From 4f5c398c39a69c47f059e2e39ee4e04218c3850e Mon Sep 17 00:00:00 2001 From: joshua Date: Wed, 3 Jan 2024 02:10:09 -0500 Subject: Added syncthing desktop setup article to wiki --- docs/desktop/desktop.md | 2 + docs/desktop/syncthing.md | 16 + mkdocs.yml | 1 + site/404.html | 21 + site/about/index.html | 21 + site/desktop/desktop/index.html | 22 ++ site/desktop/syncthing/index.html | 747 ++++++++++++++++++++++++++++++++++++ site/desktop/thunderbird/index.html | 23 +- site/food/curry/index.html | 21 + site/food/spicy-shrimp/index.html | 21 + site/food/tempora/index.html | 21 + site/index.html | 21 + site/phone/lineageos/index.html | 23 +- site/search/search_index.json | 2 +- site/server/cgit/index.html | 21 + site/server/ddns/index.html | 21 + site/server/server/index.html | 21 + site/server/syncthing/index.html | 21 + site/sitemap.xml | 5 + site/sitemap.xml.gz | Bin 304 -> 307 bytes 20 files changed, 1048 insertions(+), 3 deletions(-) create mode 100644 docs/desktop/syncthing.md create mode 100644 site/desktop/syncthing/index.html diff --git a/docs/desktop/desktop.md b/docs/desktop/desktop.md index 39cebeb..efd86b0 100644 --- a/docs/desktop/desktop.md +++ b/docs/desktop/desktop.md @@ -3,3 +3,5 @@ This page describes several useful tips and configurations that I've used. [Thunderbird](thunderbird.md) + +[Syncthing on Artix](syncthing.md) diff --git a/docs/desktop/syncthing.md b/docs/desktop/syncthing.md new file mode 100644 index 0000000..aabcd79 --- /dev/null +++ b/docs/desktop/syncthing.md @@ -0,0 +1,16 @@ +# Syncthing using Runit and Artix Linux + +The default Artix Linux syncthing script is broken, here is a corrected version that works: + + #!/bin/sh + export USER="joshua" + export HOME="/home/joshua" + + groups="$(id -Gn "$USER" | tr ' ' ':')" + + exec 2>&1 + exec chpst -u "$USER:groups" syncthing -logflags 0 + +References: + +[Void Linux Per User Services](https://docs.voidlinux.org/config/services/user-services.html) diff --git a/mkdocs.yml b/mkdocs.yml index f460442..cf2d389 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -10,6 +10,7 @@ nav: - Desktop: - Desktop: desktop/desktop.md - Thunderbird: desktop/thunderbird.md + - Syncthing: desktop/syncthing.md - Phone: - LineageOS: phone/lineageos.md - Food: diff --git a/site/404.html b/site/404.html index 85ed734..5f79769 100644 --- a/site/404.html +++ b/site/404.html @@ -402,6 +402,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + diff --git a/site/about/index.html b/site/about/index.html index 498dfd8..834b6e5 100644 --- a/site/about/index.html +++ b/site/about/index.html @@ -411,6 +411,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + diff --git a/site/desktop/desktop/index.html b/site/desktop/desktop/index.html index 9d64511..cbbdf4f 100644 --- a/site/desktop/desktop/index.html +++ b/site/desktop/desktop/index.html @@ -425,6 +425,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + @@ -660,6 +681,7 @@

    Desktop Wiki

    This page describes several useful tips and configurations that I've used.

    Thunderbird

    +

    Syncthing on Artix

    diff --git a/site/desktop/syncthing/index.html b/site/desktop/syncthing/index.html new file mode 100644 index 0000000..8891e1c --- /dev/null +++ b/site/desktop/syncthing/index.html @@ -0,0 +1,747 @@ + + + + + + + + + + + + + + + + + + + + + + + + + Syncthing - Joshua's Wiki + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + + + + Skip to content + + +
    +
    + +
    + + + + + + +
    + + +
    + +
    + + + + + + +
    +
    + + + +
    +
    +
    + + + + + +
    +
    +
    + + + +
    +
    +
    + + + +
    +
    +
    + + + +
    +
    + + + + +

    Syncthing using Runit and Artix Linux

    +

    The default Artix Linux syncthing script is broken, here is a corrected version that works:

