Browse Source

fix multiple tags and typos

master
Peter Babič 3 months ago
parent
commit
81bdb0c1ca
  1. 318
      .dialect.utf-8.add
  2. BIN
      .dialect.utf-8.add.spl
  3. 0
      .dialectmain
  4. 1
      config.toml
  5. 20
      content/blog/accessing-gitea-postgres-inside-docker.md
  6. 4
      content/blog/add-archive-into-zola.md
  7. 10
      content/blog/arch-news-pacman-hook-tip.md
  8. 133
      content/blog/are-otp-secrets-stored-plaintext.md
  9. 4
      content/blog/automatically-signed-github-commits-puzzling.md
  10. 41
      content/blog/automotive-chip-disruption-events.md
  11. 6
      content/blog/becoming-better-presentation-creator.md
  12. 32
      content/blog/building-on-your-previous-work.md
  13. 2
      content/blog/change-networkmanager-connection-priority.md
  14. 6
      content/blog/cheap-flat-40-pin-cable-fail/index.md
  15. 2
      content/blog/cheatsheet-acme-sh-dns.md
  16. 4
      content/blog/cheatsheet-uuid.md
  17. 4
      content/blog/comparing-domain-registrars.md
  18. 2
      content/blog/comprehensive-guide-pkgfile.md
  19. 2
      content/blog/converted-my-blog-to-zola.md
  20. 4
      content/blog/cross-compiling-vs-cross-compiling.md
  21. 59
      content/blog/cross-package-node-app-arm-qemu-docker.md
  22. 19
      content/blog/digital-privacy-new-currency.md
  23. 8
      content/blog/feature-task-lists-gitea-issues/index.md
  24. 2
      content/blog/feelings-about-writing-break.md
  25. 2
      content/blog/first-impressions-qelectrotech-wiring-diagrams.md
  26. 10
      content/blog/fix-platformio-avrdude-input-output-error.md
  27. 8
      content/blog/folderize-your-post-for-ssg.md
  28. 14
      content/blog/following-renames-in-gitlog.md
  29. 2
      content/blog/giving-up-hope-on-svelte-kit.md
  30. 4
      content/blog/global-search-fzf-vim.md
  31. 10
      content/blog/gnome-shell-forty-upgrade.md
  32. 6
      content/blog/gnupg-security-token-arrived.md
  33. 2
      content/blog/hate-speech-in-fediverse.md
  34. 8
      content/blog/have-published-first-game/index.md
  35. 14
      content/blog/hide-blueman-applet-gnome-shell.md
  36. 6
      content/blog/how-commit-history-tells-when-post-published.md
  37. 42
      content/blog/how-emulate-raspios-natively-qemu.md
  38. 2
      content/blog/how-enable-lfs-gitea-nginx-reverse-proxy.md
  39. 106
      content/blog/how-enjoying-moment-made-me-positive-person.md
  40. 6
      content/blog/how-many-bytes-time-and-weight-needs.md
  41. 22
      content/blog/how-not-create-node-executable-arm.md
  42. 70
      content/blog/how-run-latest-node-emulated-revpi.md
  43. 16
      content/blog/how-to-assert-sorted-dates-cypress.md
  44. 4
      content/blog/how-to-migrate-bitbucket-to-gitea.md
  45. 2
      content/blog/how-update-gooogle-calendar-pre-push-hook.md
  46. 10
      content/blog/how-use-flashrom-archlinux-arm.md
  47. 36
      content/blog/how-verify-openwrt-integrity-files.md
  48. 4
      content/blog/insights-google-search-console.md
  49. 42
      content/blog/install-fdroid-arch-via-anbox.md
  50. 6
      content/blog/install-nextcloud-onlyoffice-docker-compose.md
  51. 2
      content/blog/install-php7-with-composer-on-arch.md
  52. 30
      content/blog/install-syncthing-archlinux-arm.md
  53. 6
      content/blog/inverting-colors-helps-tesseract.md
  54. 76
      content/blog/keep-gnome-shell-settings-dotfiles-yadm.md
  55. 4
      content/blog/lockdown-travel-sms-sync-phone-reset.md
  56. 4
      content/blog/make-auto-type-work-kitty-wayland.md
  57. 38
      content/blog/make-ssh-prompt-password-keepassxc.md
  58. 4
      content/blog/markdown-posts-word-count-bash.md
  59. 4
      content/blog/modbusrtu-for-touchberry-10-pt3.md
  60. 2
      content/blog/modbusrtu-on-touchberry-10-pt2.md
  61. 8
      content/blog/most-useful-keyboards-android/index.md
  62. 10
      content/blog/my-blog-has-feed-now.md
  63. 2
      content/blog/negative-margin-grid-layout-css/index.md
  64. 10
      content/blog/netlify-mail-forwardning-problem.md
  65. 4
      content/blog/nginx-arch-using-ansible-pt2.md
  66. 4
      content/blog/nginx-arch-using-ansible-pt3.md
  67. 6
      content/blog/nginx-arch-using-ansible.md
  68. 6
      content/blog/nginx-with-acme-sh-arch.md
  69. 2
      content/blog/nlbwmon-per-client-bandwidth-monitor-openwrt/index.md
  70. 14
      content/blog/no-autoflow-rs485-touchberry-10.md
  71. 2
      content/blog/notes-on-circular-queue-data-structure.md
  72. 2
      content/blog/on-federated-code-hosting.md
  73. 2
      content/blog/on-not-writing-project-requirements-down.md
  74. 2
      content/blog/one-disadvantage-git-based-blog.md
  75. 2
      content/blog/onlyoffice-proved-to-be-useful.md
  76. 44
      content/blog/prevent-push-when-skipping-cypress-tests.md
  77. 4
      content/blog/release-gitea-1-14-0.md
  78. 4
      content/blog/resistors-on-din-rail/index.md
  79. 8
      content/blog/restoring-nginx-confing-arch.md
  80. 4
      content/blog/rigol-screenshots-from-terminal-arch/index.md
  81. 2
      content/blog/rotating-qr-codes-in-zebra-zpl/index.md
  82. 4
      content/blog/rules-in-the-fediverse.md
  83. 8
      content/blog/setting-url-prefix-in-zola.md
  84. 6
      content/blog/shoud-cabinet-door-contain-230vac.md
  85. 8
      content/blog/smart-global-search-fzf-vim.md
  86. 2
      content/blog/smarter-global-search-fzf-vim.md
  87. 2
      content/blog/solution-tracepath-no-reply.md
  88. 12
      content/blog/status-update-april-2021.md
  89. 36
      content/blog/store-array-svelte-localstorage.md
  90. 26
      content/blog/storing-npm-config-dotfiles-when-using-nvm.md
  91. 10
      content/blog/story-about-nfc-thinkpad-t470.md
  92. 2
      content/blog/svelte-kit-almost-beta.md
  93. 17
      content/blog/sync-keepass-passwords-between-computer-phone.md
  94. 4
      content/blog/syncthing-can-sync-entire-phone.md
  95. 6
      content/blog/syncthing-helps-selling-used-stuff.md
  96. 2
      content/blog/tale-about-organisational-openness.md
  97. 2
      content/blog/the-fight-of-gitignores.md
  98. 10
      content/blog/the-most-useful-computer-mouse.md
  99. 35
      content/blog/things-do-installing-ansible-arch.md
  100. 16
      content/blog/thoughts-bee-weighter-project.md

318
.dialect.utf-8.add

@ -0,0 +1,318 @@
#Gs
#eofetch
#ginx
#lueTooth
#rogrammatically
100daystooffload
ALPN
ANAME
API
APIs
ATmega2560
ATmega328p
ATmega32u4
AUR
ActivityPub
Anbox
ArchWiki
ArchWiki's
Arduino
Babič
Base64
BitBucket
Bitcoin
Bluetooth
CDATA
CLI
CNAME
CSS
Certbot
Cloudflare
Colocating
Contabo
Ctrl
DNS
DS1054Z
DS3132
Debian
DevOps
DipTrace
Droid
EEPROM
EEPROMs
ESM
Ebay
FRAM
Fediverse
Freesdesktop
GND
GPIO
GPIOs
GTK
GitHub
GitLab
GitNex
Gitea
Gitea's
Gitter
GnuPG
HDD
HDDs
HDMI
Hackernews
I2C
IDE
IETF
IMAP
IP
IRI
IndustrialShields
JAMstack
JS
JSON
KDE
Kanban
KeePassDX
KeePassXC
Keyrings
KiCAD
LXI
Lenovo
LetsEncrypt
LibreOffice
Linode
Locator
Lockdown
LuCI
MAX13487E
MD5
MacOS
Mandriva
Markor
Mifare
Modbus
ModbusRTU
NERDCommenter
NXP
Namecheap
Namesilo
Netlify
NetworkManager
NextCloud
Nginx
OAuth2
OTP
OnlyOffice
OpenID
OpenKeychain
OpenOffice
OpenPGP
OpenSSH
OpenSSL
OpenWRT
PGP
PID
PLC
PLCs
PNG
PNP
Pleroma
Podman
Porkbun
PostgreSQL
PowerPoint
QElectroTech
README
REPL
RFID
RIGOL
RPi
RS485
RSS
RST
RTC
Reddit
RevPi
SCL
SCP
SDA
SEO
SFTP
SGs
SHA1
SMS
SPI
SQL
SQLite
SSD
SSG
SSGs
SSO
SVG
Smartcards
SparkFun
Spotify
StackExchange
T470
TLD
TLDs
TLS
TODO
TOML
TOTP
TXT
TailwindCSS
Templating
ThinkPad
ThinkPads
ToS
TouchBerry
UI
URL's
URLs
URNs
USB
UTRS485G
UUID
UUIDs
Ubuntu
VCC
VPN
VPS
WAGO
WPS
XFCE
XSS
YAML
Yubikey
ZPL
admin
ansible
app
app's
apps
auth
autoflow
autosuspend
backend
blog
blogging
blogs
bootable
bootloader
bundlers
certbot's
cheatsheet
checkboxes
chipset
codebase
colocation
config
contactless
cron
css
datasheet
datetime
dev
diff
dotfiles
eSIM
emojis
fediverse
filesystem
filetype
frontend
frontmatter
fzf
galvanically
gauge
gitignore
gitlog
grepping
hacky
https
iPhone
javascript
jinja
jinja2
keycard
keyserver
kickstart
lightbulb
localStorage
mdast
metadata
microblog
microblogging
microcontroller
microcontrollers
mountpoint
nameservers
namespace
namespaces
naïve
npm
nvm
online
openwrt
optocoupler's
optocouplers
outlier
pacman
passphrase
passphrases
passwordless
peterbabic
pinout
pkgfile
plaintext
playbook
podcasts
postgres
proactively
pullup
pullups
ransomware
rebase
relatable
repairability
roadmap
rsync
sandboxed
sandboxing
sanitization
screenshot
screenshots
serverless
sitemaps
smartcard
smartphone
spam
spellcheck
subdomain
sudo
syncthing
systemd
tags
tags
templating
timestamp
toolbar
toolbelt
toolset
tooltip
touchpad
ungarbled
upsell
versioned
versioning
vim
vim
webdev
webserver
wiki
wildcard
workflow
xml
yadm
yaml

BIN
.dialect.utf-8.add.spl

0
.dialectmain

1
config.toml

@ -23,6 +23,7 @@ highlight_code = true
[extra]
# Put all your custom variables here
links = [
{ url = "/tags", name = "Tags" },
{ url = "/rss", name = "RSS" },
{ url = "/archive", name = "Archive" },
{ url = "/about", name = "About" },

20
content/blog/accessing-gitea-postgres-inside-docker.md

@ -3,30 +3,30 @@ title: "Accessing Gitea Postgres inside Docker"
date: "2021-03-24"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload", "gitea", "docker"]
tags: ["100daystooffload", "gitea", "docker", "postgres"]
---
The gitea issue [#5917](https://github.com/go-gitea/gitea/issues/5917)
discusses how to make multiple users _unwatch_ a repository. It has
inspired to write the steps down, as it was not entirely obvious to me.
There was a a change introduced via PR
There was a change introduced via PR
[#5852](https://github.com/go-gitea/gitea/pull/5852) released that added an
option `AUTO_WATCH_NEW_REPOS` into the Gitea config file, but it's default
is `true`.
The consequence of this behavior is, that unless you are runnig a Gitea at
The consequence of this behavior is, that unless you are running a Gitea at
least version **1.8.0**, where this config option was introduced and
subsequently you have set the `AUTO_WATCH_NEW_REPOS` to false beforehand,
creating a repository (presumably in an Organization) and assigning a team
to it makes all the users in that team wath the repository, which creates a
lot of noise for the users.
to it makes all the users in that team watch the repository, which creates
a lot of noise for the users.
This guide shows how to reduce this noise, it can be adapted for other
purposes that require raw SQL commands to be run on PostgreSQL inside
Docker.
- The guide assumes the `docker-compose.yml` file is identical to the the
- The guide assumes the `docker-compose.yml` file is identical to the
[Gitea docs](https://docs.gitea.io/en-us/install-with-docker/#postgresql-database)
```diff
@ -74,9 +74,9 @@ services:
+ - ./postgres:/var/lib/postgresql/data
```
> The following steps have to be modified if changes were made the the
> lines with different color, specifically converning _host_, _user_,
> _password_ and _DB_.
> The following steps have to be modified if changes were made the lines
> with different color, specifically converting _host_, _user_, _password_
> and _DB_.
- If the instance is not running already, start it (assuming all the other
configuration is done according to docs)
@ -85,7 +85,7 @@ services:
docker-compose up -d
```
- Connect to `psql` inside a container and prompt Postgres password from
- Connect to `psql` inside a container and prompt postgres password from
above
```bash

4
content/blog/add-archive-into-zola.md

@ -1,5 +1,5 @@
---
title: "Add archive into zola"
title: "Add archive into Zola"
date: "2021-07-06"
updated: "2021-07-06"
taxonomies:
@ -36,7 +36,7 @@ found was in
[#435](https://github.com/getzola/zola/issues/435#issuecomment-869210295).
I did not find a solution there. After a few days of silence I actually
stumbled upon the
[archive zola docs](https://www.getzola.org/documentation/templates/archive/)
[archive Zola docs](https://www.getzola.org/documentation/templates/archive/)
that got me moving again. The most important part of the code is this:
```jinja

10
content/blog/arch-news-pacman-hook-tip.md

@ -3,10 +3,10 @@ title: "Arch news pacman hook tip"
date: "2021-04-05"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload", "arch"]
tags: ["100daystooffload", "arch", "linux"]
---
Part of the Arch linux system maintenance is to actively read
Part of the Arch Linux system maintenance is to actively read
[latest news](https://archlinux.org/news/). Mostly anyone who uses Arch has
come across this piece of advice: read the news before updating! In other
words, before running the dreaded `sudo pacman -Syu` command, one should be
@ -15,13 +15,13 @@ first.
The sad reality is that people are lazy. I am lazy. Either I forget to read
the news, or I blatantly ignore them, so I have a false right to brag about
the damage that has been don to me on my social netowrks. Well, maybe
the damage that has been don to me on my social networks. Well, maybe
network, I only publish posts in the Fediverse right now. I wish the system
would tell me to read the news before the installation.
## Hook types
Of course, there is a way to do this automatically. Arch linux package
Of course, there is a way to do this automatically. Arch Linux package
manager, `pacman` offers a piece of functionality called
[hooks](https://wiki.archlinux.org/index.php/Pacman#Hooks). I have written
about hooks previously when
@ -55,7 +55,7 @@ about that specific paragraph. Better late than never.
Informant is exactly a piece of technology that automates the whole
workflow, saving time and cognitive capacity in the process, which should
somehow be the point of automation I believe. The details about the usage
are described in the project's readme. After installing manually or via
are described in the project's README. After installing manually or via
[AUR](https://aur.archlinux.org/packages/informant/) there is just an
initial read command and after that is basically set it and forget. Very
convenient.

133
content/blog/are-otp-secrets-stored-plaintext.md

@ -3,7 +3,7 @@ title: "Are OTP secrets stored in plaintext"
date: "2020-11-12"
updated: "2020-12-22"
taxonomies:
tags: ["security"]
tags: ["security", "auth"]
---
What happens with OTP secrets when a user database get leaked? Could the
@ -14,15 +14,15 @@ even stored on the server?
One of the widely used method to log into some service day is still via
form of a password that is shared between you and the server and kept
secret. Fortunately, it is becomming a common knowledge that this approach
secret. Fortunately, it is becoming a common knowledge that this approach
has some vulnerabilities. An attacker can get hold of your password,
because he can among other things guess it or record it as you type.
It is also hopefully widely known that the passwords should not be stored
in a plain text. When a database storing passwords that can be read easily
is exposed, the attacker can try the obtained passwords in diferent
is exposed, the attacker can try the obtained passwords in different
services, gaining instant access if passwords are reused. Even if they are
not reused, reading a password can reaveal a pattern used to create it and
not reused, reading a password can reveal a pattern used to create it and
consecutively help guess other passwords of the same user used in different
services.
@ -33,8 +33,8 @@ processes are called hashing and salting respectively and the whole process
is guaranteed to be repeatable. Any password garbled this way, will for the
same user always result in the same form.
What happens when you type your password into the login field? It get's
transmitted to the server, hashed and salted and then it is comapred
What happens when you type your password into the login field? It gets
transmitted to the server, hashed and salted and then it is compared
against the garble that is stored in a database. You are allowed access
when both garbles match precisely. The problem is, since passwords are
still delivered to the server in a way they can be read as a plain text,
@ -46,12 +46,12 @@ generated ones consisting of hard to remember characters and sequences,
that are also hard to type in properly. Service providers do not want to
force their users to use this very secure, but completely inconvenient
approach, because it would drive the business elsewhere. Also, server has
absolutely no way to gurantee that the user used unique password he not
used on any other server.
absolutely no way to grantee that the user used unique password he not used
on any other server.
## OTP or one-time-password
Solutions to protect the user using a password againt an attacker are
Solutions to protect the user using a password against an attacker are
available, but there is currently no such thing as a perfect security. A
general approach is adding a layers of security up to a point, when it is
still convenient enough to be used. One time passwords are commonly being
@ -61,7 +61,7 @@ generated for you.
To make that generated password usable over and over, it has to be
different every time it is used, otherwise it is effectively just another
password. Furthermore, any password to be characterised as a one time
password. Furthermore, any password to be characterized as a one time
password, it has to be always rejected right after it was used the first
time. One consequence of such property is that if an attacker manages to
get hold of such password, but uses it after you, it is effectively useless
@ -71,7 +71,7 @@ Making sure the generated password is different every time it has to be
derived out of a varying starting information, also called seed value. For
a server to be able to verify this password, it has to access the same seed
value the password was generated from. Ignoring all other options again, an
unix timestamp fits the description. Using unix timestamp is convenient,
Unix timestamp fits the description. Using Unix timestamp is convenient,
because it makes it easy to generate a short-lived one time password, which
self-destroys not only when first used but also after some short time since
first issued, regardless if used or not. This short time is generally less
@ -79,11 +79,11 @@ than a minute and makes it really hard for the attacker to successfully use
such a volatile password, even when captured. This technique is called
Timed One Time Password, or TOTP.
Unfortunately, an unix timestamp is a public information the attacker has
Unfortunately, an Unix timestamp is a public information the attacker has
access to as well and cannot be used as a password as such. It has to be
mathematically combined with some secret, that the attacker does not know.
This secret is generated on the server and transferred to your device
during the initial setup, for instance via scaning a QR code with your
during the initial setup, for instance via scanning a QR code with your
phone. This secret is called the OTP secret.
## Storing OTP secrets
@ -93,16 +93,19 @@ generate a short lived TOTP token as it is also called, we could dig a
little deeper. We also know that the passwords are stored in a way that
does not reveal anything when exposed. But what about the OTP secrets?
Could they be garbled the same way the passwords are? I was genuinely
interested in fiding an answers to this question.
interested in finding an answers to this question.
Searching some internets I have concluded that unfortunately this would not
work[^hashing1] [^hashing2], because the server has to calculate the TOTP
token from the secret and compare that with the token provided by the user,
not just start with comparing straight ahead. For this to work, it has to
be stored in a way that would allow to obtain the original secret.
By searching the Internet I have concluded that unfortunately this
[would not work](https://stackoverflow.com/questions/46055146/should-2fa-secret-codes-be-hashed-for-storage),
also discussed
[here ](https://stackoverflow.com/questions/15962195/is-it-possible-to-salt-and-or-hash-hotp-totp-secret-on-the-server),
because the server has to calculate the TOTP token from the secret and
compare that with the token provided by the user, not just start with
comparing straight ahead. For this to work, it has to be stored in a way
that would allow to obtain the original secret.
The simplest way to fulfill this condition is to store the OTP secrets as a
plain text. Imagine the scenario with the atacker getting access the the
plain text. Imagine the scenario with the attacker getting access the
database data again, but now not just with unreadable passwords but also
with a very readable OTP secrets. How does the situation change? Well, he
can now generate the TOTP tokens that would appear as if they were from you
@ -117,15 +120,22 @@ Authentication, or 2FA.
## Encryption
The obvious way to protect the OTP secrets is to encrypt them[^encrypt1]
[^encrypt2]. This however works only when the the general secret used to
decrypt the OTP secrets of all users was not exposed with the database
itself. Not ideal, but better than nothing.
Searching the internet more, it became more clear to me that I am
definitely not the only one thinking about proctectin OTP secrets on the
server[^plain1] [^plain2] [^plain3]. Well it turns out that there is one
solution.
The obvious way to protect the OTP secrets is
[to encrypt them](https://security.stackexchange.com/questions/42795/storing-seed-for-totp)
, also discussed
[here](https://security.stackexchange.com/questions/125119/totp-storing-symmetrical-secrets).
This however works only when the general secret used to decrypt the OTP
secrets of all users was not exposed with the database itself. Not ideal,
but better than nothing.
