📖 Lili's blog, 2020 edition 😷

Example config ssh client for a gitolite admin AND user

[link—standalone]

tl;dr: the Hostname setting will help you if you have multiple SSH keys for a given user on a remote server. man ssh_config is your friend.

Hello everyone,

This post is a remainder for myself.
Here's the problem: you've installed gitolite on your server and want to do the following:

• Normal shell access via SSH.
• Administer gitolite.
• Interact (push, pull, etc) with repos as a normal gitolite user.

After crawling through the ssh_config man page for what to put in the Hosts blocks, the Hostname part seemed very interesting for the use case.
In the end my ~/.ssh/config was similar to this:

Host admin_gitolite
    Hostname git.domain.com
    IdentityFile ~/.ssh/admin_gitolite
    User gitolite

Host user_gitolite
    Hostname git.domain.com
    IdentityFile ~/.ssh/user_gitolite
    User gitolite

Host gitserver
    Hostname git.domain.com
    IdentityFile ~/.ssh/gitserver
    User normaluser

Now you can rename your gitolite-admin remote repo url as ssh://admin_gitolite:/gitolite-admin and ssh will understand it.
Same goes for user_gitolite and the gitserver host is for plain simple ssh access.

That's all I've got to say, merry Christmas to you and good holidays! 🎄🎄🎄

mer., 30 déc. 2020 10:15:53 +0100

Moving to cgit

[link—standalone]

Hi everyone,

You may have noticed that my front page doesn't have the table with my projects anymore: it's because I'm moving it to my cgit. I'll let cgit handle the tarballs creation. mar., 22 déc. 2020 17:49:00 +0100

How to make a GRUB menu entry executing KeyTool.efi

[link—standalone]

I've been struggling hard to complete the part when you must insert keys in the BIOS firmware in order to benefit from Secure Boot with GRUB and Linux.

My BIOS firmware could clean keys but there was no options for inserting some and so we needed to do it with the help of a third-party software. That's where KeyTool.efi enter the scene (installed with the efitools package on Archlinux, maybe the same package name for other distros).

Let's cut the babbling and jump right into the matter. Here's how your /etc/grub.d/40_custom file should look like after you copied KeyTool.efi as /efi/EFI/arch/KeyTool.efi. Don't forget to replace '1234-5678' by the partition UUID in which the /efi folder resides:

#!/bin/sh
exec tail -n +3 $0
# This file provides an easy way to add custom menu entries.  Simply type the
# menu entries you want to add after this comment.  Be careful not to change
# the 'exec tail' line above.

menuentry "KeyTool unsigned" {
    load_video
    set gfxpayload=keep
    insmod part_gpt
    insmod ext2
    insmod fat
    insmod chain
    search --no-floppy --fs-uuid --set=root 1234-5678
    chainloader /efi/arch/KeyTool.efi
}

jeu., 10 déc. 2020 16:46:02 +0100

List accounts created with prosodyctl

[link—standalone]

Hi everyone! If like me you have a Jitsi instance and you don't remember users you created, here's a trick.

Execute this line: ls /var/lib/prosody/*/accounts|grep .dat|sed s/'.dat'//g

In the case you've got multiple domains the following is better:
curl -OJL http://prosody.im/files/mod_listusers.lua
chmod 755 mod_listusers.lua
mv mod_listusers.lua /usr/lib/prosody/modules/


Now, executing prosodyctl mod_listusers on the command line should return created accounts like in the first method but with their respective domains.
Thanks a LOT to Jan "Arsimael" Schneeberger, it greatly helped me.

jeu., 10 déc. 2020 16:45:57 +0100

My CGI script 'gpigeon' has now an installer!

[link—standalone]

Hi everyone,
I've got a CGI perl script, gpigeon, allowing me to create and send links to people who doesn't know GPG to send me encrypted messages.
It has been downloadable from my main page for months now but I wasn't satisfied with code readability: if someone would want to setup the script, the data to fill in was all over the place.
It's the reason why I created an installer! I will show as well what the script can do in this blogpost.

