# Quan Zhou

Exercise notes and other boring stuff

## August 30, 2021

Moving WriteFreely site to Docker

Though I'm not a big fan of unnecessary containerization, at some point, you'll want the convenience of the docker, you know, like eliminate the need to write custom system-d unit files.

The process was quite simple:

mkdir -p ~/dockers/blog
cd ~/dockers/blog
mv /var/www/qzhou.dev/{config.ini,writefreely.db} ./

# writefreely image is running with uid(2), that's bad, but until they've fixed this I'll just chown.
sudo chown 2:2 ./writefreely.db


Then create docker-compose.yaml file:

version: "3"

services:
writefreely:
container_name: "writefreely_blog"
image: "writeas/writefreely:latest"
volumes:
- web-keys:/go/keys
- ./config.ini:/go/config.ini
- ./writefreely.db:/go/writefreely.db
ports:
- 127.0.0.1:8082:8080
restart: unless-stopped

volumes:
web-keys:


I'm using cloudflared so it was actually to make the move, simply just update the /etc/cloudflared/config.yml:

(excerpt)

ingress:
- hostname: qzhou.dev
service: http://127.0.0.1:8082


docker-compose up -d and hooray~

## Docker started using 192.168.0.0/16 subnets all of in sudden

I was having fun with Jupyter and wanted to move it to my Docker host so it can benefit from the GPU. With effective configs:

## Just when you want to use systemctl --user with fish

~ > systemctl --user status
Failed to connect to bus: No such file or directory

~> systemctl --user status
● \$HOSTNAME
State: running
Jobs: 0 queued
Failed: 0 units
Since: Wed 2021-01-27 21:27:40 CST; 14h ago
CGroup: /user.slice/user-1003.slice/[email protected]
├─init.scope
│ ├─6672 /lib/systemd/systemd --user
│ └─6686 (sd-pam)
└─gpg-agent.service
└─20452 /usr/bin/gpg-agent --supervised


## Disable Translations in Apt

Sometimes non-server distros come with a lot of languages, takes a long time to update. So:

#/etc/apt/apt.conf.d/99translations
Acquire::Languages "none";


## Less Preferable Releases in Apt

While trying to install Maltego on a development machine, I've added the kali-rolling distribution to my sources.list.d. After an apt update I found myself sat in front of a machine suddenly received thousands of updates.

The surprise wore off quickly, it's called 'rolling' for a reason, but I don't want a “foreign distro” to pollute my system either. I know the “preference” was the word to look for, but not really sure if it's available through man pages.

## TIL Apt Takes 'Direct' In Proxy Statement

I was playing around in a contained network where only some of the connections should go through a proxy.

From man apt-transport-http:

...
The various APT configuration options support the special value DIRECT meaning that no proxy should be used. The environment variable no_proxy is also supported for the same purpose.
...


## Commit Security

It's quite usual that people push their credentials to a public git repo on the internet. What published is published, a push -f does not unpublish, and recovery isn't that obscure.

## Revisiting WriteFreely Configuration

My WriteFreely configuration has changed quite many times, which is more frequent than posting. 😉

## Enabling Encrypted SNI

I was trying to pass the [Encrypted SNI test], but it wasn't smooth as silk.

My resolver NextDNS support the feature, but the test page finds otherwise. So skimmed over the [document], found following requirements: