Add some language highlighting

This commit is contained in:
RealStickman 2022-12-16 11:46:32 +01:00
parent f0ed09f00b
commit 78eec895b0
5 changed files with 108 additions and 59 deletions

View File

@ -4,32 +4,39 @@ visible: true
---
[toc]
## Getting ACME.SH
```
```sh
$ git clone https://github.com/acmesh-official/acme.sh.git
$ cd ./acme.sh
$ ./acme.sh --install -m my@example.com
```
## First time ZeroSSL registration
`$ (path to)/acme.sh --register-account -m (email)`
`$ (path to)/acme.sh --register-account -m (email)`
## Issue new certificate
Needs root to start a server on port 80
`# (path to)/acme.sh --issue --standalone -d (url)`
`# (path to)/acme.sh --issue --standalone -d (url)`
## Issue new certificate with DNS API
> [Official Documentation](https://github.com/acmesh-official/acme.sh/wiki/dnsapi)
### Gandi
`export GANDI_LIVEDNS_KEY="(api key)"`
`(path to)/acme.sh --issue --dns dns_gandi_livedns -d (domain)`
`export GANDI_LIVEDNS_KEY="(api key)"`
`(path to)/acme.sh --issue --dns dns_gandi_livedns -d (domain)`
## Install certificate
Make sure to create the `/etc/acme-sh/(url)` directory
```
Make sure to create the `/etc/acme-sh/(url)` directory
```sh
$ export url=woodpecker.exu.li \
&& mkdir -p /etc/acme-sh/{$url} \
&& .acme.sh/acme.sh --install-cert -d $url \
@ -39,8 +46,10 @@ $ export url=woodpecker.exu.li \
```
## Systems Service & Timer
`/etc/systemd/system/acme-sh.service`
```
`/etc/systemd/system/acme-sh.service`
```systemd
[Unit]
Description=Renew certificates using acme.sh
After=network-online.target
@ -53,8 +62,9 @@ User=wiki
SuccessExitStatus=0 2
```
`/etc/systemd/system/acme.timer`
```
`/etc/systemd/system/acme.timer`
```systemd
[Unit]
Description=Daily renewal of certificates
@ -68,4 +78,4 @@ WantedBy=timers.target
```
Enable timer
`systemctl enable --now acme-sh.timer`
`systemctl enable --now acme-sh.timer`

View File

@ -4,18 +4,23 @@ visible: false
---
[toc]
## Podman
### Network and Pod
`# podman network create net_authentik`
`# podman pod create --name pod_authentik --network net_authentik -p `
`# podman pod create --name pod_authentik --network net_authentik -p `
#### Port Mappings
```
```
### Database
```
```sh
# podman run --name authentik_db \
-e PGDATA=/var/lib/postgresql/data/pgdata \
-e POSTGRES_USER=authentik \
@ -27,7 +32,8 @@ visible: false
```
### Redis
```
```sh
# podman run --name authentik_redis \
-v /mnt/authentik_redis:/data \
--pod pod_authentik \
@ -36,7 +42,9 @@ visible: false
```
### Application Server
https://goauthentik.io/docs/installation/docker-compose
```
server:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.9.0}
@ -59,11 +67,13 @@ https://goauthentik.io/docs/installation/docker-compose
- "0.0.0.0:${AUTHENTIK_PORT_HTTP:-9000}:9000"
- "0.0.0.0:${AUTHENTIK_PORT_HTTPS:-9443}:9443"
```
```
```
### Application Worker
```
worker:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.9.0}
@ -89,6 +99,7 @@ worker:
env_file:
- .env
```
```
```

