solene.rss.xml - sfeed_tests - sfeed tests and RSS and Atom files
(HTM) git clone git://git.codemadness.org/sfeed_tests
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
solene.rss.xml (66100B)
---
1 <?xml version="1.0" encoding="UTF-8"?>
2 <rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
3 <channel>
4 <title>Solene's percent %</title>
5 <description></description>
6 <link>https://dataswamp.org/~solene/</link>
7 <atom:link href="https://dataswamp.org/~solene/rss.xml" rel="self" type="application/rss+xml" />
8 <item>
9 <title>A curated non-violent games list</title>
10 <description>
11 <![CDATA[
12 <p>For long time I wanted to share a list of non-violent games I
13 enjoyed, so here it is. Obviously, this list is FAR from being
14 complete and exhaustive. It contains games <strong>I played</strong> and that
15 I liked. They should all run on Linux and some on OpenBSD.</p>
16
17 <p>Aside this list, most tycoon and puzzle games should be
18 non-violent.</p>
19
20 <h2 id="automationbuildinggames">Automation / Building games</h2>
21
22 <ul>
23 <li><a href="https://tobspr.itch.io/shapezio">Shapez.io</a></li>
24 </ul>
25
26 <p>This game is like Factorio, you have to automate production lines
27 and increase the output of shapes/colors. Very time consuming.</p>
28
29 <p>The project is <strong>Open source</strong> but you need to buy the game if
30 you don’t want to compile yourself. Or just use my compiled version
31 at <a href="https://perso.pw/shapez.io/">https://perso.pw/shapez.io/</a>
32 (require a chrome based browser…)</p>
33
34 <ul>
35 <li><a href="https://www.openttd.org/">OpenTTD</a></li>
36 </ul>
37
38 <p>A transport tycoon game, multiplayer possible! Very complex,
39 the community is active and you can find tons of mods.</p>
40
41 <p>The game is <strong>Open source</strong> and you can certainly install it
42 on any distribution with the package manager.</p>
43
44 <ul>
45 <li><a href="https://vfqd.itch.io/terra-nil">Terra Nil - Reclaim the wasteland</a></li>
46 </ul>
47
48 <p>This game is about building equipments to restore the nature into
49 a wasteland, improve the biodiversity and then remove all your
50 structures.</p>
51
52 <p>The game is not open source but is free of charge. The music
53 seems to be under an open licence.
54 Still, you can pay what you want for it to support the developer.</p>
55
56 <ul>
57 <li><a href="https://vfqd.itch.io/everything-is-garbage">Everything is garbage</a></li>
58 </ul>
59
60 <p>This is a short game about chaining producing buildings into another,
61 all from garbages up to some secret ending :)</p>
62
63 <p>The game is not open source but is free of charge.</p>
64
65 <h2 id="sandboxadventuregame">Sandbox / Adventure game</h2>
66
67 <ul>
68 <li><a href="https://www.minetest.net/">Minetest</a></li>
69 </ul>
70
71 <p>This game is a clone of Minecraft, it supports a lot of mods (which
72 can make the game very complex, like adding trains tracks with their
73 signals, the pinnacle of complexity :D). As far as I know, the game
74 now supports health but there are no fight involved.</p>
75
76 <p>The game is <strong>Open source</strong> and free of charge.</p>
77
78 <ul>
79 <li><a href="https://bynine.itch.io/forestssecret">Forest’s Secret</a></li>
80 </ul>
81
82 <p>This game is about exploration in a forest. It has a nice
83 music, gameplay is easy.</p>
84
85 <p>The game is not open source but it’s free.
86 Still, you can pay what you want for it to support the developer.</p>
87
88 <h2 id="actionreflexgames">Action / reflex games</h2>
89
90 <p>This category of games contains games that require
91 some reflexes or at least need to player to be
92 active to play.</p>
93
94 <ul>
95 <li><a href="https://xmoto.tuxfamily.org/">Xmoto</a></li>
96 </ul>
97
98 <p>This game is about driving a 2D motocross and
99 pass through obstacles, it can be very hard
100 and will challenge you for long time.</p>
101
102 <p>it’s <strong>Open source</strong> and free of charge.</p>
103
104 <ul>
105 <li><a href="https://kenney.itch.io/frick-inc">Frick. Inc</a></li>
106 </ul>
107
108 <p>This is a fun game where you need to drive some big trucks only
109 <strong>using a displayed control panel with your mouse</strong> which make
110 things very hard.</p>
111
112 <p>The game is not open source and not free, but the cost isn’t very
113 high (3.99€ at the moment from France).</p>
114
115 <ul>
116 <li><a href="https://adamgryu.itch.io/a-short-hike">A short hike</a></li>
117 </ul>
118
119 <p>This game is about a teenager character who is on vacation in a
120 place with no cell network, and you will have to make a hike and
121 meet people to go to the end. Very relaxing :)</p>
122
123 <p>The game isn’t open source and isn’t free, but costs around 8€ at
124 the moment from France.</p>
125
126 <ul>
127 <li><a href="https://www.gog.com/game/Train_Valley">Train valley</a></li>
128 </ul>
129
130 <p>This game is about adding trains to tracks and avoid them
131 to crash. I found this game to be more about reflexes than
132 building, simulation or tycoon. You mostly need to route
133 the trains in real time.</p>
134
135 <p>The game isn’t open source and not free but costs around 10€.</p>
136
137 <h2 id="puzzlegameszachtronicsgames">Puzzle games (Zachtronics games)</h2>
138
139 <p>What’s a Zachtronics game? It’s a game edited by Zachtronics! Every
140 game from this studio have a common pattern. You solve puzzles with
141 more and more complexes systems, you can compare your result in
142 speed / efficiency / steps to the others player. They are a mix in
143 between automation and puzzles. Those games are really good. There
144 are more than the 3 games I list, but I didn’t enjoy them all,
145 <a href="https://www.gog.com/games?devpub=zachtronics&page=1&sort=popularity">check the full list</a></p>
146
147 <ul>
148 <li><a href="https://www.gog.com/game/opus_magnum">Opus Magnum</a></li>
149 </ul>
150
151 <p>You play an alchemist who is asked to create product for a rich
152 family. You need to setup devices to transforms and combine
153 materials into the expected result.</p>
154
155 <p>The game isn’t open source and isn’t free. The average cost is 20€.</p>
156
157 <ul>
158 <li><a href="https://www.gog.com/game/infinifactory">Infinifactory</a></li>
159 </ul>
160
161 <p>This game is in 3D, you receive materials on conveyor belts and you
162 will have to rotate and wield them to deliver the expect material.</p>
163
164 <p>The game isn’t open source and isn’t free. The average cost is 20€.</p>
165
166 <ul>
167 <li><a href="https://www.gog.com/game/tis100">Tis–100</a></li>
168 </ul>
169
170 <p>This game is about writing code into assembly. There are calculations
171 units that will add/sub values from registers and pass it to another
172 unit. Even more fun if you print the old fashion instructions book!</p>
173
174 <p>The game isn’t open source and isn’t free. The average cost is 10€.</p>
175
176 <h2 id="visualnovel">Visual Novel</h2>
177
178 <p><a href="https://www.gog.com/game/the_expression_amrilato">The expression Amrilato</a></p>
179
180 <p>This game is about a japanese girl who ends in a parallel world where
181 everything seems similar but in this Japan, people talk Esperanto.</p>
182
183 <p>The game isn’t open source and isn’t free. The average cost is 20€.</p>
184
185 <h2 id="notveryviolent">Not very violent</h2>
186
187 <p><a href="http://wayofthepassivefist.com/">Way of the Passive Fist</a></p>
188
189 <p>I would like to add this game to this list. It’s a brawler (like
190 street of rage) in which you don’t fight people, but you only dodge
191 attacks to exhaust enemies or counter-attack. It’s still a bit
192 violent because it involves violence toward you, and throwing back
193 a knife would still be violent… But still, I think this is an
194 unique game that merits to be better known. :)</p>
195
196 <p>The game isn’t open source and isn’t free, expect around 15€ for
197 it.</p>
198
199 ]]>
200 </description>
201 <guid>https://dataswamp.org/~solene/2020-10-18-non-violent-games.html</guid>
202 <link>https://dataswamp.org/~solene/2020-10-18-non-violent-games.html</link>
203 <pubDate>Sun, 18 Oct 2020 00:00:00 GMT</pubDate>
204 </item>
205 <item>
206 <title>Making a home NAS using NixOS</title>
207 <description>
208 <![CDATA[
209 <p>Still playing with <a href="https://nixos.org/">NixOS</a>, I wanted to experience
210 how difficult it would be to write a NixOS configuration file to
211 turn a computer into a simple NAS with basics features: samba
212 storage, dlna server and auto suspend/resume.</p>
213
214 <p>What is <a href="https://nixos.org/features.html">NixOS</a>? As a reminder for
215 some and introduction to the others, NixOS is a Linux distribution
