1
0
mirror of https://github.com/kirsle/kirsle.net synced 2024-12-04 22:49:28 +00:00

Latest site templates

This commit is contained in:
Noah 2019-05-17 03:36:39 +00:00
parent 4b20de4e3e
commit 4d9cad5b41
11 changed files with 492 additions and 272 deletions

View File

@ -95,6 +95,7 @@
<ul class="list-unstyled">
<li>&#0187; <a href="/">Homepage</a> <small>(<a href="/blog.rss">RSS</a>/<a href="/blog.atom">Atom</a>)</small></li>
<li>&#0187; <a href="/about">About Me</a></li>
<li>&#0187; <a href="/ask">Ask Me Anything</a></li>
<!-- <li>&#0187; <a href="/photos/albums">Photo Albums</a></li> -->
<li>&#0187; <a href="/current-projects">Current Projects</a></li>
<li>&#0187; <a href="/wiki/Main-Page">My Wiki</a></li>

View File

@ -12,6 +12,9 @@ These are the personal projects I'm currently working on.
### Open Source
* [sonar](https://git.kirsle.net/apps/sonar) is an alarm clock program that plays
a folder of random music. Mine currently wakes me up to speeches from the
philosopher [Alan Watts](https://www.youtube.com/watch?v=y_I3Iqx8GY0&list=PLX5WbxWCSYilmAemBeEqz-zBqbcEF62w_).
* [kirsle/blog](https://github.com/kirsle/blog): the Go software that currently
powers the back-end of kirsle.net.
* [rivescript-js](https://github.com/aichaos/rivescript-js): the JavaScript port

View File

@ -51,8 +51,8 @@ with VirtualBox's emulated hardware. Drivers include:
<h1>Comments</h1>
For tips, tricks, or to leave comments, see the relevant blog post "<a href="/blog/kirsle/ms-dos-and-windows-3-1">MS-DOS and Windows 3.1</a>". The comments on that blog post are shared to this page as well (so comments on either page show up in both places).<p>
For tips, tricks, or to leave comments, see the relevant blog post "<a href="/ms-dos-and-windows-3-1">MS-DOS and Windows 3.1</a>". The comments on that blog post are shared to this page as well (so comments on either page show up in both places).<p>
{{ RenderComments "MS-DOS" "post-42" }}
{{ RenderComments .Request "MS-DOS" "post" "42" }}
{{ end }}

View File

@ -5,6 +5,7 @@ corporations over the years.
* [Chick-fil-A](#chick-fil-a)
* [Cisco](#cisco)
* [Facebook](#facebook)
* [Symantec](#symantec)
---
@ -45,12 +46,29 @@ entire career in tech.
>
> — [Tom's Hardware](https://www.tomshardware.com/news/cisco-backdoor-hardcoded-accounts-software,37480.html)
* [Cisco: We've killed another critical hard-coded root password bug, patch urgently](https://www.zdnet.com/google-amp/article/cisco-weve-killed-another-critical-hard-coded-root-password-bug-patch-urgently/) (Sept 2018) — this makes what, six now in 2018?
* [Backdoors Keep Appearing in Cisco's Routers](https://www.tomshardware.com/news/cisco-backdoor-hardcoded-accounts-software,37480.html) (July 2018) —
five backdoors discovered in five months in 2018.
* [Cisco Removes Backdoor Account, Fourth in the Last Four Months](https://www.bleepingcomputer.com/news/security/cisco-removes-backdoor-account-fourth-in-the-last-four-months/) (June 2018)
* [Cisco fixes hard-coded password 'backdoor' flaw in Wi-Fi access points](https://www.zdnet.com/article/cisco-fixes-wi-fi-access-points-with-hard-coded-backdoor-access/) (2016)
* [Malicious Cisco router backdoor found on 79 more devices, 25 in the US](https://arstechnica.com/information-technology/2015/09/malicious-cisco-router-backdoor-found-on-79-more-devices-25-in-the-us/) (2015) — Security researchers discovered a hidden "knock sequence" that allowed remote access to the Cisco routers. When confronted, Cisco "fixed" the problem by shuffling the knock sequence around. The security researches discovered the new sequence again because *of course they did.*
# Facebook
Facebook has been having a really bad 2018 since the Cambridge Analytica scandal began.
Only started collecting links here 12/6/18, needs some backfilling.
* [Facebook accused of striking 'secret deals over user data' - BBC News](https://www.bbc.com/news/technology-46456695) leaked internal exec emails about their purposefully privacy-infringing business practices.
* Allowed some companies to retain full access to users' friends' data, *even after* closing the general privacy hole in 2014/2015 as related to the Cambridge Analytica leaks.
* They were aware the Android permission change to log users' call and text history *would be controversial* before they even launched it, and purposefully directed users attention away from the feature.
> Michael LeBeau (Facebook product manager):
>
> "As you know all the growth team is planning on shipping a permissions update on Android at the end of this month. They are going to include the 'read call log' permission... This is a pretty high-risk thing to do from a PR perspective but it appears that the growth team will charge ahead and do it...[The danger is] screenshot of the scary Android permissions screen becomes a meme (as it has in the past), propagates around the web, it gets press attention, and enterprising journalists dig into what exactly the new update is requesting, then write stories about "Facebook uses new Android update to pry into your private life in ever more terrifying ways".
* [As Facebook Raised a Privacy Wall, It Carved an Opening for Tech Giants](https://www.nytimes.com/2018/12/18/technology/facebook-privacy.html) (NY Times) "Facebook allowed Microsofts Bing search engine to see the names of virtually all Facebook users friends without consent, the records show, and gave Netflix and Spotify the ability to read Facebook users private messages."
* Non-NY Times article: [Facebook let tons of companies get info about you, including Amazon, Netflix, and Microsoft](https://www.cnbc.com/2018/12/19/facebook-gave-amazon-microsoft-netflix-special-access-to-data-nyt.html) (CNBC)
# Symantec
[Symantec](https://www.symantec.com/) is a security company most known for

