Compare commits
21 Commits
full-text-
...
master
Author | SHA1 | Date | |
---|---|---|---|
12576834c2 | |||
9cb27e684d | |||
decd2209f7 | |||
adf52c8498 | |||
3d14a589fc | |||
478e152183 | |||
3eb95b7f16 | |||
6bb94c50c2 | |||
1ed6fd7bf8 | |||
896cf1eb27 | |||
b0704a1e1d | |||
f1407d7984 | |||
|
6fbf46a270 | ||
6ca71e0ff7 | |||
ae59d03f81 | |||
83f780a8b4 | |||
a235ec2151 | |||
054a2258f5 | |||
66833ca13d | |||
9378412a09 | |||
ef2274521e |
41
.drone.yml
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
---
|
||||||
|
kind: pipeline
|
||||||
|
type: docker
|
||||||
|
name: Deploy to bbaovanc.com
|
||||||
|
|
||||||
|
trigger:
|
||||||
|
branch:
|
||||||
|
- master
|
||||||
|
event:
|
||||||
|
exclude:
|
||||||
|
- pull_request
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: submodules
|
||||||
|
image: alpine/git
|
||||||
|
commands:
|
||||||
|
- git submodule update --init --recursive
|
||||||
|
|
||||||
|
- name: build
|
||||||
|
image: bbaovanc/hugo
|
||||||
|
commands:
|
||||||
|
- hugo version
|
||||||
|
- hugo --minify
|
||||||
|
|
||||||
|
- name: list files
|
||||||
|
image: alpine:latest
|
||||||
|
commands:
|
||||||
|
- find public/
|
||||||
|
|
||||||
|
- name: upload
|
||||||
|
image: appleboy/drone-scp
|
||||||
|
settings:
|
||||||
|
host: bbaovanc.com
|
||||||
|
port: 2222
|
||||||
|
username: droneci
|
||||||
|
key:
|
||||||
|
from_secret: SSH_KEY
|
||||||
|
target: /var/www/bbaovanc/blog/
|
||||||
|
rm: true
|
||||||
|
source: public/
|
||||||
|
strip_components: 1
|
22
assets/css/comments.css
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
.commento-root * {
|
||||||
|
color: white;
|
||||||
|
}
|
||||||
|
|
||||||
|
.commento-root .commento-logged-container .commento-logged-in-as .commento-name,
|
||||||
|
.commento-root .commento-anonymous-checkbox-container input[type="checkbox"] + label {
|
||||||
|
color: rgb(134, 142, 150);
|
||||||
|
}
|
||||||
|
|
||||||
|
.commento-root textarea {
|
||||||
|
border-color: rgba(255, 255, 255, 0.1);
|
||||||
|
background-color: rgba(0, 0, 0, 0);
|
||||||
|
color: white;
|
||||||
|
}
|
||||||
|
|
||||||
|
.commento-root .commento-card {
|
||||||
|
border-top-color: rgba(255, 255, 255, 0.1);
|
||||||
|
}
|
||||||
|
|
||||||
|
.commento-root .commento-dark-card {
|
||||||
|
background-color: rgb(64, 64, 64);
|
||||||
|
}
|
25
config.toml
@ -4,17 +4,6 @@ theme = "terminal"
|
|||||||
paginate = 5
|
paginate = 5
|
||||||
enableGitInfo = true
|
enableGitInfo = true
|
||||||
|
|
||||||
[mediaTypes]
|
|
||||||
[mediaTypes."text/sql"]
|
|
||||||
suffixes = ["sql"]
|
|
||||||
|
|
||||||
[outputFormats]
|
|
||||||
[outputFormats.SQL]
|
|
||||||
mediaType = "text/sql"
|
|
||||||
|
|
||||||
[outputs]
|
|
||||||
home = ["sql", "html"]
|
|
||||||
|
|
||||||
# [permalinks]
|
# [permalinks]
|
||||||
# posts = "/:year/:month/:title/"
|
# posts = "/:year/:month/:title/"
|
||||||
|
|
||||||
@ -27,7 +16,7 @@ enableGitInfo = true
|
|||||||
themeColor = "blue"
|
themeColor = "blue"
|
||||||
|
|
||||||
# if you set this to 0, only submenu trigger will be visible
|
# if you set this to 0, only submenu trigger will be visible
|
||||||
showMenuItems = 5
|
showMenuItems = 6
|
||||||
|
|
||||||
# show selector to switch language
|
# show selector to switch language
|
||||||
showLanguageSelector = false
|
showLanguageSelector = false
|
||||||
