1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
|
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title type="text">The Home of David T. Sadler - All Posts</title>
<id>https://davidtsadler.com/posts/atom.xml</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/"/>
<link rel="self" type="application/atom+xml" href="https://davidtsadler.com/posts/atom.xml"/>
<updated>2021-07-08T12:00:00Z</updated>
<entry>
<title type="text">HTTP_AUTHORIZATION Missing From Global $_SERVER Variable</title>
<id>https://davidtsadler.com/posts/php/2021-07-08/http-authorization-missing-from-global-server-variable/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/php/2021-07-08/http-authorization-missing-from-global-server-variable/"/>
<author><name>David T. Sadler.</name></author>
<published>2021-07-08T12:00:00Z</published>
<updated>2021-07-08T12:00:00Z</updated>
<content type="html"><h1>HTTP_AUTHORIZATION Missing From Global $_SERVER Variable</h1><blockquote>Thu 8th July 2021 By David T. Sadler.</blockquote><p>I came across an issue where I wanted to read the value of the HTTP_AUTHORIZATION key found in PHP's global $_SERVER variable.</p><pre><code class="php">$token = filter_input(INPUT_SERVER, 'HTTP_AUTHORIZATION');</code></pre><p>However the value of null was been returned even though a Authorization header was passed as part of the HTTP request.</p><pre><code class="shell">$ curl 127.0.0.1:8080/bookmarks/add -i -H &quot;Authorization:Bearer xyz&quot; -d &quot;url=http://example.com/2&quot;</code></pre><p>A quick print_r($_SERVER) confirmed that there was indeed no item for the key HTTP_AUTHORIZATION hence why I was getting a null value.</p><p>However the value was available with the getallheaders function.</p><pre><code class="php">$token = getallheaders()['Authorization']);</code></pre><p>After a bit of research I found that in some situations Apache may not pass authorization headers to PHP for security reasons. However it is possible to work around this by creating a rewrite rule in the site's .htaccess file to put the authorization header into an environment variable.</p><pre>&lt;IfModule mod_rewrite.c&gt;
# Handle Authorization Header.
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
&lt;/IfModule&gt;</pre><p>After adding the above to the .htaccess file the HTTP_AUTHORIZATION key is now been populated with the value of the Authorization header.</p><h3>Links</h3><a href="/posts/php">PHP - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Backing Up a Git Repository</title>
<id>https://davidtsadler.com/posts/git/2021-06-13/backing-up-a-git-repository/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/git/2021-06-13/backing-up-a-git-repository/"/>
<author><name>David T. Sadler.</name></author>
<published>2021-06-13T12:00:00Z</published>
<updated>2021-06-13T12:00:00Z</updated>
<content type="html"><h1>Backing Up a Git Repository</h1><blockquote>Sun 13th June 2021 By David T. Sadler.</blockquote><p>Below is a quick and dirty way in which I backup all my repositories that are hosted at git.davidtsadler.com.</p><pre><code class="shell">#!/bin/sh
DATE_PREFIX=$(date +%Y%m%d)
BACKUP_DIRECTORY=/tmp
BACKUP_FILE=&quot;${BACKUP_DIRECTORY}/${DATE_PREFIX}-repositories.tar.gz&quot;
BACKUP_FILES=&quot;${BACKUP_DIRECTORY}/*-repositories.tar.gz&quot;
REPOSITORIES=/home/git/*.git
tar -czf $BACKUP_FILE $REPOSITORIES
find $BACKUP_FILES -mtime +3 -delete
exit 0</code></pre><p>All it does it tar and gzip any .git directories found under /home/git. It also removes any backups that are more than three days old.</p><p>This script has been saved as /usr/bin/backup_repositories and is ran daily via cron.</p><pre><code class="cron">0 3 * * * /usr/bin/backup_repositories &gt; /dev/null 2&gt;&amp;1</code></pre><p>It is important to know that this backup strategy is far from ideal for repositories that are heavily used as you run the high risk of trying to backup a repository as users are pushing to it. As git updates a repository in two phases this will lead to a backup that may not contain all the data and so won't be suitable for restoring. However its fine for my purposes since I'm the only user and it's unlikely that I will be making changes during the time the backup is running.</p><h3>Links</h3><a href="/posts/git/2021-05-29/setting-up-a-self-host-git-server/">2021-05-29 - Setting up a Self Hosted Git Server</a><a href="/posts/git/">Git - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Xrandr: Failed to Get Size of Gamma for Output Default</title>
<id>https://davidtsadler.com/posts/linux/2021-06-05/xrandr-failed-to-get-size-of-gamma-for-output-default/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/linux/2021-06-05/xrandr-failed-to-get-size-of-gamma-for-output-default/"/>
<author><name>David T. Sadler.</name></author>
<published>2021-06-05T12:00:00Z</published>
<updated>2021-06-05T12:00:00Z</updated>
<content type="html"><h1>Xrandr: Failed to Get Size of Gamma for Output Default</h1><blockquote>Sat 5th June 2021 By David T. Sadler.</blockquote><p>After updating a laptop to Ubuntu 20.04 I found that the resolution of the display was fixed at 1024x1028 with no option in the settings for changing it to correct resolution of 1368x768.</p><p>Now normally I would fall back on using the xrandr command to add the missing resolution.</p><p>First the output of cvt command gives me the VESA CVT mode lines for the resolution and refresh rate.</p><pre><code class="shell">$ cvt 1366 768 60
Modeline &quot;1368x768_60.00&quot; 85.25 1368 1440 1576 1784 768 771 781 798 -hsync +vsync</code></pre><p>This mode is then added with xrandr.</p><pre><code class="shell">$ xrandr --newmode &quot;1368x768_60.00&quot; 85.25 1368 1440 1576 1784 768 771 781 798 -hsync +vsync</code></pre><p>The mode can then be associated with the display.</p><pre><code class="shell">$ xrandr --addmode default 1368x768_60</code></pre><p>Like I said, normally this is all that is required but in this instance the xrandr command kept displaying the below message and the desired resolution would not be applied.</p><pre><code class="shell">xrandr: Failed to get size of gamma for output default</code></pre><p>After several fruitless attempts at fixing this I eventually found that the nomodeset kernel boot option had been set. This instructs the kernel to not load any video drivers and instead use BIOS modes. Apparently many open source drivers have removed support for non-kernel modes and fall back to using a very basic VESA driver. I'm assuming this basic driver does not support the resolution I want.</p><p>With further investigation I found that nomodeset was been specified via grub so removing it meant re-configuring grub by editing /etc/default/grub.</p><pre><code class="shell">$ sudo vim /etc/default/grub</code></pre><p>In this file I located the below line.</p><pre>GRUB_CMDLINE_LINUX_DEFAULT=&quot;quiet splash nomodeset&quot;</pre><p>I edited this line to remove nomodeset and saved the changes.</p><pre>GRUB_CMDLINE_LINUX_DEFAULT=&quot;quiet splash&quot;</pre><p>Now all I needed to do was update grub with the new default settings.</p><pre><code class="shell">$ sudo update-grub</code></pre><p>After a reboot the laptop was using the correct resolution and there was no need to use xrandr.</p><h3>Links</h3><a href="https://askubuntu.com/questions/207175/what-does-nomodeset-do">askubuntu/ question regarding nomodeset does.</a><a href="/posts/linux/">Linux - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Setting up a Self Hosted Git Server</title>
<id>https://davidtsadler.com/posts/git/2021-05-29/setting-up-a-self-host-git-server/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/git/2021-05-29/setting-up-a-self-host-git-server/"/>
<author><name>David T. Sadler.</name></author>
<published>2021-05-29T12:00:00Z</published>
<updated>2021-05-29T12:00:00Z</updated>
<content type="html"><h1>Setting up a Self Hosted Git Server</h1><blockquote>Sat 29th May 2021 By David T. Sadler.</blockquote><p>I've always liked the idea of self hosting some of my git repositories. After a bit of research I found that it involves.</p><ul><li>Installing git.</li><li>Creating a git user.</li><li>Setting up ssh so that I can log into the sever securely as the git user.</li><li>Creating a test repository on the server.</li><li>Creating a test project on my local machine.</li><li>Pushing the test project to the git sever.</li></ul><h2>Installing Git</h2><p>Since its an Ubuntu server installing git is as simple as.</p><pre><code class="shell">$ sudo apt install git-core</code></pre><h2>Creating a User</h2><p>The git user will serve two purposes.</p><ul><li>The repositories will be stored in the user's home directory.</li><li>The user account will contain the public ssh keys of remote users that can access the repositories.</li></ul><pre><code class="shell">$ sudo adduser --system --shell /usr/bin/git-shell --group --disabled-password --home /home/git git</code></pre><ul><li>--system Creates a system user user. Not strictly required but since this is not a normal user account I prefer to use this option.</li><li>--shell /usr/bin/git-shell Restrict the git user to only git related activities. This also prevents remote users from obtaining a shell by logging in via ssh. Note that git-shell does not prevent normal git operations, such as pull and push, from working over ssh.</li><li>--group Creates a group that is the same name as the user.</li><li>--disabled-password Prevent logging in with a password. The use of ssh keys is still allowed.</li><li>--home /home/git The home directory for the user.</li></ul><h2>Setting up SSH</h2><p>On my local machine git will use ssh to connect to the remote server as the git user. In order to do this I will need to copy my public ssh key to the git user account.</p><p>The below commands create the required .ssh directory and authorized_keys file with the correct permissions.</p><pre><code class="shell">$ sudo mkdir /home/git/.ssh
$ sudo chown git:git /home/git/.ssh
$ sudo chmod 700 /home/git/.ssh
$ sudo touch /home/git/.ssh/authorized_keys
$ sudo chown git:git /home/git/.ssh/authorized_keys
$ sudo chmod 600 /home/git/.ssh/authorized_keys</code></pre><p>Now I can copy the public ssh key of anyone who needs access to the repositories. There are a few ways of doing this and I tend to just edit the authorized_keys file and manually copy and paste the keys into it. </p><pre><code class="shell">$ sudo vim /home/git/.ssh/authorized_keys</code></pre><p>Note that to prevent ssh port forwarding via the git user account I prepend the no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty options to the key.</p><pre><code class="shell">$ sudo cat /home/git/.ssh/authorized_keys
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQCB007n/ww+ouN4gSLKssMxXnBOvf9LGt4LojG6rs6h
PB09j9R/T17/x4lhJA0F3FR1rP6kYBRsWj2aThGw6HXLm9/5zytK6Ztg3RPKK+4kYjh6541N
YsnEAZuXz0jTTyAUfrtU3Z5E003C4oxOj6H0rfIF1kKI9MAQLMdpGW1GYEIgS9EzSdfd8AcC
IicTDWbqLAcU4UpkaX8KyGlLwsNuuGztobF8m72ALC/nLF6JLtPofwFBlgc+myivO7TCUSBd
LQlgMVOFq1I2uPWQOkOWQAHukEOmfjy2jctxSDBQ220ymjaNsHT4kgtZg2AYYgPqdAv8JggJ
ICUvax2T9va5 gsg-keypair</code></pre><p>On my local machine I can test ssh access.</p><pre><code class="shell">$ ssh git.davidtsadler.com
fatal: Interactive git shell is not enabled.
hint: ~/git-shell-commands should exist and have read and execute access.</code></pre><p>The message that comes back indicates that ssh is working and that the git-shell is been used.</p><h2>Creating a Test Repository</h2><p>An empty repository is setup by running git init with the --bare option. I also ensure that the git user owns the repository and that main will be the default branch when its checked out.</p><pre><code class="shell">$ sudo git init --bare /home/git/test.git/
$ sudo chown -R git:git /home/git/test.git/
$ sudo git --git-dir=/home/git/test.git/ symbolic-ref HEAD refs/heads/main</code></pre><h2>Creating a Test Project</h2><p>Back on my local machine I can create a test project and push it to the remote server.</p><pre><code class="shell">$ mkdir test
$ cd test
$ git init
$ touch readme
$ git add .