216 built by the Nix package manager, which make it very different than
217 any other operating system out there, except <a href="https://guix.gnu.org/">Guix</a>
218 which has a similar approach with their own package manager written
219 in Scheme.</p>
220
221 <p>NixOS uses a declarative configuration approach along with lot of
222 others features derived from Nix. What’s big here is you no longer
223 tweak anything in <code>/etc</code> or install packages, you can define the
224 working state of the system in one configuration file. This system
225 is a totally different beast than the others OS and require some
226 time to understand how it work. Good news though, <strong>everything</strong>
227 is documented in the man page <code>configuration.nix</code>, from fstab
228 configuration to users managements or how to enable samba!</p>
229
230 <p>Here is the <code>/etc/nixos/configuration.nix</code> file on my NAS.</p>
231
232 <p>It enables ssh server, samba, minidlna and vnstat. Set up an user
233 with my ssh public key. Ready to work.</p>
234
235 <p>Using <code>rtcwake</code> command (Linux specific), it’s possible to put
236 the system into standby mode and schedule an auto resume after
237 some time. This is triggered by a cron job at 01h00.</p>
238
239 <pre><code>{ config, pkgs, ... }:
240 {
241 # include stuff related to hardware, auto generated at install
242 imports = ./hardware-configuration.nix ];
243 boot.loader.grub.device = "/dev/sda";
244
245 # network configuration
246 networking.interfaces.enp3s0.ipv4.addresses = [ {
247 address = "192.168.42.150";
248 prefixLength = 24;
249 } ];
250 networking.defaultGateway = "192.168.42.1";
251 networking.nameservers = [ "192.168.42.231" ];
252
253 # FR locales and layout
254 i18n.defaultLocale = "fr_FR.UTF-8";
255 console = { font = "Lat2-Terminus16"; keyMap = "fr"; };
256 time.timeZone = "Europe/Paris";
257
258 # Packages management
259 environment.systemPackages = with pkgs; [
260 kakoune vnstat borgbackup utillinux
261 ];
262
263 # network disabled (I need to check the ports used first)
264 networking.firewall.enable = false;
265
266 # services to enable
267 services.openssh.enable = true;
268 services.vnstat.enable = true;
269
270 # auto standby
271 services.cron.systemCronJobs = [
272 "0 1 * * * root rtcwake -m mem --date +6h"
273 ];
274
275 # samba service
276 services.samba.enable = true;
277 services.samba.enableNmbd = true;
278 services.samba.extraConfig = ''
279 workgroup = WORKGROUP
280 server string = Samba Server
281 server role = standalone server
282 log file = /var/log/samba/smbd.%m
283 max log size = 50
284 dns proxy = no
285 map to guest = Bad User
286 '';
287 services.samba.shares = {
288 public = {
289 path = "/home/public";
290 browseable = "yes";
291 "writable" = "yes";
292 "guest ok" = "yes";
293 "public" = "yes";
294 "force user" = "share";
295 };
296 };
297
298 # minidlna service
299 services.minidlna.enable = true;
300 services.minidlna.announceInterval = 60;
301 services.minidlna.friendlyName = "Rorqual";
302 services.minidlna.mediaDirs = ["A,/home/public/Musique/" "V,/home/public/Videos/"];
303
304 # trick to create a directory with proper ownership
305 # note that tmpfiles are not necesserarly temporary if you don't
306 # set an expire time. Trick given on irc by someone I forgot the name..
307 systemd.tmpfiles.rules = [ "d /home/public 0755 share users" ];
308
309 # create my user, with sudo right and my public ssh key
310 users.users.solene = {
311 isNormalUser = true;
312 extraGroups = [ "wheel" "sudo" ];
313 openssh.authorizedKeys.keys = [
314 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOIZKLFQXVM15viQXHYRjGqE4LLfvETMkjjgSz0mzMzS personal"
315 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOIZKLFQXVM15vAQXBYRjGqE6L1fvETMkjjgSz0mxMzS pro"
316 ];
317 };
318
319 # create a dedicated user for the shares
320 # I prefer a dedicated one than "nobody"
321 # can't log into it
322 users.users.share= {
323 isNormalUser = false;
324 };
325 }
326 </code></pre>
327
328 ]]>
329 </description>
330 <guid>https://dataswamp.org/~solene/2020-10-18-nixos-nas.html</guid>
331 <link>https://dataswamp.org/~solene/2020-10-18-nixos-nas.html</link>
332 <pubDate>Sun, 18 Oct 2020 00:00:00 GMT</pubDate>
333 </item>
334 <item>
335 <title>NixOS optional features in packages</title>
336 <description>
337 <![CDATA[
338 <p>As a claws-mail user, I like to have calendar support in the mail
339 client to be able to “accept” invitations. In the default NixOS
340 claws-mail package, the vcalendar module isn’t installed with the
341 package. Still, it is possible to add support for the vcalendar
342 module without ugly hack.</p>
343
344 <p>It turns out, by default, the claws-mail package in Nixpkg has an
345 optional build option for the vcalendar module, we need to tell
346 nixpkg we want this module and claws-mail will be compiled.</p>
347
348 <p>As stated in the <a href="https://nixos.org/manual/nixos/stable/#sec-customising-packages">NixOS
349 manual</a>,
350 the optionals features can’t be searched yet. So what’s possible
351 is to search for your package in the <a href="https://search.nixos.org/packages">NixOS packages
352 search</a>, click on the package
353 name to get to the details and click on the link named “Nix expression”
354 that will open a link to the package definition on GitHUB, <a href="https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/applications/networking/mailreaders/claws-mail/default.nix#L111">claws-mail
355 nix
356 expression</a></p>
357
358 <p>As you can see on the claws-mail nix expression code, there are lot
359 of lines with <strong>optional</strong>, those are features we can enable. Here
360 is a sample:</p>
361
362 <pre><code>[..]
363 ++ optional (!enablePluginArchive) "--disable-archive-plugin"
364 ++ optional (!enablePluginLitehtmlViewer) "--disable-litehtml_viewer-plugin"
365 ++ optional (!enablePluginPdf) "--disable-pdf_viewer-plugin"
366 ++ optional (!enablePluginPython) "--disable-python-plugin"
367 [..]
368 </code></pre>
369
370 <p>In your <code>configuration.nix</code> file, where you define the package list
371 you want, you can tell you want to enable the plugin vcalendar,
372 this is done as in the following example:</p>
373
374 <pre><code>environment.systemPackages = with pkgs; [
375 kakoune git firefox irssi minetest
376 (pkgs.claws-mail.override { enablePluginVcalendar = true;})
377 ];
378 </code></pre>
379
380 <p>When you rebuild your system to match the configuration definition,
381 claws-mail will be compiled with the extras options you defined.</p>
382
383 <p>Now, I have claws-mail with vCalendar support.</p>
384
385 ]]>
386 </description>
387 <guid>https://dataswamp.org/~solene/2020-10-14-nixos-custom-packages.html</guid>
388 <link>https://dataswamp.org/~solene/2020-10-14-nixos-custom-packages.html</link>
389 <pubDate>Wed, 14 Oct 2020 00:00:00 GMT</pubDate>
390 </item>
391 <item>
392 <title>Unlock a full disk encryption NixOS with usb memory stick</title>
393 <description>
394 <![CDATA[
395 <p>Using NixOS on a laptop on which the keyboard isn’t detected when
396 I need to type the password to decrypt disk, I had to find a solution.
397 This problem is hardware related, not Linux or NixOS related.</p>
398
399 <p><strong>I highly recommend using full disk encryption on every computer
400 following a thief threat model. Having your computer stolen is bad,
401 but if the thief has access to all your data, you will certainly
402 be in trouble.</strong></p>
403
404 <p>This was time to find how to use an usb memory stick to unlock the
405 full disk encryption in case I don’t have my hands on an usb keyboard
406 to unlock the computer.</p>
407
408 <p>There are 4 steps to enable unlocking the luks volume using a device.</p>
409
410 <ol>
411 <li>Create the key</li>
412 <li>Add the key on the luks volume</li>
413 <li>Write the key on the usb device</li>
414 <li>Configure NixOS</li>
415 </ol>
416
417 <p>First step, creating the file. The easiest way is to the following:</p>
418
419 <pre><code># dd if=/dev/urandom of=/root/key.bin bs=4096 count=1
420 </code></pre>
421
422 <p>This will create a 4096 bytes key. You can choose the size you want.</p>
423
424 <p>Second step is to register that key in the luks volume, you will
425 be prompted for luks password when doing so.</p>
426
427 <pre><code># cryptsetup luksAddKey /dev/sda1 /root/key.bin
428 </code></pre>
429
430 <p>Then, it’s time to write the key to your usb device, I assume it
431 will be <code>/dev/sdb</code>.</p>
432
433 <pre><code># dd if=/root/key.bin of=/dev/sdb bs=4096 count=1
434 </code></pre>
435
436 <p>And finally, you will need to configure NixOS to give the information
437 about the key. It’s important to give the correct size of the key.