    +
    #!/bin/sh
+export USER="joshua"
+export HOME="/home/joshua"
+
+groups="$(id -Gn "$USER" | tr ' ' ':')"
+
+exec 2>&1
+exec chpst -u "$USER:groups" syncthing -logflags 0
+
    +

    References:

    +

    Void Linux Per User Services

    + + + + + + + + + + + + + +
    +
    + + + +
    + +
    + + + +
    +
    +
    +
    + + + + + + + + + + \ No newline at end of file diff --git a/site/desktop/thunderbird/index.html b/site/desktop/thunderbird/index.html index d1ba155..1ac29df 100644 --- a/site/desktop/thunderbird/index.html +++ b/site/desktop/thunderbird/index.html @@ -14,7 +14,7 @@ - + @@ -464,6 +464,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + diff --git a/site/food/curry/index.html b/site/food/curry/index.html index 76d13e8..3b61949 100644 --- a/site/food/curry/index.html +++ b/site/food/curry/index.html @@ -413,6 +413,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + diff --git a/site/food/spicy-shrimp/index.html b/site/food/spicy-shrimp/index.html index 1608878..cefe2b6 100644 --- a/site/food/spicy-shrimp/index.html +++ b/site/food/spicy-shrimp/index.html @@ -413,6 +413,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + diff --git a/site/food/tempora/index.html b/site/food/tempora/index.html index 85e840a..f2718a9 100644 --- a/site/food/tempora/index.html +++ b/site/food/tempora/index.html @@ -413,6 +413,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + diff --git a/site/index.html b/site/index.html index ab5059e..5cb0744 100644 --- a/site/index.html +++ b/site/index.html @@ -421,6 +421,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + diff --git a/site/phone/lineageos/index.html b/site/phone/lineageos/index.html index 597a4a3..04491e9 100644 --- a/site/phone/lineageos/index.html +++ b/site/phone/lineageos/index.html @@ -11,7 +11,7 @@ - + @@ -413,6 +413,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + diff --git a/site/search/search_index.json b/site/search/search_index.json index e99c55f..5e74aef 100644 --- a/site/search/search_index.json +++ b/site/search/search_index.json @@ -1 +1 @@ -{"config":{"lang":["en"],"separator":"[\\s\\-]+","pipeline":["stopWordFilter"]},"docs":[{"location":"","title":"Welcome to Joshua's Wiki","text":"

    This is where I will be putting my stuff on how to configure things

    "},{"location":"about/","title":"About this wiki","text":"

    This is where I will be putting my stuff on how to configure things as well as some other personal references.

    "},{"location":"desktop/desktop/","title":"Desktop Wiki","text":"

    This page describes several useful tips and configurations that I've used.

    Thunderbird

    "},{"location":"desktop/thunderbird/","title":"Thunderbird","text":""},{"location":"desktop/thunderbird/#setting-dateformat","title":"Setting dateformat","text":"

    Usually the date format is not in AM/PM. Unfortunately, I'm American, so here's how I change it.

    1. Go to settings in Thunderbird.
    2. Change Date and Time Formatting to Regional settings locale.
    3. Go to config editor at the bottom of general settings.
    4. Create new config string intl.date_time.pattern_overrite.time_short.
    5. Format follows datetime format, I use hh:mmaaaa.
    6. Restart Thunderbird.

    References:

    Linux Mint formum detailing these instructions

    Datetime Reference

    Mozilla Article on customizing formats

    "},{"location":"food/curry/","title":"Curry Recipe","text":"

    Serves four people with leftovers for the week.

    "},{"location":"food/curry/#ingredients","title":"Ingredients","text":""},{"location":"food/curry/#preparation","title":"Preparation","text":""},{"location":"food/curry/#cooking","title":"Cooking","text":""},{"location":"food/spicy-shrimp/","title":"Spicy Shrimp","text":""},{"location":"food/spicy-shrimp/#ingredients","title":"Ingredients","text":""},{"location":"food/spicy-shrimp/#preparation","title":"Preparation","text":""},{"location":"food/spicy-shrimp/#cooking","title":"Cooking","text":""},{"location":"food/tempora/","title":"Tempora Recipe","text":""},{"location":"food/tempora/#ingredients","title":"Ingredients","text":""},{"location":"food/tempora/#cooking","title":"Cooking","text":""},{"location":"phone/lineageos/","title":"Android Auto with microG and Lineage OS","text":"

    These instructions are almost identical to Braga2's instructions with a single important change that is emphasized.

