Use bbaovanc/hugo image

Add .drone.yml

Co-authored-by: BBaoVanC <github@bbaovanc.com>
Reviewed-on: #1
Co-Authored-By: bbaovanc <bbaovanc@noreply.bbaovanc.com>
Co-Committed-By: bbaovanc <bbaovanc@noreply.bbaovanc.com>

.drone.yml

@@ -0,0 +1,41 @@
+---
+kind: pipeline
+type: docker
+name: Deploy to bbaovanc.com
+
+trigger:
+    branch:
+        - master
+    event:
+        exclude:
+            - pull_request
+
+steps:
+    - name: submodules
+      image: alpine/git
+      commands:
+          - git submodule update --init --recursive
+
+    - name: build
+      image: bbaovanc/hugo
+      commands:
+          - hugo version
+          - hugo --minify
+
+    - name: list files
+      image: alpine:latest
+      commands:
+          - find public/
+
+    - name: upload
+      image: appleboy/drone-scp
+      settings:
+          host: bbaovanc.com
+          port: 2222
+          username: droneci
+          key:
+              from_secret: SSH_KEY
+          target: /var/www/bbaovanc/blog/
+          rm: true
+          source: public/
+          strip_components: 1

assets/css/comments.css

@@ -0,0 +1,22 @@
+.commento-root * {
+    color: white;
+}
+
+.commento-root .commento-logged-container .commento-logged-in-as .commento-name,
+.commento-root .commento-anonymous-checkbox-container input[type="checkbox"] + label {
+    color: rgb(134, 142, 150);
+}
+
+.commento-root textarea {
+    border-color: rgba(255, 255, 255, 0.1);
+    background-color: rgba(0, 0, 0, 0);
+    color: white;
+}
+
+.commento-root .commento-card {
+    border-top-color: rgba(255, 255, 255, 0.1);
+}
+
+.commento-root .commento-dark-card {
+    background-color: rgb(64, 64, 64);
+}

config.toml

@@ -16,7 +16,7 @@ enableGitInfo = true
   themeColor = "blue"
 
   # if you set this to 0, only submenu trigger will be visible
-  showMenuItems = 5
+  showMenuItems = 6
 
   # show selector to switch language
   showLanguageSelector = false
@@ -28,7 +28,7 @@ enableGitInfo = true
   centerTheme = true
 
   # set a custom favicon (default is a `themeColor` square)
-  favicon = "icon/favicon.ico"
+  favicon = "img/favicon.ico"
 
   # set post to show the last updated
   # If you use git, you can set `enableGitInfo` to `true` and then post will automatically get the last updated
@@ -86,14 +86,20 @@ enableGitInfo = true
         url = "/posts/index.xml"
         weight = 30
 
+      [[languages.en.menu.main]]
+        identifier = "email-me"
+        name = "Email Me"
+        url = "mailto:contact@bbaovanc.com"
+        weight = 40
+
       [[languages.en.menu.main]]
         identifier = "main-website"
         name = "Main Website"
         url = "https://bbaovanc.com/"
-        weight = 40
+        weight = 50
 
       [[languages.en.menu.main]]
         identifier = "source-code"
         name = "Source Code"
         url = "https://git.bbaovanc.com/bbaovanc.com/blog"
-        weight = 50
+        weight = 60

content/links.md

@@ -14,8 +14,8 @@ toc: true
 - [Main Site](https://bbaovanc.com/)
 - [Blog](https://bbaovanc.com/blog/)
 - [Status Page](https://status.bbaovanc.com/)
-- [Searx Instance](https://searx.bbaovanc.com/) -
-  [source code](https://github.com/BBaoVanC/searx.bbaovanc.com)
+- [Searx Instance](https://search.bbaovanc.com/) -
+  [source code](https://github.com/BBaoVanC/searx)
 - [Gitea Instance](https://git.bbaovanc.com/)
 