$ git commit -m 'Initial commit'
$ git remote add origin git@git.davidtsadler.com:test.git
$ git push origin main</code></pre><p>I can also test that I can clone the repository.</p><pre><code class="shell">rm -rf test
git clone git@git.davidtsadler.com:test.git</code></pre><h3>Links</h3><a href="/posts/git/">Git - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Pre and Post Validation Hooks with Certbot</title>
<id>https://davidtsadler.com/posts/letsencrypt/2021-05-28/pre-and-post-validation-hooks-with-certbot/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/letsencrypt/2021-05-28/pre-and-post-validation-hooks-with-certbot/"/>
<author><name>David T. Sadler.</name></author>
<published>2021-05-28T12:00:00Z</published>
<updated>2021-05-28T12:00:00Z</updated>
<content type="html"><h1>Pre and Post Validation Hooks with Certbot</h1><blockquote>Fri 28th May 2021 By David T. Sadler.</blockquote><p>I have a wildcard certificate for the domain davidtsadler.com that was issued by Let's Encrypt and I want to setup a cron job that periodically runs the certbot command to automatically renew it before it expires.</p><p>Now because its a wildcard certificate I have to use the DNS-01 challenge to validate that I control the domain name. Normally certbot is able to handle this validation during the renewing through a plugin that supports a dns provider. By using a plugin certbot is able to add and remove the required TXT dns records. Typically this is done through an API that the dns provider has to allow users to manage their dns entries. By suppling certbot with the credentials for the API a user is proving that they own the domain.</p><p>Since I am using Mail-in-a-Box for my dns there are no plugins available for certbot so instead I can use the pre and post validation hooks. These hooks are paths to scripts that will be called when certbot performs a DNS-01 challenge in manual mode. The pre auth hook is called at the start of the validation and in your script you can perform whatever steps are needed to pass the validation. It is here where you can call an API to add any dns entries. The post cleanup hook is where you can clean up any changes brought about by the auth hook.</p><p>Mail-in-a-Box provides an API for managing dns records that can be called by using curl. So my auth script will add a TXT record that is then removed by the cleanup script. Credentials for the API are the email and password of an existing user on the Mail-in-a-Box server.</p><p>When certbot calls the scripts it passes various environment variables so that they can be read by the scripts. Of which CERTBOT_VALIDATION is used to get the value of the TXT record, and CERTBOT_DOMAIN to obtain the domain name that is been validated.</p><p>The auth script is shown below.</p><pre><code class="bash">#!/bin/sh
EMAIL=username@example.com
PASSWORD='super strong password'
# Create TXT record
curl -s -X POST -d &quot;$CERTBOT_VALIDATION&quot; --user $EMAIL:$PASSWORD https://examplemailinaboxserver.com/admin/dns/custom/_acme-challenge.$CERTBOT_DOMAIN/txt
# Make sure the change has time to propagate over to DNS
sleep 25</code></pre><p>Below is the cleanup script.</p><pre><code class="bash">#!/bin/sh
EMAIL=username@example.com
PASSWORD='super strong password'
# Delete TXT record
curl -s -X DELETE -d &quot;$CERTBOT_VALIDATION&quot; --user $EMAIL:$PASSWORD https://examplemailinaboxserver.com/admin/dns/custom/_acme-challenge.$CERTBOT_DOMAIN/txt</code></pre><p>With these scripts I can setup the below cron job to call certbot.</p><pre>0 0 * * * /usr/bin/certbot renew --preferred-challenges=dns -q --manual-auth-hook /path/to/auth.sh --manual-cleanup-hook /path/to/cleanup.sh &gt; /dev/null 2&gt;&amp;1</pre><h3>Links</h3><a href="https://letsencrypt.org/docs/challenge-types/#dns-01-challenge">Let's Encrypt DNS-01 challenge.</a><a href="https://certbot.eff.org/docs/using.html#pre-and-post-validation-hooks">Certbot manual on pre and post validation hooks.</a><a href="https://mailinabox.email">Mail-in-a-Box. Self hosting mail server.</a><a href="/posts/letsencrypt/">Let's Encrypt - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Wildcard Certificates with Let's Encrypt</title>
<id>https://davidtsadler.com/posts/letsencrypt/2021-05-27/wildcard-certificates-with-lets-encrypt/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/letsencrypt/2021-05-27/wildcard-certificates-with-lets-encrypt/"/>
<author><name>David T. Sadler.</name></author>
<published>2021-05-27T12:00:00Z</published>
<updated>2021-05-27T12:00:00Z</updated>
<content type="html"><h1>Wildcard Certificates with Let's Encrypt</h1><blockquote>Thu 27th May 2021 By David T. Sadler.</blockquote><p>Currently my little bit of the internet is davidtsadler.com. However I have a few ideas for some other projects that I would like to host under a subdomain. For example at some point I want to make my source code available at git.davidtsadler.com. I also want SSL on each of the sites.</p><p>Since I'm self hosting my sites I can make use of Let's Encrypt to obtain the nessecary certificates. However I don't want the hassle of maintaing a seperate certificate for each site so I'm going with having a single wildcard certificate that will be valid for each subdomain.</p><p>Obtaining a wildcard certificate can be done with the certbot command.</p><pre><code class="shell">$ sudo certbot certonly --manual --preferred-challenges=dns --email me@email.com --agree-tos -d &quot;*.davidtsadler.com,davidtsadler.com&quot;</code></pre><ul><li>certonly This will obtain and save the certificate but will not install it. That is left to you.</li><li>--manual Obtains certificates interactively.</li><li>--preferred-challenges=dns Tells certbot that I will use the dns method to prove I own the domain name.</li><li>--email Email address used for registration and recovery contact.</li><li>--agree-tos Automatically agree to the terms of service.</li><li>-d Comma seperataed list of domain names that the certificate should cover.</li></ul><p>There are a couple of things to note with the above command. For starters I had to specifiy both *.davidtsadler and davidtsadler.com as the domains. This is because if I did not include davidtsadler.com then only subdomains would be covered by the certificate. In other words *.davidtsadler means any subdomain under davidtsadler.com but not the domain davidtsadler.com itself. </p><p>Secondaly, due to how my dns is been managed I could not have certbot automatically add the appropriate dns entries in order for it to validate the authenancy of the domain name. Instead certbot displayed the instructions needed to manually add two TXT records to my dns. Once I had done this certbot was happy that I owned the domain that the certificate would cover.</p><p>Running the certbot command results in the certificates been saved in /etc/letsencrypt/live/davidtsadler.com/</p><p>After that all I need to do is ensure that Apache has SSL support enabled and then add the below settings to my vhost file which tells Apache where to find the certificates.</p><pre>SSLCertificateFile /etc/letsencrypt/live/davidtsadler.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/davidtsadler.com/privkey.pem</pre><p>Now in future I can simply create the required vhost file for the new subdomain site and have it use the same certificate as the others.</p><h3>Links</h3><a href="https://davidtsadler.com">davidtsadler.com - My little bit of the internet.</a><a href="/posts/letsencrypt/">Let's Encrypt - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Accessing Nextcloud With WebDAV on Arch</title>
<id>https://davidtsadler.com/posts/nextcloud/2021-02-15/accessing-nextcloud-with-webdav-on-arch/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/nextcloud/2021-02-15/accessing-nextcloud-with-webdav-on-arch/"/>
<author><name>David T. Sadler.</name></author>
<published>2021-02-15T12:00:00Z</published>
<updated>2021-02-15T12:00:00Z</updated>
<content type="html"><h1>Accessing Nextcloud With WebDAV on Arch</h1><blockquote>Mon 15th February 2021 By David T. Sadler.</blockquote><p>I have a Nextcloud instance and I want to mount it as a directory on my local machine. Since Nextcloud cloud supports the WebDAV protocol its possible to do this by installing davfs2 which can mount a WebDAV resource.</p><p>The first thing I had to do was install davfs2.</p><pre><code class="shell">$ sudo pacman -S davfs2</code></pre><p>Next I created the directory where Nextcloud would be mounted.</p><pre><code class="shell">$ mkdir -p .local/share/nextcloud</code></pre><p>I then needed to tell Arch how to mount Nextcloud by adding the below line to the /etc/fstab file.</p><pre><code class="shell">https://my-nextcloud-server.com/path /home/david/.local/share/nextcloud davfs rw,user,uid=david,noauto 0 0</code></pre><p>Since access to Nextcloud is controlled by a username and password these where added to the ~/.davfs2 file.</p><pre><code class="shell">https://my-nextcloud-server.com/path username password</code></pre><p>I made sure this file had the correct permissions to ensure security.</p><pre><code class="shell">$ chmod 600 ~/.davfs2/secrets</code></pre><p>Now I can mount Nextcloud and access my files just like any others.</p><pre><code class="shell">$ mount .local/share/nextcloud</code></pre><h3>Links</h3><a href="/posts/nextcloud">Nextcloud - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">How to Host Your Own Gemini Site in the Cloud</title>
<id>https://davidtsadler.com/posts/gemini/2021-02-08/how-to-host-your-own-gemini-site-in-the-cloud/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/gemini/2021-02-08/how-to-host-your-own-gemini-site-in-the-cloud/"/>
<author><name>David T. Sadler.</name></author>
<published>2021-02-08T12:00:00Z</published>
<updated>2021-02-08T12:00:00Z</updated>
<content type="html"><h1>How to Host Your Own Gemini Site in the Cloud</h1><blockquote>Mon 8th February 2021 By David T. Sadler.</blockquote><p>So I have a Gemini site over at gemini://davidtsadler.co.uk and I thought I'd write up how I achieved this in case anyone was interested in doing the same.</p><p>I would say that from purchasing the domain name to having a complete server hosting the site took about 30 minutes in total.</p><h2>Purchasing a Domain Name</h2><p>I decided that for the moment I would keep my traditional &quot;Big Web&quot; content hosted at davidtsadler.com and use a different domain name for my new Gemini site. Since this meant purchasing a new one I popped over to Gandi.net to acquire davidtsadler.co.uk. Side note: I used to own this but decided not to renew it for some crazy reason.</p><h2>Creating a cloud sever</h2><p>My cloud provider of choice is Hetzner and creating a new server is done in eight steps.</p><h3>1. Location</h3><p>Hetzner provide a few locations in Europe as to where the server is hosted. For this server I chose Helsinki.</p><h3>2. Image</h3><p>I chose Ubuntu 20.04 as the operating system as this is the one I'm most familiar with.</p><h3>3. Type</h3><p>As this server is only going to a host a Gemini site I don't need a overly powerful system so I chose their most basic CX11 configuration. For €2.99 a month this gives me:</p><ul><li>1 virtual CPU.</li><li>2GB ram.</li><li>20GB SSD .</li><li>20 TB of network traffic a month.</li></ul><h3>4. Volume</h3><p>You have the option of attaching additional storage to the server. I skipped this step as for the time been the 20GB SSD that comes with the server should be enough for my needs.</p><h3>5. Network.</h3><p>I skipped this step as its not needed.</p><h3>6. Additional features</h3><p>Again I skipped this step but select any if you believe that you will need them.</p><h3>7. SSH Key</h3><p>When a server is created a root user is added and a password is emailed to you so that you can login. However if you provide a SSH key it will be installed on the server instead of creating a password.</p><p>I like to use separate keys for each server that I manage so I tend store the them in a directory named after the hostname.</p><pre><code class="shell">$ mkdir ~/.ssh/davidtsadler.co.uk