    References:

    Braga2's Instructions

    Google App Stub

    Oneplus build example

    Building LineageOS for Panther

    LineageOS with MicroG

    Docker to build LineageOS

    Android Auto Build

    "},{"location":"server/cgit/","title":"Cgit with gitolite and caddy","text":""},{"location":"server/cgit/#setup","title":"Setup","text":"

    Install dependencies.

    # apt install cgit python-is-python3 python3-pygments python3-markdown docutils-common groff perl\n

    Make a git user.

    sudo adduser --system --shell /bin/bash --group --disabled-password --home /home/git git\n

    Allow ssh passwordless login.

    usermod -p '*' username\n
    "},{"location":"server/cgit/#gitolite","title":"Gitolite","text":"

    Install the gitolite package from the repository directly.

    "},{"location":"server/cgit/#configuration-with-cgit","title":"Configuration with cgit","text":"

    Configuration of gitolite is done by modifying $HOME/.gitolite.rc.

    To work correctly with cgit, gitweb and cgit configuration options need to work with gitolite.

    Change:

    GIT_CONFIG_KEYS  =>  '',\n

    To:

    GIT_CONFIG_KEYS  =>  '.*',\n

    To have permissions work correctly,

    Change:

    UMASK  =>  0077,\n

    To:

    UMASK  =>  0027,\n

    In the ENABLE field, add gitweb and cgit to the list.

    "},{"location":"server/cgit/#usage","title":"Usage","text":"

    Detailed usage of gitolite can be found here

    "},{"location":"server/cgit/#repository-ignore","title":"Repository ignore","text":"

    After cgit is configured, cgit can be told to ignore a repo with this syntax.

    repo gitolite-admin\n    config cgit.ignore=1\n
    "},{"location":"server/cgit/#adding-hooks-to-gitolite","title":"Adding Hooks to gitolite","text":"

    This page details how to add hooks to your repositories.

    Example hook that updates a website every git push. Make sure this directory is owned by git.

    #!/bin/sh\nGIT_WORK_TREE=/desired/website/directory git checkout -f\n
    "},{"location":"server/cgit/#cgit","title":"Cgit","text":""},{"location":"server/cgit/#running-cgit-with-caddy","title":"Running cgit with caddy","text":"

    Install the fcgiwrap package.

    Create a systemd service that wraps cgit with FastCGI.

    # systemctl edit --full --force cgit.service\n
    [Unit]\nDescription=CGI web interface to the Git SCM\nAfter=network.target\n\n[Service]\nType=exec\nExecStart=fcgiwrap -f -p \"/usr/lib/cgit/cgit.cgi\" -s tcp:127.0.0.1:8999\n\n[Install]\nWantedBy=multi-user.target\n
    # systemctl start cgit\n

    Add cgit configuration to caddy.

    git.joshuayun.com {\n        handle_path /cgit-css/* {\n                root * /usr/share/cgit/\n                file_server\n        }\n\n        handle {\n                reverse_proxy localhost:8999 {\n                        transport fastcgi {\n                                env DOCUMENT_ROOT /usr/lib/cgit/\n                                env SCRIPT_FILENAME /usr/lib/cgit/cgit.cgi\n                        }\n                }\n        }\n}\n
    "},{"location":"server/cgit/#cgit-configuration","title":"Cgit configuration","text":"

    More detailed documentation can be found on the cgitrc(5) manual.

    enable-git-config is used to allow for gitweb.* configurations in gitolite, e.g. description, owner.

    enable-git-config=1\n

    project-list sets where cgit looks for projects, this list is the one updated by gitolite

    project-list=/home/git/projects.list\n

    scan-path sets where the actual git repositories live

    scan-path=/home/git/repositories\n
    "},{"location":"server/cgit/#references","title":"References","text":"

    SixFoisNeuf Used this blog to run cgit using fcgiwrap rather than a caddy plugin. The entire cgit with caddy section was using his work.

    Mateja Maric Used this blog to help configure cgitrc, gitolite.rc

    Luke Hsiao Used the git user creation command from this blog.

