alejandro-angulo/alejandr0angul0.dev
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse source
This commit is contained in:
Alejandro Angulo 2020-07-17 17:51:51 -07:00
commit c0a2bc6a81
No known key found for this signature in database
GPG key ID: C48F54CC664BCDB1
12 changed files with 354 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
.gitignore vendored Normal file
View file

@ -0,0 +1,6 @@
# Hugo output directory
/public
# Deployment config
config/production/deployment.toml

3
.gitmodules vendored Normal file
View file

@ -0,0 +1,3 @@
[submodule "themes/terminal"]
path = themes/terminal
url = https://github.com/panr/hugo-theme-terminal.git

6
archetypes/default.md Normal file
View file

@ -0,0 +1,6 @@
---
title: "{{ replace .Name "-" " " | title }}"
date: {{ .Date }}
draft: true
---

4
config/_default/config.toml Normal file
View file

@ -0,0 +1,4 @@
baseURL = "https://alejandr0angul0.dev/"
languageCode = "en-us"
theme = "terminal"

27
config/_default/languages.toml Normal file
View file

@ -0,0 +1,27 @@
[en]
languageName = "English"
title = "Alejandr00"
subtitle = ""
owner = ""
keywords = ""
copyright = ""
menuMore = "Show more"
readMore = "Read more"
readOtherPosts = "Read other posts"
missingContentMessage = "Page not found..."
missingBackButtonLabel = "Back to home page"
[en.params.logo]
logoText = "Alejandr00"
logoHomeLink = "/"
[en.menu]
[[en.menu.main]]
identifier = "about"
name = "about"
url = "/about"
[[en.menu.main]]
identifier = "gh"
name = "github"
url = "https://github.com/alejandro-angulo"

39
config/_default/params.toml Normal file
View file

@ -0,0 +1,39 @@
# dir name of your main content (default is `content/posts`).
# the list of set content will show up on your index page (baseurl).
contentTypeName = "posts"
# ["orange", "blue", "red", "green", "pink"]
themeColor = "green"
# if you set this to 0, only submenu trigger will be visible
showMenuItems = 2
# show selector to switch language
showLanguageSelector = false
# set theme to full screen width
fullWidthTheme = false
# center theme with default width
centerTheme = true
# set a custom favicon (default is a `themeColor` square)
# favicon = "favicon.ico"
# set post to show the last updated
# If you use git, you can set `enableGitInfo` to `true` and then post will automatically get the last updated
showLastUpdated = false
# Provide a string as a prefix for the last update date. By default, it looks like this: 2020-xx-xx [Updated: 2020-xx-xx] :: Author
# updatedDatePrefix = "Updated"
# set all headings to their default size (depending on browser settings)
# it's set to `true` by default
# oneHeadingSize = false
[twitter]
# set Twitter handles for Twitter cards
# see https://developer.twitter.com/en/docs/tweets/optimize-with-cards/guides/getting-started#card-and-content-attribution
# do not include @
creator = ""
site = ""

22
config/production/deployment.toml.sample Normal file
View file

@ -0,0 +1,22 @@
order = [".jpg$", ".gif$"]
[[targets]]
name = "aws-s3"
URL = "$S3URL"
cloudFrontDistributionID = "$cloudFrontDistributionID"
[[matchers]]
# Cache static assets for 1 year.
pattern = "^.+\\.(js|css|svg|ttf)$"
cacheControl = "max-age=31536000, no-transform, public"
gzip = true
[[matchers]]
pattern = "^.+\\.(png|jpg)$"
cacheControl = "max-age=31536000, no-transform, public"
gzip = false
[[matchers]]
pattern = "^.+\\.(html|xml|json)$"
gzip = true

21
content/about.md Normal file
View file

@ -0,0 +1,21 @@
---
title: "About"
date: 2020-07-16T21:42:33-07:00
---
## The Site
This is a static site generated using [Hugo](https://gohugo.io/). I'll eventually get around to creating a public repo for this
site on my [github](https://github.com/alejandro-angulo/) but there's nothing fancy going on here. I'm planning on using this site
as a sort of personal documentation. Hopefully what I write here will be useful to whoever stumbles upon it.
## Me
I'm Alejandro Angulo, a code monkey living in the Los Angeles area. When I'm not ~~introducting bugs~~ writing beautiful,
performant code, I like to reminisce about the before-times when masks weren't in style and sit-down dining was a thing. Nowadays,
I like to pass the time binge watching TV shows on Hulu/Netflix and starting (but not finishing) personal projects.
### Contact
I can be reached at `iam@<the domain of this site>`.