View File

@ -80,6 +80,7 @@
* [2D Game Art for Programmers](http://www.2dgameartguru.com/) — Guides on vector art using Inkscape, GIMP &amp; co.
* [Developer's **Music Making** Guide](http://ruoyusun.com/2017/08/29/make-some-music.html)
* [Tips for Building Mobile Games in HTML5](https://thomashunter.name/blog/tips-for-building-mobile-games-in-html5/)
* [256-Color VGA Programming in DOS](http://www.brackeen.com/vga/) — tutorial and guide for building DOS programs and their low-level direct memory access to VGA graphics.
* Tools
* [Game Mechanic Explorer](https://gamemechanicexplorer.com/) — Interactive demos and code samples for common game mechanics.
* [GifCam](http://blog.bahraniapps.com/gifcam/) — Like FRAPS, to make gifs from your games
@ -121,6 +122,7 @@
* [JavaScript Module Pattern: In-Depth](http://www.adequatelygood.com/JavaScript-Module-Pattern-In-Depth.html) — How to write self-contained JavaScript modules in raw ES5.
* [Deploying ES2015+ Code in Production Today](https://philipwalton.com/articles/deploying-es2015-code-in-production-today/) — Using `<script type="module">` and `<script nomodule>` to ship native ES6 code to the browser, with pre-browserified fallback for legacy users.
* [A JavaScript-Free Frontend](https://dev.to/winduptoy/a-javascript-free-frontend-2d3e) — Modals, drop-downs and other <abbr title="Single Page App">SPA</abbr> features in pure HTML and CSS without JavaScript.
## PHP

View File

@ -41,8 +41,11 @@ sub-pages when this list gets too long.
* [NSA](#nsa) — Stories of the NSA, Edward Snowden, and related OpSec topics.
* [Philosophy](#philosophy)
* [DP/DR](#dp-dr) — Depersonalization/derealization.
* [Politics](#politics)
* [Privacy](#privacy)
* [Short Stories](#short-stories)
* [Spirituality](#spirituality)
* [Gnostic](#gnostic)
* [Reddit](#reddit) — Miscellaneous cool Reddit threads and comments.
# Gaming
@ -134,6 +137,10 @@ in nature so I categorize these links as a sub-genre of [Philosophy](#philosophy
* [Alan Watts Proves You Don't Exist](https://www.youtube.com/watch?v=vNKOUhx-7qk)
* [Alan Watts - Are you ready to 'wake up'?](https://www.youtube.com/watch?v=YFzeCv_WFnY)
# Politics
* [Voting lines between Democrats and Republicans on many key issues](https://np.reddit.com/r/technology/comments/6pc5qu/democrats_propose_rules_to_break_up_broadband/dkon8t4/) — and they say both sides are the same. Republicans and Democrats voted polar opposites (-100%...+100%) on many key controversial issues like Net Neutrality, economy/jobs, "war on terror", civil rights, family planning and environmentalism.
# Privacy
This topic has some overlap with my [NSA](#nsa) category; check those links too.
@ -152,6 +159,16 @@ This topic has some overlap with my [NSA](#nsa) category; check those links too.
* [The Machine](http://existentialcomics.com/comic/1) — A webcomic about teleporters and whether they murder &amp; re-materialize their users.
* [25 Lives](https://s2b2.livejournal.com/142934.html) — A touching webcomic about reincarnation.
# Spirituality
## Gnostic
* **The origin story:** because the book of Genesis is just a fraction of the full story.
Gnostic readings that were recommended to me:
1. [On the Origin of the World](http://www.gnosis.org/naghamm/origin.html)
2. [The Hypostasis of the Archons](http://www.gnosis.org/naghamm/hypostas.html)
3. [The Apocryphon of John](http://www.gnosis.org/naghamm/apocjn.html)
# Reddit
* [Surprise psychology on *What is the most cynical thing you honestly believe?*](https://www.reddit.com/r/AskReddit/comments/19hfj3/what_is_the_most_cynical_thing_you_honestly/c8o44w2/)