    Omar Polo (yumh) Used this blog to help configure cgitrc for hidden repos.

    Bryan Brattlof Not much used here, kept as reference.

    "},{"location":"server/ddns/","title":"DDNS Setup","text":""},{"location":"server/ddns/#porkbun-api","title":"Porkbun API","text":"

    Follow this porkbun guide on enabling the api for your domain.

    "},{"location":"server/ddns/#ddns-updater","title":"ddns-updater","text":"

    ddns-updater is the program used to update Porkbun's A record of your domain.

    "},{"location":"server/ddns/#docker-install","title":"Docker install","text":"

    Install the docker package from official docker repositories.

    "},{"location":"server/ddns/#setup","title":"Setup","text":"

    Create a directory with config.json inside, and make sure that its owner has a uid of 1000.

    mkdir data\ntouch data/config.json\n# Owned by user ID of Docker container (1000)\nchown -R 1000 data\n# all access (for creating json database file data/updates.json)\nchmod 700 data\n# read access only\nchmod 400 data/config.json\n

    Configuration for porkbun in config.json

    {\n  \"settings\": [\n    {\n      \"provider\": \"porkbun\",\n      \"domain\": \"domain.com\",\n      \"host\": \"@\",\n      \"api_key\": \"PORKBUN SECRET KEY\",\n      \"secret_api_key\": \"PORKBUN API KEY\",\n      \"ip_version\": \"ipv4\"\n    }\n  ]\n}\n

    Optional \"ttl\" paramter specifing A record TTL not included.

    "},{"location":"server/ddns/#usage","title":"Usage","text":"
    docker run -d -p 8000:8000/tcp -v \"$(pwd)\"/data:/updater/data qmcgaw/ddns-updater\n

    This will start a docker container that will start updating the DNS records. Status updates can be seen in a web server by going to localhost:8000.

    "},{"location":"server/server/","title":"Homelab Server Setup","text":"

    This page describes how I setup my personal webserver

    I'm hosting a website, wiki, caldav using Radicale, git using cgit and Gitolite, and webdav support

    "},{"location":"server/server/#linux-distribution-used","title":"Linux Distribution Used","text":"

    Debian 12 Bookworm.

    Update the system.

    # apt update\n# apt upgrade\n
    "},{"location":"server/server/#ssh","title":"SSH","text":"

    Generate ssh keys

    ssh-keygen -t [keytype]\n

    Add ssh keys to ~/.ssh/authorized_keys

    ssh-copy-id -i /path/to/pubkey [user@]machine\n
    "},{"location":"server/server/#optional-security-enhancements","title":"Optional security enhancements","text":"

    Change the port in /etc/sshd_config to a nonstandard port to harden security.

    Port 1234\n

    Disable password login in /etc/sshd_config/

    PubkeyAuthentication yes\nChallengeResponseAuthentication no\nPasswordAuthentication no\nKbdInteractiveAuthentication no\nUsePAM no\n

    Disable XForwarding

    X11Forwarding no\n

    Disable remote root login

    PermitRootLogin no\n

    Disable root account

    $ sudo chsh -s /sbin/nologin root\n
    "},{"location":"server/server/#ddns","title":"DDNS","text":"

    Setup Dyanmic DNS (ddns) with Porkbun and ddns-updater.

    "},{"location":"server/server/#caddy","title":"Caddy","text":"

    Install the Caddy package from Caddy directly.

    "},{"location":"server/server/#cgit-gitolite","title":"Cgit & gitolite","text":"

    Setup cgit with gitolite and caddy.

    "},{"location":"server/server/#radicale","title":"Radicale","text":"

    Install the Radicale package.

    Start the Radicale service.

    systemctl enable radicale.service\nsystemctl start radicale.service\n

    Generate secure passwords using htpasswd.

