Compare commits
13 commits
Author | SHA1 | Date | |
---|---|---|---|
76d3af9793 | |||
25660362be | |||
3786d166a0 | |||
3b140ce4a0 | |||
13e166e862 | |||
2a91272b6f | |||
28091400cf | |||
ed23a4dc0c | |||
df6aba4c46 | |||
c84b20b4de | |||
26d3459ea0 | |||
af8d341f86 | |||
c9ef6473f9 |
32 changed files with 295 additions and 103 deletions
|
@ -4,20 +4,6 @@ on: push
|
|||
env:
|
||||
DEV_SHELL_NAME: CI
|
||||
jobs:
|
||||
Check config:
|
||||
runs-on: flakes-action
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
name: Checkout
|
||||
- name: Metadata
|
||||
run: |
|
||||
nix flake metadata
|
||||
- name: Statix
|
||||
run: |
|
||||
nix develop -c statix check
|
||||
- name: Flake check
|
||||
run: |
|
||||
nix flake check
|
||||
Publish:
|
||||
runs-on: flakes-action
|
||||
steps:
|
||||
|
@ -34,4 +20,22 @@ jobs:
|
|||
EOF
|
||||
chmod 400 ~/.ssh/id_ed25519
|
||||
echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILqDeXcIQwLXxuueu9KTC6y6NPUUzDRdF4Q5NUk+nFwt upload@blog" > ~/.ssh/id_ed25519.pub
|
||||
nix develop -c rsync -avz -e 'ssh -o StrictHostKeyChecking=accept-new' public/ blog@blog.cyplo.net:/var/www/blog/
|
||||
nix develop -c rsync -avz -e 'ssh -o StrictHostKeyChecking=accept-new' public/ blog@blog.cyplo.net:/var/www/blog/
|
||||
- name: Check html
|
||||
run: |
|
||||
nix develop -c htmltest
|
||||
|
||||
Check config:
|
||||
runs-on: flakes-action
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
name: Checkout
|
||||
- name: Metadata
|
||||
run: |
|
||||
nix flake metadata
|
||||
- name: Statix
|
||||
run: |
|
||||
nix develop -c statix check
|
||||
- name: Flake check
|
||||
run: |
|
||||
nix flake check
|
||||
|
|
9
.gitignore
vendored
9
.gitignore
vendored
|
@ -1,3 +1,8 @@
|
|||
public/
|
||||
resources/_gen/
|
||||
.direnv/
|
||||
public/
|
||||
tmp/
|
||||
resources/_gen/
|
||||
node_modules/
|
||||
assets/jsconfig.json
|
||||
hugo_stats.json
|
||||
.hugo_build.lock
|
||||
|
|
4
.htmltest.yml
Normal file
4
.htmltest.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
DirectoryPath: public/
|
||||
IgnoreDirectoryMissingTrailingSlash: true
|
||||
IgnoreEmptyHref: true
|
||||
RedirectLimit: 32
|
|
@ -21,7 +21,6 @@ position = "center top"
|
|||
[params]
|
||||
homeTitle = "Adventurous Computing by Cyryl Płotnicki"
|
||||
keywords = "programming, testing, tdd, rust, golang"
|
||||
logo = "images/avatar.jpg"
|
||||
showRelatedPosts = true
|
||||
rss = true
|
||||
selfHosted = true
|
||||
|
@ -66,8 +65,4 @@ weight = 6
|
|||
name = "Cyryl Płotnicki"
|
||||
website = "https://blog.cyplo.dev/"
|
||||
email = "blog@cyplo.dev"
|
||||
github = "cyplo"
|
||||
gitlab = "cyplo"
|
||||
twitter = "cyplo"
|
||||
linkedin = "cyplo"
|
||||
mastodon = "peninsula.industries/@cyplo"
|
||||
|
|
|
@ -8,11 +8,6 @@ My name is Cyryl and I hope you're having a great day !
|
|||
|
||||
## Interesting random tidbits about me
|
||||
|
||||
I am [running](https://blog.cyplo.net/posts/2018/05/pair-with-me-on-rust.html) remote pairing sessions, helping people with Rust.
|
||||
My recent focus is [adding fuzzer](https://twitter.com/cyplo/status/1094606119421521922) infrastructure to their projects.
|
||||
|
||||
I started a [blog post series](https://blog.cyplo.net/series/rust-testing-tricks/) on testing in [Rust](https://blog.cyplo.net/categories/rust.html) where I share the tricks I've learned.
|
||||
|
||||
I was in both leadership and individual contributor roles, I have respect for all sides involved in the process.
|
||||
|
||||
I like testing, I taught various aspects of TDD in an apprenticeship course.
|
||||
|
@ -30,7 +25,7 @@ As all of the above is on the bleeding edge - I find, report and fix bugs throug
|
|||
|
||||
Helping client teams grow - working within software teams and teaching technical concepts as well as improving the process.
|
||||
Running workshops (e.g. Legacy Code Retreat, advanced git, **TDD**).
|
||||
Running **Rust** pairing sessions and intro to Rust workshops.
|
||||
// Running **Rust** pairing sessions and intro to Rust workshops.
|
||||
Facilitating open-space conferences.
|
||||
Teaching at the apprenticeship programme.
|
||||
|
||||
|
@ -85,7 +80,7 @@ The links provided are for the slide decks.
|
|||
- Mastering Git
|
||||
- Legacy Code Retreat - running a full-day workshop on test-driving changes in legacy code.
|
||||
- A secret to secure software (ssshhh it's TDD)
|
||||
- ["Conferences you did not know existed and now you know you just need to go to"](https://blog.cyplo.net/posts/2016/03/13/conferences.html)
|
||||
- ["Conferences you did not know existed and now you know you just need to go to"](/posts/2016/03/13/conferences/)
|
||||
- "Languages are communities" - impromptu talk about how communities are the most important thing when choosing your programming language.
|
||||
- ["Tor and what it's good for"](https://github.com/cyplo/talks/tree/master/tor_for_beginners)
|
||||
- ["Erlang for the .Net people"](https://github.com/erlang-wroclaw/erlang_tech_night) - introduction to Erlang with some live coding by me and my friend Fabian
|
||||
|
|
|
@ -3,8 +3,8 @@ title: "Projects"
|
|||
date: 2022-10-30
|
||||
---
|
||||
|
||||
- [legdur](https://sr.ht/~cyplo/legdur/) - legdur is a simple CLI program to compute hashes of large sets of files in large directory structures and compare them with a previous snapshot. Think having your photo collection you acquired over time and worrying about bitrot.
|
||||
- [genpass](https://sr.ht/~cyplo/genpass/) - A simple yet robust commandline random password generator written in Rust. Has an extensive generative test suite, including tests against a Rust port of Dropbox's password strength tester zxcvbn.
|
||||
- [netlify deployer](https://pypi.org/project/netlify-deployer/) - A Python CLI tool to deploy a website to Netlify using their incremental API client. Not the best code but works like a charm. This blog [uses](https://git.sr.ht/~cyplo/blog/tree/master/item/.build.yml#L21) it.
|
||||
- [my dotfiles](https://sr.ht/~cyplo/dotfiles/) - all of the settings for all of my machines, automated using Nix
|
||||
- [bakare](https://sr.ht/~cyplo/bakare/) - work in progress on writing a modern backup solution in Rust
|
||||
- [legdur](https://git.cyplo.dev/cyplo/legdur) - legdur is a simple CLI program to compute hashes of large sets of files in large directory structures and compare them with a previous snapshot. Think having your photo collection you acquired over time and worrying about bitrot.
