Fryboyter

Insert date in Sublime Text

If you create an article with Hugo you have to enter the date in the markdown file in the form of 2019-04-27T22:18:13+0200. In contrast to Jörg this annoys me quite a bit.

So I thought about how I could automate the input. For my preferred editor Sublime Text there is the plugin InsertDate available. After the installation you choose the correct time zone. After that, it’s best to create a shortcut to insert the date. To do this, select “Key Bindings” from the “Preferences” menu. In the right window enter the following code between the square brackets and save the file.

{ "keys": ["shift+f5"], "command": "insert_date", "args": {"format": "%Y-%m-%dT%H:%M:%S%z"} },

Instead of shift+f5 you can also use another key combination. From now on you can insert the current date including time and the difference to UTC in ISO 8601 format with the defined shortcut.

OSBN | General

Switched to Complete Feed

A few days ago I was asked if I could change the OSBN feed to show the complete article. The wish is my command.

To do this, I simply created the file rss.xml in the layouts/_default subdirectory of Hugo’s theme directory with the following content (this corresponds to the standard template of the feed).

<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
    <title>{{ if eq  .Title  .Site.Title }}{{ .Site.Title }}{{ else }}{{ with .Title }}{{.}} on {{ end }}{{ .Site.Title }}{{ end }}</title>
    <link>{{ .Permalink }}</link>
    <description>Recent content {{ if ne  .Title  .Site.Title }}{{ with .Title }}in {{.}} {{ end }}{{ end }}on {{ .Site.Title }}</description>
    <generator>Hugo -- gohugo.io</generator>{{ with .Site.LanguageCode }}
    <language>{{.}}</language>{{end}}{{ with .Site.Author.email }}
    <managingEditor>{{.}}{{ with $.Site.Author.name }} ({{.}}){{end}}</managingEditor>{{end}}{{ with .Site.Author.email }}
    <webMaster>{{.}}{{ with $.Site.Author.name }} ({{.}}){{end}}</webMaster>{{end}}{{ with .Site.Copyright }}
    <copyright>{{.}}</copyright>{{end}}{{ if not .Date.IsZero }}
    <lastBuildDate>{{ .Date.Format "Mon, 02 Jan 2006 15:04:05 -0700" | safeHTML }}</lastBuildDate>{{ end }}
    {{ with .OutputFormats.Get "RSS" }}
        {{ printf "<atom:link href=%q rel=\"self\" type=%q />" .Permalink .MediaType | safeHTML }}
    {{ end }}
    {{ range .Pages }}
    <item>
      <title>{{ .Title }}</title>
      <link>{{ .Permalink }}</link>
      <pubDate>{{ .Date.Format "Mon, 02 Jan 2006 15:04:05 -0700" | safeHTML }}</pubDate>
      {{ with .Site.Author.email }}<author>{{.}}{{ with $.Site.Author.name }} ({{.}}){{end}}</author>{{end}}
      <guid>{{ .Permalink }}</guid>
      <description>{{ .Summary | html }}</description>
    </item>
    {{ end }}
  </channel>
</rss>

I changed the line <description>{ .Summary | html }}</description> to <description>{ .Content | html }}</description> to display the complete article. That’s it. The change applies to the entire page, not just the OSBN category.

OSBN | General

Fryboyter is now generated with Hugo

So far I have used the CMS Bolt for fryboyter.de. Basically I am satisfied with it. But somehow I have lately less and less desire to install the updates.

Therefore I looked at various tools in the last weeks, with which one can create static web pages. So you don’t need PHP, no database, etc. Thus also the annoying updating of the side is unnecessary.

Finally I ended up with Hugo . There are basically two reasons for this. On the one hand Hugo consists of only one file and on the other hand the static pages are created very fast.

But what kept me busy was how to create the website when I added new articles and how to upload it to the webspace.

In the Lab of Uberspace there is a manual how to install Hugo. Hugo runs as a service in the background and recreates the page as soon as something has changed. But as a consequence I have to take care of possible updates as soon as possible. It would be better if Hugo is started only to create the page and then shut down again. The easiest way would be to connect to the webspace via SSH, create the new article and then run Hugo manually. Simple? Yes. Cumbersome? Definitely. So it’s out of the question.

The solution is, as so often, Git. First you create a directory on the webspace outside the document root. In this directory you create a so called bare-respository with “ git init –bare”. In comparison to a normal repository, this has no working tree. If you now look at the directory again, you will find the subdirectory “hooks” there. With these hooks certain tasks can be automated. For example, commands can be executed when the repository has received new data. For this you create the file post-receive in the directory “hooks” and add the following data and make it executable.

GIT_REPO=$HOME/repository/fryboyter.git
TMP_GIT_CLONE=$HOME/tmp/git/fryboyter
PUBLIC_WWW=/var/www/virtual/$USER/html/fryboyter
git clone $GIT_REPO $TMP_GIT_CLONE
~/bin/hugo -s $TMP_GIT_CLONE --cleanDestinationDir -d $PUBLIC_WWW
rm -Rf $TMP_GIT_CLONE
exit

This clones the contents of the repository into a temporary directory. Then Hugo deletes the already published website and recreates it. Then the temporary directory is deleted.