Searching the Internet more, it became more clear to me that I am
definitely not the only one thinking about protecting OTP secrets on the
server, discussed
[here](https://stackoverflow.com/questions/14271136/store-secret-key-for-totp),
[here](https://1password.community/discussion/101004/are-totp-secrets-stored-in-plaintext)
and
[here](https://security.stackexchange.com/questions/52499/are-there-any-secure-ways-to-store-the-secret-key-used-in-a-totp-scheme).
Well it turns out that there is one solution.
Decrypting the OTP secret with a password provided by the user. Now, the
attacker need the plan text password to get hold of a plain text OTP secret
@ -150,7 +160,7 @@ to a false sense of security. To make it clear, passwords and OTP secrets
should be stored in a database protected by a two different means to be
more secure.
To be honest, the conerns about storing the OTP secrets in a password
To be honest, the concerns about storing the OTP secrets in a password
manager along with the actual passwords led me to the discovery that OTP
secrets could be exposed from either the user or the server. The fact
itself to me is quite disturbing.
@ -159,8 +169,9 @@ Yet as I said a few moments back, side on the server can be successfully
decrypted with the password provided by the user. But there is a big but.
If the user asks to send the new password, the server has to either
deactivate the 2FA or instructs the user to reinitialize the OTP generation
process every time the password changes [^stack_reset_pass]. I am not
really sure this implemented on any service though.
process
[every time the password changes](https://security.stackexchange.com/questions/181184/storing-totp-secret-in-database-plaintext-or-encrypted#comment351922_181184).
I am not really sure this implemented on any service though.
## Conclusion
@ -170,49 +181,21 @@ But everyone should do his own research and conclude what level of privacy
he wants to keep.
Weak and even weak reused passwords can be protected well enough for a
regular user by enabling 2FA. Using stong passwords with a password manager
is another approach. Combining both worlds brings the most security. Using
the tempting way of protecting the OTP codes with the same master password
that protects your other password is considered a bad practice. It
decreases convenience while at the same time not providing the benefits the
true second factor provides. Or does it? And will passwordless come soon
enough that all this questions would be rendered obsolete?
regular user by enabling 2FA. Using strong passwords with a password
manager is another approach. Combining both worlds brings the most
security. Using the tempting way of protecting the OTP codes with the same
master password that protects your other password is considered a bad
practice. It decreases convenience while at the same time not providing the
benefits the true second factor provides. Or does it? And will passwordless
come soon enough that all this questions would be rendered obsolete?
## Further reading
- https://github.com/browserpass/browserpass-legacy/issues/322#issuecomment-483373017
- https://www.freecodecamp.org/news/how-time-based-one-time-passwords-work-and-why-you-should-use-them-in-your-app-fdd2b9ed43c3/
- https://blog.securityevaluators.com/psa-dont-store-2fa-codes-in-password-managers-77d92608b062
- https://safecontrols.blog/2019/02/25/storing-seeds-for-multifactor-authentication-tokens/
- https://medium.com/@stuartschechter/before-you-turn-on-two-factor-authentication-27148cc5b9a1
- https://www.reddit.com/r/security/comments/8mi5fe/is_it_a_bad_idea_to_store_totp_information_in/
<!--- https://www.reddit.com/r/KeePass/comments/ff2rdf/keepass_otp/-->
<!--- https://blog.paranoidpenguin.net/2020/05/how-to-back-up-your-2fa-secret-keys-with-keepassxc/-->
<!--- https://github.com/Kunzisoft/KeePassDX/wiki/OTP-->
## References
[^stack_reset_pass]:
https://security.stackexchange.com/questions/181184/storing-totp-secret-in-database-plaintext-or-encrypted#comment351922_181184
[^plain1]:
https://stackoverflow.com/questions/14271136/store-secret-key-for-totp
[^plain2]:
https://1password.community/discussion/101004/are-totp-secrets-stored-in-plaintext
[^plain3]:
https://security.stackexchange.com/questions/52499/are-there-any-secure-ways-to-store-the-secret-key-used-in-a-totp-scheme
[^encrypt1]:
https://security.stackexchange.com/questions/42795/storing-seed-for-totp
[^encrypt2]:
https://security.stackexchange.com/questions/125119/totp-storing-symmetrical-secrets
[^hashing1]:
https://stackoverflow.com/questions/46055146/should-2fa-secret-codes-be-hashed-for-storage
[^hashing2]:
https://stackoverflow.com/questions/15962195/is-it-possible-to-salt-and-or-hash-hotp-totp-secret-on-the-server
- <https://github.com/browserpass/browserpass-legacy/issues/322#issuecomment-483373017>
- <https://www.freecodecamp.org/news/how-time-based-one-time-passwords-work-and-why-you-should-use-them-in-your-app-fdd2b9ed43c3/>
- <https://blog.securityevaluators.com/psa-dont-store-2fa-codes-in-password-managers-77d92608b062>
- <https://safecontrols.blog/2019/02/25/storing-seeds-for-multifactor-authentication-tokens/>
- <https://medium.com/@stuartschechter/before-you-turn-on-two-factor-authentication-27148cc5b9a1>
- <https://www.reddit.com/r/security/comments/8mi5fe/is_it_a_bad_idea_to_store_totp_information_in/>
- <https://www.reddit.com/r/KeePass/comments/ff2rdf/keepass_otp/>
- <https://blog.paranoidpenguin.net/2020/05/how-to-back-up-your-2fa-secret-keys-with-keepassxc/>

4
content/blog/automatically-signed-github-commits-puzzling.md

@ -3,7 +3,7 @@ title: "Automatically signed GitHub commits are puzzling"
date: "2021-04-17"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload"]
tags: ["100daystooffload", "git", "security", "gnupg"]
---
I wanted to finally start getting into signing my commits, mainly because
@ -30,7 +30,7 @@ it recently. All this has led me to two conclusion: The whole PGP scene
At first I thought I did not adapt the `gpg` workflow sooner because there
simply was no pressing need to. But there are actually two scenarios of not
learning how to use a tool or a worklow, otherwise used regularly and also
learning how to use a tool or a workflow, otherwise used regularly and also
considered important by other people doing the same thing:
1. Not learning because of no pressing need, as mentioned

41
content/blog/automotive-chip-disruption-events.md

@ -3,15 +3,13 @@ title: "Automotive chip famine events"
date: "2021-03-29"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload"]
tags: ["100daystooffload", "personal", "journal"]
---
For the country where I live, Slovakia, automotive industry is a pretty
significant sector. Since 2007, Slovakia has been the world's largest
producer of cars per
capita^[<https://en.wikipedia.org/wiki/List_of_countries_by_motor_vehicle_production>],
amounting to 12% of the Slovakia's
GDP^[<https://automagazin.sk/2014/01/27/priemysel-ktory-obisla-kriza/>].
significant sector. Since 2007, Slovakia has been
[the world's largest producer of cars per capita](https://en.wikipedia.org/wiki/List_of_countries_by_motor_vehicle_production),
[amounting to 12% of the Slovakia's GDP](https://automagazin.sk/2014/01/27/priemysel-ktory-obisla-kriza/).
Before the COVID-19 pandemic started, my professional background was in
industrial automation. The company that employed me operated excursively on
@ -27,19 +25,17 @@ supply chain. Specifically, automakers have difficulties supplying
electronic chips for the cars they produce. My compilation of events that
affected the automotive chip shortage, or _chip famine_ so far:
- Reduced chip supply due to demand for consumer electronics amid COVID-19
in
January^[<https://europe.autonews.com/automakers/vw-blames-suppliers-microchip-shortages>]
- Border checks imposed on drivers to reduce COVID-19 spread in early
February^[<https://edition.cnn.com/2021/02/16/business/germany-border-checks-manufacturing/index.html>]
- Freezing weather in Texas in late February - early
March^[<https://www.nbcnews.com/business/autos/chips-seating-foam-plastics-parts-shortages-continue-cripple-auto-industry-n1261773>]
- Fire in Renesas factory damaging 17 machines in
March^[<https://asia.nikkei.com/Business/Tech/Semiconductors/Renesas-expects-bigger-damage-from-fire-at-its-chip-factory>]
- Suez canal obstruction in late March
^[<https://www.ft.com/content/37d9dc66-e4ee-4629-b791-af4d043ff0ff>]
- Taiwan water rationing in
April^[<https://www.abc.net.au/news/science/2021-03-26/computer-chips-what-the-global-shortage-means-for-you/100027500>]
- [Reduced chip supply](https://europe.autonews.com/automakers/vw-blames-suppliers-microchip-shortages)
due to demand for consumer electronics amid COVID-19 in January
- [Border checks imposed on drivers](https://edition.cnn.com/2021/02/16/business/germany-border-checks-manufacturing/index.html)
to reduce COVID-19 spread in early February
- [Freezing weather in Texas](https://www.nbcnews.com/business/autos/chips-seating-foam-plastics-parts-shortages-continue-cripple-auto-industry-n1261773)
in late February - early March
- [Fire in Renesas factory](https://asia.nikkei.com/Business/Tech/Semiconductors/Renesas-expects-bigger-damage-from-fire-at-its-chip-factory)
damaging 17 machines in March
- [Suez canal obstruction in late March ](https://www.ft.com/content/37d9dc66-e4ee-4629-b791-af4d043ff0ff)
- Taiwan
[water rationing in April](https://www.abc.net.au/news/science/2021-03-26/computer-chips-what-the-global-shortage-means-for-you/100027500)
I have tried to make sure that all of the above to be relevant and somehow
affected the supply chain in the Slovakia, although this is not an
@ -51,11 +47,8 @@ start to get back to normal rather sooner than later.
## Update: consumer electronics
As a side note, one of the major consumer electronics retail chain in
slovakia. Nay.sk announced that they suffer from lack of personal notebooks
on their
shelves^[<https://e.dennikn.sk/2334716/nedostatok-notebookov-este-bude-pokracovat-nie-je-to-len-o-chybajucich-cipoch-hovori-sef-nakupu-v-nay/>].
Slovakia. Nay.sk announced that they suffer from
[lack of personal notebooks on their shelves](https://e.dennikn.sk/2334716/nedostatok-notebookov-este-bude-pokracovat-nie-je-to-len-o-chybajucich-cipoch-hovori-sef-nakupu-v-nay/).
It looks like this all will have further implications.
This is a 19th post of [#100daystooffload](https://100daystooffload.com).
## References

6
content/blog/becoming-better-presentation-creator.md

@ -6,7 +6,7 @@ taxonomies:
tags: ["personal"]
---
What is the cost of doing a task that always take rougly same amount of
What is the cost of doing a task that always take roughly same amount of
time over and over? Well, on the one hand, if it is your job, and you do it
right, you might even end up being promoted. But even then, it might be
reasonable to think about speeding up the task. I know, sometimes it is not
@ -38,7 +38,7 @@ of my hand drawn artistic output is drawing a pig with a simple geometric
shapes or maybe a house without touching the paper twice (this is a trick I
have learned in a kindergarten).
If you you are anything like me, chances are, drawing beuatiful images is
If you you are anything like me, chances are, drawing beautiful images is
not among your greatest strengths either, and me, you or simply anyone one
should be focusing on their strengths. I went for an easier option -
sourcing the images online. There is this site called Wikipedia that points
@ -197,7 +197,7 @@ transferable.
Getting work done sometimes brings curious situations. I hope you could
find yourself in this story, or have learned something. The bottom line is
that you should not be afraid of trying new things, such as building a
browser extention to solve your problem. There might be no one else in the
browser extension to solve your problem. There might be no one else in the
entire world who will find your solution useful, but you can never know
beforehand.

32
content/blog/building-on-your-previous-work.md

@ -1,18 +1,18 @@
---
title: "Building on your previos work"
title: "Building on your previous work"
date: "2020-08-07"
updated: "2020-12-22"
taxonomies:
tags: ["personal"]
---
There was quite a long pause between my previos article and this one. I had
a lot of stirr in my personal life, a lot of events happening concurrently.
I could not prepare for a lot of them, because I did not see them coming.
Yet, I am grateful for every single push life is giving to me because it
makes me feel alive much more when I am being pushed or even held back by
the forces outside of my reach than just sitting all day spending my time
doing nothing at all.
There was quite a long pause between my previous article and this one. I
had a lot of stirr in my personal life, a lot of events happening
concurrently. I could not prepare for a lot of them, because I did not see
them coming. Yet, I am grateful for every single push life is giving to me
because it makes me feel alive much more when I am being pushed or even
held back by the forces outside of my reach than just sitting all day
spending my time doing nothing at all.
I did not promise any time shchedule for the articles I publish yet, mostly
because it is just about 50 days since I have started this yourney and I do
@ -25,7 +25,7 @@ getting off with it is long gone. I Have not been blogging all that time to
witness such realization, but from the perspective I expirience by reading
other's people work, I can confirm that longer articles with a personal
story are far more engaging. Showing vulnerability is even more added
value. Some people stick to the consistency rule, which I rougly explain
value. Some people stick to the consistency rule, which I roughly explain
for myself as "doing some task every day".
I am being consistent, but unfortunaltely not in writing. My couch is
@ -39,13 +39,13 @@ for me to produce such a long article.
It is hard for me to meet so many goals at the same time. One article a
week. One server update a week. Four slides for the course a day. Cook and
excercise. Freelance to not lose premium clients. Save all the screencasts
exercise. Freelance to not lose premium clients. Save all the screencasts
to produce extra content. Keep my operating system up to date. Cram there
enoght time to read the books or articles I have in my reading list.
Spending quality time with my girlfriend as a compensation for her being so
supportive in every possible way. There is a lot of goals and activities I
want to engage myself in but only so little time. I belive you have benn in
the same situation alt least once in your your life.
want to engage myself in but only so little time. I believe you have benn
in the same situation alt least once in your your life.
The thig is however, real productivity, if I could really call this recent
chaotic multitasking as such is inevitably producing results. This is a one
@ -54,8 +54,8 @@ single tip I want to speak to you about today.
## Hard work brings results
It is true that working smarter is better than working harder, but you have
to try things, and fail a lot to get there. Until you are being confortable
in your area of expertise, you are just putting hours, days and monts of
to try things, and fail a lot to get there. Until you are being comfortable
in your area of expertise, you are just putting hours, days and months of
work in to get there. That is hard work. Hard work inevitably brings
results. They might not be the reslts you are aiming for, but results
nevertheless.
@ -76,7 +76,7 @@ even if it is cheap.
## Know your content
If you came down the path of producing a content, you produce a lot of
...content. And unless someone else is consuming **every** single peice of
...content. And unless someone else is consuming **every** single piece of
it, you are the only person in the world that knows all that content by
heart. It is like taking notes i=from the lecture in school. It just
requires one peek into your notebook to recall whole half a hor of
@ -92,7 +92,7 @@ rollerblading before the sunt went down, but I have not met my critical
tasks for todday and it yet and it was getting late. I needed to draw a few
more illustrations. Fortunately, they needed exactly a little pieces of the
content I have made before, so I could just copy and paste it. That was it,
My larger illsutration was mostly complied of my previos smaller
My larger illustrations was mostly complied of my previous smaller
illustrations. I have met my goals for today, even overshot them a little
and still could move my body by the sunset.

2
content/blog/change-networkmanager-connection-priority.md

@ -3,7 +3,7 @@ title: "Change NetworkManager connection priority"
date: "2021-05-29"
updated: "2021-05-29"
taxonomies:
tags: ["100daystooffload"]
tags: ["100daystooffload", "linux", "networking"]
---
Dealing with the situation that some LAN network consisting of multiple

6
content/blog/cheap-flat-40-pin-cable-fail/index.md

@ -3,15 +3,15 @@ title: "A cheap 40-pin flat cable fail"
date: "2021-06-23"
updated: "2021-06-23"
taxonomies:
tags: ["100daystooffload", "electronics", "raspberry"]
tags: ["100daystooffload", "electronics", "raspberry", "journal"]
---
I have bought a handful of
[40 pin IDC connectors](https://www.tme.eu/en/details/fcs-c1-40-g/idc-connectors/adam-tech/)
for a flat cable. I wanted to use them on the cheap, colorful, no-datashet
for a flat cable. I wanted to use them on the cheap, colorful, no-datasheet
40-pin flat cable bought a long ago from Ebay that I had lying around. The
idea was to use it to extend the Raspberry 40-pin header with a cable to
tinker on a shiled that has it's interesting parts on the bottom -
tinker on a shield that has it's interesting parts on the bottom -
sandwiched between itself and the Pi. The result was not pleasant:
![The 40-pin IDC cable is shorter than the connector meant for it, a fail of cheap Ebay products.](40-pin-cable-fail.png)

2
content/blog/cheatsheet-acme-sh-dns.md

@ -3,7 +3,7 @@ title: "Cheatsheet: acme.sh DNS mode"
date: "2021-04-29"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload"]
tags: ["100daystooffload", "acme", "cli", "cheatsheet", "webdev"]
---
Here's a compilation of useful commands that use a DNS-01 challenge to

4
content/blog/cheatsheet-uuid.md

@ -3,7 +3,7 @@ title: "Cheatsheet: uuid"
date: "2021-05-05"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload"]
tags: ["100daystooffload", "cheatsheet", "cli"]
---
Today I've learned about the different versions of Universally Unique
@ -11,7 +11,7 @@ IDentifiers (UUID) and decided to compile a short cheatsheet for the `uuid`
command supplied by the
[Open Source Software Project (OSSP)](http://www.ossp.org/pkg/lib/uuid).
Note that there is also `uuidgen` command that is supported by the
[util-linux](https://en.wikipedia.org/wiki/Util-linux) but I find the
[`util-linux`](https://en.wikipedia.org/wiki/Util-linux) but I find the
OSSP's version command parameters easier to remember.
- Generate a version 1 UUID which is based on time and system's hardware

4
content/blog/comparing-domain-registrars.md

@ -3,7 +3,7 @@ title: "Comparing my domain registrars"
date: "2021-03-20"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload"]
tags: ["100daystooffload", "webdev"]
---
Over my life as a mostly hobby web developer I had used multiple domain
@ -92,7 +92,7 @@ This is the winner of this match, I am transferring everything here. It
took a few months of testing, but I have found they offer everything I
needed. The support by chat or by email is great. I had an issue with the
SMS gate they were using. They are located in Canada and had to allow to
send SMS to Slovakia. Maybe Iwas their first customer from Slovakia that
send SMS to Slovakia. Maybe I was their first customer from Slovakia that
decided to verify the phone number. It got resolved however.
The UI is minimalistic and clean. The prices are so good that there is

2
content/blog/comprehensive-guide-pkgfile.md

@ -120,7 +120,7 @@ probing, simple grepping was sufficient for all my use cases so far.
The above examples felt robust enough I've thought that I have pretty much
nailed them, until I have stumbled across a
[comment](https://bbs.archlinux.org/viewtopic.php?pid=1074282#p1074282) on
the Archlinux forum, that changed my perspective. The humble post states:
the Arch Linux forum, that changed my perspective. The humble post states:
```bash
pkgfile netstat