|
||||
- [genpass](https://git.cyplo.dev/cyplo/genpass) - A simple yet robust commandline random password generator written in Rust. Has an extensive generative test suite, including tests against a Rust port of Dropbox's password strength tester zxcvbn.
|
||||
- [netlify deployer](https://pypi.org/project/netlify-deployer/) - A Python CLI tool to deploy a website to Netlify using their incremental API client. Not the best code but works like a charm.
|
||||
- [my dotfiles](https://git.cyplo.dev/cyplo/dotfiles) - all of the settings for all of my machines, automated using Nix
|
||||
- [bakare](https://git.cyplo.dev/cyplo/bakare) - work in progress on writing a modern backup solution in Rust
|
||||
|
|
|
@ -5,8 +5,10 @@ tags: [dotnet, ai, google, mono]
|
|||
category: artificial intelligence
|
||||
---
|
||||
|
||||
> Update 2023: things fall off the face of the internet after a while; removed dead links
|
||||
|
||||
It seems that being so much into other programming things I missed the
|
||||
[Google AI Contest](http://ai-contest.com/) announcement. It's
|
||||
[Google AI Contest]() announcement. It's
|
||||
supercool that they sponsor such challenges but also it's really uncool
|
||||
[so like warm ?] that apparently I won't have time to participate.
|
||||
|
||||
|
|
|
@ -7,11 +7,11 @@ category: games
|
|||
I have always been fascinated by works of Adrian Chmielarz, from the
|
||||
times of Metropolis Software on. Naturally then, I am following really
|
||||
closely on the development of
|
||||
[Bulletstorm](http://www.bulletstorm.com/). Damn, I even hoped to
|
||||
[Bulletstorm](https://www.bulletstorm.com/). Damn, I even hoped to
|
||||
talk to The Guy or Mieszko Zielinski at the
|
||||
[gameaiconf](http://gameaiconf.com/>) in Paris, but
|
||||
[Alex](http://aigamedev.com/) told me that "whoa,
|
||||
[PCF](http://www.peoplecanfly.com/) are so busy with the new IP that
|
||||
[gameaiconf]() in Paris, but
|
||||
[Alex]() told me that "whoa,
|
||||
[PCF](https://www.peoplecanfly.com/) are so busy with the new IP that
|
||||
they didn't have time to come this year, next year they'll be here,
|
||||
hopefully".
|
||||
|
||||
|
@ -23,7 +23,7 @@ that they take this game everywhere with them. To dinner, breakfast,
|
|||
party. That's the way I do like to work.
|
||||
|
||||
Now back on track, an interview which triggered this urge to flush my
|
||||
thoughts here. [Interview with Tanya Jessen](http://techland.com/2010/10/14/origins-tanya-jessen-lead-producer-on-bulletstorm/),
|
||||
thoughts here. [Interview with Tanya Jessen](https://techland.com/2010/10/14/origins-tanya-jessen-lead-producer-on-bulletstorm/),
|
||||
producer at Epic.
|
||||
|
||||
People make games so other people can have fun. How selfless.
|
||||
|
|
|
@ -11,7 +11,7 @@ these days. The question remains where to put them.
|
|||
|
||||
Previously I had my site published within one of the polish hosting
|
||||
companies for free, as my friend was involved in its operations. Thanks
|
||||
[Kajetan](http://www.kajetanwandowicz.com/) for 5 years of support !
|
||||
[Kajetan]() for 5 years of support !
|
||||
And maybe it'd stay that way if not of that desire of mine to tinker and
|
||||
have control of every aspect of the technology power. Some platform with
|
||||
ability to boot the system I want up would be appreciated.
|
||||
|
@ -40,7 +40,7 @@ their 'live' tech support line just to hear that it was really bad of me
|
|||
to change the resolv.conf and I just shouldn't do that. In the meanwhile
|
||||
their DNSes went back so I in fact did revert the resolv.conf after all.
|
||||
|
||||
It's [OpenVZ](http://wiki.openvz.org/Main_Page>)-based hosting, so
|
||||
It's [OpenVZ](https://wiki.openvz.org/Main_Page)-based hosting, so
|
||||
policy of "no-no's" is pretty much embedded in the very system. No
|
||||
kernel reinstallation. No swap space. No system clock write access. No
|
||||
clicking too fast in the administration panel. Back to google then my search for VPS
|
||||
|
|
|
@ -5,9 +5,11 @@ tags: [server, tilaa, ubuntu, virtualization, vps]
|
|||
category: server
|
||||
---
|
||||
|
||||
> Update 2023: the landscape has changed considerably over the last 13 years, a lot of the companies mentioned in this post have died, I've removed dead links
|
||||
|
||||
After some not so pleasurable experiences with the previous VPS hosting
|
||||
provider I started my search for some other one. This time not only
|
||||
google was involved but also [aardvark](http://vark.com/) and some of
|
||||
google was involved but also [aardvark]() and some of
|
||||
the "top XX best hosting providers" sites. Two results kept showing up.
|
||||
[server4you](http://www.server4you.com/) and
|
||||
[tilaa](https://www.tilaa.nl/). Which one to choose then ? I wanted
|
||||
|
@ -30,7 +32,7 @@ are some things I like or don't about its services.
|
|||
- friendly, responsive staff
|
||||
- 2x RAM amount of swap space - seems great compared to no swap on other VPSes
|
||||
- [KVM](http://www.linux-kvm.org/page/Main_Page)- and [qemu](http://en.wikipedia.org/wiki/QEMU)-based, you get full control of your system
|
||||
- good overall system responsiveness - I experienced occasional lags when using [OpenVZ](http://wiki.openvz.org/Main_Page) virtualization before, there's no such thing here
|
||||
- good overall system responsiveness - I experienced occasional lags when using [OpenVZ](https://wiki.openvz.org/Main_Page) virtualization before, there's no such thing here
|
||||
- they work fast - the day the new Ubuntu 10.10 was released, they had the VPS image ready !
|
||||
- their motto "We try to be good open source citizens" just convinces me
|
||||
- the only disadvantage is the price, it's 8.95 euro net montly, it's also easy to miss that info on the site
|
||||
|
|
|
@ -5,6 +5,8 @@ tags: [macosx, virtualbox]
|
|||
categories: [freedom, mac, server]
|
||||
---
|
||||
|
||||
> Updated 2023: sadly nawcom is no more, I've removed dead links
|
||||
|
||||
It all started with my work assignment of installing MacOSX Server 10.6
|
||||
on the XServe rack. Briefly speaking, after debugging some hardware problem
|
||||
with the CPU temperature meter, I managed to install the base OSX server
|
||||
|
@ -26,8 +28,8 @@ and launch was single-core. Both 32 and 64bit guests seem to be working
|
|||
fine. But what's the point of having many cores there if only one can be
|
||||
used per a VM ? Some time after that I found brilliant blog pair by
|
||||
[prasys](http://prasys.info/) and
|
||||
[nawcom](http://blog.nawcom.com/). It seems that the latter one
|
||||
produces what's called [ModCD](http://blog.nawcom.com/?p=446) which
|
||||
[nawcom](). It seems that the latter one
|
||||
produces what's called [ModCD]() which
|
||||
allows booting with the processor checks disabled. Recipe for amd64:
|
||||
|
||||
- create new MacOSX vm in VirtualBox
|
||||
|
|
|
@ -11,7 +11,7 @@ aliases:
|
|||
Ever cried over damaged disk holding your bitcoin wallet ? Ever
|
||||
formatted storage holding a perfectly valid and the only copy of your
|
||||
wallet.dat ? Yes, me too. Well, there's
|
||||
[Photorec](http://www.cgsecurity.org/wiki/PhotoRec), an opensource file
|
||||
[Photorec](https://en.wikipedia.org/wiki/PhotoRec), an opensource file
|
||||
recovery software. It just skips the partition and filesystem info and
|
||||
scans for plain file signatures on the disk. Unfortunately it does not
|
||||
recognize Bitcoin's Wallet as a file format. Bitcoin wiki
|
||||
|
@ -33,7 +33,7 @@ detection magic. Let's see whether it works on the wallet.