View File

@ -1,17 +1,21 @@
---
title: 'DHCP Server and Routing'
title: "DHCP Server and Routing"
visible: true
---
[toc]
## Installation
`# apt install isc-dhcp-server`
`# apt install isc-dhcp-server`
## Configuration
Edit `/etc/default/isc-dhcp-server`
`INTERFACESv4="(interface 1) (interface 2)"`
Edit `/etc/dhcp/dhcpd.conf` to set a subnet
Edit `/etc/default/isc-dhcp-server`
`INTERFACESv4="(interface 1) (interface 2)"`
Edit `/etc/dhcp/dhcpd.conf` to set a subnet
```
subnet (netaddress) netmask (subnetmask) {
range (first dhcp) (last dhcp);
@ -22,7 +26,8 @@ subnet (netaddress) netmask (subnetmask) {
}
```
Edit `/etc/network/interfaces`
Edit `/etc/network/interfaces`
```
auto (interface)
iface (interface) inet static
@ -33,23 +38,25 @@ iface (interface) inet static
```
Enable the interface
`# ifup (interface)`
`# ifup (interface)`
Restart DHCP Server
`# systemctl restart isc-dhcp-server.service`
`# systemctl restart isc-dhcp-server.service`
### Enable routing
`# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.d/80-forwarding.conf`
`# sysctl -p /etc/sysctl.d/80-forwarding.conf`
`# sysctl -p /etc/sysctl.d/80-forwarding.conf`
`# iptables -t nat -A POSTROUTING -o (WAN interface) -j MASQUERADE`
`# iptables -A FORWARD -i (LAN interface) -j ACCEPT`
`# iptables -A FORWARD -i (LAN interface) -j ACCEPT`
Make iptables permanent
Select `Yes` during the installation to save current rules
`# apt install iptables-persistent`
`# apt install iptables-persistent`
### Enable DHCP-managed fixed IP address
```
host (hostname) {
hardware ethernet (mac);
@ -58,12 +65,13 @@ host (hostname) {
```
### Dynamic DNS
*Needs a supported DNS like BIND or PowerDNS*
_Needs a supported DNS like BIND or PowerDNS_
[Configure your DNS server to accept updates](https://wiki.realstickman.net/e/en/linux/services/powerdns)
Add the following snippet to your `/etc/dhcp/dhcpd.conf` file
How to generate the key is also described in the DNS article
```
How to generate the key is also described in the DNS article
```
ddns-updates on;
ddns-update-style interim;
update-static-leases on;
@ -85,12 +93,12 @@ zone 7.168.192.in-addr.arpa. {
primary 127.0.0.1;
key (keyname);
}
```
## Client
DHCP Request
`# dhclient -v`
`# dhclient -v`
Release IP
`# dhclient -v -r`
`# dhclient -v -r`

View File

@ -4,25 +4,29 @@ visible: true
---
[toc]
## Pre-Setup
Create a gitea user
`# useradd -m git`
`# useradd -m git`
`# mkdir /etc/gitea`
`# chown git:git -R /etc/gitea`
`# chown git:git -R /etc/gitea`
Create the .ssh directory for the git user
`$ sudo -u git mkdir -p /home/git/.ssh`
`$ sudo -u git mkdir -p /home/git/.ssh`
Get the user id of git with `id git`
Get the user id of git with `id git`
## Podman
### Network and Pod
`# podman network create net_gitea`
`# podman pod create --name pod_gitea --network net_gitea -p 127.0.0.1:5432:5432 -p 3000:3000 -p 127.0.0.1:2222:22`
`# podman pod create --name pod_gitea --network net_gitea -p 127.0.0.1:5432:5432 -p 3000:3000 -p 127.0.0.1:2222:22`
#### Port Mappings
```
5432 (localhost): Postgres Database
3000: Gitea WebUI
@ -30,7 +34,8 @@ Get the user id of git with `id git`
```
### Database
```
```sh
# podman run --name giteadb \
-e PGDATA=/var/lib/postgresql/data/pgdata \
-e POSTGRES_USER=gitea \
@ -42,7 +47,8 @@ Get the user id of git with `id git`
```
### Application
```
```sh
# podman run --name gitea \
-e USER_UID=(uid) \
-e USER_GID=(gid) \
@ -60,37 +66,40 @@ Get the user id of git with `id git`
```
**NOTE:** gitea's /data directory must not contain permissions too open. Otherwise the SSH redirection set up below will fail.
`0750` for directories and `0640` has been shown to work
`0750` for directories and `0640` has been shown to work
The next few lines are used to set up ssh-redirection to gitea if it is used to clone a repo.
The next few lines are used to set up ssh-redirection to gitea if it is used to clone a repo.
> See also the [official documentation](https://docs.gitea.io/en-us/install-with-docker/#sshing-shim-with-authorized_keys)
Create SSH Keys for gitea
`$ sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"`
`$ sudo -u git cat /home/git/.ssh/id_rsa.pub | sudo -u git tee -a /home/git/.ssh/authorized_keys`
`$ sudo -u git chmod 600 /home/git/.ssh/authorized_keys`
`$ sudo -u git chmod 600 /home/git/.ssh/authorized_keys`
```
```sh
$ cat <<"EOF" | sudo tee /usr/local/bin/gitea
#!/bin/sh
ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
EOF
```
`# chmod +x /usr/local/bin/gitea`
`# chmod +x /usr/local/bin/gitea`
We've now finished setting up the ssh-redirection.
After that, connect to the Server on port 3000 to finish the installation
The first registered user will be made admin
The first registered user will be made admin
## Management CLI
Gitea comes with a management cli. To access it, change into the Container first and su into the user "git".
`# podman exec -it gitea bash`
`# su git`
`# su git`
### User Management
List users:
`$ gitea admin user list`
`$ gitea admin user list`
Change user password:
`$ gitea admin user change-password -u (user) -p (password)`
`$ gitea admin user change-password -u (user) -p (password)`

