diff options
Diffstat (limited to '')
-rw-r--r-- | _layouts/default.html (renamed from site/templates/default.html) | 18 | ||||
-rw-r--r-- | _posts/2018-07-17-running-guix-on-nixos.md (renamed from site/posts/2018-07-17-running-guix-on-nixos.org) | 100 | ||||
-rw-r--r-- | favicon.ico (renamed from site/favicon.ico) | bin | 1150 -> 1150 bytes | |||
-rw-r--r-- | images/atom.svg (renamed from site/images/atom.svg) | 0 | ||||
-rw-r--r-- | images/envelope.svg (renamed from site/images/envelope.svg) | 0 | ||||
-rw-r--r-- | images/lock.svg (renamed from site/images/lock.svg) | 0 | ||||
-rw-r--r-- | pastebins/failure-on-guix-tex-live-importer.md (renamed from site/pastebin/failure-on-guix-tex-live-importer.org) | 10 | ||||
-rw-r--r-- | pastebins/inconsistent-hash-of-buildgomodule.md (renamed from site/pastebin/inconsistent-hash-of-buildgomodule.org) | 69 | ||||
-rw-r--r-- | pastebins/nix-exps.md (renamed from site/pastebin/nix-exps.org) | 10 | ||||
-rw-r--r-- | pastebins/nix-show-derivation.md (renamed from site/pastebin/nix-show-derivation.org) | 10 | ||||
-rw-r--r-- | pastebins/raku-tuple-type-annotation.md (renamed from site/pastebin/raku-tuple-type-annotation.org) | 14 | ||||
-rw-r--r-- | public-key.txt (renamed from site/root/public-key.txt) | 0 | ||||
-rw-r--r-- | site/index.html | 6 | ||||
-rw-r--r-- | site/pages/about.org | 14 | ||||
-rw-r--r-- | site/pastebins.html | 5 | ||||
-rw-r--r-- | site/posts/2018-08-01-verifying-npm-ci-reproducibility.org | 85 | ||||
-rw-r--r-- | site/posts/2018-12-21-using-youtube-dl-to-manage-youtube-subscriptions.org | 145 | ||||
-rw-r--r-- | site/posts/2019-06-02-stateless-os.org | 60 | ||||
-rw-r--r-- | site/templates/pastebin-list.html | 7 | ||||
-rw-r--r-- | site/templates/pastebin.html | 8 | ||||
-rw-r--r-- | site/templates/post-list.html | 7 | ||||
-rw-r--r-- | site/templates/post.html | 16 | ||||
-rw-r--r-- | styles.css (renamed from site/css/styles.css) | 0 |
23 files changed, 138 insertions, 446 deletions
diff --git a/site/templates/default.html b/_layouts/default.html index 2fdf64b..fc9befd 100644 --- a/site/templates/default.html +++ b/_layouts/default.html @@ -1,12 +1,12 @@ -<!doctype html> -<html lang="en"> +<!DOCTYPE html> +<html lang="{{ page.lang | default: site.lang | default: "en" }}"> <head> - <meta charset="utf-8"> - <meta http-equiv="x-ua-compatible" content="ie=edge"> + <meta charset="UTF-8"> + <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> - <title>$title$ - EuAndreh's blog</title> - <link rel="stylesheet" href="/css/styles.css" /> - <link rel="alternate" type="application/atom+xml" href="/feed.atom" title="EuAndreh's Feed" /> + <link rel="stylesheet" href="/styles.css"> + <link rel="alternate" type="application/atom+xml" href="/feed.xml" title="EuAndreh's Feed" /> + {%- seo -%} </head> <body> <header> @@ -24,8 +24,7 @@ </header> <main role="main"> - <h1>$title$</h1> - $body$ + {{ content }} </main> <footer> @@ -39,7 +38,6 @@ <a href="/public-key.txt">81F90EC3CD356060</a> </li> </ul> - <p> The content for this site is licensed under <a rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/">CC-BY-SA</a>. The <a href="https://git.sr.ht/~euandreh/website">code</a> is <a href="https://git.sr.ht/~euandreh/website/tree/master/LICENSE">GPLv3 or later</a>. </p> diff --git a/site/posts/2018-07-17-running-guix-on-nixos.org b/_posts/2018-07-17-running-guix-on-nixos.md index d28b8d2..69a9d1a 100644 --- a/site/posts/2018-07-17-running-guix-on-nixos.org +++ b/_posts/2018-07-17-running-guix-on-nixos.md @@ -1,15 +1,29 @@ --- title: Running Guix on NixOS date: 2018-07-17 +layout: post --- -I wanted to run Guix on a NixOS machine. Even though the Guix manual explains how to do it [[https://www.gnu.org/software/guix/manual/en/html_node/Binary-Installation.html#Binary-Installation][step by step]], I needed a few extra ones to make it work properly. +I wanted to run +Guix on a NixOS machine. Even though the Guix manual explains how to do +it [step by +step](https://www.gnu.org/software/guix/manual/en/html_node/Binary-Installation.html#Binary-Installation), +I needed a few extra ones to make it work properly. -I couldn't just install GuixSD because my wireless network card doesn't have any free/libre drivers (yet). -** Creating =guixbuilder= users -Guix requires you to create non-root users that will be used to perform the builds in the isolated environments. +I couldn\'t just install GuixSD because my wireless network card +doesn\'t have any free/libre drivers (yet). -The [[https://www.gnu.org/software/guix/manual/en/html_node/Build-Environment-Setup.html#Build-Environment-Setup][manual]] already provides you with a ready to run (as root) command for creating the build users: -#+BEGIN_SRC bash -n +Creating `guixbuilder` users +---------------------------- + +Guix requires you to create non-root users that will be used to perform +the builds in the isolated environments. + +The +[manual](https://www.gnu.org/software/guix/manual/en/html_node/Build-Environment-Setup.html#Build-Environment-Setup) +already provides you with a ready to run (as root) command for creating +the build users: + +``` {.bash .numberLines startFrom=""} groupadd --system guixbuild for i in `seq -w 1 10`; do @@ -18,9 +32,14 @@ do -c "Guix build user $i" --system \ guixbuilder$i; done -#+END_SRC -However, In my personal NixOS I have disabled [[https://nixos.org/nixos/manual/index.html#sec-user-management][=users.mutableUsers=]], which means that even if I run the above command it means that they'll be removed once I rebuild my OS: -#+BEGIN_SRC shell -n +``` + +However, In my personal NixOS I have disabled +[`users.mutableUsers`](https://nixos.org/nixos/manual/index.html#sec-user-management), +which means that even if I run the above command it means that they\'ll +be removed once I rebuild my OS: + +``` {.shell .numberLines startFrom=""} $ sudo nixos-rebuild switch (...) removing user ‘guixbuilder7’ @@ -34,9 +53,12 @@ removing user ‘guixbuilder2’ removing user ‘guixbuilder8’ removing user ‘guixbuilder5’ (...) -#+END_SRC -Instead of enabling =users.mutableUsers= I could add the Guix users by adding them to my system configuration: -#+BEGIN_SRC nix -n +``` + +Instead of enabling `users.mutableUsers` I could add the Guix users by +adding them to my system configuration: + +``` {.nix .numberLines startFrom=""} { config, pkgs, ...}: { @@ -77,15 +99,26 @@ Instead of enabling =users.mutableUsers= I could add the Guix users by adding th }; }; } -#+END_SRC -Here I used =fold= and the =//= operator to merge all of the configuration sets into a single =extraUsers= value. -** Creating the =systemd= service -One other thing missing was the =systemd= service. +``` + +Here I used `fold` and the `//` operator to merge all of the +configuration sets into a single `extraUsers` value. + +Creating the `systemd` service +------------------------------ -First I couldn't just copy the =.service= file to =/etc= since in NixOS that folder isn't writable. But also I wanted the service to be better integrated with the OS. +One other thing missing was the `systemd` service. -That was a little easier than creating the users, all I had to do was translate the provided [[https://git.savannah.gnu.org/cgit/guix.git/tree/etc/guix-daemon.service.in?id=00c86a888488b16ce30634d3a3a9d871ed6734a2][=guix-daemon.service.in=]] configuration to an equivalent Nix expression -#+BEGIN_SRC ini -n +First I couldn\'t just copy the `.service` file to `/etc` since in NixOS +that folder isn\'t writable. But also I wanted the service to be better +integrated with the OS. + +That was a little easier than creating the users, all I had to do was +translate the provided +[`guix-daemon.service.in`](https://git.savannah.gnu.org/cgit/guix.git/tree/etc/guix-daemon.service.in?id=00c86a888488b16ce30634d3a3a9d871ed6734a2) +configuration to an equivalent Nix expression + +``` {.ini .numberLines startFrom=""} # This is a "service unit file" for the systemd init system to launch # 'guix-daemon'. Drop it in /etc/systemd/system or similar to have # 'guix-daemon' automatically started. @@ -107,9 +140,11 @@ TasksMax=8192 [Install] WantedBy=multi-user.target -#+END_SRC -This sample =systemd= configuration file became: -#+BEGIN_SRC nix -n +``` + +This sample `systemd` configuration file became: + +``` {.nix .numberLines startFrom=""} guix-daemon = { enable = true; description = "Build daemon for GNU Guix"; @@ -123,9 +158,12 @@ guix-daemon = { }; wantedBy = [ "multi-user.target" ]; }; -#+END_SRC -There you go! After running =sudo nixos-rebuild switch= I could get Guix up and running: -#+BEGIN_SRC bash -n +``` + +There you go! After running `sudo nixos-rebuild switch` I could get Guix +up and running: + +``` {.bash .numberLines startFrom=""} $ guix package -i hello The following package will be installed: hello 2.10 /gnu/store/bihfrh609gkxb9dp7n96wlpigiv3krfy-hello-2.10 @@ -142,9 +180,15 @@ Creating manual page database... 2 packages in profile $ hello Hello, world! -#+END_SRC +``` + Some improvements to this approach are: -1. looking into [[https://nixos.org/nixos/manual/index.html#sec-writing-modules][NixOS modules]] and trying to bundle everything together into a single logical unit; -2. [[https://www.gnu.org/software/guix/manual/en/html_node/Requirements.html#Requirements][build Guix from source]] and share the Nix store and daemon with Guix. + +1. looking into [NixOS + modules](https://nixos.org/nixos/manual/index.html#sec-writing-modules) + and trying to bundle everything together into a single logical unit; +2. [build Guix from + source](https://www.gnu.org/software/guix/manual/en/html_node/Requirements.html#Requirements) + and share the Nix store and daemon with Guix. Happy Guix/Nix hacking! diff --git a/site/favicon.ico b/favicon.ico Binary files differindex 8ebd54f..8ebd54f 100644 --- a/site/favicon.ico +++ b/favicon.ico diff --git a/site/images/atom.svg b/images/atom.svg index 8d9a80b..8d9a80b 100644 --- a/site/images/atom.svg +++ b/images/atom.svg diff --git a/site/images/envelope.svg b/images/envelope.svg index aa58507..aa58507 100644 --- a/site/images/envelope.svg +++ b/images/envelope.svg diff --git a/site/images/lock.svg b/images/lock.svg index e8b33a2..e8b33a2 100644 --- a/site/images/lock.svg +++ b/images/lock.svg diff --git a/site/pastebin/failure-on-guix-tex-live-importer.org b/pastebins/failure-on-guix-tex-live-importer.md index cb86621..410d768 100644 --- a/site/pastebin/failure-on-guix-tex-live-importer.org +++ b/pastebins/failure-on-guix-tex-live-importer.md @@ -1,8 +1,6 @@ ---- -title: Failure on Guix TeX Live importer -date: 2020-01-04 ---- -#+BEGIN_SRC shell -n +--- title: Failure on Guix TeX Live importer date: 2020-01-04 --- + +``` {.shell .numberLines startFrom=""} $ guix import texlive fontspec redirection vers « https://ctan.org/xml/1.2/pkg/fontspec »... Backtrace: @@ -32,4 +30,4 @@ In guix/build/utils.scm: guix/build/utils.scm:652:6: In procedure invoke: Throw to key `srfi-34' with args `(#<condition &invoke-error [program: "svn" arguments: ("export" "--non-interactive" "--trust-server-cert" "-r" "49435" "svn://www.tug.org/texlive/tags/texlive-2018.2/Master/texmf-dist/source/latex/fontspec" "/tmp/guix-directory.WtLohP") exit-status: 1 term-signal: #f stop-signal: #f] 7fe80d229c80>)'. -#+END_SRC +``` diff --git a/site/pastebin/inconsistent-hash-of-buildgomodule.org b/pastebins/inconsistent-hash-of-buildgomodule.md index 2aa7d96..3cdc823 100644 --- a/site/pastebin/inconsistent-hash-of-buildgomodule.org +++ b/pastebins/inconsistent-hash-of-buildgomodule.md @@ -1,29 +1,35 @@ ---- -title: Inconsistent hash of buildGoModule -date: 2019-06-08 ---- -[[https://discourse.nixos.org/t/inconsistent-hash-of-buildgomodule/3127/2][FIXED]]. +--- title: Inconsistent hash of buildGoModule date: 2019-06-08 --- +[FIXED](https://discourse.nixos.org/t/inconsistent-hash-of-buildgomodule/3127/2). -The [[https://git.sr.ht/~euandreh/vps/commit/6ba76140238b5e3c7009c201f9f80ac86063f438][commit that made this visible]]. -* Offending derivation: -[[https://git.sr.ht/~euandreh/vps/tree/6ba76140238b5e3c7009c201f9f80ac86063f438/default.nix#L3-15][Full source code on sr.ht]]: -#+BEGIN_SRC nix -n - terraform-godaddy = pkgs.buildGoModule rec { - name = "terraform-godaddy-${version}"; - version = "1.6.4"; - src = pkgs.fetchFromGitHub { - owner = "n3integration"; - repo = "terraform-godaddy"; - rev = "v${version}"; - sha256 = "00blqsan74s53dk9ab4hxi1kzxi46k57dr65dmbiradfa3yz3852"; - }; - modSha256 = "0p81wqw2n8vraxk20xwg717582ijwq2k7v5j3n13y4cd5bxd8hhz"; - postInstall = - "mv $out/bin/terraform-godaddy $out/bin/terraform-provider-godaddy"; +The [commit that made this +visible](https://git.sr.ht/~euandreh/vps/commit/6ba76140238b5e3c7009c201f9f80ac86063f438). + +Offending derivation: +===================== + +[Full source code on +sr.ht](https://git.sr.ht/~euandreh/vps/tree/6ba76140238b5e3c7009c201f9f80ac86063f438/default.nix#L3-15): + +``` {.nix .numberLines startFrom=""} +terraform-godaddy = pkgs.buildGoModule rec { + name = "terraform-godaddy-${version}"; + version = "1.6.4"; + src = pkgs.fetchFromGitHub { + owner = "n3integration"; + repo = "terraform-godaddy"; + rev = "v${version}"; + sha256 = "00blqsan74s53dk9ab4hxi1kzxi46k57dr65dmbiradfa3yz3852"; }; -#+END_SRC -* Local build: -#+BEGIN_SRC shell -n + modSha256 = "0p81wqw2n8vraxk20xwg717582ijwq2k7v5j3n13y4cd5bxd8hhz"; + postInstall = + "mv $out/bin/terraform-godaddy $out/bin/terraform-provider-godaddy"; +}; +``` + +Local build: +============ + +``` {.shell .numberLines startFrom=""} $ nix-build -A terraform-godaddy these derivations will be built: /nix/store/3hs274i9qdsg3hsgp05j7i5cqxsvpcqx-terraform-godaddy-1.6.4-go-modules.drv @@ -169,10 +175,15 @@ hash mismatch in fixed-output derivation '/nix/store/jgbfkhlsz6bmq724p5cqqcgfyc7 got: sha256:10n2dy7q9kk1ly58sw965n6qa8l0nffh8vyd1vslx0gdlyj25xxs cannot build derivation '/nix/store/y5961vv6y9c0ps2sbd8xfnpqvk0q7qhq-terraform-godaddy-1.6.4.drv': 1 dependencies couldn't be built error: build of '/nix/store/y5961vv6y9c0ps2sbd8xfnpqvk0q7qhq-terraform-godaddy-1.6.4.drv' failed -#+END_SRC -* Build [[https://builds.sr.ht/~euandreh/job/67836#task-setup-0][on CI]]: -The =setup.sh= script contains a call to =nix-shell= which in turns build the same =terraform-godaddy= derivation: -#+BEGIN_SRC shell -n +``` + +Build [on CI](https://builds.sr.ht/~euandreh/job/67836#task-setup-0): +===================================================================== + +The `setup.sh` script contains a call to `nix-shell` which in turns +build the same `terraform-godaddy` derivation: + +``` {.shell .numberLines startFrom=""} + cd vps/ + ./scripts/ci/setup.sh warning: Nix search path entry '/nix/var/nix/profiles/per-user/root/channels' does not exist, ignoring @@ -1030,4 +1041,4 @@ hash mismatch in fixed-output derivation '/nix/store/q8y0mzjl78hfhazjgq2sc84i7dp cannot build derivation '/nix/store/w4ghinrmpq524k3617ikfc8i42aa0dbb-terraform-godaddy-1.6.4.drv': 1 dependencies couldn't be built copying path '/nix/store/63gjp25l4cmdkl63zy0rcgmsvd2p2p34-terraform-0.11.14' from 'https://cache.nixos.org'... error: build of '/nix/store/9drkn1qxkkcrz5g3413lpmbc2xysa582-terraform-0.11.14.drv', '/nix/store/w4ghinrmpq524k3617ikfc8i42aa0dbb-terraform-godaddy-1.6.4.drv' failed -#+END_SRC +``` diff --git a/site/pastebin/nix-exps.org b/pastebins/nix-exps.md index 997d6ab..426d681 100644 --- a/site/pastebin/nix-exps.org +++ b/pastebins/nix-exps.md @@ -1,8 +1,6 @@ ---- -title: Nix Stuff -date: 2018-07-25 ---- -#+BEGIN_SRC nix -n +--- title: Nix Stuff date: 2018-07-25 --- + +``` {.nix .numberLines startFrom=""} let pkgsOriginal = import <nixpkgs> {}; pkgsSrc = pkgsOriginal.fetchzip { @@ -43,4 +41,4 @@ in rec { ''; }; } -#+END_SRC +``` diff --git a/site/pastebin/nix-show-derivation.org b/pastebins/nix-show-derivation.md index 96d2c66..2daec81 100644 --- a/site/pastebin/nix-show-derivation.org +++ b/pastebins/nix-show-derivation.md @@ -1,8 +1,6 @@ ---- -title: nix show-derivation sample output -date: 2018-07-25 ---- -#+BEGIN_SRC nix -n +--- title: nix show-derivation sample output date: 2018-07-25 --- + +``` {.nix .numberLines startFrom=""} $ nix show-derivation /nix/store/zzz9cl2ly0mb2njr7vwa5528fxmn29m8-combofont-0.2.drv { "/nix/store/zzz9cl2ly0mb2njr7vwa5528fxmn29m8-combofont-0.2.drv": { @@ -71,4 +69,4 @@ $ nix show-derivation /nix/store/zzz9cl2ly0mb2njr7vwa5528fxmn29m8-combofont-0.2. } } } -#+END_SRC +``` diff --git a/site/pastebin/raku-tuple-type-annotation.org b/pastebins/raku-tuple-type-annotation.md index 8d0e55f..6d5957f 100644 --- a/site/pastebin/raku-tuple-type-annotation.org +++ b/pastebins/raku-tuple-type-annotation.md @@ -1,8 +1,6 @@ ---- -title: Raku tuple type annotation -date: 2019-12-29 ---- -#+BEGIN_SRC raku -n +--- title: Raku tuple type annotation date: 2019-12-29 --- + +``` {.raku .numberLines startFrom=""} # Single Str return value: this works sub f1(Str $in --> Str) { $in; @@ -18,11 +16,11 @@ sub f2(Str $in --> (Str, Str)) { ($in, $in); } -#+END_SRC +``` Error log is: -#+BEGIN_SRC text -n +``` {.text .numberLines startFrom=""} ===SORRY!=== Error while compiling /path/to/my/file Malformed return value -#+END_SRC +``` diff --git a/site/root/public-key.txt b/public-key.txt index a21283d..a21283d 100644 --- a/site/root/public-key.txt +++ b/public-key.txt diff --git a/site/index.html b/site/index.html deleted file mode 100644 index 8c3db94..0000000 --- a/site/index.html +++ /dev/null @@ -1,6 +0,0 @@ ---- -title: Home ---- - -<h2>Recent posts</h2> -$partial("templates/post-list.html")$ diff --git a/site/pages/about.org b/site/pages/about.org deleted file mode 100644 index b7dd87a..0000000 --- a/site/pages/about.org +++ /dev/null @@ -1,14 +0,0 @@ ---- -title: About ---- -Hi, I'm EuAndreh. I write software and occasionally music. You can find my contact information in the footer of this page, or mail my [[mailto:~euandreh/public-inbox@lists.sr.ht][public inbox]]. - -This is my personal website where I write articles, publish software and more related work. - -Below you can find some interesting projects of mine. -** Software projects -*** [[https://euandre.org/cool-read-macros/][cool-read-macros]] -*** [[https://euandre.org/cl-bson/][cl-BSON]] -[[https://euandre.org/cl-intbytes][cl-intbytes]] as a side-effect. -** Other things -[[./pastebins.html][Pastebin listing]]. diff --git a/site/pastebins.html b/site/pastebins.html deleted file mode 100644 index 0afa928..0000000 --- a/site/pastebins.html +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Pastebins listing ---- - -$partial("templates/pastebin-list.html")$ diff --git a/site/posts/2018-08-01-verifying-npm-ci-reproducibility.org b/site/posts/2018-08-01-verifying-npm-ci-reproducibility.org deleted file mode 100644 index 7d19632..0000000 --- a/site/posts/2018-08-01-verifying-npm-ci-reproducibility.org +++ /dev/null @@ -1,85 +0,0 @@ ---- -title: Verifying <code>npm ci</code> reproducibility -date: 2018-08-01 ---- -When [[https://blog.npmjs.org/post/161081169345/v500][npm@5]] came bringing [[https://docs.npmjs.com/files/package-locks][package-locks]] with it, I was confused about the benefits it provided, since running =npm install= more than once could resolve all the dependencies again and yield yet another fresh =package-lock.json= file. The message saying "you should add this file to version control" left me hesitant on what to do[fn:npm-install]. - -However the [[https://blog.npmjs.org/post/171556855892/introducing-npm-ci-for-faster-more-reliable][addition of =npm ci=]] filled this gap: it's a stricter variation of =npm install= which guarantees that "[[https://docs.npmjs.com/files/package-lock.json][subsequent installs are able to generate identical trees]]". But are they really identical? I could see that I didn't have the same problems of different installation outputs, but I didn't know for *sure* if it was really identical. -** Computing the hash of a directory's content -I quickly searched for a way to check for the hash signature of an entire directory tree, but I couldn't find one. I've made a poor man's [[https://en.wikipedia.org/wiki/Merkle_tree][Merkle tree]] implementation using =sha256sum= and a few piped commands at the terminal: -#+BEGIN_SRC bash -n - merkle-tree () { - dirname="${1-.}" - pushd "$dirname" - find . -type f | \ - sort | \ - xargs -I{} sha256sum "{}" | \ - sha256sum | \ - awk '{print $1}' - popd - } -#+END_SRC -Going through it line by line: -- #1 we define a Bash function called =merkle-tree=; -- #2 it accepts a single argument: the directory to compute the merkle tree from. If nothing is given, it runs on the current directory (=.=); -- #3 we go to the directory, so we don't get different prefixes in =find='s output (like =../a/b=); -- #4 we get all files from the directory tree. Since we're using =sha256sum= to compute the hash of the file contents, we need to filter out folders from it; -- #5 we need to sort the output, since different file systems and =find= implementations may return files in different orders; -- #6 we use =xargs= to compute the hash of each file individually through =sha256sum=. Since a file may contain spaces we need to escape it with quotes; -- #7 we compute the hash of the combined hashes. Since =sha256sum= output is formatted like =<hash> <filename>=, it produces a different final hash if a file ever changes name without changing it's content; -- #8 we get the final hash output, excluding the =<filename>= (which is =-= in this case, aka =stdin=). -*** Positive points: -1. ignore timestamp: running more than once on different installation yields the same hash; -2. the name of the file is included in the final hash computation. -*** Limitations: -1. it ignores empty folders from the hash computation; -2. the implementation's only goal is to represent using a digest whether the content of a given directory is the same or not. Leaf presence checking is obviously missing from it. -*** Testing locally with sample data -#+BEGIN_SRC bash -n - mkdir /tmp/merkle-tree-test/ - cd /tmp/merkle-tree-test/ - mkdir -p a/b/ a/c/ d/ - echo "one" > a/b/one.txt - echo "two" > a/c/two.txt - echo "three" > d/three.txt - merkle-tree . # output is be343bb01fe00aeb8fef14a3e16b1c3d1dccbf86d7e41b4753e6ccb7dc3a57c3 - merkle-tree . # output still is be343bb01fe00aeb8fef14a3e16b1c3d1dccbf86d7e41b4753e6ccb7dc3a57c3 - echo "four" > d/four.txt - merkle-tree . # output is now b5464b958969ed81815641ace96b33f7fd52c20db71a7fccc45a36b3a2ae4d4c - rm d/four.txt - merkle-tree . # output back to be343bb01fe00aeb8fef14a3e16b1c3d1dccbf86d7e41b4753e6ccb7dc3a57c3 - echo "hidden-five" > a/b/one.txt - merkle-tree . # output changed 471fae0d074947e4955e9ac53e95b56e4bc08d263d89d82003fb58a0ffba66f5 -#+END_SRC -It seems to work for this simple test case. - -You can try copying and pasting it to verify the hash signatures. -** Using =merkle-tree= to check the output of =npm ci= -/I've done all of the following using Node.js v8.11.3 and npm@6.1.0./ - -In this test case I'll take the main repo of [[https://lernajs.io/][Lerna]][fn:js-repos]: -#+BEGIN_SRC bash -n - cd /tmp/ - git clone https://github.com/lerna/lerna.git - cd lerna/ - git checkout 57ff865c0839df75dbe1974971d7310f235e1109 - npm ci - merkle-tree node_modules/ # outputs 11e218c4ac32fac8a9607a8da644fe870a25c99821167d21b607af45699afafa - rm -rf node_modules/ - npm ci - merkle-tree node_modules/ # outputs 11e218c4ac32fac8a9607a8da644fe870a25c99821167d21b607af45699afafa - npm ci # test if it also works with an existing node_modules/ folder - merkle-tree node_modules/ # outputs 11e218c4ac32fac8a9607a8da644fe870a25c99821167d21b607af45699afafa -#+END_SRC -Good job =npm ci= :) - -#6 and #9 take some time to run (21 seconds in my machine), but this specific use case isn't performance sensitive. The slowest step is computing the hash of each individual file. -** Conclusion -=npm ci= really "generates identical trees". - -I'm not aware of any other existing solution for verifying the hash signature of a directory. If you know any I'd [[mailto:eu@euandre.org][like to know]]. -** /Edit/ -2019/05/22: Fix spelling. - -[fn:npm-install] The [[https://docs.npmjs.com/cli/install#description][documentation]] claims =npm install= is driven by the existing =package-lock.json=, but that' actually [[https://github.com/npm/npm/issues/17979#issuecomment-332701215][a little bit tricky]]. -[fn:js-repos] Finding a big known repo that actually committed the =package-lock.json= file was harder than I expected. diff --git a/site/posts/2018-12-21-using-youtube-dl-to-manage-youtube-subscriptions.org b/site/posts/2018-12-21-using-youtube-dl-to-manage-youtube-subscriptions.org deleted file mode 100644 index b4f4e81..0000000 --- a/site/posts/2018-12-21-using-youtube-dl-to-manage-youtube-subscriptions.org +++ /dev/null @@ -1,145 +0,0 @@ ---- -title: Using <code>youtube-dl</code> to manage YouTube subscriptions -date: 2018-12-21 ---- -I've recently read the [[https://www.reddit.com/r/DataHoarder/comments/9sg8q5/i_built_a_selfhosted_youtube_subscription_manager/][announcement]] of a very nice [[https://github.com/chibicitiberiu/ytsm][self-hosted YouTube subscription manager]]. I haven't used YouTube's built-in subscriptions for a while now, and haven't missed it at all. When I saw the announcement, I considered writing about the solution I've built on top of [[https://youtube-dl.org/][youtube-dl]]. -** Background: the problem with YouTube -In many ways, I agree with [[https://staltz.com/what-happens-when-you-block-internet-giants.html][André Staltz's view on data ownership and privacy]]: -#+BEGIN_QUOTE -I started with the basic premise that “I want to be in control of my data”. Sometimes that meant choosing when to interact with an internet giant and how much I feel like revealing to them. Most of times it meant not interacting with them at all. I don’t want to let them be in full control of how much they can know about me. I don’t want to be in autopilot mode. -(...) -Which leads us to YouTube. While I was able to find alternatives to Gmail (Fastmail), Calendar (Fastmail), Translate (Yandex Translate), etc, YouTube remains as the most indispensable Google-owned web service. It is really really hard to avoid consuming YouTube content. It was probably the smartest startup acquisition ever. My privacy-oriented alternative is to watch YouTube videos through Tor, which is technically feasible but not polite to use the Tor bandwidth for these purposes. I’m still scratching my head with this issue. -#+END_QUOTE -Even though I don't use most alternative services he mentions, I do watch videos from YouTube. But I also feel uncomfortable logging in to YouTube with a Google account, watching videos, creating playlists and similar things. - -Using the mobile app is worse: you can't even block ads in there. You're in less control on what you share with YouTube and Google. -** youtube-dl -youtube-dl is a command-line tool for downloading videos, from YouTube and [[https://rg3.github.io/youtube-dl/supportedsites.html][many other sites]]: -#+BEGIN_SRC shell -$ youtube-dl https://www.youtube.com/watch?v=rnMYZnY3uLA -[youtube] rnMYZnY3uLA: Downloading webpage -[youtube] rnMYZnY3uLA: Downloading video info webpage -[download] Destination: A Origem da Vida _ Nerdologia-rnMYZnY3uLA.mp4 -[download] 100% of 32.11MiB in 00:12 -#+END_SRC -It can be used to download individual videos as showed above, but it also has some interesting flags that we can use: -- =--output=: use a custom template to create the name of the downloaded file; -- =--download-archive=: use a text file for recording and remembering which videos were already downloaded; -- =--prefer-free-formats=: prefer free video formats, like =webm=, =ogv= and Matroska =mkv=; -- =--playlist-end=: how many videos to download from a "playlist" (a channel, a user or an actual playlist); -- =--write-description=: write the video description to a =.description= file, useful for accessing links and extra content. - -Putting it all together: -#+BEGIN_SRC shell -$ youtube-dl "https://www.youtube.com/channel/UClu474HMt895mVxZdlIHXEA" \ - --download-archive ~/Nextcloud/cache/youtube-dl-seen.conf \ - --prefer-free-formats \ - --playlist-end 20 \ - --write-description \ - --output "~/Downloads/yt-dl/%(uploader)s/%(upload_date)s - %(title)s.%(ext)s" -#+END_SRC -This will download the latest 20 videos from the selected channel, and write down the video IDs in the =youtube-dl-seen.conf= file. Running it immediately after one more time won't have any effect. - -If the channel posts one more video, running the same command again will download only the last video, since the other 19 were already downloaded. - -With this basic setup you have a minimal subscription system at work, and you can create some functions to help you manage that: -#+BEGIN_SRC shell -#!/bin/sh - -export DEFAULT_PLAYLIST_END=15 - -download() { - youtube-dl "$1" \ - --download-archive ~/Nextcloud/cache/youtube-dl-seen.conf \ - --prefer-free-formats \ - --playlist-end $2 \ - --write-description \ - --output "~/Downloads/yt-dl/%(uploader)s/%(upload_date)s - %(title)s.%(ext)s" -} -export -f download - - -download_user() { - download "https://www.youtube.com/user/$1" ${2-$DEFAULT_PLAYLIST_END} -} -export -f download_user - - -download_channel() { - download "https://www.youtube.com/channel/$1" ${2-$DEFAULT_PLAYLIST_END} -} -export -f download_channel - - -download_playlist() { - download "https://www.youtube.com/playlist?list=$1" ${2-$DEFAULT_PLAYLIST_END} -} -export -f download_playlist -#+END_SRC -With these functions, you now can have a subscription fetching script to download the latest videos from your favorite channels: -#+BEGIN_SRC shell -#!/bin/sh - -download_user ClojureTV 15 -download_channel "UCmEClzCBDx-vrt0GuSKBd9g" 100 -download_playlist "PLqG7fA3EaMRPzL5jzd83tWcjCUH9ZUsbX" 15 -#+END_SRC -Now, whenever you want to watch the latest videos, just run the above script and you'll get all of them in your local machine. -** Tradeoffs -*** I've made it for myself, with my use case in mind -**** Offline -My internet speed it somewhat reasonable[fn:reasonable-internet], but it is really unstable. Either at work or at home, it's not uncommon to loose internet access for 2 minutes 3~5 times every day, and stay completely offline for a couple of hours once every week. - -Working through the hassle of keeping a playlist on disk has payed off many, many times. Sometimes I even not notice when the connection drops for some minutes, because I'm watching a video and working on some document, all on my local computer. - -There's also no quality adjustment for YouTube's web player, I always pick the higher quality and it doesn't change during the video. For some types of content, like a podcast with some tiny visual resources, this doesn't change much. For other types of content, like a keynote presentation with text written on the slides, watching on 144p isn't really an option. - -If the internet connection drops during the video download, youtube-dl will resume from where it stopped. - -This is an offline first benefit that I really like, and works well for me. -**** Sync the "seen" file -I already have a running instance of Nextcloud, so just dumping the =youtube-dl-seen.conf= file inside Nextcloud was a no-brainer. - -You could try putting it in a dedicated git repository, and wrap the script with an autocommit after every run. If you ever had a merge conflict, you'd simply accept all changes and then run: -#+BEGIN_SRC shell -$ uniq youtube-dl-seen.conf > youtube-dl-seen.conf -#+END_SRC -to tidy up the file. -**** Doesn't work on mobile -My primary device that I use everyday is my laptop, not my phone. It works well for me this way. - -Also, it's harder to add ad-blockers to mobile phones, and most mobile software still depends on Google's and Apple's blessing. - -If you wish, you can sync the videos to the SD card periodically, but that's a bit of extra manual work. -*** The Good -**** Better privacy -We don't even have to configure the ad-blocker to keep ads and trackers away! - -YouTube still has your IP address, so using a VPN is