-- Leo's gemini proxy
-- Connecting to git.thebackupbox.net:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
repo: blog action: commit revision: path_from: revision_from: 163cf343f2fcfe2536cf791dcfcc4df12c7095dc: path_to: revision_to:
commit 163cf343f2fcfe2536cf791dcfcc4df12c7095dc Author: epoch <epoch@thebackupbox.net> Date: Tue Jan 17 06:05:31 2023 +0000 forgot a lot of things... oh well. diff --git a/bookmarklets b/bookmarklets new file mode 100644 index 0000000000000000000000000000000000000000..3d3f92777fa37ae775ddc98207ac9a8c8641386a --- /dev/null +++ b/bookmarklets @@ -0,0 +1,57 @@ +# bookmarklet collection! + +(note: this isn't for gemini) +=> https://thebackupbox.net/~epoch/blog/bookmarklets you can play with this page over http + +I'm collecting bookmarklets because it seems a lot of people forget they exist, or what they're capable of, then end up making add-ons when they don't need to. + +## mastodon share + +=> javascript:location.href="https://tilde.zone/share?text="+escape(location.href); bookmarklet to share current URL with your tilde.zone account. +change the domain in the bookmarklet to suit your needs. +``` +javascript:location.href="https://tilde.zone/share?text="+escape(location.href); +``` + +## random tvtrope + +=> javascript:location.href="http://tvtropes.org/pmwiki/randomitem.php?__cache_breaker__="+Math.random(); random tvtropes trope page. +``` +javascript:location.href="http://tvtropes.org/pmwiki/randomitem.php?__cache_breaker__="+Math.random(); +``` +I found the randomitem.php URL in an add-on that no longer worked and added a random value to it to get around a cache that seems +to have been preventing this from just being a basic link. + +## invert lightness + +this next one is kind of long so I won't put a link to it. +I stole it from stack overflow I think. it is to invert the lightness of a page. + +=> javascript:(function(){function%20RGBtoHSL(RGBColor){with(Math){var%20R,G,B;var%20cMax,cMin;var%20sum,diff;var%20Rdelta,Gdelta,Bdelta;var%20H,L,S;R=RGBColor[0];G=RGBColor[1];B=RGBColor[2];cMax=max(max(R,G),B);cMin=min(min(R,G),B);sum=cMax+cMin;diff=cMax-cMin;L=sum/2;if(cMax==cMin){S=0;H=0;}else{if(L<=(1/2))S=diff/sum;else%20S=diff/(2-sum);Rdelta=R/6/diff;Gdelta=G/6/diff;Bdelta=B/6/diff;if(R==cMax)H=Gdelta-Bdelta;else%20if(G==cMax)H=(1/3)+Bdelta-Rdelta;else%20H=(2/3)+Rdelta-Gdelta;if(H<0)H+=1;if(H>1)H-=1;}return[H,S,L];}}function%20getRGBColor(node,prop){var%20rgb=getComputedStyle(node,null).getPropertyValue(prop);var%20r,g,b;if(/rgb\((\d+),\s(\d+),\s(\d+)\)/.exec(rgb)){r=parseInt(RegExp.$1,10);g=parseInt(RegExp.$2,10);b=parseInt(RegExp.$3,10);return[r/255,g/255,b/255];}return%20rgb;}function%20hslToCSS(hsl){return%20"hsl("+Math.round(hsl[0]*360)+",%20"+Math.round(hsl[1]*100)+"%,%20"+Math.round(hsl[2]*100)+"%)";}var%20props=["color","background-color","border-left-color","border-right-color","border-top-color","border-bottom-color"];var%20props2=["color","backgroundColor","borderLeftColor","borderRightColor","borderTopColor","borderBottomColor"];if(typeof%20getRGBColor(document.documentElement,"background-color")=="string")document.documentElement.style.backgroundColor="white";revl(document.documentElement);function%20revl(n){var%20i,x,color,hsl;if(n.nodeType==Node.ELEMENT_NODE){for(i=0;x=n.childNodes[i];++i)revl(x);for(i=0;x=props[i];++i){color=getRGBColor(n,x);if(typeof(color)!="string"){hsl=RGBtoHSL(color);hsl[2]=1-hsl[2];n.style[props2[i]]=hslToCSS(hsl);}}}}})() invert page lightness + +``` +javascript:(function(){function%20RGBtoHSL(RGBColor){with(Math){var%20R,G,B;var%20cMax,cMin;var%20sum,diff;var%20Rdelta,Gdelta,Bdelta;var%20H,L,S;R=RGBColor[0];G=RGBColor[1];B=RGBColor[2];cMax=max(max(R,G),B);cMin=min(min(R,G),B);sum=cMax+cMin;diff=cMax-cMin;L=sum/2;if(cMax==cMin){S=0;H=0;}else{if(L<=(1/2))S=diff/sum;else%20S=diff/(2-sum);Rdelta=R/6/diff;Gdelta=G/6/diff;Bdelta=B/6/diff;if(R==cMax)H=Gdelta-Bdelta;else%20if(G==cMax)H=(1/3)+Bdelta-Rdelta;else%20H=(2/3)+Rdelta-Gdelta;if(H<0)H+=1;if(H>1)H-=1;}return[H,S,L];}}function%20getRGBColor(node,prop){var%20rgb=getComputedStyle(node,null).getPropertyValue(prop);var%20r,g,b;if(/rgb\((\d+),\s(\d+),\s(\d+)\)/.exec(rgb)){r=parseInt(RegExp.$1,10);g=parseInt(RegExp.$2,10);b=parseInt(RegExp.