@ -39,7 +28,7 @@ enableGitInfo = true
|
|||||||
centerTheme = true
|
centerTheme = true
|
||||||
|
|
||||||
# set a custom favicon (default is a `themeColor` square)
|
# set a custom favicon (default is a `themeColor` square)
|
||||||
favicon = "icon/favicon.ico"
|
favicon = "img/favicon.ico"
|
||||||
|
|
||||||
# set post to show the last updated
|
# set post to show the last updated
|
||||||
# If you use git, you can set `enableGitInfo` to `true` and then post will automatically get the last updated
|
# If you use git, you can set `enableGitInfo` to `true` and then post will automatically get the last updated
|
||||||
@ -97,14 +86,20 @@ enableGitInfo = true
|
|||||||
url = "/posts/index.xml"
|
url = "/posts/index.xml"
|
||||||
weight = 30
|
weight = 30
|
||||||
|
|
||||||
|
[[languages.en.menu.main]]
|
||||||
|
identifier = "email-me"
|
||||||
|
name = "Email Me"
|
||||||
|
url = "mailto:contact@bbaovanc.com"
|
||||||
|
weight = 40
|
||||||
|
|
||||||
[[languages.en.menu.main]]
|
[[languages.en.menu.main]]
|
||||||
identifier = "main-website"
|
identifier = "main-website"
|
||||||
name = "Main Website"
|
name = "Main Website"
|
||||||
url = "https://bbaovanc.com/"
|
url = "https://bbaovanc.com/"
|
||||||
weight = 40
|
weight = 50
|
||||||
|
|
||||||
[[languages.en.menu.main]]
|
[[languages.en.menu.main]]
|
||||||
identifier = "source-code"
|
identifier = "source-code"
|
||||||
name = "Source Code"
|
name = "Source Code"
|
||||||
url = "https://git.bbaovanc.com/bbaovanc.com/blog"
|
url = "https://git.bbaovanc.com/bbaovanc.com/blog"
|
||||||
weight = 50
|
weight = 60
|
||||||
|
@ -14,8 +14,8 @@ toc: true
|
|||||||
- [Main Site](https://bbaovanc.com/)
|
- [Main Site](https://bbaovanc.com/)
|
||||||
- [Blog](https://bbaovanc.com/blog/)
|
- [Blog](https://bbaovanc.com/blog/)
|
||||||
- [Status Page](https://status.bbaovanc.com/)
|
- [Status Page](https://status.bbaovanc.com/)
|
||||||
- [Searx Instance](https://searx.bbaovanc.com/) -
|
- [Searx Instance](https://search.bbaovanc.com/) -
|
||||||
[source code](https://github.com/BBaoVanC/searx.bbaovanc.com)
|
[source code](https://github.com/BBaoVanC/searx)
|
||||||
- [Gitea Instance](https://git.bbaovanc.com/)
|
- [Gitea Instance](https://git.bbaovanc.com/)
|
||||||
|
|
||||||
## My Software
|
## My Software
|
||||||
|
@ -0,0 +1,68 @@
|
|||||||
|
+++
|
||||||
|
title = "Allow Non Root Processes to Bind to Privileged Ports"
|
||||||
|
date = "2021-03-28T20:03:16-05:00"
|
||||||
|
author = "bbaovanc"
|
||||||
|
tags = ["guide", "linux"]
|
||||||
|
keywords = ["linux", "privileged", "ports", "tutorial", "guide", "gitea",
|
||||||
|
"systemd"]
|
||||||
|
|
||||||
|
description = """
|
||||||
|
In Linux, processes cannot bind to privileged ports (<=1024) unless they are
|
||||||
|
running as root. Here's how to allow any process to bind to privileged ports.
|
||||||
|
"""
|
||||||
|
|
||||||
|
showFullContent = false
|
||||||
|
toc = true
|
||||||
|
+++
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
|
||||||
|
In Linux, processes cannot bind to privileged ports (<=1024) unless they are
|
||||||
|
running as root. I learned about this when I was trying to add SSH cloning to my
|
||||||
|
[Gitea](https://gitea.io) instance. This can be bypassed by giving
|
||||||
|
`CAP_NET_BIND_SERVICE` capabilities to either the systemd service, or the
|
||||||
|
executable itself.