$ ssh-keygen -t rsa -b 4096 -f ~/.ssh/davidtsadler.co.uk/id_rsa</code></pre><p>The SSH key is added by clicking + ADD SSH KEY and then copying and pasting the contents of the id_rsa.pub file.</p><h3>8. Name</h3><p>I name my servers after the hostname so for this I called it davidtsadler.co.uk. I then created the server by clicking CREATE &amp; BUY NOW.</p><h2>SSH</h2><p>Once the server was created I took the allocated IP address and ensured that I could access it via SSH using the key that I had provided.</p><pre><code class="shell">$ ssh root@135.181.201.71 -i ~/.ssh/davidtsadler.co.uk/id_rsa</code></pre><h2>Resolve the Domain Name to the Server</h2><p>In my Gandi.net account I went to the DNS Records section for the domain name I had purchased. There I deleted everything except for the @ (A) and www (CNAME) records which was configured as follows:</p><ul><li>@ (A) 135.181.201.71</li><li>www (CNAME) davidtsadler.co.uk.</li></ul><p>The A record is configured with the IPv4 address of my new server and the CNAME with the domain name. Note that the CNAME must end with a period!</p><p>After saving the changes it was just a matter of waiting for it to propagate through the DNS system. At which point I could use the domain name when logging in via SSH.</p><pre><code class="shell">$ ssh root@davidtsadler.co.uk -i ~/.ssh/davidtsadler.co.uk/id_rsa</code></pre><h2>Securing the Server</h2><p>At a bare minimum I setup a firewall and harden SSH. I may at a later date go further, such as installing fail2ban.</p><h3>Configure a Firewall</h3><p>This setup will deny any incoming requests unless they were first initiated by a request from the server. Since I need to be able to access the server I allow SSH. The Gemini protocol uses port 1965 so that is also allowed.</p><pre><code class="shell">$ ufw default allow outgoing
$ ufw default deny incoming
$ ufw allow OpenSSH
$ ufw allow 1965
$ ufw enable</code></pre><h3>Harden SSH</h3><p>I edited the /etc/ssh/sshd_config file.</p><pre><code class="shell">$ vim /etc/ssh/sshd_config</code></pre><p>I added the two below options so that the root user is not allowed to access the sever via SSH and other users may only access using keys.</p><pre>PermitRootLogin no
PasswordAuthentication no</pre><p>Since I'd made changes to the configuration I needed to restart the SSH service.</p><pre><code class="shell">$ service sshd restart</code></pre><h3>Create non-root User</h3><p>Whenever I access a server I like to login as a non-root user that is able to run sudo on the system.</p><pre><code class="shell">$ adduser gemini
$ usermod -aG sudo gemini</code></pre><p>As the SSH key is already on the server I can copy it to the non-root user account.</p><pre><code class="shell">$ rsync --archive --chown=gemini:gemini ~/.ssh /home/gemini</code></pre><p>On my local system I confirm that I can log in as the new user without a password.</p><pre><code class="shell">$ ssh gemini@davidtsadler.co.uk -i ~/.ssh/davidtsadler.co.uk/id_rsa</code></pre><p>I also confirm that I have sudo access.</p><pre><code class="shell">$ sudo ls</code></pre><h2>Installing a Gemini Site and Server</h2><h3>Directory structure</h3><p>I decided to go with a very simple directory structure. Each site will be a sub-directory in ~/sites that will be named after the domain name. Then each site will have the following sub-directories. The idea is that I may want to host more than one site in the future.</p><ul><li>bin This will contain the Gemini server binary.</li><li>certs TLS certificates for the site are kept here.</li><li>public This will contain the .gmi files of the site.</li><li>scripts Contains scripts used to start the Gemini server.</li></ul><p>I created the directory structure with the below command.</p><pre><code class="shell">$ mkdir -p ~/sites/davidtsadler.co.uk/{bin,certs,public,scripts}</code></pre><h3>Install certificates</h3><p>Sine the Gemini protocol encourages using a self-signed certificate I installed one with the openssl command.</p><pre><code class="shell">$ openssl req -x509 \
-newkey rsa:4096 \
-keyout ~/sites/davidtsadler.co.uk/certs/key.rsa \
-out ~/sites/davidtsadler.co.uk/certs/cert.pem \
-days 3650 \
-nodes \
-subj &quot;/CN=davidtsadler.co.uk&quot;</code></pre><h3>Create Some Test Content</h3><p>I created a very simple index.gmi file purely for testing.</p><pre><code class="shell">$ cat &lt;&lt; EOF &gt; ~/sites/davidtsadler.co.uk/public/index.gmi
# Welcome
Hello world!
EOF</code></pre><h3>Install the Gemini Server Binary</h3><p>I decided to go with agate as the Gemini server as its very simple to install and configure. Installing it was a matter of downloading the binary archive into the bin directory and setting the executable permission on it.</p><pre><code class="shell">$ cd ~/sites/davidtsadler.co.uk/bin
$ wget https://github.com/mbrubeck/agate/releases/download/v2.3.0/agate.x86_64-unknown-linux-gnu.gz
$ gunzip agate.x86_64-unknown-linux-gnu.gz
$ mv agate.x86_64-unknown-linux-gnu agate
$ chmod u+x agate</code></pre><p>I wrote a very simple bash script to run agate and have it serve the site.</p><pre><code class="shell">$ cat &lt;&lt; EOF &gt; ~/sites/davidtsadler.co.uk/scripts/start
#!/bin/bash
/home/gemini/sites/davidtsadler.co.uk/bin/agate \
--content /home/gemini/sites/davidtsadler.co.uk/public/ \
--key /home/gemini/sites/davidtsadler.co.uk/certs/key.rsa \
--cert /home/gemini/sites/davidtsadler.co.uk/certs/cert.pem \
--addr [::]:1965 \
--addr 0.0.0.0:1965 \
--hostname davidtsadler.co.uk \
--lang en-GB
EOF
$ chmod u+x ~/sites/davidtsadler.co.uk/scripts/start</code></pre><h3>Testing the Site</h3><p>At this point I have the Gemini server installed and a site available for testing.</p><p>I first started agate with the bash script.</p><pre><code class="shell">$ ~/sites/davidtsadler.co.uk/scripts/start
[2021-02-05T17:26:56Z INFO agate] Listening on [[::]:1965, 0.0.0.0:1965]...</code></pre><p>With agate up and running I pointed my Gemini client to gemini://davidtsadler.co.uk and confirmed I was able to access the site before entering Ctrl-C to halt agate.</p><h3>Configure Systemd</h3><p>Since I was happy that agate was able to serve my new site I created a systemd unit to ensure that agate was started whenever the system was rebooted.</p><pre><code class="shell">$ sudo vim /etc/systemd/system/agate.service</code></pre><p>The unit is very simple and just runs the bash script to start agate once the network is available.</p><pre>[Unit]
Description=Agate Gemini Server
After=network.target
[Service]
Type=simple
User=gemini
Group=gemini
ExecStart=/home/gemini/sites/davidtsadler.co.uk/scripts/start
[Install]
WantedBy=default.target</pre><p>I then started this service and confirmed it was working.</p><pre>$ sudo systemctl start agate.service
$ sudo systemctl status agate.service
Active: active (running)</pre><p>The final step was to have this service start when the system is rebooted.</p><pre>$ sudo systemctl enable agate.service</pre><h2>Conclusion</h2><p>Setting up a Gemini site was easy to do and I hope this guide shows it. I have several ideas about how I'm going to use this new site and I'm excited to see where this leads to.</p><h3>Links</h3><a href="https://www.gandi.net/">Gandi.net - My domain registrar of choice.</a><a href="https://hetzner.cloud/?ref=Gf3UFbRaixBK">Hetzner - My cloud server provider.</a><a href="https://github.com/mbrubeck/agate/">Agate - A simple Gemini server.</a><a href="gemini://davidtsadler.co.uk/">davidtsadler.co.uk - My Gemini site.</a><a href="/posts/gemini/">Gemini - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Installing PHP 8 for Windows 10</title>
<id>https://davidtsadler.com/posts/php/2021-01-18/installing-php-8-for-windows-10/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/php/2021-01-18/installing-php-8-for-windows-10/"/>
<author><name>David T. Sadler.</name></author>
<published>2021-01-18T12:00:00Z</published>
<updated>2021-01-18T12:00:00Z</updated>
<content type="html"><h1>Installing PHP 8 for Windows 10</h1><blockquote>Mon 18th January 2021 By David T. Sadler.</blockquote><h2>Getting Started</h2><p>The PHP For Windows site provides pre-built Windows binaries for you to download. Which version you download depends upon two things.</p><p>1. Is your system a 64 or 32 bit machine.</p><p>2. Are you planning to use IIS or Apache as the web server.</p><p>For 64 bit systems the x64 file should be downloaded. If you plan to use IIS then get the Non Thread Safe (NTS) version otherwise use the Thread Safe (TS) version.</p><p>The PHP 8 binaries require to have the Visual C++ Redistributable for Visual Studio 2015-2019 be installed as well.</p><h2>Download and Installation</h2><p>1. Download the Visual C++ Redistributable for Visual Studio 2015-2019 executable and install it.</p><p>2. Download the appropriate PHP 8 Zip archive for your Windows system. </p><p>3. Extract the Zip archive into a folder called php in your user folder. This should result in a folder at C:\Users\[username]\php.</p><h2>Configuring Windows</h2><p>In order to run the PHP executable from the command line the path to where the Zip archive was extracted to needs to be added to the Windows Path environment variable. </p><p>1. Right click on the start menu and select System.</p><p>2. Type Control Panel into the search field and select the Control Panel option when it appears.</p><p>3. Click System and Security and then the System option.</p><p>4. Click Advanced system settings from the left side menu to bring up a dialog box.</p><p>5. Select the Advanced tab and then click Environment Variables.</p><p>6. Select the Path option from the User variables list and click Edit.</p><p>7. Click New and enter the path to where you extracted the Zip archive. This should be C:\Users\[username]\php. You can also click Browse instead and navigate to the folder.</p><p>8. Click OK to close the Edit environment variable dialog.</p><p>9. Click OK again to close the Environment Variables dialog.</p><p>10. Click OK for a third time to close the System Properties dialog.</p><h2>Checking Installation</h2><p>Open up either PowerShell or the Command Prompt and enter php -v to verify that PHP was installed correctly. You should see output similar to that shown below.</p><pre><code class="shell">C:\Users\dev&gt;php -v
PHP 8.0.1 (cli) (built: Jan 5 2021 23:43:33) ( NTS Visual C++ 2019 x64 )
Copyright (c) The PHP Group
Zend Engine v4.0.1, Copyright (c) Zend Technologies</code></pre><h3>Links</h3><a href="https://windows.php.net/">PHP For Windows.</a><a href="/posts/php">PHP - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Installing Laravel Homestead in Arch Linux</title>
<id>https://davidtsadler.com/posts/laravel/2020-12-21/installing-laravel-homestead-in-arch-linux/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/laravel/2020-12-21/installing-laravel-homestead-in-arch-linux/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-12-21T12:00:00Z</published>
<updated>2020-12-21T12:00:00Z</updated>
<content type="html"><h1>Installing Laravel Homestead in Arch Linux</h1><blockquote>Mon 21st December 2020 By David T. Sadler.</blockquote><h2>Introduction</h2><p>Laravel Homestead is a pre-packaged Vagrant box that gives you a development environment with PHP, a web server, and several other server software already installed. This guide explains how I install and configure it on my Arch Linux system. I install Homestead in such a way that enables me to add multiple projects to the single instance of Homestead. Because of this you may find that you will need to adapt the guide to how you prefer to manage your projects.</p><h2>Installing Dependencies</h2><p>Vagrant will need to be installed since Laravel Homestead is a pre-configured Vagrant box. Select virtualbox if you are prompted for which provider Vagrant should use.</p><pre><code class="shell">$ sudo pacman -S vagrant</code></pre><p>Install Virtualbox as this will be used as a provider by Vagrant. When prompted select the virtualbox-host-modules-arch package.</p><pre><code class="shell">$ sudo pacman -S virtualbox</code></pre><h2>Install Homestead</h2><p>Homestead is installed by cloning the repository onto your host machine.</p><pre><code class="shell">$ git clone https://github.com/laravel/homestead.git ~/.local/share/homestead</code></pre><p>The cloned repository defaults to the latest master branch. As this can be considered unstable it is recommended to checkout a tagged version of Homestead or the release branch as this will always be the latest stable version.</p><pre><code class="shell">$ cd ~/.local/share/homestead
$ git checkout release</code></pre><p>Create the Homestead.yaml file by using the init.sh command.</p><pre><code class="shell">$ bash init.sh</code></pre><h2>Configuring the host machine</h2><p>Before I launch Homestead for the first time there are a few things that I like to do first on the host machine.</p><h3>Creating a host project</h3><p>One of the advantages with Homestead is that it allows you to share a directory on your host machine with the virtual guest machine and have that served by the web server.</p><p>For this guide the commands below will create a very simple PHP site.</p><pre><code class="shell">$ mkdir -p ~/projects/testsite/public
$ echo &quot;&lt;?php phpinfo();&quot; &gt; ~/projects/testsite/public/index.php</code></pre><h3>Setting up SSH</h3><p>I like to use unique ssh keys for servers that I connect to and that includes any virtual machines running on my local machine. The ssh-keygen command generates a new key that I store in a directory separate from my other ones.</p><pre><code class="shell">$ mkdir ~/.ssh/homestead
$ ssh-keygen -t rsa -b 4096 -f ~/.ssh/homestead/id_rsa</code></pre><h3>Hostname Resolution</h3><p>Since I am using one instance of Homestead for multiple sites I need to configure the host machine so that requests are directed to the correct site on the virtual machine. This is done by adding an entry into the /etc/hosts file for each site. </p><p>First I need to know the IP address of the virtual machine. This can be done by looking in the Homestead.yaml file for the ip entry.</p><pre><code class="yaml">ip: &quot;192.168.10.10&quot;</code></pre><p>Then for each site that will be hosted on the virtual machine add it's domain and ip to the /etc/hosts file. </p><pre><code class="shell">$ sudo nvim /etc/hosts</code></pre><pre><code class="shell">192.168.10.10 testsite.local</code></pre><h2>Configuring Homestead</h2><p>Homestead is configured by editing the Homestead.yaml file that was created with the init.sh command earlier.</p><pre><code class="shell">$ cd ~/.local/share/homestead
$ nvim Homestead.yaml</code></pre><p>First tell Vagrant that Virtualbox will be providing the virtual machine.</p><pre><code class="yaml">set provider: virtualbox</code></pre><p>Vagrant needs to setup the ssh keys between the host and the guest so that you can connect via ssh. Enter the path to the one created earlier.</p><pre><code class="yaml">authorize: ~/.ssh/homestead/id_rsa.pub
keys:
- ~/.ssh/homestead/id_rsa</code></pre><p>Share the project folder with the virtual machine. This setting will make the directory /home/vagrant/projects/testsite available in the virtual machine. The contents of this directory will be shared with the host machine directory ~/projects/testsite.</p><pre><code class="yaml">folders:
- map: ~/projects/testsite
to: /home/vagrant/projects/testsite</code></pre><p>Setup Homestead so that it can serve the application through the 'domain' testsite.local. Note how this matches the name added to /etc/hosts earlier.</p><pre><code class="yaml">sites:
- map: testsite.local
to: /home/vagrant/projects/testsite/public</code></pre><p>Have Homestead create a database for our application.</p><pre><code class="yaml">databases:
- testsite</code></pre><p>Since I'm using a database ensure that a database server is installed on the virtual machine.</p><pre><code class="yaml">features:
- mariadb: true</code></pre><h2>Launching Homestead</h2><p>Homestead is started with the vagrant up command. It may take a while for Homestead to launch if this is the first time running this command as Vagrant has to first download the actual virtual machine file.</p><pre><code class="shell">$ cd ~/.local/share/homestead
$ vagrant up</code></pre><p>Once the machine is booted I can browse to http://testsite.local/ to see the simple site that is now served by Homestead.</p><h2>Installing a Laravel Site</h2><p>Now that Homestead is installed and serving a simple site its time to move onto installing the first Laravel application. Since Homestead provides all the tools required to do this the first thing to do is connect to the virtual machine.</p><pre><code class="shell">$ cd ~/.local/share/homestead
$ vagrant ssh</code></pre><p>Once connected to the virtual machine navigate to the project folder of the site. Remember that this is the folder that is also been shared with the host machine.</p><pre><code class="shell">$ cd ~/projects/testsite</code></pre><p>Clear the contents of this folder otherwise composer will complain about a non-empty directory.</p><pre><code class="shell ">$ rm -rf public</code></pre><p>Use composer to install a Laravel project.</p><pre><code class="shell">$ composer create-project laravel/laravel .</code></pre><h2>Setting Up The Application Database</h2><p>Once Larvel is installed a database needs to be created for the application. Connect to the database server with the mysql command.</p><pre><code class="shell">$ mysql -uhomestead -psecret</code></pre><p>Check that the application's database was created when the virtual machine was first booted.</p><pre><code class="mysql">SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| homestead |
| information_schema |
| mysql |
| performance_schema |
| sys |
| testsite |
+--------------------+</code></pre><p>If the database does not exist create it with the below SQL.</p><pre><code class="mysql">CREATE DATABASE testsite;</code></pre><p>Create a MySQL user for the application and grant permissions to use the application database.</p><pre><code class="mysql">CREATE USER 'testsite'@'localhost' IDENTIFIED BY 'testsite';
GRANT ALL PRIVILEGES ON testsite.* TO 'testsite'@'localhost';</code></pre><p>Exit the database server.</p><pre><code class="mysql">exit</code></pre><p>To check the new MySql user account simply connect as that user with the credentials used earlier.</p><pre><code class="shell">$ mysql -utestsite -ptestsite</code></pre><p>The result of the SHOW DATABASE sql should show that the user account can see the application database.</p><pre><code class="mysql">SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
| testsite |
+--------------------+</code></pre><h2>Configuring The Laravel Application</h2><p>Edit the supplied .env file.</p><pre><code class="shell">$ vim .env</code></pre><p>If one does not exist then copy the example file.</p><pre><code class="shell">$ cp .env.example .env</code></pre><p>Change the environment variables to match those below. Some of changes ensure that Laravel can connect to the database created earlier.</p><pre>APP_NAME='Test Site'
APP_URL=http://testsite.local
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=testsite
DB_USERNAME=testsite
DB_PASSWORD=testsite</pre><p>Now when you browse to http://testsite.local you will see the Laravel welcome page.</p><h2>Simplified SSH</h2><p>I prefer to just use the host system's ssh command to connect to Homestead as it cuts out having to navigate to the Homestead directory and running vagrant ssh.</p><p>To simplify ssh I first add a hostname for the virtual machine to the file /etc/hosts/</p><pre><code class="shell">192.168.10.10 homestead</code></pre><p>I then edit ~/.ssh/config and add the below configuration. This tells ssh to automatically use the keys and username specified when connecting to the virtual machine.</p><pre><code class="ssh">Host homestead
IdentityFile ~/.ssh/homestead/id_rsa
User vagrant</code></pre><p>From now on I can simply do ssh homestead from any directory to connect to the Homestead virtual machine.</p><h3>Links</h3><a href="https://laravel.com/docs/8.x/homestead/">Laravel Homestead</a><a href="/posts/larvel/">Laravel - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">SQLSTATE[HY000] [2002] php_network_getaddresses: getaddrinfo failed</title>
<id>https://davidtsadler.com/posts/laravel/2020-12-14/sqlstate-hy000-2002-php-network-getaddresses-getaddrinfo-failed/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/laravel/2020-12-14/sqlstate-hy000-2002-php-network-getaddresses-getaddrinfo-failed/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-12-14T12:00:00Z</published>
<updated>2020-12-14T12:00:00Z</updated>
<content type="html"><h1>SQLSTATE[HY000] [2002] php_network_getaddresses: getaddrinfo failed</h1><blockquote>Mon 14th December 2020 By David T. Sadler.</blockquote><p>One of the first things you do when creating a new Larvel application is run php artisan migrate to create the application database tables. However you may come across the below message.</p><pre><code class="shell">$ php artisan migrate
Illuminate\Database\QueryException
SQLSTATE[HY000] [2002] php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution (SQL: select * from information_schema.tables where table_schema = testsite and table_name = migrations and table_type = 'BASE TABLE')
at vendor/laravel/framework/src/Illuminate/Database/Connection.php:678
674▕ // If an exception occurs when attempting to run a query, we'll format the error
675▕ // message to include the bindings with SQL, which will make this exception a
676▕ // lot more helpful to the developer instead of just the database's errors.
677▕ catch (Exception $e) {
678▕ throw new QueryException(
679▕ $query, $this-&gt;prepareBindings($bindings), $e
680▕ );
681▕ }
682▕
+33 vendor frames
34 artisan:37
Illuminate\Foundation\Console\Kernel::handle()</code></pre><p>The cause of this issue is due to a change introduced to the .env.example file. This changed the environment variable DB_HOST from 127.0.0.1 to mysql. The reason for this change is to support [Laravel Sail](https://laravel.com/docs/8.x/sail) which is a Docker development environment for Laravel.</p><p>The change means your Laravel application will try and connect to a database server with the hostname of mysql. Unless this exists then the application can't connect.</p><p>To resolve the issue just change the value back to 127.0.0.1</p><pre><code class="shell">DB_HOST=127.0.0.1</code></pre><h3>Links</h3><a href="https://github.com/laravel/laravel/commit/a895748980b3e055ffcb68b6bc1c2e5fad6ecb08#diff-a3046da0d15a27e89f2afe639b25748a7ad4d9290af3e7b1b6c1a5533c8f0a8cL11">Commit that changed .env.example.</a><a href="https://laravel.com/docs/8.x/sail/">Laravel Sail</a><a href="/posts/larvel/">Laravel - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Installing Zsh and Powerlevel10k on Arch Linux</title>
<id>https://davidtsadler.com/posts/arch/2020-09-07/installing-zsh-and-powerlevel10k-on-arch-linux/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/arch/2020-09-07/installing-zsh-and-powerlevel10k-on-arch-linux/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-09-07T12:00:00Z</published>
<updated>2020-09-07T12:00:00Z</updated>
<content type="html"><h1>Installing Zsh and Powerlevel10k on Arch Linux</h1><blockquote>Mon 7th September 2020 By David T. Sadler.</blockquote><p>I have been a bash user ever since I started using Linux. But after installing Arch Linux I wanted to give another shell a try and so decided on Zsh. Below is how I went about replacing bash with Zsh.</p><h2>Installing Zsh</h2><p>Zsh is installed via pacman.</p><pre><code class="shell">$ sudo pacman -S zsh</code></pre><p>Check that Zsh has been installed by running it from the terminal.</p><pre><code class="shell">$ zsh</code></pre><p>Since this is the first time that Zsh has been run you should now see zsh-newuser-install which will allow you to setup some basic configuration. If you wish to skip this just press the q key. You can always manually run this with the below commands at a later date.</p><pre><code class="shell">$ autoload -Uz zsh-newuser-install
$ zsh-newuser-install -f</code></pre><h2>Changing The Default Shell</h2><p>Installing Zsh does not automatically make it the system's default shell. The next time you log back in you will find that your current shell is still in use. You can check which shell is been used by looking at the SHELL environment variable.</p><pre><code class="shell">$ echo $SHELL
/bin/bash</code></pre><p>To see a list of shells that have been installed use the chsh command.</p><pre><code class="shell">$ chsh -l
/bin/sh
/bin/bash
/usr/bin/git-shell
/bin/zsh
/usr/bin/zsh</code></pre><p>The same command can be used to change the default shell by providing it with the full path to the shell.</p><pre><code class="shell">$ chsh -s /bin/zsh</code></pre><p>Note that this change is not instant and you will need to log out and log in again for it to take affect. Once you have done that check the SHELL environment variable again to confirm the change.</p><pre><code class="shell">$ echo $SHELL