438 Don’t forget to adapt <code>"crypted"</code> to your luks volume name.</p>
439
440 <pre><code>boot.initrd.luks.devices."crypted".keyFileSize = 4096;
441 boot.initrd.luks.devices."crypted".keyFile = "/dev/sdb";
442 </code></pre>
443
444 <p>Rebuild your system with <code>nixos-rebuild switch</code> and voilà!</p>
445
446 <h3 id="goingfurther">Going further</h3>
447
448 <p>I recommend using the fallback to password feature so if you
449 lose or don’t have your memory stick, you can type the password to
450 unlock the disk. Note that you need to not put anything looking
451 like a <code>/dev/sdb</code> because if it exists and no key are there, the
452 system won’t ask for password, and you will need to reboot.</p>
453
454 <pre><code>boot.initrd.luks.devices."crypted".fallbackToPassword = true;
455 </code></pre>
456
457 <p>It’s also possible to write the key in a partition or at a specific
458 offset into your memory disk. For this, look at
459 <code>boot.initrd.luks.devices."volume".keyFileOffset</code> entry.</p>
460
461 ]]>
462 </description>
463 <guid>https://dataswamp.org/~solene/2020-10-06-nixos-luks-key.html</guid>
464 <link>https://dataswamp.org/~solene/2020-10-06-nixos-luks-key.html</link>
465 <pubDate>Tue, 06 Oct 2020 00:00:00 GMT</pubDate>
466 </item>
467 <item>
468 <title>Playing chess by email</title>
469 <description>
470 <![CDATA[
471 <p>It’s possible to play chess using email. This is possible because
472 there are notations like PGN (Portable Game Notation) that describe
473 the state of a game.</p>
474
475 <p>By playing on your computer and sending the PGN of the game to
476 your opponent, that person will be able to play their move and
477 send you the new PGN so you can play.</p>
478
479 <h2 id="usingxboard">Using xboard</h2>
480
481 <p>This is quite easy with xboard (which should be available in most
482 bsd/linux/unix distributions), as long as you are aware of the few
483 keybindings.</p>
484
485 <p>When you start a game, press <strong>Ctrl+E</strong> to enter edition mode, this
486 will prevent the AI to play, then make your move.</p>
487
488 <p>From there, you can press <strong>Ctrl+C</strong> to copy the state of the game.
489 You will have something like this in your clipboard.</p>
490
491 <pre><code>[Event "Edited game"]
492 [Site "solene.local"]
493 [Date "2020.09.28"]
494 [Round "-"]
495 [White "-"]
496 [Black "-"]
497 [Result "*"]
498
499 1. d3
500 *
501 </code></pre>
502
503 <p>You can send this to your opponent, but the only needed data is <code>1.
504 d3</code> which is the PGN notation of the moves. You can throw the rest.</p>
505
506 <p>In a more advanced game, you will end up mailing this kind of data:</p>
507
508 <pre><code>1. d3 e6 2. e4 f5 3. exf5 exf5 4. Qe2+ Be7 5. Qxe7+ Qxe7+
509 </code></pre>
510
511 <p>When you want to play your turn, load that line and press <strong>Ctrl+V</strong>,
512 you should see the moves happening on the board.</p>
513
514 <h2 id="usinggnuchess">Using gnuchess</h2>
515
516 <p>gnuchess allow playing chess in command line.</p>
517
518 <p>When you want to start a game, you will have a prompt, type <code>manual</code>
519 to not play against the AI. I recommend using <code>coords</code> to display
520 coordinates on the axis of the board.</p>
521
522 <p>When you type <code>show board</code> you will have this display:</p>
523
524 <pre><code> white KQkq
525
526 8 r n b q k b n r
527 7 p p p p p p p p
528 6 . . . . . . . .
529 5 . . . . . . . .
530 4 . . . . . . . .
531 3 . . . . . . . .
532 2 P P P P P P P P
533 1 R N B Q K B N R
534 a b c d e f g h
535 </code></pre>
536
537 <p>Then, I can type <code>d3</code> I get a display</p>
538
539 <pre><code>8 r n b q k b n r
540 7 p p p p p p p p
541 6 . . . . . . . .
542 5 . . . . . . . .
543 4 . . . . . . . .
544 3 . . . P . . . .
545 2 P P P . P P P P
546 1 R N B Q K B N R
547 a b c d e f g h
548 </code></pre>
549
550 <p>From the game, you can save the game using <code>pgnsave FILE</code>
551 and load a game using <code>pgnload FILE</code>.</p>
552
553 <p>You can see the list of the moves using <code>show game</code>.</p>
554
555 ]]>
556 </description>
557 <guid>https://dataswamp.org/~solene/2020-09-28-chess.html</guid>
558 <link>https://dataswamp.org/~solene/2020-09-28-chess.html</link>
559 <pubDate>Mon, 28 Sep 2020 00:00:00 GMT</pubDate>
560 </item>
561 <item>
562 <title>About pipelining OpenBSD ports contributions</title>
563 <description>
564 <![CDATA[
565 <p>After modest contributions to the NixOS operating system which made
566 me learn about the contribution process, I found enjoyable to have
567 an automatic report and feedback about the quality of the submitted
568 work. While on NixOS this requires GitHub, I think this could be
569 applied as well on OpenBSD and the mailing list contributing system.</p>
570
571 <p>I made a prototype before starting the real work and actually I’m
572 happy with the result.</p>
573
574 <p>This is what I get after feeding the script with a mail containing
575 a patch:</p>
576
577 <pre><code>Determining package path ✓
578 Verifying patch isn't committed ✓
579 Applying the patch ✓
580 Fetching distfiles ✓
581 Distfile checksum ✓
582 Applying ports patches ✓
583 Extracting sources ✓
584 Building result ✓
585 </code></pre>
586
587 <p>It requires a lot of checks to find a patch in the file, because
588 we have have patches generated from cvs or git which have a slightly
589 different output. And then, we need to find from where to apply
590 this patch.</p>
591
592 <p>The idea would be to retrieve mails sent to ports@openbsd.org by
593 subscribing, then store metadata about that submission into a
594 database:</p>
595
596 <pre><code>Sender
597 Date
598 Diff (raw text)
599 Status (already committed, doesn't apply, apply, compile)
600 </code></pre>
601
602 <p>Then, another program will pick a diff from the database, prepare a VM using a
603 derivated qcow2 disk from a base image so it always start fresh and
604 clean and ready, and do the checks within the VM.</p>
605
606 <p>Once it is finished, a mail could be sent as a reply to the original
607 mail to give the status of each step until error or last check. The
608 database could be reused to make a web page to track what compiles
609 but is not yet committed. As it’s possible to verify if a patch is
610 committed in the tree, this can automatically prune committed patches
611 over time.</p>
612
613 <p>I really think this can improve tracking patches sent to ports@ and
614 ease the contribution process.</p>
615
616 <p><strong>DISCLAIMER</strong></p>
617
618 <ul>
619 <li>This would not be an official part of the project, I do it on my own</li>
620 <li>This may be cancelled</li>
621 <li>This may be a bad idea</li>
622 <li>This could be used “as a service” instead of pulling automatically
623 from ports, meaning people could send mails to it to receive an
624 automatic review. Ideally this should be done in portcheck(1) but
625 I’m not sure how to verify a diff apply on the ports tree without
626 enforcing requirements</li>
627 <li><strong>Human work will still be required to check the content and verify
628 the port works correctly!</strong></li>
629 </ul>
630
631 ]]>
632 </description>
633 <guid>https://dataswamp.org/~solene/2020-09-27-pipeline-ports.html</guid>
634 <link>https://dataswamp.org/~solene/2020-09-27-pipeline-ports.html</link>
635 <pubDate>Sun, 27 Sep 2020 00:00:00 GMT</pubDate>
636 </item>
637 <item>
638 <title>Docker cheatsheet</title>
639 <description>
640 <![CDATA[
641 <p>Simple Docker cheatsheet. This is a short introduction about Docker usage
642 and common questions I have been asking myself about Docker.</p>
643
644 <p>The official documentation for building docker images can be <a href="https://docs.docker.com/develop/">found
645 here</a></p>
646
647 <h2 id="buildanimage">Build an image</h2>
648
649 <p>Building an image is really easy. As a requirement, you need to be
650 in a directory that can contain data you will use for building the
651 image but most importantly, you need a <code>Dockerfile</code> file.</p>
652
653 <p>The Dockerfile file hold all the instructions to create the container.
654 A simple example would be this description:</p>
655
656 <pre><code>FROM busybox
657 CMD "echo" "hello world"
658 </code></pre>
659
660 <p>This will create a docker container using busybox base image
661 and run <code>echo "hello world"</code> when you run it.</p>
662
663 <p>To create the container, use the following command in the same
664 directory in which Dockerfile is:</p>
665
666 <pre><code>$ docker build -t your-image-name .
667 </code></pre>
668
669 <h2 id="advancedimagebuilding">Advanced image building</h2>
670
671 <p>If you need to compile sources to distribute a working binary,
672 you need to prepare the environment to have the required
673 dependencies to compile and then you need to compile a static
674 binary to ship the container without all the dependencies.</p>
675
676 <p>In the following example we will use a debian environment to build
677 the software downloaded by git.</p>
678
679 <pre><code>FROM debian as work
680 WORKDIR /project
681
682 RUN apt-get update
683 RUN apt-get install -y git make gcc
684 RUN git clone git://bitreich.org/sacc /project
685 RUN apt-get install -y libncurses5-dev libncurses5
686 RUN make LDFLAGS="-static -lncurses -ltinfo"
687
688 FROM debian
689
690 COPY --from=work /project/sacc /usr/local/bin/sacc
691
692 CMD "sacc" "gopherproject.org"
693 </code></pre>
694
695 <p>I won’t explain every command here, but you may see that I have
696 split the packages installation in two commands. This was to help
697 debugging.</p>
698
699 <p>The trick here is that the docker build process has a cache feature.
