475 lines
66 KiB
XML
475 lines
66 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
|
|
<title>Blog Posts</title>
|
|
<subtitle>All of the posts for my blog</subtitle>
|
|
<link href="https://devraza.giize.com/blog/feed.xml" rel="self" type="application/atom+xml"/>
|
|
<link href="https://devraza.giize.com/blog/"/>
|
|
<updated>2024-03-28T00:00:00+00:00</updated>
|
|
<id>https://devraza.giize.com/blog/feed.xml</id>
|
|
<entry xml:lang="en">
|
|
<title>Home server security</title>
|
|
<published>2024-03-28T00:00:00+00:00</published>
|
|
<updated>2024-03-28T00:00:00+00:00</updated>
|
|
<link href="https://devraza.giize.com/blog/home-server-security/" type="text/html"/>
|
|
<id>https://devraza.giize.com/blog/home-server-security/</id>
|
|
<content type="html"><h1 id="introduction">Introduction<a class="zola-anchor" href="#introduction" aria-label="Anchor link for: introduction">#</a></h1>
|
|
<p>Home server security is pretty often overlooked from what I can tell.
|
|
Any device accessible from the internet has <em>some</em> degree of
|
|
vulnerability in the current era of the internet. I aim for this
|
|
document to detail methods to amend the contemporary cybersecurity
|
|
challenges faced by most homelabbers.</p>
|
|
<h1 id="justification-in-depth">Justification in Depth<a class="zola-anchor" href="#justification-in-depth" aria-label="Anchor link for: justification-in-depth">#</a></h1>
|
|
<p>Of course, my statements about home servers needing some security
|
|
measures put in place aren't baseless. My own experience, as well as
|
|
that of a sizable number of people on the wonderful
|
|
<a rel="nofollow noreferrer" href="https://join-lemmy.org">lemmy</a> community at
|
|
<code>selfhosted@lemmy.world</code> shows that home servers are endlessly 'knocked&quot;
|
|
on, and that login attempts to services like SSH <em>are</em> made. Here's a
|
|
snippet from my <a rel="nofollow noreferrer" href="https://fail2ban.org">fail2ban</a> filter to
|
|
verify this point:</p>
|
|
<pre style="background-color:#151515;color:#e8e8d3;"><code><span>Mar 29 14:38:13 icefall fail2ban.filter[1097]: INFO [...] Found 176.126.240.158 - 2024-03-29 14:38:13
|
|
</span><span>Mar 29 14:40:11 icefall fail2ban.filter[1097]: INFO [...] Found 176.126.240.158 - 2024-03-29 14:40:11
|
|
</span><span>Mar 29 14:40:29 icefall fail2ban.filter[1097]: INFO [...] Found 185.8.165.204 - 2024-03-29 14:40:29
|
|
</span><span>Mar 29 14:40:40 icefall fail2ban.filter[1097]: INFO [...] Found 162.212.154.58 - 2024-03-29 14:40:40
|
|
</span></code></pre>
|
|
<p>Within the past <em>few minutes</em>, I've already got a few IP addresses from
|
|
all over the world taking a peak at my services. If I had my SSH port
|
|
set to the standard <code>22</code>, I could have expected a few rogue login
|
|
attempts to have been made, too.</p>
|
|
<p>And, speaking of not having my SSH port set to the standard <code>22</code>, I'll
|
|
now move on to what you should be done to secure a home server. One
|
|
thing that I think should be noted, however, is that security doesn't
|
|
need to be very strong, and you generally don't need to go too far out
|
|
of your way with security measures (though this definitely depends on
|
|
invdividual circumstance). Honestly speaking, you <em>probably</em> <strong>don't</strong>
|
|
have competent black hats looking to get in to your server - what you
|
|
probably <strong>do</strong> have, however, are a bunch of script kiddies and
|
|
perversive bots.</p>
|
|
<h1 id="the-list">The list<a class="zola-anchor" href="#the-list" aria-label="Anchor link for: the-list">#</a></h1>
|
|
<p>The fairly basic stuff you'd need to do in this case doesn't make much
|
|
room for detail. So, here it all is in the form of a simple list (I've
|
|
included the relevant NixOS configuration where I think it'd be
|
|
useful<sup class="footnote-reference"><a href="#1">1</a></sup>):</p>
|
|
<ul>
|
|
<li>
|
|
<p>Move your SSH daemon to a non-default port, like <code>3291</code>.</p>
|
|
<pre data-lang="nix" style="background-color:#151515;color:#e8e8d3;" class="language-nix "><code class="language-nix" data-lang="nix"><span style="color:#ffb964;">services</span><span>.</span><span style="color:#ffb964;">openssh </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">ports </span><span>= [ </span><span style="color:#cf6a4c;">3291 </span><span>]; </span><span style="color:#888888;"># whatever you like
|
|
</span><span>};
|
|
</span></code></pre>
|
|
</li>
|
|
<li>
|
|
<p>Force public key authentication with SSH and disable root logins.</p>
|
|
<pre data-lang="nix" style="background-color:#151515;color:#e8e8d3;" class="language-nix "><code class="language-nix" data-lang="nix"><span style="color:#ffb964;">services</span><span>.</span><span style="color:#ffb964;">openssh</span><span>.</span><span style="color:#ffb964;">settings </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">PermitRootLogin </span><span>= </span><span style="color:#99ad6a;">&quot;no&quot;</span><span>;
|
|
</span><span> </span><span style="color:#ffb964;">PasswordAuthentication </span><span>= false;
|
|
</span><span>};
|
|
</span></code></pre>
|
|
</li>
|
|
<li>
|
|
<p>Set up a pretty basic firewall - something like <code>ufw</code> would do the trick.</p>
|
|
<pre data-lang="nix" style="background-color:#151515;color:#e8e8d3;" class="language-nix "><code class="language-nix" data-lang="nix"><span style="color:#ffb964;">networking </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">nftables</span><span>.</span><span style="color:#ffb964;">enable </span><span>= true; </span><span style="color:#888888;"># use the newer nftables
|
|
</span><span> </span><span style="color:#ffb964;">firewall </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">enable </span><span>= true;
|
|
</span><span> </span><span style="color:#ffb964;">rejectPackets </span><span>= true; </span><span style="color:#888888;"># explicit deny
|
|
</span><span> </span><span style="color:#ffb964;">interfaces</span><span>.</span><span style="color:#ffb964;">enp1s0 </span><span>= { </span><span style="color:#888888;"># obviously, replace `enp1s0` with your interface
|
|
</span><span> </span><span style="color:#ffb964;">allowedTCPPorts </span><span>= [ ... ]; </span><span style="color:#888888;"># put in the ports you need here
|
|
</span><span> };
|
|
</span><span> };
|
|
</span><span>};
|
|
</span></code></pre>
|
|
</li>
|
|
<li>
|
|
<p>This probably doesn't need to be said, but <strong>use strong passwords</strong>!</p>
|
|
</li>
|
|
<li>
|
|
<p>Host a <a rel="nofollow noreferrer" href="https://fail2ban.org">fail2ban</a> instance to ban hosts making bruteforce attempts.</p>
|
|
</li>
|
|
</ul>
|
|
<p>I think that's all there is for almost everyone, and is basically the
|
|
minimal amount of effort a home server administrator should do.
