume and sell dispense +Cannabis buds. Since I joined one of those clubs, my vision of a +fucking plant has changed so damn much. Like everything in +contemporany society, you have so much choice it’s depressing. In this +post I will review all the strains I have tried. + +But I won’t say “this shit dope” because that would be too boring. And +I’m also not going to explain how each bud helps you with insomnia, +anxiety, depression and ADHD because despite recent research shows +it’s not so darn harmful, i’m not an idiot either. + +So I’ll review the buds using Pen & Pixel Graphics album covers. I am +not rating the weed on how good the album is. Just in how weird the +cover is. + +I’d like to thank my friend Endemic for the idea of making weed +reviews with album covers, for showing me all this awesome music and +helping me choose the covers. + +Whatever weed you’re smoking. And despite whatever these reviews says +about each strain, there’s this quote from Kabuto Makai I the Great +that you should never forget: + +“Sea Indica o Sativa me da igual que guay está la keli echandose +un mai” + +** Amnesia (grass) + +Amnesia Haze is a classic, is a strain that anyone who has been +smoking real weed for more than 2 minutes has tried. With more than +20% of THC, the shit will get anyone high. I will give this strain the +rating of DJ Screw - The Legend. + +[[./img/covers/thelegend.jpg]] + +DJ Screw in the sky with a skull behind him it’s something I could +have never thought of. And going to a cannabis club is also something +I would have never thought of. I also find it pretty funny that +there’s a car with Screw by its side. + +** Amnesia (Hash) + +Advantages of going to a Cannabis Social Club is that you know that +you’re smoking quality grass and quality hash. The hash here is made +by the dudes who work at the club, not by a moor sweating in his +room. So it has a very high quality. + +The thing with hash is that it is hash. Too strong for some. But me? +It only leaves me thinking very weird funny things and I’m so relaxed +I can’t move. Then I move to some kind of backrooms. In which I find +myself listening to whatever Antonio Recio is saying. Great +experience. Amnesia Hash deservers nothing less than Lil Keke - The +commision + +[[./img/covers/thecommision.jpg]] + +Where do I start? Where are them? First time I thought it I felt like +this was a GTA San Andreas mission. Like the dudes are in the Four +Dragons Casino. And I like how the dude is peacefully smoking a cigar +when he got 2 bodyguards. I don’t know. It is pretty surreal. + +** Amnesia Hy-Pro + +I don’t even know what Hy-Pro means. The friend who sold me this told +me that it has a shitton of THC. I believe him. It did indeed had a +shit ton of THC. It was a psychedelic experience. So high I didn’t +even know my name. I have not felt something similar to that since +then. So I can give this thing nothing less than Juvenile - 400 +Degrees + +[[./img/covers/400degres.jpg]] + +I wish I could know where to start with this cover. First we can see +that they’re in hell. And there’s this dude burning money. and a gold +watch. Dude’s rich and he’s showing off. Then we can see, similary to +DJ Screw’s The Legend, a giant face of the same dude in the +sky. Presumably Juvenile is the devil. If you look both at the left +and right side, you can see, scot-free, hookers. Why are there hookers +in hell? I can’t tell. Then you have the Parental Advisory sticker. I +couldn’t have known. + +** Chocolope + +Chocolope is a Sativa-Dominant strain. Marijuana journalists says that +it has a sweet flavour, tasting simillary to chocolate. In my +experience, it just tasted like marijuana smoke. I’ve had better highs +in my life. Nevertheless Chocolope is a good strain that gives a good +effect. Used it to saw Perturbator live and had a great +experience. The Chocolope deserves Three 6 Mafia - The end + +[[./img/covers/theend.jpg]] + +I don’t even know how to explain this cover. What are they on? Is that +a car? A giant stereo? I genuinely can’t tell. But for some reason +they’re into outer space and you can see the earth behind them. The +earth is exploding. Maybe it is trying to say that only Three 6 Mafia +survived the apocalypse by riding a giant stereo. Riding a giant +stereo to outer space is something that could only happen in Memphis, +Tennesse. + +** Unknown Indica Strain + +We got a Special Joint for this mysterious strain we can’t remember +the name of. We have vague indications that the strain name was +“Wedding cake”. Thing is that we thought that C. Indica were for +pussies. We were so damn wrong. We were nailed to the couch for at +least 15 minutes. To this thing I can only give SSUR - Guerrillas in +the midst + +[[./img/covers/guerrilla.jpg]] + +Why does the Che Guevara look like a Monkey, why are there hookers if +they’re in the guerrilla. What’s up with the explosion, what’s with +all the money? I’d frame this cover if I could. + +** Terps (Hash) + +It is impossible for a Allah’s Follower to make bad hash. These +“Terps” is dry extraction of hash. I don’t know what “Dry” means. My +Marijuana Master doesn’t know what “Dry” is. So I just asume it is +just zoomer expression to say that a hash is good. But to answer the +question if “Was it good?” The answer is the following picture: + +[[./img/covers/greatesthits.jpg]] + +We smoked this hash mixed with Weed Marijuana. When we left the CSC, +we were in another dimension. Sadly we had to catch the bus later. We +were there and all of us started to feel exagerately dizzy. I don’t +rememebr anything that happened in the hour of bus. I just remember +that I was listening to some music, I can only rememeber “My mind went +blank” my DJ Screw (The Legend). Then they woke me up. First thing I +see is a bottle full of vomit. + +** Santa Sativa + +#+begin_quote +santa: 1. adj sacred; hallowed: holy ground +#+end_quote +Santa Sativa is a Sativa Dominant Weed Marijuana strain. Relatively +high THC and low CBD. First time we tried this the Terps Incident +happened. So the weed must have been good shit. Then we smoked this +shit and unbeliable things happened. Everyone I thought to be Cannabic +Senseis said this strain was one of the best herbs they have ever +consumed. Thus, this strain deserves nothing less than: Snoop Dogg - +Da Game Is To Be Sold. Not To Be Told. + +[[./img/covers/dagame.jpg]] + +This masterpiece of the contemporany art is deleightful for our +eyes. We can see the motherfucking d-o double g holding a walking +stick made from gold. For undisclosed reasons. He is outside the +“Snoop World” (See Montana Management Co.) The thing is that his +mansion looks like a fucking castle you’d see in Disney +World. Perspective fucks with us so much in this one. As he is behind +Snoop World mansion, he’s sitting in the bonnet. Smoking what seems to +be a Swisher Sweet and his arm is in another car. There are also three +dogs in the pictures with shining diamonds. diff --git a/media.org b/media.org new file mode 100644 index 0000000..ee63024 --- /dev/null +++ b/media.org @@ -0,0 +1,131 @@ +#+INCLUDE: "inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil ^:nil -:nil +#+TITLE: suragu.net - Media I've consumed +#+HTML_HEAD_EXTRA: +#+EXPORT_FILE_NAME: media.html + +* Media I've consumed +Well, someone has said, that in this world there are people for +everything, or "it takes all sorts to make a world", so there must be +someone interested on the media I consume and what I think about +it. So here are music albums, movies and similar. + +As i'm not a professional rater, I'm not gonna rate them, in numbers, +i'll just say what I think about the thing and that's it. + +Pssss. You can get some of the media listed [[https://files.suragu.net/][here]]. + +** Movies +I love the "guy who think he's cool" cinema. + +- *Pulp Fiction (1994)*: The movie is stupid, ridicolous and most + pejorative adjectives you can think of. But it's my favorite movie + nevertheless. +- *Kill Bill (2003-2004)*: Good movies. +- *Trainspotting (1996)*: Movie about [[https://concealed.world/home.php][Scottish Drug addicts]]. The thing + sends a Good Message. And the movie is really enjoyable. +- *T2 Trainspotting (2017)*: Not as good as the original but still + passable. +- *Ghost in the Shell (1995)*: It's the only anime movie i've + watched. It's pretty cyberpunk so i like it. +- *Torrente: El brazo tonto de la ley (1997)*: Fucking funny garbage, if + i wasn't high i wouldn't have liked the thing. +- *Torrente 2: Misión en Marbella*: Idem +- *El día de la Bestia (1995)*: My favorite movie this country has made +- *Acción mutante (1993)*: One of the movies i laughed the most +- *Fear and loathing in Las Vegas (1998)*: I don't know what I watched +- *Scarface (1983)*: Masterpiece. +- *Navajeros (1980)*: Funny at times but didn't like it at all. +- *El pico (1983)*: Way better than Navajeros and has a cool message. +- *El pico 2 (1984)*: This one was interesting. +- *Scary Movie (2000):* Utter shit. But THC boosts movies. +- *Ali G Indahouase:* ??? +- *The Godfather (1972):* Masterpiece +- *Lady Snowblood (1973):* I loved Kill Bill. I loved this even more. +- *The great lebowski:* Same as fear and loathing in las vegas. +** Videogames +Well, now I got a decent computer in which I can play games +decently. I have completed all the storyline of these games unless +stated otherwhise. + +- *Borderlands 2:* One of my favorite games. +- *Borderlands: The Pre-sequel*: Still playing it +- *Milk (out|in)side a bag of milk (out|in)side a bag of milk*: Had a [[./img/funny.png][funny frame]] +** Anime +I'm not much of an anime watcher, but eh, sure. I'm including both +anime shows and movies in this