 ## My Software

content/posts/allow-non-root-processes-to-bind-to-privileged-ports.md

@@ -0,0 +1,68 @@
++++
+title = "Allow Non Root Processes to Bind to Privileged Ports"
+date = "2021-03-28T20:03:16-05:00"
+author = "bbaovanc"
+tags = ["guide", "linux"]
+keywords = ["linux", "privileged", "ports", "tutorial", "guide", "gitea",
+"systemd"]
+
+description = """
+In Linux, processes cannot bind to privileged ports (<=1024) unless they are
+running as root. Here's how to allow any process to bind to privileged ports.
+"""
+
+showFullContent = false
+toc = true
++++
+
+## Introduction
+
+In Linux, processes cannot bind to privileged ports (<=1024) unless they are
+running as root. I learned about this when I was trying to add SSH cloning to my
+[Gitea](https://gitea.io) instance. This can be bypassed by giving
+`CAP_NET_BIND_SERVICE` capabilities to either the systemd service, or the
+executable itself.
+
+## Giving `CAP_NET_BIND_SERVICE` capabilities
+
+### Using systemd (preferred)
+
+The best way is to tell systemd to give `CAP_NET_BIND_SERVICE`
+capabilities to the service. In fact, the Gitea systemd service has two
+lines[^1] that are commented out:
+
+```systemd
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE
+AmbientCapabilities=CAP_NET_BIND_SERVICE
+```
+
+Uncommenting these two lines was all I had to do for Gitea.
+
+### Using `setcap`
+
+You can add `CAP_NET_BIND_SERVICE` to the executable directly using `setcap`,
+allowing it to bind to any port. Run the following command[^2]:
+
+```bash
+setcap 'cap_net_bind_service=+ep' /path/to/program
+```
+
+Note that this means that anyone with permission to run this program will be
+able to run it and bind to any privileged ports.
+
+Other caveats[^2]:
+
+> 1. You will need at least a 2.6.24 kernel
+> 2. This won't work if your file is a script. (ie, uses a #! line to launch an
+>    interpreter). In this case, as far I as understand, you'd have to apply the
+>    capability to the interpreter executable itself, which of course is a
+>    security nightmare, since any program using that interpreter will have the
+>    capability. I wasn't able to find any clean, easy way to work around this
+>    problem.
+> 3. Linux will disable LD\_LIBRARY\_PATH on any program that has elevated
+>    privileges like setcap or suid. So if your program uses its own .../lib/,
+>    you might have to look into another option like port forwarding.
+
+[^1]: https://github.com/go-gitea/gitea/blob/3416e2a82586fca4cd452b93237b979300f55d62/contrib/systemd/gitea.service#L69
+      and https://stackoverflow.com/a/47065825
+[^2]: https://stackoverflow.com/a/414258

content/posts/checkra1n-gui-on-other-distros.md

@@ -2,8 +2,8 @@
 title = "Checkra1n GUI on Other Distros"
 date = "2021-03-25T21:19:51-05:00"
 author = "bbaovanc"
-cover = "/blog/media/checkra1n-gui-on-arch-linux.png"
-tags = ["linux", "archlinux", "jailbreak", "checkra1n"]
+cover = "media/checkra1n-gui-on-arch-linux.webp"
+tags = ["guide", "linux", "archlinux", "jailbreak", "checkra1n"]
 keywords = ["checkra1n", "gui", "linux", "arch linux"]
 
 description = """

content/posts/edited-in-middle-of-message-discord.md

@@ -2,8 +2,8 @@
 title = "Put (edited) in the middle of a message in Discord"
 date = "2021-03-25T18:48:34-05:00"
 author = "bbaovanc"
-cover = "media/discord-tricks/edited-in-middle-of-message.png"
-tags = ["discord", "discord-tricks"]
+cover = "media/discord-tricks/edited-in-middle-of-message.webp"
+tags = ["tutorial", "discord", "discord-tricks"]
 keywords = ["discord", "edited"]
 
 description = """

