Ran linters on all files and added codespell (#13)
This commit is contained in:
parent
7b118b71d6
commit
dc9b131e72
3
.gitignore
vendored
3
.gitignore
vendored
|
@ -4,6 +4,9 @@
|
||||||
# Deployment config
|
# Deployment config
|
||||||
config/production/deployment.toml
|
config/production/deployment.toml
|
||||||
|
|
||||||
|
# Hugo build lock
|
||||||
|
.hugo_build.lock
|
||||||
|
|
||||||
# yarn
|
# yarn
|
||||||
.pnp.*
|
.pnp.*
|
||||||
.yarn/*
|
.yarn/*
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
# See https://pre-commit.com/hooks.html for more hooks
|
# See https://pre-commit.com/hooks.html for more hooks
|
||||||
repos:
|
repos:
|
||||||
- repo: https://github.com/pre-commit/pre-commit-hooks
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||||
rev: v4.0.1
|
rev: v4.1.0
|
||||||
hooks:
|
hooks:
|
||||||
- id: trailing-whitespace
|
- id: trailing-whitespace
|
||||||
- id: end-of-file-fixer
|
- id: end-of-file-fixer
|
||||||
|
@ -14,13 +14,18 @@ repos:
|
||||||
.*\.cjs
|
.*\.cjs
|
||||||
)$
|
)$
|
||||||
- repo: https://github.com/pre-commit/mirrors-eslint
|
- repo: https://github.com/pre-commit/mirrors-eslint
|
||||||
rev: v7.32.0
|
rev: v8.5.0
|
||||||
hooks:
|
hooks:
|
||||||
- id: eslint
|
- id: eslint
|
||||||
- repo: https://github.com/pre-commit/mirrors-prettier
|
- repo: https://github.com/pre-commit/mirrors-prettier
|
||||||
rev: v2.4.1
|
rev: v2.5.1
|
||||||
hooks:
|
hooks:
|
||||||
- id: prettier
|
- id: prettier
|
||||||
additional_dependencies:
|
additional_dependencies:
|
||||||
- prettier@2.4.1
|
- prettier@2.4.1
|
||||||
- prettier-plugin-go-template@0.0.11
|
- prettier-plugin-go-template@0.0.11
|
||||||
|
- repo: https://github.com/codespell-project/codespell
|
||||||
|
rev: v2.1.0
|
||||||
|
hooks:
|
||||||
|
- id: codespell
|
||||||
|
types: [markdown]
|
||||||
|
|
|
@ -3,4 +3,3 @@ title: "{{ replace .Name "-" " " | title }}"
|
||||||
date: {{ .Date }}
|
date: {{ .Date }}
|
||||||
draft: true
|
draft: true
|
||||||
---
|
---
|
||||||
|
|
||||||
|
|
|
@ -19,4 +19,3 @@ gzip = false
|
||||||
[[matchers]]
|
[[matchers]]
|
||||||
pattern = "^.+\\.(html|xml|json)$"
|
pattern = "^.+\\.(html|xml|json)$"
|
||||||
gzip = true
|
gzip = true
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,7 @@ I recently picked up a 6th gen X1 Carbon so of course I wanted to install Arch L
|
||||||
in case I ever have to do this again. I used [ejmg's
|
in case I ever have to do this again. I used [ejmg's
|
||||||
guide](https://github.com/ejmg/an-idiots-guide-to-installing-arch-on-a-lenovo-carbon-x1-gen-6) guide, [HardenedArray's gist
|
guide](https://github.com/ejmg/an-idiots-guide-to-installing-arch-on-a-lenovo-carbon-x1-gen-6) guide, [HardenedArray's gist
|
||||||
guide](https://gist.github.com/HardenedArray/ee3041c04165926fca02deca675effe1), and the [Arch Linux wiki
|
guide](https://gist.github.com/HardenedArray/ee3041c04165926fca02deca675effe1), and the [Arch Linux wiki
|
||||||
page](https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_X1_Carbon_(Gen_6)) as references.
|
page](<https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_X1_Carbon_(Gen_6)>) as references.
|
||||||
|
|
||||||
_Note_: This was my setup as of July 2020ish. Things have changed since then.
|
_Note_: This was my setup as of July 2020ish. Things have changed since then.
|
||||||
|
|
||||||
|
@ -22,13 +22,13 @@ _Note_: This was my setup as of July 2020ish. Things have changed since then.
|
||||||
|
|
||||||
### Prepare Installation Media
|
### Prepare Installation Media
|
||||||
|
|
||||||
This part is relatively straighforward. Check out the [arch wiki
|
This part is relatively straightforward. Check out the [arch wiki
|
||||||
page](https://wiki.archlinux.org/title/USB_flash_installation_medium).
|
page](https://wiki.archlinux.org/title/USB_flash_installation_medium).