|
|||
```
|
||||
|
||||
Uhoh. Do not abandon hope for not all is lost ! Photorec [provides a
|
||||
way](http://www.cgsecurity.org/wiki/Add_your_own_extension_to_PhotoRec)
|
||||
way
|
||||
for you to add custom signatures. The only missing ingredient appears to
|
||||
be the knowledge possed by the `file` command. Just check your linux installation for
|
||||
`file`'s detection signatures. On my system these are to be found
|
||||
|
|
|
@ -5,15 +5,15 @@ tags: [BCM43224, crunchbang, dell, linux]
|
|||
category: linux
|
||||
---
|
||||
|
||||
Update:
|
||||
**Please note that I no longer host this kernel as it is very old and also Crunchbang is no more.**
|
||||
> Update 2023: crunchbang is no longer a thing, replaced by [bunsenlabs](https://www.bunsenlabs.org/)
|
||||
> Please note that I no longer host this kernel as it is very old and also Crunchbang is no more.**
|
||||
|
||||
Some time ago I got my hands on [CrunchBang Linux](http://crunchbanglinux.org/) distro, which is great. The only thing there that could be better is that my Broadcom BCM43224 WiFi card is not working. But I'm used to it, as many
|
||||
Some time ago I got my hands on [CrunchBang Linux](https://en.wikipedia.org/wiki/CrunchBang_Linux) distro, which is great. The only thing there that could be better is that my Broadcom BCM43224 WiFi card is not working. But I'm used to it, as many
|
||||
Linux distros do not provide it. As I happen to
|
||||
know from my Fedora experiences that it is resolved in kernel version
|
||||
3.4 . Also as that kernel tends to be generally faster on my machine, I
|
||||
decided to compile just this one. Here you are. [Vanilla 3.4.4](http://www.kernel.org/pub/linux/kernel/v3.0/linux-3.4.4.tar.bz2)
|
||||
kernel, [compiled](http://crunchbanglinux.org/forums/topic/18060/how-to-compile-the-kernel-from-source/)
|
||||
kernel, [compiled]()
|
||||
for Intel Atom and with BCM43224 support. This is a 64bit kernel.
|
||||
Download [crunchbanglinux-kernel-3.4.4-intel\_atom.tar.bz2]
|
||||
and:
|
||||
|
|
|
@ -6,7 +6,7 @@ category: talks
|
|||
---
|
||||
|
||||
I recently gave a two hours presentation on Erlang 101 along with
|
||||
[Fabian](http://fabiankrol.com/). Because of the generous support
|
||||
Fabian. Because of the generous support
|
||||
from Infusion I was able to speak at Institute of Computer Science at
|
||||
University of Wroclaw. The event was a blast, and that is an opinion of
|
||||
the people other than me also ;) Thanks for everyone who was there and
|
||||
|
|
|
@ -20,7 +20,7 @@ Disk /dev/sde: 500.1 GB, 500107862016 bytes
|
|||
```
|
||||
|
||||
First one is an SSD drive, I used it for OS
|
||||
installation. I went for [Crunchbang](http://crunchbang.org/) as I
|
||||
installation. I went for [Crunchbang](https://www.bunsenlabs.org/) as I
|
||||
was already familiar with it, however now I'm thinking of just getting
|
||||
newest Debian there, as it's finally released. Nothing fancy about the
|
||||
OS, a regular install really.
|
||||
|
|
|
@ -22,7 +22,7 @@ calibration for you. Game on you say ? Indeed.
|
|||
- 4x USB
|
||||
- HDMI
|
||||
- typing on its keyboard, just clicks with me
|
||||
- survived [OHM2013](https://ohm2013.org/site/) camp - not scared of
|
||||
- survived [OHM2013](https://ohm2013.org/) camp - not scared of
|
||||
humidity and hot air
|
||||
|
||||
## What I do not like so much:
|
||||
|
|
|
@ -5,13 +5,17 @@ tags: [cygwin, dotfiles, linux, mac, vim]
|
|||
category: open source
|
||||
---
|
||||
|
||||
> Update from 10 years into the future ! It's 2023 and the repo is still going strong, using lots of Nix and friends tho and also hosted elsewhere - edited the URLs.
|
||||
> All my dofiles live [here](https://git.cyplo.dev/cyplo/dotfiles/) now. Removed the links from the article below as they don't work anymore.
|
||||
|
||||
Hi ! Just letting you know that I've been working for some time on
|
||||
structuring my dotfiles and finally published them to
|
||||
[github](https://github.com/cyplo/dotfiles). These contain e.g. my
|
||||
[vimrc](https://github.com/cyplo/dotfiles/blob/master/.vimrc) and
|
||||
[font](https://github.com/cyplo/dotfiles/tree/master/.local/share/fonts)
|
||||
[configs](https://github.com/cyplo/dotfiles/tree/master/.config/fontconfig/conf.d).
|
||||
I've [patched](https://github.com/cyplo/vim-colors-solarized)
|
||||
structuring my dotfiles and finally ~~published them to
|
||||
[github]().~~ (No github anymore, selfhosting!)
|
||||
These contain e.g. my
|
||||
[vimrc]() and
|
||||
[font]()
|
||||
[configs]().
|
||||
I've [patched]()
|
||||
the famous [solarized](http://ethanschoonover.com/solarized) theme
|
||||
for vim to allow better
|
||||
[gitgutter](https://github.com/airblade/vim-gitgutter) symbols
|
||||
|
|
|
@ -4,8 +4,10 @@ date: 2014-03-17 10:08:21
|
|||
tags: [pocorgtfo]
|
||||
---
|
||||
|
||||
> Update 2023: I no longer host PoCorGTFO here, it's very much available elsewhere on the internet and I couldn't afford the costs for this server sadly.
|
||||
|
||||
Hey – to all you curious folks – the new issue of PoC or GTFO is well,
|
||||
out ! The best minds in infosec on exploits and more. Lots of hardcore
|
||||
programming knowledge to obtain. For your convenience, as it’s not that
|
||||
easy to get this on the webs, I’ve took a liberty of uploading them
|
||||
[here](/pages/files)
|
||||
[here]()
|
|
@ -5,6 +5,9 @@ tags: [observability]
|
|||
series: sunpowered
|
||||
---
|
||||
|
||||
> Update 2023: I no longer hosts those dashboards anymore and the server no longer runs in the form described.