11
www/wiki/C&C.md Normal file
View File

@ -0,0 +1,11 @@
# C&C Topics
* [ ] Walk through setting up my [home cloud server](/wiki/Self-Hosting) for a
high-level crash course on what all that looks like.
* [ ] Teach about `git` and `git-svn` and deploying code to a server with git hooks.
* [ ] Network security and VPNs and such
* What coffee shop WiFi hackers can do and how to evade that
* [ ] Tour of Linux desktop environments (GNOME, KDE, Xfce, Cinnamon, MATE, Lxde)
* [ ] In-depth how the Domain Name System works, `/etc/hosts`, PiHole
* [ ] In-depth how e-mail systems work
* [x] SMTP servers (connect directly to one and spoof an e-mail)

View File

@ -1,259 +0,0 @@
# Ideas
## Table of Contents
* [Major Milestones](#major-milestones)
* [File Formats](#file-formats)
* [Text Console](#text-console)
* [Doodads](#doodads)
# Major Milestones
The major milestones of the game are roughly:
* Prototype: make a simple SDL painting program that does nothing special.
* Simple Platformer: be able to toggle between "edit mode" and "play mode"
and control a character who can walk around your level and bump into the
solid geometry you've drawn (no objects yet, just the basics here).
* Add Doodads (buttons, doors, the player character themself, enemies, ...)
* Share a lot in common with map drawings, in that they're hand-drawn, will
share a similar file format.
* Available doodads can be dragged/dropped into maps.
* The player character should be a Doodad under the hood to keep it from
becoming too special (read: easier to make the game multiplayer in the
future by putting a "networked user" in control of a doodad instead of
the keyboard/mouse).
* **Version 1:** Single Player Campaign and Editor. This is the minimum
feature set for a first public release of the game. Required features:
* The game should ship with a single-player "campaign mode" of pre-made maps
that link to one another in sequence. i.e. 100 levels that the player can
play through in a certain order.
* It must include the level editor feature so players can create and share
their own maps.
* Dev tools may be clunky to use at this stage; i.e. players creating custom
Doodads will need to use external tools outside the game (i.e. code editors
to program the JavaScript logic of the doodad), but everything should be
available and possible for modders to extend the game with custom features.
* Game should have a good mixture of doodads and features: doors, buttons,
switches, etc. and make a usable single player experience.
* World sizes might be limited in dimension.
* **Version 2:** Multiplayer Collaborative World Builder. This is a
"pie in the sky" long-term vision for the game, to make it multiplayer,
hopefully addicting, and possibly slightly Minecraft-like. Some ideas:
* Players can self-host their own multiplayer servers to draw worlds with
friends.
* A new server would initialize as a blank white level with maybe a single
platform (a line) for players to spawn on.
* Gameplay is a mixture of players drawing the world and playing on it.
* i.e.: one player could be drawing himself a castle and, as he's drawing,
another player could be walking on the lines being laid down, etc.
* World size should be infinite.
* Besides creative mode, other game modes should be explored eventually...
* Automatically-spawning enemy doodads that you have to fight?
* Procedurally generated default maps? Having a blank white canvas is
sorta like Superflat worlds in Minecraft, whereas normal Minecraft worlds
come with randomly generated terrain to start from.
* Find a way to incorporate drawing into a survival mode game? i.e. instead
of a "Creative Mode" style, "unlimited ink to draw as much as you want,"
have some natural limiter where players have to spend time in Play Mode
to be able to change the map.
# File Formats
* The file formats should eventually have a **Protocol Buffers** binary
representation before we go live. JSON support shall remain, but the
production application will not _write_ JSON files, only read them.
(This way we can ship drawings in the git repo as text files).
## Common Drawing Files
* A common base format should be shared between Levels and Doodads. You should
be able to use the Editor mode and draw a map *or* draw a doodad like a
button. The drawing data should be a common structure between Level and
Doodad files.
* The drawing is separated between a **Palette** and the **Pixels**
themselves. The Pixels reference the Palette values and their X,Y
coordinate.
* The _color_ and the _behavior_ of the palette are decoupled.
* In the base game, all the solid lines you draw may be black and red
lines are fire, but these aren't hard and fast rules. You could hack a
custom map file that makes black lines fire and red lines water if
you wanted.
* The Palette in the map file stores the attributes and colors of each
distinct type of pixel used in the map. Here it says "color 0 is
black and is solid", "color 1 is red and is fire and is not solid",
etc.
* A mod tool could be written to produce a full-color pixel art level
that still behaves and follows the normal rules of the Doodle game
with regards to geometry and collisions.
* Ideas for pixel attributes:
* Brush: what shape brush to draw the pixel with.
* Solid: can't collide with other solid pixels.
* Fire: applies fire damage to doodads that intersect with it.
* Water: If a doodad passes through a blue pixel, they toggle their
underwater physics. This way pools can be entered from ANY side (top,
bottom, sides) and the physics should toggle on and off.
* Slippery: when a doodad is standing on a slippery pixel, do some extra
checks to find a slope and slide the doodad down it. Makes the pixels
act like ice.
* Standard palette:
* The base game's map editor will tend toward hand-drawn style, at least
at first.
* Black lines are solid.
* Dashed black lines are slippery.
* Red lines are fire.
* Blue lines are water.
* Light grey lines are decoration (non solid, background geometry)
* May make it possible to choose arbitrary colors separately from the
type of pixel. A palette manager UX would be great.
## Level Files
* In the level file, store the `pixelHistory` as the definitive source
of pixels rather than the grid of pixels. Let the grid be populated when
the level is being inflated. The grid should have `json:"-"` so it doesn't
