Compare commits
1 Commits
master
...
full-text-
Author | SHA1 | Date | |
---|---|---|---|
2422df5db7 |
41
.drone.yml
@ -1,41 +0,0 @@
|
||||
---
|
||||
kind: pipeline
|
||||
type: docker
|
||||
name: Deploy to bbaovanc.com
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- master
|
||||
event:
|
||||
exclude:
|
||||
- pull_request
|
||||
|
||||
steps:
|
||||
- name: submodules
|
||||
image: alpine/git
|
||||
commands:
|
||||
- git submodule update --init --recursive
|
||||
|
||||
- name: build
|
||||
image: bbaovanc/hugo
|
||||
commands:
|
||||
- hugo version
|
||||
- hugo --minify
|
||||
|
||||
- name: list files
|
||||
image: alpine:latest
|
||||
commands:
|
||||
- find public/
|
||||
|
||||
- name: upload
|
||||
image: appleboy/drone-scp
|
||||
settings:
|
||||
host: bbaovanc.com
|
||||
port: 2222
|
||||
username: droneci
|
||||
key:
|
||||
from_secret: SSH_KEY
|
||||
target: /var/www/bbaovanc/blog/
|
||||
rm: true
|
||||
source: public/
|
||||
strip_components: 1
|
@ -1,22 +0,0 @@
|
||||
.commento-root * {
|
||||
color: white;
|
||||
}
|
||||
|
||||
.commento-root .commento-logged-container .commento-logged-in-as .commento-name,
|
||||
.commento-root .commento-anonymous-checkbox-container input[type="checkbox"] + label {
|
||||
color: rgb(134, 142, 150);
|
||||
}
|
||||
|
||||
.commento-root textarea {
|
||||
border-color: rgba(255, 255, 255, 0.1);
|
||||
background-color: rgba(0, 0, 0, 0);
|
||||
color: white;
|
||||
}
|
||||
|
||||
.commento-root .commento-card {
|
||||
border-top-color: rgba(255, 255, 255, 0.1);
|
||||
}
|
||||
|
||||
.commento-root .commento-dark-card {
|
||||
background-color: rgb(64, 64, 64);
|
||||
}
|
25
config.toml
@ -4,6 +4,17 @@ theme = "terminal"
|
||||
paginate = 5
|
||||
enableGitInfo = true
|
||||
|
||||
[mediaTypes]
|
||||
[mediaTypes."text/sql"]
|
||||
suffixes = ["sql"]
|
||||
|
||||
[outputFormats]
|
||||
[outputFormats.SQL]
|
||||
mediaType = "text/sql"
|
||||
|
||||
[outputs]
|
||||
home = ["sql", "html"]
|
||||
|
||||
# [permalinks]
|
||||
# posts = "/:year/:month/:title/"
|
||||
|
||||
@ -16,7 +27,7 @@ enableGitInfo = true
|
||||
themeColor = "blue"
|
||||
|
||||
# if you set this to 0, only submenu trigger will be visible
|
||||
showMenuItems = 6
|
||||
showMenuItems = 5
|
||||
|
||||
# show selector to switch language
|
||||
showLanguageSelector = false
|
||||
@ -28,7 +39,7 @@ enableGitInfo = true
|
||||
centerTheme = true
|
||||
|
||||
# set a custom favicon (default is a `themeColor` square)
|
||||
favicon = "img/favicon.ico"
|
||||
favicon = "icon/favicon.ico"
|
||||
|
||||
# set post to show the last updated
|
||||
# If you use git, you can set `enableGitInfo` to `true` and then post will automatically get the last updated
|
||||
@ -86,20 +97,14 @@ enableGitInfo = true
|
||||
url = "/posts/index.xml"
|
||||
weight = 30
|
||||
|
||||
[[languages.en.menu.main]]
|
||||
identifier = "email-me"
|
||||
name = "Email Me"
|
||||
url = "mailto:contact@bbaovanc.com"
|
||||
weight = 40
|
||||
|
||||
[[languages.en.menu.main]]
|
||||
identifier = "main-website"
|
||||
name = "Main Website"
|
||||
url = "https://bbaovanc.com/"
|
||||
weight = 50
|
||||
weight = 40
|
||||
|
||||
[[languages.en.menu.main]]
|
||||
identifier = "source-code"
|
||||
name = "Source Code"
|
||||