700 Every time you use a <code>FROM</code>, <code>COPY</code>, <code>RUN</code> or <code>CMD</code> docker will
701 cache the current state of the build process, if you re-run the
702 process docker will be able to pick up the most recent state until
703 the change.</p>
704
705 <p>I wasn’t sure how to compile statically the software at first, and
706 having to install git make and gcc and run git clone EVERY TIME
707 was very time consuming and bandwidth consuming.</p>
708
709 <p>In case you run this build and it fails, you can re-run the build
710 and docker will catch up directly at the last working step.</p>
711
712 <p>If you change a line, docker will reuse the last state with a
713 FROM/COPY/RUN/CMD command before the changed line. Knowing about
714 this is really important for more efficient cache use.</p>
715
716 <h2 id="runanimage">Run an image</h2>
717
718 <p>With the previously locally built image we can run it with the command:</p>
719
720 <pre><code>$ docker run your-image-name
721 hello world
722 </code></pre>
723
724 <p>By default, when you use an image name to run, if you don’t have a
725 local image that match the name <em>docker</em> will check on the docker
726 official repository if an image exists, if so, it will be pulled
727 and run.</p>
728
729 <pre><code>$ docker run hello-world
730 </code></pre>
731
732 <p>This is a sample official container that will display some
733 explanations about docker.</p>
734
735 <p>If you want to try a gopher client, I made a docker version of it
736 that you can run with the following command:</p>
737
738 <pre><code>$ docker run -t -i rapennesolene/sacc
739 </code></pre>
740
741 <p>Why did you require <code>-t</code> and <code>-i</code> parameters? The former
742 is to tell docker you want a tty because it will manipulate
743 a terminal and the latter is to ask an interactive session.</p>
744
745 <h2 id="persistantdata">Persistant data</h2>
746
747 <p>By default, every data of the docker container get wiped out
748 once it stops, which may be really undesirable if you use
749 docker to deploy a service that has a state and require an
750 installation, configuration files etc…</p>
751
752 <p>Docker has two ways to solve it:</p>
753
754 <p>1) map a local directory
755 2) map a docker volume name</p>
756
757 <p>This is done with the parameter <code>-v</code> with the <code>docker run</code> command.</p>
758
759 <pre><code>$ docker run -v data:/var/www/html/ nextcloud
760 </code></pre>
761
762 <p>This will map a persistent storage named “data” on the host
763 on the path <code>/var/www/html</code> in the docker instance. By using <code>data</code>,
764 docker will check if <code>/var/lib/docker/volumes/data</code> exists, if so
765 it will reuse it and if not it will create it.</p>
766
767 <p>This is a convenient way to name volumes and let docker manage it.</p>
768
769 <p>The other way is to map a local path to a container environment
770 path.</p>
771
772 <pre><code>$ docker run -v /home/nextcloud:/var/www/html nextcloud
773 </code></pre>
774
775 <p>In this case, the directory <code>/home/nextcloud</code> on the host and
776 <code>/var/www/html</code> in the docker environment will be the same directory.</p>
777
778 ]]>
779 </description>
780 <guid>https://dataswamp.org/~solene/2020-09-24-docker-cheatsheet.html</guid>
781 <link>https://dataswamp.org/~solene/2020-09-24-docker-cheatsheet.html</link>
782 <pubDate>Thu, 24 Sep 2020 00:00:00 GMT</pubDate>
783 </item>
784 <item>
785 <title>A few tips about the command cd</title>
786 <description>
787 <![CDATA[
788 <p>While everyone familiar with a shell know about the command <code>cd</code>
789 there are a few tips you should know.</p>
790
791 <h3 id="movingtoyourhomedirectory">Moving to your $HOME directory</h3>
792
793 <pre><code>$ pwd
794 /tmp
795 $ cd
796 $ pwd
797 /home/solene
798 </code></pre>
799
800 <p>Using <code>cd</code> without argument will change your current directory to
801 your $HOME.</p>
802
803 <h3 id="movingintosomeonehomedirectory">Moving into someone $HOME directory</h3>
804
805 <p>While this should fail most of the time because people shouldn’t allow
806 anyone to visit their $HOME, there are use case it can be used though.</p>
807
808 <pre><code>$ cd ~user1
809 $ pwd
810 /home/user1
811 $ cd ~solene
812 $ pwd
813 /home/solene
814 </code></pre>
815
816 <p>Using <code>~user</code> as a parameter will move to that user $HOME directory,
817 note that <code>cd</code> and <code>cd ~youruser</code> have the same result.</p>
818
819 <h3 id="movingtopreviousdirectory">Moving to previous directory</h3>
820
821 <p>This is a very useful command which allow going back and forth between
822 two directories.</p>
823
824 <pre><code>$ pwd
825 /home/solene
826 $ cd /tmp
827 $ pwd
828 /tmp
829 $ cd -
830 /home/solene
831 $ pwd
832 /home/solene
833 </code></pre>
834
835 <p>When you use <code>cd -</code> the command will move to the previous directory
836 in which you were. There are two special variables in your shell:
837 <code>PWD</code> and <code>OLDPWD</code>, when you move somewhere, <code>OLDPWD</code> will hold
838 your current location before moving and then <code>PWD</code> hold the new
839 path. When you use <code>cd -</code> the two variables get exchanged, this
840 mean you can only jump from two paths using <code>cd -</code> multiple times.</p>
841
842 <p>Please note that when using <code>cd -</code> your new location is displayed.</p>
843
844 <h3 id="changingdirectorybymodifyingcurrentpwd">Changing directory by modifying current PWD</h3>
845
846 <p>thfr@ showed me a cd feature I never heard about, and it’s the
847 perfect place to write about it. Note that this work in ksh and zsh
848 but is reported to not work in bash.</p>
849
850 <p>One example will explain better than any text.</p>
851
852 <pre><code>$ pwd
853 /tmp/pobj/foobar-1.2.0/work
854 $ cd 1.2.0 2.4.0
855 /tmp/pobj/foobar-2.4.0/work
856 </code></pre>
857
858 <p>This tells <code>cd</code> to replace first parameter pattern by the second
859 parameter in the current <code>PWD</code> and then cd into it.</p>
860
861 <pre><code>$ pwd
862 /home/solene
863 $ cd solene user1
864 /home/user1
865 </code></pre>
866
867 <p>This could be done in a bloated way with the following command:</p>
868
869 <pre><code>$ cd $(echo $PWD | sed "s/solene/user1/")
870 </code></pre>
871
872 <p>I learned it a few minutes ago but I see a lot of uses cases where
873 I could use it.</p>
874
875 <h3 id="movingintothecurrentdirectoryafterremoval">Moving into the current directory after removal</h3>
876
877 <p>In some specific case, like having your shell into a directory that
878 existed but was deleted and removed (this happens often when you
879 working into compilation directories).</p>
880
881 <p>A simple trick is to tell <code>cd</code> to go to the current location.</p>
882
883 <pre><code>$ cd .
884 </code></pre>
885
886 <p>or</p>
887
888 <pre><code>$ cd $PWD
889 </code></pre>
890
891 <p>And <code>cd</code> will go into the same path and you can start hacking
892 again in that directory.</p>
893
894 ]]>
895 </description>
896 <guid>https://dataswamp.org/~solene/2020-09-04-cd-command.html</guid>
897 <link>https://dataswamp.org/~solene/2020-09-04-cd-command.html</link>
898 <pubDate>Fri, 04 Sep 2020 00:00:00 GMT</pubDate>
899 </item>
900 <item>
901 <title>Find which package provides a given file in OpenBSD</title>
902 <description>
903 <![CDATA[
904 <p>There is one very handy package on OpenBSD named <code>pkglocatedb</code>
905 which provides the command <code>pkglocate</code>.</p>
906
907 <p>If you need to find a file or binary/program and you don’t know
908 which package contains it, use pkglocate.</p>
909
910 <pre><code>$ pkglocate */bin/exiftool
911 p5-Image-ExifTool-12.00:graphics/p5-Image-ExifTool:/usr/local/bin/exiftool
912 </code></pre>
913
914 <p>With the result, I know that the package <code>p5-Image-ExifTool</code> will provide me
915 the command <code>exiftool</code>.</p>
916
917 <p>Another example looking for files containing the pattern “libc++”</p>
918
919 <pre><code>$ pkglocate libc++
920 base67:/usr/lib/libc++.so.5.0
921 base67:/usr/lib/libc++abi.so.3.0
922 comp67:/usr/lib/libc++.a
923 comp67:/usr/lib/libc++_p.a
924 comp67:/usr/lib/libc++abi.a
925 comp67:/usr/lib/libc++abi_p.a
926 qt4-4.8.7p23:x11/qt4,-main:/usr/local/lib/qt4/mkspecs/unsupported/macx-clang-libc++/
927 qt4-4.8.7p23:x11/qt4,-main:/usr/local/lib/qt4/mkspecs/unsupported/macx-clang-libc++/Info.plist.app