|
||||||
|
|
||||||
### Prepare BIOS
|
### Prepare BIOS
|
||||||
|
|
||||||
BIOS -> Security -> Secure Boot -> Disable
|
BIOS -> Security -> Secure Boot -> Disable
|
||||||
BIOS -> Config -> Thunderbolt(TM) 3 -> Thunderbolt BIOS Assist Mode: Enabled
|
BIOS -> Config -> Thunderbolt(TM) 3 -> Thunderbolt BIOS Assist Mode: Enabled
|
||||||
|
|
||||||
Configure boot order to boot off USB
|
Configure boot order to boot off USB
|
||||||
BIOS -> Startup -> Boot -> Move USB HDD to the top of the list (also moved USB FDD to 2nd since I wasn't sure which one I needed
|
BIOS -> Startup -> Boot -> Move USB HDD to the top of the list (also moved USB FDD to 2nd since I wasn't sure which one I needed
|
||||||
|
@ -62,18 +62,18 @@ commands.
|
||||||
|
|
||||||
### Partition Drive
|
### Partition Drive
|
||||||
|
|
||||||
My device had two SSDs installed. `lsblk` showed them as `nvme0n1` and `nvme1n1`. My primary SSD was `nvme1n1` so I ran `gdisk
|
My device had two SSDs installed. `lsblk` showed them as `nvme0n1` and `nvme1n1`. My primary SSD was `nvme1n1` so I ran
|
||||||
/dev/nmve1n1`. You can enter `?` to get a list of commands. I went ahead and deleted (`d`) all the existing partitions. Created an
|
`gdisk /dev/nmve1n1`. You can enter `?` to get a list of commands. I went ahead and deleted (`d`) all the existing partitions.
|
||||||
EFI partition (`n`) on partition 1 with a size of 100 MiB (chose first sector and then `+100M` for the last sector) with hex code
|
Created an EFI partition (`n`) on partition 1 with a size of 100 MiB (chose first sector and then `+100M` for the last sector)
|
||||||
EF00 (EFI partition). I created partition 2 to span the rest of the device. I tried having a separate boot partition but ran into
|
with hex code EF00 (EFI partition). I created partition 2 to span the rest of the device. I tried having a separate boot partition
|
||||||
issues getting my system to boot up properly. It's probably possible to have a separate boot partition but it probably makes the
|
but ran into issues getting my system to boot up properly. It's probably possible to have a separate boot partition but it
|
||||||
setup more complex. So, unless you know what you're doing, don't create any other partitions on this drive.
|
probably makes the setup more complex. So, unless you know what you're doing, don't create any other partitions on this drive.
|
||||||
|
|
||||||
For my second drive I ran `gdisk /dev/nvme0n1` and left a single partition spanning the entire device with hex code 8300 (Linux
|
For my second drive I ran `gdisk /dev/nvme0n1` and left a single partition spanning the entire device with hex code 8300 (Linux
|
||||||
FS). This drive can be partitioned however you like.
|
FS). This drive can be partitioned however you like.
|
||||||
|
|
||||||
I should zero my devices but I'm not that paranoid so I didn't. This could be done with `ddrescue` or with `cat` like so `cat
|
I should zero my devices but I'm not that paranoid so I didn't. This could be done with `ddrescue` or with `cat` like so
|
||||||
/dev/zero > /dev/nvme1n1 && cat /dev/zero /dev/nme0n1`.
|
`cat /dev/zero > /dev/nvme1n1 && cat /dev/zero /dev/nme0n1`.
|
||||||
|
|
||||||
### Setup filesystems
|
### Setup filesystems
|
||||||
|
|
||||||
|
@ -119,7 +119,6 @@ lvcreate -l 100%FREE Data -n root
|
||||||
|
|
||||||
Create a FAT32 filesystem for the EFI partition, set up the swap partition, and format the rest with ext4.
|
Create a FAT32 filesystem for the EFI partition, set up the swap partition, and format the rest with ext4.
|
||||||
|
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
mkfs.vfat -F 32 /dev/nvme1n1p1
|
mkfs.vfat -F 32 /dev/nvme1n1p1
|
||||||
mkswap /dev/mapper/Arch-swap
|
mkswap /dev/mapper/Arch-swap
|
||||||
|
@ -203,7 +202,7 @@ Replace `alejandro` with your username. `sudo` will later be configured to allow
|
||||||
### More Encryption Configuration
|
### More Encryption Configuration
|
||||||
|
|
||||||
When the system boots up, the bootloader (I'll be using `grub`) will need to read `/boot` and the system will need access to any
|
When the system boots up, the bootloader (I'll be using `grub`) will need to read `/boot` and the system will need access to any
|
||||||
other volumes specified in the fstab file. Without any extra configuration, there will be a passphrase prompt for every volume.
|
other volumes specified in the fstab file. Without any extra configuration, there will be a passphrase prompt for every volume.