13
content/posts/hosting-static-site-aws.md Normal file
View file

@ -0,0 +1,13 @@
+++
title = "How to host a static site on AWS"
date = "2020-07-17T12:31:32-07:00"
author = "alejandro"
cover = "pldfdf"
tags = ["a", "b"]
keywords = ["", ""]
description = "test"
showFullContent = false
draft = true
+++
content

60
content/posts/no-referrals-please.md Normal file
View file

@ -0,0 +1,60 @@
+++
title = "No Referals [sic] Please"
date = "2018-08-28T05:23:17-00:00"
author = "alejandro"
tags = ["info-dump"]
draft = false
+++
### TL;DR
* Use `same-origin` Referrer Policy with Django
* Double leters are unecesary and slow down typing ([see Referer in this document](https://tools.ietf.org/html/rfc1945))
---
I found a post on Hacker News with a link to [webbkoll](https://webbkoll.dataskydd.net/en/) which tries to check how
privacy-friendly a particular site is. Of course I had to [check against my own
site](https://webbkoll.dataskydd.net/en/results?url=http%3A%2F%2Fkilonull.com%2F)!
Webbkoll reported that my referrers were being leaked and that I was using a Google as a third-party service. My site does make
requests to Google for some fonts, so that was expected. The privacy checker gave a helpful explanation on why someone might not
want to make requests to a third-party (well the actual description singled out Google specifically, but the same is true for any
third-party). I could host these fonts myself (as suggested) but the risk seems low to me and loading the fonts from Google means
that users are more likely to have the fonts already cached (making my site load faster... not that anyone reads this).
But, what's this referrer business? Turns out that browsers send information on what page a user comes from. This information is
stored in the headers under the `Referer` field. Yes, _referer_ and not _referrer_. According to wikipedia, [this
mispelling](https://tools.ietf.org/html/rfc1945) [is found](https://tools.ietf.org/html/rfc2616) in [multiple
RFCs](https://tools.ietf.org/html/rfc7231).
This information seems pretty innocuous, but can be used (in tandem with other techniques) to track people online. Sites can
associate its users with their referring pages. Webbkoll provides a good example:
_Let's say you're logged in on Facebook. You visit a page with the URL http://www.some-hospital.com/some-medical-condition. On
that page, you click a link to their Facebook page. Your browser then sends Referer:
http://www.some-hospital.com/some-medical-condition to facebook.com, along with your Facebook cookies, allowing Facebook to
associate your identity with that particular page._
Luckily for us tinfoil hat folk, there is a [Referrer Policy](https://www.w3.org/TR/referrer-policy/) (_referrer_ spelled
correctly this time) and a [helpful MDN page](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy). I was
excited to stick it to the surveillance state and quickly fired up my terminal and SSH'd into my server to update my NGINX
configuration with `add_header Referrer-Policy "no-referrer";`. I checked afterward and sure enough my browser did not send a
referer! I had chores I wanted to avoid so I frantically logged in to make a post... but I was greeted with this:
> Forbidden (403)
>
> CSRF verification failed. Request aborted.
>
> You are seeing this message because this HTTPS site requires a 'Referer header' to be sent by your Web browser, but none was sent. This header is required for security reasons, to ensure that your browser is not being hijacked by third parties.
>
> If you have configured your browser to disable 'Referer' headers, please re-enable them, at least for this site, or for HTTPS connections, or for 'same-origin' requests.
>
> If you are using the &lt;meta name="referrer" content="no-referrer"&gt; tag or including the 'Referrer-Policy: no-referrer' header, please remove them. The CSRF protection requires the 'Referer' header to do strict referer checking. If you're concerned about privacy, use alternatives like &lt;a rel="noreferrer" ...&gt; for links to third-party sites.
>
> More information is available with DEBUG=True.
Apparently Django has an extra security measure for HTTPS pages ([see step
4](https://docs.djangoproject.com/en/2.1/ref/csrf/#how-it-works)). In short, the `Referer` header is used to make sure that a
request comes from the same site. zinfandel has a [better explanation](https://security.stackexchange.com/a/96139) on Stack
Overflow. Bummer. But this can be worked around by using the `same-origin` policy instead of `no-referrer`.