section. + +- *Serial Experiments Lain*: The anime is cool. I used to simp for Lain + but then I discovered I'm suragu, not a insecure, twitter user +- *Paranoia Agent*: I remember once a linguistics teacher I had told me + to watch this anime. I watched it and I really enjoyed it. A good + satire. I have keked big to this one. +- *Texhnolyze*: Made by the same guys that made Lain. But i enjoyed this + one more than Lain +- *Haibane Renmei*: Made by the same guy as Lain and Texhnolyze, this is + the only media that made me cry and i have 0 problems admitting it. +- *The curse of Kazuo Umezu*: I can't take gore animes seriously + because I analyze the situation, which makes me laugh + uncontrollably. Altough it was fun to watch. +- *Shoujo Tsubaki (1992)* : The thing stated above doesn't apply for this + one. This one is actually depressing. +- *Belladonna of Sadness (1973)*: Masterpiece. The Japanese version of + Pink Floyd's The Wall. Psychedelic, deep, and weird. + +** Books +I know how to read + +- *Neuromancer (1984)*: A drugaddict hacker needs to make money but he + can't work because he stole from his bosses. +** Music +This shit will never be complete. + +- *Big Moe - City of Syrup* +- *bôa - Twilight* +- *CCR - Pendulum* +- *Chief Keef - Finally Rich* +- *Chief Keef - The Leek, Vol. 1:* Sounds like Korean Vaporwave +- *D.R.I. - Crossover* All songs are the same to be honest +- *D.R.I. - Thrash zone* Cool +- *DJ Screw - All screwed up Vol. II* +- *DJ Screw - 3 N’ The Mornin’ Part One* +- *DJ Screw - 3 N' The Mornin' Part Two* +- *DJ Screw - The Legend* +- *Dr. Octagon - Dr. Octagonecologyst*: Kool Keith is a genius. +- *Dr. DOOOM - First come, first served* +- *Denzel Curry - Melt my eyez see your future* +- *Envidia Kotxina - Asi en la tierra komo en el zielo+* +- *Gospel - The Moon is a Dead world* +- *Iron Maiden - Somewhere in time* My favorite album from these dudes +- *Kanye West - My Beautiful Dark Twisted Fantasy (2010)* +- *Kendrick Lamar - DAMN.* +- *Kendrick Lamar - Section.80* +- *Kendrick Lamar - good kid, m.A.A.d. city:* I listen to this album at night while doing stuff and I like it. +- *King Geedorah - Take me to your leader +- *Living Death - World neuroses* It’s alright +- *MF DOOM - MM..FOOD* +- *Metallica - Kill ’em all* +- *Metallica - Ride the lighting* +- *Metallica - Master of Puppets* +- *Metallica - …And Justice for All* +- *Megadeth - Rust in peace* +- *Megadeth - Countdown to extinction* +- *Megadeth - Youthanasia* +- *MF Grimm - The hunt for the Gingerbread man:* Underrated. +- *Madvillain - Madvillany: Masterpiece.* +- *Makaveli - The Don Killuminati: The 7 Day Theory* +- *Neutral Milk Hotel - In the airplane over the sea:* Dude please learn how to sing. +- *Scattle - Backup* +- *Scattle - Visitors* +- *TOOL - Lateralus* +- *Viktor Vaughn - Vaudeville Villain* +- *Wu-Tang Clan - Enter the Wu-Tang* +- *Zabutom - Zeta force* +- *cLOUDEAD - cLOUDEAD* +- *death’s dynamic shroud.wmv - I’ll try living like this*: Used to love it. Now it gives me anxiety. +- *smashing pumpkins - mellon collie and the infinite sadness:* My mother likes it +- *suicideboys - I want to die in new orleans + some of their EPs* +- *わたしのココ - カラダは正直:* I was told by my friend that this was noise, I thought noise was about making music breaking plates and stuff. Album was good. diff --git a/openbsd.org b/openbsd.org new file mode 100644 index 0000000..27ec1c5 --- /dev/null +++ b/openbsd.org @@ -0,0 +1,482 @@ +#+INCLUDE: "inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil +#+TITLE: suragu.net - OpenBSD +#+HTML_HEAD_EXTRA: +#+EXPORT_FILE_NAME: openbsd.html +* Fear and Loathing in OpenBSD, or my experiences with OpenBSD +The other day I woke up and I thought "I'm going to migrate my server +to OpenBSD for absolutely no reason". And so I did. The operating +system have been a pain and a pleasure simultaneously, and in this +page I intend to give my experiences with it. + +I will be updating this page as I have more experiences with +OpenBSD. So add this page to your booksmarks! + +Last update. 2022-06-09 + +For questions or comments on this article feel free to reach me out at +teru-sama [at] riseup [dot] net + +** Installation +The installation process was pretty straightforward, it was just +enter, enter, enter, altough I had to connect an ethernet cable for it +to download some necessary firmware (so I could use the network card) +and thus, the wireless connection. + +** Setting up services +*** httpd(8) +The website you're in is the website I care the most, kill-9 can wait +because that's only a website in which i complain about +things. Complaining about everything is not good because in this life, +well, in Ozzy Osbourne words, "Learn how to love and forget how to +hate". So I'd rather focus on ebin.city and suragu.net for the +time. + +OpenBSD ships with the =httpd= web server. A really simple and very +secure http server. The main config file is =/etc/httpd.conf= which +has a very simple, human readable syntax. + +One of the features of this webserver is that chroots to a +directory. Meaning that, to the web server, anything before the given +directory (=/var/www= by default), does not exist. So if a vulnerability +is found, the attacker can't do much things, as the attacker can't go +beyond =/var/www=. +*** slowcgi(8) +OpenBSD comes out-of-the-box with a FastCGI implementation, which is +very simple to use. you only have to add =fastcgi= at the desired site +in =httpd.conf= . The following configuration file is enough to +execute CGI scripts. +#+begin_src conf-space + server "suragu.net" { + listen on * port 80 + root "sites/suragu.net" + location "/*.cgi" { + fastcgi + root "sites/suragu.net" + } + } +#+end_src + +But not so fast! Remember that httpd runs in a chroot? Well, your CGI +apps won't work by default, because the chroot lacks the binaries that +are necessary to execute the program. So if your CGI appliaction is a +perl script, you'll have to do something like =cp /usr/bin/perl +/var/www/bin=. If your Perl script uses third-party modules, you'll +have to copy them to anything that is in =@INC=, so +=/usr/var/www/usr/lib/perl5= or something like that. Also your chroot +will lack all the core utils. I just installed plan9port and copied +the files to =/var/www/bin=, which is more than enough. + +As mentioned before. I haven't been able to setup werc in httpd. Not +sure why. I might try to reinstall it some other day. But I guess I'd +have to use another server to do that. + +As of 2022-06-02 I got werc to werk under httpd. The config file is a +bit weird, but it worked. Altough I had to install an older werc +version because the most recent one had some issues. This is the +config that worked. Thanks to solene in IRC for the pattern! + +#+begin_src conf-space + server "kill-9.xyz" { + alias "www.kill-9.xyz" + listen on 127.0.0.1 port 1340 + + listen on * tls port 443 + + tls { + certificate "/etc/ssl/kill9cert.pem" + key "/etc/ssl/kill9key.pem" + } + + # If there's a dot in the URL (i.e. a file extension, don't run it as + # a CGI script.) + + location match "%s*%.%s*" { + root "/werc/sites/kill-9.xyz" + no fastcgi + } + + location match "/" { + fastcgi param SCRIPT_NAME "/werc/bin/werc.rc" + fastcgi param SCRIPT_FILENAME "/werc/bin/werc.rc" + fastcgi param DOCUMENT_ROOT "/werc/sites/kill-9.xyz" + } + root "/werc/sites/kill-9.xyz/" + + + } +#+end_src + +And then I tried to install cgit. When clonning from httpd I got an +error I've never got before. Something like "Recieved HTTP/0.9 when +not allowed". I don't know what the hell =httpd(8)= meant by that. But +it was fixed by nuking the repos and pushing them again from +scratch. I guess it had something to do with file corruption. But you +have to be crazy on acid to think that sending HTTP/0.9 is a good way +to tell a file is corrupted. +*** Darknets +Not much difference from how you'd install Tor & I2P in a Linux +machine. Just install the tor and i2pd packages using =pkg_add(1)= and +configure them normally. I had to copy the old private keys from my +old machine to the new server. But that was not a big issue. I also +migrated from the classic I2P, written in Java to i2pd. Not because I +dislike the Java I2P, I think it is, along with Freenet, the only good +software written in Java. I just wanted to keep the server as light as +possible. And i2pd is way lighter than Java I2P. + +** Programming in OpenBSD +OpenBSD claims to be the most secure UNIX out there. This is probably +true as it has much features, such as the W^X thing. Which means +memory can be written or executed, but not both. Basically an attacker +could not execute a buffer overflow attack. Because he can only +write. But not execute it. This thing was introdouced in 2003. +*** pledge(2) +OpenBSD takes security very seriously. This was the reason to be of +the =pledge()= syscall. Pledge does, as defined by the manpage: +"restrict system operations". This is the prototype: +=pledge(const char *promises, const char *execpromises);= + +Check the manpage for the possible promises. This is a quick example: + + +#+begin_src c + #include /* printf() */ + #include /* pledge() */ + #include /* chmod() */ + + int + main(void) + { + /* stdio promise allows basic input output operations. Check the + ,* manpage for the syscalls this promise allows. */ + pledge("stdio", ""); + + chmod("/etc/passwd",0644); + + return 0; + /* This code will crash at runtime. the "stdio" promise doesn't + ,* allow the chmod() syscall. */ + } +#+end_src + +Running that code will prodouce the following output: + +#+begin_src sh +Abort trap (core dumped) +#+end_src + +This is very useful, imagine that for example, some injects, somehow, +malicious code in your =cat(1)= program. Sending data to a remote +server. As cat didn't =pledge("inet",...)=, cat won't be able to +create a connection. +*** unveil(2) +I like this syscall more than =pledge(2)= according to the manpage: +"unveil parts of a restricted filesystem view" This means that, except +for the file specified in the =unveil()= calls, wont' exist for the +program. Consider the following code and its output: + +#+begin_src c + #include /* read(), write(), unveil() */ + #include /* open() and flags */ + #include /* strerror() */ + #include /* errno variable */ + #include /* fprintf() */ + + int + main(void) + { + /* This program can exclusively open /etc/httpd.conf for reading. */ + unveil("/etc/httpd.conf","r"); + /* This call disables further calls to unveil() */ + unveil(NULL, NULL); + /* What happens if we try to open another file? */ + int fd = open("/etc/passwd", O_RDONLY); + + if(fd == -1) { + fprintf(stderr,"Error opening file: %s\n", + strerror(errno)); + _exit(-1); + } + + char buf[8192]; + int bytes = read(fd, buf, 8192); + write(STDOUT_FILENO, buf, bytes); + + return 0; + } +#+end_src + +Output: =Error opening file: No such file or directory= + +Yes, my /etc/passwd file exists. +*** perl(1) +Perl is the only scripting language that OpenBSD ships. And they have +their reasons you can read [[https://marc.info/?l=openbsd-misc&m=159041121804486&w=2][here]]. This means that Perl comes with +support for the OpenBSD weird features. This means that you can call +=pledge(2)= and =unveil(2)= from your Perl scripts! Here's an example +of that: + +#+begin_src perl + #!/usr/bin/perl + + # The syscalls come as modules, so you have to import them, the + # subroutines are exported by default. + + use OpenBSD::Pledge; + use OpenBSD::Unveil; + # The manpage says that, without the "stdio" promise, perl is useless, + # so it is called by default no matter what you do. + pledge("inet rpath wpath unix"); # Some example promises... + unveil("/etc/httpd.conf","r"); + unveil("/etc/pf.conf","r"); + unveil(); # Restrict further calls to unveil() + +#+end_src +*** strlcpy(3) and strlcat(3) +The well known =strncpy(3)= and =strncat(3)= functions copy no more +than =n= characters, but these functions are not guaranteed to add the +'\0' at the end of the string. =strlcpy(3)= and =strlcat(3)= guarante +that the string ends with '\0' +*** Makefiles +For some reasons, I wanted to rewrite the Makefile of one of my +programs. And I discovered that BSD make is much better than GNU +make. With GNU Make you have to declare pattern rules. And weird +syntax. And you have to write similar makefiles for each program. In +OpenBSD this is not necessary because makefile has some kind of +"templates". This is a perfectly working makefile, /with =clean= and +=install= targets/ +#+begin_src makefile +PROG = sakisafecli +SRCS += funcs.c sakisafecli.c +MAN = sakisafecli.1 sakisafeclirc.5 +LDADD = -lssl -lz -lpthread -lnghttp2 -lcurl -lconfig -lcrypto -L/usr/local/lib +CPPFLAGS = -I/usr/local/include +BINDIR=/usr/local/bin +.include +#+end_src + +This makefile also works in Linux, but using the =bmake= command +instead of =make=. It also works in FreeBSD but you'd have to repleace +CPPFLAGS with CFLAGS. +*** Libraries +OpenBSD, unlike every Linux distribution out there, thinks about +everyone. And when you download a library through the package manager, +it will install the shared objects (for dynamic linking), the header +files (which means, no -dev/-devel packages) AND the .a files. For +static linking! +** Software and the power it holds +OpenBSD comes with a lot of software that should be enough for your +normal tasks. But, it's not like OpenBSD grabbed some code and put it +in the code, no, they wrote their own versions of popular +software. And "ported" them to OpenBSD, so the software that comes +with the operating system uses the security features, they call +=pledge()=. and stuff like that. + +*** mg(1) +This is a Emacs clone. For the people who, for any reason, can't (or +don't want) to run GNU Emacs. This clone is pretty complete, the only +thing it lacks, regarding emacs, is emacs lisp support and syntax +highlighting. But this is a good =nano(1)=, =ed(1)= or =vi(1)= repleacement. +*** signify(1) +GNU Privacy Guard is kinda heavy, and we don't have any other decent +OpenPGP implementation. This is the reason of why the OpenBSD devs +created =signify(1)=, a tool to cryptographically sign and verify +files and messages. And this is the way OpenBSD images are +verified. It's pretty simple to use: + +#+begin_src shell-script + # Generate pub and sec key. They have to have the same name. Only + # changing the file extension + + $ signify -G -c "raoul's signify key" -p raoul.pub -s raoul.sec + + # Sign a file/message + + $ echo "Hello world!" > message.txt + $ signify -S -s raoul.sec -m message.txt + + # Verify file/message + + $ signify -V -p raoul.pub -m message.txt + + # Further examples in the manpage. +#+end_src +*** tmux(1) +Tmux, the legendary terminal multiplexer, that is way better than +screen, was initially developed for OpenBSD. I don't think I have to +talk a lot about tmux because everyone knows it. tmux in OpenBSD comes +with all the security features too. +*** doas(1) +This is a repleacement for sudo that has been developed by OpenBSD. it +has also emerged in the linux community. Altough it works best in +OpenBSD. I have some issues getting doas to work in Debian, but not in +Void Linux. doas is very simple to configure. No need to add yourself +to a group or anything like that. You can simply add this to +=/etc/doas.conf= + +#+begin_src conf-space + permit nopass keepenv raoul as groq + # Allow user raoul to execute commands as groq. Keeping all the + # environment variables. + + # raoul can't execute commands as any user that is not groq. + + permit nopass keepenv qrog + + # qrog can execute commands as any user. +#+end_src +*** openrsync(1) +Sometimes you want to syncronize files between your computers and +servers. And then you realize =cp(1)= is kinda bad for that and =tar= +isslow. Then you discover =rsync= and that just works. But this wasn't +the case for the OpenBSD guys, they wanted a rsync implementation +under the BSD license. So they wrote =[[http://openrsync.org][openrsync=]]. This works just like +rsync and, according to the manpage: "openrsync is compatible with +rsync protocol version 27 as supported by the samba.org implementation +of rsync". Meaning that if you don't have openrsync in other server, +it will just worke, and vice versa. This is an example of usage of +openrsync. + +#+begin_src shell + openrsync --rsync-path=openrsync -av Xanopticon remote_server:/var/www/files/Music +#+end_src + +As I don't have =rsync= installed in the remote server, but I have +=openrsync=, I specify that the path of =rsync= is =openrsync=. This +way it just works. + +*** acme-client(1) +Today I recieved a mail telling me that the [[https://kill-9.xyz][kill -9]] certificate +expired. "Fuck's sake" --- I inmediatly thought. "I have to renew +it". But I was not going to install certbot in this OpenBSD server. So +I had to find a way. I remembered that OpenBSD ships with +=acme-client=. A program that helps you to generate your certificates +for TLS connections. And they can be signed with the Let's Encrypt +certificate authority. The config file is pretty simple and +intuitive. You can copy and paste it from +=/etc/examples/acme-client.conf= and only configure the revelant part +that would be your domain. In my case I have it like this: + +#+begin_src conf-space + authority letsencrypt { + api url "https://acme-v02.api.letsencrypt.org/directory" + account key "/etc/acme/letsencrypt-privkey.pem" + } + + domain suragu.net { + alternative names { "www.suragu.net", "files.suragu.net" } + domain key "/etc/ssl/suragu.key" ecdsa + domain full chain certificate "/etc/ssl/suragu.crt" + sign with letsencrypt + } +#+end_src + +I used to use wildcard certificates. That were valid to any suragu.net +subdomain. But I couldn't make them work in =acme-client=. But as +=acme-client= is less of a pain in the ass than certbot. I can +certainly just modify the configuration file each time I create a new +subdomain. And that doesn't happen too often. +** Documentation +OpenBSD takes documentation very seriously. So seriously, if a manpage +is lacking in a sys util, it's considered a bug. So everything that +comes with your OpenBSD installation is very well documented. Config +files have their own manpages section, the section 5. so you can learn +how to write httpd config files by running =man httpd.conf= This is +something more developers should do. There's also the =/etc/examples= +directory which contains examples of most config files that you'd want +to setup. Those file are commented and everything. But =/etc/examples= +always lacks the config file I want or doesn't help at all. +** Backups +I am a self-proclaimed good sysadmin. This means I should be able to +do backups and restore them. Not gonna lie, before OpenBSD i haven't +had any backup. Though I have heard that you can do incremental +backups with =tar(1)=. I guess this could be useful. But OpenBSD comes +with it's features and things. These tools are =dump(8)= and +=restore(8)=. Those were a bit confusing to me until I learned how to +use them properly. You can read the manpages for [[https://man.openbsd.org/dump.8][=dump(8)=]] and +[[https://man.openbsd/restore.8][=restore(8)=]] which explains pretty well how to use the software. At +least that's what should have happened. Because it didn't. For some +reason OpenBSD insists in using tapes in 2022. So yeah, apparently the +-a flag is mandatory these days. You can use this command to backup a +directory, =/etc= in this case. +#+begin_src shell-script + # 0 means it is a level 0 backup. Next backup should be level 1, then + # 2... Read the manpage for more details. + $ doas dump -0uaf backup_etc.dump /etc +#+end_src +This will take some time depending how big the directory is. =/etc= is +usually not too big so this example will not take a lot of time. + +After 1 hour of wondering why my backup wasn't working, i discovered +that =restore(8)= takes everything as relative paths. Meaning that it +will restore to the directory you're in, so if you do =restore +-xfbackup_etc.dump /etc/httpd.conf=, it will restore it to +=$PWD/etc/httpd.conf=, not to =/etc/httpd.conf=. So you should cd to / +when restoring backups, something like this: + +#+begin_src sh + cd / + restore -xf /var/backups/backup_etc.dump /etc/ +#+end_src +** Network +First I tried to use the wifi card my computer came with. But for some +reason it kept sayin =wpi0: device timeout=. Leaving my computer +without connection. So I had to connect the Ethernet cable. And I +thought that that would solve the connection problem. But today I woke +up and my computer did not have internet connection. But it had LAN +connection. Not sure what happened. And well, that's the reason of why +my site was down. I'll try to fix it. +*** Firewall +OpenBSD comes with a firewall, called pf, which stands for Packet +Filter. As every other software developed by OpenBSD, it uses its +simple config file. + +I used the firewall to deny ssh requests from every IP address except +my local network (that is, 192.168.0.0/16) and from my static IPv6 +address. + +At first the rules were not working for the IPv6 address, because I +don't have IPv6 at home, I use a WireGuard interface for that for +that, and pf didn't know that. So I had to specify that those rules +should also apply to the wireguard interface, like this: + +=pass in on {egress wg0} ...= + +And that just worked. + +Yiou can also limit the connection of an user. For example, the +following line will disable all the connection for the user 'groq': + +#+begin_src conf-space + # Block outcoming connections to user raoul. + block return out proto {tcp udp} user raoul + # Block incoming connection to user raoul. Not sure how useful this is. + block return in proto {tcp udp} user raoul +#+end_Src + +And I've also added some IP addresses that have tried to exploit, +ehem, WordPress vulnerabilities in my webserver. I added them to a +file, =/etc/spammers=. And used a =pf(8)= feature to block all of +them. And I also wanted that ssh would be disabled for everyone except +for the machines in the Local Area Network. So only people in my +network could ssh to my server. pf.conf has a very readable syntax, +which makes this very easy: + +#+begin_src conf-space + # Good/Dreaded IP ranges + table const { 192.168.0.0/16 } + table const file "/etc/spammers" + + # Block spammers requests to the server. Also requests to spammers. + + block in on { egress wg0 } from to any + + # Allow SSH access from the LAN + + block return in log proto tcp from any to port ssh pass in on egress + proto tcp from to port 22 +#+end_src + diff --git a/tech_posts/brotli_in_openbsd_http.org b/tech_posts/brotli_in_openbsd_http.org new file mode 100644 index 0000000..b24af49 --- /dev/null +++ b/tech_posts/brotli_in_openbsd_http.org @@ -0,0 +1,61 @@ +#+INCLUDE: "../inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil +#+TITLE: suragu.net - Brotli in OpenBSD's httpd +#+HTML_HEAD_EXTRA: +#+EXPORT_FILE_NAME: index.xhtml + +* Brotli in OpenBSD's httpd + +The modern web is heavy. My website is not heavy, but I still wanted +to add compression because why not. Fortunately, compression +algorithms exists. Some web servers send compressed versions of the +file they serve, to serve bandwith, or to make the site load +faster. There are other methods to serve bandwith like minimized CSS, +HTML and JavaScript. But I think we can all agree that using a +compression algorithm is a better way to accomplish this. + +The main compression algorithm supported by browsers (and web servers) +is gzip. A compression algorithm that has been with us +since 1992. It's kinda old, but still serves its purpose pretty +well. Especially when you use all of its power with the =-9= +flag. Which compresses the file way better. At the cost of slower +speed of compression and decompression. But this isn't a big problem +since the client isn't receiving large files, like more than 100MBs, +the client is receiving HTMl, CSS and maybe JavaScript. Not binary +files (compression is kinda counterproducent with binary files). + +The OpenBSD httpd comes with the =gzip-static= option, you just add it +wherever inside a =server= block in your httpd.conf. Then you =cd= to +your webroot and run this command: =gzip -9k *.html= + +=-9= was explained before. And =-k= tells gzip not to delete the files +after they have been compressed. As =gzip= deletes the original +file. keeping only the =.gz= file. + +This should be enough for most scenarios. gzip compresses files really +well. But I wanted more. So I made some changes to the httpd source +code to add brotli support. + +At first. I wanted to add zstd support to httpd. And when I had +everything done. curl was receiving the zstd files instead of the +original files, I realized that browsers do not (yet) have zstd +support. So I decided to use brotli instead. It wasn't that difficult +to accomplish as I already wrote the hard part. I only had to replace +"zstd" with "br". + +This isn't done automatically. If you currently have =gzip-static= on your httpd +configuration. You must replace it with =br-static=. And then you have +to remove all the =.gz= files in your webroot (as they aren't needed +anymore). Then you can read the =brotli= manpage to learn how to use +brotli. But I wanted maximum compression. So this command was enough: +=brotli --max --keep *.xhtml=. + +[[../img/brotli_httpd.png]] + +You can download the patch [[https://ls.raoul11.net/files/KbQBFQat/brotli.patch][here]]. + + + diff --git a/tech_posts/bsd_make.org b/tech_posts/bsd_make.org new file mode 100644 index 0000000..d26be9a --- /dev/null +++ b/tech_posts/bsd_make.org @@ -0,0 +1,211 @@ +#+INCLUDE: "../inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil +#+options: ^:{} +#+TITLE: SURAGU - Using BSD make +#+HTML_HEAD_EXTRA: + +* Using BSD make for your (small) project +For questions or comments on this article feel free to reach me out at +teru-sama [at] riseup [dot] net. + +Alright, so you wrote your software! Bad news kid, now you have to +compile it! Worse than that, you have to make that the compilation is +not a pain in the ass so more people can actually use your software! + +Thankfully, developers thought about on the unbearable pain of +compiling software, and thus =make= was born. =make=, A =makefile= is +a set of instructions that tells the software =make= how to compile +the software. Being honest, if you're in this website you already know +what =make= is. + +BSD Make (also called =bmake=) comes with interesting features that +make writing makefiles easier. As it comes with some kind of templates +that will surely help you at the time of writing the makefile, bsd +makefiles tend to be readable and easily editable. Consider this +source tree. I am adding libcurl to this example to add some +"complexity" to the makefile. + +main.c: +#+begin_src c -n -r + #include + + /* Not gonna create an header file for a simple makefile + ,* example.... */ + + void + get_url(const char *s); + + int + main(void) + { + puts("getting suragu.net..."); + get_url("suragu.net"); + } +#+end_src + +geturl.c: + +#+begin_src c +n + #include + + void + get_url(const char *s) + { + CURL *curl = curl_easy_init(); + curl_easy_setopt(curl,CURLOPT_URL,s); + curl_easy_setopt(curl,CURLOPT_WRITEDATA,stdout); + + curl_easy_perform(curl); + + curl_easy_cleanup(curl); + + } +#+end_src + +This, the traditional Makefile would look a bit like this: + +Makefile: +#+begin_src makefile -n -r + CC ?= cc + LDFLAGS = `pkg-config --cflags --libs libcurl` + OBJS = main.o geturl.o + TARGET = geturl + + # Link the thing + all: $(OBJS) + $(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) -o $(TARGET) + + # Compile all source code to object files + %.o : %.c + $(CC) -c $(CFLAGS) $< -o $@ + + .PHONY clean + clean: + rm *.o $(TARGET) +#+end_src + +Typing =make= will result on a working makefile, the makefile will +compile the software as expected and not much else would happen. The +software also works as expected, however, in my opinion =make= syntax +makes 0 sense and it could be improved. Fortunately, this can be +solved using the BSD make templates. Consider the following Makefile: + +Makefile: +#+begin_src makefile -n -r + PROG = geturl + SRCS = main.c geturl.c + LDADD != ${PREFIX}/bin/pkg-config --cflags --libs libcurl + MAN = + + .include +#+end_src + +If you're in Linux, you might have to install =bmake=, which is a port +of NetBSD make, it is more likely in your distro's repositories. To +run that Makefile, just type =bmake=, and magic will happen. But let's +explain it + +PROG is like the target, is what the template uses to get the +resulting binary. If SRCS is empty, bmake will just compile +=progname.c=. +=SRCS= are the sources files you want to compile. And =LDADD= are the +flags you want to pass to the linker, notice that in this case I used +!= instead of \=, this is because when you want to assign the output of +a comman in BSD make, you have to do !=, you can't do =SRCS = +`pkg-config ...`= because it won't work. + +the =.include = line makes all the magic possible. It is +the template, and then you pass all the variables you defined before +to that template, so the =.include= directive must be at the very +bottom of the Makefile. + +Also, this simple makefiles comes with all the rules someone would +like. "bmake clean" works, so does "bmake install". + +Notice how there isn't "CFLAGS" in this makefile, this is because, if +you want to add any CFLAG, you can do it this way, and BSD make will +understand: + +#+begin_src shell -n -r + sukamu@wakaran ~/docs/xdd $ bmake CFLAGS="-O2 -pipe -Wall -pedantic" + cc -pipe -O2 -pipe -Wall -pedantic -c main.c + cc -pipe -O2 -pipe -Wall -pedantic -c geturl.c + cc -pipe -o geturl main.o geturl.o -lcurl +#+end_src + +You can specify default CFLAGS in the Makefile, but when adding CFLAGS +in the command line, those will be overwritten. + +** Compilation options using BSD make + +configure scripts have their weird defined optins, such as +=--enable-xxx= or =--disable-xxx=, which enables or disables features +in the software you're compiling. This can be also be done with BSD +make and =CFLAGS= To do this you only have to use the simple Make +conditionals. Consider the following C source code: + +#+begin_src c -n -r + #include + + int main(void) { + + #ifdef USE_OPTION + puts("This is a string that will only be printed if use-option is enabled at compile time."); + #endif + puts("Hello world!"); + + + + return 0; + } +#+end_src + +#+begin_src makefile -n -r + PROG = option + SRCS = main.c + LDADD != ${PREFIX}/bin/pkg-config --cflags --libs libcurl + MAN = + + # Compilation options + use-option = "no" + .if "${use-option}" == "yes" + CFLAGS +="-DUSE_OPTION" + .endif + + .include + +#+end_src + +If you compile normally, nothing weird would happen: + +#+begin_src shell-script -n -r + diego@sukamu ~/xdxd $ make + cc -pipe -g -MD -c main.c + cc -pipe -o option main.o -lcurl + diego@sukamu ~/xdxd $ make + Hello world! +#+end_src + +Now, let's recompile with =use-option=yes=. + +#+begin_src shell-script -n -r + diego@sukamu ~/xdxd $ bmake use-option=yes + cc -pipe -g "-DUSE_OPTION" -MD -c main.c + cc -pipe -o option main.o -lcurl + diego@sukamu ~/xdxd $ ./option + This is a string that will only be printed if use-option is enabled at compile time. + Hello world! +#+end_src + +So, if you add ="use-option=yes"= to the make flags, the Makefile will +add the required CFLAGS to enable the compile time option. + +** Conclusion + +BSD make is great for both small and big projects. And maybe more sane +than other alternatives, as doesn't require you to write a lot of +stuff just to build your project. BSD Make is a build system made for +lazy people. And lazy people always come with the simplest solutions. diff --git a/tech_posts/coreboot_x220.org b/tech_posts/coreboot_x220.org new file mode 100644 index 0000000..88fd82d --- /dev/null +++ b/tech_posts/coreboot_x220.org @@ -0,0 +1,12 @@ +#+INCLUDE: "../inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil +#+TITLE: suragu.net - Coreboot in a x220 +#+HTML_HEAD_EXTRA: +#+EXPORT_FILE_NAME: coreboot_x220.html + +* The memories of a corebooter + + diff --git a/tech_posts/fear_and_loathing_in_artix.org b/tech_posts/fear_and_loathing_in_artix.org new file mode 100644 index 0000000..3166ec9 --- /dev/null +++ b/tech_posts/fear_and_loathing_in_artix.org @@ -0,0 +1,177 @@ +#+INCLUDE: "../inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil +#+options: ^:{} +#+TITLE: suragu.net - Fear and loathing in Linux +#+HTML_HEAD_EXTRA: + +* Fear and loathing in Linux (Or BSD user tries Linux) + +If you enjoy this article, please consider donating: +https://liberapay.com/raoul11. For questions or comments on this +article feel free to reach me out at teru-sama [at] riseup [dot] net. + +One day I said "I want to die with FreeBSD installed", and I still do, +FreeBSD is a marvellous operating system that should be the final word +in operating systems. Sadly the other day when I bought a new computer +they pranked me very well because the network card this computer came +with is not supported in the current stable version of +FreeBSD. "Father, into your hands I commend my spirit, father, into +your hands, why have you forsaken me?" I said, but after some searches +I find that this network card WILL be supported and you can test the +driver in the -CURRENT branch of FreeBSD, I didn't thought -CURRENT +would be much of a pain, knowing I come from "bleeding edge" Linux +distributions. So I installed FreeBSD 14.0, the thing worked but when +I tried to install the required modules for xorg to work it didn't +work. And that's all they had to say. I want a stable system. Not +that. + +Some time ago, when I published my [[./freebsd_as_desktop.html][FreeBSD as desktop]] blog post, I got +a comment in Hacker News (or lobsters, can't remember) that told me +that I was making clickbait because the experience was good. And the +title promised "Fear and loathing". Well, this one does have fear and +loathing. + +So my first try was the old reliable. Void Linux, a distro that has +never failed me. Until yesterday, because when you come from BSD, you +know what's wrong with Linux. + +Despite Xfce focuses on Linux operating systems and the BSD support +could be a lot better, because it sometimes can't tell the difference +between oss and pulse audio, or the microphone doesn't work, or other +kinds, doing trivial things was a lot easier on FreeBSD than in Void +Linux, but that's okay. I can with it, i've had worse things in my +life. So I could configure it. Then I wanted to install some packages +for void installation in which I could use my beloved [[https://git.raoul11.net/sakisafe.git][sakisafecli]]. But +when I installed it I found out what was wrong with Linux. + +So i tried to run =bmake= in linux (BSD make is much better than GNU +make and should cover some trivial makefiles). And it started to give +errors, like curl.h is not found. And this is when a BSD user will +cause the Fall of Rome. In BSD operating systems, there are not +=-devel= (or -dev) packages. So when you install libfoo you install +the shared objects (.so files), the header files (the thing in +/usr/local/include) and sometimes the .a files for static linking +(which is something Linux distributions should also do). I don't think +it's very arguable that it is possitive to include the header files in +the same package. Because they're just text files that won't take a +lot of space. Maybe this is normal for some kind of devices, but if +you install arch linux or void in a amd64 machine i don't think you +care a lot about space. + +That was the moment in which I remembered that one day a friend of my +told me that arch linux doesn't have -devel packages. And that was +enough for me to install Artix Linux, I don't even know what init +system I'm using. + +Let the _fear and loathing_ begin. + +** Operation: filesystem +The state of ZFS in Linux is quite commedic because OpenZFS is under +the CCLD and Linux is on the GPL and CCDL is incompatible with the +GPL. So because of the GPL we can't have ZFS endorsed by the kernel on +Linux systems. Just because the GPL, I don't think it's pretty good +that a so-called "free" software license tells you that you *must* +share your changes. And I think it's pretty idiotic that, because a +License, they can't add a sequence of ASCII characters to a kernel. + +It was pretty funny because one day I found this message regarding +btrfs on FreeBSD on the forums: + +[[../img/freebsd_user_on_btrfs.png]] + +When I was installing Artix and it was part to create the partitions, +I audibly chuckled, and I selected btrfs as my file system. And began +using btrfs because I'm always open to try new things. + +As mentioned before, the state of ZFS on Linux is commedic, because of +differences between Artix and Arch, I couldn't install the 3rdparty +zfs module from the AUR, so I had to compile OpenZFS code myself. This +wasn't much of a problem. + +Meanwhile, I also looked for "artix zfs" in my search engine and I +found this blog post that was funny to me because it's like the +counter part of the other post: + +[[../img/btrfs_better_than_zfs.png]] + +So well, installing ZFS from source wasn't much of a problem. After +building and installing it =modprobe zfs= just worked and I could +mount my pools just fine. And thus, restoring my data. so no big +problem there. + +I wanted to try btrfs features because I am curious, and apparently +btrfs is "zfs for linux", so i wanted to try its features + +Our man break19 was right, because if I want to add compression +to my storage devices I have to do some weird stuff in the fstab, and +that's too much, i prefer the old good "zfs set compression=gzip +zroot" rather than editing that file. I also can't play with btrfs +subvolumes or snapshots because the btrfs command line utility is +horrible and I haven't figured anything out. + +** Package management and the power it holds + +Different commands. Same shit, the only package managers that has +innovated in something are GNU Guix and Nix, but I don't think there +is much difference between =pkg= and =pacman=. + +What is true is that =pacman= has a syntax that sucks, for example. in +FreeBSD you'd do =pkg install emacs=, while with Artix you do =pacman +-S emacs=, like I know what -S means, and apparently "pacman -Ss" is +better than "pacman search", so i prefer FreeBSD package manager. + +But what was funny to me is that when I installed =clang=, pacman +notified me that also =gcc= will be installed. I thought this was very +curious so I asked in the artix IRC channel, the answer frightened me: + +#+begin_src text + | Hello, nice operating system and all, but I have a question + why does clang depends on gcc + | it's because clang uses the standard