serialize to the JSON.
* This makes it possible to animate levels as they load -- by
fast-tracing the original lines that the mapper drew, watching them draw
the map before you play it.
* Makes the file _slightly_ lighter weight because a lot of lines will have
delta positions in the pixelHistory so we don't need to store the middle
pixels.
* It should have space to store copies of any custom Doodads that the user
wants to export with the level file itself, for easy sharing.
* It should have space to store a custom background image.
# Text Console
* Create a rudimentary dev console for entering text commands in-game. It
will be helpful until we get a proper UI developed.
* The `~` key would open the console.
* Draw the console on the bottom of the screen. Show maybe 6 lines of
output history (a `[]string` slice) and the command prompt on the
bottom.
* Ideas for console commands:
* `save <filename.json>` to save the drawing to disk.
* `open <filename.json>`
* `clear` to clear the drawing.
* Make the console scriptable so it can be used as a prompt, in the mean
time before we get a UI.
* Example: the key binding `Ctrl-S` would be used to save the current
drawing, and we want to ask the user for a file name. There is no UI
toolkit yet to draw a popup window or anything.
* It could be like `console.Prompt("Filename:")` and it would force open
the text console (if it wasn't already open) and the command prompt would
have that question... and have a callback command to run, like
`save <filename.json>` using their answer.
# Doodads
Doodads will be the draggable, droppable, scriptable assets that make the
mazes interactive.
* They'll need to store multiple frames, for animations or varying states.
Example: door opening, button being pressed, switch toggled on or off.
* They'll need a scripting engine to make them interactive. Authoring the
scripts can be done externally of the game itself.
* The built-in doodads should be scripted the same way as custom doodads,
dogfooding the system.
* Custom doodads will be allowed to bundle with a level file for easy
shipping.
* Installing new doodads from a level file could be possible too.
* Doodads within a level file all have a unique ID, probably just an
integer. Could be just their array index even.
Some ideas for doodad attributes:
* Name (string)
* Frames (drawings, like levels)
Doodad instances in level files would have these attributes:
* ID (int)
* X,Y coordinates
* Target (optional int; doodad ID):
* For buttons and switches and things. The target would be another
doodad that can be interacted with.
* Self-contained doodads, like trapdoors, won't have a Target.
* Powered (bool)
* Default `false` and most things won't care.
* A Button would be default `false` until pressed, then it's `true`
* A Switch is `true` if On or `false` if Off
* A Door is `true` if Open and `false` if Closed
* So when a switch is turned on and it opens a door by pushing a `true`
state to the door... this is the underlying system.
## Scripting
* Probably use Otto for a pure Go JavaScript runtime, to avoid a whole world
of hurt.
* Be able to register basic event callbacks like:
* On load (to initialize any state if needed)
* On visible (for when we support scrolling levels)
* On collision with another doodad or the player character
* On interaction (player hits a "Use" button, as if to toggle a switch)
* Doodads should be able to pass each other messages by ID.
* Example: a Button should be able to tell a Door to open because the
button has been pressed by another doodad or the player character.
Some ideas for API features that should be available to scripts:
* Change the direction and strength of gravity (i.e. Antigravity Boots).
* Teleport the player doodad to an absolute or relative coordinate.
* Summon additional doodads at some coordinate.
* Add and remove items from the player's inventory.
## Ideas for Doodads
Some specific ideas for doodads that should be in the maze game, and what
sorts of scripting features they might need:
* Items (class)
* A class of doodad that is "picked up" when touched by the player
character and placed into their inventory.
* Scriptable hooks can still apply, callback ideas:
* On enter inventory
* On leave inventory
* Example: Gravity Boots could be scripted to invert the global gravity
when the item enters your inventory until you drop the boots.
* Some attribute ideas:
* Undroppable: player can't remove the item from their inventory.
* Item ideas to start with:
* Keys to open doors (these would just be mere collectables)
* Antigravity Boots (scripted to mess with gravity)
* Buttons
* At least 2 frames: pressed and not pressed.
* Needs to associate with a door or something that works with buttons.
* On collision with a doodad or player character: send a notification to
its associated Door that it should open. (`Powered: true`)
* When collision ends, button and its door become unpowered.
* Sticky Buttons
* Buttons that only become `true` once. They stick "On" when activated
for the first time.
* Once pressed they can't be unpressed. However, there's nothing stopping
a switch from targeting a sticky button, so when the switch is turned off
the sticky button turns off too.
* Switches
* Like a button. On=`true` and Off=`false`
* 2 frames for the On and Off position.
* On "use" by the player, toggle the switch and notify the door of the new
boolean value.
* It would invert the value of the target, not just make it match the
value of the switch. i.e. if the switch is `false` and the door is
already open (`true`), making the switch `true` closes the door.
* Powered Doors
* Can only be opened when powered.
* 2 frames of animation: open and closed.
* A switch or button must target the door as a way to open/close it.
* Locked Doors
* Requires a key item to be in the player's inventory.
* On collision with the player: if they have the key, the door toggles to
its `true` powered state (open) and stays open.
* The door takes the key from the player's inventory when opened.
* Trapdoors
* One-way doors that close behind you.
* Can be placed horizontally: a doodad falling from above should cause
the door to swing open (provided it's a downward-only door) and fall
through.
* Can be placed vertically and acts as a one-way door.
* Needs several frames of animation.