152
content/posts/running-travis-ci-locally.md Normal file
View file

@ -0,0 +1,152 @@
+++
title = "Running Travis CI Locally"
date = 2017-12-18T05:02:42-00:00
author = "alejandro"
tags = ["procrastination"]
+++
### TL;DR
* Travis build was failing.
* Found a possible fix, but I didn't want to push commits just to check if it would work.
* Ran [travis-build](https://github.com/travis-ci/travis-build) in a Docker container to test the fix.
---
I accidentally pushed a change to kilonull that added the word "test" in the site's title tag. I pushed [another
commit](https://github.com/vacuus/kilonull/commit/455f52f97f508f4c2b2bd0cec6cad33f7eb8e413) to remove the extra text and pulled on
my server. About 5 minutes later I received an email telling me my build on Travis had
[failed](https://travis-ci.org/vacuus/kilonull/builds/317863434).
```bash
# ...snip...
Error: could not determine PostgreSQL version from '10.1'
----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-wq2uqxzp/psycopg2/
The command "pip install -r requirements.txt" failed and exited with 1 during .
Your build has been stopped.
```
Well at least *my* code didn't break anything. But hey, it's a Sunday and I have chores to ignore. Let's look into this. I googled
the error and stumbled upon a [comment on Github](https://github.com/psycopg/psycopg2/issues/594#issuecomment-346514672) stating
that the fix was to update the psycopg2 requirement to 2.7.1 (the current latest version). Great, that should be an easy fix. But
hang on, I have all these chores to ignore. I can probably run Travis locally before pushing just to verify the fix. Let's look
into this.
Someone else (Ibrahim Ulukaya) was kind of enough to document how to [run Travis tests from a Docker
container](https://medium.com/google-developers/how-to-run-travisci-locally-on-docker-822fc6b2db2e). I followed his instructions
but I kept getting an error about being unable to load travis/support when I ran `travis compile`.
```bash
$ travis compile
/home/travis/.rvm/rubies/ruby-2.4.3/lib/ruby/2.4.0/rubygems/core_ext/kernel_require.rb:120:in 'require': cannot load such file -- travis/support (LoadError)
from /home/travis/.rvm/rubies/ruby-2.4.3/lib/ruby/2.4.0/rubygems/core_ext/kernel_require.rb:120:in 'require'
from /home/travis/.travis/travis-build/lib/travis/build.rb:1:in '<top (required)>'
from /home/travis/.rvm/rubies/ruby-2.4.3/lib/ruby/2.4.0/rubygems/core_ext/kernel_require.rb:120:in 'require'
from /home/travis/.rvm/rubies/ruby-2.4.3/lib/ruby/2.4.0/rubygems/core_ext/kernel_require.rb:120:in 'require'
from /home/travis/.travis/travis-build/init.rb:11:in 'setup'
from /home/travis/.rvm/gems/ruby-2.4.3/gems/travis-1.8.8/lib/travis/cli/command.rb:197:in 'execute'
from /home/travis/.rvm/gems/ruby-2.4.3/gems/travis-1.8.8/lib/travis/cli.rb:64:in 'run'
from /home/travis/.rvm/gems/ruby-2.4.3/gems/travis-1.8.8/bin/travis:18:in '<top (required)>'
from /home/travis/.rvm/gems/ruby-2.4.3/bin/travis:23:in 'load'
from /home/travis/.rvm/gems/ruby-2.4.3/bin/travis:23:in '<main>'
from /home/travis/.rvm/gems/ruby-2.4.3/bin/ruby_executable_hooks:15:in 'eval'
from /home/travis/.rvm/gems/ruby-2.4.3/bin/ruby_executable_hooks:15:in '<main>'
```
I found [another useful comment on Github](https://github.com/travis-ci/travis-ci/issues/8098#issuecomment-321507488) that
suggested specifying the path to the travis script from travis-support. Maybe I did something wrong when I followed the
instructions on Medium but this was working for me.
Here are the steps that worked for me. I hope this is useful for someone else someday.
First off, we'll need to decide on one of Travis's docker containers to run from. Available containers are [listed on
Quay](https://quay.io/organization/travisci). We'll want one of the containers named `travis-<some language>`. I copy-pasted from
the instructions in the Medium article so I ended up running everything under the `travis-jvm` container. In retrospect, I should
have used `travis-python` since I was dealing with a Python project. The command `docker run -it -u travis
quay.io/travisci/travis-jvm /bin/bash` can be used to run the container (replace `travis-jvm` with whatever container is desired).
Before setting up `travis-build` we can choose which version of Ruby to work with. The latest stable version was 2.4.3 when I
checked so I decided to go with that.
```bash
rvm install 2.4.3 rvm use 2.4.3