View File

@ -4,30 +4,39 @@ visible: true
---
[toc]
> [Official Documentation](https://learn.getgrav.org/17)
## Requirements
`# apt install nginx php php-fpm php-gd php-apcu php-yaml php-zip php-xml php-mbstring php-curl unzip`
### Download grav
`# apt install nginx php php-fpm php-gd php-apcu php-yaml php-zip php-xml php-mbstring php-curl unzip`
### Download grav
Make sure the directory you want to use is owned by your webserver user. (www-data on debian)
`# chown www-data:www-data -R /var/www`
`# chown www-data:www-data -R /var/www`
**With included admin client**
`sudo -u www-data wget https://getgrav.org/download/core/grav-admin/1.7.32`
`sudo -u www-data wget https://getgrav.org/download/core/grav-admin/1.7.32`
## Theme Learn2 Customisations
### Fix for wonky sidebar
With the default configuration, using jquery-scrollbar, there are issues with extremely long subtopics making the bar not scroll all the way to the bottom.
My workaround is adding the following CSS to custom.css in the theme's `css` directory.
My workaround is adding the following CSS to custom.css in the theme's `css` directory.
```css
.highlightable {
overflow: auto;
overflow: auto;
}
```
### Code copy don't copy # or $
This needs to be modified in `js/learn.js`
Here's the change as well as the surrounding code.
Here's the change as well as the surrounding code.
```js
// clipboard
var clipInit = false;
@ -49,14 +58,16 @@ Here's the change as well as the surrounding code.
```
## Custom theme based on Learn2
`$ sudo -u www-data /var/www/wiki-grav/bin/plugin devtools new-theme`
`$ sudo -u www-data /var/www/wiki-grav/bin/plugin devtools new-theme`
You'll be asked a few questions next
**Important:** when asked to choose an option, choose `inheritance`
With this, an installed theme can be selected as a base
With this, an installed theme can be selected as a base
## Nginx config
```
```nginx
server {
server_name DOMAIN_NAME;
@ -119,4 +130,4 @@ server {
server_name DOMAIN_NAME;
return 404;
}
```
```