library provided by gcc + most linux distros are like this +#+end_src + +As a computer user I tell you, that no big problem. But as a BSD user +I ask "why"? + +I didn't know it, but pacman is very fast. It downloads things in +parallel and uses zstd, a fast compressing/decompressing software for +compression, so I have no issues with pacman's speed. It is pretty +fine. + +When I did some research on why I couldn't install wine in Artix linux +I found out that my packages are being maintained by people with anime +profile pictures. And I also discovered that, for some reason, they +wanted to split all the repositories in separate repositories. Not +sure why, they have like 5 repositories for everything. I can +understand separating repositories with free/non-free software. But +here they don't even do that. They're just making thing more complex +for people who just want to install packages. In BSD this didn't +happen as the main repo had all the 30k packages someone would ever +need. And this operating system lacks packages. I had to build +=cmusfm= myself. + +** Desktop +I hate to say it but Artix was less of a pain to setup as a desktop +than FreeBSD, this is because the installation was made with Calamares +installer. So I didn't had to install Xorg and configure manually, the +installer did all that for me. This wasn't the case in FreeBSD in +which I had to configure Xorg manually. And this is appreciated. The +Xfce setup just worked. And I bothered on ricing it like Windows XP +because I live in the past. Some people ask me why I riced it why XP, +the reason is because I can and I wanted. + +I have 0 reasons to complain about Linux in this case. So I just +won't. +** Conclusion +If you haven't tried a BSD operating system. Don't, you'll get hooked to +it and if you ever have to come back to Linux, you'll find yourself +prefering to get a castration than installing Linux, because when you +learn how BSD works, and its awesome features, the development +philosophy (focusing in making a great operating system instead of +focusing in a weird definition of freedom), you start to know why +linux sucks. + diff --git a/tech_posts/freebsd_as_desktop.org b/tech_posts/freebsd_as_desktop.org new file mode 100644 index 0000000..5c32441 --- /dev/null +++ b/tech_posts/freebsd_as_desktop.org @@ -0,0 +1,298 @@ +#+INCLUDE: "../inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil +#+options: ^:{} +#+TITLE: suragu.net - Fear and loathing in FreeBSD +#+HTML_HEAD_EXTRA: + +* Fear and loathing in FreeBSD, or raoul's experiences with FreeBSD +** Introduction +Not so long ago I wrote [[../openbsd.xhtml][my experiences with OpenBSD]]. This post was +about my experiences with OpenBSD but as a server, not as +desktop. Using an operating system as a desktop is completly +different than using it as a server. + +One day I thought "damn, Linux sucks! But I have to use this because +the developer of the browser that I use is an asshole!". And had to +stick to Linux for a while. But then another day I thought "Hmm, +FreeBSD claims to run Linux binaries better than Linux, let's give it +a try". Good operating systems have to sell themselves some +way. And that claim worked for me. So I went to FreeBSD.org, clicked +the big yellow button that says "Download FreeBSD" and downloaded the +memstick image for amd64 because that's what my computer runs. + +I will be updating this site as I have more experiences with +FreeBSD. So add to bookmarks! + +Last update: 2022-06-21 + + +** Installation +The installation was pretty straight forward. I don't think people can +get lost in this. I just selected ZFS as my file system (more on that +later). And I don't remember much other things in the +installation. And as I forgot them. I don't think they are worth +mentioning. + +** Networking +I want to connect to the internet because, among other reasons, I have +a website, electronic mail and I like to talk to internet people +sometimes. +*** Wireless connection +Sadly I no longer have the router in my room so I can't use an +ethernet cable. So I have to use the dreaded wireless card. I was very +surprised when I found out that FreeBSD supports this Atheros card. +so I don't have to open the computer and put an Intel one. For the +network card to work, I only had to modify the kernel booting +process. Sounds very hard but it is just editing +=/boot/loader.conf/)=. I added the following lines to use the =ath= +driver: + +#+begin_src shell-script + if_ath_load="YES" + if_ath_pci_load="YES" +#+end_src + +Then, in =/etc/rc.conf= (we will talk about it later) + +#+begin_src shell-script + wlans_ath0="wlan0" + ifconfig_wlan0="up" + ifconfig_wlan0="WPA DHCP" +#+end_src + +That will automatically start =wpa_supplicant= and use DHCP to get an +IP address +*** DNS server +Normally for resolving domains you'd use a server like 8.8.8.8, +1.1.1.1 or 192.168.1.1. But I thought using local_unbound would be a +good idea for this, as if i'm my own DNS resolver, I can choose what +to resolve and what not to. I followed [[https://vermaden.wordpress.com/2020/11/18/unbound-dns-blacklist/][this guide]] to configure +local_unbound, with some block lists. And I also modified +/etc/dhclient.conf to use =127.0.0.1= as default DNS server. I did not +setup a fallback DNS server because if my computer is up, unbound is +up as well. So I don't really need a fallback DNS server. + +#+begin_src conf + interface "wlan0" { + append domain-name-servers 127.0.0.1; + } +#+end_src +** Making the fresh installed system a desktop. + +I'm no longer a Linux user. Now I am a BSD user. As such I must be +aware about this "X11" thing. So I had to install the =xorg= +package. FreeBSD comes with a binary package manager called =pkg=. We +will talk more about this in the packages section. I just had to run +=# pkg install xorg=. Add the user =raoul= to the =video= group and +configure my =.xinitrc= so everytime i run =startx=, =bspwm= is +started. + +I had to add i915kms_load="YES" to =/boot/loader.conf). Which is the +driver for Intel integrated graphics cards. Or something like that. + +As mentioned before. I had to modify my .xinitrc (something that as a +former Linux user I have never done because I always used lxdm as +display manager. But as FreeBSD doesn't have lxdm available I had to +get alternatives). My .xinitrc looks like this: + +#+begin_src shell-script + dunst& + xrdb .Xdefaults& + compton& + xset r rate 300 50& + feh --bg-fill ~/.wall.png + sxhkd + exec bspwm +#+end_src + +With that =.xinitrc=, running =startx= just works. + +** Package management + +FreeBSD comes with 2 options to install packages: binary-based +packages and port-based packages which installs packages compiling +them from source code. + +*** Binary package management + +I installed an operating system because I wanted to use it. And it is +impossible to use an operating system if you cannot install software +in it. Fortunately, FreeBSD comes with a package manager called =pkg=, +a very original name for a package manager. It is simple to use, +and blazing fast. I would say it is faster, or at least as fast as +=xbps=, the fastest package manager I know. Using it is utter simple, +here are some examples: + +#+begin_src shell-script + # All these commands must be run as root. + + # Install the package "emacs" + pkg install emacs + # Deinstall the package "emacs" + pkg remove emacs + # Remove all the unneeded dependencies + pkg autoremove + # List all packages that contain "edit" in its name + pkg search edit + # List all packages that contain "editor" in its comment + pkg search -S comment editor +#+end_src + +Unfortunately, =pkg= comes with insane defaults. You have to type +'y' and then 'enter' to confirm you want to install a package. As +=pkg= defaults to "No". I guess this is a security feature for some +users. But as I'm too lazy to press the 'Y' key, and I'd rather just +to press enter, I edited =/usr/local/etc/pkg.conf= and added the +following content: + +#+begin_src conf + # I don't want to press 'Y' everytime. + DEFAULT_ALWAYS_YES=yes + AUTOCLEAN=yes + IP_VERSION=4 + # I don't want to wait to upgrade a package. I'll update my system + # only when I want :) + REPO_AUTOUPDATE=no +#+end_src + +*** Source package management +Sadly I can't talk a lot about this one because I have a overheated +machine and if I compiled something in this computer we would have the +biggest destruction known to civilized man since 476 A.D. + +But I can compile small software without a lot of problem. + +First you have to get the port collection if you didn't do it in the +installer with the following command: + +=# portsnap fetch extract= + +Which will, fetch the port collection and extract them in +=/usr/ports=. These ports are just a collection of Makefiles. Which +will download and build the source code from you. These makefiles are +kinda easy to work with, and also to write. As i'm the maintainer for +some FreeBSD packages :) + +You can also configure which CFLAGS you want *by default*. Just edit +the =/etc/make.conf= file. Mine looks like this: + +#+begin_src conf + CFLAGS+= -O2 -pipe -march=native -mtune=native + DEVELOPER=yes + MAKE_JOBS_UNSAFE=yes +#+end_src + +** Linux emulation +As I mentioned before, what was keeping me at the Linux hell was the +Web Browser known as Pale Moon. I followed [[https://docs.freebsd.org/en/books/handbook/linuxemu/][the guide]] to run Linux +software in FreeBSD. Downloaded Pale Moon, and after installing a few +dependencies, yup, it worked just like if I was using it in Linux. + +Then I =rm -rf palemoon= and moved to firefox. Don't really know why. +** Multimedia +This was kind of a pain, =oss= didn't want to work for undisclosed +reasons. Too lazy to install sndio. So I went the easy way and just +installed pulseaudio. Call me what you will. But I want to listen to +Madvillain, not say "I DON'T USE PULSEAUDIO" in the internet. I use +=cmus= as my music player. The binary distribution of cmus comes with +the PulseAudio plugin disabled so I had to install it from the ports +system. + +mpv and audio in FireFox just worked. +** ZFS +After years of using UFS, it was time for a change. ZFS was +introdouced experimentally in FreeBSD 7. And in the latest version, it +is the default filesystem. This filesystem is, described by itself as +"The last word in file system" That makes sense to me. They are not +going to say it's a bad filesystem if they want people to use it. And +if i'm using a filesystem that takes most of my RAM, it should be good +at least. And, yes, ZFS is good. +*** Pools and storage +"A storage pool is the most basic building block of ZFS. A pool +consists of one or more vdevs, the underlying devices that store the +data.". I don't understand any of that. But a pool must be created to +create your filesystems (datasets) and volumes. In the default +installation, the dataset is called "zroot". + +These "file systems" are similar to partitions. It is mounted wherever +you want and has its own metadata. +*** Creating and configuring datasets +My friend Endemic has a lot of media that must be stored, he has lost +media, music from bands no one has ever heard of and soviet movies and +obscure breakcore. This kind of media has to be archived and zfs does +a great work creating that. ZFS has also a compression feature, +supporting a lot of compression algorithms. + +So to create the zpool that I want to be mounted in /storage, I ran +the following commands (as root) + +#+begin_src shell-script + # Create the pool storage in the /dev/da0 device, which is an external + # hard drive + zpool create storage /dev/da0 + # Set zstd-9 compression in the pool. + zfs set compression=zstd-9 storage +#+end_src + +And that's it. Then when you copy big files to /storage they will be +compressed. And as our CPU is fast and zstd uses a fast algorithm, you +probably won't notice that you're actually compressing and +decompressing files all the time. Which is good. You can also use +zstd-19 as compression, which redouce the filesize of everything by a +lot. But this has a drawback, quoting from the [[https://docs.freebsd.org/en/books/handbook/zfs/index.html][FreeBSD ZFS reference]]: + +#+begin_quote +ZFS offers 19 levels of Zstd compression, each offering +incrementally more space savings in exchange for slower +compression. The default level is zstd-3 and offers greater +compression than LZ4 without being much slower. Levels above 10 +require large amounts of memory to compress each block and systems +with less than 16 GB of RAM should not use them. ZFS uses a selection +of the Zstd_fast_ levels also, which get correspondingly faster but +supports lower compression ratios. ZFS supports zstd-fast-1 through +zstd-fast-10, zstd-fast-20 through zstd-fast-100 in increments of 10, +and zstd-fast-500 and zstd-fast-1000 which provide minimal +compression, but offer high performance. +#+end_quote + +And as I use a ThinkPad in which I didn't even bother on adding more +RAM. I use zstd-9. Which compresses the files somehow good. You can +see the stats with =zfs get used,compressratio,compression,logicalused +dataset=. + +#+begin_src +zroot used 64.1G - +zroot compressratio 1.15x - +zroot compression zstd-9 local +zroot logicalused 66.1G - +#+end_src + +Used is the revelant to the filesystem size. And logicalused is the +size the filesystem would have without compression. So this means I +have saved 2GBs thanks to zstd-9. I do not feel any performance difference. +*** Snapshots +We all fuck it sometime. And that is okay. What is not okay is to lose +data. ZFS contains a tool to create snapshots of a dataset. Which are +basically backups that restore your filesystem to a certain +point. These are very useful to recover lost data. You can create a +backup of your =home= partition like this: + +#+begin_src shell-script + zfs snapshot zroot/usr/home@(date +%F) +#+end_src + +After creating the snapshot and completly trusting ZFS, i ran rm -rf +~/*. Which nuked my home directory and everything in it. Then I ran +=zfs rollback zroot/usr/home@2022-06-18= and it was restored. Like +nothing ever happened. According to the FreeBSD reference, snapshots +can take a lot of disk space so you should delete them as they're no +longer needed. +*** Other features + +ZFS has features like incremental backups, encryption, RAIDS, but I +haven't tried them. +** Jails +TODO diff --git a/tech_posts/index.org b/tech_posts/index.org new file mode 100644 index 0000000..55488ad --- /dev/null +++ b/tech_posts/index.org @@ -0,0 +1,28 @@ +#+INCLUDE: "../inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil ^:nil +#+TITLE: suragu.net - Tech posts +#+HTML_HEAD_EXTRA: +#+EXPORT_FILE_NAME: index.html + +* suragu.net tech posts + +I have a [[../blog/][blog]], but I to keep it to very weird things that come to my +mind that don't require text formatting, images, or anything that is +not plain text. + +The intention of this section of my website is to make a space for all +the weird things that are related with tech. Which mostly always +require formatting like syntax highlighting, images, or monospaced +text. So I decided to create this section for the tech related posts. + +These articles are sorted from oldest to newest. + +1. [[./org_mode_as_ssg.html][org-mode as static site generator]] +2. [[./freebsd_as_desktop.html][raoul's experiences with FreeBSD as desktop.]] +3. [[./brotli_in_openbsd_http.html][brotli in OpenBSD's httpd.]] +4. [[./fear_and_loathing_in_artix.html][Fear and Loathing in Artix (or BSD user tries Linux)]] +5. [[./bsd_make.html][Using BSD make as build system]] +6. [[./modern_perl.html][Perl in CURRENT_YEAR]] diff --git a/tech_posts/modern_perl.org b/tech_posts/modern_perl.org new file mode 100644 index 0000000..7a972ee --- /dev/null +++ b/tech_posts/modern_perl.org @@ -0,0 +1,214 @@ +#+INCLUDE: "../inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil ^:nil +#+TITLE: suragu.net - Perl in CURRENT_YEAR +#+HTML_HEAD_EXTRA: +#+EXPORT_FILE_NAME: modern_perl.html + +* Perl in CURRENT_YEAR + +Perl is a programming language that will always live deep into my +heart. It was the first programming language I can say I +mastered. But it's sad that not even God uses this programming +language anymore. It's a great programming language, it has evolved in +the latest years, so much that it even looks like a modern programming +language. Some of the stupid design of perl has been fixed. + +It is known by everyone that the perl Syntax sucks. It makes 0 sense, +at least for learners. Experimented perl programmers no longer fear +anything. + +For comments or questions on this post, email me at sukamu at riseup +dot net. +** Function prototypes +Perl always lacked function signatures (prototypes), the way you +passed arguments to a function in perl was horrible, it is like +functions in bash: + +#+begin_src perl -n + sub sum() { + my ($x, $y) = @_; + return $x + $y; + } + + print sum(3, 4); # Prints 7 +#+end_src + +You define the function parameters inside the function, just like in +bash. This is, in my opinion, horrible, but since perl 5.36, you can +have function signatures, to use perl's new features, you have to +specify the version of perl you want to use, to do this just use the +=use= keyword. + +#+begin_src perl -n + use v5.36; + + sub sum($x, $y) { + return $x + $y; + } + say sum(4, 5); # prints 9, and adds a newline. +#+end_src + +The function signature feature was added in Perl v5.20, but it started +to be considered stable at v5.36. There is also this new "say" +function that is just like =print= but adds a =newline= at the end of +the line, like python's =print= or C's =puts()=. These features were +inhereted from Raku. + +** Try/Catch + +Perl added an experimental Try/Catch blocks in v5.34. These are still +considered experimental as of v5.36. But you can still use them. The +=try/catch= (also =finally= if you're using v5.36) works like any +other programming language that has try/catch blocks. As this feature +is still experimental and should not be used seriously, you have to +specify that you want to use the experimental feature ='try'=: + +#+begin_src perl -n + use v5.36; + use strict; + use warnings; + + use experimental 'try'; + + sub attempt() { + say "I'm doing something!"; + die "Goodbye cruel world"; + return 42; + } + + try { + my $x = attempt(); + } catch($e) { + say "Exception: $e"; + } finally { + say "Finished"; + } +#+end_src + + +And the thing does exactly that, the script dies inside the =try= +block, so it's passed to the =catch= block as an exception. And +finally, the =finally= block is executed. + +** the =isa= operator + +The isa operator tests whether an object has a instance of a certain +class, in non-object programming slang, it just checks the type of a +variable. The =isa= operator was introdouced as an experimental +feature in perl v5.34.0 and was no longer considered experimental in +the current v5.36.0. + +#+begin_src perl -n + #!/usr/bin/perl + + use v5.36; + use LWP::UserAgent; + my $ua = LWP::UserAgent->new; + + + if ($ua isa LWP::UserAgent ) { + say "LWP::UserAgent object instanced successfully"; + } else { + die "something that should not have happened happened."; + } +#+end_src + +Before this operator, you had to use the =ref= function and string +checker to accomplish the same thing, like this; + +#+begin_src perl -n + use LWP::UserAgent; + my $ua = LWP::UserAgent->new; + + if(ref($ua) eq "LWP::UserAgent") { + # Do stuff... + } else { + # Do stuff when failed. + } +#+end_src + +Which clearly makes a difference at the moment of reading and writing +new code. + +** The defer block + +This is a feature that others programming languages have, C++ calls it +RAII, there are plans to add it to the next version of the C +programming language, also golang has the defer block. Thing is that +in perl it works like this: + +#+begin_src perl -n + #!