```
Once Ruby is set up to our liking we can set up `travis-build`:
```bash
$ travis compile
/home/travis/.rvm/rubies/ruby-2.4.3/lib/ruby/2.4.0/rubygems/core_ext/kernel_require.rb:120:in 'require': cannot load such file -- travis/support (LoadError)
from /home/travis/.rvm/rubies/ruby-2.4.3/lib/ruby/2.4.0/rubygems/core_ext/kernel_require.rb:120:in 'require'
from /home/travis/.travis/travis-build/lib/travis/build.rb:1:in '<top (required)>'
from /home/travis/.rvm/rubies/ruby-2.4.3/lib/ruby/2.4.0/rubygems/core_ext/kernel_require.rb:120:in 'require'
from /home/travis/.rvm/rubies/ruby-2.4.3/lib/ruby/2.4.0/rubygems/core_ext/kernel_require.rb:120:in 'require'
from /home/travis/.travis/travis-build/init.rb:11:in 'setup'
from /home/travis/.rvm/gems/ruby-2.4.3/gems/travis-1.8.8/lib/travis/cli/command.rb:197:in 'execute'
from /home/travis/.rvm/gems/ruby-2.4.3/gems/travis-1.8.8/lib/travis/cli.rb:64:in 'run'
from /home/travis/.rvm/gems/ruby-2.4.3/gems/travis-1.8.8/bin/travis:18:in '<top (required)>'
from /home/travis/.rvm/gems/ruby-2.4.3/bin/travis:23:in 'load'
from /home/travis/.rvm/gems/ruby-2.4.3/bin/travis:23:in '<main>'
from /home/travis/.rvm/gems/ruby-2.4.3/bin/ruby_executable_hooks:15:in 'eval'
from /home/travis/.rvm/gems/ruby-2.4.3/bin/ruby_executable_hooks:15:in '<main>'
```
Unfortunately, it didn't work for me. Removing the branch flag from the clone command fixed it for me though. I suspect the actual
Travis CI service inserts the branch name based on what branch contained the commit triggering the build. We're doing this
manually though so we'll have to make a small adjustment to our build script. Go ahead and open it up in your favorite text editor
(vim). Find the definition for the `travis_run_checkout` function. Remove the branch flag (or specify a branch name if you want to
pull from something other than `master`) from the clone command inside the if block.
Run the `ci.sh` script with our modification again and you should be able to successfully clone your project and continue with the
rest of the build process. This is nice and all but the whole point in running Travis locally for me was so I could test changes
without having to make a commit. But `travis_run_checkout` is called every time our build script executes. We can make another
modification so we can test local changes without committing. Open `ci.sh` up again and go back to the definition of the
travis_run_checkout function. Before the `travis_fold end git.checkout` line there will be a `cd` command that tells the build
script to go to the location we pulled our repository to. Copy this line then go to the bottom of the script. Comment out the call
to `travis_run_checkout` and paste the `cd` command on the next line. Your hacked build script should look something like this:
```bash
EOFUNC_FINISH
# END_FUNCS
source $HOME/.travis/job_stages
travis_run_setup_filter
travis_run_configure
#travis_run_checkout
travis_cmd cd\ vacuus/kilonull --echo
travis_run_prepare
travis_run_disable_sudo
travis_run_export
travis_run_setup
travis_run_setup_casher
travis_run_setup_cache
travis_run_announce
travis_run_debug
travis_run_before_install
travis_run_install
travis_run_before_script
travis_run_script
travis_run_before_cache
travis_run_cache
travis_run_after_success
travis_run_after_failure
travis_run_after_script
travis_run_finish
echo -e "\nDone. Your build exited with $TRAVIS_TEST_RESULT."
travis_terminate $TRAVIS_TEST_RESULT
```
Now we have two copies of our repo in the container which might get a bit confusing. We can remove the repo at the location that
we manually cloned (not the one cloned as part of the build script inside `~/build`). Just remember to move the `ci.sh` script
before deleting your project's directory. We can now make changes to the copy of the repo inside the `~/build` directory and run
our hacked build script to test any changes. I updated my `requirements.txt`'s version for `psycopg2` and my build succeeded just
as I had hoped :) .
This process is pretty convoluted but I think I can automate this and include it a container for my project. But, maybe I'm better
off using something like Jenkins for CI if I'm so concerned with running my builds locally. At least I can feel like I did
something productive while avoiding my chores.

1
themes/terminal Submodule

@ -0,0 +1 @@
Subproject commit bc295415148b61663d627fa56b8406d725d5f3fa