|
||||||
|
|
||||||
|
## Giving `CAP_NET_BIND_SERVICE` capabilities
|
||||||
|
|
||||||
|
### Using systemd (preferred)
|
||||||
|
|
||||||
|
The best way is to tell systemd to give `CAP_NET_BIND_SERVICE`
|
||||||
|
capabilities to the service. In fact, the Gitea systemd service has two
|
||||||
|
lines[^1] that are commented out:
|
||||||
|
|
||||||
|
```systemd
|
||||||
|
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||||||
|
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||||
|
```
|
||||||
|
|
||||||
|
Uncommenting these two lines was all I had to do for Gitea.
|
||||||
|
|
||||||
|
### Using `setcap`
|
||||||
|
|
||||||
|
You can add `CAP_NET_BIND_SERVICE` to the executable directly using `setcap`,
|
||||||
|
allowing it to bind to any port. Run the following command[^2]:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
setcap 'cap_net_bind_service=+ep' /path/to/program
|
||||||
|
```
|
||||||
|
|
||||||
|
Note that this means that anyone with permission to run this program will be
|
||||||
|
able to run it and bind to any privileged ports.
|
||||||
|
|
||||||
|
Other caveats[^2]:
|
||||||
|
|
||||||
|
> 1. You will need at least a 2.6.24 kernel
|
||||||
|
> 2. This won't work if your file is a script. (ie, uses a #! line to launch an
|
||||||
|
> interpreter). In this case, as far I as understand, you'd have to apply the
|
||||||
|
> capability to the interpreter executable itself, which of course is a
|
||||||
|
> security nightmare, since any program using that interpreter will have the
|
||||||
|
> capability. I wasn't able to find any clean, easy way to work around this
|
||||||
|
> problem.
|
||||||
|
> 3. Linux will disable LD\_LIBRARY\_PATH on any program that has elevated
|
||||||
|
> privileges like setcap or suid. So if your program uses its own .../lib/,
|
||||||
|
> you might have to look into another option like port forwarding.
|
||||||
|
|
||||||
|
[^1]: https://github.com/go-gitea/gitea/blob/3416e2a82586fca4cd452b93237b979300f55d62/contrib/systemd/gitea.service#L69
|
||||||
|
and https://stackoverflow.com/a/47065825
|
||||||
|
[^2]: https://stackoverflow.com/a/414258
|
@ -2,8 +2,8 @@
|
|||||||
title = "Checkra1n GUI on Other Distros"
|
title = "Checkra1n GUI on Other Distros"
|
||||||
date = "2021-03-25T21:19:51-05:00"
|
date = "2021-03-25T21:19:51-05:00"
|
||||||
author = "bbaovanc"
|
author = "bbaovanc"
|
||||||
cover = "/blog/media/checkra1n-gui-on-arch-linux.png"
|
cover = "media/checkra1n-gui-on-arch-linux.webp"
|
||||||
tags = ["linux", "archlinux", "jailbreak", "checkra1n"]
|
tags = ["guide", "linux", "archlinux", "jailbreak", "checkra1n"]
|
||||||
keywords = ["checkra1n", "gui", "linux", "arch linux"]
|
keywords = ["checkra1n", "gui", "linux", "arch linux"]
|
||||||
|
|
||||||
description = """
|
description = """
|
||||||
|
@ -2,8 +2,8 @@
|
|||||||
title = "Put (edited) in the middle of a message in Discord"
|
title = "Put (edited) in the middle of a message in Discord"
|
||||||
date = "2021-03-25T18:48:34-05:00"
|
date = "2021-03-25T18:48:34-05:00"
|
||||||
author = "bbaovanc"
|
author = "bbaovanc"
|
||||||
cover = "media/discord-tricks/edited-in-middle-of-message.png"
|
cover = "media/discord-tricks/edited-in-middle-of-message.webp"
|
||||||
tags = ["discord", "discord-tricks"]
|
tags = ["tutorial", "discord", "discord-tricks"]
|
||||||
keywords = ["discord", "edited"]
|
keywords = ["discord", "edited"]
|
||||||
|
|
||||||
description = """
|
description = """
|
||||||
|
36
content/posts/new-comment-system-again.md
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
+++
|
||||||
|
title = "New Comment System (again)"
|
||||||
|
date = "2021-04-17T00:08:30-05:00"