always a good idea. However, a timing analysis would be able to identify you (considering the current implementation). -**** No need to self-host -There's no host that needs maintenance. Everything runs locally. - -As long as you keep youtube-dl itself up to date and sync your "seen" file, there's little extra work to do. -**** Track your subscriptions with git -After creating a =subscriptions.sh= executable that downloads all the videos, you can add it to git and use it to track metadata about your subscriptions. -*** The Bad -**** Maximum playlist size is your disk size -This is a good thing for getting a realistic view on your actual "watch later" list. However I've run out of disk space many times, and now I need to be more aware of how much is left. -*** The Ugly -We can only avoid all the bad parts of YouTube with youtube-dl as long as YouTube keeps the videos public and programmatically accessible. If YouTube ever blocks that we'd loose the ability to consume content this way, but also loose confidence on considering YouTube a healthy repository of videos on the internet. -** Going beyond -Since you're running everything locally, here are some possibilities to be explored: -*** A playlist that is too long for being downloaded all at once -You can wrap the =download_playlist= function (let's call the wrapper =inc_download=) and instead of passing it a fixed number to the =--playlist-end= parameter, you can store the =$n= in a folder (something like =$HOME/.yt-db/$PLAYLIST_ID=) and increment it by =$step= every time you run =inc_download=. - -This way you can incrementally download videos from a huge playlist without filling your disk with gigabytes of content all at once. -*** Multiple computer scenario -The =download_playlist= function could be aware of the specific machine that it is running on and apply specific policies depending on the machine: always download everything; only download videos that aren't present anywhere else; etc. -** Conclusion -youtube-dl is a great tool to keep at hand. It covers a really large range of video websites and works robustly. - -Feel free to copy and modify this code, and [[mailto:eu@euandre.org][send me]] suggestions of improvements or related content. -** /Edit/ -2019/05/22: Fix spelling. - -[fn:reasonable-internet] Considering how expensive it is and the many ways it could be better, but also how much it has improved over the last years, I say it's reasonable. diff --git a/site/posts/2019-06-02-stateless-os.org b/site/posts/2019-06-02-stateless-os.org deleted file mode 100644 index 84659d8..0000000 --- a/site/posts/2019-06-02-stateless-os.org +++ /dev/null @@ -1,60 +0,0 @@ ---- -title: Using NixOS as an stateless workstation -date: 2019-06-02 ---- -Last week[fn:last-week] I changed back to an old[fn:old-laptop] Samsung laptop, and installed [[https://nixos.org/][NixOS]] on it. - -After using NixOS on another laptop for around two years, I wanted verify how reproducible was my desktop environment, and how far does NixOS actually can go on recreating my whole OS from my configuration files and personal data. I gravitated towards NixOS after trying (and failing) to create an =install.sh= script that would imperatively install and configure my whole OS using apt-get. When I found a GNU/Linux distribution that was built on top of the idea of declaratively specifying the whole OS I was automatically convinced[fn:convinced]. - -I was impressed. Even though I've been experiencing the benefits of Nix isolation daily, I always felt skeptical that something would be missing, because the devil is always on the details. But the result was much better than expected! - -There were only 2 missing configurations: -1. tap-to-click on the touchpad wasn't enabled by default; -2. the default theme from the gnome-terminal is "Black on white" instead of "White on black". - -That's all. - -I haven't checked if I can configure those in NixOS GNOME module, but I guess both are scriptable and could be set in a fictional =setup.sh= run. - -This makes me really happy, actually. More happy than I anticipated. - -Having such a powerful declarative OS makes me feel like my data is the really important stuff (as it should be), and I can interact with it on any workstation. All I need is an internet connection and a few hours to download everything. It feels like my physical workstation and the installed OS are serving me and my data, instead of me feeling as hostage to the specific OS configuration at the moment. Having a few backup copies of everything important extends such peacefulness. - -After this positive experience with recreating my OS from simple Nix expressions, I started to wonder how far I could go with this, and started considering other areas of improvements: -*** First run on a fresh NixOS installation -Right now the initial setup relies on non-declarative manual tasks, like decrypting some credentials, or manually downloading *this* git repository with specific configurations before *that* one. - -I wonder what some areas of improvements are on this topic, and if investing on it is worth it (both time-wise and happiness-wise). -*** Emacs -Right now I'm using the [[http://spacemacs.org/][Spacemacs]], which is a community package curation and configuration on top of [[https://www.gnu.org/software/emacs/][Emacs]]. - -Spacemacs does support the notion of [[http://spacemacs.org/doc/LAYERS.html][layers]], which you can declaratively specify and let Spacemacs do the rest. - -However this solution isn't nearly as robust as Nix: being purely functional, Nix does describe everything required to build a derivation, and knows how to do so. Spacemacs it closer to more traditional package managers: even though the layers list is declarative, the installation is still very much imperative. I've had trouble with Spacemacs not behaving the same on different computers, both with identical configurations, only brought to convergence back again after a =git clean -fdx= inside =~/.emacs.d/=. - -The ideal solution would be managing Emacs packages with Nix itself. After a quick search I did found that [[https://nixos.org/nixos/manual/index.html#module-services-emacs-adding-packages][there is support for Emacs packages in Nix]]. So far I was only aware of [[https://www.gnu.org/software/guix/manual/en/html_node/Application-Setup.html#Emacs-Packages][Guix support for Emacs packages]]. - -This isn't a trivial change because Spacemacs does include extra curation and configuration on top of Emacs packages. I'm not sure the best way to improve this right now. -*** myrepos -I'm using [[https://myrepos.branchable.com/][myrepos]] to manage all my git repositories, and the general rule I apply is to add any repository specific configuration in myrepos' =checkout= phase: -#+BEGIN_SRC shell -# sample ~/.mrconfig file snippet -[dev/guix/guix] -checkout = - git clone https://git.savannah.gnu.org/git/guix.git guix - cd guix/ - git config sendemail.to guix-patches@gnu.org -#+END_SRC -This way when I clone this repo again the email sending is already pre-configured. - -This works well enough, but the solution is too imperative, and my =checkout= phases tend to become brittle over time if not enough care is taken. -*** GNU Stow -For my home profile and personal configuration I already have a few dozens of symlinks that I manage manually. This has worked so far, but the solution is sometimes fragile and [[https://git.sr.ht/~euandreh/dotfiles/tree/316939aa215181b1d22b69e94241eef757add98d/bash/symlinks.sh#L14-75][not declarative at all]]. I wonder if something like [[https://www.gnu.org/software/stow/][GNU Stow]] can help me simplify this. -** Conclusion -I'm really satisfied with NixOS, and I intend to keep using it. If what I've said interests you, maybe try tinkering with the [[https://nixos.org/nix/][Nix package manager]] (not the whole NixOS) on your current distribution (it can live alongside any other package manager). - -If you have experience with declarative Emacs package managements, GNU Stow or any similar tool, etc., [[mailto:eu@euandre.org][I'd like some tips]]. If you don't have any experience at all, [[mailto:eu@euandre.org][I'd still love to hear from you]]. - -[fn:last-week] "Last week" as of the start of this writing, so around the end of May 2019. -[fn:old-laptop] I was using a 32GB RAM, i7 and 250GB SSD Samsung laptop. The switch was back to a 8GB RAM, i5 and 500GB HDD Dell laptop. The biggest difference I noticed was on faster memory, both RAM availability and the disk speed, but I had 250GB less local storage space. -[fn:convinced] The declarative configuration aspect is something that I now completely take for granted, and wouldn't consider using something which isn't declarative. A good metric to show this is me realising that I can't pinpoint the moment when I decided to switch to NixOS. It's like I had a distant past when this wasn't true. diff --git a/site/templates/pastebin-list.html b/site/templates/pastebin-list.html deleted file mode 100644 index 4c98c80..0000000 --- a/site/templates/pastebin-list.html +++ /dev/null @@ -1,7 +0,0 @@ -<ul> - $for(pastebins)$ - <li> - <a href="$url$">$title$</a> - $date$ - </li> - $endfor$ -</ul> diff --git a/site/templates/pastebin.html b/site/templates/pastebin.html deleted file mode 100644 index 7aa2775..0000000 --- a/site/templates/pastebin.html +++ /dev/null @@ -1,8 +0,0 @@ -<article> - <section class="header"> - Posted on $date$ - </section> - <section> - $body$ - </section> -</article> diff --git a/site/templates/post-list.html b/site/templates/post-list.html deleted file mode 100644 index c64cdbd..0000000 --- a/site/templates/post-list.html +++ /dev/null @@ -1,7 +0,0 @@ -<ul> - $for(posts)$ - <li> - <a href="$url$">$title$</a> - $date$ - </li> - $endfor$ -</ul> diff --git a/site/templates/post.html b/site/templates/post.html deleted file mode 100644 index 0ec1efe..0000000 --- a/site/templates/post.html +++ /dev/null @@ -1,16 +0,0 @@ -<article> - <section class="header"> - Posted on $date$ - </section> - <section> - $body$ - </section> - <section> - <p>Have a comment on this post? Start a discussion - in my <a href="https://lists.sr.ht/~euandreh/public-inbox">public inbox</a> - by sending an email to <a href="mailto:~euandreh/public-inbox@lists.sr.ht?Subject=Re%3A%20$title$">~euandreh/public-inbox@lists.sr.ht</a> - [<a href="https://man.sr.ht/lists.sr.ht/etiquette.md">mailing list etiquette</a>], - or see <a href="https://lists.sr.ht/~euandreh/public-inbox?search=$title$">existing discussions</a>. - </p> - </section> -</article> diff --git a/site/css/styles.css b/styles.css index eb4bb78..eb4bb78 100644 --- a/site/css/styles.css +++ b/styles.css |