2
content/blog/converted-my-blog-to-zola.md

@ -3,7 +3,7 @@ title: "I converted my blog to zola!"
date: "2021-06-21"
updated: "2021-06-21"
taxonomies:
tags: ["100daystooffload", "journal"]
tags: ["100daystooffload", "journal", "zola"]
---
Today, precisely one year ago, was the day was I last time in my previous

4
content/blog/cross-compiling-vs-cross-compiling.md

@ -3,7 +3,7 @@ title: "Cross-compiling vs cross-compiling"
date: "2021-06-16"
updated: "2021-06-17"
taxonomies:
tags: ["100daystooffload", "javascript"]
tags: ["100daystooffload", "node", "software"]
---
This topic is drives me for some time. Cross-compiling is actually a
@ -42,7 +42,7 @@ some others, most closed with "not going to happen anytime soon" message.
Sad.
With all the complications, it looks like I will be better of buying some
ARM laptop for shipping applications based on JavaScript on the embedded
ARM laptop for shipping applications based on Javascript on the embedded
systems.
This is a 91th post of [#100daystooffload](https://100daystooffload.com).

59
content/blog/cross-package-node-app-arm-qemu-docker.md

@ -3,7 +3,7 @@ title: "Cross package Node app for ARM using QEMU and Docker"
date: "2020-10-26"
updated: "2020-12-22"
taxonomies:
tags: ["docker", "arm", "qemu"]
tags: ["docker", "arm", "qemu", "node"]
---
- Download `2020-08-20-raspios-buster-armhf-lite.zip` from the
@ -29,7 +29,8 @@ su - $(whoami)
## QEMU setup
- Allow your computer to emulate ARM binaries permanently[^arch_qemu]
- Allow your computer to
[emulate ARM binaries permanently](https://wiki.archlinux.org/index.php/QEMU#Chrooting_into_arm/arm64_environment_from_x86_64):
```bash
yay -S binfmt-qemu-static qemu-user-static
@ -41,14 +42,19 @@ Verify emulation setup
grep enabled /proc/sys/fs/binfmt_misc/qemu-arm
```
Alternatively, a temporary solution for most distributions[^docker_arm]
Alternatively,
[a temporary solution](https://www.docker.com/blog/getting-started-with-docker-for-arm-on-linux/)
for most distributions:
```bash
docker run --rm --privileged docker/binfmt:820fdd95a9972a5308930a2bdfb8573dd4447ad3
```
Run privileged containers with **caution**[^privileged], at least peek into
the container's layers[^binfmt_layers] before running
Run privileged containers
[with **caution**](https://www.trendmicro.com/en_us/research/19/l/why-running-a-privileged-container-in-docker-is-a-bad-idea.html),
at least
[peek into the container's layers](https://hub.docker.com/layers/docker/binfmt/820fdd95a9972a5308930a2bdfb8573dd4447ad3/images/sha256-4ed4ace8a54292345304ea270979ee6511e2465722ceeda373b17c4df1ebe658?context=explore)
before running
```bash
yay -s dive
@ -87,7 +93,8 @@ unzip <raspios-image>.zip
sudo losetup --read-only --show -fP <raspios-image>.img
```
Inspect image partitions if needed[^lsblk_stack]
[Inspect image partitions](https://raspberrypi.stackexchange.com/a/109524/59436)
if needed
```bash
lsblk -o name,label /dev/loop0
@ -139,7 +146,9 @@ sudo losetup -d /dev/loop0
## Container image manipulation
- When inside, install Node 14[^node14] and pkg from vercel globally
- When inside,
[install Node 14](https://computingforgeeks.com/install-node-js-14-on-ubuntu-debian-linux-mint/)
and pkg from vercel globally
```bash
wget -qO- https://deb.nodesource.com/setup_14.x | bash -
@ -155,7 +164,8 @@ wget https://github.com/yao-pkg/pkg-binaries/releases/download/v1.0.0/fetched-v1
```
- Exit the container by pressing `Ctrl-D` or typing the `exit` command
- Commit the changes to the image for a reuse[^docker_commit]
- Commit the changes to the image
[for a reuse](https://phoenixnap.com/kb/how-to-commit-changes-to-docker-image)
```bash
docker commit raspios_bare raspios_node_pkg
@ -200,30 +210,9 @@ Done!
## Further read
- https://github.com/vercel/pkg-fetch/releases
- https://github.com/lukechilds/dockerpi
- http://kmdouglass.github.io/posts/how-i-built-a-cross-compilation-workflow-for-the-raspberry-pi/
- http://modernhackers.com/virtualize-raspberry-pi-3-s-to-run-docker-swarm-cluster-on-it/
- https://docs.docker.com/storage/volumes/#start-a-container-with-a-volume
- https://hub.docker.com/r/docker/binfmt/tags
## References
[^docker_arm]:
https://www.docker.com/blog/getting-started-with-docker-for-arm-on-linux/
[^arch_qemu]:
https://wiki.archlinux.org/index.php/QEMU#Chrooting_into_arm/arm64_environment_from_x86_64
[^binfmt_layers]:
https://hub.docker.com/layers/docker/binfmt/820fdd95a9972a5308930a2bdfb8573dd4447ad3/images/sha256-4ed4ace8a54292345304ea270979ee6511e2465722ceeda373b17c4df1ebe658?context=explore
[^privileged]:
https://www.trendmicro.com/en_us/research/19/l/why-running-a-privileged-container-in-docker-is-a-bad-idea.html
[^lsblk_stack]: https://raspberrypi.stackexchange.com/a/109524/59436
[^node14]:
https://computingforgeeks.com/install-node-js-14-on-ubuntu-debian-linux-mint/
[^docker_commit]:
https://phoenixnap.com/kb/how-to-commit-changes-to-docker-image
- <https://github.com/vercel/pkg-fetch/releases>
- <https://github.com/lukechilds/dockerpi>
- <http://kmdouglass.github.io/posts/how-i-built-a-cross-compilation-workflow-for-the-raspberry-pi/>
- <http://modernhackers.com/virtualize-raspberry-pi-3-s-to-run-docker-swarm-cluster-on-it/>
- <https://docs.docker.com/storage/volumes/#start-a-container-with-a-volume>
- <https://hub.docker.com/r/docker/binfmt/tags>