928 qt4-4.8.7p23:x11/qt4,-main:/usr/local/lib/qt4/mkspecs/unsupported/macx-clang-libc++/Info.plist.lib
929 qt4-4.8.7p23:x11/qt4,-main:/usr/local/lib/qt4/mkspecs/unsupported/macx-clang-libc++/qmake.conf
930 qt4-4.8.7p23:x11/qt4,-main:/usr/local/lib/qt4/mkspecs/unsupported/macx-clang-libc++/qplatformdefs.h
931 qtbase-5.13.2p0:x11/qt5/qtbase,-main:/usr/local/lib/qt5/mkspecs/linux-clang-libc++-32/
932 qtbase-5.13.2p0:x11/qt5/qtbase,-main:/usr/local/lib/qt5/mkspecs/linux-clang-libc++-32/qmake.conf
933 qtbase-5.13.2p0:x11/qt5/qtbase,-main:/usr/local/lib/qt5/mkspecs/linux-clang-libc++-32/qplatformdefs.h
934 qtbase-5.13.2p0:x11/qt5/qtbase,-main:/usr/local/lib/qt5/mkspecs/linux-clang-libc++/
935 qtbase-5.13.2p0:x11/qt5/qtbase,-main:/usr/local/lib/qt5/mkspecs/linux-clang-libc++/qmake.conf
936 qtbase-5.13.2p0:x11/qt5/qtbase,-main:/usr/local/lib/qt5/mkspecs/linux-clang-libc++/qplatformdefs.h
937 </code></pre>
938
939 <p>As you can see, base sets are also in the database used by pkglocate,
940 so you can easily find if a file is from a set (that you should
941 have) or if the file comes from a package.</p>
942
943 <h2 id="findwhichpackageinstalledafile">Find which package installed a file</h2>
944
945 <p>Klemmens Nanni (kn@) told me it’s possible to find which package
946 installed a file present in the filesystem using <code>pkg_info</code> command
947 which comes from the base system. This can be handy to know from
948 which package an installed file comes from, without requiring
949 pkglocatedb.</p>
950
951 <pre><code>$ pkg_info -E /usr/local/bin/convert
952 /usr/local/bin/convert: ImageMagick-6.9.10.86p0
953 ImageMagick-6.9.10.86p0 image processing tools
954 </code></pre>
955
956 <p>This tells me <code>convert</code> binary was installed by ImageMagick package.</p>
957
958 ]]>
959 </description>
960 <guid>https://dataswamp.org/~solene/2020-09-04-pkglocate-openbsd.html</guid>
961 <link>https://dataswamp.org/~solene/2020-09-04-pkglocate-openbsd.html</link>
962 <pubDate>Fri, 04 Sep 2020 00:00:00 GMT</pubDate>
963 </item>
964 <item>
965 <title>Download files listed in a http index with wget</title>
966 <description>
967 <![CDATA[
968 <p>Sometimes I need to download files through http from a list on an “autoindex”
969 page and it’s always painful to find a correct command for this.</p>
970
971 <p>The easy solution is <strong>wget</strong> but you need to use the correct parameters
972 because wget has a lot of mirroring options but you only want specific ones to
973 achieve this goal.</p>
974
975 <p>I ended up with the following command:</p>
976
977 <pre><code>wget --continue --accept "*.tgz" --no-directories --no-parent --recursive http://ftp.fr.openbsd.org/pub/OpenBSD/6.7/amd64/
978 </code></pre>
979
980 <p>This will download every tgz files available at the address given as last parameter.</p>
981
982 <p>The parameters given will filter to only download the <strong>tgz</strong> files, put the
983 files in the current working directory and most important, don’t try to escape
984 to the parent directory to start downloading again. The `–continue`` parameter
985 allow to interrupt wget and start again, downloaded file will be skipped and
986 partially downloaded files will be completed.</p>
987
988 <p><strong>Do not reuse this command if files changed on the remote server</strong> because
989 continue feature only work if your local file and the remote file are the same,
990 this simply look at the local and remote names and will ask the remote server
991 to start downloading at the current byte range of your local file. If meanwhile
992 the remote file changed, you will have a mix of the old and new file.</p>
993
994 <p>Obviously ftp protocol would be better suited for this download job but ftp is
995 less and less available so I find <strong>wget</strong> to be a nice workaround for this.</p>
996
997 ]]>
998 </description>
999 <guid>https://dataswamp.org/~solene/2020-06-16-wget-mirror.html</guid>
1000 <link>https://dataswamp.org/~solene/2020-06-16-wget-mirror.html</link>
1001 <pubDate>Tue, 16 Jun 2020 00:00:00 GMT</pubDate>
1002 </item>
1003 <item>
1004 <title>Birthdays dates management using calendar</title>
1005 <description>
1006 <![CDATA[
1007 <p>I manage my birthday list so I don’t forget about them in a
1008 <a href="https://man.openbsd.org/calendar.1">calendar</a> file so I can use
1009 it in scripts</p>
1010
1011 <p>The calendar file format is easy but sadly it only works using
1012 English month names.</p>
1013
1014 <p>This is an example file with differents spacing:</p>
1015
1016 <pre><code>7 August This is 7 august birthday!
1017 8 August This is 8 august birthday!
1018 16 August This is 16 august birthday!
1019 </code></pre>
1020
1021 <p>Now you have a calendar file you can use the <strong>calendar</strong> binary
1022 on it and show incoming events in the next n days using -A flag.</p>
1023
1024 <pre><code>calendar -A 20
1025 </code></pre>
1026
1027 <p>Note that the default file is <code>~/.calendar/calendar</code> so if you
1028 use this file you don’t need to use the <code>-f</code> flag in calendar.</p>
1029
1030 <p>Now, I also use it in crontab with xmessage to show a popup once a
1031 day with incoming birthdays.</p>
1032
1033 <pre><code>30 13 * * * calendar -A 7 -f ~/.calendar/birthday | grep . && calendar -A 7 -f ~/.calendar/birthdays | env DISPLAY=:0 xmessage -file -
1034 </code></pre>
1035
1036 <p>You have to set the DISPLAY variable so it appear on the screen.</p>
1037
1038 <p>It’s important to check if calendar will have any output before
1039 calling xmessage to prevent having an empty window.</p>
1040
1041 ]]>
1042 </description>
1043 <guid>https://dataswamp.org/~solene/2020-06-15-calendar-xmessage.html</guid>
1044 <link>https://dataswamp.org/~solene/2020-06-15-calendar-xmessage.html</link>
1045 <pubDate>Mon, 15 Jun 2020 00:00:00 GMT</pubDate>
1046 </item>
1047 <item>
1048 <title>prose - Blogging with emails</title>
1049 <description>
1050 <![CDATA[
1051 <p>The software developer prx, his website is available at <a href="https://ybad.name/">https://ybad.name/
1052 (en/fr)</a>, released a new software called <strong>prose</strong> to
1053 publish a blog by sending emails.</p>
1054
1055 <p>I really like this idea, while this doesn’t suit my needs at all,
1056 I wanted to write about it.</p>
1057
1058 <p>The code can be downloaded from this address https://dev.ybad.name/prose/ .</p>
1059
1060 <p>I will briefly introduce how it works but the README file is well explaining,
1061 prose must be started from the mail server, upon email receival in
1062 <code>/etc/mail/aliases</code> the email will be piped into prose which will produce the
1063 html output.</p>
1064
1065 <p>On the security side, <strong>prose</strong> doesn’t use any external command and on OpenBSD
1066 it will use unveil and pledge features to reduce privileges of <strong>prose</strong>,
1067 unveil will restrict the process file system accesses outside of the html
1068 output directory.</p>
1069
1070 <p>I would also congrats prx who demonstrates again that writing good software
1071 isn’t exclusive to IT professionnal.</p>
1072
1073 ]]>
1074 </description>
1075 <guid>https://dataswamp.org/~solene/2020-06-11-prose.html</guid>
1076 <link>https://dataswamp.org/~solene/2020-06-11-prose.html</link>
1077 <pubDate>Thu, 11 Jun 2020 00:00:00 GMT</pubDate>
1078 </item>
1079 <item>
1080 <title>Gaming on OpenBSD</title>
1081 <description>
1082 <![CDATA[
1083 <p>While no one would expect this, there are huge efforts from a small team to
1084 bring more games into OpenBSD. In fact, now some commercial games works
1085 natively now, thanks to Mono or Java. There are no wine or linux emulation
1086 layer in OpenBSD.</p>
1087
1088 <p>Here is a small list of most well known games that run on OpenBSD:</p>
1089
1090 <ul>
1091 <li>Northguard (RTS)</li>
1092 <li>Dead Cells (Side scroller action game)</li>
1093 <li>Stardew Valley (Farming / Roguelike)</li>
1094 <li>Slay The Spire (Card / Roguelike)</li>
1095 <li>Axiom Verge (Side scroller, metroidvania)</li>
1096 <li>Crosscode (top view twin stick shooter)</li>
1097 <li>Terraria (Side scroller action game with craft)</li>
1098 <li>Ion Fury (FPS)</li>
1099 <li>Doom 3 (FPS)</li>
1100 <li>Minecraft (Sandbox - not working using latest version)</li>
1101 <li>Tales Of Maj’Eyal (Roguelike with lot of things in it - open source and free)</li>