/bin/ksh</code></pre><h2>Installing Powerlevel10k</h2><p>Powerlevel10k is a theme for Zsh and in order to make the most of it you should install the Meslo Nerd Font that has been patched for Powerlevel10k.</p><pre><code class="shell">$ yay -Sy --noconfirm ttf-meslo-nerd-font-powerlevel10k</code></pre><p>You need to configure your terminal to use this font. How this is done is dependant upon what terminal you are using. Since I use st from suckless I need to edit the file config.h and specify MesloLGS NF in the font settings.</p><pre><code class="shell">static char *font = &quot;MesloLGS NF:pixelsize=14:antialias=true:autohint=true&quot;;</code></pre><p>Before rebuilding st.</p><pre><code class="shell">$ sudo make install</code></pre><p>Now that the dependences have been meet Powerlevel10k can be installed.</p><pre><code class="shell">$ yay -Sy --noconfirm zsh-theme-powerlevel10k-git</code></pre><p>Once it has been installed ensure that Zsh loads Powerlevel10k.</p><pre><code class="shell">$ echo 'source /usr/share/zsh-theme-powerlevel10k/powerlevel10k.zsh-theme' &gt;&gt;! ~/.zshrc</code></pre><p>You can now open a new terminal which will start the Powerlevel10k configuration wizard. This will ask you a few questions and configure your prompt. If it doesn't trigger automatically, type p10k configure.</p><p>Once the configuration wizard has finished open a new terminal and you should see the Powerlevel10k theme been used.</p><h3>Links</h3><a href="/posts/arch/2020-05-25/installing-arch-linux-on-a-x220-thinkpad/">Installing Arch Linux on a Thinkpad X220.</a><a href="https://www.zsh.org/">Zsh.</a><a href="https://github.com/romkatv/powerlevel10k/">Powerlevel10k.</a><a href="https://st.suckless.org/">Simple Terminal.</a><a href="/posts/arch/">Arch - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Enabling Audio in Arch Linux</title>
<id>https://davidtsadler.com/posts/arch/2020-08-31/enabling-audio-in-arch-linux/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/arch/2020-08-31/enabling-audio-in-arch-linux/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-08-31T12:00:00Z</published>
<updated>2020-08-31T12:00:00Z</updated>
<content type="html"><h1>Enabling Audio in Arch Linux</h1><blockquote>Mon 31st August 2020 By David T. Sadler.</blockquote><p>If you have recently installed Arch Linux you may have found that there is no sound when playing media. This is because by default ALSA has all channels muted.</p><h2>Installing the ALSA Utilities</h2><p>The Advanced Linux Sound Architecture (ALSA) is the part of the Linux kernel that manages the sound devices on your system. In addition to this the project also provides several command-line utilities that allow you to configure these devices. These can be installed with pacman.</p><pre><code class="shell">$ sudo pacman -S alsa-utils</code></pre><h2>Unmuting The Channels</h2><p>Channels can be unmuted with amixer.</p><pre><code class="shell">$ amixer sset Master unmute
$ amixer sset Speaker unmute
$ amixer sset Headphone unmute</code></pre><p>You can test that the speakers are working with the speaker-test command.</p><pre><code class="shell">$ speaker-test -c 2</code></pre><p>If you are still getting no sound then it could be that the volume has been set to zero. Use amixer again to increase the volume.</p><pre><code class="shell">$ amixer sset Master 100%
$ amixer sset Speaker 100%
$ amixer sset Headphone 100%</code></pre><h2>Unmute with Alsamixer</h2><p>If you prefer a more intuitive ncurses interface you can use alsamixer.</p><pre><code class="shell">$ alsamixer</code></pre><p>Channels that are muted will have the MM label below them. Unmuted channels have 00.</p><p>Use the ← and → keys to scroll to the muted channel and press m to unmute it.</p><p>The volume can be increased and decreased with the ↑ and ↓ keys.</p><h3>Links</h3><a href="/posts/arch/2020-05-25/installing-arch-linux-on-a-x220-thinkpad/">Installing Arch Linux on a Thinkpad X220.</a><a href="/posts/arch/">Arch - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Pacman Cheat Sheet For Ubuntu Users</title>
<id>https://davidtsadler.com/posts/arch/2020-08-24/pacman-cheat-sheet-for-ubuntu-users/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/arch/2020-08-24/pacman-cheat-sheet-for-ubuntu-users/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-08-24T12:00:00Z</published>
<updated>2020-08-24T12:00:00Z</updated>
<content type="html"><h1>Pacman Cheat Sheet For Ubuntu Users</h1><blockquote>Mon 24th August 2020 By David T. Sadler.</blockquote><p>As a regular Ubuntu user I am used to using apt for system maintenance. But now that I've installed Arch Linux I will be using pacman and so below is a cheat sheet for myself that shows the pacman equivalent of some common apt actions.</p><pre>Action | Apt | Pacman |
---------------------------|--------------------------------|----------------------------|
Install a package | apt install &lt;package name&gt; | pacman -S &lt;package name&gt; |
Remove a package | apt remove &lt;package name&gt; | pacman -Rs &lt;package name&gt; |
Search for a package | apt serch &lt;search term&gt; | pacman -Ss &lt;regexp&gt; |
Upgrade packages | apt update &amp;&amp; apt upgrade | pacman -Syu |
Upgrade distribution | apt update &amp;&amp; apt dist-upgrade | pacman -Syu |
Clean up local caches | apt autoclean | pacman -Scc |
Remove unused dependencies | apt autoremove | pacman -Qmq | pacman -Rs - |</pre><h2>Install a Package</h2><pre><code class="shell">$ pacman --sync &lt;package name&gt;
$ pacman -S &lt;package name&gt;</code></pre><p>Installs a package and its dependencies.</p><h2>Remove a Package</h2><pre><code class="shell">$ pacman --remove --recursive &lt;package name&gt;
$ pacman -Rs &lt;package name&gt;</code></pre><p>Removes a package and all its dependencies, provided that (A) they are not required by other packages; and (B) they were not explicitly installed by the user.</p><h2>Search For a Package</h2><pre><code class="shell">$ pacman --sync --search &lt;regexp&gt;
$ pacman -Ss &lt;regexp&gt;</code></pre><p>Searches in the sync database for packages with a name or description that match the regexp.</p><h2>Upgrade Packages</h2><pre><code class="shell">$ pacman --sync --refresh --sysupgrade
$ pacman -Syu</code></pre><p>Downloads a fresh copy of the master package database and then upgrades all out-of-date packages.</p><h2>Upgrade Distribution</h2><pre><code class="shell">$ pacman --sync --refresh --sysupgrade
$ pacman -Syu</code></pre><p>Since Arch uses a rolling release system there is no distribution version as you just upgrade your packages to their latest versions.</p><h2>Clean Up Local Caches</h2><pre><code class="shell">$ pacman --sync --clean --clean
$ pacman -Scc</code></pre><p>Free up disk space by removing from the cache any packages that are no longer installed. Also removes any cached sync databases.</p><h2>Remove Used Dependencies</h2><pre><code class="shell">$ pacman --query --deps --unrequired --quiet | pacman --remove --recursive -
$ pacman -Qdtq | pacman -Rs -</code></pre><p>Remove dependencies that are no longer needed, because e.g. the package which needed the dependencies was removed.</p><h3>Links</h3><a href="/posts/arch/2020-05-25/installing-arch-linux-on-a-x220-thinkpad/">Installing Arch Linux on a Thinkpad X220.</a><a href="/posts/arch/">Arch - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Installing ST, DMENU and DWM in Arch Linux</title>
<id>https://davidtsadler.com/posts/arch/2020-08-17/installing-st-dmenu-dwm-in-arch-linux/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/arch/2020-08-17/installing-st-dmenu-dwm-in-arch-linux/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-08-17T12:00:00Z</published>
<updated>2020-08-17T12:00:00Z</updated>
<content type="html"><h1>Installing ST, DMENU and DWM in Arch Linux</h1><blockquote>Mon 17th August 2020 By David T. Sadler.</blockquote><p>Continuing my Arch Linux installation I now have a user account for daily use. However this only provides me with a terminal. What I would like is a traditional multi-window desktop environment which will require me to install two things. A window system of some sort and a layout manager. For this installation I'm going with Xorg and dwm. For those that are not aware dwm is dynamic window manager for Xorg that has been developed by Suckless. Since by default dwm expects st to be installed as the system's terminal and also makes use dmenu to allow you to launch applications I will installed both of them in addition to dwm.</p><h2>Install Dependencies</h2><p>Firt off I need to install the dependencies required by st, dmenu and dwm. Since this is Arch Linux I use pacman to do this.</p><pre><code class="shell">$ sudo pacman -S base-devel git libx11 libxft xorg-server xorg-xinit terminus-font</code></pre><ul><li>base-devel Since I will be installing from source this package contains various tools to compile software.</li><li>git Is needed to get the source code from the suckless git repositories.</li><li>libx11 and libxft Dependanices required by dwm oherwise it will fail when trying to compile it.</li><li>xorg-server Is the display server that provides the windows that dwm will manage.</li><li>xorg-xinit Allows us to start the display server.</li><li>terminus-font Dwm is configured to use a monospaced font and since I installed a barebones system I need to install such a font now.</li></ul><h2>Download Git Repositories</h2><p>The source code for the software is avialable from the Suckless git repositories so I simply clone them.</p><pre><code class="shell">$ mkdir -p ~/.local/src
$ git clone git://git.suckless.org/st ~/.local/src/st
$ git clone git://git.suckless.org/dmenu ~/.local/src/dmenu
$ git clone git://git.suckless.org/dwm ~/.local/src/dwm</code></pre><h2>Install ST</h2><p>I install st by first moving to the directory created when cloning the repository.</p><pre><code class="shell">$ cd ~/.local/src/st</code></pre><p>Then its as simple as compiling and instaling the software with the below commands.</p><pre><code class="shell">$ make clean
$ sudo make install</code></pre><h2>Configure and Install DMENU</h2><p>Again move to the directory created earlier.</p><pre><code class="shell">$ cd ~/.local/src/dmenu</code></pre><p>Before compiling a small edit needs to be made to the file config.mk.</p><pre><code class="shell">$ nvim config.mk</code></pre><p>Since I have not installed Xinerama on this system I need to comment out any flags that reference this otherwise dmenu will fail during the compiling.</p><pre><code class="vim"># XINERAMALIBS = -lXinerama
# XINERAMAFLAGS = -DXINERAMA</code></pre><p>Again compiling and installing is done with the below commands.</p><pre><code class="shell">$ make clean
$ sudo make install</code></pre><h2>Configure and Install DWM</h2><p>For the final time move to the directory created earlier.</p><pre><code class="shell">$ cd ~/.local/src/dwm</code></pre><p>As with dmenu the same edit needs to be made to the file config.mk.</p><pre><code class="shell">$ nvim config.mk</code></pre><pre><code class="vim"># XINERAMALIBS = -lXinerama
# XINERAMAFLAGS = -DXINERAMA</code></pre><p>Compile and install as usual.</p><pre><code class="shell">$ make clean
$ sudo make install</code></pre><h2>Starting DWM</h2><p>Since I have installed xorg-xinit I need to create a .xinitrc in my home folder.</p><pre><code class="shell">$ nvim ~/.xinitrc</code></pre><p>The contents of this file is just.</p><pre><code class="vim">exec dwm</code></pre><p>I can now start xorg and dwm with the below command.</p><pre><code class="shell">$ startx</code></pre><h3>Links</h3><a href="/posts/arch/2020-05-25/installing-arch-linux-on-a-x220-thinkpad/">Installing Arch Linux on a Thinkpad X220.</a><a href="https://dwm.suckless.org/">Dynamic Window Manager (DWM).</a><a href="https://suckless.org/">Suckless Software.</a><a href="https://st.suckless.org/">Simple Terminal.</a><a href="https://tools.suckless.org/dmenu/">DMenu.</a><a href="/posts/arch/">Arch - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Sudo: sorry, you must have a tty to run sudo</title>