19
content/blog/digital-privacy-new-currency.md

@ -3,15 +3,16 @@ title: "Digital privacy as a new currency"
date: "2021-03-21"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload", "privacy"]
tags: ["100daystooffload", "privacy", "journal"]
---
This morning I was a briefly part of the interesting
conversation^[<https://babic.dev/notice/A5QoI8kMcMWKKgPSgC>] started at the
Fediverse microbloging server [fosstodon.org](https://fosstodon.org/) by
the user [@kip](https://fosstodon.org/@kip). The thread started by the
privacy oriented resolution kip made, stating that they are about to make
steps aimed at increasing their online privacy, particularly _de-googling_
This morning I was a briefly
[a part of the interesting conversation](https://babic.dev/notice/A5QoI8kMcMWKKgPSgC)
started at the Fediverse microblogging server
[fosstodon.org](https://fosstodon.org/) by the user
[@kip](https://fosstodon.org/@kip). The thread started by the privacy
oriented resolution kip made, stating that they are about to make steps
aimed at increasing their online privacy, particularly _de-googling_
(removing Google related software from their devices up to the point of
removing their user account entirely).
@ -68,7 +69,7 @@ without it.
Installing the TrackerControl app was in fact much simpler than replacing
the whole operating system on the phone. I have installed it out of
curiosity. I have learned that it creates a local VPN to intercept the data
communication, limiting other apps access to the outside ntowrk. This
communication, limiting other apps access to the outside network. This
solution was novel to me and I do not understand all the implications yet.
I have assumed that TrackerControl would ask me every time an app would
@ -84,7 +85,7 @@ hindrance. In order to prevent all data from leaking the phone, it is
suggested to turn of the network before rebooting the device, as
TrackerControl is turned on later than Google services.
Yet I become a bit skeptical. I could turn off wifi network every time I
Yet I become a bit skeptical. I could turn off Wi-Fi network every time I
needed to reboot the phone, but turning off data access reliably requires
taking the SIM card out. With physical SIM cards it is still possible,
albeit quite unpractical. With the industry shifting towards eSIM, this

8
content/blog/feature-task-lists-gitea-issues/index.md

@ -3,19 +3,19 @@ title: "Feature: task list in Gitea issues"
date: "2021-04-07"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload"]
tags: ["100daystooffload", "gitea"]
---
There is a feature in Gitea that got me a little puzzled recently.
![A task list progress is shown in the issues list](feature-gitea-task-list.png)
At frist, I thought it is related to Project Milestones (a Kanban Board in
At first, I thought it is related to Project Milestones (a Kanban Board in
Gitea). After clicking around at everything I have found, and even removing
all the boards and milestones, the icon with a progress bar persisted.
Later I have found GitHub has a silimar functionality, given Gitea tries to
be feature compatible with Github, called **task lists**, which are the
Later I have found GitHub has a similar functionality, given Gitea tries to
be feature compatible with GitHub, called **task lists**, which are the
checkboxes in the issue description:
```

2
content/blog/feelings-about-writing-break.md

@ -3,7 +3,7 @@ title: "Feelings about the writing break"
date: "2021-06-09"
updated: "2021-06-09"
taxonomies:
tags: ["100daystooffload", "journal"]
tags: ["100daystooffload", "journal", "personal"]
---
My pause from the daily writing for a week due to holiday led me to

2
content/blog/first-impressions-qelectrotech-wiring-diagrams.md

@ -3,7 +3,7 @@ title: "First impressions: QElectroTech wiring diagrams"
date: "2021-05-30"
updated: "2021-05-30"
taxonomies:
tags: ["100daystooffload"]
tags: ["100daystooffload", "software", "industrial"]
---
Facing against the task to document the wiring of the control cabinet I had

10
content/blog/fix-platformio-avrdude-input-output-error.md

@ -49,16 +49,16 @@ related, pointing out kernel versions that exhibit this particular issue,
but the solution for me as well was disabling an USB autosuspend feature.
It is possible to disable an USB autosuspend from at least three places:
1. via the bootloader kernel parameter (see Stack Exchange link above)
1. via the udev rules (see links at the bottom)
1. via `tlp` configuration (the solution from Reddit thread above)
1. Via the bootloader kernel parameter (see Stack Exchange link above)
1. Via the `udev` rules (see links at the bottom)
1. Via `tlp` configuration (the solution from Reddit thread above)
I had `tlp` already installed. It is used for power management in linux.
I had `tlp` already installed. It is used for power management in Linux.
The solution is to edit `/etc/tlp.conf`, uncomment and edit
`USB_AUTOSUSPEND=0`. After reboot, no the problem was gone.
Note that this probably means that the laptop might last a little less on
batter power and a specific udev rule for this might be more optimal, I
batter power and a specific `udev` rule for this might be more optimal, I
could not get it to work this way, but would love to see such solution.
This is a 60th post of [#100daystooffload](https://100daystooffload.com).

8
content/blog/folderize-your-post-for-ssg.md

@ -3,15 +3,15 @@ title: "Folderize your post for SSG"
date: "2021-06-29"
updated: "2021-06-29"
taxonomies:
tags: ["ssg", "bash", "markdown"]
tags: ["ssg", "bash", "markdown", "cli"]
---
Since I have converted my blog to zola, I started using assets a little bit
Since I have converted my blog to Zola, I started using assets a little bit
more in the posts. I am still not sure if it is the right thing, but for
now it helps me convey information in addition to text.
To embed a photo into the post, there are at least two main options
available in zola:
available in Zola:
[static assets](https://www.getzola.org/documentation/content/overview/#static-assets)
and
[asset colocation](https://www.getzola.org/documentation/content/overview/#asset-colocation).
@ -45,7 +45,7 @@ content/is-emacs-better-than-vim/index.md
content/is-emacs-better-than-vim/raging-flamewar-photo.jpg
```
There is more going on under the hood, but zola docs have it covered. What
There is more going on under the hood, but Zola docs have it covered. What
I want to focus on is the process of getting from the first option to the
second one. This happens to me, when I want to add the picture into the
existing older post when updating it, or when I start writing the post and