|
||||
> You could argue I still run sunpowered servers, as my new house has solar PV ;)
|
||||
|
||||
Some, rather long, time ago I've added a [custom python](/posts/2014/04/21/adding-voltage-current-measurements-sunpowered-pi/)
|
||||
data acquisition and graphing to my sunpowered RaspberryPi installation
|
||||
on the balcony. Since then I've upgraded it to Raspi2 and ported the
|
||||
|
@ -23,7 +26,7 @@ compile the software there. I've [changed the original python scripts slightly](
|
|||
to upload the data to influxdb instead of graphing directly via
|
||||
matplotlib. Then configured grafana to display some cool graphs and that
|
||||
was pretty much it - you can see the result at
|
||||
[data.cyplo.net](http://data.cyplo.net/dashboard/db/sunpowered).
|
||||
[data.cyplo.net]().
|
||||
|
||||
Right now I'm testing 2 different sizes of solar panels and
|
||||
batteries, hooked at the same time. The ADC is connected as it was
|
||||
|
|
|
@ -7,7 +7,7 @@ tags: [social, conferences]
|
|||
# Go to conferences. It's good for you.
|
||||
|
||||
Ever wondered why to go to conferences ? Is it worth it, especially if
|
||||
you [do not feel confident](http://sarah.thesharps.us/2016/02/02/first-timers-guide-to-foss-conferences/)
|
||||
you [do not feel confident](https://sage.thesharps.us/2016/02/02/first-timers-guide-to-foss-conferences/)
|
||||
that the conference is on something that would be in an immediate realm
|
||||
of your day-to-day interests ? Just go ! You might end up learning
|
||||
something and meeting new people. And new people mean more variables to
|
||||
|
@ -20,7 +20,7 @@ having another misfit ? Here you go.
|
|||
Now imagine something niche within the industry. To me, AI comes to
|
||||
mind. Mages in robes in their towers, sending out autonomous robot
|
||||
armies against each other. Right ? There's a conference for that ! At
|
||||
[nucl.ai](http://nucl.ai/), in July, in Vienna, you can meet AI
|
||||
[nucl.ai](), in July, in Vienna, you can meet AI
|
||||
professionals from academia and industry alike, most of them coming from
|
||||
game development background. The atmosphere is very newcomer-friendly,
|
||||
the only requirement is that you're interested in AI, not necessarily
|
||||
|
|
|
@ -127,6 +127,6 @@ Start the debugging session by pressing `F5` again - this should result in the b
|
|||
|
||||
## Questions ?
|
||||
|
||||
Any questions ? Ask on [https://users.rust-lang.org/](https://users.rust-lang.org/) and ping me the link to the post on [Twitter](https://twitter.com/cyplo) or email it to me at [blog@cyplo.net](mailto:blog@cyplo.net). This way the answer will be visible to everyone in the community.
|
||||
Any questions ? Ask on [https://users.rust-lang.org/](https://users.rust-lang.org/) and ping me the link via email to me at [blog@cyplo.net](mailto:blog@cyplo.net). This way the answer will be visible to everyone in the community.
|
||||
|
||||
Keep on Rusting !
|
||||
|
|
|
@ -15,7 +15,7 @@ We can work on any of the following:
|
|||
|
||||
- Any project of yours !
|
||||
- Contribute back to a larger open source project (I am a contributor to e.g. [cargo](https://github.com/rust-lang/cargo/), [rustc](https://github.com/rust-lang/rust/) and [rustup](https://github.com/rust-lang-nursery/rustup.rs/))
|
||||
- A project of mine - e.g. [genpass](https://github.com/cyplo/genpass)
|
||||
- A project of mine - e.g. [genpass](https://lib.rs/crates/genpass)
|
||||
|
||||
Ping me an [email](mailto:rust@cyplo.dev) to schedule a session - can be a remote one or in person somewhere in London.
|
||||
|
||||
|
|
|
@ -36,7 +36,7 @@ Cargo prints `worker::should::consume_message_from_queue` when running this test
|
|||
Use e.g. the `atomic` types family or `RefCell` itself to get an immutable handle to a internally mutable data.
|
||||
Useful when you don't want your production code to accept anything that can mutate but you still want to control that value from the test.
|
||||
|
||||
See injecting the system clock example in [my previous blog post](/posts/2018/07/rust-injection.html).
|
||||
See injecting the system clock example in [my previous blog post](/posts/2018/07/rust-injection/).
|
||||
|
||||
# Write the test first
|
||||
|
||||
|
@ -58,6 +58,6 @@ Rust allows for more cool tricks and generally writing less test code than menti
|
|||
# Let's talk !
|
||||
|
||||
Have any questions ? Would like to pair on Rust ? Curious about TDD ? Ping me !
|
||||
Email is good - [hello@cyplo.net](mailto:hello@cyplo.net) or try [Twitter](https://twitter.com/cyplo).
|
||||
Email is good - [hello@cyplo.net](mailto:hello@cyplo.net).
|
||||
|
||||
thanks !
|
||||
|
|
|
@ -10,7 +10,7 @@ I am fascinated by the concept of fuzzing. It fits well with my desire to test w
|
|||
|
||||
It's a type of automated testing, especially good with finding edge cases in your code. It runs totally outside of your code and knows nothing about it - it just throws random data at it. Modern fuzzers instrument your code to be able to tell if by changing input they change the code paths covered and by doing that they try to achieve maximum coverage. While this sounds like a very naive approach it can lead to finding incredibly interesting bugs. For that reason fuzzers are oftentimes used in the security community for finding vulnerabilities. Fuzzing is a type of a black box testing - but how you define that box is entirely up to you. It can be the whole program, it can be a single function. It just needs a clear entry point with ability to manipulate input data.
|
||||
|
||||
An example may be in order. We'll look into one provided by [Rust Fuzzing Authority](https://github.com/rust-fuzz) - people behind [cargo fuzz](https://fuzz.rs/book/cargo-fuzz.html) and [afl.rs](https://fuzz.rs/book/afl.html).
|
||||
An example may be in order. We'll look into one provided by [Rust Fuzzing Authority](https://github.com/rust-fuzz) - people behind [cargo fuzz](https://rust-fuzz.github.io/book/cargo-fuzz.html) and [afl.rs](https://rust-fuzz.github.io/book/afl.html).
|
||||
Imagine you're trying to see if you've handled all cases in your url parser. You can just do
|
||||
|
||||
```rust
|
||||
|
@ -40,7 +40,7 @@ When thinking about other types of tests that are driven by randomness and are g
|
|||
|
||||
## Want help with fuzzing your open source project ?
|
||||
|
||||
If you're not sure what fuzzing is, or you want help with adding fuzzer support to your open source project - just tell me ! Either by [email](mailto:fuzzing@cyplo.dev) or on [Twitter](https://twitter.com/cyplo). I'm happy to jump on a call, pair program or whatever you fancy ! I know the most about the Rust fuzzing space, but happy to help with other languages as well - this allows me to learn :)
|
||||
If you're not sure what fuzzing is, or you want help with adding fuzzer support to your open source project - just tell me ! [Email](mailto:fuzzing@cyplo.dev) works best ! I'm happy to jump on a call, pair program or whatever you fancy ! I know the most about the Rust fuzzing space, but happy to help with other languages as well - this allows me to learn :)
|
||||
|
||||
I also run a fuzzing server where I can test your project overnight and see if we find anything.