1102 </ul>
1103
1104 <p>I would also like to feature the recently made compatible games from
1105 Zachtronics developer, those are ingenious puzzles games requiring efficiency.
1106 There are games involving Assembly code, pseudo code, molecules etc…</p>
1107
1108 <ul>
1109 <li>Opus Magnum</li>
1110 <li>Exapunks</li>
1111 <li>Molek-Syntez</li>
1112 </ul>
1113
1114 <p>Finally, there are good RPG running thanks to devoted developer spending their
1115 free time working on game engine reimplementation:</p>
1116
1117 <ul>
1118 <li>Elder Scroll III: Morrowind (openmw engine)</li>
1119 <li>Baldur’s Gate 1 and 2 (gemrb engine)</li>
1120 <li>Planescape: Torment (gemrb engine)</li>
1121 </ul>
1122
1123 <p>There is a Peertube (opensource decentralized Youtube alternative) channel
1124 where I started publishing gaming videos recorded from OpenBSD. Now there are
1125 also videos from others people that are published. <a href="https://videos.pair2jeux.tube/video-channels/openbsd_gaming">OpenBSD Gaming
1126 channel</a></p>
1127
1128 <p>The full list of running games is available in the <a href="https://playonbsd.com/shopping_guide/">Shopping guide
1129 webpage</a> including information how they
1130 run, on which store you can buy them and if they are compatible.</p>
1131
1132 <p>Big thanks to thfr@ who works hard to keep the shopping guide up to date and
1133 who made most of this possible. Many thanks to all the other people in the
1134 OpenBSD Gaming community :)</p>
1135
1136 <p>Note that it seems last Terraria release/update doesn’t work on OpenBSD yet.</p>
1137
1138 ]]>
1139 </description>
1140 <guid>https://dataswamp.org/~solene/2020-06-05-openbsd-gaming.html</guid>
1141 <link>https://dataswamp.org/~solene/2020-06-05-openbsd-gaming.html</link>
1142 <pubDate>Fri, 05 Jun 2020 00:00:00 GMT</pubDate>
1143 </item>
1144 <item>
1145 <title>Beautiful background pictures on OpenBSD</title>
1146 <description>
1147 <![CDATA[
1148 <p>While the title may appear quite strange, the article is about installing a
1149 package to have a new random wallpaper everytime you start the X session!</p>
1150
1151 <p>First, you need to install a package named <code>openbsd-backgrounds</code> which is quite
1152 large with a size of 144 MB. This package made by Marc Espie contains lot of
1153 pictures shot by some OpenBSD developers.</p>
1154
1155 <p>You can automatically set a picture as a background when xenodm start and
1156 prompt for your username by uncommenting a few lines in the file
1157 <code>/etc/X11/xenodm/Xsetup_0</code>:</p>
1158
1159 <p>Uncomment this part</p>
1160
1161 <pre><code>if test -x /usr/local/bin/openbsd-wallpaper
1162 then
1163 /usr/local/bin/openbsd-wallpaper
1164 fi
1165 </code></pre>
1166
1167 <p>The command <code>openbsd-wallpaper</code> will display a different random picture on
1168 every screen (if you have multiples screen connected) every time you run it.</p>
1169
1170 ]]>
1171 </description>
1172 <guid>https://dataswamp.org/~solene/2020-05-20-wallpapers.html</guid>
1173 <link>https://dataswamp.org/~solene/2020-05-20-wallpapers.html</link>
1174 <pubDate>Wed, 20 May 2020 00:00:00 GMT</pubDate>
1175 </item>
1176 <item>
1177 <title>Communauté OpenBSD française</title>
1178 <description>
1179 <![CDATA[
1180 <p>This article is exceptionnaly in French because it’s about a French OpenBSD
1181 community.</p>
1182
1183 <p>Bonjour à toutes et à tous.</p>
1184
1185 <p>Exceptionnellement je publie un billet en français sur mon blog car je tiens à
1186 faire passer le mot concernant la communauté française obsd4a.</p>
1187
1188 <p>Vous pourrez par exemple trouver la quasi intégralité de la FAQ OpenBSD
1189 traduite <a href="https://wiki.openbsd.fr.eu.org/doku.php/openbsd.org/faq/start">à cette
1190 adresse</a></p>
1191
1192 <p>Sur l’accueil du site vous pourrez trouver des liens vers le forum, le wiki, le
1193 blog, la mailing list et aussi les informations pour rejoindre le salon irc
1194 (#obsd4* sur freenode)</p>
1195
1196 <p><a href="https://openbsd.fr.eu.org/">https://openbsd.fr.eu.org/</a></p>
1197
1198 ]]>
1199 </description>
1200 <guid>https://dataswamp.org/~solene/2020-05-17-openbsdfr.html</guid>
1201 <link>https://dataswamp.org/~solene/2020-05-17-openbsdfr.html</link>
1202 <pubDate>Sun, 17 May 2020 00:00:00 GMT</pubDate>
1203 </item>
1204 <item>
1205 <title>New blog feature: Fediverse comments</title>
1206 <description>
1207 <![CDATA[
1208 <p>I added a new feature to my blog today, when I post a new blog article this
1209 will trigger my dedicated Mastodon user
1210 <a href="https://bsd.network/@solenepercent">https://bsd.network/@solenepercent</a> to
1211 publish a Toot so people can discuss the content there.</p>
1212
1213 <p>Every article now contains a link to the toot if you want to discuss about an
1214 article.</p>
1215
1216 <p>This is not perfect but a good trade-off I think:</p>
1217
1218 <ol>
1219 <li>the website remains static and light (nothing is included, only one more
1220 link per blog post)</li>
1221 <li>people who would like to discuss about it can proceed in a known place
1222 instead of writing reactions on reddit or other places without a chance for
1223 me to asnwer</li>
1224 <li>this is not relying on proprietary services</li>
1225 </ol>
1226
1227 <p>Of course, if you want to give me feedback, I’m still happy to reply to emails
1228 or on IRC.</p>
1229
1230 ]]>
1231 </description>
1232 <guid>https://dataswamp.org/~solene/2020-05-16-fediverse-comments.html</guid>
1233 <link>https://dataswamp.org/~solene/2020-05-16-fediverse-comments.html</link>
1234 <pubDate>Sat, 16 May 2020 00:00:00 GMT</pubDate>
1235 </item>
1236 <item>
1237 <title>FreeBSD 12.1 on a laptop</title>
1238 <description>
1239 <![CDATA[
1240 <h1 id="introduction">Introduction</h1>
1241
1242 <p>I’m using FreeBSD again on a laptop for some reasons so expect to read more
1243 about FreeBSD here. This tutorial explain how to get a graphical desktop using
1244 FreeBSD 12.1.</p>
1245
1246 <p>I used a Lenovo Thinkpad T480 for this tutorial.</p>
1247
1248 <h1 id="intelgraphicshardwaresupport">Intel graphics hardware support</h1>
1249
1250 <p>If you have a recent Intel integrated graphic card (maybe less than 3 years),
1251 you have to install a package containing the driver:</p>
1252
1253 <pre><code>pkg install drm-kmod
1254 </code></pre>
1255
1256 <p>and you also have to tell the system the correct path of the module (because
1257 another i915kms.ko file exist):</p>
1258
1259 <pre><code>sysrc kld_list="/boot/modules/i915kms.ko"
1260 </code></pre>
1261
1262 <h1 id="chooseyourdesktopenvironnement">Choose your desktop environnement</h1>
1263
1264 <h2 id="installxfce">Install Xfce</h2>
1265
1266 <pre><code>pkg install xfce
1267 </code></pre>
1268
1269 <p>Then in your user <code>~/.xsession</code> file you must append:</p>
1270
1271 <pre><code>exec ck-launch-session startxfce4
1272 </code></pre>
1273
1274 <h2 id="installmate">Install MATE</h2>
1275
1276 <pre><code>pkg install mate
1277 </code></pre>
1278
1279 <p>Then in your user <code>~/.xsession</code> file you must append:</p>
1280
1281 <pre><code>exec ck-launch-session mate-session
1282 </code></pre>
1283
1284 <h2 id="installkde5">Install KDE5</h2>
1285
1286 <pre><code>pkg install kde5
1287 </code></pre>
1288
1289 <p>Then in your user <code>~/.xsession</code> file you must append:</p>
1290
1291 <pre><code>exec ck-launch-session startplasma-x11
1292 </code></pre>
1293
1294 <h1 id="settingupthegraphicalinterface">Setting up the graphical interface</h1>
1295
1296 <p>You have to enable a few services to have a working graphical session:</p>
1297
1298 <ul>
1299 <li><strong>moused</strong> to get laptop mouse support</li>
1300 <li><strong>dbus</strong> for hald</li>
1301 <li><strong>hald</strong> for hardware detection</li>
1302 <li><strong>xdm</strong> for display manager where you log-in</li>
1303 </ul>
1304
1305 <p>You can install them with the command:</p>
1306
1307 <pre><code>pkg install xorg dbus hal xdm
1308 </code></pre>
1309
1310 <p>Then you can enable the services at boot using the following commands, order is
1311 important:</p>
1312
1313 <pre><code>sysrc moused_enable="yes"
1314 sysrc dbus_enable="yes"
1315 sysrc hald_enable="yes"
1316 sysrc xdm_enable="yes"
1317 </code></pre>
1318
1319 <p>Reboot or start the services in the same order:</p>
1320
1321 <pre><code>service moused start
1322 service dbus start
1323 service hald start
1324 service xdm start
1325 </code></pre>
1326
1327 <p><strong>Note that xdm will be in qwerty layout.</strong></p>
1328
1329 <h1 id="powermanagement">Power management</h1>
1330
1331 <p>The installer should have prompted for the service powerd, if you didn’t
1332 activate it at this time, you can still enable it.</p>
1333
1334 <p>Check if it’s running</p>
1335
1336 <pre><code>service powerd status
1337 </code></pre>
1338
1339 <p>Enabling</p>
1340
1341 <pre><code>sysrc powerd_enable="yes"