14
content/blog/following-renames-in-gitlog.md

@ -3,16 +3,16 @@ title: "Following file renames in gitlog"
date: "2020-12-04"
updated: "2020-12-22"
taxonomies:
tags: ["bash"]
tags: ["bash", "git", "node"]
---
After my
[previous attempt](https://peterbabic.dev/blog/following-renames-in-gitlog)
to get published date and the edited date of the post that lives entirely
in the git somehow reached the dead end because I could not realiably find
in the git somehow reached the dead end because I could not reliably find
out how to handle renames, I have finally found a working way.
- Start by preparing a file with a git hitory, cotaining a rename
- Start by preparing a file with a git history, containing a rename
```bash
git log --follow --name-status renamed-blog-post.md
@ -98,7 +98,7 @@ gitlog(options).forEach(entry => console.log(entry))
The `branch: "--follow"` is a hack unfortunately - as a time of writing,
the [gitlog](https://www.npmjs.com/package/gitlog) is version **4.0.3** and
does not support **follow** parameter directly. Inpecting the
does not support `follow` parameter directly. Infecting the
[code](https://github.com/domharrington/node-gitlog/blob/cdda193e428bcde0f6c64163e73055d816792c98/src/index.ts#L278)
however reveals that **branch** allows to sneak in any text, not just
branch names, because there are no sanitization there.
@ -109,7 +109,7 @@ branch names, because there are no sanitization there.
npx ts-node-dev server.ts
```
Produces desired results, the **authorDate** property is easy to parse
Produces desired results, the `authorDate` property is easy to parse
```js
{
@ -149,10 +149,10 @@ The parsing steps could then include
was published)
1. The last entry with the **M** status holds the date of the last edit
1. If the last entry holds the **R** status and its _score_ is lower than
100, this means that file was renamed **and** edited, now loding the
100, this means that file was renamed **and** edited, now loading the
last edit date
The details about the _score_ from the git diff
The details about the **score** from the git diff
[documentation](https://git-scm.com/docs/git-diff#_raw_output_format)
> Status letters C and R are always followed by a score (denoting the

2
content/blog/giving-up-hope-on-svelte-kit.md

@ -3,7 +3,7 @@ title: "Giving up hope on svelte-kit"
date: "2021-06-13"
updated: "2021-06-14"
taxonomies:
tags: ["100daystooffload", "svelte"]
tags: ["100daystooffload", "svelte", "personal", "journal"]
---
Casually checking on status of [svelte-kit](https://kit.svelte.dev/) after

4
content/blog/global-search-fzf-vim.md

@ -3,7 +3,7 @@ title: "Global search for vim and fzf"
date: "2021-04-30"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload", "vim"]
tags: ["100daystooffload", "vim", "cli"]
---
This post is a continuation of both my
@ -12,7 +12,7 @@ and an another my
[post about Syncting(ing) the entire phone](https://peterbabic.dev/blog/syncthing-can-sync-entire-phone/).
I have found the combined result of both setups loosely described in those
posts to be an unexpected symbiosis that works very well for editing my
markdown files, especially quick phone notes, todo lists and shopping
markdown files, especially quick phone notes, TODO lists and shopping
lists. The setup allows me to very quickly edit my notes or lists on the
phone using [Markor](https://f-droid.org/en/packages/net.gsantner.markor)
editor, synced it into my laptop via

10
content/blog/gnome-shell-forty-upgrade.md

@ -3,7 +3,7 @@ title: "Gnome Shell 40 upgrade"
date: "2021-04-08"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload", "gnome"]
tags: ["100daystooffload", "gnome", "linux"]
---
Performing my mundane periodic software package upgrade on a laptop I did
@ -21,7 +21,7 @@ previously. When that bug got fixed, I got back to Gnome Shell, fixed a
[small issue](https://peterbabic.dev/blog/hide-blueman-applet-gnome-shell/)
and hoped I could use it again, only to find that now Wi-fi dialog cannot
be closed. Since I did not have time nor nerve to deal with that back then,
I went on using XFCE, sice I had it configured already and there were
I went on using XFCE, since I had it configured already and there were
mostly no problems but a few, but they are a part of XFCE design for at
least as long as I remember it, so generally pretty usable.
@ -60,12 +60,12 @@ Next in line, many keyboard shortcuts did not work very well. I decided to
use dconf editor and use _revert recursively_ on all gnome settings, but
this did not work, as the dconf editor kept crashing this way. I then went
to at least restore all keyboard shortcuts manually and this worked, but I
obviolusly had to redefine them back to my preferred configuration. After
obviously had to redefine them back to my preferred configuration. After
the tedious click-through cycle, all the shortcuts worked well.
I was using vertical worskspaces in previous Gnome Shell releases and now
I was using vertical workspaces in previous Gnome Shell releases and now
they are gone, but this is more in line with the XFCE workflow I had been
sticking to during previous years, o it required only minor adjustments.
sticking to during previous years, so it required only minor adjustments.
The last thing I had to do was to re-assign Flameshot for a PrtSc button.
## Final words

6
content/blog/gnupg-security-token-arrived.md

@ -3,7 +3,7 @@ title: "GnuPG security token has arrived"
date: "2021-04-27"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload", "gnupg", "openpgp", "security"]
tags: ["100daystooffload", "gnupg", "security"]
---
I have started learning more about the GnuPG security tokens fairly
@ -32,7 +32,7 @@ I have chosen the keycard because of these factors:
- They come with contactless interface, so interaction with a phone is
streamlined
- Keycard fits nicely into the wallet among other things in a similar
category, i.e. credit cards
category, for example credit cards
I was not in favor of a token that goes onto my physical keyring. Keys tend
to damage and scratch any plastic gadgets hanging around them. Keycard on
@ -112,7 +112,7 @@ as it clearly states the following:
Shame on me! I will probably have to buy another security token in the
future. For now, I will at least learn how to use this one with all the
underlying concepts until the absolute necessity for having the keys
accessible on the phone arises. Obviosuly, without resorting to storing the
accessible on the phone arises. Obviously, without resorting to storing the
keys on the phone directly, I do not want to do that. These security tokens
are made for a specific reason after all.

2
content/blog/hate-speech-in-fediverse.md

@ -3,7 +3,7 @@ title: "Hate speech in the Fediverse?"
date: "2021-04-10"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload", "fediverse"]
tags: ["100daystooffload", "fediverse", "personal"]
---
Fediverse is still an unknown for _a lot_ of people. It is also unregulated

8
content/blog/have-published-first-game/index.md

@ -3,7 +3,7 @@ title: "I have published my first game"
date: "2021-03-23"
updated: "2021-05-09"
taxonomies:
tags: ["100daystooffload"]
tags: ["100daystooffload", "journal"]
---
Go play it at <https://triangles.fun>
@ -20,13 +20,13 @@ similar and the picture I have found in my archive is below.
## Reception
I have made some announcements around the internet on Reddit, Hackernews,
I have made some announcements around the Internet on Reddit, Hackernews,
itch.io and Svelte's Discord channel. I have made some Toots on
<https://babic.dev> server.
Apart from Reddit, most other channels did not provide almost any
responses, but I did not expect any. Few people on the reddit thread asked
for the code, so I have polished the repo and made it public here
responses, but I did not expect any. Few people on the Reddit thread asked
for the code, so I have polished the repository and made it public here
<https://git.peterbabic.dev/peter.babic/triangles-fun>
Enjoy!

14
content/blog/hide-blueman-applet-gnome-shell.md

@ -17,18 +17,16 @@ The problem is that when `blueman-applet` is present within Gnome Shell and
`KStatusNotifierItem/AppIndicator Support` is enabled, Bluetooth icon
appears in the tray, which is undesirable.
To hide the Bluetooth icon from the tray, first copy the config
file^[<https://bbs.archlinux.org/viewtopic.php?id=210844>]:
To hide the Bluetooth icon from the tray, first
[copy the config file](https://bbs.archlinux.org/viewtopic.php?id=210844):
```bash
cp /etc/xdg/autostart/blueman.desktop ~/.config/autostart
```
Then insert `NotShowIn=GNOME;` into that
file^[<https://bugzilla.redhat.com/show_bug.cgi?id=1432555>]. Note that the
setting appear to be case-sensitive, so make sure that the spelling is
right.
## References
Then insert `NotShowIn=GNOME;`
[into that file](https://bugzilla.redhat.com/show_bug.cgi?id=1432555). Note
that the setting appear to be case-sensitive, so make sure that the
spelling is right.
This is a 18th post of [#100daystooffload](https://100daystooffload.com).

6
content/blog/how-commit-history-tells-when-post-published.md

@ -3,13 +3,13 @@ title: "How your commit history tells you when your post was published"
date: "2020-07-10"
updated: "2020-12-22"
taxonomies:
tags: ["javascript"]
tags: ["javascript", "git"]
---
Have you ever wondered about the sheer amount of problems you encounter
daily? Some of them disappear over time. Some of them may be ignored. Some
of them might be delegated to someone else, if you can afford it. If none
of these options are available, your time and your attension is required.
of these options are available, your time and your attention is required.
Usually, these are kind of problems that you need to solve personally to
move further in what you are doing.