<id>https://davidtsadler.com/posts/linux/2020-07-13/sudo-sorry-you-must-have-a-tty-to-run-sudo/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/linux/2020-07-13/sudo-sorry-you-must-have-a-tty-to-run-sudo/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-07-13T12:00:00Z</published>
<updated>2020-07-13T12:00:00Z</updated>
<content type="html"><h1>Sudo: sorry, you must have a tty to run sudo</h1><blockquote>Mon 13th July 2020 By David T. Sadler.</blockquote><p>I have found Deployer to be a great tool for deploying PHP applications. However when first setting out to use it I soon came across the error message 'sudo: sorry, you must have a tty to run sudo'. After some investigation I found that the error was triggered when Deployer was running commands via sudo. For those that don't know Deployer works by executing commands on your servers via ssh and depending on your server's configuration there could be issues when sudo is one of those commands.</p><h2>What is meant by 'sudo: sorry, you must have a tty to run sudo'?</h2><p>When sudo is executed the file /etc/sudoers is read to determine which users or groups can use sudo and what commands they can run. It actually does a bit more than that and you should read the manual for more information.</p><p>If you examine the sudoers file you will find that it contains the setting Defaults requiretty. This means that sudo can only be ran from a real tty. In other words if a user wants to run sudo they must have logged into a terminal before hand. This is normally a security feature so that sudo can't be ran from things such as cron jobs. However, it also means that you will have issues when running sudo from another machine via ssh as you also won't be logged into an actual terminal.</p><h2>How to resolve the issue?</h2><p>If you're happy to change the setting for all users simply use visudo to edit /etc/sudoers and change Defaults requiretty to Defaults !requiretty. Alternatively you can remove the tty requirement for a single user. In fact that is what I do when using Deployer. Since it connects to the server using a user called deployer I add the below configuration with visudo.</p><pre><code class="shell">Defaults:deployer !requiretty
deployer ALL=(ALL) NOPASSWD:/usr/bin/chown, /usr/bin/tee, /usr/sbin/apachectl</code></pre><p>This configuration allows the deployer user to execute sudo when not logged into a real terminal and additionally not prompt for a password when executing chown, tee, and apachectl.</p><h2>Using Pseudo-tty</h2><p>An alternative is to use the pseudo-tty option when connecting via ssh.</p><pre><code class="shell">$ ssh -t user@example.com sudo apachectl restart</code></pre><h3>Links</h3><a href="https://deployer.org/">Deployer - A Deployment Tool for PHP.</a><a href="https://www.sudo.ws/man/sudoers.man.html">Sudo Manual.</a><a href="/posts/linux/">Linux - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Granting Sudo Access to a User in Arch Linux</title>
<id>https://davidtsadler.com/posts/arch/2020-06-22/granting-sudo-access-to-a-user-in-arch-linux/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/arch/2020-06-22/granting-sudo-access-to-a-user-in-arch-linux/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-06-22T12:00:00Z</published>
<updated>2020-06-22T12:00:00Z</updated>
<content type="html"><h1>Granting Sudo Access to a User in Arch Linux</h1><blockquote>Mon 22nd 2020 By David T. Sadler.</blockquote><p>So by the end of my last post my minimal installation of Arch Linux had a user account that I could log into instead of the root user. However in order to do anything useful on the system I need to be able to run commands such as pacman that only the root user can do. Now one way to solve this is to change to the root user with su before running the command, but this defeats the point in creating a non-root user account in the first place. Instead a better way is to make use of sudo.</p><p>Sudo (su &quot;do&quot;) gives the ability for a user (or groups of users) to run some (or all) commands as root and also provides an audit trail of the commands and their arguments. Usage is very simple, you enter sudo followed by the command that you want to run. For example,</p><pre><code class="shell">$ sudo pacman -Syu</code></pre><p>Configuration is done in the file /etc/sudoers. This is where you can specify which users or groups can use sudo and what commands they can run. However, you must be careful when editing this file as any syntax errors will make sudo unusable. Therefore it is strongly recommended to do any editing via the visudo command. This locks the sudoers file, saves edits to a temporary file, and checks that file's grammar before copying it to /etc/sudoers. </p><p>Traditionally in Linux systems users that should have privileged administrator rights are added to the wheel group which is then given sudo access. As the root user the first thing that I needed to do was add my user account to the wheel group with the usermod command.</p><pre><code class="shell">$ usermod -aG wheel david</code></pre><p>I used the below options with the command.</p><ul><li>-a Modifies the -G argument so that the user is added to the specified groups and not removed from any existing ones.</li><li>-G The list of supplementary groups that the user will be made a member of. In this case it's just wheel. Note that you need to pass -a otherwise the user will be removed from any group that is not listed. </li></ul><p>The sudo package then needed to be installed.</p><pre><code class="shell">$ pacman -S sudo</code></pre><p>Next I needed to grant sudo access to the wheel group by editing /etc/sudoers with visudo. Note that the default editor for visudo is vi. Since this has not been installed on my system I can change the editor to be nvim by first setting the variable EDITOR.</p><pre><code class="shell">$ EDITOR=nvim visudo</code></pre><p>Once the file was opened I located and uncommented the below line before saving and exiting nvim. This allows members of the wheel group to execute any command without having to enter their password.</p><pre><code class="shell">%wheel ALL(ALL) NOPASSWD: ALL</code></pre><p>I checked that I had sudo access by running the below command while logged into my user account.</p><pre><code class="shell">$ sudo pwd
/home/david</code></pre><p>Since I wasn't prompted for my password and the command was executed I knew that I now had sudo access.</p><h3>Links</h3><a href="/posts/arch/2020-06-15/adding-a-user-in-arch-linux/">Adding a User in Arch Linux.</a><a href="/posts/arch/">Arch - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Adding a User in Arch Linux</title>
<id>https://davidtsadler.com/posts/arch/2020-06-15/adding-a-user-in-arch-linux/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/arch/2020-06-15/adding-a-user-in-arch-linux/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-06-15T12:00:00Z</published>
<updated>2020-06-15T12:00:00Z</updated>
<content type="html"><h1>Adding a User in Arch Linux</h1><blockquote>Mon 15th June 2020 By David T. Sadler.</blockquote><p>In a previous post I installed Arch Linux on my Thinkpad X220. Since it was a very minimal install there are no user accounts except for the root user. So to add myself as a user I need to use the useradd command.</p><pre><code class="shell">$ useradd -m -s /bin/bash david</code></pre><p>I used the below options with the command.</p><ul><li>-m Create the home directory for this account.</li><li>-s /bin/bash Make bash the login shell for this account.</li><li>david The name of the new user.</li></ul><p>This creates a new account for me and also ensures that a home directory is created as /home/david.</p><p>The new account will require a password so assign one with the passwd command.</p><pre><code class="shell">$ passwd david
New password:
Retype new password:
passwd: password updated successfully</code></pre><p>Now all I have to do is logout of the root account.</p><pre><code class="shell">$ logout</code></pre><p>Then login with the new credentials to confirm that everything is okay.</p><pre><code class="shell">suliman login: david
Password:
david@suliman:$</code></pre><h3>Links</h3><a href="/posts/arch/2020-05-25/installing-arch-linux-on-a-x220-thinkpad/">Installing Arch Linux on a Thinkpad X220.</a><a href="/posts/arch/">Arch - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Publishing Jigsaw Posts With Netlify Build Hooks</title>
<id>https://davidtsadler.com/posts/netlify/2020-06-08/publishing-jigsaw-posts-with-netlify-build-hooks/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/netlify/2020-06-08/publishing-jigsaw-posts-with-netlify-build-hooks/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-06-08T12:00:00Z</published>
<updated>2020-06-08T12:00:00Z</updated>
<content type="html"><h1>Publishing Jigsaw Posts With Netlify Build Hooks</h1><blockquote>Mon 8th June 2020 By David T. Sadler.</blockquote><p>A previous post talks about how I use Jigsaw's filtering to schedule future posts. However because Jigsaw is a static site builder I have to run Jigsaw in order to generate the HTML for the site. So if for example I have scheduled three posts to be published over three consecutive weeks I would need to build and deploy the site on each of the scheduled dates in order for the posts to be published. This kind of defeats the point of scheduling posts. So what I needed was some way to automatically trigger new builds of the site and since I use Netlify to host the site I can make use of their build hooks to do this.</p><p>For those that don't know build hooks are URLs you can use to trigger new builds and deployments in Netlify. By making a HTTP POST request to a URL, Netlify will pull down the latest master branch of your site, build it, and then deploy it.</p><p>Creating the build hook was simple. After logging into my Netlify account I went to Settings &gt; Build &amp; deploy &gt; Continuous deployment &gt; Build hooks.</p><p>From there I clicked Add build hook where I could then provide a name and select which GitHub branch would be used to build the site.</p><p>Clicking Save creates the build hook and you are given a unique URL that can be used to trigger it.</p><p>What is very handy about Netlify is that they provide you with an example of calling the URL with cURL. With this I simply setup a cron on a server that requests this URL every Monday at 8am.</p><pre><code class="shell">8 * * 1 curl -X POST -d {} https://api.netlify.com/build_hooks/111111111111111111111111</code></pre><p>The result is that every week posts that have been scheduled for that day will now be published when the site is built and deployed by the build hook.</p><h3>Links</h3><a href="/posts/jigsaw/2020-06-01/scheduling-posts-in-jigsaw/">2020-06-01 - Scheduling Posts in Jigsaw</a><a href="https://jigsaw.tighten.co/">Jigsaw - Static Site Generator for PHP Developers.</a><a href="https://www.netlify.com/">Netlify - Serverless Platform for Static Websites.</a><a href="https://docs.netlify.com/configure-builds/build-hooks/">Build Hooks in Netlify.</a><a href="/posts/netlify/">Netlify - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Scheduling Posts in Jigsaw</title>
<id>https://davidtsadler.com/posts/jigsaw/2020-06-01/scheduling-posts-in-jigsaw/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/jigsaw/2020-06-01/scheduling-posts-in-jigsaw/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-06-01T12:00:00Z</published>
<updated>2020-06-01T12:00:00Z</updated>
<content type="html"><h1>Scheduling Posts in Jigsaw</h1><blockquote>Mon 1st June 2020 By David T. Sadler.</blockquote><p>Jigsaw is a static site generator that I use for my site and one of its features is the ability to create a filter that determines which items in a collection will be included in the final build.</p><p>It works by you adding a filter key to a collection's array in your config.php file, and specifying a callable that accepts an item from the collection and that returns a boolean. By returning false an item will not be built.</p><p>Below is how I have setup my config.production.php file which is used when building the site for deployment.</p><pre><code class="php">&lt;?php
use Carbon\Carbon;
return [
'collections' =&gt; [
'posts' =&gt; [
'filter' =&gt; function ($item) {
$date = $item-&gt;date ? Carbon::createFromFormat('U', $item-&gt;date) : null;
// Only publish posts that have a date and which is not in the future.