View File

@ -2,25 +2,113 @@
Notes on running Fedora Linux on a Macbook (Air 2015).
# What Doesn't Work
Updated September 19, 2018 on Fedora 28 (Xfce Desktop).
Most functionality works out of the box: media keys on the keyboard (keyboard backlight brightness, playback keys, volume control).
# What Works?
Things that don't work: monitor backlight brightness keys (the keyboard brightness DOES work, though) and the Facetime HD camera, which identifies itself as a PCI device rather than USB and there are no generic webcam drivers for Linux that can work with a PCI webcam.
Most functionality works out of the box. The function keys to control the display
brightness, keyboard backlight brightness, and media playback control all work
fine. The keys for Mission Control and Dashboard are recognized by X11 as keys
named `XF86LaunchA` and `XF86LaunchB` respectively, and could be bound to custom
application shortcuts or whatever.
For example I bound the Dashboard key to `xfdashboard` which gives me a GNOME 3
like overview of my desktop that I'll probably never use.
* Function keys: all supported
* Suspend and Hibernate: works, but Xfce desktop gets confused if you use "suspend when the laptop lid is closed" and enters a suspend-wakeup-suspend cycle; but manual suspending is fine.
* Bluetooth: recognized but audio quality is flaky
* WiFi: with proprietary Broadcom `wl` driver
* Camera: doesn't work, but see below.
* SD Card Reader: works
* External Display: works
## WiFi
The WiFi chip in the Macbook Air is a Broadcom device that uses the `wl` driver.
It's easily available from RPMFusion via the `akmod-wl` package and then you
never need to worry about it again.
Use a USB to Ethernet adapter or use USB tethering from your mobile phone to
download the `wl` driver.
# What Doesn't Work?
## FaceTime HD Camera
The webcam on the Macbook is a strange device because it's registered on the
motherboard as a PCIe device rather than USB like what most laptop webcams are.
There are generic USB video drivers that work for all USB cameras but there
aren't generic PCIe drivers because PCIe cameras are rare.
I found [this project](https://github.com/patjak/bcwc_pcie) for a Linux driver
that gets the camera to work, but I haven't tested it.
## Bluetooth is flakey
The Bluetooth quality is pretty bad, with audio lagging and hanging and
disconnecting a lot. I haven't tried other kinds of Bluetooth functionality.
Inserting a USB Bluetooth adapter caused the system to prioritize that device
over the built-in which worked around any audio problems.
# Installation/Boot
Make a Fedora USB stick like usual. Hold Option when booting the Macbook and choose the Fedora Media from USB to boot.
Make a Fedora USB stick like usual. Hold Option when booting the Macbook and
choose the Fedora Media from USB to boot.
I found that rEFIt/rEFInd are no longer necessary when installing Fedora. Just free up some partition space and allow Fedora to automatically create a partition layout, and it sets up a /boot/efi HFS+ partition automatically to make the OS bootable. Manual instructions for this are available for Debian and Arch, etc.
I found that rEFIt/rEFInd are no longer necessary when installing Fedora.
Just free up some partition space and allow Fedora to automatically create a
partition layout, and it sets up a /boot/efi HFS+ partition automatically to
make the OS bootable. Manual instructions for this are available for Debian
and Arch, etc.
GRUB installs itself and things work just like any other PC. In Fedora (as of v22), the GRUB menu lists a couple entries for Mac OS X (32-bit and 64-bit) but neither one works. Booting Fedora works though.
GRUB installs itself and things work just like any other PC. In Fedora
(as of v22), the GRUB menu lists a couple entries for Mac OS X (32-bit
and 64-bit) but neither one works. Booting Fedora works though.
To boot OS X, hold down the Option key during boot and pick OS X from the firmware bootloader. If you want OS X to be the default OS you can pick it as the System Disk from within OS X's settings. In this case, to boot Linux you'd hold Option on boot and choose Fedora, which takes you to GRUB and then you boot Fedora from there.
To boot OS X, hold down the Option key during boot and pick OS X from the
firmware bootloader. If you want OS X to be the default OS you can pick it
as the System Disk from within OS X's settings. In this case, to boot Linux
you'd hold Option on boot and choose Fedora, which takes you to GRUB and then
you boot Fedora from there.
# Backlight Brightness
See <http://sh.kirsle.net/mb-brightness> for this. The keyboard brightness keys (in Xfce at least) don't work; they show a brightness graph but the actual brightness doesn't change. This script uses root to write brightness values to files in /sys.
When I first started running Fedora on my Macbook it was Fedora 22 and the
display backlight keys didn't work, so I wrote a script to do this the hard
way. The script may still be useful if this problem comes back again.
See <https://sh.kirsle.net/mb-brightness> for this. The keyboard brightness
keys (in Xfce at least) don't work; they show a brightness graph but the
actual brightness doesn't change. This script uses root to write brightness
values to files in /sys.
In case that link stops working, it basically manipulates values in these two
files (writable only to root):
```
BRIGHTNESS = "/sys/class/backlight/intel_backlight/brightness"
MAX_BRIGHTNESS = "/sys/class/backlight/intel_backlight/max_brightness"
```
`MAX_BRIGHTNESS` has some arbitrary value like `2777` and you just write a
number between 0 and `MAX_BRIGHTNESS` into the other file.
```bash
# to set the display to 50% brightness, you get the max brightness
$ cat /sys/class/backlight/intel_backlight/max_brightness
2777
# divide it in half
$ perl -E 'say 2777 / 2'
1388.5
# write that into the brightness file
$ echo 1388 | sudo tee /sys/class/backlight/intel_backlight/brightness
```
# Battery Saving
@ -56,8 +144,8 @@ Create a shell script at `/etc/rc.d/rc.local` with the commands below for the fe
```bash
#!/bin/bash
echo 0 | sudo tee /sys/module/hid_apple/parameters/iso_layout
echo 1 | sudo tee /sys/module/hid_apple/parameters/swap_opt_cmd
echo 0 | tee /sys/module/hid_apple/parameters/iso_layout
echo 1 | tee /sys/module/hid_apple/parameters/swap_opt_cmd
```
Make the script executable (`sudo chmod 0755 /etc/rc.d/rc.local`) and reboot.