|
||||||
LUKS devices have multiple "key slots." It's possible to use a key file to fill in one of the key slots and later pass that file
|
LUKS devices have multiple "key slots." It's possible to use a key file to fill in one of the key slots and later pass that file
|
||||||
in to open (decrypt) a LUKS device. This makes it possible to have `grub` handle decryption of root and swap without requiring the
|
in to open (decrypt) a LUKS device. This makes it possible to have `grub` handle decryption of root and swap without requiring the
|
||||||
user to enter multiple passphrases (which is clunky and error-prone). Other volumes (my data root volume) can be configured in
|
user to enter multiple passphrases (which is clunky and error-prone). Other volumes (my data root volume) can be configured in
|
||||||
|
@ -245,7 +244,7 @@ Secondary /dev/nvme0n1p1 /crypto_keyfile.bin
|
||||||
```
|
```
|
||||||
|
|
||||||
The `discard` option has to do with the `TRIM` command and is basically a performance optimization. Read more about it on
|
The `discard` option has to do with the `TRIM` command and is basically a performance optimization. Read more about it on
|
||||||
[wikipedia](https://en.wikipedia.org/wiki/Trim_(computing)).
|
[wikipedia](<https://en.wikipedia.org/wiki/Trim_(computing)>).
|
||||||
|
|
||||||
Edit the `mkinitpcio` configuration file (`/etc/mkinitpcio.conf`) to setup decryption.
|
Edit the `mkinitpcio` configuration file (`/etc/mkinitpcio.conf`) to setup decryption.
|
||||||
|
|
||||||
|
@ -294,7 +293,7 @@ either).
|
||||||
|
|
||||||
### First Logon
|
### First Logon
|
||||||
|
|
||||||
Log in to your system as root and alow users in the wheel group to use `sudo`. Run `visudo`, if you get an error saying no editor
|
Log in to your system as root and allow users in the wheel group to use `sudo`. Run `visudo`, if you get an error saying no editor
|
||||||
found just prepend the editor's path like this `EDITOR=/usr/bin/vim visudo`. Uncomment the following line `%wheel ALL=(ALL) ALL`.
|
found just prepend the editor's path like this `EDITOR=/usr/bin/vim visudo`. Uncomment the following line `%wheel ALL=(ALL) ALL`.
|
||||||
You can log out and log in with your own user account now.
|
You can log out and log in with your own user account now.
|
||||||
|
|
||||||
|
@ -396,6 +395,7 @@ cp /etc/sway/config ~/.config/sway
|
||||||
mkdir -p ~/.config/waybar
|
mkdir -p ~/.config/waybar
|
||||||
cp /etc/xdg/waybar/* ~/.config/waybar
|
cp /etc/xdg/waybar/* ~/.config/waybar
|
||||||
```
|
```
|
||||||
|
|
||||||
I edited my sway config to mimic my i3 config so I needed to grab a few packages first.
|
I edited my sway config to mimic my i3 config so I needed to grab a few packages first.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
|
@ -419,7 +419,7 @@ echo "export MOZ_ENABLE_WAYLAND=1" >> ~/.zprofile
|
||||||
|
|
||||||
After restarting sway, I was able to run Firefox. I ran into my next issue (seems like a recurring theme) soon after. Everything
|
After restarting sway, I was able to run Firefox. I ran into my next issue (seems like a recurring theme) soon after. Everything
|
||||||
on the screen seemed too big. The scaling factor for my display was too large (first world problem, I know). Luckily for me sway
|
on the screen seemed too big. The scaling factor for my display was too large (first world problem, I know). Luckily for me sway
|
||||||
supports (but doesn't reccommend) fractional scaling. I got my display's name using `swaymsg`.
|
supports (but doesn't recommend) fractional scaling. I got my display's name using `swaymsg`.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
swaymsg -t get_outputs
|
swaymsg -t get_outputs
|
||||||
|
@ -511,8 +511,9 @@ export SSH_AUTH_SOCK
|
||||||
sway
|
sway
|
||||||
```
|
```
|
||||||
|
|
||||||
Store spotify password in keystore `secret-tool --label='Spotify' application rust-keyring service spotifyd
|
Store spotify password in keystore
|
||||||
username <your-username>`. You'll be prompted to create a default keyring if one hasn't already been created.
|
`secret-tool --label='Spotify' application rust-keyring service spotifyd username <your-username>`. You'll be prompted to create a
|
||||||
|
default keyring if one hasn't already been created.
|
||||||
|
|
||||||
Create systemd unit file and run spotifyd
|
Create systemd unit file and run spotifyd
|
||||||
|
|
||||||
|
@ -537,7 +538,7 @@ alias config='/usr/bin/git --git-dir=$HOME/.myconf/ --work-tree=$HOME' # Add th
|
||||||
```bash
|
```bash
|
||||||
yay -S light
|
yay -S light
|
||||||
usermod -a -G video alejandro # need to be in video group to control backlight
|
usermod -a -G video alejandro # need to be in video group to control backlight
|
||||||
# below 2 reload udev rules, so light doesn't requre root permissions
|
# below 2 reload udev rules, so light doesn't require root permissions
|
||||||
sudo udevadm control --reload-rule
|
sudo udevadm control --reload-rule
|
||||||
sudo udevadm trigger
|
sudo udevadm trigger
|
||||||
# Above 2 commands didn't work for me, but did after a reboot
|
# Above 2 commands didn't work for me, but did after a reboot
|
||||||
|
|
|
@ -40,15 +40,15 @@ read permissions to objects in the bucket.