1342 </code></pre>
1343
1344 <p>Starting the service</p>
1345
1346 <pre><code>service powerd start
1347 </code></pre>
1348
1349 <h1 id="webcamsupport">Webcam support</h1>
1350
1351 <p>If you have a webcam and want to use it, some configuration is required in
1352 order to make it work.</p>
1353
1354 <p>Install the package webcamd, it will displays all the instructions written
1355 below at the install step.</p>
1356
1357 <pre><code>pkg install webcamd
1358 </code></pre>
1359
1360 <p>From here, append this line to the file <code>/boot/loader.conf</code> to load webcam
1361 support at boot time:</p>
1362
1363 <pre><code>cuse_load="yes"
1364 </code></pre>
1365
1366 <p>Add your user to the webcamd group so it will be able to use the device:</p>
1367
1368 <pre><code>pw groupmod webcamd -m YOUR_USER
1369 </code></pre>
1370
1371 <p>Enable webcamd at boot:</p>
1372
1373 <pre><code>sysrc webcamd_enable="yes"
1374 </code></pre>
1375
1376 <p>Now, you have to logout from your user for the group change to take place. And
1377 if you want the webcamd daemon to work now and not wait next reboot:</p>
1378
1379 <pre><code>kldload cuse
1380 service webcamd start
1381 service devd restart
1382 </code></pre>
1383
1384 <p>You should have a /dev/video0 device now. You can test it easily with the
1385 package <code>pwcview</code>.</p>
1386
1387 <h1 id="externalresources">External resources</h1>
1388
1389 <p>I found this blog very interesting, I wish I found it before I struggle with
1390 all the configuration as it explains how to install FreeBSD on the exact same
1391 laptop. The author explains how to make a transparent lagg0 interface for
1392 switching from ethernet to wifi automatically with a failover pseudo device.</p>
1393
1394 <p><a href="https://genneko.github.io/playing-with-bsd/hardware/freebsd-on-thinkpad-t480/">https://genneko.github.io/playing-with-bsd/hardware/freebsd-on-thinkpad-t480/</a></p>
1395
1396 ]]>
1397 </description>
1398 <guid>https://dataswamp.org/~solene/2020-05-11-freebsd-workstation.html</guid>
1399 <link>https://dataswamp.org/~solene/2020-05-11-freebsd-workstation.html</link>
1400 <pubDate>Mon, 11 May 2020 00:00:00 GMT</pubDate>
1401 </item>
1402 <item>
1403 <title>Enable firefox dark mode</title>
1404 <description>
1405 <![CDATA[
1406 <p>Some websites (like this one) now offers two differents themes: light and dark.</p>
1407
1408 <p>Dark themes are proven to be better for the eyes and reduce battery usage on
1409 mobiles devices because it requires less light to be displayed hence it
1410 requires less energy to display. The gain is optimal on OLED devices but it
1411 also works on classic LCD screens.</p>
1412
1413 <p>While on Windows and MacOS there is a global setting for the user interface in
1414 which you choose if your system is in light or dark mode, with that setting
1415 being used by lot of applications supporting dark/light themes, on Linux and
1416 BSDs (and others) operating systems there is no such settings and your web
1417 browser will keep displaying the light theme all the time.</p>
1418
1419 <p>Hopefully, it can be fixed in firefox as <a href="https://developer.mozilla.org/en-US/docs/Web/CSS/@media/prefers-color-scheme">as explained in the
1420 documentation</a>.</p>
1421
1422 <p>To make it short, in the about:config special Firefox page, one can create a
1423 new key <code>ui.systemUsesDarkTheme</code> with a number value of <code>1</code>, the firefox
1424 about:config page should turn dark immediately and then Firefox will try to use
1425 dark themes when they are available.</p>
1426
1427 <p>You should note that as explained in the mozilla documentation, if you have the
1428 key <code>privacy.resistFingerprinting</code> set to <code>true</code> the dark mode can’t be used.
1429 It seems dark mode and privacy can’t belong together for some reasons.</p>
1430
1431 <p>Many thanks to <a href="https://tilde.zone/@andinus">https://tilde.zone/@andinus</a> who
1432 pointed me this out after I overlooked that page and searched a long time with
1433 no result how to make Firefox display website using the dark theme.</p>
1434
1435 ]]>
1436 </description>
1437 <guid>https://dataswamp.org/~solene/2020-05-04-firefox-dark.html</guid>
1438 <link>https://dataswamp.org/~solene/2020-05-04-firefox-dark.html</link>
1439 <pubDate>Mon, 04 May 2020 00:00:00 GMT</pubDate>
1440 </item>
1441 <item>
1442 <title>Aggregate internet links with mlvpn</title>
1443 <description>
1444 <![CDATA[
1445 <p>In this article I’ll explain how to aggregate internet access bandwidth using
1446 <strong>mlvpn</strong> software. I struggled a lot to set this up so I wanted to share a
1447 how-to.</p>
1448
1449 <h2 id="pre-requisites">Pre-requisites</h2>
1450
1451 <p><strong>mlvpn</strong> is meant to be used with DSL / fiber links, not wireless or 4G links
1452 with variable bandwidth or packet loss.</p>
1453
1454 <p><strong>mlvpn</strong> requires to be run on a server which will be the public internet
1455 access and on the client on which you want to aggregate the links, this is like
1456 doing multiples VPN to the same remote server with a VPN per link, and
1457 aggregate them.</p>
1458
1459 <p>Multi-wan roundrobin / load balancer doesn’t allow to stack bandwidth but
1460 doesn’t require a remote server, depend on what you want to do, this may be
1461 enough and mlvpn may not be required.</p>
1462
1463 <p><strong>mlvpn</strong> should be OS agnostic between client / server but I only tried
1464 between two OpenBSD hosts, your setup may differ.</p>
1465
1466 <h2 id="somenetworkdiagram">Some network diagram</h2>
1467
1468 <p>Here is a simple network, the client has access to 2 ISP through two ethernet
1469 interfaces.</p>
1470
1471 <p>em0 and em1 will have to be on different rdomains (it’s a feature to separate
1472 routing tables).</p>
1473
1474 <p>Let’s say the public ip of the server is 1.2.3.4.</p>
1475
1476 <pre><code> [internet]
1477 ↑
1478 | (public ip on em0)
1479 #-------------#
1480 | |
1481 | Server |
1482 | |
1483 #-------------#
1484 | |
1485 | |
1486 | |
1487 | |
1488 (internet) | | (internet)
1489 #-------------# #-------------#
1490 | | | |
1491 | ISP 1 | | ISP 2 |
1492 | | | | (you certainly don't control those)
1493 #-------------# #-------------#
1494 | |
1495 | |
1496 (dsl1 via em0)| | (dsl1 via em1)
1497 #-------------#
1498 | |
1499 | Client |
1500 | |
1501 #-------------#
1502 </code></pre>
1503
1504 <h2 id="networkconfiguration">Network configuration</h2>
1505
1506 <p>As said previously, em0 and em1 must be on different rdomains, it can easily be
1507 done by adding <code>rdomain 1</code> and <code>rdomain 2</code> to the interfaces configuration.</p>
1508
1509 <p>Example in <strong>/etc/hostname.em0</strong></p>
1510
1511 <pre><code>rdomain 1
1512 dhcp
1513 </code></pre>
1514
1515 <h2 id="mlvpninstallation">mlvpn installation</h2>
1516
1517 <p>On OpenBSD the installation is as easy as <code>pkg_add mlvpn</code> (should work starting
1518 from 6.7 because it required patching).</p>
1519
1520 <h2 id="mlvpnconfiguration">mlvpn configuration</h2>
1521
1522 <p>Once the network configuration is done on the client, there are 3 steps to do
1523 to get aggregation working:</p>
1524
1525 <ol>
1526 <li>mlvpn configuration on the server</li>
1527 <li>mlvpn configuration on the client</li>
1528 <li>activating NAT on the client</li>
1529 </ol>
1530
1531 <h3 id="serverconfiguration">Server configuration</h3>
1532
1533 <p>On the server we will use the UDP ports 5080 et 5081.</p>
1534
1535 <p>Connections speed must be defined in bytes to allow <strong>mlvpn</strong> to correctly
1536 balance the traffic over the links, this is really important.</p>
1537
1538 <p>The line <code>bandwidth_upload = 1468006</code> is the maximum <strong>download bandwidth of the
1539 client</strong> on the specified link in bytes. If you have a download speed of 1.4 MB/s
1540 then you can choose a value of 1.4*1024*1024 => 1468006.</p>
1541
1542 <p>The line <code>bandwidth_download = 102400</code> is the maximum <strong>upload bandwidth of the
1543 client</strong> on the specified link in bytes. If you have an upload speed of 100 kB/s
1544 then you can choose a value of 100*1024 => 102400.</p>
1545
1546 <p>The <strong>password</strong> line must be a very long random string, it’s a shared secret
1547 between the client and the server.</p>
1548
1549 <pre><code># config you don't need to change
1550 [general]
1551 statuscommand = "/etc/mlvpn/mlvpn_updown.sh"
1552 protocol = "tcp"
1553 loglevel = 4
1554 mode = "server"
1555 tuntap = "tun"
1556 interface_name = "tun0"
1557 cleartext_data = 0
1558 ip4 = "10.44.43.2/30"
1559 ip4_gateway = "10.44.43.1"
1560
1561 # things you need to change
1562 password = "apoziecxjvpoxkvpzeoirjdskpoezroizepzdlpojfoiezjrzanzaoinzoi"
1563
1564 [dsl1]
1565 bindhost = "1.2.3.4"
1566 bindport = 5080
1567 bandwidth_upload = 1468006