url = "https://git.bbaovanc.com/bbaovanc.com/blog"
|
||||
weight = 60
|
||||
weight = 50
|
||||
|
@ -14,8 +14,8 @@ toc: true
|
||||
- [Main Site](https://bbaovanc.com/)
|
||||
- [Blog](https://bbaovanc.com/blog/)
|
||||
- [Status Page](https://status.bbaovanc.com/)
|
||||
- [Searx Instance](https://search.bbaovanc.com/) -
|
||||
[source code](https://github.com/BBaoVanC/searx)
|
||||
- [Searx Instance](https://searx.bbaovanc.com/) -
|
||||
[source code](https://github.com/BBaoVanC/searx.bbaovanc.com)
|
||||
- [Gitea Instance](https://git.bbaovanc.com/)
|
||||
|
||||
## My Software
|
||||
|
@ -1,68 +0,0 @@
|
||||
+++
|
||||
title = "Allow Non Root Processes to Bind to Privileged Ports"
|
||||
date = "2021-03-28T20:03:16-05:00"
|
||||
author = "bbaovanc"
|
||||
tags = ["guide", "linux"]
|
||||
keywords = ["linux", "privileged", "ports", "tutorial", "guide", "gitea",
|
||||
"systemd"]
|
||||
|
||||
description = """
|
||||
In Linux, processes cannot bind to privileged ports (<=1024) unless they are
|
||||
running as root. Here's how to allow any process to bind to privileged ports.
|
||||
"""
|
||||
|
||||
showFullContent = false
|
||||
toc = true
|
||||
+++
|
||||
|
||||
## Introduction
|
||||
|
||||
In Linux, processes cannot bind to privileged ports (<=1024) unless they are
|
||||
running as root. I learned about this when I was trying to add SSH cloning to my
|
||||
[Gitea](https://gitea.io) instance. This can be bypassed by giving
|
||||
`CAP_NET_BIND_SERVICE` capabilities to either the systemd service, or the
|
||||
executable itself.
|
||||
|
||||
## Giving `CAP_NET_BIND_SERVICE` capabilities
|
||||
|
||||
### Using systemd (preferred)
|
||||
|
||||
The best way is to tell systemd to give `CAP_NET_BIND_SERVICE`
|
||||
capabilities to the service. In fact, the Gitea systemd service has two
|
||||
lines[^1] that are commented out:
|
||||
|
||||
```systemd
|
||||
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
|
||||
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||
```
|
||||
|
||||
Uncommenting these two lines was all I had to do for Gitea.
|
||||
|
||||
### Using `setcap`
|
||||
|
||||
You can add `CAP_NET_BIND_SERVICE` to the executable directly using `setcap`,
|
||||
allowing it to bind to any port. Run the following command[^2]:
|
||||
|
||||
```bash
|
||||
setcap 'cap_net_bind_service=+ep' /path/to/program
|
||||
```
|
||||
|
||||
Note that this means that anyone with permission to run this program will be
|
||||
able to run it and bind to any privileged ports.
|
||||
|
||||
Other caveats[^2]:
|
||||
|
||||
> 1. You will need at least a 2.6.24 kernel
|
||||
> 2. This won't work if your file is a script. (ie, uses a #! line to launch an
|
||||
> interpreter). In this case, as far I as understand, you'd have to apply the
|
||||
> capability to the interpreter executable itself, which of course is a
|
||||
> security nightmare, since any program using that interpreter will have the
|
||||
> capability. I wasn't able to find any clean, easy way to work around this
|
||||
> problem.
|
||||
> 3. Linux will disable LD\_LIBRARY\_PATH on any program that has elevated
|
||||
> privileges like setcap or suid. So if your program uses its own .../lib/,
|
||||
> you might have to look into another option like port forwarding.