|
||||||
|
|
||||||
```json
|
```json
|
||||||
{
|
{
|
||||||
"Version": "2012-10-17",
|
"Version": "2012-10-17",
|
||||||
"Statement": [
|
"Statement": [
|
||||||
{
|
{
|
||||||
"Effect": "Allow",
|
"Effect": "Allow",
|
||||||
"Principal": "*",
|
"Principal": "*",
|
||||||
"Action": "s3:GetObject",
|
"Action": "s3:GetObject",
|
||||||
"Resource": "arn:aws:s3:::<your domain name here>/*"
|
"Resource": "arn:aws:s3:::<your domain name here>/*"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -75,7 +75,7 @@ aws route53 list-hosted-zones
|
||||||
## Setting up Certificate
|
## Setting up Certificate
|
||||||
|
|
||||||
A cerificate is needed for https support. To do so a cert has to be requeted from AWS's aptly named AWS Certificate Manager (ACM).
|
A cerificate is needed for https support. To do so a cert has to be requeted from AWS's aptly named AWS Certificate Manager (ACM).
|
||||||
Once a request is in, domain ownership needs to be validated (AWS can't be giving out certs for just any domain). Validation can
|
Once a request is in, domain ownership needs to be validated (AWS can't be giving out certs for just any domain). Validation can
|
||||||
be done through DNS or email. Email validation requires controlling an email address like `admin@suprecool.tld` and clicking a
|
be done through DNS or email. Email validation requires controlling an email address like `admin@suprecool.tld` and clicking a
|
||||||
link in an email sent to it. DNS validation requires adding a CNAME record in a hosted zone.
|
link in an email sent to it. DNS validation requires adding a CNAME record in a hosted zone.
|
||||||
|
|
||||||
|
@ -98,17 +98,21 @@ Prepare a json file to add the required CNAME.
|
||||||
|
|
||||||
```json
|
```json
|
||||||
{
|
{
|
||||||
"Changes": [{
|
"Changes": [
|
||||||
"Action": "CREATE",
|
{
|
||||||
"ResourceRecordSet": {
|
"Action": "CREATE",
|
||||||
"Name": "<name shown in last command>",
|
"ResourceRecordSet": {
|
||||||
"Type": "CNAME",
|
"Name": "<name shown in last command>",
|
||||||
"TTL": 300,
|
"Type": "CNAME",
|
||||||
"ResourceRecords": [{
|
"TTL": 300,
|
||||||
"Value": "<value show in last command>"
|
"ResourceRecords": [
|
||||||
}]
|
{
|
||||||
}
|
"Value": "<value show in last command>"
|
||||||
}]
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -130,128 +134,116 @@ for the JSON required is below. The region name is whatever was configured when
|
||||||
|
|
||||||
```json
|
```json
|
||||||
{
|
{
|
||||||
"Aliases": {
|
"Aliases": {
|
||||||
"Quantity": 1,
|
"Quantity": 1,
|
||||||
"Items": [
|
"Items": ["<your domain name here>"]
|
||||||
"<your domain name here>"
|
},
|
||||||
]
|
"DefaultRootObject": "index.html",
|
||||||
},
|
"Origins": {
|
||||||
"DefaultRootObject": "index.html",
|
"Quantity": 1,
|
||||||
"Origins": {
|
"Items": [
|
||||||
"Quantity": 1,
|
{
|
||||||
"Items": [
|
"Id": "S3-Website-<your domain name here>.s3-website-<your region here>.amazonaws.com",
|
||||||
{
|
"DomainName": "<your domain name here>.s3-website-<your region here>.amazonaws.com",
|
||||||
"Id": "S3-Website-<your domain name here>.s3-website-<your region here>.amazonaws.com",
|
"OriginPath": "",
|
||||||
"DomainName": "<your domain name here>.s3-website-<your region here>.amazonaws.com",
|
"CustomHeaders": {
|
||||||
"OriginPath": "",
|
"Quantity": 0
|
||||||
"CustomHeaders": {
|
},
|
||||||
"Quantity": 0
|
"CustomOriginConfig": {
|
||||||
},
|
"HTTPPort": 80,
|
||||||
"CustomOriginConfig": {
|
"HTTPSPort": 443,
|
||||||
"HTTPPort": 80,
|
"OriginProtocolPolicy": "http-only",
|
||||||
"HTTPSPort": 443,
|
"OriginSslProtocols": {