|
||||
|
||||
|
|
|
@ -5,13 +5,16 @@ series: my-setup
|
|||
tags: [tools]
|
||||
---
|
||||
|
||||
> Update 2023: my dotfiles are self-hosted now at [git.cyplo.dev](https://git.cyplo.dev/cyplo/dotfiles);
|
||||
> They also have a different structure than described here; I've removed now-dead links to github.
|
||||
|
||||
Here's a list of software and some hardware I find useful, either things that I use daily or things that make an unusual task pleasant instead of incredibly difficult.
|
||||
This is constantly evolving, so please mind the publish date of this post to gauge how dated it is. The best place to get most recent settings I currently use is my [dotfiles](https://github.com/cyplo/dotfiles) repository, especially the [nixos](https://github.com/cyplo/dotfiles/tree/master/nixos) configuration.
|
||||
This is constantly evolving, so please mind the publish date of this post to gauge how dated it is. The best place to get most recent settings I currently use is my [dotfiles]() repository, especially the [nixos]() configuration.
|
||||
|
||||
## Laptop and OS
|
||||
|
||||
My daily driver is [Thinkpad T480](https://www.thinkwiki.org/wiki/Category:T480#Lenovo_ThinkPad_T480) running [NixOS](https://nixos.org/). I like the hardware for its matte screen, nice keyboard and general sturdiness. It's also black and black is nice.
|
||||
The device-specific config lives [here](https://github.com/cyplo/dotfiles/blob/master/nixos/boxes/foureighty.nix).
|
||||
The device-specific config lives [here]().
|
||||
|
||||
I use [home manager](https://github.com/rycee/home-manager) to manage my dotfiles.
|
||||
I still haven't found a good way of having all this setup ported exactly to non-NixOS operating systems.
|
||||
|
@ -22,18 +25,18 @@ NixOS's ability to boot into a previous version of the whole system is another b
|
|||
|
||||
## Networking gear
|
||||
|
||||
I had a lot of problems with network speed over wifi previously, because of that I bought a Netgear [Nighthawk X4S R7800](https://www.netgear.co.uk/home/products/networking/wifi-routers/R7800.aspx) router and installed [OpenWRT](https://openwrt.org/) on it. After all this change, I am able to run very frequent multi-gigabyte backup transfers over wifi and everything works nicely.
|
||||
I had a lot of problems with network speed over wifi previously, because of that I bought a Netgear [Nighthawk X4S R7800](https://www.netgear.com/home/wifi/routers/r7800/) router and installed [OpenWRT](https://openwrt.org/) on it. After all this change, I am able to run very frequent multi-gigabyte backup transfers over wifi and everything works nicely.
|
||||
|
||||
## Graphical interface
|
||||
|
||||
I started running [i3](https://i3wm.org/) recently because of the strain Gnome3 was putting on my system, and I am liking it so far, mostly for the speed of navigation and little resource usage. There's [polybar](https://github.com/polybar/polybar) on top and not much else in terms of bells and whistles present.
|
||||
I use [autorandr](https://github.com/phillipberndt/autorandr) to keep track of different display devices on different machines - it will automatically set the best resolution for whatever the screen combination I am currently using. See [config](https://github.com/cyplo/dotfiles/blob/master/nixos/user-xsession.nix) for more details.
|
||||
I use [autorandr](https://github.com/phillipberndt/autorandr) to keep track of different display devices on different machines - it will automatically set the best resolution for whatever the screen combination I am currently using. See [config]() for more details.
|
||||
|
||||
[Firefox](https://www.mozilla.org/en-GB/firefox/new/) remains my browser of choice, I highly recommend you try it, it is so much faster now than it used to be. Make sure to switch the tracking protection on.
|
||||
|
||||
## Secrets management
|
||||
|
||||
I have a [veracrypt](https://www.veracrypt.fr/en/Home.html) encrypted container, where my secrets reside, with a small set of scripts to [mount](https://github.com/cyplo/dotfiles/blob/master/tools/mount-vault) and [unmount](https://github.com/cyplo/dotfiles/blob/master/tools/umount-vault) it. The container is synced between different machines using [syncthing](https://syncthing.net/).
|
||||
I have a [veracrypt](https://www.veracrypt.fr/en/Home.html) encrypted container, where my secrets reside, with a small set of scripts to [mount]() and [unmount]() it. The container is synced between different machines using [syncthing](https://syncthing.net/).
|
||||
Inside the container, among other things, there is a [password store](https://www.passwordstore.org/) directory, which I use from either command line or from Firefox, using [this plugin](https://github.com/passff/passff)
|
||||
|
||||
## Sync
|
||||
|
@ -61,14 +64,14 @@ I settled on [Fira Code Retina](https://github.com/tonsky/FiraCode) for most of
|
|||
## Terminal
|
||||
|
||||
I find [termite](https://github.com/thestinger/termite) quite fast, while supporting extended character and colour sets.
|
||||
My shell is [zsh](https://www.zsh.org/) with minimal [oh-my-zsh](https://github.com/robbyrussell/oh-my-zsh) [config](https://github.com/cyplo/dotfiles/blob/master/nixos/programs/zsh.nix). I always run it inside a [tmux](https://github.com/tmux/tmux/wiki) session though, and no matter how many terminal windows I open, I am always greeted with the same state. All history and window state is shared between all terminal windows all tmux windows as well - it is always the same one tmux session. Because I am always running tmux, sometimes I end up in a situation when I ssh into some box and need to run tmux there - for that reason I have my main tmux session having different leader key than the default, this way I can choose which tmux session will receive my command - my machine or the one I'm connecting to. All of the above comes from a combination of [shell](https://github.com/cyplo/dotfiles/blob/master/nixos/programs/zsh.nix) and [tmux](https://github.com/cyplo/dotfiles/blob/master/nixos/programs/tmux.nix) settings.
|
||||
My shell is [zsh](https://www.zsh.org/) with minimal [oh-my-zsh](https://github.com/robbyrussell/oh-my-zsh) [config](). I always run it inside a [tmux](https://github.com/tmux/tmux/wiki) session though, and no matter how many terminal windows I open, I am always greeted with the same state. All history and window state is shared between all terminal windows all tmux windows as well - it is always the same one tmux session. Because I am always running tmux, sometimes I end up in a situation when I ssh into some box and need to run tmux there - for that reason I have my main tmux session having different leader key than the default, this way I can choose which tmux session will receive my command - my machine or the one I'm connecting to. All of the above comes from a combination of [shell]() and [tmux]() settings.
|
||||
|
||||
Here's a small collection of other tools I found help a lot when on the terminal:
|
||||
|
||||
- [ripgrep](https://github.com/BurntSushi/ripgrep) - it is just so much faster than grep
|
||||
- [fd](https://github.com/sharkdp/fd) - same but for `find`
|
||||
- [bat](https://github.com/sharkdp/bat) - a cooler `cat`
|
||||
- [genpass](https://crates.io/crates/genpass) for generating passwords
|
||||
- [genpass](https://lib.rs/crates/genpass) for generating passwords
|
||||
- [z.lua](https://github.com/skywind3000/z.lua) for faster navigation
|
||||
|
||||
And that's it !