|
||||
|
||||
[^1]: https://github.com/go-gitea/gitea/blob/3416e2a82586fca4cd452b93237b979300f55d62/contrib/systemd/gitea.service#L69
|
||||
and https://stackoverflow.com/a/47065825
|
||||
[^2]: https://stackoverflow.com/a/414258
|
@ -2,8 +2,8 @@
|
||||
title = "Checkra1n GUI on Other Distros"
|
||||
date = "2021-03-25T21:19:51-05:00"
|
||||
author = "bbaovanc"
|
||||
cover = "media/checkra1n-gui-on-arch-linux.webp"
|
||||
tags = ["guide", "linux", "archlinux", "jailbreak", "checkra1n"]
|
||||
cover = "/blog/media/checkra1n-gui-on-arch-linux.png"
|
||||
tags = ["linux", "archlinux", "jailbreak", "checkra1n"]
|
||||
keywords = ["checkra1n", "gui", "linux", "arch linux"]
|
||||
|
||||
description = """
|
||||
|
@ -2,8 +2,8 @@
|
||||
title = "Put (edited) in the middle of a message in Discord"
|
||||
date = "2021-03-25T18:48:34-05:00"
|
||||
author = "bbaovanc"
|
||||
cover = "media/discord-tricks/edited-in-middle-of-message.webp"
|
||||
tags = ["tutorial", "discord", "discord-tricks"]
|
||||
cover = "media/discord-tricks/edited-in-middle-of-message.png"
|
||||
tags = ["discord", "discord-tricks"]
|
||||
keywords = ["discord", "edited"]
|
||||
|
||||
description = """
|
||||
|
@ -1,36 +0,0 @@
|
||||
+++
|
||||
title = "New Comment System (again)"
|
||||
date = "2021-04-17T00:08:30-05:00"
|
||||
author = "bbaovanc"
|
||||
tags = ["announcement", "hugo", "blog"]
|
||||
keywords = ["hugo", "comment system", "blog", "commento"]
|
||||
|
||||
description = """
|
||||
I decided to switch my comment system from Isso to
|
||||
[Commento](https://www.commento.io/)
|
||||
"""
|
||||
|
||||
showFullContent = false
|
||||
+++
|
||||
|
||||
## Isso vs Commento
|
||||
|
||||
I know it's only been six days since I added Isso, but I decided to switch to a
|
||||
better comment system. Isso is meant to be simple, which means that it's missing
|
||||
a lot of features. Commento has a lot of features such as sticky (pinned)
|
||||
comments, spam detection, thread locking, email notifications (I couldn't get
|
||||
this working on Isso), and a nicer design. I also was able to write some
|
||||
[custom CSS rules][1] which make it look alright on my blog's theme. It also
|
||||
supports SSO, so I might add support for signing up with GitHub, and possibly
|
||||
GitLab.
|
||||
|
||||
## Summary of the [first post]({{< ref "/posts/new-comment-system" >}})
|
||||
|
||||
If you haven't read the
|
||||
[New Comment System]({{< ref "/posts/new-comment-system" >}}) post, here's the
|
||||
most important information. There's a comment section at the bottom of each post
|
||||
where you can view and post comments. You can post anonymously, or create an
|
||||
account so you can show your username and get email notifications. You can also
|
||||
upvote, downvote, and reply to other comments.
|
||||
|
||||
[1]: https://git.bbaovanc.com/bbaovanc.com/blog/src/commit/478e15218313a33216d361de387b3bd878cd0ba6/assets/css/comments.css
|
@ -1,39 +0,0 @@
|
||||
+++
|
||||
title = "New Comment System"
|
||||
date = "2021-04-11T00:17:13-05:00"
|
||||
author = "bbaovanc"
|
||||
tags = ["announcement", "hugo", "blog"]
|
||||
keywords = ["hugo", "comment system", "blog", "isso"]
|
||||
|
||||
description = """
|
||||
I added a comment system to my blog, using [Isso](https://posativ.org/isso/).
|
||||
"""
|
||||
|
||||
showFullContent = false
|
||||
toc = true
|
||||
+++
|
||||
|
||||
## About
|
||||
|
||||
I set up a comment system named [Isso](https://posativ.org/isso/) on my blog
|
||||
today. At the bottom of each blog post, there's a comment section. You don't
|
||||
need to sign up with an account or sign in with Google, Facebook, none of that
|
||||
junk. You can comment anonymously, or provide any of the following three fields:
|
||||
name, email address, and website, which will be shown to other people viewing
|
||||
your comment. I'm going off of the assumption that no one cares/is malicious
|
||||
enough to spam my comment sections.