View File

@ -21,8 +21,9 @@ See [the index](/wiki/_pages) for the list of all available pages in this wiki.
* [Built with RiveScript](/wiki/Built-with-RiveScript) - Collection of known RiveScript projects
* [Protocol Buffers Protocol](/wiki/Protocol-Buffers-Protocol)
* [Optimize RiveScript](/wiki/Optimize-RiveScript) - So it can support Alice-sized brains
* [Self Hosting](/wiki/Self-Hosting) - Own your own data + how well Android works in 2018 without Google.
# Personal Reference
* [Bookmarks](/wiki/Bookmarks) - Pages I found interesting
* [Publishing RiveScript Modules](/wiki/Publishing-RiveScript-Modules)
* [Publishing RiveScript Modules](/wiki/Publishing-RiveScript-Modules)

338
www/wiki/Self-Hosting.md Normal file
View File

@ -0,0 +1,338 @@
# Self Hosting
These are my notes from an experiment with running a bunch of self-hosted
cloud services, and to see how well Android works in 2018 without Google
services.
My device is a Nexus 7 (2013) w/ LTE (Project Fi) running Lineage OS 14.1
(Android 7) without Google Play Services installed. My server is running
Debian 9 (Stretch).
Later on when my Nexus 7's screen took some physical damage and stopped working,
I re-ran this experiment on a Pixel (1st gen) with Lineage OS 16 (Android 9),
again **without** Google Play Services installed.
* [Summary of Solutions](#summary-of-solutions)
* [Play Store Apps](#play-store-apps)
* [Server Software](#server-software)
* [Email: IMAP &amp; SMTP](#email-imap-smtp)
* [Webmail](#webmail)
* [Calendars and Contacts](#calendars-and-contacts)
* [File Sync](#file-sync)
* [Messaging](#messaging)
---
# Summary of Solutions
My Android without Google tablet has the following features now:
* Self-hosted e-mail account.
* Contacts and Calendar sync from self-hosted WebDAV.
* File sync for photo backups, password vault, etc.
* Fennec browser which is just rebranded _Firefox for Android_ with Firefox
Sync, uBlock Origin and other familiar features.
Links to software used:
* E-mail Hosting:
* Webmail: [Roundcube](https://roundcube.net/)
* Android: [K-9 Mail](https://f-droid.org/en/packages/com.fsck.k9/) or any standard mail client (I used <acronym title="Android Open Source Project">AOSP</acronym> Email).
* Desktop: [Mozilla Thunderbird](https://www.thunderbird.net/) (cross platform)
* Server: [postfix](http://www.postfix.org/) for SMTP and [dovecot](https://www.dovecot.org/) for IMAP.
* Calendar and Contact Sync:
* Run standard WebDAV services (CalDAV and CardDAV)!
* Android: [DAVdroid](https://f-droid.org/en/packages/at.bitfire.davdroid/) from F-Droid.
* Desktop (Thunderbird): `CardBook` for Contacts and `Lightning` for Calendar, then just add remote CalDAV sources to each.
* Server: [Radicale](https://radicale.org/)
* Password Manager:
* KeePass for a complete self-hosted solution.
* Desktop: [KeePass XC](https://keepassxc.org/) for Windows, Mac and Linux.
* Android: [KeePass DX](https://f-droid.org/en/packages/com.kunzisoft.keepass.libre/)
* I sync my password vault with Syncthing.
* Files and Password Vault Sync:
* [Syncthing](https://syncthing.net/) - runs everywhere, works very well, no web access! My preferred pick.
* Android (F-Droid): [Syncthing](https://f-droid.org/en/packages/com.nutomic.syncthingandroid/)
* [Nextcloud](https://nextcloud.com/) - PHP, if you want web access like Dropbox, but that's not for me.
* Android (F-Droid): [Nextcloud](https://f-droid.org/en/packages/com.nextcloud.client/)
* Open Source Android Apps (Without Google):
* App Stores
* [F-Droid](https://f-droid.org/) - my preferred pick, only fully open source software.
* [Amazon App Store](https://www.amazon.com/gp/mas/blp/install/) - for a market that competes with the Play Store but without Google apps.
* [Fennec F-Droid](https://f-droid.org/en/packages/org.mozilla.fennec_fdroid/) is upstream `Firefox for Android` under a different brand. Supports Firefox Sync.
* Chromium: [Auto Updater for Chromium](https://f-droid.org/en/packages/com.dosse.chromiumautoupdater)
* Calendar and Contact Sync: [DAVdroid](https://f-droid.org/en/packages/at.bitfire.davdroid/) from F-Droid.
* KeePass: [KeePass DX](https://f-droid.org/en/packages/com.kunzisoft.keepass.libre/) from F-Droid.