|
||||||
|
author = "bbaovanc"
|
||||||
|
tags = ["announcement", "hugo", "blog"]
|
||||||
|
keywords = ["hugo", "comment system", "blog", "commento"]
|
||||||
|
|
||||||
|
description = """
|
||||||
|
I decided to switch my comment system from Isso to
|
||||||
|
[Commento](https://www.commento.io/)
|
||||||
|
"""
|
||||||
|
|
||||||
|
showFullContent = false
|
||||||
|
+++
|
||||||
|
|
||||||
|
## Isso vs Commento
|
||||||
|
|
||||||
|
I know it's only been six days since I added Isso, but I decided to switch to a
|
||||||
|
better comment system. Isso is meant to be simple, which means that it's missing
|
||||||
|
a lot of features. Commento has a lot of features such as sticky (pinned)
|
||||||
|
comments, spam detection, thread locking, email notifications (I couldn't get
|
||||||
|
this working on Isso), and a nicer design. I also was able to write some
|
||||||
|
[custom CSS rules][1] which make it look alright on my blog's theme. It also
|
||||||
|
supports SSO, so I might add support for signing up with GitHub, and possibly
|
||||||
|
GitLab.
|
||||||
|
|
||||||
|
## Summary of the [first post]({{< ref "/posts/new-comment-system" >}})
|
||||||
|
|
||||||
|
If you haven't read the
|
||||||
|
[New Comment System]({{< ref "/posts/new-comment-system" >}}) post, here's the
|
||||||
|
most important information. There's a comment section at the bottom of each post
|
||||||
|
where you can view and post comments. You can post anonymously, or create an
|
||||||
|
account so you can show your username and get email notifications. You can also
|
||||||
|
upvote, downvote, and reply to other comments.
|
||||||
|
|
||||||
|
[1]: https://git.bbaovanc.com/bbaovanc.com/blog/src/commit/478e15218313a33216d361de387b3bd878cd0ba6/assets/css/comments.css
|
39
content/posts/new-comment-system.md
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
+++
|
||||||
|
title = "New Comment System"
|
||||||
|
date = "2021-04-11T00:17:13-05:00"
|
||||||
|
author = "bbaovanc"
|
||||||
|
tags = ["announcement", "hugo", "blog"]
|
||||||
|
keywords = ["hugo", "comment system", "blog", "isso"]
|
||||||
|
|
||||||
|
description = """
|
||||||
|
I added a comment system to my blog, using [Isso](https://posativ.org/isso/).
|
||||||
|
"""
|
||||||
|
|
||||||
|
showFullContent = false
|
||||||
|
toc = true
|
||||||
|
+++
|
||||||
|
|
||||||
|
## About
|
||||||
|
|
||||||
|
I set up a comment system named [Isso](https://posativ.org/isso/) on my blog
|
||||||
|
today. At the bottom of each blog post, there's a comment section. You don't
|
||||||
|
need to sign up with an account or sign in with Google, Facebook, none of that
|
||||||
|
junk. You can comment anonymously, or provide any of the following three fields:
|
||||||
|
name, email address, and website, which will be shown to other people viewing
|
||||||
|
your comment. I'm going off of the assumption that no one cares/is malicious
|
||||||
|
enough to spam my comment sections.
|
||||||
|
|
||||||
|
## Known Issues
|
||||||
|
|
||||||
|
### Editing and deleting not working
|
||||||
|
|
||||||
|
You're supposed to be able to edit and delete comments up to 15 minutes after
|
||||||
|
posting them. As of now, that doesn't seem to be working; the request just
|
||||||
|
returns 403 (forbidden).
|
||||||
|
|
||||||
|
### White text on white background when previewing comment
|
||||||
|
|
||||||
|
This is a CSS related issue. This was also happening when editing/writing a
|
||||||
|
comment, but I edited it so the edit box has black text. I think a better fix is
|
||||||
|
to make the new comment form have a dark background, but I'll deal with that
|
||||||
|
later.