|
||||||
"OriginProtocolPolicy": "http-only",
|
"Quantity": 3,
|
||||||
"OriginSslProtocols": {
|
"Items": ["TLSv1", "TLSv1.1", "TLSv1.2"]
|
||||||
"Quantity": 3,
|
},
|
||||||
"Items": [
|
"OriginReadTimeout": 30,
|
||||||
"TLSv1",
|
"OriginKeepaliveTimeout": 5
|
||||||
"TLSv1.1",
|
},
|
||||||
"TLSv1.2"
|
"ConnectionAttempts": 3,
|
||||||
]
|
"ConnectionTimeout": 10
|
||||||
},
|
}
|
||||||
"OriginReadTimeout": 30,
|
]
|
||||||
"OriginKeepaliveTimeout": 5
|
},
|
||||||
},
|
"OriginGroups": {
|
||||||
"ConnectionAttempts": 3,
|
"Quantity": 0
|
||||||
"ConnectionTimeout": 10
|
},
|
||||||
}
|
"DefaultCacheBehavior": {
|
||||||
]
|
"TargetOriginId": "S3-Website-<your domain name here>.s3-website-<your region here>.amazonaws.com",
|
||||||
},
|
"ForwardedValues": {
|
||||||
"OriginGroups": {
|
"QueryString": false,
|
||||||
|
"Cookies": {
|
||||||
|
"Forward": "none"
|
||||||
|
},
|
||||||
|
"Headers": {
|
||||||
"Quantity": 0
|
"Quantity": 0
|
||||||
},
|
},
|
||||||
"DefaultCacheBehavior": {
|
"QueryStringCacheKeys": {
|
||||||
"TargetOriginId": "S3-Website-<your domain name here>.s3-website-<your region here>.amazonaws.com",
|
|
||||||
"ForwardedValues": {
|
|
||||||
"QueryString": false,
|
|
||||||
"Cookies": {
|
|
||||||
"Forward": "none"
|
|
||||||
},
|
|
||||||
"Headers": {
|
|
||||||
"Quantity": 0
|
|
||||||
},
|
|
||||||
"QueryStringCacheKeys": {
|
|
||||||
"Quantity": 0
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"TrustedSigners": {
|
|
||||||
"Enabled": false,
|
|
||||||
"Quantity": 0
|
|
||||||
},
|
|
||||||
"ViewerProtocolPolicy": "redirect-to-https",
|
|
||||||
"MinTTL": 0,
|
|
||||||
"AllowedMethods": {
|
|
||||||
"Quantity": 2,
|
|
||||||
"Items": [
|
|
||||||
"HEAD",
|
|
||||||
"GET"
|
|
||||||
],
|
|
||||||
"CachedMethods": {
|
|
||||||
"Quantity": 2,
|
|
||||||
"Items": [
|
|
||||||
"HEAD",
|
|
||||||
"GET"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"SmoothStreaming": false,
|
|
||||||
"DefaultTTL": 86400,
|
|
||||||
"MaxTTL": 31536000,
|
|
||||||
"Compress": false,
|
|
||||||
"LambdaFunctionAssociations": {
|
|
||||||
"Quantity": 0
|
|
||||||
},
|
|
||||||
"FieldLevelEncryptionId": ""
|
|
||||||
},
|
|
||||||
"CacheBehaviors": {
|
|
||||||
"Quantity": 0
|
"Quantity": 0
|
||||||
|
}
|
||||||
},
|
},
|
||||||
"CustomErrorResponses": {
|
"TrustedSigners": {
|
||||||
"Quantity": 1,
|
"Enabled": false,
|
||||||
"Items": [
|
"Quantity": 0
|
||||||
{
|
|
||||||
"ErrorCode": 404,
|
|
||||||
"ResponsePagePath": "/404.html",
|
|
||||||
"ResponseCode": "404",
|
|
||||||
"ErrorCachingMinTTL": 60
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
},
|
||||||
"Comment": "",
|
"ViewerProtocolPolicy": "redirect-to-https",
|
||||||
"Logging": {
|
"MinTTL": 0,
|
||||||
"Enabled": false,
|
"AllowedMethods": {
|
||||||
"IncludeCookies": false,
|
"Quantity": 2,
|
||||||
"Bucket": "",
|
"Items": ["HEAD", "GET"],
|
||||||
"Prefix": ""
|
"CachedMethods": {
|
||||||
|
"Quantity": 2,
|
||||||
|
"Items": ["HEAD", "GET"]
|
||||||
|
}
|
||||||
},
|
},
|
||||||
"PriceClass": "PriceClass_All",
|
"SmoothStreaming": false,
|
||||||
"Enabled": true,
|
"DefaultTTL": 86400,
|
||||||
"ViewerCertificate": {
|
"MaxTTL": 31536000,
|
||||||
"ACMCertificateArn": "<your certificate ARN>",
|
"Compress": false,
|
||||||
"SSLSupportMethod": "sni-only",
|
"LambdaFunctionAssociations": {
|
||||||
"MinimumProtocolVersion": "TLSv1.2_2018",
|
"Quantity": 0
|
||||||
"Certificate": "<your certificate ARN>",
|
|
||||||
"CertificateSource": "acm"
|
|
||||||
},
|
},
|
||||||
"Restrictions": {
|
"FieldLevelEncryptionId": ""
|
||||||
"GeoRestriction": {