Down below is a basic HTML page used for logging in. A simple webpage with a form and an input field with name="password", a submit button with the action tag pointing to the relative CGI script path will do the trick. The live version is here:

Once logged in with the chosen password during setup we will land there. The style is customizable through editing the gpigeon.css file:

Notice that I just generated a link and he showed up in the currently available links table located down in the page. So, what it looks like when you click the link ? Like that:

In my mailbox I will get this (note that I already decrypted the message hence the 'Message PGP déchiffré avec succès' notification at the bottom left):

There's something important to know: once the mail is sent, the form (link) self-destructs. It avoids you getting spammed if someone finds or shares the link and as well to know who wants to send you encrypted mails.
Here's some screenshots:

When you delete a link successfully, there's a green message notifying it right below the table:

That's all for now. If you got questions relating to this CGI script, don't hesitate asking it by sending me a mail!

jeu., 10 déc. 2020 16:33:59 +0100

Troubleshooting the CUPS Server and printing documents on Arch Linux 🖨️💯

[link—standalone]

If one morning you cannot print anymore with lp, or system-config-printer doesn't show installed printers but that you must start a service, or the CUPS web interface throws a 404 Not Found in your face, or this cursed message pops up in your journalctl -xe outputs:

The unit org.cups.cupsd.service has entered the 'failed' state with result 'protocol'

Then it's very likely that the config file /etc/cups/cupsd.conf has bad syntax (in my case the entire file was replaced by HTML code !). The answer is to execute this:

su -c 'cp /etc/cups/cupsd.conf.O /etc/cups/cupsd.conf'

My CUPS version is 2.3.3 and I'm running Arch, so maybe in others distros the 'O' is replaced by 'default'

As always, thanks for reading and have a good time.

ven., 30 oct. 2020 22:59:16 +0100

How to have colored emojis in dmenu, st, dwm and slstatus on Archlinux

[link—standalone]

I was using slstatus, dwn, st and dmenu for a while and I didn't understand why some emojis were displaying correctly while others were black and white. Consistency was broken.

The true answer was that I half-assed the setup. I'm going to explain you how to do it properly to avoid hair loss and headaches.

1. Be sure to have fakeroot or sudo installed because we'll compile packages from the AUR thanks to makepkg -s.
2. Download and compile the patched version of libxft by Maxime Coste: libxft-bgra-git.
   Install it by executing the following:
   curl -OJL https://aur.archlinux.org/cgit/aur.git/snapshot/libxft-bgra-git.tar.gz
tar xvzf libxft-bgra-git.tar.gz
cd libxft-bgra-git/
makepkg -s
pacman -U libxft-bgra-git*.pkg.tar.zst
   When asked to remove libxft (conflicts), do it.
3. We now need to choose an emoji font. There are some like noto-fonts-emoji, ttf-joypixels, ttf-twemoji. In my case, I've chosen the ttf-twemoji font.
   If you've chosen it too don't forget to copy 75-twemoji.conf in the /etc/fonts/conf.d directory. Execute pacman -U ttf-twemoji*.pkg.tar.xz where you compiled ttf-twemoji in order to install it.
4. Don't forget to comment out or delete the lines 142 to 146 in the drw.c file in both dwm and dmenu source code when recompiling because if you don't, emojis won't display correctly or at all.
5. You are done! You can now test your setup against a simple script outputting an emoji list :
   curl -OJL https://github.com/LukeSmithxyz/voidrice/raw/master/.local/share/larbs/emoji
mv emoji ~/.local/share/emojis
cat ~/.local/share/emojis | dmenu -i -b -l 5

Many thanks to Luke Smith for the convenient emoji list and Unicode for emoji standardisation. Very 🆒.

jeu., 15 oct. 2020 16:57:34 +0200