|
|
Personally, I would prefer to enforce a VPN connection in order to
|
|
access my <em>personal</em> services for that extra layer of security (because
|
|
why'd they need to be exposed to the internet?). This can be done faily
|
|
easily with tailscale, and for the slightly more paranoid -
|
|
<a rel="nofollow noreferrer" href="https://headscale.net/">headscale</a> is a
|
|
viable...alternative? Anyways, I've got a blog post that explores
|
|
headscale in a little more detail, which might be worth checking out.</p>
|
|
<p>Well, that's all I wanted to say. It's been a while since my last blog
|
|
post, and the inspiration for this one came seemingly randomly - I hope
|
|
someone finds this useful.</p>
|
|
<div class="footnote-definition" id="1"><sup class="footnote-definition-label">1</sup>
|
|
<p>Naturally, you shouldn't just copy and paste the snippets into</p>
|
|
</div>
|
|
</content>
|
|
</entry>
|
|
<entry xml:lang="en">
|
|
<title>Selecting hardware for a (home) server</title>
|
|
<published>2024-01-31T00:00:00+00:00</published>
|
|
<updated>2024-01-31T00:00:00+00:00</updated>
|
|
<link href="https://devraza.giize.com/blog/server-hardware-selection/" type="text/html"/>
|
|
<id>https://devraza.giize.com/blog/server-hardware-selection/</id>
|
|
<content type="html"><h1 id="introduction">Introduction<a class="zola-anchor" href="#introduction" aria-label="Anchor link for: introduction">#</a></h1>
|
|
<p>I see a lot of people worryingly mistaken about what a server needs (specifically, a home server). Some think that a bland and incredibly ignorant '20% budget for CPU, 30% for GPU, and the rest for the rest' plan for selecting hardware is good enough (at least, before choosing specific items) - you can't exactly be <em>wrong</em> when choosing
|
|
hardware, but this is very, <em>very</em> far from right.</p>
|
|
<h1 id="requirements">Requirements<a class="zola-anchor" href="#requirements" aria-label="Anchor link for: requirements">#</a></h1>
|
|
<p>Server hardware needs to be low-power and resource-efficient - so as not to waste any money unnessarily, obviously. Your budget will strongly impact the specifications you can get your hands on, but I would think that even $200 is enough for a decent home server - depending on what you want to do with it.
|
|
Keep in mind that you could always repurpose an old laptop or desktop lying around; it's cheap, and you get what may be a surprisingly decent machine.</p>
|
|
<h2 id="power-consumption">Power consumption<a class="zola-anchor" href="#power-consumption" aria-label="Anchor link for: power-consumption">#</a></h2>
|
|
<p>The difference between low <em>peak</em> and low <em>idle</em> power should be noted in particular. Running costs can get very high if you don't work to moderate power consumption, and probably wouldn't be something you would ignore when it comes to home servers.</p>
|
|
<h2 id="usage-of-the-server">Usage of the server<a class="zola-anchor" href="#usage-of-the-server" aria-label="Anchor link for: usage-of-the-server">#</a></h2>
|
|
<p>Naturally, how a server will be used will affect pretty much everything about the hardware chosen for it. For example, if you're looking to stream games remotely, you'd go for a (perhaps powerful) dedicated GPU and would likely invest in some high-speed internet solution.
|
|
As indicated by the above example of the GPU, you need to be <em>very</em> specific with what you choose - do you <em>need</em> a powerful GPU or do you not? After all, one of the last things you would want, ever, is money going to waste on something you don't need, or failing to buy something that meets your expectations.</p>
|
|
<h1 id="conclusion">Conclusion<a class="zola-anchor" href="#conclusion" aria-label="Anchor link for: conclusion">#</a></h1>
|
|
<p>I only gave two points of interest when selecting a server - looking at the numbers alone, this might seem like hardly anything to consider at all. My reasons for this are:</p>
|
|
<ul>
|
|
<li>Power comumption is one factor that people often forego thinking about, and an extremely important one at that.</li>
|
|
<li>Building on top of the previous point, you (probably) aren't stupid. Knowing (albeit at a very basic level) what to look out for should be enough.</li>
|
|
<li>It would be extremely difficult for me, or anyone else for that matter, to provide a <strong>truly</strong> complete solution to everyone's needs for a home server.</li>
|
|
</ul>
|
|
<p>Well, that's it. I wish you luck in selecting your hardware.</p>
|
|
</content>
|
|
</entry>
|
|
<entry xml:lang="en">
|
|
<title>Misconceptions about NFC</title>
|
|
<published>2024-01-19T00:00:00+00:00</published>
|
|
<updated>2024-01-19T00:00:00+00:00</updated>
|
|
<link href="https://devraza.giize.com/blog/nfc-misconceptions/" type="text/html"/>
|
|
<id>https://devraza.giize.com/blog/nfc-misconceptions/</id>
|
|
<content type="html"><blockquote class="callout alert">
|
|
|
|
<div class="icon">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="20" height="20"><path d="M4.00098 20V14C4.00098 9.58172 7.5827 6 12.001 6C16.4193 6 20.001 9.58172 20.001 14V20H21.001V22H3.00098V20H4.00098ZM6.00098 20H18.001V14C18.001 10.6863 15.3147 8 12.001 8C8.68727 8 6.00098 10.6863 6.00098 14V20ZM11.001 2H13.001V5H11.001V2ZM19.7792 4.80761L21.1934 6.22183L19.0721 8.34315L17.6578 6.92893L19.7792 4.80761ZM2.80859 6.22183L4.22281 4.80761L6.34413 6.92893L4.92991 8.34315L2.80859 6.22183ZM7.00098 14C7.00098 11.2386 9.23956 9 12.001 9V11C10.3441 11 9.00098 12.3431 9.00098 14H7.00098Z" fill="currentColor"></path></svg>
|
|
</div>
|
|
<div class="content">
|
|
|
|
<p><strong>Alert</strong></p>
|
|
|
|
<p>I made a mistake while writing this blog post - somehow forgetting that security isn't unambiguous. You can actually skim NFC chips from a certain distance
|
|
(having a limited distance is still an important factor though!), and though I think some of what I said below still applies you're better off ignoring it all.</p>
|
|
<p>There are, of course, a whole range of problems with skimming NFC chips from a distance so my point - don't be so worried - would still stand.</p>
|
|
<p>Either way, I recommend you take this with a grain of salt.</p>
|
|
|
|
</div>
|
|
</blockquote><h1 id="introduction">Introduction<a class="zola-anchor" href="#introduction" aria-label="Anchor link for: introduction">#</a></h1>
|
|
<p>NFC (short for Near-Field Communication) is the set of communication protocols which allow for <em>near-field communication</em> between two electronic devices.
|
|
One of the most prominent uses of this technology are contactless transactions - this includes services like Google and Apple Pay as well as all of your contactless-enabled cards.</p>
|
|
<p>It's been a while since my last blog past, but this one will be brief too - I'm writing here for the sake of clearing up some misconceptions people have about NFC.</p>
|
|
<h1 id="the-misconceptions">The Misconceptions<a class="zola-anchor" href="#the-misconceptions" aria-label="Anchor link for: the-misconceptions">#</a></h1>
|
|
<h2 id="inspiration">Inspiration<a class="zola-anchor" href="#inspiration" aria-label="Anchor link for: inspiration">#</a></h2>
|
|
<p>While talking with a friend on a WhatsApp group chat a few days ago about a program I found on my jailbroken iOS device - <a rel="nofollow noreferrer" href="https://github.com/Aemulo">Aemulo</a> - I was
|
|
informed of 'subway skimmers'; devices that could <em>supposedly</em> read data from contactless-enabled devices (via NFC) and would be able to emulate them.</p>
|
|
<p>The idea behind the above example was that someone with malicious intent could place such a device in a public location and take their contactless devices for their malicious purposes.
|
|
When I heard of this, my first thought was: <a rel="nofollow noreferrer" href="https://devraza.duckdns.org/blog/hoaxes-overview/">hoax</a>, and I think that it was rightfully so.</p>
|
|
<h2 id="what-exactly-is-wrong-with-this">What exactly is wrong with this?<a class="zola-anchor" href="#what-exactly-is-wrong-with-this" aria-label="Anchor link for: what-exactly-is-wrong-with-this">#</a></h2>
|
|
<p>Several things. I'm no expert in cybersecurity - everyone's a student in some way, but I was sure that NFC was, as it's name implies, for <strong>near-field communication</strong>.
|
|
I'm repeating myself here, but that's kind of the point. Various reliable resources, including Wikipedia, show that NFC has a maximum range of only a few centimetres - which makes sense, no?</p>
|
|
<p>And yet, whatever source my friend had for 'subway skimmers' gave the impression, or otherwise stated, that it would work within a radius of a few feet, which is just impossible.
|
|
Upon voicing my doubts, I was then told that 'with a powerful enough antenna, it's possible'. Hoaxes sure are convincing, aren't they? Unfortunately, I am not able to find the source of my friend's misinformation.</p>
|
|
<p>See, NFC only works within a few centimetres anyways. Even if it could <em>magically</em> work within a radius of a few feet, you've got to take in the electromagnetic interference
|
|
that the clothes and wallets people have would bring to any malicious device. The point of electromagnetic interference is especially true over a <em>huge</em> area of a few feet (relatively), where you've got several NFC-enabled devices.</p>
|
|
<h2 id="where-it-s-actually-an-issue">Where it's actually an issue<a class="zola-anchor" href="#where-it-s-actually-an-issue" aria-label="Anchor link for: where-it-s-actually-an-issue">#</a></h2>
|
|
<p>Of course, that isn't to say there aren't any issues with NFC and malicious readers - I'm just saying that the word getting around is horribly unrealistic.
|
|
For example, a <em>realistic</em> example of a malicious NFC reader would be one placed on the card slots in cash machines - you get:</p>
|
|
<ul>
|
|
<li><input disabled="" type="checkbox" checked=""/>
|
|
The short range (&lt; ~20 cm)</li>
|
|
<li><input disabled="" type="checkbox" checked=""/>
|
|
Only one device</li>
|
|
<li><input disabled="" type="checkbox" checked=""/>
|
|
Lots of devices to read!</li>
|
|
</ul>
|
|
<p>And so, you've got someone so much more realistic that poses an actual threat!</p>
|
|
<h1 id="conclusion">Conclusion<a class="zola-anchor" href="#conclusion" aria-label="Anchor link for: conclusion">#</a></h1>
|
|
<p>The information above, which I deem accurate, is there. What I suggest be taken away from this is pretty much the same as what is was for <a rel="nofollow noreferrer" href="https://devraza.duckdns.org/blog/hoaxes-overview/">my blog post on hoaxes</a> - <strong>do some fact-checking!</strong></p>
|
|
</content>
|
|
</entry>
|
|
<entry xml:lang="en">
|
|
<title>Take control of tailscale with headscale</title>
|
|
<published>2024-01-10T00:00:00+00:00</published>
|
|
<updated>2024-01-10T00:00:00+00:00</updated>
|
|
<link href="https://devraza.giize.com/blog/selfhost-tailscale/" type="text/html"/>
|
|
<id>https://devraza.giize.com/blog/selfhost-tailscale/</id>
|
|
<content type="html"><h1 id="tailscale">Tailscale<a class="zola-anchor" href="#tailscale" aria-label="Anchor link for: tailscale">#</a></h1>
|
|
<p><a rel="nofollow noreferrer" href="https://tailscale.com/">Tailscale</a> is a modern tunnel VPN service based on <a rel="nofollow noreferrer" href="https://www.wireguard.com/">WireGuard®</a> which provides a 'free' and secure means of communication between
|
|
devices within a <a rel="nofollow noreferrer" href="https://tailscale.com/kb/1136/tailnet">tailnet</a> - a private network which Tailscale provides its users.</p>
|
|
<p>Essentially, it provides a private and secure way of accessing any of your devices, no matter where you are in the world - a personal WAN encompassing the entire world.</p>
|
|
<p>And on top of this, Tailscale is completely free and open-source! At least, on the surface...</p>
|
|
<h2 id="not-foss-what-do-you-mean">Not FOSS? What do you mean?<a class="zola-anchor" href="#not-foss-what-do-you-mean" aria-label="Anchor link for: not-foss-what-do-you-mean">#</a></h2>
|
|
<p>There's a quite popular saying within the free and open-source software community, which goes along the lines of:</p>
|
|
<blockquote>
|
|
<p>If you aren't paying for the product, then you are the product.</p>
|
|
</blockquote>
|
|
<p>Which makes perfect sense. It's the <em>modern</em> era so anything significant is powered by some form of <em>modern</em> technology, data is the new oil, and so on.