|
},
|
||||||
"RestrictionType": "none",
|
"CacheBehaviors": {
|
||||||
"Quantity": 0
|
"Quantity": 0
|
||||||
}
|
},
|
||||||
},
|
"CustomErrorResponses": {
|
||||||
"WebACLId": "",
|
"Quantity": 1,
|
||||||
"HttpVersion": "http2",
|
"Items": [
|
||||||
"IsIPV6Enabled": true
|
{
|
||||||
|
"ErrorCode": 404,
|
||||||
|
"ResponsePagePath": "/404.html",
|
||||||
|
"ResponseCode": "404",
|
||||||
|
"ErrorCachingMinTTL": 60
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"Comment": "",
|
||||||
|
"Logging": {
|
||||||
|
"Enabled": false,
|
||||||
|
"IncludeCookies": false,
|
||||||
|
"Bucket": "",
|
||||||
|
"Prefix": ""
|
||||||
|
},
|
||||||
|
"PriceClass": "PriceClass_All",
|
||||||
|
"Enabled": true,
|
||||||
|
"ViewerCertificate": {
|
||||||
|
"ACMCertificateArn": "<your certificate ARN>",
|
||||||
|
"SSLSupportMethod": "sni-only",
|
||||||
|
"MinimumProtocolVersion": "TLSv1.2_2018",
|
||||||
|
"Certificate": "<your certificate ARN>",
|
||||||
|
"CertificateSource": "acm"
|
||||||
|
},
|
||||||
|
"Restrictions": {
|
||||||
|
"GeoRestriction": {
|
||||||
|
"RestrictionType": "none",
|
||||||
|
"Quantity": 0
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"WebACLId": "",
|
||||||
|
"HttpVersion": "http2",
|
||||||
|
"IsIPV6Enabled": true
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -276,18 +268,20 @@ Prepare a json file for the Route 53 request. Fun fact: `HostedZoneId` is hardco
|
||||||
|
|
||||||
```json
|
```json
|
||||||
{
|
{
|
||||||
"Changes": [{
|
"Changes": [
|
||||||
"Action": "CREATE",
|
{
|
||||||
"ResourceRecordSet": {
|
"Action": "CREATE",
|
||||||
"Name": "<your domain name here>.",
|
"ResourceRecordSet": {
|
||||||
"Type": "A",
|
"Name": "<your domain name here>.",
|
||||||
"AliasTarget": {
|
"Type": "A",
|
||||||
"HostedZoneId": "Z2FDTNDATAQYW2",
|
"AliasTarget": {
|
||||||
"DNSName": "<your CloudFront distribution domain name>.",
|
"HostedZoneId": "Z2FDTNDATAQYW2",
|
||||||
"EvaluateTargetHealth": false
|
"DNSName": "<your CloudFront distribution domain name>.",
|
||||||
}
|
"EvaluateTargetHealth": false
|
||||||
}
|
}
|
||||||
}]
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -8,8 +8,8 @@ draft = false
|
||||||
|
|
||||||
### TL;DR
|
### TL;DR
|
||||||
|
|
||||||
* Use `same-origin` Referrer Policy with Django
|
- Use `same-origin` Referrer Policy with Django
|
||||||
* Double leters are unecesary and slow down typing ([see Referer in this document](https://tools.ietf.org/html/rfc1945))
|
- Double leters are unecesary and slow down typing ([see Referer in this document](https://tools.ietf.org/html/rfc1945))
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
@ -25,7 +25,7 @@ that users are more likely to have the fonts already cached (making my site load
|
||||||
|
|
||||||
But, what's this referrer business? Turns out that browsers send information on what page a user comes from. This information is
|
But, what's this referrer business? Turns out that browsers send information on what page a user comes from. This information is
|
||||||
stored in the headers under the `Referer` field. Yes, _referer_ and not _referrer_. According to wikipedia, [this
|
stored in the headers under the `Referer` field. Yes, _referer_ and not _referrer_. According to wikipedia, [this
|
||||||
mispelling](https://tools.ietf.org/html/rfc1945) [is found](https://tools.ietf.org/html/rfc2616) in [multiple
|
misspelling](https://tools.ietf.org/html/rfc1945) [is found](https://tools.ietf.org/html/rfc2616) in [multiple
|
||||||
RFCs](https://tools.ietf.org/html/rfc7231).
|
RFCs](https://tools.ietf.org/html/rfc7231).