* File sync: [Syncthing](https://f-droid.org/en/packages/com.nutomic.syncthingandroid/) or [Nextcloud](https://f-droid.org/en/packages/com.nextcloud.client/) from F-Droid.
* Maps &amp; Navigation: [OsmAnd+](https://f-droid.org/en/packages/net.osmand.plus/) seems to be the best contender but is a very clunky app. Will take my tablet on adventures just to see how it does.
* Messaging:
* [Signal](https://signal.org/android/apk/) is not available on F-Droid but you can download the `.apk` directly from their site, and it will self-update.
* [Riot.im](https://f-droid.org/en/packages/im.vector.alpha/) on F-Droid is a client for any [Matrix](https://matrix.org/) server.
---
# Play Store Apps
Most of this page talks about using only open-source software (F-Droid) with no
Google Play Services or Play Store apps involved. Some things can be found on
Amazon's App Store but most of the popular apps (Netflix, Hulu, etc) are only on
Play Store.
A lot of Play Store apps rely on Google Play Services at runtime and might not
work on a device without Google services installed.
**To install apps from the Play Store,** I used [Aurora Store](https://f-droid.org/en/packages/com.dragons.aurora/)
from F-Droid. [Yalp Store](https://f-droid.org/en/packages/com.github.yeriomin.yalpstore/)
is another open source client for the Play Store.
Some notes on testing how well certain apps work once installed (with no Google
services on the phone):
* **Netflix**
* Works well for local playback! I was able to log in and stream shows on my
Google-free phone.
* The Chromecast button identified my SHARP ROKU TV with built-in Netflix app,
but it did not see any Google Chromecast devices on my network.
* **Hulu**
* I was able to log in to the app, but after that it crashes often. My guess
is it crashes trying to look for Chromecast devices. If I'm fast I can get
it to play back content but haven't tested for extended periods.
* **Venmo:** was usable, crashes randomly though.
Other apps I use that worked fine on my Google-free device:
* Sync for Reddit
* Firefox
* Slack
* Twitter
* Snapchat? (didn't log in as I forgot my password but the app didn't crash)
* Fly Delta? (doesn't crash but I wasn't flying anywhere so haven't fully tested
all the app functionality)
Apps that strongly required the Google Play Services and pop up an error message
right away and won't work:
* YouTube
* Postmates
# Server Software
## Email: IMAP &amp; SMTP
I used postfix for the SMTP server and Dovecot for the IMAP server.
Using a tutorial like: <https://www.tecmint.com/install-postfix-mail-server-with-webmail-in-debian/>
> I highly recommend this being the **FIRST** thing you set up and verify working.
> E-mail is so easy to fuck up.
## Webmail
I installed Roundcube from the official Debian apt repo (`apt install roundcube`)
and configured it in nginx.
Install MariaDB-server first and get it up and running; Debian's roundcube asks
questions about the database immediately. Use `dpkg-reconfigure roundcube` to
reconfigure it later.
I used nginx instead of Apache to host Roundcube. I needed to `apt install php7-fpm`
and use this config:
```nginx
# /etc/nginx/sites-enabled/mail.caskir.net
server {
server_name mail.caskir.net;
listen 443 ssl;
listen [::]:443 ssl;
index index.cgi index.php index.html index.htm;
access_log /var/log/nginx/mail-access.log;
error_log /var/log/nginx/mail-error.log;
ssl on;
ssl_certificate /etc/letsencrypt/live/caskir.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/caskir.net/privkey.pem;
include ssl_params;
root /var/lib/roundcube;
# legacy CGI scripts
# https://wiki.debian.org/nginx/FastCGI
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server {
server_name mail.caskir.net;
listen 80;
listen [::]:80;
return 301 https://mail.caskir.net$request_uri;
}
```
## Calendars and Contacts
I installed [Radicale](https://radicale.org) into a Python3 virtual environment
as my normal user account.
```bash
% export WORKON_HOME=~/.virtualenvs
% mkvirtualenv -p /usr/bin/python3 radicale
Installing into ~/.virtualenvs/radicale/bin/python...
(radicale)% pip install radicale
(radicale)% which radicale
/home/kirsle/.virtualenvs/radicale/bin/radicale
```
I put my Radicale config at `~/radicale/config` with these contents:
```ini
# /home/kirsle/radicale/config
[server]
