Using Void Linux As My Daily Driver

Posted by Dave Eddy on Sep 15 2018 - tags: tech

I've been using Void Linux on my laptop for the last couple of weeks and I have been absolutely loving it. The whole system feels lean, minimal, fast, and has amazing battery life. I've found a majority of the software that I've used previously on Arch Linux is either available or compiles just fine on Void. I've run into a couple of issues because I'm using the musl build of Void, but I've managed to deal with them without too much trouble.

Window Manager: i3-gaps
Top Panel: xfce4-panel
Terminal: urxvt
Browser: firefox

vpm - Void Package Manager

On the basic usage page for XBPS, there are a number of example commands for installing a package, searching for a package, removing a package, etc.

Manage PATH Variable in Bash

Posted by Dave Eddy on Sep 12 2018 - tags: tech

Over the weekend I wrote what can only be described as a completely over-engineered solution to something that was really nothing more than a minor annoyance to me. I noticed that some paths in my $PATH environmental variable were duplicated, and some were there that didn't exist on the filesystem, and over all it was just a bit of a mess.

I remember encountering the pathmunge bash function a couple years ago but I didn't want something that relied on grep or any external commands - I wanted to be able to manage $PATH (and $MANPATH) with pure bash.

Introducing bash-path.

Functions to modify colon separated variables like $PATH or $MANPATH

https://github.com/bahamas10/bash-path

All of the logic is in a single file and can be sourced or copied directly into a bashrc file to be used. I pulled in bash-path to my dotfiles with this simple commit

Example

Given the following environment:

$ . path.bash
$ PATH='/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin'

You can add to $PATH using path_add (similar to pathmunge):

$ path_add /my/new/bin
$ path_add /my/new/sbin before
$ echo "$PATH"
/my/new/sbin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/my/new/bin

ThinkPad X1 Carbon Gen 6 BIOS Update

Posted by Dave Eddy on Sep 09 2018 - tags: tech

I purchased the ThinkPad X1 Carbon (6th Gen) laptop over a month ago and have been happily using Void Linux on it for the last couple of weeks or so. The battery on this thing is absolutely amazing - without any tuning specifically for the battery itself, I can get really great battery life.

I posted about my install on reddit and was asked specifically about the power usage. I said:

I keep firefox with ~15 tabs open and have a couple terminal windows open - that's my daily workflow, and I can get like 8 full hours on this laptop! Sleeping however is a nightmare. It doesn't support s3 out of the box and I have yet to try this patch to enable deep sleep - i'll report back when I do. When the laptop is suspended it'll last about 48 hours before it is completely dead (WHICH IS TERRIBLE).

However, my friend Mike showed me this tweet showing that the latest ThinkPad BIOS update added support for better sleeping on Linux! I really wanted better battery life when sleeping, so I jumped into trying to update it as fast as I possibly could - and in that process, I learned a lot and failed pretty hard at first. This is my journey into getting a good nights sleep on my ThinkPad with Linux.

Encrypted Void Linux Install on my ThinkPad X1 Carbon

Posted by Dave Eddy on Sep 05 2018 - tags: tech

I purchased the ThinkPad X1 Carbon (6th Gen) laptop about a month ago and have been loving it. My friend Mike convinced me to get it after showing me how nice his was and how well Linux ran on it. I hadn't run Linux on a laptop or a desktop since around 2010, as I had switched over to almost exclusively OS X.

I installed Manjaro when I got the laptop and used it for a couple of weeks just to get used to Linux again (and the i3 Window Manager). However, this was also my first experience with systemd, and, after using it for a bit, I really wanted something a whole lot simpler. Something that was designed to be lean, easy to understand, and easy to manage.

Enter Void Linux.

To install Void Linux, I basically copied the steps in this wiki page:

https://wiki.voidlinux.eu/Manual_install_w/full_disk_encryption

with the modifications at the bottom for EFI/UEFI machines.

In Honor of Terry Davis and TempleOS

Posted by Dave Eddy on Sep 04 2018 - tags: tech

https://www.youtube.com/watch?v=oY33uoBSw3w

TempleOS is an engineering marvel and Terry A. Davis was an inspiration to a lot of people out there including myself. I made this cover as a way to honor him and his legacy and provide support for anybody out there who is dealing with this tragic loss.

This hymn is one of my personal favorites. It is commonly used as the introduction song for most videos by Terry about TempleOS - albeit it in a more MIDI like sound played directly by the PC speaker.

I made a more upbeat version of this song last year, though it wasn't personally enjoyed by Terry himself.

https://www.youtube.com/watch?v=IdYMA6hY_74

RIP Terry

Block Tracking Sites With dnsmasq

Posted by Dave Eddy on Jul 19 2018 - tags: tech

Around five years ago I started looking into different ways to block ads and trackers in the most effective way on my computers. I discovered this hosts list on someonewhocares.org and even wrote a script to automate the process of downloading, verifying, and installing the list on my machines.

https://github.com/bahamas10/someonewhocares

I recently got back into it when I was setting up Encrypted DNS with dnsmasq and dnscrypt-proxy on SmartOS using OpenNIC. I stumbled across the Pi-hole project and really liked it, however I didn't want to run a raspberry pi in my house as part of any critical infrastructure. Instead, I took the essence of that project and found a compiled blocklist to use with my existing dnsmasq setup to block these sites at the DNS level.

notracking

I found notracking/hosts-blocklists which is an automatically updating block list compiled from multiple sources compatible with dnsmasq. I created my own set of scripts to download the latest blocklists from GitHub, verify them, and install them for use with dnsmasq, and finally restart dnsmasq so it picks up the changes.

https://github.com/bahamas10/notracking

I installed this on my nameserver zones with:

Nginx Return Remote IP Address

Posted by Dave Eddy on Jul 17 2018 - tags: tech

The nginx server that hosts this website can now return your current IP address if you hit the url /ip.

https://www.daveeddy.com/ip

I have an alias in my bashrc to quickly use this to get my current external IP.

$ type externalip
externalip is aliased to `curl -sS https://www.daveeddy.com/ip'
$ externalip
1.2.3.4

To set this up, I modified my nginx config to add a location section for /ip

I basically ripped off this stackoverflow post but modified it to only match the single URL.

location =/ip {
        default_type text/plain;
        return 200 "$remote_addr\n";
}

location / {
        root /var/www/daveeddy.com;
}

Encrypted DNS with dnsmasq and dnscrypt-proxy on SmartOS

Posted by Dave Eddy on Jul 07 2018 - tags: tech

For the last 3 years I have been using djbdns on SmartOS and it has all been working great. Recently however, I started looking into DNSSEC and DNSCrypt, which ended up leading me to the OpenNIC Project.

I decided to change my home DNS server setup to forward OpenNIC DNS servers over an encrypted channel as opposed to using OpenDNS like I did with djbdns.

To set this up, I have a zone with dnsmasq and dnscrypt-proxy running

dnsmasq - listens globally on port 53 for incoming DNS requests, answers local domain DNS requests for my network, and forwards the rest to dnscrypt-proxy
dnscrypt-proxy - listens locally on port 5300 for incoming DNS requests from dnsmasq and forwards them securely to an OpenNIC DNS server

Install

To start, install dnsmasq with the following command:

pkgin in dnsmasq

Installing dnscrypt-proxy requires a little bit more work as it is currently not in pkgsrc. To install it, we need to pull in some dependencies.

OpenVPN Server Setup With Easy-RSA on SmartOS

Posted by Dave Eddy on Jul 05 2018 - tags: tech

At home I have a zone dedicated to running an OpenVPN server. With this I can connect to my home network securely on both my laptop and phone when I'm away.

I followed this guide for getting the zone ready to route properly for OpenVPN, and then used Easy-RSA to generate the certificates needed.

Zone Setup

To get started, make sure the zone is created with allow_ip_spoofing enabled on the NIC of the zone. I used a payload similar to this to create the vpn zone.

{
  "brand": "joyent",
  "image_uuid": "221635c4-3b85-11e8-b6ba-23f68c9bf2c4",
  "autoboot": true,
  "alias": "vpn",
  "hostname": "vpn.rapture.com",
  "dns_domain": "rapture.com",
  "resolvers": [
    "10.0.1.2",
    "10.0.1.3"
  ],
  "ram": 512,
  "nics": [
    {
      "nic_tag": "admin",
      "ip": "10.0.1.41",
      "allow_ip_spoofing": true,
      "netmask": "255.255.255.0",
      "gateway": "10.0.1.1",
      "primary": true
    }
  ]
}

DHCPD New Lease Notifier

Posted by Dave Eddy on Apr 12 2018 - tags: tech

Three years ago I set up SmartOS as a Home Router which required creating a zone specifically for handling DHCP requests on my network. As part of wanting to have more visibility into my network, I wrote a program to notify me whenever a new DHCP lease was given out by the server.

https://github.com/bahamas10/node-dhcpd-notifier

dhcpd-pushover