|
||||||
|
|
||||||
This information seems pretty innocuous, but can be used (in tandem with other techniques) to track people online. Sites can
|
This information seems pretty innocuous, but can be used (in tandem with other techniques) to track people online. Sites can
|
||||||
|
|
|
@ -7,9 +7,9 @@ tags = ["procrastination"]
|
||||||
|
|
||||||
### TL;DR
|
### TL;DR
|
||||||
|
|
||||||
* Travis build was failing.
|
- Travis build was failing.
|
||||||
* Found a possible fix, but I didn't want to push commits just to check if it would work.
|
- Found a possible fix, but I didn't want to push commits just to check if it would work.
|
||||||
* Ran [travis-build](https://github.com/travis-ci/travis-build) in a Docker container to test the fix.
|
- Ran [travis-build](https://github.com/travis-ci/travis-build) in a Docker container to test the fix.
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
|
@ -30,7 +30,7 @@ The command "pip install -r requirements.txt" failed and exited with 1 during .
|
||||||
Your build has been stopped.
|
Your build has been stopped.
|
||||||
```
|
```
|
||||||
|
|
||||||
Well at least *my* code didn't break anything. But hey, it's a Sunday and I have chores to ignore. Let's look into this. I googled
|
Well at least _my_ code didn't break anything. But hey, it's a Sunday and I have chores to ignore. Let's look into this. I googled
|
||||||
the error and stumbled upon a [comment on Github](https://github.com/psycopg/psycopg2/issues/594#issuecomment-346514672) stating
|
the error and stumbled upon a [comment on Github](https://github.com/psycopg/psycopg2/issues/594#issuecomment-346514672) stating
|
||||||
that the fix was to update the psycopg2 requirement to 2.7.1 (the current latest version). Great, that should be an easy fix. But
|
that the fix was to update the psycopg2 requirement to 2.7.1 (the current latest version). Great, that should be an easy fix. But
|
||||||
hang on, I have all these chores to ignore. I can probably run Travis locally before pushing just to verify the fix. Let's look
|
hang on, I have all these chores to ignore. I can probably run Travis locally before pushing just to verify the fix. Let's look
|
||||||
|
@ -66,8 +66,9 @@ Here are the steps that worked for me. I hope this is useful for someone else so
|
||||||
First off, we'll need to decide on one of Travis's docker containers to run from. Available containers are [listed on
|
First off, we'll need to decide on one of Travis's docker containers to run from. Available containers are [listed on
|
||||||
Quay](https://quay.io/organization/travisci). We'll want one of the containers named `travis-<some language>`. I copy-pasted from
|
Quay](https://quay.io/organization/travisci). We'll want one of the containers named `travis-<some language>`. I copy-pasted from
|
||||||
the instructions in the Medium article so I ended up running everything under the `travis-jvm` container. In retrospect, I should
|
the instructions in the Medium article so I ended up running everything under the `travis-jvm` container. In retrospect, I should
|
||||||
have used `travis-python` since I was dealing with a Python project. The command `docker run -it -u travis
|
have used `travis-python` since I was dealing with a Python project. The command
|
||||||
quay.io/travisci/travis-jvm /bin/bash` can be used to run the container (replace `travis-jvm` with whatever container is desired).
|
`docker run -it -u travis quay.io/travisci/travis-jvm /bin/bash`
|
||||||
|
can be used to run the container (replace `travis-jvm` with whatever container is desired).
|
||||||
|
|
||||||
Before setting up `travis-build` we can choose which version of Ruby to work with. The latest stable version was 2.4.3 when I
|
Before setting up `travis-build` we can choose which version of Ruby to work with. The latest stable version was 2.4.3 when I
|
||||||
checked so I decided to go with that.
|
checked so I decided to go with that.
|
||||||
|
@ -149,4 +150,3 @@ as I had hoped :) .
|
||||||
This process is pretty convoluted but I think I can automate this and include it a container for my project. But, maybe I'm better
|
This process is pretty convoluted but I think I can automate this and include it a container for my project. But, maybe I'm better
|
||||||
off using something like Jenkins for CI if I'm so concerned with running my builds locally. At least I can feel like I did
|
off using something like Jenkins for CI if I'm so concerned with running my builds locally. At least I can feel like I did
|
||||||
something productive while avoiding my chores.
|
something productive while avoiding my chores.