What is still missing is the data with which the website is created. These are created on your own computer. When this is done, you change to the respective directory and execute the following commands.

git init
git add .
git commit -m "Beschreibung des Commit"

With this you create a local repository, add all files of the directory and create a commit. If you upload it with “git push $adresse_des_repository” the file post-receive will be executed and the website will be created automatically. To update the page in the future, create / change the file in the local repository, create a new commit and upload the changes using git push.

OSBN | General

Combine Pi-Hole with Unbound

Pi-Hole is a so called “DNS-Sinkhole” for the own network with which you can filter out unwanted advertisements from websites. Yesterday I installed it on a unused Raspberry Pi.

Since Pi-Hole does not officially support Arch Linux and therefore problems may occur, I installed Raspbian without further ado. Funnily enough there is a package for Pi-Hole for Arch in the AUR while you have to install this package for Rasppian via “curl -sSL https://install.pi-hole.net | bash”. This is the official way, by the way, even if you normally warn against such instructions. The whole process is quite unspectacular in the end and works simple in the end.

During the installation I had the idea to combine Pi-Hole with Unbound. Unbound used to be my caching DNS resolver, so I don’t need DNS like 8.8.8.8 (Google).

So first install Unbound with “sudo apt install unbound”.

With the command “sudo wget -O /var/lib/unbound/root.hints https://www.internic.net/domain/named.root" we now download the list of DNS root servers.

Now it’s time to configure Unbound. We create the file /etc/unbound/unbound.conf.d/pi-hole.conf and fill it with the following content.

server:
    verbosity: 1
    port: 12345
    do-ip4: yes
    do-udp: yes
    do-tcp: yes

    # Wenn IPv6 genutzt wird auf yes ändern
    do-ip6: no

    # Liste der Root-Server
    root-hints: "/var/lib/unbound/root.hints"

    # Vertraut glue nur wenn innerhalb von servers authority
    harden-glue: yes

    # Um DNSSEC zu deaktivieren auf no setzen
    harden-dnssec-stripped: yes

    # Großbuchstaben um Spoof zu erschweren
    use-caps-for-id: yes
    
    # EDNS Buffergroeße
    edns-buffer-size: 1472

    # TTL für Cache
    cache-min-ttl: 3600
    cache-max-ttl: 86400

    # Oft genutzte Einträge bleiben im Cache
    prefetch: yes

    # Anzahl der Threads (1 reicht fuer kleines LAN)
    num-threads: 1
    
    # Cache-Speicher. rrset sollte doppelt so groß wie msg sein
    msg-cache-size: 50m
    rrset-cache-size: 100m
    
    # UDP schneller mit Multithreading (Tux only).
    so-reuseport: yes
    
    # Stellt sicher, dass Kernel-Buffer groß genug ist wenn Traffic stark ansteigt 
    so-rcvbuf: 1m

    # IP werden nicht aufgelöst
    private-address: 192.168.1.1/16
    

If you can”t get anything out of my comments, you can read a more detailed description at https://www.unbound.net/documentation/unbound.conf.html. At the moment only the third and the last line are important. In the third line, the port is specified on which Unbound should listen. And in the last one you enter your address range for your own LAN.

With “systemctl start unbound.service” you test if unbound starts without problems. With “systemctl enable unbound.service” Unbound is started automatically.

Now enter Unbound at Pi-Hole as DNS. Just enter $PI-IP/admin in your browser (instead of $IP-IP use the IP under which the Raspberry is reachable in the LAN). Now the dashboard of Pi-Hole should be displayed. There we click on Login on the left side and log in. Now we select Settings -> DNS on the left. Here I noticed that in the stable version of Pi-Hole you can enter the IP of your own DNS, but no port. After some Google-Fu I found out that it only works with the current beta version. Since I have nothing to lose, I switched to the current beta version with the following commands.

echo "FTLDNS" | sudo tee /etc/pihole/ftlbranch
pihole checkout core FTLDNS 
pihole checkout web FTLDNS

Now you can enter 127.0.0.1#12345 under Settings -> DNS (instead of 12345 you use the port specified in the configuration file (# is intentional and must be specified here).

Now we have to tell the devices in the network to use the Pi-Hole as DNS. To do this we either store the IP of the Raspberry Pi in the router or adjust the DNS settings on the respective devices (/etc/resolv.conf, netctl profiles etc.).

As a conclusion after about 24 hours with the combination of Pi-Hole and Unbound I can make the following statements so far:

  • Apt is damn slow compared to pacman
  • I’ll never make friends with a distribution that uses sudo for every crap, so I’ll probably activate the root account or install Arch again.
  • If Unbound doesn’t know the IP of a website yet, there will be a short delay until the page is displayed. After that everything goes very fast.
  • If you look at the statistics of Pi-Hole, you will notice how much crap is filtered. With me it is up to 30.4 percent of all inquiries which disappear in the hole.

As far as the statistics are concerned, I noticed that they are updated every minute. Since I don’t need current statistics and to avoid unnecessary write operations on the memory card I created the file /etc/pihole/pihole-FTL.conf and entered DBINTERVAL=60.0 there. Now the write process is still done every 60 minutes. This is absolutely sufficient for me, since the filter process continues as normal.

But this solution has a disadvantage for me. For various things like geo-blocking I use a VPN provider. The current provider (which will probably also apply to most other providers) unfortunately does not allow you to enter your own DNS to prevent so-called DNS leaks. So I will continue to use uBlock Origin in my browser. Especially since Pi-Hole can’t filter some things like these annoying cookie hints.

Linux | OSBN