return $date ? $date &lt;= Carbon::now() : false;
}
],
],
];</code></pre><p>When deploying the site each post is passed to this filter. The first thing it does is convert the date that has been specified in the post's YAML front matter into a Carbon instance. It then returns true if the date is on or before the current date, I.e. when the site is been deployed. </p><p>With this filter I can specify future dates for several posts and they will only published once that date comes around. Posts are also exluded if a date has not been specified. This allows me to have posts that are a work in progress and shouldn't be published.</p><h3>Links</h3><a href="https://jigsaw.tighten.co/">Jigsaw - Static Site Generator for PHP Developers.</a><a href="https://jigsaw.tighten.co/docs/collections-filtering/">Using Filters in Jigsaw.</a><a href="https://carbon.nesbot.com/">Carbon - PHP API Extension for DateTime.</a><a href="/posts/jigsaw/">Jigsaw - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Installing Arch Linux on a Thinkpad X220</title>
<id>https://davidtsadler.com/posts/arch/2020-05-25/installing-arch-linux-on-a-thinkpad-x220/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/arch/2020-05-25/installing-arch-linux-on-a-thinkpad-x220/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-05-25T12:00:00Z</published>
<updated>2020-05-25T12:00:00Z</updated>
<content type="html"><h1>Installing Arch Linux on a Thinkpad X220</h1><blockquote>Mon 25th May 2020 By David T. Sadler.</blockquote><h2>Introduction</h2><p>So I purchased a used Thinkpad X220 for about £90 on eBay and decided to install Arch Linux onto it. This guide is the steps that I took to achieve this.</p><p>Now when it comes to Linux there is always more than one way of doing things and this guide is just my preferred way. Feel free to follow it for your own installation, just keep in mind that you may have to change some of the steps to suit your own circumstances. Also there is every chance that the information presented here will be out of date so I recommend that you at least read the through the official installation guide for the most up-to-date information.</p><h2>Download the Arch Linux ISO Image</h2><p>The Arch Linux download page provides direct download and torrent links. You should also download the PGP signature to the same location and use the gpg command to verify that the ISO has not been compromised.</p><pre><code class="shell">$ gpg --keyserver-options auto-key-retrieve --verify archlinux-2020.05.01-x86_64.iso.sig</code></pre><h2>Create a Live USB of Arch Linux</h2><p>Flash the image to a USB drive using Etcher. Alternatively you can use the dd command. Just ensure that /path/to/archlinux.iso is to where you have downloaded the image and that /dev/sdx is your USB drive.</p><pre><code class="shell">dd bs=4M if=/path/to/archlinux.iso of=/dev/sdx status=progress &amp;&amp; sync</code></pre><h2>Boot the Live Environment</h2><p>I wanted to make sure that the Thinkpad was using UEFI as I would be using EFISTUB to load the Linux kernel as an EFI executable. This is done through the BIOS which can be gotten to by pressing the ThinkVantage button as the machine is booting before pressing F1 to get to the BIOS settings. From there navigate to Startup and changed the UEFI/Legacy Boot option to be UEFI Only. Press F10 to save and exit the BIOS and then power down the machine.</p><p>With the USB drive plugged in power the machine back on, all the while pressing F12 until the boot menu appears and select USB HDD: Mass Storage Device and wait for the installation image to boot. When prompted select Arch Linux archiso X86_64 UEFI CD where you will be take to the live environment's terminal. </p><h2>Set the Keyboard Layout</h2><p>The default console map is US which meant that for me pressing Shift+3 was displaying the hash symbol (#) instead of the pound symbol (£). So the UK keyboard layout needed to be loaded.</p><pre><code class="shell">$ loadkeys uk</code></pre><p>You can get a list of supported keyboard layouts if you need to load a different one.</p><pre><code class="shell">ls /usr/share/kbd/keymaps/**/*.map.gz</code></pre><h2>Verify the Boot Mode</h2><p>To verify that the Thinkpad has UEFI enabled check that the efivars directory exists.</p><pre><code class="shell">$ ls /sys/firmware/efi/efivars</code></pre><h2>Connect to the Internet</h2><p>Verify that the machine can connect to the internet with the ping command.</p><pre><code class="shell">$ ping -c3 davidtsadler.com</code></pre><p>Before booting the machine I plugged in an Ethernet cable that was connected directly to my home network's router. The installation environment detected the network connection and obtained an IP address via DHCP. </p><h2>Update the System Clock</h2><p>Ensure the system clock is correct.</p><pre><code class="shell">$ timedatectl set-ntp true</code></pre><h2>Partition the Disks</h2><p>Use the lsblk command to determine which disks and partitions exist on the system.</p><pre><code class="shell">$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
loop0 7:0 0 535M 1 loop /run/archiso/sfs/airootfs
sda 8:0 0 298.1G 0 disk
sdb 8:16 1 7.4G 0 disk
├─sdb1 8:17 1 652M 0 part /run/archiso/bootmnt
└─sdb2 8:18 1 64M 0 part</code></pre><p>From the above output I could see that my hard drive was sda as sdb was the USB drive and loop0 could just be ignored.</p><p>I knew that I wanted to have an encrypted partition and make use of LVM on it so my disk layout would be.</p><pre><code class="shell">+-------------------+ +--------------------------------------------------------+
| Boot partition | | Logical volume 1 | Logical volume 2 | Logical volume 3 |
| | | | | |
| /boot | | / | [SWAP] | /home |
| | | | | |
| | | 50G | 16G | 200G |
| | | | | |
| | | /dev/vg0/root | /dev/vg0/swap | /dev/vg0/home |
| | |_ _ _ _ _ _ _ _ _ |_ _ _ _ _ _ _ _ _ |_ _ _ _ _ _ _ _ _ |
| | | |
| | | LUKS2 encrypted partition |
| /dev/sda1 (512MB) | | /dev/sda2 |
+-------------------+ +--------------------------------------------------------+</code></pre><p>The hard drive would be split into two partitions. The first, sdb1 would be 512MB in size and mounted in the file system at /boot. This would be the EFI system partition. The reminder of the disk space would be given to the partition sda2 and encrypted using LUKS2. LVM would then be used to create the volume group vg0 that would be divided into three partitions as logical volumes.</p><ul><li>/dev/vg0/root 50G root partition.</li><li>/dev/vg0/swap 16G swap partition.</li><li>/dev/vg0/home 200G home partition.</li></ul><p>Use fdisk to create the partitions.</p><pre><code class="shell">$ fdisk /dev/sda</code></pre><p>Enter g to create a new empty GPT partition table</p><pre><code class="shell">Command (m for help): g
Created a new GPT disklabel (GUID: 6987D065-936E-1547-9F02-F78145025A96).</code></pre><p>Since this is a UEFI system there must be a EFI partition at the beginning of the disk. Enter n to add a new partition and enter 1 to assign it as the first partition. Use the default value for the first sector but enter +512M for the last sector.</p><pre><code class="shell">Command (m for help): n
Partition number (1-128, default 1): 1
First sector (2048-625142414, default 2048):
Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-625142414, default 625142414): +512M
Created a new partition 1 of type 'Linux filesystem' and of size 512 MiB.</code></pre><p>Enter t to change the partition type and enter 1 to make it an EFI System. You can also get a list of partition types by pressing L.</p><pre><code class="shell">Command (m for help): t
Selected partition 1
Partition type (type L to list all types): 1
Changed type of partition 'Linux filesystem' to 'EFI System'.</code></pre><p>To create the second partition enter n again to add another partition, and then enter 2 to assign it as the second partition. Use the default values for both first and last sectors to allocate the remainder of the drive.</p><pre><code class="shell">Command (m for help): n
Partition number (2-128, default 2): 2
First sector (1050624-625142414, default 1050624):
Last sector, +/-sectors or +/-size{K,M,G,T,P} (1050624-625142414, default 625142414):
Created a new partition 2 of type 'Linux filesystem' and of size 297.6 GiB.</code></pre><p>Enter w to write the changes and quit.</p><pre><code class="shell">Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.</code></pre><p>Use lsblk to confirm that two partitions have been created.</p><pre><code class="shell">$ lsblk /dev/sda
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 298.1G 0 disk
├─sda1 8:1 0 512M 0 part
└─sda2 8:2 0 297.6G 0 part</code></pre><h2>LUKS</h2><p>Encrypt the second partition with the cryptsetup command. </p><pre><code class="shell">$ cryptsetup luksFormat /dev/sda2</code></pre><p>When prompted enter YES in capitals to overwrite any data that is currently on the partition. </p><pre><code class="shell">WARNING!
========
This will overwrite data on /dev/sda2 irrevocably.
Are you sure? (Type 'yes' in capital letters): YES</code></pre><p>Enter and verify a passphrase. Whenever the machine is now booted you will be prompted to enter this passphrase in order for the partition to be decrypted.</p><pre><code class="shell">Enter passphrase for /dev/sda2:
Verify passphrase:
cryptsetup luksFormat /dev/sda2 17.01s user 1.05s system 105% cpu 17.106 total</code></pre><h2>LVM on LUKS</h2><p>Before setting up LVM decrypt the partition.</p><pre><code class="shell">$ cryptsetup open /dev/sda2 cryptlvm</code></pre><p>You will be prompted to enter the passphrase that you set up earlier.</p><pre><code class="shell">Enter passphrase for /dev/sda2:
cryptsetup open /dev/sda2 cryptlvm 6.48s user 0.36s system 92% cpu 7.436 total</code></pre><p>Create a physical volume.</p><pre><code class="shell">$ pvcreate /dev/mapper/cryptlvm</code></pre><p>Create a volume group called vg0.</p><pre><code class="shell">$ vgcreate vg0 /dev/mapper/cryptlvm</code></pre><p>Create three logical volumes for the root, swap and home partitions.</p><pre><code class="shell">$ lvcreate -L 50G vg0 -n root
$ lvcreate -L 16G vg0 -n swap
$ lvcreate -L 200G vg0 -n home</code></pre><p>Make use of lsblk again to verify that LVM has been setup as expected.</p><pre><code class="shell">$ lsblk /dev/sda
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 298.1G 0 disk
├─sda1 8:1 0 512M 0 part
└─sda2 8:2 0 297.6G 0 part
└─cryptlvm 254:0 0 297.6G 0 crypt
├─vg0-root 254:1 0 50G 0 lvm
├─vg0-swap 254:2 0 16G 0 lvm
└─vg0-home 254:3 0 200G 0 lvm</code></pre><h2>Format the Partitions</h2><p>Format the boot partition at /dev/sda1 with a FAT32 file system as the UEFI specification requires the usage of it.</p><pre><code class="shell">$ mkfs.fat -F32 /dev/sda1</code></pre><p>The root and home partitions can be formatted with ext4.</p><pre><code class="shell">$ mkfs.ext4 /dev/vg0/root
$ mkfs.ext4 /dev/vg0/home</code></pre><p>Initialise the swap partition.</p><pre><code class="shell">$ mkswap /dev/vg0/swap
$ swapon /dev/vg0/swap</code></pre><h2>Mount the File Systems</h2><p>Mount the root partition into /mnt.</p><pre><code class="shell">$ mount /dev/vg0/root /mnt</code></pre><p>Mount the boot partition into /mnt/boot. </p><pre><code class="shell">$ mkdir /mnt/boot
$ mount /dev/sda1 /mnt/boot</code></pre><p>Finally mount the home partition into /mnt/home.</p><pre><code class="shell">$ mkdir /mnt/home
$ mount /dev/vg0/home /mnt/home</code></pre><h2>Select the Mirrors</h2><p>All mirror servers defined in /etc/pacman.d/mirrorlist where done at the time the installation image was built. Since it's ideal to try and use servers that are close to your location you can rebuild the list using the rankmirrors utility. This is not included by default on the live environment so you will need to download it.</p><p>First sync the pacman repository.</p><pre><code class="shell">pacman -Syy</code></pre><p>Then download the pacmain-contrib package which contains the rankmirrors utility.</p><pre><code class="shell">$ pacman -S pacman-contrib</code></pre><p>The official Pacman Mirrorlist Generator can be used to get an up-to-date list of servers for your country. The below command obtains a list of UK servers that support https and pass it to rankmirrors to obtain the 5 fastest.</p><pre><code class="shell">$ curl -s &quot;https://www.archlinux.org/mirrorlist/?country=GB&amp;protocol=https&amp;use_mirror_status=on&quot; | sed -e 's/^#Server/Server/' -e '/^#/d' | rankmirrors -n 5 - &gt; /etc/pacman.d/mirrorlist</code></pre><h2>Install Essential Packages</h2><p>The pacstrap script is used to install the base package, Linux kernel and firmware.</p><pre><code class="shell">$ pacstrap /mnt base linux linux-firmware neovim wpa_supplicant dhcpcd cryptsetup lvm2 efibootmgr intel-ucode</code></pre><p>I also installed a few other packages that I knew I was going to need.</p><ul><li>neovim. Allows you to edit files instead of using nano.</li><li>wpa_supplicant. Provides tools for connecting to a WPA2 protected wireless network.</li><li>dhcpcd. Needed so that you machine can obtain an IP address from your home router via dhcp.</li><li>cryptsetup. Since the partition is encrypted this package is required in order for it to be decrypted during booting. </li><li>lvm2. Provides the LVM tools to manage the LVM partition.</li><li>efibootmgr. Needed to configure the system to boot via UEFI.</li><li>intel-ucode. Enables microcode updates during boot.</li></ul><h2>Fstab</h2><p>Create a fstab file on the new system.</p><pre><code class="shell">$ genfstab -U /mnt &gt;&gt; /mnt/etc/fstab</code></pre><h2>Chroot</h2><p>Use arch-chroot to enter the new system as the root user. From now on you will be configuring the new system.</p><pre><code class="shell">$ arch-chroot /mnt</code></pre><h2>Time Zone</h2><p>Setup the timezone. Replace Europe/London with your timezone.</p><pre><code class="shell">$ ln -sf /usr/share/zoneinfo/Europe/London /etc/localtime</code></pre><p>Update the hardware clock.</p><pre><code class="shell">$ hwclock --systohc</code></pre><h2>Localization</h2><p>Use nvim to edit /etc/locale.gen.</p><pre><code class="shell">$ nvim /etc/locale.gen</code></pre><p>Uncomment your preferred language. For me this meant en_GB.UTF-8 UTF-8. Save the file and exit before generating the locales.</p><pre><code class="shell">$ locale-gen</code></pre><p>Edit /etc/locale.conf.</p><pre><code class="shell">$ nvim /etc/locale.conf</code></pre><p>Add the below line. Replace en_GB.UTF-8 with the language that you chose earlier.</p><pre>LANG=en_GB.UTF-8</pre><p>If you used loadkeys earlier you will need to edit /etc/vconsole.conf and add your chosen keymap.</p><pre><code class="shell">$ nvim /etc/vconsole.conf</code></pre><p>For me this meant adding the UK keymap.</p><pre>KEYMAP=uk</pre><h2>Network Configuration</h2><p>Create the file /etc/hostname and add an entry to it. This hostname will be the name of the machine on your network. I tend to name by devices after characters from the book Howl's Moving Castle https://en.wikipedia.org/wiki/Howl%27s_Moving_Castle).</p><pre><code class="shell">$ echo suliman &gt; /etc/hostname</code></pre><p>You then need to edit the /etc/hosts file.</p><pre><code class="shell">$ nvim /etc/hosts</code></pre><p>Add the following lines to this file. Replace suliman with the hostname you set up earlier.</p><pre><code class="shell">127.0.0.1 localhost
::1 localhost
127.0.0.1 suliman.localdomain suliman</code></pre><h2>Wireless</h2><p>Use the ip command to determine the name of the wireless network interface.</p><pre><code class="shell">$ip link
1: lo: &lt;LOOPBACK,UP,LOWER_UP&gt; mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s25: &lt;BROADCAST,MULTICAST,UP,LOWER_UP&gt; mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
link/ether f0:de:f1:86:e1:75 brd ff:ff:ff:ff:ff:ff
3: wwp0s29u1u4: &lt;BROADCAST,MULTICAST&gt; mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether 86:06:37:c4:9b:41 brd ff:ff:ff:ff:ff:ff
4: wlan0: &lt;BROADCAST,MULTICAST&gt; mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether 08:11:96:02:10:ac brd ff:ff:ff:ff:ff:ff</code></pre><p>Looking at the output of the ip command this is wlan0. This name however will not be the name of the interface once the installation has been completed. You see the Arch installation environment does not use predictable names for interfaces. This is due to it using iwd which is unable to cope with interface renaming and so it is disabled for wireless interfaces. When the system boots into the installed system predictable names for interfaces will be enabled and wlan0 will be assigned a different name.</p><p>In order to find out what name will be assigned use the udevadm command.</p><pre><code class="shell">$ udevadm test-builtin net_id /sys/class/net/wlan0
Load module index
Parsed configuration file /usr/lib/systemd/network/99-default.link
Parsed configuration file /usr/lib/systemd/network/80-iwd.link
Created link configuration context.