|
@ -2,7 +2,7 @@
|
|||||||
title = "Text Substitution in Discord using `sed`"
|
title = "Text Substitution in Discord using `sed`"
|
||||||
date = "2021-03-25T18:48:15-05:00"
|
date = "2021-03-25T18:48:15-05:00"
|
||||||
author = "bbaovanc"
|
author = "bbaovanc"
|
||||||
tags = ["discord", "discord-tricks"]
|
tags = ["tutorial", "discord", "discord-tricks"]
|
||||||
keywords = ["discord", "sed", "text", "replacement"]
|
keywords = ["discord", "sed", "text", "replacement"]
|
||||||
|
|
||||||
description = """
|
description = """
|
||||||
@ -12,7 +12,7 @@ Discord has (very primitive) support for text replacement using `sed` syntax.
|
|||||||
showFullContent = false
|
showFullContent = false
|
||||||
+++
|
+++
|
||||||
|
|
||||||
## How-to
|
## Tutorial
|
||||||
|
|
||||||
[Example Video](/blog/media/discord-tricks/sed-text-replacement.mov)
|
[Example Video](/blog/media/discord-tricks/sed-text-replacement.mov)
|
||||||
|
|
||||||
|
@ -1,17 +0,0 @@
|
|||||||
DROP TABLE IF EXISTS db.blog;
|
|
||||||
|
|
||||||
CREATE TABLE db.blog (
|
|
||||||
id INT NOT NULL AUTO_INCREMENT,
|
|
||||||
published DATE NOT NULL,
|
|
||||||
title TEXT NOT NULL,
|
|
||||||
body TEXT NOT NULL,
|
|
||||||
url varchar(2048) NOT NULL,
|
|
||||||
CONSTRAINT id_PK PRIMARY KEY (id)
|
|
||||||
)
|
|
||||||
ENGINE=InnoDB
|
|
||||||
DEFAULT CHARSET=utf8mb4
|
|
||||||
COLLATE=utf8mb4_general_ci;
|
|
||||||
CREATE FULLTEXT INDEX blog_body_IDX ON db.blog (body);
|
|
||||||
|
|
||||||
{{ block "main" .}}
|
|
||||||
{{ end }}
|
|
@ -1,13 +0,0 @@
|
|||||||
{{ define "main" }}
|
|
||||||
{{ range (where .Pages "Section" "ne" "gist") }}
|
|
||||||
{{ range .Pages }}
|
|
||||||
INSERT INTO db.blog (published, title, body, url)
|
|
||||||
VALUES(
|
|
||||||
'{{ .Date.Format "2006-01-02" }}',
|
|
||||||
'{{ plainify .Title }}',
|
|
||||||
'{{ (plainify .Content) }}',
|
|
||||||
'{{ .Permalink }}'
|
|
||||||
);
|
|
||||||
{{ end }}
|
|
||||||
{{ end }}
|
|
||||||
{{ end }}
|
|
15
layouts/partials/comments.html
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{{ $css := resources.Get "css/comments.css" }}
|
||||||
|
{{ $style := $css | resources.Minify }}
|
||||||
|
|
||||||
|
<script defer
|
||||||
|
src="https://commento.bbaovanc.com/js/commento.js"
|
||||||
|
data-page-id="{{ .RelPermalink }}"
|
||||||
|
data-no-fonts="true"
|
||||||
|
data-css-override="{{ $style.Permalink }}">
|
||||||
|
</script>
|
||||||
|
<div id="commento"></div>
|
||||||
|
|
||||||
|
<noscript>
|
||||||
|
<br />
|
||||||
|
<b>Comments are not available when JavaScript is disabled.</b>
|
||||||
|
</noscript>
|
BIN
static/img/apple-touch-icon-192x192.png
Normal file
After Width: | Height: | Size: 4.6 KiB |
Before Width: | Height: | Size: 17 KiB After Width: | Height: | Size: 17 KiB |
Before Width: | Height: | Size: 33 KiB |
BIN
static/media/checkra1n-gui-on-arch-linux.webp
Normal file
After Width: | Height: | Size: 15 KiB |
Before Width: | Height: | Size: 5.8 KiB |
BIN
static/media/discord-tricks/edited-in-middle-of-message.webp
Normal file
After Width: | Height: | Size: 1.5 KiB |