content/posts/new-comment-system-again.md

@@ -0,0 +1,36 @@
++++
+title = "New Comment System (again)"
+date = "2021-04-17T00:08:30-05:00"
+author = "bbaovanc"
+tags = ["announcement", "hugo", "blog"]
+keywords = ["hugo", "comment system", "blog", "commento"]
+
+description = """
+I decided to switch my comment system from Isso to
+[Commento](https://www.commento.io/)
+"""
+
+showFullContent = false
++++
+
+## Isso vs Commento
+
+I know it's only been six days since I added Isso, but I decided to switch to a
+better comment system. Isso is meant to be simple, which means that it's missing
+a lot of features. Commento has a lot of features such as sticky (pinned)
+comments, spam detection, thread locking, email notifications (I couldn't get
+this working on Isso), and a nicer design. I also was able to write some
+[custom CSS rules][1] which make it look alright on my blog's theme. It also
+supports SSO, so I might add support for signing up with GitHub, and possibly
+GitLab.
+
+## Summary of the [first post]({{< ref "/posts/new-comment-system" >}})
+
+If you haven't read the
+[New Comment System]({{< ref "/posts/new-comment-system" >}}) post, here's the
+most important information. There's a comment section at the bottom of each post
+where you can view and post comments. You can post anonymously, or create an
+account so you can show your username and get email notifications. You can also
+upvote, downvote, and reply to other comments.
+
+[1]: https://git.bbaovanc.com/bbaovanc.com/blog/src/commit/478e15218313a33216d361de387b3bd878cd0ba6/assets/css/comments.css

content/posts/new-comment-system.md

@@ -0,0 +1,39 @@
++++
+title = "New Comment System"
+date = "2021-04-11T00:17:13-05:00"
+author = "bbaovanc"
+tags = ["announcement", "hugo", "blog"]
+keywords = ["hugo", "comment system", "blog", "isso"]
+
+description = """
+I added a comment system to my blog, using [Isso](https://posativ.org/isso/).
+"""
+
+showFullContent = false
+toc = true
++++
+
+## About
+
+I set up a comment system named [Isso](https://posativ.org/isso/) on my blog
+today. At the bottom of each blog post, there's a comment section. You don't
+need to sign up with an account or sign in with Google, Facebook, none of that
+junk. You can comment anonymously, or provide any of the following three fields:
+name, email address, and website, which will be shown to other people viewing
+your comment. I'm going off of the assumption that no one cares/is malicious
+enough to spam my comment sections.
+
+## Known Issues
+
+### Editing and deleting not working
+
+You're supposed to be able to edit and delete comments up to 15 minutes after
+posting them. As of now, that doesn't seem to be working; the request just
+returns 403 (forbidden).
+
+### White text on white background when previewing comment
+
+This is a CSS related issue. This was also happening when editing/writing a
+comment, but I edited it so the edit box has black text. I think a better fix is
+to make the new comment form have a dark background, but I'll deal with that
+later.

content/posts/sed-text-substitution-in-discord.md

@@ -2,7 +2,7 @@
 title = "Text Substitution in Discord using `sed`"
 date = "2021-03-25T18:48:15-05:00"
 author = "bbaovanc"
-tags = ["discord", "discord-tricks"]
+tags = ["tutorial", "discord", "discord-tricks"]
 keywords = ["discord", "sed", "text", "replacement"]
 
 description = """
@@ -12,7 +12,7 @@ Discord has (very primitive) support for text replacement using `sed` syntax.
 showFullContent = false
 +++
 
-## How-to
+## Tutorial
 
 [Example Video](/blog/media/discord-tricks/sed-text-replacement.mov)
 

layouts/partials/comments.html

@@ -0,0 +1,15 @@
+{{ $css := resources.Get "css/comments.css" }}
+{{ $style := $css | resources.Minify }}
+
+<script defer
+    src="https://commento.bbaovanc.com/js/commento.js"
+    data-page-id="{{ .RelPermalink }}"
+    data-no-fonts="true"
+    data-css-override="{{ $style.Permalink }}">
+</script>
+<div id="commento"></div>
+
+<noscript>
+    <br />
+    <b>Comments are not available when JavaScript is disabled.</b>
+</noscript>