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
pairing sessions update
|
||||
|
||||
- using genpass
|
||||
- fuzzing
|
|
@ -5,13 +5,13 @@ series: rust-testing-tricks
|
|||
tags: [rust, testing]
|
||||
---
|
||||
|
||||
Being able to precisely control what failures in underlying systems occur and at what time can be really useful in achieving a fast and stable test suite. While I am a big proponent of dependency inversion and being able to control dependencies via the explicit injection points in your API, sometimes it's impractical to do so. This is where [`fail`](https://crates.io/crates/fail) can help us immensely, providing an escape hatch for situations like those as it allows to inject failures into previously defined failure points.
|
||||
Being able to precisely control what failures in underlying systems occur and at what time can be really useful in achieving a fast and stable test suite. While I am a big proponent of dependency inversion and being able to control dependencies via the explicit injection points in your API, sometimes it's impractical to do so. This is where [`fail`](https://lib.rs/crates/fail) can help us immensely, providing an escape hatch for situations like those as it allows to inject failures into previously defined failure points.
|
||||
|
||||
It comes at a price though. If you would mix your other unit tests and tests activating fail points you will notice some unexpected failures in the test suite. As `cargo test` runs tests in parallel by default, the tests activating a fail point can interfere with another test that did not want that fail point active at all that is ran at the same time. The crate authors [recommend](https://docs.rs/fail/#usage-in-tests) running all of the tests using fail points in a separate executable and using `FailScenario` to serialise test execution.
|
||||
|
||||
There is another way, that I found simpler for the way I write tests, if you allow for yet another helper crate. We can run each test in a separate process, effectively isolating it from the rest, stopping failures from spreading.
|
||||
|
||||
Let's take a look at an example from [`bakare`](https://git.sr.ht/~cyplo/bakare) - my experiment in writing a backup system.
|
||||
Let's take a look at an example from [`bakare`](https://git.cyplo.dev/cyplo/bakare) - my experiment in writing a backup system.
|
||||
|
||||
`cargo.toml`
|
||||
|
||||
|
|
|
@ -5,6 +5,8 @@ series: my-setup
|
|||
tags: [tools]
|
||||
---
|
||||
|
||||
> Update 2023 - updated links to the most current code store - git.cyplo.dev instead of sr.ht
|
||||
|
||||
Hello and welcome to the second edition of me doing a summary of the year of using tech tools.
|
||||
|
||||
Here's a list of software and some hardware I find useful, either things that I use daily or things that make an unusual task pleasant instead of incredibly difficult.
|
||||
|
@ -12,12 +14,12 @@ This is constantly evolving, so please mind the publish date of this post, pleas
|
|||
|
||||
## Laptop, OS and other work hardware
|
||||
|
||||
- [Thinkpad T480](https://www.thinkwiki.org/wiki/Category:T480#Lenovo_ThinkPad_T480), the device-specific config lives [here](https://git.sr.ht/~cyplo/dotfiles/tree/master/item/nixos/boxes/foureighty/default.nix).
|
||||
- [Thinkpad T480](https://www.thinkwiki.org/wiki/Category:T480#Lenovo_ThinkPad_T480), the device-specific config lives [here](https://git.cyplo.dev/cyplo/dotfiles/src/branch/main/nixos/boxes/foureighty/default.nix).
|
||||
- CalDigit TS3 Plus usb-c hub
|
||||
- Iiyama ProLite 27" 4K monitor
|
||||
- IKEA BEKANT motorised standing desk
|
||||
|
||||
No dramatic changes here since the [last year](https://blog.cyplo.dev/posts/2019/11/tools/), I'm still on [NixOS](https://nixos.org/) on the T480. Thinkpad got a RAM upgrade to 48GiB and is handling it well, despite it being above it stated memory limit. I've also managed to get my `home-manager` config [called](https://git.sr.ht/~cyplo/dotfiles/tree/83ddcc09dc68389b129d598722eca9e90a6dff33/item/nixos/boxes/foureighty/default.nix#L33) from the main system configuration, so now I just need to do `sudo nixos-rebuild switch --upgrade` once and it does my `home-manager` setup as well. This allowed me to split the config into modules a bit better.
|
||||
No dramatic changes here since the [last year](https://blog.cyplo.dev/posts/2019/11/tools/), I'm still on [NixOS](https://nixos.org/) on the T480. Thinkpad got a RAM upgrade to 48GiB and is handling it well, despite it being above it stated memory limit. I've also managed to get my `home-manager` config called from the main system configuration, so now I just need to do `sudo nixos-rebuild switch --upgrade` once and it does my `home-manager` setup as well. This allowed me to split the config into modules a bit better.
|
||||
|
||||
I'm really happy with the standing desk as it allows me to switch from sitting to standing and back very quickly.
|
||||
|
||||
|
@ -41,8 +43,8 @@ While I stopped having WiFi speed problems with the purchase of the Netgear R780
|
|||
|
||||
## Graphical interface
|
||||
|
||||
- [i3](https://git.sr.ht/~cyplo/dotfiles/tree/83ddcc09dc68389b129d598722eca9e90a6dff33/item/nixos/i3)
|
||||
- [grobi](https://git.sr.ht/~cyplo/dotfiles/tree/83ddcc09dc68389b129d598722eca9e90a6dff33/item/nixos/i3/grobi.nix)
|
||||
- [i3](https://git.cyplo.dev/cyplo/dotfiles/src/branch/main/nixos/i3)
|
||||
- [grobi](https://git.cyplo.dev/cyplo/dotfiles/src/branch/main/nixos/i3/grobi.nix)
|
||||
|
||||
Running `grobi` now instead of `autorandr` but otherwise the config seems to be stabilising.
|
||||
|
||||
|
@ -52,7 +54,7 @@ Running `grobi` now instead of `autorandr` but otherwise the config seems to be
|
|||
- [password store](https://www.passwordstore.org/) + [passff](https://github.com/passff/passff)
|
||||
- [bitwarden](https://bitwarden.com/)
|
||||
|
||||
I have a `veracrypt` encrypted container, where my secrets reside, with a small set of scripts to [mount](https://git.sr.ht/~cyplo/dotfiles/tree/83ddcc09dc68389b129d598722eca9e90a6dff33/item/tools/mount-vault) and [unmount](https://git.sr.ht/~cyplo/dotfiles/tree/83ddcc09dc68389b129d598722eca9e90a6dff33/item/tools/umount-vault) it. The container is synced between different machines using `syncthing`.
|
||||
I have a `veracrypt` encrypted container, where my secrets reside, with a small set of scripts to [mount](https://git.cyplo.dev/cyplo/dotfiles/src/branch/main/nixos/home-manager/scripts/mount-vault.nix) and [unmount](https://git.cyplo.dev/cyplo/dotfiles/src/branch/main/nixos/home-manager/scripts/umount-vault.nix) it. The container is synced between different machines using `syncthing`.
|
||||
Inside the container, among other things, there is a `password store` directory, which I use from either command line or from Firefox.
|
||||
|
||||
For when I need to share a secret I use `bitwarden` as it allows for that in a quite an easy way.
|
||||
|
@ -77,8 +79,8 @@ I made some progress on [bakare](https://github.com/cyplo/bakare), a small backu
|
|||
|
||||
## Editors
|
||||
|
||||
- vim [configured via nix](https://git.sr.ht/~cyplo/dotfiles/tree/83ddcc09dc68389b129d598722eca9e90a6dff33/item/nixos/home-manager/programs/vim.nix)
|
||||
- VSCode [also configured via nix](https://git.sr.ht/~cyplo/dotfiles/tree/83ddcc09dc68389b129d598722eca9e90a6dff33/item/nixos/gui/vscode.nix)
|
||||
- vim [configured via nix](https://git.cyplo.dev/cyplo/dotfiles/src/branch/main/nixos/vim)
|
||||
- VSCode [also configured via nix](https://git.cyplo.dev/cyplo/dotfiles/src/branch/main/nixos/gui/vscode.nix)
|
||||
|
||||
Not much of a change here.