|
||||
|
||||
## Known Issues
|
||||
|
||||
### Editing and deleting not working
|
||||
|
||||
You're supposed to be able to edit and delete comments up to 15 minutes after
|
||||
posting them. As of now, that doesn't seem to be working; the request just
|
||||
returns 403 (forbidden).
|
||||
|
||||
### White text on white background when previewing comment
|
||||
|
||||
This is a CSS related issue. This was also happening when editing/writing a
|
||||
comment, but I edited it so the edit box has black text. I think a better fix is
|
||||
to make the new comment form have a dark background, but I'll deal with that
|
||||
later.
|
@ -2,7 +2,7 @@
|
||||
title = "Text Substitution in Discord using `sed`"
|
||||
date = "2021-03-25T18:48:15-05:00"
|
||||
author = "bbaovanc"
|
||||
tags = ["tutorial", "discord", "discord-tricks"]
|
||||
tags = ["discord", "discord-tricks"]
|
||||
keywords = ["discord", "sed", "text", "replacement"]
|
||||
|
||||
description = """
|
||||
@ -12,7 +12,7 @@ Discord has (very primitive) support for text replacement using `sed` syntax.
|
||||
showFullContent = false
|
||||
+++
|
||||
|
||||
## Tutorial
|
||||
## How-to
|
||||
|
||||
[Example Video](/blog/media/discord-tricks/sed-text-replacement.mov)
|
||||
|
||||
|
17
layouts/_default/baseof.sql.sql
Normal file
@ -0,0 +1,17 @@
|
||||
DROP TABLE IF EXISTS db.blog;
|
||||
|
||||
CREATE TABLE db.blog (
|
||||
id INT NOT NULL AUTO_INCREMENT,
|
||||
published DATE NOT NULL,
|
||||
title TEXT NOT NULL,
|
||||
body TEXT NOT NULL,
|
||||
url varchar(2048) NOT NULL,
|
||||
CONSTRAINT id_PK PRIMARY KEY (id)
|
||||
)
|
||||
ENGINE=InnoDB
|
||||
DEFAULT CHARSET=utf8mb4
|
||||
COLLATE=utf8mb4_general_ci;
|
||||
CREATE FULLTEXT INDEX blog_body_IDX ON db.blog (body);
|
||||
|
||||
{{ block "main" .}}
|
||||
{{ end }}
|
13
layouts/_default/home.sql.sql
Normal file
@ -0,0 +1,13 @@
|
||||
{{ define "main" }}
|
||||
{{ range (where .Pages "Section" "ne" "gist") }}
|
||||
{{ range .Pages }}
|
||||
INSERT INTO db.blog (published, title, body, url)
|
||||
VALUES(
|
||||
'{{ .Date.Format "2006-01-02" }}',
|
||||
'{{ plainify .Title }}',
|
||||
'{{ (plainify .Content) }}',
|
||||
'{{ .Permalink }}'
|
||||
);
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
{{ end }}
|
@ -1,15 +0,0 @@
|
||||
{{ $css := resources.Get "css/comments.css" }}
|
||||
{{ $style := $css | resources.Minify }}
|
||||
|
||||
<script defer
|
||||
src="https://commento.bbaovanc.com/js/commento.js"
|
||||
data-page-id="{{ .RelPermalink }}"
|
||||
data-no-fonts="true"
|
||||
data-css-override="{{ $style.Permalink }}">
|
||||
</script>
|
||||
<div id="commento"></div>
|
||||
|
||||
<noscript>
|
||||
<br />
|
||||
<b>Comments are not available when JavaScript is disabled.</b>
|
||||
</noscript>
|
Before Width: | Height: | Size: 17 KiB After Width: | Height: | Size: 17 KiB |
Before Width: | Height: | Size: 4.6 KiB |
BIN
static/media/checkra1n-gui-on-arch-linux.png
Normal file
After Width: | Height: | Size: 33 KiB |
Before Width: | Height: | Size: 15 KiB |
BIN
static/media/discord-tricks/edited-in-middle-of-message.png
Normal file
After Width: | Height: | Size: 5.8 KiB |
Before Width: | Height: | Size: 1.5 KiB |