/usr/bin/perl + + use v5.36; + + use experimental 'defer'; + my $x = 0; + { + $x = (2^31)-1; + defer { + say "The block has finished it's execution"; + $x = 0; + }; + say "Let's pretend i'm doing stuff..."; + say "x value: $x"; + } + say "x value: $x"; +#+end_src + +Simillary to =try/catch=, this function is experimental and should not +be used in production. Or use it if you want. But don't blame the perl +devs if something breaks (which, honestly, I doubt that your system +will break because of an experimental feature. Just don't abuse it or +use it in very weird ways and you'll be fine). + +** builtin values + +=builtin= is a new core module that shipts with perl v5.36. This +package are plains function and behave like user defined +cuntions. They do not provide any special thing you have never seen in +perl before. But they're still good to have, as they help to make the +code more easy to write and read. These functions are also +experimental so be careful at the moment of using them. + +#+begin_src perl -n + use v5.36; + use experimental 'builtin'; + use builtin qw(true false is_bool trim + reftype created_as_string + created_as_number); # There are more builtin functions... + my $bool_value = true; + + if ($bool_value) { + say "The value is true"; + } else { + say "The value is false"; + } + + say is_bool($bool_value); # Will print "true"; + + my $str = "\t\n\r Hello world\t\r\n"; + $str = trim($str); # This trim() function will remove all the whitespace + #characteres defined by unicode (https://perldoc.perl.org/perlrecharclass#Whitespace) + + print $str; # Will print "Hello world", without newlines, tabs, or + # carriage returns. +#+end_src + +These new functions are not the greatest or most useful thing ever, +but they are still helpful. + +** Conclusion + +Perl's not dead. At least that's what I kept telling myself because I +don't want to see this programming language dying in my lifespan. But +it's pretty cool that they still add new features to Perl 5. Despite +everything you could say, perl is still alive, but no one uses it, but +well, no one uses Haskell either. :^) +** Sources +- 1. https://perldoc.perl.org/5.36.0/builtin +- 2. https://perldoc.perl.org/5.36.0/perldelta +- 3. https://perldoc.perl.org/5.34.0/perldelta diff --git a/tech_posts/org_mode_as_ssg.org b/tech_posts/org_mode_as_ssg.org new file mode 100644 index 0000000..75524d4 --- /dev/null +++ b/tech_posts/org_mode_as_ssg.org @@ -0,0 +1,153 @@ +#+INCLUDE: "../inc/header.html" export html +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil +#+options: ^:{} +#+TITLE: suragu.net - Org-mode as a Static Site Generator +#+HTML_HEAD_EXTRA: +* org-mode as a Static Site Generator +Created: 2022-06-14 +Last updated: 2022-06-14 +** Introduction +There are a lot of static site generators out there, you can think of +Jekyll, Hugo, sblg. Those are good (I guess) but, as I was too lazy to +check them out, I tried to perform the same task (In this case, +generating a website from a language in a weird markup language) that +looks very much the same as it was written in pure html. And emacs' +org-mode was able to do this perfectly. Not much flaws were found in +this process. + +And yes, this article was written in =org-mode=. + +If you enjoy this article, please consider donating: +[[https://liberapay.com/raoul11][https://liberapay.com/raoul11]]. For questions or comments on this +article feel free to reach me out at teru-sama [at] riseup [dot] net. + +** The basics + +Every emacs users (I hope) knows about org-mode, it is a very powerful +markup language, in my opinion, better than markdown as it uses more +common sense, like *bold* text are written with only one asterisk and +/italic/ text is written with slashes, which makes more sense inside +my head than markdown's one asterisk for italic and two asterisks for +bold. The headers are written with an asterisk followed by the text, +and you can insert code blocks with =#+begin_src =. (and close +them with #+end_src) And +guess what! Emacs will export the source code *highlighted* to html! +The output colors will be defined by your *current Emacs theme* + +When you are finished writing your .org file, you can export it to +html with =M-x org-html-export-to-html=. This will create a =.html= file +with the same name of the =.org= file. You can open it and it won't be +so much different than a =.md= file converted to =.html= using =pandoc=. But +we can fix that using the multiple =org-mode= options! +** org-mode options +There are a lot of =org-mode=. You can check all of them [[https://orgmode.org/manual/Publishing-options.html][here]] and +[[https://orgmode.org/manual/Export-Settings.html][here]]. Check them if you need an option that is not here. Pretty sure +there's an option for whatever you want. + +So, when you make a website, you most likely want to make it somewhat +artistic, so you want to add, say, a header, and a stylesheet +file. This is possible with =org-mode= options. The following text lines +will insert a header file and a stylesheet file into the resulting +.html file: + +#+begin_src org +#+INCLUDE: "inc/header.html" export html +#+HTML_HEAD_EXTRA: +#+end_src + +This will include, before everything in the =.org= file, the content of +the file located at =inc/header.html=. And will append that HTML +tag to the section of the resulting =.html= file. So it will give +the stylesheet to the resulting html site. +n +But by default =org-mode= gives us the number of headings, preambles and +postambles, a table of contents, some html style we never asked for, +and a lot of things we never asked for. But obviously, theres an +option to take care of all of that! + +#+begin_src org +#+options: toc:nil +#+OPTIONS: html-postamble:nil +#+OPTIONS: html-style:nil +#+OPTIONS: num:nil p:nil pri:nil stat:nil tags:nil tasks:nil tex:nil timestamp:nil toc:nil title:nil +#+end_src + +That snippet inside the codeblock will disable all the things we don't +want in a personal website (but maybe we want in an academic +article?). I don't know. The thing is that you can disable or enable +them as needed. As you should know, =nil= in emacs-lisp means =false= and +=t= means =true=. So if you want to enable some option of those you give +it =t= instead of =nil=. + +So you have to add that to all the .org files you have. You can +probably setup those options as default by setting the family of +=org-export= variables to =nil= as needed. But I keep it that way because +I am too lazy to set all of those variables. + +Then, you have to do =M-x org-html-export-to-html= in each .org file and +upload them to your webroot. And everything should work when you visit +your website. If not, check if the path of the css and header is +correct (In this post i'm assuming your .html files are in =inc/= and +your css is in =css/styles.css=, which are both relative paths). +** Inserting custom HTML in Org +Something great about Markdown is that you can insert HTML by simply +adding it as normal text. You cannot do this in org-mode. You can't +just put thing and expect org-mode to compile that as html. You +have to use an =export= block. Those work just as the codeblocks we've +seen before. But instead of src, it's export, so it will +be #+begin_export html. Following there's an example +#+begin_export html +This is custom HTML (it has the style attribute) inserted into org-mode :D +#+end_export +** Exporting a whole directory with .org files to html + +For most of the time running this website using =org-mode= as static +site generator, i used to run =M-x org-html-export-to-html= as +needed. But I thought this was unnecessary and repetitive and there +wasn't really a need to do that. I wanted something like =make=. Where +you run and you get everything compiled. And if a file didn't change, +don't compile it again (as it isn't needed). So I asked about this in +the #emacs irc channel: + +#+begin_src text + Hello, is it possible to use org-html-export-to-html in a + emacs lisp program to export a file? Documentation says it only + "exports the current buffer", But i want to export all the .org files + in a directory as html + (I'm using org-mode as a ssg) + > export all the .org files in a directory as html + sukamu: it sounds like you want org-publish + (info "(org) Publishing") +#+end_src + +So I checked out that "=org-publish=" thing this IRC user was talking +about. And indeed it was exactly what I needed. I had to read the +documentation. And I came to this following emacs-lisp files which can +compile my website just well: + +#+begin_src emacs-lisp + ;; Change this + (setq org-publish-project-alist + '(("suragu.net" + :base-directory "~/repos/suragu_org/" + :publishing-directory "~/repos/suragu_org/out_html" + :section-numbers nil + :publishing-function org-html-publish-to-html + :table-of-contents nil + :recursive t + ))) + + (defun make-suragu () + (interactive) + (org-publish "suragu.net") +#+end_src + +And that's it! Everytime I want to recompile this website I just have +to run =M-x make-suragu= and org-publish will do the rest for me! +** Conclusion +=org-mode= is a great markup language that can repleace markdown in most +tags and also works well as a static site generator. What else do you +want me to say