hosts = 127.0.0.1:5232
[auth]
type = http_x_remote_user
[storage]
filesystem_folder = ~/.var/lib/radicale/collections
```
The Radicale service is managed by supervisor which runs it as a low-privileged
account:
```ini
# /etc/supervisor/conf.d/radicale.conf
[program:radicale]
command = /home/kirsle/.virtualenvs/radicale/bin/radicale --config /home/kirsle/radicale/config
user = kirsle
directory = /home/kirsle/radicale
```
And I put an nginx proxy in front so I can terminate SSL there (using
[Let's Encrypt](https://letsencrypt.org/) for free automated SSL certs).
```nginx
# /etc/nginx/sites-enabled/caskir.net
server {
server_name www.caskir.net;
listen 443 ssl;
listen [::]:443 ssl;
index index.html index.htm;
access_log /var/log/nginx/caskir-access.log;
error_log /var/log/nginx/caskir-error.log;
ssl on;
ssl_certificate /etc/letsencrypt/live/caskir.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/caskir.net/privkey.pem;
include ssl_params;
root /home/kirsle/www;
location /dav/ { # The trailing / is important!
proxy_pass http://localhost:5232/; # The / is important!
proxy_set_header X-Script-Name /dav;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Remote-User $remote_user;
auth_basic "Radicale - Password Required";
auth_basic_user_file /etc/nginx/htpasswd;
}
}
server {
server_name caskir.net;
listen 443 ssl;
listen [::]:443 ssl;
ssl on;
ssl_certificate /etc/letsencrypt/live/caskir.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/caskir.net/privkey.pem;
include ssl_params;
return 301 https://www.caskir.net$request_uri;
}
server {
server_name www.caskir.net caskir.net;
listen 80;
listen [::]:80;
return 301 https://www.caskir.net$request_uri;
}
```
HTTP Basic Auth refresher:
```bash
# To get the htpasswd commands.
$ apt install apache2-utils
# Create the password database.
$ htpasswd -c /etc/nginx/htpasswd kirsle
Password:
Verify:
# Add another user.
$ htpasswd /etc/nginx/htpasswd alice
```
Radicale has a very minimal web interface so you'll need a WebDAV client to
actually import your data. I used CardBook in Thunderbird and just imported
my contacts file from [Google Takeout](https://takeout.google.com/settings/takeout).
Thunderbird has CardBook and Lightning add-ons that can sync with the WebDAV
service. GNOME Calendar works, too, but depends on a full GNOME desktop environment
(installing it by itself on Xfce leaves it in a broken state as it can't interact
with GNOME's Online Accounts system).
For Android, [DAVdroid](https://f-droid.org/en/packages/at.bitfire.davdroid/) is
available on F-Droid and will sync contacts and calendars to your device.
---
# File Sync
I chose Syncthing over Nextcloud because it fit my needs better. Nextcloud is a
PHP application that has a web interface, like Dropbox, to log in and access your
files. Nextcloud also syncs contacts and address books (so you don't need Radicale).
I don't require web access to my files, as I'll always have either my phone or
one of my computers with me, and I really only use Syncthing to sync my password
database. Having a complicated web app written in PHP would present quite a
surface area for random drive-by attacks.
I sync between my desktop PC, offsite web server, two laptops and two Android
devices.
Download Linux packages at [Syncthing.net](https://syncthing.net/); they
have Debian/Ubuntu APT repositories to keep it updated.
To access its web interface _securely_, tunnel it through SSH like:
```bash
% ssh -L 8384:localhost:8384 user@hostname
```
And then accessing <http://localhost:8384/> on your desktop should access the
web interface on the server.
For Android, [Syncthing](https://f-droid.org/en/packages/com.nutomic.syncthingandroid/)
is available on F-Droid.
# Messaging
I found out you're not allowed to sync [Signal](https://signal.org/android/apk/)
between two different mobile devices (like my phone and my Nexus 7 tablet), only
between my phone and desktop PCs. However, it does seem Signal can be downloaded
directly from their website and would _probably_ work on a normal phone. I couldn't
activate it with my tablet's "phone number" because it doesn't receive SMS.
[Riot.im](https://f-droid.org/en/packages/im.vector.alpha/) is available on F-Droid
and can get you on to the Matrix federated protocol.