|
||||||
|
|
||||||
|
|
|
@ -1,8 +1,9 @@
|
||||||
<script src="https://utteranc.es/client.js"
|
<script
|
||||||
repo="alejandro-angulo/alejandr0angul0.dev"
|
src="https://utteranc.es/client.js"
|
||||||
issue-term="pathname"
|
repo="alejandro-angulo/alejandr0angul0.dev"
|
||||||
label="blog comment"
|
issue-term="pathname"
|
||||||
theme="dark-blue"
|
label="blog comment"
|
||||||
crossorigin="anonymous"
|
theme="dark-blue"
|
||||||
async>
|
crossorigin="anonymous"
|
||||||
</script>
|
async
|
||||||
|
></script>
|
||||||
|
|
|
@ -1,11 +1,12 @@
|
||||||
{{ define "main" }}
|
{{ define "main" }}
|
||||||
<pre>
|
<pre>
|
||||||
░█▀█░█▀█░▀█▀░░░█▀▀░█▀█░█░█░█▀█░█▀▄
|
░█▀█░█▀█░▀█▀░░░█▀▀░█▀█░█░█░█▀█░█▀▄
|
||||||
░█░█░█░█░░█░░░░█▀▀░█░█░█░█░█░█░█░█
|
░█░█░█░█░░█░░░░█▀▀░█░█░█░█░█░█░█░█
|
||||||
░▀░▀░▀▀▀░░▀░░░░▀░░░▀▀▀░▀▀▀░▀░▀░▀▀░
|
░▀░▀░▀▀▀░░▀░░░░▀░░░▀▀▀░▀▀▀░▀░▀░▀▀░
|
||||||
</pre>
|
</pre>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
<a href="{{ .Site.BaseURL }}">Go home</a> or use the navigation at the top to navigate to another page.
|
<a href="{{ .Site.BaseURL }}">Go home</a> or use the navigation at the top
|
||||||
</p>
|
to navigate to another page.
|
||||||
|
</p>
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
|
@ -1,11 +1,11 @@
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html>
|
<html>
|
||||||
{{- partial "head.html" . -}}
|
{{- partial "head.html" . -}}
|
||||||
<body>
|
<body>
|
||||||
{{- partial "header.html" . -}}
|
{{- partial "header.html" . -}}
|
||||||
<div id="content">
|
<div id="content">
|
||||||
{{- block "main" . }}{{- end }}
|
{{- block "main" . }}{{- end }}
|
||||||
</div>
|
</div>
|
||||||
{{- partial "footer.html" . -}}
|
{{- partial "footer.html" . -}}
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
|
@ -1,10 +1,8 @@
|
||||||
{{ define "main" }}
|
{{ define "main" }}
|
||||||
<h1>{{ .Title }}</h1>
|
<h1>{{ .Title }}</h1>
|
||||||
{{ range .Pages.ByPublishDate.Reverse }}
|
<h3><a class="title" href="{{ .RelPermalink }}">{{ .Title }}</a></h3>
|
||||||
<p>
|
{{ range .Pages.ByPublishDate.Reverse }}
|
||||||
<h3><a class="title" href="{{ .RelPermalink }}">{{ .Title }}</a></h3>
|
|
||||||
{{ partial "metadata.html" . }}
|
{{ partial "metadata.html" . }}
|
||||||
<p class="summary">{{ .Summary }}</p>
|
<p class="summary">{{ .Summary }}</p>
|
||||||
</p>
|
{{ end }}
|
||||||
{{ end }}
|
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
{{ define "main" }}
|
{{ define "main" }}
|
||||||
<h1>{{ .Title }}</h1>
|
<h1>{{ .Title }}</h1>
|
||||||
{{ partial "metadata.html" . }}
|
{{ partial "metadata.html" . }}
|
||||||
{{ .Content }}
|
{{ .Content }}
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
|
@ -1,18 +1,18 @@
|
||||||
<div id="header">
|
<div id="header">
|
||||||
<div id="banner">
|
<div id="banner">
|
||||||
<div class="lhs">
|
<div class="lhs">
|
||||||
<a class="home-link" href="{{ .Site.BaseURL }}">{{ .Site.Title }}</a>
|
<a class="home-link" href="{{ .Site.BaseURL }}">{{ .Site.Title }}</a>
|
||||||
</div>
|
|
||||||
<div class="rhs">
|
|
||||||
<nav id="nav" class="nav justify-content-center">
|
|
||||||
{{ range .Site.Menus.main }}
|
|
||||||
<a class="nav-link" href="{{ .URL }}">
|
|
||||||
{{ $text := print .Name | safeHTML }}
|
|
||||||
{{ $text }}
|
|
||||||
</a>
|
|
||||||
{{ end }}
|
|
||||||
</nav>
|
|
||||||
<span class="current-page">[{{ .Title }}]</span>
|
|
||||||
</div>
|
|
||||||
</div>
|
</div>
|
||||||
|
<div class="rhs">
|
||||||
|
<nav id="nav" class="nav justify-content-center">
|
||||||
|
{{ range .Site.Menus.main }}
|
||||||
|
<a class="nav-link" href="{{ .URL }}">
|
||||||
|
{{ $text := print .Name | safeHTML }}
|
||||||
|
{{ $text }}
|
||||||
|
</a>
|
||||||
|
{{ end }}
|
||||||
|
</nav>
|
||||||
|
<span class="current-page">[{{ .Title }}]</span>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
Loading…
Reference in a new issue