    # Create a new htpasswd file with the user \"user1\"\n$ htpasswd -c /path/to/users user1\nNew password:\nRe-type new password:\n# Add another user\n$ htpasswd /path/to/users user2\nNew password:\nRe-type new password:\n

    Edit configuration to add users

    [auth]\ntype = htpasswd\nhtpasswd_filename = /path/to/users\n# encryption method used in the htpasswd file\nhtpasswd_encryption = md5\n

    Add configuration to caddy.

    caldav.joshuayun.com {\n    handle_path /* {\n        reverse_proxy localhost:5232 {\n        header_up X-Script-Name /radicale\n        }\n    }\n    handle_path /radicale/* {\n        reverse_proxy localhost:5232 {\n            header_up X-Script-Name /radicale\n        }\n    }\n}\n
    "},{"location":"server/server/#webdav","title":"Webdav","text":"

    Add the Webdav module to Caddy.

    sudo caddy add-package github.com/mholt/caddy-webdav\nsudo systemctl restart caddy\n

    Add Webdav to the Caddy configuration

    Example configuration with protected file browsing, see the github for more configurations.

    webdav.joshuayun.com {\n    @get method GET\n    root * WEBDAV_PATH\n    route {\n        basicauth {\n            joshua CADDY_HASH\n        }\n        file_server @get browse\n        webdav\n    }\n}\n

    To generate the hash:

    caddy hash-password\n
    "},{"location":"server/syncthing/","title":"Syncthing Setup","text":"

    I am currently using syncthing for my music to be synced across devices.

    "},{"location":"server/syncthing/#installation","title":"Installation","text":"

    Install the Syncthing package from upstream repositories.

    "},{"location":"server/syncthing/#reverse-proxy-setup-ref","title":"Reverse proxy setup [Ref]","text":"

    Example syncthing reverse proxy setup. 

    sync.joshuayun.com {\n        handle_path /* {\n                reverse_proxy http://localhost:8384 {\n                        header_up Host {upstream_hostport}\n                }\n        }\n}\n

    Optional: Add a htpasswd to block unauthorized access to the syncthing.

    "},{"location":"server/syncthing/#syncthing-system-service-ref","title":"Syncthing system service [Ref]","text":"

    Enable the syncthing user service.

    systemctl enable syncthing@myuser.service\nsystemctl start syncthing@myuser.service\n
    "},{"location":"server/syncthing/#syncthing-configuration","title":"Syncthing configuration","text":"

    Done all through the gui. It is recommended to setup a user login, especially if you are making a syncthing that is exposed to the open internet.

    "}]} \ No newline at end of file +{"config":{"lang":["en"],"separator":"[\\s\\-]+","pipeline":["stopWordFilter"]},"docs":[{"location":"","title":"Welcome to Joshua's Wiki","text":"

    This is where I will be putting my stuff on how to configure things

    "},{"location":"about/","title":"About this wiki","text":"

    This is where I will be putting my stuff on how to configure things as well as some other personal references.

    "},{"location":"desktop/desktop/","title":"Desktop Wiki","text":"

    This page describes several useful tips and configurations that I've used.

    Thunderbird

    Syncthing on Artix

    "},{"location":"desktop/syncthing/","title":"Syncthing using Runit and Artix Linux","text":"

    The default Artix Linux syncthing script is broken, here is a corrected version that works:

    #!/bin/sh\nexport USER=\"joshua\"\nexport HOME=\"/home/joshua\"\n\ngroups=\"$(id -Gn \"$USER\" | tr ' ' ':')\"\n\nexec 2>&1\nexec chpst -u \"$USER:groups\" syncthing -logflags 0\n

    References:

    Void Linux Per User Services

    "},{"location":"desktop/thunderbird/","title":"Thunderbird","text":""},{"location":"desktop/thunderbird/#setting-dateformat","title":"Setting dateformat","text":"

    Usually the date format is not in AM/PM. Unfortunately, I'm American, so here's how I change it.

    1. Go to settings in Thunderbird.
    2. Change Date and Time Formatting to Regional settings locale.
    3. Go to config editor at the bottom of general settings.
    4. Create new config string intl.date_time.pattern_overrite.time_short.
    5. Format follows datetime format, I use hh:mmaaaa.
    6. Restart Thunderbird.

    References:

    Linux Mint formum detailing these instructions

    Datetime Reference

    Mozilla Article on customizing formats

    "},{"location":"food/curry/","title":"Curry Recipe","text":"

    Serves four people with leftovers for the week.