|
||||
|
||||
|
@ -88,19 +90,19 @@ I settled on [Fira Code Retina](https://github.com/tonsky/FiraCode) for most of
|
|||
|
||||
## Terminal
|
||||
|
||||
- [kitty](https://sw.kovidgoyal.net/kitty/) and [my config](https://git.sr.ht/~cyplo/dotfiles/tree/83ddcc09dc68389b129d598722eca9e90a6dff33/item/nixos/home-manager/programs/kitty.nix) for it
|
||||
- [zsh](https://www.zsh.org/) + [config](https://git.sr.ht/~cyplo/dotfiles/tree/83ddcc09dc68389b129d598722eca9e90a6dff33/item/nixos/home-manager/programs/zsh.nix)
|
||||
- [tmux](https://github.com/tmux/tmux/wiki) + [config](https://git.sr.ht/~cyplo/dotfiles/tree/83ddcc09dc68389b129d598722eca9e90a6dff33/item/nixos/home-manager/programs/tmux.nix)
|
||||
- [kitty](https://sw.kovidgoyal.net/kitty/) and [my config](https://git.cyplo.dev/cyplo/dotfiles/src/branch/main/nixos/home-manager/programs/kitty.nix) for it
|
||||
- [zsh](https://www.zsh.org/) + [config](https://git.cyplo.dev/cyplo/dotfiles/src/branch/main/nixos/zsh)
|
||||
- [tmux](https://github.com/tmux/tmux/wiki) + [config](https://git.cyplo.dev/cyplo/dotfiles/src/branch/main/nixos/home-manager/programs/tmux.nix)
|
||||
|
||||
While I still like `termite` and `alacritty`, I have switched to `kitty` lately as it is still quite fast while providing for some fancy shenanigans like graphics in the terminal. I'm not fully happy with my setup yet, as, for example, kitty sometimes requires restart for the graphics feature to work.
|
||||
|
||||
Here's a small collection of other tools I found help a lot when on the terminal:
|
||||
|
||||
- [newsboat](https://newsboat.org/) - a new one on the list, I find it providing a cool and relaxing way of reading RSS in the terminal, see [here](https://git.sr.ht/~cyplo/dotfiles/tree/83ddcc09dc68389b129d598722eca9e90a6dff33/item/nixos/home-manager/programs/newsboat.nix) for my config, including my subscriptions list
|
||||
- [newsboat](https://newsboat.org/) - a new one on the list, I find it providing a cool and relaxing way of reading RSS in the terminal, see [here](https://git.cyplo.dev/cyplo/dotfiles/src/branch/main/nixos/home-manager/programs/newsboat.nix) for my config, including my subscriptions list
|
||||
- [ripgrep](https://github.com/BurntSushi/ripgrep) - it is just so much faster than grep
|
||||
- [fd](https://github.com/sharkdp/fd) - same but for `find`
|
||||
- [bat](https://github.com/sharkdp/bat) - a cooler `cat`
|
||||
- [genpass](https://crates.io/crates/genpass) for generating passwords
|
||||
- [genpass](https://lib.rs/crates/genpass) for generating passwords
|
||||
- [z.lua](https://github.com/skywind3000/z.lua) for faster navigation
|
||||
|
||||
### TODOs for 2021:
|
||||
|
|
|
@ -9,7 +9,7 @@ I have a collection of photos & documents that I really care about.
|
|||
I synch them between computers using syncthing and also run backups regularly.
|
||||
What I didn't have was a way to quickly detect bitrot.
|
||||
|
||||
Enter [legdur](https://crates.io/crates/legdur)
|
||||
Enter [legdur](https://git.cyplo.dev/cyplo/legdur)
|
||||
|
||||
`legdur` is a simple CLI program to compute hashes of large sets of files in large directory structures and compare them with a previous snapshot.
|
||||
Think having your photo collection you acquired over time and worrying about bitrot.
|
||||
|
@ -18,6 +18,11 @@ Think having your photo collection you acquired over time and worrying about bit
|
|||
|
||||
`cargo install legdur --force` should get you there on a system that has Rust installed already.
|
||||
|
||||
## Try it out without installation
|
||||
|
||||
If you have a nix-flakes enabled system:
|
||||
`nix run git+https://git.cyplo.dev/cyplo/legdur.git`
|
||||
|
||||
## Usage
|
||||
|
||||
`legdur path/to/a/directory/`
|
||||
|
@ -42,15 +47,12 @@ finished:
|
|||
## How it works
|
||||
|
||||
* it will compute a hash of each file present in the directory structure (it works recursively).
|
||||
* if previously computed `legdur.db` exists it will compare the current state of the world to the one represented by `legdur.db` and output any differences. Only files that changed or got deleted get printed out, additions are not.
|
||||
* if previously computed `legdur.db` exists it will compare the current state of the world to the one represented by `legdur.db` and output any differences. Only files that changed or got deleted get printed out, additions or file moves anywhere within the directory are not.
|
||||
* it will move the current `legdur.db` to `legdur.old` and write the new state of the world to a new `legdur.db`
|
||||
|
||||
|
||||
## Contact & contributions
|
||||
* Let me know if you'd like to hack on this by contacting me on `legdur@cyplo.dev` or via `cyplo@todon.nl` on Mastodon.
|
||||
* Discuss on [lobsters](https://lobste.rs/s/klljdd/legdur_keep_your_legacy_durable)
|
||||
* Let me know if you'd like to hack on this by contacting me on `legdur@cyplo.dev` or via `cyplo@peninsula.industries` on the Fediverse.
|
||||
|
||||
## Sources
|
||||
|
||||
`hg clone https://hg.sr.ht/~cyplo/legdur`
|
||||
|
||||
`git clone https://git.cyplo.dev/cyplo/legdur.git`
|
||||
|
|
12
content/posts/2023/08/selfhosting.md
Normal file
12
content/posts/2023/08/selfhosting.md
Normal file
|
@ -0,0 +1,12 @@
|
|||
---
|
||||
title: This blog is now self-hosted !
|
||||
date: 2023-08-19
|
||||
tags: [meta, selfhosting]
|
||||
---
|
||||
|
||||
This is just a quick info that this blog is now self-hosted by yours truly. I'm using a small server at [Mythic Beasts](https://www.mythic-beasts.com/).
|
||||
|
||||
I have a small [CI situation](https://git.cyplo.dev/cyplo/blog/actions) going on via (self-hosted) Gitea Actions, it `rsync`s the contents to the server. Good old `nginx` + `rsync` and that's it.
|
||||
|
||||
I took this as an opportunity to hook up [htmltest](https://github.com/wjdp/htmltest) and it highlighted that a lot of places I linked to no longer exist or have moved. I've [updated](https://git.cyplo.dev/cyplo/blog/commit/df6aba4c4687918f31593e70048c28cf92482b09) all 13 years worth of blog posts and I'm happy to report that there's no longer any dead link present !