1568 bandwidth_download = 102400
1569
1570 [dsl2]
1571 bindhost = "1.2.3.4"
1572 bindport = 5081
1573 bandwidth_upload = 1468006
1574 bandwidth_download = 102400
1575 </code></pre>
1576
1577 <h3 id="clientconfiguration">Client configuration</h3>
1578
1579 <p>The <code>password</code> value must match the one on the server, the values of <code>ip4</code> and
1580 <code>ip4_gateway</code> must be reversed compared to the server configuration (this is so
1581 in the following example).</p>
1582
1583 <p>The <code>bindfib</code> lines must correspond to the according rdomain values of your
1584 interfaces.</p>
1585
1586 <pre><code># config you don't need to change
1587 [general]
1588 statuscommand = "/etc/mlvpn/mlvpn_updown.sh"
1589 loglevel = 4
1590 mode = "client"
1591 tuntap = "tun"
1592 interface_name = "tun0"
1593 ip4 = "10.44.43.1/30"
1594 ip4_gateway = "10.44.43.2"
1595 timeout = 30
1596 cleartext_data = 0
1597
1598 password = "apoziecxjvpoxkvpzeoirjdskpoezroizepzdlpojfoiezjrzanzaoinzoi"
1599
1600 [dsl1]
1601 remotehost = "1.2.3.4"
1602 remoteport = 5080
1603 bindfib = 1
1604
1605 [dsl2]
1606 remotehost = "1.2.3.4"
1607 remoteport = 5081
1608 bindfib = 2
1609 </code></pre>
1610
1611 <h3 id="natconfigurationserverside">NAT configuration (server side)</h3>
1612
1613 <p>As with every VPN you must enable packet forwarding and create a pf rule for
1614 the NAT.</p>
1615
1616 <p><strong>Enable forwarding</strong></p>
1617
1618 <p>Add this line in <strong>/etc/sysctl.conf</strong>:</p>
1619
1620 <pre><code>net.inet.ip.forwarding=1
1621 </code></pre>
1622
1623 <p>You can enable it now with <code>sysctl net.inet.ip.forwarding=1</code> instead of waiting
1624 for a reboot.</p>
1625
1626 <p>In pf.conf you must allow the UDP ports 5080 and 5081 on the public interface
1627 and enable nat, this can be done with the following lines in pf.conf but you
1628 should obviously adapt to your configuration.</p>
1629
1630 <pre><code># allow NAT on VPN
1631 pass in on tun0
1632 pass out quick on em0 from 10.44.43.0/30 to any nat-to em0
1633
1634 # allow mlvpn to be reachable
1635 pass in on egress inet proto udp from any to (egress) port 5080:5081
1636 </code></pre>
1637
1638 <h2 id="startmlvpn">Start mlvpn</h2>
1639
1640 <p>On both server and client you can run mlvpn with rcctl:</p>
1641
1642 <pre><code>rcctl enable mlvpn
1643 rcctl start mlvpn
1644 </code></pre>
1645
1646 <p>You should see a new tun0 device on both systems and being able to ping them
1647 through tun0.</p>
1648
1649 <p>Now, on the client <strong>you have to add a default gateway through the mlvpn
1650 tunnel</strong> with the command <code>route add -net default 10.44.43.2</code> (adapt if you
1651 use others addresses). I still didn’t find how to automatize it properly.</p>
1652
1653 <p>Your client should now use both WAN links and being visible with the remote
1654 server public IP address.</p>
1655
1656 <p><strong>mlvpn</strong> can be used for more links, you only need to add new sections.
1657 <strong>mlvpn</strong> also support IPv6 but I didn’t take time to find how to make it work,
1658 si if you are comfortable with ipv6 it may be easy to set up IPv6 with the
1659 variables <code>ip6</code> and <code>ip6_gateway</code> in mlvpn.conf.</p>
1660
1661 ]]>
1662 </description>
1663 <guid>https://dataswamp.org/~solene/2020-03-28-mlvpn.html</guid>
1664 <link>https://dataswamp.org/~solene/2020-03-28-mlvpn.html</link>
1665 <pubDate>Sat, 28 Mar 2020 00:00:00 GMT</pubDate>
1666 </item>
1667 <item>
1668 <title>OpenBSD -current - Frequent asked questions</title>
1669 <description>
1670 <![CDATA[
1671 <p>Hello, as there are so many questions about OpenBSD -current on IRC, Mastodon
1672 or reddit I’m writing this FAQ in hope it will help people.</p>
1673
1674 <p>The official FAQ already contains answers about -current like <a href="https://www.openbsd.org/faq/current.html">Following
1675 -current and using snapshots</a> and
1676 <a href="https://www.openbsd.org/faq/faq5.html#Flavors">Building the system from
1677 sources</a>.</p>
1678
1679 <h2 id="whatisopenbsd-current">What is OpenBSD -current?</h2>
1680
1681 <p>OpenBSD -current is the development version of OpenBSD. Lot of people use it
1682 for everyday tasks.</p>
1683
1684 <h2 id="howtoinstallopenbsd-current">How to install OpenBSD -current?</h2>
1685
1686 <p>OpenBSD -current refers to the last version built from sources obtained with
1687 CVS, however, it’s also possible to get a pre-built system (a snapshot) usually
1688 built and pushed on mirrors every 1 or 2 days.</p>
1689
1690 <p>You can install OpenBSD -current by getting an installation media like usual,
1691 but on the path /pub/OpenBSD/snapshots/ on the mirror.</p>
1692
1693 <h2 id="howdoiupgradefrom-releaseto-current">How do I upgrade from -release to -current?</h2>
1694
1695 <p>There are two ways to do so:</p>
1696
1697 <ol>
1698 <li>Download bsd.rd file from the snapshots directory and boot it to upgrade
1699 like for a -release to -release upgrade</li>
1700 <li>Run <code>sysupgrade -s</code> command as root, this will basically download all sets
1701 under <code>/home/_sysupgrade</code> and boot on bsd.rd with an <code>autoinstall(8)</code>
1702 config.</li>
1703 </ol>
1704
1705 <h2 id="howdoiupgrademy-currentsnapshottoanewersnapshot">How do I upgrade my -current snapshot to a newer snapshot?</h2>
1706
1707 <p>Exactly the same process as going from -release to -current.</p>
1708
1709 <h2 id="canidowngradetoa-releaseifiswitchto-current">Can I downgrade to a -release if I switch to -current?</h2>
1710
1711 <p>No.</p>
1712
1713 <h2 id="whatissuescaniexpectinopenbsd-current">What issues can I expect in OpenBSD -current?</h2>
1714
1715 <p>There are a few issues possibles that one can expect</p>
1716
1717 <h3 id="outofsyncpackages">Out of sync packages</h3>
1718
1719 <p>If a library get updated into the base system and you want to update packages,
1720 they won’t be installable until packages are rebuilt with that new library,
1721 this usually takes 1 up to 3 days.</p>
1722
1723 <p><strong>This only create issues in case you want to install a package you don’t have.</strong></p>
1724
1725 <p>The other way around, you can have an old snapshot and packages are not
1726 installable because the libraries linked to by the packages are newer than what
1727 is available in your system, in this case you have to upgrade snapshot. </p>
1728
1729 <h3 id="snapshotssetsaregettingupdatedonthemirror">Snapshots sets are getting updated on the mirror</h3>
1730
1731 <p>If you download the sets on the mirror to update your -current version, you may
1732 have an issue with the sha256 sum, this is because the mirror is getting
1733 updated and the sha256 file is the first to be transferred, so sets you are
1734 downloading are not the one the sha256 will compare.</p>
1735
1736 <h3 id="unexpectedsystembreakage">Unexpected system breakage</h3>
1737
1738 <p>Sometimes, very rarely (maybe 2 or 3 time in a year?), some snapshots are
1739 borked and will prevent system to boot or lead to regularly crashes. In that
1740 case, it’s important to report the issue with the <code>sendbug</code> utility.</p>
1741
1742 <p>You can fix this by using an older snapshot from <a href="http://ftp.hostserver.de/archive/">this archives
1743 server</a> and prevent this to happen by
1744 reading bugs@ mailing list before updating.</p>
1745
1746 <h3 id="brokenpackage">Broken package</h3>
1747
1748 <p>Sometimes, a package update will break it or break some others packages, this
1749 is often quickly fixed on popular packages but in some niche packages you may
1750 be the only one using it on -current and the only one who can report about it.</p>
1751
1752 <p>If you find breakage on something you use, it may be a good idea to report the
1753 problem on ports@openbsd.org mailing list if nobody did before. By doing so,
1754 the issue will be fixed and next -release users will be able to install a
1755 working package.</p>
1756
1757 <h2 id="is-currentstableenoughforaserveroraworkstation">Is -current stable enough for a server or a workstation?</h2>
1758
1759 <p>It’s really up to you. Developers are all using -current and are forbidden to
1760 break it, so the system should totally be usable for everyday use.</p>
1761
1762 <p>What may be complicated on a server is keep updating it regularly and face
1763 issues requires troubleshooting (like major database upgrade which was missing
1764 a quirk).</p>
1765
1766 <p>For a workstation I think it’s pretty safe as long as you can deal with
1767 packages that can’t be installed until they are in sync.</p>
1768
1769 ]]>
1770 </description>
1771 <guid>https://dataswamp.org/~solene/2020-03-27-openbsd-current.html</guid>
1772 <link>https://dataswamp.org/~solene/2020-03-27-openbsd-current.html</link>
1773 <pubDate>Fri, 27 Mar 2020 00:00:00 GMT</pubDate>
1774 </item>
1775
1776 </channel>
1777 </rss>