Using default interface naming scheme 'v245'.
ID_NET_NAMING_SCHEME=v245
ID_NET_NAME_MAC=wlx0811960210ac
ID_OUI_FROM_DATABASE=Intel Corporate
ID_NET_NAME_PATH=wlp3s0
Unload module index
Unloaded link configuration context.</code></pre><p>What we are interested in is the value of ID_NET_NAME_PATH which is wlp3s0.</p><p>My wireless network is a WPA2 protected network with a hidden SSID. Since wpa_supplicant has been installed when running pacstrap it is possible to use wpa_passphrase to generate the configuration file that wpa_supplicant will use to connect to the wireless network. Replace &amp;lt;SSID&amp;gt; and &amp;lt;PASSWORD&amp;gt; with your details. Note that the name of the configuration file contains the name of the network interface wlp3s0. Replace this with the name of your network interface.</p><pre><code class="shell">$ wpa_passphrase &lt;SSID&gt; &lt;PASSWORD&gt; &gt; /etc/wpa_supplicant/wpa_supplicant-wlp3s0.conf</code></pre><p>If your wireless network uses a hidden SSID you will need to edit the configuration file.</p><pre><code class="shell">$ nvim /etc/wpa_supplicant/wpa_supplicant-wlp3s0.conf</code></pre><p>And add the below line. </p><pre><code class="shell">scan_ssid=1</code></pre><p>Make sure that wpa_supplicant starts at boot.</p><pre><code class="shell">$ systemctl enable wpa_supplicant@wlp3s0.service</code></pre><p>Have an IP address assigned via DHCP during booting.</p><pre><code class="shell">$ systemctl enable dhcpcd@wlp3s0.service</code></pre><h2>Initramfs</h2><p>You will need to rebuild the initial ramdisk and the current one is not aware that the filesystem will be encrypted. Before rebuilding it some configuration changes need to be made.</p><pre><code class="shell">$ nvim /etc/mkinitcpio.conf</code></pre><p>Locate the section where the HOOKS are configured and replace it with the line below.</p><pre>HOOKS=(base udev autodetect keyboard keymap modconf block encrypt lvm2 filesystems fsck)</pre><p>This ensures that the keyboard is present before the filesystem is detected so that you are enter the passphrase to decrypt the partition. It also ensures that the decryption is done before the LVM is handled.</p><p>Save the changes and exist before rebuilding with the mkinitcpio command. </p><pre><code class="shell">mkinitcpio -P</code></pre><h2>EFISTUB Booting and Microcode</h2><p>The Thinkpad X220 UEFI implementation allows an operating system to be booted without the need for an intermediate bootloader such as GRUB. It is possible to add a UEFI boot entry to the motherboard itself and have Arch booted directly.</p><p>Modifying the motherboard boot entries is done using efibootmgr. However usage of this command can be quite verbose so it is recommended to create a shell script instead. </p><pre><code class="shell">nvim /usr/local/sbin/mkefibootentry</code></pre><p>The shell script will call efibootmgr with the required arguments. </p><pre>#!/bin/sh
# Determine the UUID of the partition that is encrypted
PARTUUID=`blkid /dev/sda2 -s PARTUUID -o value`
efibootmgr \
--disk /dev/sda --part 1 \
--create --label &quot;Arch Linux&quot; \
--loader /vmlinuz-linux \
--unicode 'cryptdevice=PARTUUID='$PARTUUID':cryptlvm root=/dev/vg0/root rw initrd=\intel-ucode.img initrd=\initramfs-linux.img' \
--verbose </pre><p>The --unicode argument is where the kernel parameters are specified. This tells the system that the partition identified by PARTUUID is encrypted and that the root filesystem to mount is the logical volume called root that is part of the volume group vg0. The microcode is also loaded with initrd=\intel-ucode.img.</p><p>Make this script executable.</p><pre><code class="shell">chmod u+x /usr/local/sbin/mkefibootentry</code></pre><p>Run the script to add to the motherboard boot entries.</p><pre><code class="shell">$ mkefibootentry</code></pre><h2>Root Password</h2><p>Create a secure password for the root user.</p><pre><code class="shell">$ passwd</code></pre><h2>Reboot</h2><p>Return to the Arch live installation environment.</p><pre><code class="shell">$ exit</code></pre><p>Unmount the partitions.</p><pre><code class="shell">$ umount -R /mnt</code></pre><p>Restart the machine with reboot. Remember to remove any installation media such as a USB drive.</p><pre><code class="shell">$ reboot</code></pre><p>Provided nothing has gone wrong your machine will boot into a fresh installation of Arch Linux. Don't forget that during the boot you will be prompted to enter the passphrase to decrypt the system partition. </p><p>Following this guide will leave you with a very minimal system where you can login as the root user. From this point how you configure the system is up to you as it will be very different to how I configure my own. If you interested in seeing how I do it then see my other posts on the subject. </p><h3>Links</h3><a href="https://www.archlinux.org/Installation_guide/">Offical Arch Installation Guide.</a><a href="https://www.archlinux.org/download/">Arch Linux Download Page.</a><a href="https://www.balena.io/etcher/">Etcher.</a><a href="https://www.archlinux.org/mirrorlist/">Pacman Mirrorlist Generator.</a><a href="https://en.wikipedia.org/wiki/Howl%27s_Moving_Castle/">Wikipedia Entry for Howl's Moving Castle.</a><a href="/posts/arch/">Arch - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry><entry>
<title type="text">Creating an Ebook With Markdown</title>
<id>https://davidtsadler.com/posts/markdown/2020-03-30/creating-an-ebook-with-markdown/</id>
<link rel="alternate" type="text/html" href="https://davidtsadler.com/posts/markdown/2020-03-30/creating-an-ebook-with-markdown/"/>
<author><name>David T. Sadler.</name></author>
<published>2020-03-30T12:00:00Z</published>
<updated>2020-03-30T12:00:00Z</updated>
<content type="html"><h1>Creating an Ebook With Markdown</h1><blockquote>Mon 30th March 2020 By David T. Sadler.</blockquote><p>Pandoc is a great tool for converting a file in one markup format into another. This means we can use it to convert a file written in Markdown into an EPUB file that is supported by many e-readers.</p><p>Lets start by writting a very simple markdown file called example_ebook.md.</p><pre><code class="markdown">---
title:
- type: main
text: Example Ebook
- type: subtitle
text: An Ebook created from a Markdown file
creator:
- role: author
text: David Sadler
publisher: Published by myself
---
This is an introduction.
# Chapter 1
This is the first paragraph of chapter 1.
This is the second paragraph of chapter 1.
Below is a list.
- Item One
- Item Two
- Item Three
# Chapter 2
This is the first paragraph of chapter 2.
This is the second paragraph of chapter 2.
# Chapter 3
This is the first paragraph of chapter 3.
This is the second paragraph of chapter 3.</code></pre><p>Note that the file begins with a YAML metadata block that starts and ends with three hyphens (---). This allows you to specify EPUB metadata such as the title and author.</p><p>Converting this to EPUB is done by running pandoc.</p><pre><code class="shell">$ pandoc example_ebook.md -t epub3 --toc -o example_ebook.epub</code></pre><p>There are several options that need to be passed to pandoc.</p><ul><li>example_ebook.md - This argument is the file that you are converting.</li><li>-t epub3 - Set the output format to be EPUB v3 book.</li><li>--toc - Include a table of contents in the output document. This will be derived from the H1 headers in the markdown.</li><li>-o example_ebook.epub - Tell pandoc to output the conversion to the named file instead of stdout.</li></ul><p>You can now copy the file example_ebook.epub to any device that supports the format or use one of the many software readers such as Calibre. However, if you wish to read this on a Kindle device you will need to convert it to the Mobi format.</p><p>Amazon provides a command line tool called KindleGen that can convert our EPUB file into the Mobi format. After downloading the tool just run it as shown below.</p><pre><code class="shell">$ kindlegen example_ebook.epub</code></pre><p>This will create a file called example_ebook.mobi that you can copy to your Kindle to read.</p><h3>Links</h3><a href="https://pandoc.org/">Pandoc.</a><a href="https://en.wikipedia.org/wiki/Markdown/">Markdown.</a><a href="https://en.wikipedia.org/wiki/EPUB/">EPUB.</a><a href="https://pandoc.org/MANUAL.html#extension-yaml_metadata_block">YAML metadata block.</a><a href="https://pandoc.org/MANUAL.html#epub-metadata">EPUB metadata.</a><a href="https://www.w3.org/community/epub3/">EPUB v3 book.</a><a href="https://calibre-ebook.com/">Calibre Application.</a><a href="https://en.wikipedia.org/wiki/Comparison_of_e-book_formats#Mobipocket">Mobi Format.</a><a href="https://www.amazon.com/gp/feature.html?ie=UTF8&amp;docId=1000765211">KindleGen Application.</a><a href="/posts/markdown/">Markdown - Read More Posts.</a><p>I don't have comments as I don't want to manage them. You can however contact me at the below address if you want to.</p><a href="mailto:david@davidtsadler.com">Email david@davidtsadler.com</a><h3>License</h3><a href="https://creativecommons.org/licenses/by-sa/4.0/">The contents of this site is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.</a><p>Copyright © 2021 David T. Sadler.</p><a href="/">Return to Homepage.</a></content>
</entry>
</feed>
|