|
||||
|
155
content/posts/2023/09/act-runner-image.md
Normal file
155
content/posts/2023/09/act-runner-image.md
Normal file
|
@ -0,0 +1,155 @@
|
|||
---
|
||||
title: Creating a base OCI image for Nix flake builds within Gitea/Forgejo
|
||||
date: 2023-09-18
|
||||
tags: [nix, nixos, ci, docker, oci]
|
||||
---
|
||||
|
||||
I've been moving more and more of my infrastructure to be self-hosted recently.
|
||||
Part of that involves setting up CI jobs for testing and publishing artifacts, mostly rust crates but also this very blog.
|
||||
|
||||
I really wanted to re-use my existing Nix flakes for those projects, this way I know my [local dev env](https://git.cyplo.dev/cyplo/blog/src/branch/main/flake.nix#L15) would be the same env then [used on CI](https://git.cyplo.dev/cyplo/blog/src/branch/main/.gitea/workflows/build.yaml#L14).
|
||||
|
||||
I am [self-hosting](https://git.cyplo.dev/explore/) a Gitea instance (will probably be migrating to Forgejo) and it uses a [CI system](https://docs.gitea.io/en-us/usage/usage/actions/overview/) built to resemble [Github actions](https://github.com/actions) - basically you run your jobs as containers and within those you can run arbitrary commands. You can also take advantage of the existing ecosystem of `actions`.
|
||||
|
||||
I wanted a base image that would have on one hand `nix` with `flakes` enabled but on the other hand would be compatible with running popular actions from other authors. This meant having `nix`, `git` but also `nodejs` available amongts other things. I couldn't find one that would have both, so I built one !
|
||||
|
||||
I'm building on top of the [definitions](https://github.com/nix-community/docker-nixpkgs/blob/master/images/nix-flakes/default.nix) from [docker-nixpkgs](https://github.com/nix-community/docker-nixpkgs) and just tweaking them to add the things needed for `actions` and also for the definition itself to be a flake, for an added flavour. This allows me to add multiple image definitions in the same repo and the build them independently when needed.
|
||||
|
||||
Here's the whole definition in all of its glory, defining 2 images - `hello` and `flakes-action` - the `hello` being a test image for testing the process itself and `flakes-action` is the one I'm using on CI currently.
|
||||
|
||||
```nix
|
||||
{
|
||||
description = "docker base images";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
flake-utils.url = "github:numtide/flake-utils";
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, flake-utils }:
|
||||
flake-utils.lib.eachDefaultSystem
|
||||
(system:
|
||||
let
|
||||
pkgs = import nixpkgs { inherit system; };
|
||||
pkgsStatic = pkgs.pkgsStatic;
|
||||
lib = pkgs.lib;
|
||||
|
||||
in
|
||||
{
|
||||
packages = {
|
||||
hello = pkgs.dockerTools.buildImage {
|
||||
name = "hello-docker";
|
||||
config = {
|
||||
Cmd = [ "${pkgs.hello}/bin/hello" ];
|
||||
};
|
||||
};
|
||||
flakes-action = pkgs.dockerTools.buildImageWithNixDb {
|
||||
name = "flakes-action";
|
||||
contents = with pkgs; [
|
||||
./root
|
||||
bash
|
||||
coreutils
|
||||
curl
|
||||
gawk
|
||||
gitFull
|
||||
git-lfs
|
||||
gnused
|
||||
nodejs
|
||||
wget
|
||||
sudo
|
||||
nixFlakes
|
||||
cacert
|
||||
gnutar
|
||||
gzip
|
||||
openssh
|
||||
xz
|
||||
(pkgs.writeTextFile {
|
||||
name = "nix.conf";
|
||||
destination = "/etc/nix/nix.conf";
|
||||
text = ''
|
||||
accept-flake-config = true
|
||||
experimental-features = nix-command flakes
|
||||
'';
|
||||
})
|
||||
];
|
||||
|
||||
extraCommands = ''
|
||||
# for /usr/bin/env
|
||||
mkdir usr
|
||||
ln -s ../bin usr/bin
|
||||
|
||||
# make sure /tmp exists
|
||||
mkdir -m 1777 tmp
|
||||
|
||||
# need a HOME
|
||||
mkdir -vp root
|
||||
'';
|
||||
config = {
|
||||
Cmd = [ "/bin/bash" ];
|
||||
Env = [
|
||||
"LANG=en_GB.UTF-8"
|
||||
"ENV=/etc/profile.d/nix.sh"
|
||||
"BASH_ENV=/etc/profile.d/nix.sh"
|
||||
"NIX_BUILD_SHELL=/bin/bash"
|
||||
"NIX_PATH=nixpkgs=${./fake_nixpkgs}"
|
||||
"PAGER=cat"
|
||||
"PATH=/usr/bin:/bin"
|
||||
"SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
|
||||
"USER=root"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
});
|
||||
}
|
||||
```
|
||||
|
||||
If you want to build this yourself you can:
|
||||
|
||||
```bash
|
||||
git clone https://git.cyplo.dev/cyplo/base-images.git
|
||||
cd base-images
|
||||
nix build '.#flakes-action'
|
||||
docker load < result # this took me so much time, to realise I need `load` and not `import`...
|
||||
docker tag [image id] yourimage.repo/base-images/flakes-action:latest
|
||||
docker push yourimage.repo/base-images/flakes-action:latest
|
||||
```
|
||||
|
||||
Then to use on CI, an example of a Gitea CI config:
|
||||
```yaml
|
||||
on: push
|
||||
jobs:
|
||||
Publish:
|
||||
runs-on: flakes-action
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
name: Checkout
|
||||
- name: Build
|
||||
run: |
|
||||
nix develop -c hugo --gc --minify
|
||||
```
|
||||
It uses the image pushed and both a custom build script but also a well-known `checkout` action.
|
||||
|
||||
You need to teach your Gitea runner about the image first btw; if you use NixOS for the runner definition, it could look like this:
|
||||
|
||||
```nix
|
||||
services.gitea-actions-runner = {
|
||||
instances.boltyone = {
|
||||
enable = true;
|
||||
url = "https://yourgitea.domain";
|
||||
tokenFile = config.sops.secrets."gitea-runner-token".path;
|
||||
name = "bolty one";
|
||||
labels = [
|
||||
"flakes-action:docker://yourimage.repo/base-images/flakes-action:latest"
|
||||
"ubuntu-kinetic:docker://ubuntu:kinetic"
|
||||
"linux_amd64:host"
|
||||
];
|
||||
};
|
||||
};
|
||||
```
|
||||
|
||||
P.S. shoutout to [nixery](https://nixery.dev/) that I tried first and the resulting images were just a bit off as it was not easy to get them to support flakes. I think it's an amazing tool in its own right though and you should try it, you can do things like `docker run -ti nixery.dev/shell/git/htop bash` and it will happily just give you an image with those arbitrary nixpkgs included !
|
||||
|
||||
Happy hacking !
|
||||
|
||||
[Discuss this post on the Fediverse](https://peninsula.industries/@cyplo/111087014413124274)
|
|
@ -18,12 +18,16 @@
|
|||
cacert
|
||||
rsync
|
||||
git
|
||||
go
|
||||
hugo
|
||||
htmltest
|
||||
hut
|
||||
nodejs
|
||||
ruby
|
||||
statix
|
||||
bundler
|
||||
];
|
||||
NODE_PATH="./node_modules";
|
||||
};
|
||||
});
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue