I'm thinking of getting my OPNsense device back up again. At my previous place of residence, I had AT&T internet, and AT&T had all sorts of configurable options in their modem that played well with my OPNsense device. At my current place of residence, I have Xfinity Comcast, and the only option I can configure on their modem that would allow me to use my OPNsense device is "Enable/disable bridge…
Context
I recently decided to start using my own home server to store my dotfiles. The main reasons are simplicity, privacy, and security. I previously stored them in a repository on my GitHub account and installed them with Ansible, but I have increasingly found it cumbersome when trying to keep them updated and in sync. On GitHub, the changes (and mistakes!) I make to my dotfiles are publicly…
Requirements
Disk partitioning
Use cfdisk to create the following partition layout.
Format the unencrypted partitions:
mkfs.vfat /dev/nvme0n1p1
mkfs.ext4 /dev/nvme0n1p2
Create LUKS on the remaining partition:
cryptsetup luksFormat /dev/nvme0n1p3
cryptsetup luksOpen /dev/nvme0n1p3 crypt
Create a LVM2 volume group for /dev/nvme0n1p3, which is located at /dev/mapper/crypt:
vgcreate chimera…
Dependencies
Install caddy-cgi.
xcaddy build --with github.com/aksdb/caddy-cgi/v2
Install remaining dependencies:
sudo apt install gitolite3 cgit python-is-python3 python3-pygments python3-markdown docutils-common groff
Configuration
Make a git user.
sudo adduser --system --shell /bin/bash --group --disabled-password --home /home/git git
Configure gitolite for the git user in…
Hashtag possiblyautistic
A simple bash script to delete select repos from Forgejo/Codeberg using the API
Source: https://github.com/Joxit/docker-registry-ui
Docker/Podman compose
services:
registry-ui:
image: joxit/docker-registry-ui:main
restart: always
ports:
- "127.0.0.1:4433:80"
environment:
- SINGLE_REGISTRY=true
- REGISTRY_TITLE=hyperreal's Container Registry
- DELETE_IMAGES=true
- SHOW_CONTENT_DIGEST=true
-…
Install dependencies
sudo dnf install -y gnupg createrepo dnf-utils rpm-sign wget
Setup GnuPG
echo "%echo Generating a PGP key
Key-Type: RSA
Key-Length: 4096
Name-Real: Jeffrey Serio
Name-Email: hyperreal@moonshadow.dev
Expire-Date: 0
%no-ask-passphrase
%no-protection
%commit" > ~/hyperreal-pgp-key.batch
Now generate the key with the following command:
gpg --no-tty --batch --gen-key…
Herein I contemplate how to present the root of my internet existence.
Setup the VNET bridge
Create the bridge.
ifconfig bridge create
Attach the bridge to the main network interface. igc0 in this case. For some reason, the resulting bridge device is named igb0bridge, rather than bridge0.
ifconfig igb0bridge addm igc0
To make this persistent across reboots, add the following to…
, George.
Requirements
Webfinger
In the web root of your web server, create the .well-known/webfinger file. For example, on mine, I have the following:
{
"subject": "acct:hyperreal@moonshadow.dev",
"links": [
{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://codeberg.org"
}
]
}
You can use the Webfinger lookup tool to make sure it is setup correctly.
The…
use clap::Parser;
use jacquard::api::com_atproto::repo::create_record::CreateRecord;
use jacquard::client::{Agent, AgentSessionExt, FileAuthStore};
use jacquard::oauth::client::OAuthClient;
use jacquard::oauth::loopback::LoopbackConfig;
use jacquard::types::string::Datetime;
use jacquard::CowStr;
use jacquard_common::types::ident::AtIdentifier;
use jacquard_common::types::string::Nsid;
use…
This is based on the following documentation from the official Bluesky GitHub:
We'll keep SELinux in enforcing mode and install a policy module to allow the PDS to work. CentOS Stream is not an officially supported distribution by the upstream PDS maintainers -- this is my own working setup -- so please do not bother them with support questions for a CentOS Stream host. In lieu of that, you're…
I think it's kinda silly when people are like, "but you're still using LLM-tainted $technology, therefore you're a hypocrite!" when we're trying to make changes in our activity flows to reduce our personal LLM footprints.
It's like when someone points out that a leftist vegan is using propriety software or driving a gas-powered vehicle.
Nobody has consistent meta-principles. Nobody's actions…
I've completed my free trial of Kagi and I can confirm that the quality of the search results it produces is superb.
A while back, I was searching for how to configure Postfix on Fedora CoreOS. I shared an image of my DDG search results, which showed genAI slop tutorial sites among the top three results.
I ran the same search query on Kagi, and the top two results were something close to what I…
I will use an Orange Pi 5 Plus, but any device, including single board computers, should work, as long as they can run the latest stable Debian or Armbian release.
Orange Pi 5 Plus
I just put the following contents into /etc/resolv.conf for the Orange Pi 5 Plus's local DNS resolution:
nameserver 9.9.9.9
nameserver 149.112.112.112
I have Blocky configured to use the strict strategy for the…
The following is a collection of ways to get the latest release of a program from its GitHub repository, using the command line. The example repositories used below can be replaced with any repository hosted on GitHub.
sed
This gets the URL of the latest release using sed. It then filters out files that contain ".rpm" and ".deb".
curl -s…
Source: https://gist.github.com/meeas/b574e4bede396783b1898c90afa20a30
Pre-installation setup
Boot into the live ISO, open a terminal, and become root. Install the needed packages.
sudo -i
apt update
apt install -y debootstrap cryptsetup arch-install-scripts
Create partitions.
cfdisk /dev/nvme0n1
mkfs.fat -F 32 -n EFI /dev/nvme0n1p1
cryptsetup -y -v --type luks2 luksFormat --label Debian…
Burden-enthusiasm
Page 1