|
|
In exchange for offering you 'free' services, companies collect and use your data;
|
|
while there supposedly are laws in place preventing the inconcensual collection of data in most countries around the world, <em>your</em> personal data may <em>still</em> be traded unethically and inconsensually.</p>
|
|
<p>I personally am of the opinion that these laws are worth absolutely nothing if people aren't educated in how their data is being used, and what specifically is being collected.
|
|
But I digress, and that's a blog post for another time.</p>
|
|
<p>I also think it's quite unfortunate that users of paid services <em>still</em> have their personal data collected in the unethical manner outlined above, despite the fact that they are <em>paying</em> for the service...</p>
|
|
<p>In the context of Tailscale: while their clients are all open-source, their control server - the thing that's managing and rerouting <em>everything</em> going through what they advertise as <em>your</em> 'secure' VPN, isn't.
|
|
You've got no idea what this thing is doing with the traffic it recieves.</p>
|
|
<h1 id="headscale">Headscale<a class="zola-anchor" href="#headscale" aria-label="Anchor link for: headscale">#</a></h1>
|
|
<p>For every problem, there's probably a solution somewhere. And luckily for this one (which may or may not actually be a problem for you), we've got <a rel="nofollow noreferrer" href="https://headscale.net/">Headscale</a> as our solution.
|
|
Headscale's a self-hostable, open-source alternative to the Tailscale control server, and aims to 'provide self-hosters and hobbyists with an open-source server they can use for their projects and labs'.</p>
|
|
<h2 id="installing-on-nixos">Installing on NixOS<a class="zola-anchor" href="#installing-on-nixos" aria-label="Anchor link for: installing-on-nixos">#</a></h2>
|
|
<p>Moving on to installing and setting up Headscale on NixOS.</p>
|
|
<pre data-lang="nix" style="background-color:#151515;color:#e8e8d3;" class="language-nix "><code class="language-nix" data-lang="nix"><span style="color:#888888;"># ...
|
|
</span><span>{
|
|
</span><span> </span><span style="color:#888888;"># ...
|
|
</span><span> </span><span style="color:#ffb964;">services</span><span>.</span><span style="color:#ffb964;">headscale </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">enable </span><span>= true;
|
|
</span><span> </span><span style="color:#ffb964;">address </span><span>= </span><span style="color:#99ad6a;">&quot;0.0.0.0&quot;</span><span>;
|
|
</span><span> </span><span style="color:#ffb964;">port </span><span>= </span><span style="color:#cf6a4c;">7070</span><span>;
|
|
</span><span> </span><span style="color:#ffb964;">settings </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">logtail</span><span>.</span><span style="color:#ffb964;">enabled </span><span>= false;
|
|
</span><span> </span><span style="color:#ffb964;">server_url </span><span>= </span><span style="color:#99ad6a;">&quot;https://headscale.devraza.duckdns.org&quot;</span><span>;
|
|
</span><span> </span><span style="color:#ffb964;">dns_config</span><span>.</span><span style="color:#ffb964;">base_domain </span><span>= </span><span style="color:#99ad6a;">&quot;devraza.duckdns.org&quot;</span><span>;
|
|
</span><span> };
|
|
</span><span> };
|
|
</span><span> </span><span style="color:#888888;"># ...
|
|
</span><span>}
|
|
</span></code></pre>
|
|
<p>This starts up the <code>headscale</code> systemd service on our host machine at port <code>7070</code>. After that, we make Headscale available over the clearnet with an NGINX reverse proxy, per the usual:</p>
|
|
<pre data-lang="nix" style="background-color:#151515;color:#e8e8d3;" class="language-nix "><code class="language-nix" data-lang="nix"><span>{
|
|
</span><span> </span><span style="color:#ffb964;">services</span><span>.</span><span style="color:#ffb964;">nginx </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">enable </span><span>= true;
|
|
</span><span> </span><span style="color:#ffb964;">virtualHosts </span><span>= {
|
|
</span><span> </span><span style="color:#99ad6a;">&quot;headscale&quot; </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">addSSL </span><span>= true;
|
|
</span><span> </span><span style="color:#ffb964;">serverName </span><span>= </span><span style="color:#99ad6a;">&quot;headscale.devraza.duckdns.org&quot;</span><span>;
|
|
</span><span> </span><span style="color:#ffb964;">sslCertificate </span><span>= </span><span style="color:#99ad6a;">./services/nginx/certs/subdomains/fullchain.pem</span><span>;
|
|
</span><span> </span><span style="color:#ffb964;">sslCertificateKey </span><span>= </span><span style="color:#99ad6a;">./services/nginx/certs/subdomains/privkey.pem</span><span>;
|
|
</span><span> </span><span style="color:#888888;"># Headscale proxy
|
|
</span><span> </span><span style="color:#ffb964;">locations</span><span>.</span><span style="color:#99ad6a;">&quot;/&quot; </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">proxyPass </span><span>= </span><span style="color:#99ad6a;">&quot;http://127.0.0.1:${toString </span><span style="color:#ffb964;">config</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">services</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">headscale</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">port</span><span style="color:#99ad6a;">}&quot;</span><span>;
|
|
</span><span> </span><span style="color:#ffb964;">proxyWebsockets </span><span>= true;
|
|
</span><span> };
|
|
</span><span> };
|
|
</span><span> };
|
|
</span><span> };
|
|
</span><span>}
|
|
</span></code></pre>
|
|
<p>And that's it. A self-hosted, <em>truly</em> open-source Wireguard®-based VPN is now at your fingertips. Enjoy! Oh, but please read the conclusion before doing that:</p>
|
|
<h1 id="conclusion">Conclusion<a class="zola-anchor" href="#conclusion" aria-label="Anchor link for: conclusion">#</a></h1>
|
|
<p>For those of you who wish to have access to something like Tailscale but value your privacy above all, you would genuinely be greatful for Headscale.
|
|
However, I've found that some are fine with what Tailscale <em>does</em> provide in regards to FOSS, and are satisfied by the raw convenience and simplicity of a non-selfhosted Tailscale control server - exactly what it hopes to provide, as shown by their self-description on their website: 'a zero-config, no-fuss VPN [provider]'.</p>
|
|
<p>Or you could just settle with bare Wireguard®.</p>
|
|
</content>
|
|
</entry>
|
|
<entry xml:lang="en">
|
|
<title>An overview on hoaxes</title>
|
|
<published>2024-01-04T00:00:00+00:00</published>
|
|
<updated>2024-01-04T00:00:00+00:00</updated>
|
|
<link href="https://devraza.giize.com/blog/hoaxes-overview/" type="text/html"/>
|
|
<id>https://devraza.giize.com/blog/hoaxes-overview/</id>
|
|
<content type="html"><h1 id="introduction">Introduction<a class="zola-anchor" href="#introduction" aria-label="Anchor link for: introduction">#</a></h1>
|
|
<p>In recent times, hoaxes have become increasingly prevalent as the internet continues to expand and as more people use social media.
|
|
Misinformation is on a rise - though this is information which isn't really new, the current state of things is horrible, and things really shouldn't be the way they are.</p>
|
|
<p>I aim for this to be a brief blog post detailing the effect of hoaxes on society, focusing on why they're so harmful.</p>
|
|
<h1 id="what-exactly-is-a-hoax">What exactly is a hoax?<a class="zola-anchor" href="#what-exactly-is-a-hoax" aria-label="Anchor link for: what-exactly-is-a-hoax">#</a></h1>
|
|
<p>Put simply, a hoax is made-up information, be it a story or something else. Hoaxes are created with the intent of spreading false information - for a immense variety of reasons, from jokes and causing embarrassment to provoking politic or social change<sup><a rel="nofollow noreferrer" href="https://en.wikipedia.org/wiki/Hoax">1</a></sup>. I won't discuss the causes of hoaxes further in this blog post.</p>
|
|
<h1 id="the-effect-of-hoaxes">The effect of hoaxes<a class="zola-anchor" href="#the-effect-of-hoaxes" aria-label="Anchor link for: the-effect-of-hoaxes">#</a></h1>
|
|
<p>Hoaxes can cause significant damage to their targets if formulated cleverly. For example:</p>
|
|
<blockquote>
|
|
<p>The stock price of Apple Inc. fell significantly in October 2008 after a hoax story was submitted to CNN's user-generated news site iReport.com claiming that company CEO Steve Jobs had suffered a major heart attack. The source of the story was traced back to 4chan.</p>
|
|
<ul>
|
|
<li>Excerpt from <a rel="nofollow noreferrer" href="https://en.wikipedia.org/wiki/4chan">the Wikipedia 4chan page</a></li>
|
|
</ul>
|
|
</blockquote>
|
|
<p>With the incredible presence of social media in our lives, spreading harmful misinformation like that above can be as simple as making a few posts - they don't even need to be very convincing!
|
|
What makes matters worse is how gullible the general population is, even those educated in this sort of thing - this shows <em>just</em> how much influence the internet and it's contents have on us.</p>
|
|
<p>I would like to clarify that I'm not suggesting that people should avoid using the internet to gather information - while its reliability is incredibly questionable, the accessibility and openness it provides far beats traditional methods of gathering information (books and such). My suggestion is that people should be much more careful with how they interpret information on the internet,
|
|
and perform their due diligence in their research into whatever they're aiming to learn; <strong>people should make sure that what they're reading is accurate before absorbing any information</strong> (here's your tl;dr).</p>
|
|
<p>That's about it for this blog post, as it was meant to be a brief way of expressing my thoughts on the matter. Thanks for reading!</p>
|
|
</content>
|
|
</entry>
|
|
<entry xml:lang="en">
|
|
<title>Host your own private search engine with SearXNG</title>
|
|
<published>2023-12-31T00:00:00+00:00</published>
|
|
<updated>2023-12-31T00:00:00+00:00</updated>
|
|
<link href="https://devraza.giize.com/blog/selfhost-search-engine/" type="text/html"/>
|
|
<id>https://devraza.giize.com/blog/selfhost-search-engine/</id>
|
|
<content type="html"><h1 id="introduction">Introduction<a class="zola-anchor" href="#introduction" aria-label="Anchor link for: introduction">#</a></h1>
|
|
<p><a rel="nofollow noreferrer" href="https://docs.searxng.org/">SearXNG</a>, put in its own words, is a 'free internet metasearch engine'.
|
|
Note that it describes itself as a <em>metasearch</em> engine specifically - unlike your traditional search engine like Google or Bing, SearXNG does things a little bit differently:
|
|
It aggregrates the results produced by search services like those aforementioned, and feeds them back to you.</p>
|
|
<p>Because of this key detail and a great deal of effort by those who've helped shape it, SearXNG protects your privacy, and does so very well:</p>
|
|
<ul>
|
|
<li>Private data from requests going to the search services it aggregrates results from is removed</li>
|
|
<li>It does <strong>not</strong> forward <em>anything</em> to any third parties through search services</li>
|
|
<li>Private data is <em>also</em> removed from requests going to the results pages</li>
|
|
</ul>
|
|
<p>Furthermore, SearXNG can be configured to use <a rel="nofollow noreferrer" href="https://torproject.org">Tor</a>.</p>
|
|
<p>However, the aspect of privacy isn't the only great selling feature of the engine; from my use of the engine so far, it's also great at...searching (is that a surprise?). The fact that it's a metasearch engine plays a key role in this,
|
|
as it provides SearXNG the ability to pull content more efficiently and gives <em>you</em> the ability to further tailor your experience.</p>
|
|
<h1 id="setting-up-searxng">Setting up SearXNG<a class="zola-anchor" href="#setting-up-searxng" aria-label="Anchor link for: setting-up-searxng">#</a></h1>
|
|
<h2 id="installing-the-service">Installing the service<a class="zola-anchor" href="#installing-the-service" aria-label="Anchor link for: installing-the-service">#</a></h2>
|
|
<p>As you may have expected if you've used NixOS for a while, searxng is packaged <em>and</em> has a service on NixOS. This makes setting it up just that much easier.</p>
|
|
<p>To get started, place somewhere in your <em>system</em> config the following:</p>
|
|
<pre data-lang="nix" style="background-color:#151515;color:#e8e8d3;" class="language-nix "><code class="language-nix" data-lang="nix"><span>{
|
|
</span><span> </span><span style="color:#888888;"># ...
|
|
</span><span> </span><span style="color:#ffb964;">services</span><span>.</span><span style="color:#ffb964;">searx </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">enable </span><span>= true;
|
|
</span><span> </span><span style="color:#ffb964;">settings </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">server </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">port </span><span>= </span><span style="color:#cf6a4c;">8888</span><span>;
|
|
</span><span> </span><span style="color:#ffb964;">bind_address </span><span>= </span><span style="color:#99ad6a;">&quot;127.0.0.1&quot;</span><span>;
|
|
</span><span> </span><span style="color:#ffb964;">secret_key </span><span>= </span><span style="color:#99ad6a;">&quot;@SEARX_SECRET_KEY@&quot;</span><span>;
|
|
</span><span> </span><span style="color:#ffb964;">base_url </span><span>= </span><span style="color:#99ad6a;">&quot;https://search.devraza.duckdns.org/&quot;</span><span>; </span><span style="color:#888888;"># replace with wherever you want to host yours
|
|
</span><span> };
|
|
</span><span> };
|
|
</span><span> };
|
|
</span><span> </span><span style="color:#888888;"># ...
|
|
</span><span>}
|
|
</span></code></pre>
|
|
<p>The snippet above starts the <code>searx</code> systemd service for listening on port <code>8888</code>, and assumes a <code>base_url</code> of <code>https://search.devraza.duckdns.org</code>.</p>
|
|
<p>Now that we've got the actual <code>searx</code> instance running, we can now set up a reverse proxy allowing the service to be accessed remotely (whether this is within your local network or across the internet is up to you).</p>
|
|
<h2 id="setting-up-a-reverse-proxy">Setting up a reverse proxy<a class="zola-anchor" href="#setting-up-a-reverse-proxy" aria-label="Anchor link for: setting-up-a-reverse-proxy">#</a></h2>
|
|
<h3 id="what-is-a-reverse-proxy">What is a reverse proxy?<a class="zola-anchor" href="#what-is-a-reverse-proxy" aria-label="Anchor link for: what-is-a-reverse-proxy">#</a></h3>
|
|
<p>Before I get started with the technical details of setting this up, I'd like to briefly clarify what a reverse proxy exactly is (to my understanding).</p>
|
|
<p>Let's get the wikipedia definition of reverse proxy out of the way first:</p>
|
|
<blockquote>
|
|
<p>[...] a reverse proxy is an application that sits in front of back-end applications and forwards client requests to those applications. [...]</p>
|
|
</blockquote>
|
|
<p>However, you might be confused as to what this actually means; I'll give an example of the usage of reverse proxies to better explain this:</p>
|
|
<ul>
|
|
<li>Suppose you've got a few services running on a server (for demonstration purposes, let's name these <code>x</code>, <code>y</code> and <code>z</code>), each running on their own unique port.</li>
|
|
<li>Assuming you had a domain, and wanted to access all of these services from their own unique sub-domains (e.g. <code>x.yourdomain.com</code>, <code>y.yourdomain.com</code> and <code>z.yourdomain.com</code>), you would have to use a reverse proxy.</li>
|
|
<li>This reverse proxy would take in requests from clients going to sub-domains, and forward these requests to the appropriate port on your machine for the service being requested.</li>
|
|
</ul>
|
|
<p>The concept should be clear now, if it wasn't already.</p>
|
|
<h3 id="using-nginx-to-set-up-the-reverse-proxy">Using NGINX to set up the reverse proxy<a class="zola-anchor" href="#using-nginx-to-set-up-the-reverse-proxy" aria-label="Anchor link for: using-nginx-to-set-up-the-reverse-proxy">#</a></h3>
|
|
<p>NGINX is a popular web server that supports the creation of virtual hosts and the usage of reverse proxies. To accomodate our <code>searx</code> instance, we append the following to our NixOS server configuration:</p>
|
|
<pre data-linenos data-lang="nix" style="background-color:#151515;color:#e8e8d3;" class="language-nix "><code class="language-nix" data-lang="nix"><table><tbody><tr><td>1</td><td><span>{
|
|
</span></td></tr><tr><td>2</td><td><span> </span><span style="color:#888888;"># ...
|
|
</span></td></tr><tr><td>3</td><td><span> </span><span style="color:#ffb964;">services</span><span>.</span><span style="color:#ffb964;">nginx </span><span>= {
|
|
</span></td></tr><tr><td>4</td><td><span> </span><span style="color:#ffb964;">enable </span><span>= true;
|
|
</span></td></tr><tr><td>5</td><td><span> </span><span style="color:#888888;"># any extra configuration here
|
|
</span></td></tr><tr><td>6</td><td><span> </span><span style="color:#ffb964;">virtualHosts </span><span>= {
|
|
</span></td></tr><tr><td>7</td><td><span> </span><span style="color:#99ad6a;">&quot;search&quot; </span><span>= { </span><span style="color:#888888;"># this can be anything, being an arbitrary identifier
|
|
</span></td></tr><tr><td>8</td><td><span> </span><span style="color:#ffb964;">forceSSL </span><span>= true;
|
|
</span></td></tr><tr><td>9</td><td><span> </span><span style="color:#ffb964;">serverName </span><span>= </span><span style="color:#99ad6a;">&quot;search.yourdomain.com&quot;</span><span>; </span><span style="color:#888888;"># replace this with whatever you&#39;re serving from
|
|
</span></td></tr><tr><td>10</td><td><span> </span><span style="color:#888888;"># SearX proxy
|
|
</span></td></tr><tr><td>11</td><td><span> </span><span style="color:#ffb964;">locations</span><span>.</span><span style="color:#99ad6a;">&quot;/&quot; </span><span>= {
|
|
</span></td></tr><tr><td><mark style="background-color:#010101;">12</mark></td><td><mark style="background-color:#010101;"><span> </span><span style="color:#ffb964;">proxyPass </span><span>= </span><span style="color:#99ad6a;">&quot;http://${toString </span><span style="color:#ffb964;">config</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">services</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">searx</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">settings</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">server</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">bind_address</span><span style="color:#99ad6a;">}:${toString </span><span style="color:#ffb964;">config</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">services</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">searx</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">settings</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">server</span><span style="color:#99ad6a;">.</span><span style="color:#ffb964;">port</span><span style="color:#99ad6a;">}&quot;</span><span>;
|
|
</span></mark></td></tr><tr><td>13</td><td><span> </span><span style="color:#ffb964;">proxyWebsockets </span><span>= true;
|
|
</span></td></tr><tr><td>14</td><td><span> </span><span style="color:#ffb964;">recommendedProxySettings </span><span>= true;
|
|
</span></td></tr><tr><td>15</td><td><span> };
|
|
</span></td></tr><tr><td>16</td><td><span> };
|
|
</span></td></tr><tr><td>17</td><td><span> };
|
|
</span></td></tr><tr><td>18</td><td><span> };
|
|
</span></td></tr><tr><td>19</td><td><span> </span><span style="color:#888888;"># ...
|
|
</span></td></tr><tr><td>20</td><td><span>}
|
|
</span></td></tr></tbody></table></code></pre>
|
|
<blockquote class="callout note">
|
|
|
|
<div class="icon">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="20" height="20"><path d="M12 22C6.47715 22 2 17.5228 2 12C2 6.47715 6.47715 2 12 2C17.5228 2 22 6.47715 22 12C22 17.5228 17.5228 22 12 22ZM12 20C16.4183 20 20 16.4183 20 12C20 7.58172 16.4183 4 12 4C7.58172 4 4 7.58172 4 12C4 16.4183 7.58172 20 12 20ZM11 7H13V9H11V7ZM11 11H13V17H11V11Z" fill="currentColor"></path></svg>
|
|
</div>
|
|
<div class="content">
|
|
|
|
<p><strong>Note</strong></p>
|
|
|
|
<p>The expression highlighted above is used to dynamically adjust the location NGINX will forward requests to, depending on your <code>searx</code> config</p>
|
|
|
|
</div>
|
|
</blockquote>
|
|
<p>After saving your changes and rebuilding your server's system configuration (as usual), you should have a working <em>private</em> instance of SearXNG that you can access using the <code>serverName</code> you've given it.</p>
|
|
<p>Set your browser to use this as your search engine using the relevant documentation (with Firefox this is as easy as right-clicking on the URL after opening up the page and clicking a button). Enjoy!</p>
|
|
</content>
|
|
</entry>
|
|
<entry xml:lang="en">
|
|
<title>Setting up Zola on NixOS</title>
|
|
<published>2023-12-29T00:00:00+00:00</published>
|
|
<updated>2023-12-29T00:00:00+00:00</updated>
|
|
<link href="https://devraza.giize.com/blog/setting-up-zola-nixos/" type="text/html"/>
|
|
<id>https://devraza.giize.com/blog/setting-up-zola-nixos/</id>
|
|
<content type="html"><h1 id="introduction">Introduction<a class="zola-anchor" href="#introduction" aria-label="Anchor link for: introduction">#</a></h1>
|
|
<p><a rel="nofollow noreferrer" href="https://getzola.org">Zola</a> is a static site generator (similarly to the infamous <a rel="nofollow noreferrer" href="https://gohugo.io">Hugo</a>, which you may have already heard of) and is written in Rust.
|
|
It also happens to be the framework that this site is built on!</p>
|
|
<p>This blog post is a guide on setting up the site engine on NixOS specifically.</p>
|
|
<h1 id="installation">Installation<a class="zola-anchor" href="#installation" aria-label="Anchor link for: installation">#</a></h1>
|
|
<h2 id="installing-the-package">Installing the package<a class="zola-anchor" href="#installing-the-package" aria-label="Anchor link for: installing-the-package">#</a></h2>
|
|
<p><code>zola</code> is packaged in the nix package repository, so you just declaratively add the package to your configuration as usual:
|
|
For the purposes of this guide, zola can be installed either as a system or user package.</p>
|
|
<ul>
|
|
<li>As a system package:</li>
|
|
</ul>
|
|
<pre data-lang="nix" style="background-color:#151515;color:#e8e8d3;" class="language-nix "><code class="language-nix" data-lang="nix"><span>{ </span><span style="color:#ffb964;">pkgs</span><span>, ... }: {
|
|
</span><span> </span><span style="color:#888888;"># ...
|
|
</span><span> </span><span style="color:#ffb964;">environment</span><span>.</span><span style="color:#ffb964;">systemPackages </span><span>= with </span><span style="color:#ffb964;">pkgs</span><span>; [
|
|
</span><span> </span><span style="color:#ffb964;">zola </span><span style="color:#888888;"># Append the package name to the list
|
|
</span><span> ];
|
|
</span><span> </span><span style="color:#888888;"># ...
|
|
</span><span>}
|
|
</span></code></pre>
|
|
<ul>
|
|
<li>As a user package (with home-manager):</li>
|
|
</ul>
|
|
<pre data-lang="nix" style="background-color:#151515;color:#e8e8d3;" class="language-nix "><code class="language-nix" data-lang="nix"><span>{ </span><span style="color:#ffb964;">pkgs</span><span>, ... }: {
|
|
</span><span> </span><span style="color:#888888;"># ...
|
|
</span><span> </span><span style="color:#ffb964;">home</span><span>.</span><span style="color:#ffb964;">packages </span><span>= with </span><span style="color:#ffb964;">pkgs</span><span>; [
|
|
</span><span> </span><span style="color:#ffb964;">zola </span><span style="color:#888888;"># Append the package name to the list
|
|
</span><span> ];
|
|
</span><span> </span><span style="color:#888888;"># ...
|
|
</span><span>}
|
|
</span></code></pre>
|
|
<p>Now that <code>zola</code> itself is installed, we can move on setting up the pages it serves - continue reading...</p>
|
|
<h2 id="setting-up-a-theme">Setting up a theme<a class="zola-anchor" href="#setting-up-a-theme" aria-label="Anchor link for: setting-up-a-theme">#</a></h2>
|
|
<p>Zola actually has a section of its website showcasing several community-made themes which you can choose from to be the theme for your static site <a rel="nofollow noreferrer" href="https://getzola.org/themes/">here</a>.</p>
|
|
<p>Simply choose a theme that you like (demos are usually available for each theme listed) and follow its appropriate documentation to set it up - this site uses a version of the <a rel="nofollow noreferrer" href="https://www.getzola.org/themes/serene/">serene theme</a> with my custom colours.</p>
|
|
<blockquote class="callout note">
|
|
|
|
<div class="icon">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="20" height="20"><path d="M12 22C6.47715 22 2 17.5228 2 12C2 6.47715 6.47715 2 12 2C17.5228 2 22 6.47715 22 12C22 17.5228 17.5228 22 12 22ZM12 20C16.4183 20 20 16.4183 20 12C20 7.58172 16.4183 4 12 4C7.58172 4 4 7.58172 4 12C4 16.4183 7.58172 20 12 20ZM11 7H13V9H11V7ZM11 11H13V17H11V11Z" fill="currentColor"></path></svg>
|
|
</div>
|
|
<div class="content">
|
|
|
|
<p><strong>Custom themes</strong></p>
|
|
|
|
<p>You can also make your own theme if that better suits you (I recommend giving the <a rel="nofollow noreferrer" href="https://getzola.org/documentation">documentation</a> a read if so).</p>
|
|
|
|
</div>
|
|
</blockquote><h2 id="setting-up-nginx">Setting up NGINX<a class="zola-anchor" href="#setting-up-nginx" aria-label="Anchor link for: setting-up-nginx">#</a></h2>
|
|
<p>After selecting a theme (or making your own) you should now have a directory somewhere on your server containing your static site.
|
|
For the following snippet, we'll assume this is at <code>/var/lib/blog</code>.</p>
|
|
<p><a rel="nofollow noreferrer" href="https://nginx.com">NGINX</a> is a popular webserver which we're going to use for the purposes of hosting and serving our site. To do so, append the following somewhere in your configuration:</p>
|
|
<pre data-lang="nix" style="background-color:#151515;color:#e8e8d3;" class="language-nix "><code class="language-nix" data-lang="nix"><span style="color:#888888;"># ...
|
|
</span><span>{
|
|
</span><span> </span><span style="color:#888888;"># ...
|
|
</span><span> </span><span style="color:#ffb964;">services</span><span>.</span><span style="color:#ffb964;">nginx </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">enable </span><span>= true;
|
|
</span><span> </span><span style="color:#ffb964;">virtualHosts </span><span>= {
|
|
</span><span> </span><span style="color:#99ad6a;">&quot;blog&quot; </span><span>= {
|
|
</span><span> </span><span style="color:#ffb964;">forceSSL </span><span>= true;
|
|
</span><span> </span><span style="color:#ffb964;">serverName </span><span>= </span><span style="color:#99ad6a;">&quot;blog.devraza.duckdns.org&quot;</span><span>; </span><span style="color:#888888;"># replace this with wherever your site will be
|
|
</span><span> </span><span style="color:#ffb964;">root </span><span>= </span><span style="color:#99ad6a;">&quot;/var/lib/blog/public&quot;</span><span>; </span><span style="color:#888888;"># the path to the `public` folder in our site directory
|
|
</span><span> };
|
|
</span><span> };
|
|
</span><span> };
|
|
</span><span> </span><span style="color:#888888;"># ...
|
|
</span><span>}
|
|
</span></code></pre>
|
|
<h1 id="finishing-up">Finishing up<a class="zola-anchor" href="#finishing-up" aria-label="Anchor link for: finishing-up">#</a></h1>
|
|
<p>You should now have your own static site built with Zola! You can use this for a bunch of things, like:</p>
|
|
<ul>
|
|
<li>Your personal blog (as I've done)</li>
|
|
<li>A way to showcase your projects (<a rel="nofollow noreferrer" href="https://blog.devraza.duckdns.org/projects">as I've also done</a>)</li>
|
|
<li>Hosting documentation (check out <a rel="nofollow noreferrer" href="https://www.getzola.org/themes/adidoks/">this Zola theme</a>, for example)</li>
|
|
</ul>
|
|
<blockquote class="callout question">
|
|
|
|
<div class="icon">
|
|
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="20" height="20"><path d="M12 22C6.47715 22 2 17.5228 2 12C2 6.47715 6.47715 2 12 2C17.5228 2 22 6.47715 22 12C22 17.5228 17.5228 22 12 22ZM12 20C16.4183 20 20 16.4183 20 12C20 7.58172 16.4183 4 12 4C7.58172 4 4 7.58172 4 12C4 16.4183 7.58172 20 12 20ZM11 15H13V17H11V15ZM13 13.3551V14H11V12.5C11 11.9477 11.4477 11.5 12 11.5C12.8284 11.5 13.5 10.8284 13.5 10C13.5 9.17157 12.8284 8.5 12 8.5C11.2723 8.5 10.6656 9.01823 10.5288 9.70577L8.56731 9.31346C8.88637 7.70919 10.302 6.5 12 6.5C13.933 6.5 15.5 8.067 15.5 10C15.5 11.5855 14.4457 12.9248 13 13.3551Z" fill="currentColor"></path></svg>
|
|
</div>
|
|
<div class="content">
|
|
|
|
<p><strong>Help, my changes aren&#x27;t sticking!</strong></p>
|
|
|
|
<p>When you make new markdown files (or any other changes to the structure of your site), remember to run <code>zola build</code> in your site directory (<code>/var/lib/blog</code>) for the changes to <em>build</em> into the actual site.</p>
|
|
|
|
</div>
|
|
</blockquote></content>
|
|
</entry>
|
|
</feed> |