    "},{"location":"food/curry/#ingredients","title":"Ingredients","text":""},{"location":"food/curry/#preparation","title":"Preparation","text":""},{"location":"food/curry/#cooking","title":"Cooking","text":""},{"location":"food/spicy-shrimp/","title":"Spicy Shrimp","text":""},{"location":"food/spicy-shrimp/#ingredients","title":"Ingredients","text":""},{"location":"food/spicy-shrimp/#preparation","title":"Preparation","text":""},{"location":"food/spicy-shrimp/#cooking","title":"Cooking","text":""},{"location":"food/tempora/","title":"Tempora Recipe","text":""},{"location":"food/tempora/#ingredients","title":"Ingredients","text":""},{"location":"food/tempora/#cooking","title":"Cooking","text":""},{"location":"phone/lineageos/","title":"Android Auto with microG and Lineage OS","text":"

    These instructions are almost identical to Braga2's instructions with a single important change that is emphasized.

    References:

    Braga2's Instructions

    Google App Stub

    Oneplus build example

    Building LineageOS for Panther

    LineageOS with MicroG

    Docker to build LineageOS

    Android Auto Build

    "},{"location":"server/cgit/","title":"Cgit with gitolite and caddy","text":""},{"location":"server/cgit/#setup","title":"Setup","text":"

    Install dependencies.

    # apt install cgit python-is-python3 python3-pygments python3-markdown docutils-common groff perl\n

    Make a git user.

    sudo adduser --system --shell /bin/bash --group --disabled-password --home /home/git git\n

    Allow ssh passwordless login.

    usermod -p '*' username\n
    "},{"location":"server/cgit/#gitolite","title":"Gitolite","text":"

    Install the gitolite package from the repository directly.

    "},{"location":"server/cgit/#configuration-with-cgit","title":"Configuration with cgit","text":"

    Configuration of gitolite is done by modifying $HOME/.gitolite.rc.

    To work correctly with cgit, gitweb and cgit configuration options need to work with gitolite.

    Change:

    GIT_CONFIG_KEYS  =>  '',\n

    To:

    GIT_CONFIG_KEYS  =>  '.*',\n

    To have permissions work correctly,

    Change:

    UMASK  =>  0077,\n

    To:

    UMASK  =>  0027,\n

    In the ENABLE field, add gitweb and cgit to the list.

    "},{"location":"server/cgit/#usage","title":"Usage","text":"

    Detailed usage of gitolite can be found here

    "},{"location":"server/cgit/#repository-ignore","title":"Repository ignore","text":"

    After cgit is configured, cgit can be told to ignore a repo with this syntax.

    repo gitolite-admin\n    config cgit.ignore=1\n
    "},{"location":"server/cgit/#adding-hooks-to-gitolite","title":"Adding Hooks to gitolite","text":"

    This page details how to add hooks to your repositories.

    Example hook that updates a website every git push. Make sure this directory is owned by git.

    #!/bin/sh\nGIT_WORK_TREE=/desired/website/directory git checkout -f\n
    "},{"location":"server/cgit/#cgit","title":"Cgit","text":""},{"location":"server/cgit/#running-cgit-with-caddy","title":"Running cgit with caddy","text":"

    Install the fcgiwrap package.

    Create a systemd service that wraps cgit with FastCGI.

    # systemctl edit --full --force cgit.service\n
    [Unit]\nDescription=CGI web interface to the Git SCM\nAfter=network.target\n\n[Service]\nType=exec\nExecStart=fcgiwrap -f -p \"/usr/lib/cgit/cgit.cgi\" -s tcp:127.0.0.1:8999\n\n[Install]\nWantedBy=multi-user.target\n
    # systemctl start cgit\n

    Add cgit configuration to caddy.

    git.joshuayun.com {\n        handle_path /cgit-css/* {\n                root * /usr/share/cgit/\n                file_server\n        }\n\n        handle {\n                reverse_proxy localhost:8999 {\n                        transport fastcgi {\n                                env DOCUMENT_ROOT /usr/lib/cgit/\n                                env SCRIPT_FILENAME /usr/lib/cgit/cgit.cgi\n                        }\n                }\n        }\n}\n
    "},{"location":"server/cgit/#cgit-configuration","title":"Cgit configuration","text":"

    More detailed documentation can be found on the cgitrc(5) manual.

    enable-git-config is used to allow for gitweb.* configurations in gitolite, e.g. description, owner.

    enable-git-config=1\n

    project-list sets where cgit looks for projects, this list is the one updated by gitolite

    project-list=/home/git/projects.list\n

    scan-path sets where the actual git repositories live

    scan-path=/home/git/repositories\n
    "},{"location":"server/cgit/#references","title":"References","text":"

    SixFoisNeuf Used this blog to run cgit using fcgiwrap rather than a caddy plugin. The entire cgit with caddy section was using his work.

    Mateja Maric Used this blog to help configure cgitrc, gitolite.rc

    Luke Hsiao Used the git user creation command from this blog.

    Omar Polo (yumh) Used this blog to help configure cgitrc for hidden repos.

    Bryan Brattlof Not much used here, kept as reference.

    "},{"location":"server/ddns/","title":"DDNS Setup","text":""},{"location":"server/ddns/#porkbun-api","title":"Porkbun API","text":"

    Follow this porkbun guide on enabling the api for your domain.

    "},{"location":"server/ddns/#ddns-updater","title":"ddns-updater","text":"

    ddns-updater is the program used to update Porkbun's A record of your domain.

    "},{"location":"server/ddns/#docker-install","title":"Docker install","text":"

    Install the docker package from official docker repositories.

    "},{"location":"server/ddns/#setup","title":"Setup","text":"

    Create a directory with config.json inside, and make sure that its owner has a uid of 1000.

    mkdir data\ntouch data/config.json\n# Owned by user ID of Docker container (1000)\nchown -R 1000 data\n# all access (for creating json database file data/updates.json)\nchmod 700 data\n# read access only\nchmod 400 data/config.json\n

    Configuration for porkbun in config.json

    {\n  \"settings\": [\n    {\n      \"provider\": \"porkbun\",\n      \"domain\": \"domain.com\",\n      \"host\": \"@\",\n      \"api_key\": \"PORKBUN SECRET KEY\",\n      \"secret_api_key\": \"PORKBUN API KEY\",\n      \"ip_version\": \"ipv4\"\n    }\n  ]\n}\n

    Optional \"ttl\" paramter specifing A record TTL not included.

    "},{"location":"server/ddns/#usage","title":"Usage","text":"
    docker run -d -p 8000:8000/tcp -v \"$(pwd)\"/data:/updater/data qmcgaw/ddns-updater\n

    This will start a docker container that will start updating the DNS records. Status updates can be seen in a web server by going to localhost:8000.

    "},{"location":"server/server/","title":"Homelab Server Setup","text":"

    This page describes how I setup my personal webserver

    I'm hosting a website, wiki, caldav using Radicale, git using cgit and Gitolite, and webdav support

    "},{"location":"server/server/#linux-distribution-used","title":"Linux Distribution Used","text":"

    Debian 12 Bookworm.

    Update the system.

    # apt update\n# apt upgrade\n
    "},{"location":"server/server/#ssh","title":"SSH","text":"

    Generate ssh keys

    ssh-keygen -t [keytype]\n

    Add ssh keys to ~/.ssh/authorized_keys

    ssh-copy-id -i /path/to/pubkey [user@]machine\n
    "},{"location":"server/server/#optional-security-enhancements","title":"Optional security enhancements","text":"

    Change the port in /etc/sshd_config to a nonstandard port to harden security.

    Port 1234\n

    Disable password login in /etc/sshd_config/

    PubkeyAuthentication yes\nChallengeResponseAuthentication no\nPasswordAuthentication no\nKbdInteractiveAuthentication no\nUsePAM no\n

    Disable XForwarding

    X11Forwarding no\n

    Disable remote root login

    PermitRootLogin no\n

    Disable root account

    $ sudo chsh -s /sbin/nologin root\n
    "},{"location":"server/server/#ddns","title":"DDNS","text":"

    Setup Dyanmic DNS (ddns) with Porkbun and ddns-updater.

    "},{"location":"server/server/#caddy","title":"Caddy","text":"

    Install the Caddy package from Caddy directly.

    "},{"location":"server/server/#cgit-gitolite","title":"Cgit & gitolite","text":"

    Setup cgit with gitolite and caddy.

    "},{"location":"server/server/#radicale","title":"Radicale","text":"

    Install the Radicale package.

    Start the Radicale service.

    systemctl enable radicale.service\nsystemctl start radicale.service\n

    Generate secure passwords using htpasswd.

    # Create a new htpasswd file with the user \"user1\"\n$ htpasswd -c /path/to/users user1\nNew password:\nRe-type new password:\n# Add another user\n$ htpasswd /path/to/users user2\nNew password:\nRe-type new password:\n

    Edit configuration to add users

    [auth]\ntype = htpasswd\nhtpasswd_filename = /path/to/users\n# encryption method used in the htpasswd file\nhtpasswd_encryption = md5\n

    Add configuration to caddy.

    caldav.joshuayun.com {\n    handle_path /* {\n        reverse_proxy localhost:5232 {\n        header_up X-Script-Name /radicale\n        }\n    }\n    handle_path /radicale/* {\n        reverse_proxy localhost:5232 {\n            header_up X-Script-Name /radicale\n        }\n    }\n}\n
    "},{"location":"server/server/#webdav","title":"Webdav","text":"

    Add the Webdav module to Caddy.

    sudo caddy add-package github.com/mholt/caddy-webdav\nsudo systemctl restart caddy\n

    Add Webdav to the Caddy configuration

    Example configuration with protected file browsing, see the github for more configurations.

    webdav.joshuayun.com {\n    @get method GET\n    root * WEBDAV_PATH\n    route {\n        basicauth {\n            joshua CADDY_HASH\n        }\n        file_server @get browse\n        webdav\n    }\n}\n

    To generate the hash:

    caddy hash-password\n
    "},{"location":"server/syncthing/","title":"Syncthing Setup","text":"

    I am currently using syncthing for my music to be synced across devices.

    "},{"location":"server/syncthing/#installation","title":"Installation","text":"

    Install the Syncthing package from upstream repositories.

    "},{"location":"server/syncthing/#reverse-proxy-setup-ref","title":"Reverse proxy setup [Ref]","text":"

    Example syncthing reverse proxy setup. 

    sync.joshuayun.com {\n        handle_path /* {\n                reverse_proxy http://localhost:8384 {\n                        header_up Host {upstream_hostport}\n                }\n        }\n}\n

    Optional: Add a htpasswd to block unauthorized access to the syncthing.

    "},{"location":"server/syncthing/#syncthing-system-service-ref","title":"Syncthing system service [Ref]","text":"

    Enable the syncthing user service.

    systemctl enable syncthing@myuser.service\nsystemctl start syncthing@myuser.service\n
    "},{"location":"server/syncthing/#syncthing-configuration","title":"Syncthing configuration","text":"

    Done all through the gui. It is recommended to setup a user login, especially if you are making a syncthing that is exposed to the open internet.

    "}]} \ No newline at end of file diff --git a/site/server/cgit/index.html b/site/server/cgit/index.html index ccde2b4..f4b4b09 100644 --- a/site/server/cgit/index.html +++ b/site/server/cgit/index.html @@ -557,6 +557,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + diff --git a/site/server/ddns/index.html b/site/server/ddns/index.html index b7ebf4b..4ae7876 100644 --- a/site/server/ddns/index.html +++ b/site/server/ddns/index.html @@ -506,6 +506,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + diff --git a/site/server/server/index.html b/site/server/server/index.html index e73ed69..e6b8e97 100644 --- a/site/server/server/index.html +++ b/site/server/server/index.html @@ -533,6 +533,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + diff --git a/site/server/syncthing/index.html b/site/server/syncthing/index.html index 0b46c97..dbc3362 100644 --- a/site/server/syncthing/index.html +++ b/site/server/syncthing/index.html @@ -491,6 +491,27 @@ + + + + + + +
  • + + + + + Syncthing + + + + +
    • + + + + diff --git a/site/sitemap.xml b/site/sitemap.xml index 5fc8c07..dab0e75 100644 --- a/site/sitemap.xml +++ b/site/sitemap.xml @@ -15,6 +15,11 @@ 2024-01-03 daily + + https://wiki.joshuayun.com/desktop/syncthing/ + 2024-01-03 + daily + https://wiki.joshuayun.com/desktop/thunderbird/ 2024-01-03 diff --git a/site/sitemap.xml.gz b/site/sitemap.xml.gz index dd4b679..d7b4a2a 100644 Binary files a/site/sitemap.xml.gz and b/site/sitemap.xml.gz differ -- cgit v1.2.3