$3,10);return[r/255,g/255,b/255];}return%20rgb;}function%20hslToCSS(hsl){return%20"hsl("+Math.round(hsl[0]*360)+",%20"+Math.round(hsl[1]*100)+"%,%20"+Math.round(hsl[2]*100)+"%)";}var%20props=["color","background-color","border-left-color","border-right-color","border-top-color","border-bottom-color"];var%20props2=["color","backgroundColor","borderLeftColor","borderRightColor","borderTopColor","borderBottomColor"];if(typeof%20getRGBColor(document.documentElement,"background-color")=="string")document.documentElement.style.backgroundColor="white";revl(document.documentElement);function%20revl(n){var%20i,x,color,hsl;if(n.nodeType==Node.ELEMENT_NODE){for(i=0;x=n.childNodes[i];++i)revl(x);for(i=0;x=props[i];++i){color=getRGBColor(n,x);if(typeof(color)!="string"){hsl=RGBtoHSL(color);hsl[2]=1-hsl[2];n.style[props2[i]]=hslToCSS(hsl);}}}}})() +``` + +## change tab title + +=> javascript:{document.title=prompt("new\x20title");void(0)} change current tab's title. +``` +javascript:{document.title=prompt("new title");void(0)} +``` + +## linkify minetest + +this one converts the list at +=> https://minetest.servers.net/ +to include minetest:// links for each server if you decide to write you own minetest:// support for your computer... I did. + +=> javascript:{a=document.getElementsByClassName("address");for(i=0;i<a.length;i++){if(a[i].children[0].title){c=a[i].children[0].title;d=a[i].children[0].innerHTML}else{c=a[i].children[0].innerHTML;d=c;}a[i].children[0].innerHTML='<a%20href="minetest://'+c+'">'+d+'</a>'}};void(0); don't bother clicking here, it won't do anything. +bookmark this link first, then go to minetest.servers.net, THEN click the bookmarklet to get links in the server list. :) + +=> https://thebackupbox.net/~epoch/minetest.html (or just use the minetest server list I made) + +``` +javascript:{a=document.getElementsByClassName("address");for(i=0;i<a.length;i++){if(a[i].children[0].title){c=a[i].children[0].title;d=a[i].children[0].innerHTML}else{c=a[i].children[0].innerHTML;d=c;}a[i].children[0].innerHTML='<a%20href="minetest://'+c+'">'+d+'</a>'}};void(0); +``` + diff --git a/certs b/certs new file mode 100644 index 0000000000000000000000000000000000000000..5fb56237d84501bec293a63d1faa1b815bad55f5 --- /dev/null +++ b/certs @@ -0,0 +1,43 @@ +# TLS/SSL cert recipes. + +I guess I'll put this into Makefile format. +partially stolen from my letsencrypt repo. +=> //git.thebackupbox.net/letsencrypt + +you'll want to replace my domain with your own domain. +and if you use the acme-tiny part, you'll want to change the acme-dir to your own. + +## to make a new key +``` +keys/%.key.pem: + openssl req -x509 -newkey rsa:4096 -keyout $@ -nodes +``` + +## to make self-signed certs with pre-existing keys +``` +self-signed/%.crt: keys/%.key.pem + openssl req -x509 -key $< -out $@ -sha256 -days 365 +``` + +these first two things should be all that you need for gemini. +if you are interested in also getting your cert signed... + +## to make new cert signing request +this line has a bit of extra stuff that goes with it... +the config file contains sections where I put subjectAltName like: +``` +[_https] +subjectAltName=DNS:git.thebackupbox.net,DNS:www.thebackupbox.net +``` + +``` +csr/%.csr: keys/%.key.pem + openssl req -new -sha256 -key $< -subj "/CN=thebackupbox.net" -reqexts _$* -config openssl.cnf > $@ +``` + +## to get acme-tiny to get our csr signed. +``` +LE-signed/%.crt: csr/%.csr + ./acme-tiny/acme_tiny.py --account-key keys/.account.key.pem --csr $< --acme-dir /var/www/sites/hacking/.well-known/acme-challenge > $@.tmp && mv -f $@.tmp $@ || rm $@.tmp + +``` diff --git a/crypto b/crypto
--- a/crypto +++ b/crypto @@ -106,6 +106,35 @@ ssb cv25519/0xA21417EA02148649 2021-08-20 [E] [expires: 2031-08-18] ssb ed25519/0xBFF7C81B266B6EAF 2021-08-20 [A] [expires: 2031-08-18] ``` +### update, Jan 16th 2023 + +I did a small change to my computer so application/pgp-encrypted content-types +are now opened by an appropriate external program. in my case, I'm passing to +mimestart (one of my script) that then checks the config file for a pipeline +to run on the filename passed to it, the pipeline then pops up a terminal +that contains less -f <(gpg -d < %p). to get firefox to recognize this +and launch this when I click on this type of file, I had to use xdg-stuff like: + +``` +xdg-mime query default application/pgp-encrypted +xdg-mime default ~/.local/share/applications/application_pgp-encrypted.desktop application/pgp-encrypted +``` + +where application_pgp-encrypted.desktop (the filename isn't important) was a basic .desktop file like: +``` +[Desktop Entry] +Encoding=UTF-8 +Version=1.0 +Type=Application +NoDisplay=true +Exec=mimestart %F +Name=mimestart +Comment=mimestart +Mimetype=application/pgp-encrypted +``` + +=> https://unix.stackexchange.com/questions/77136/xdg-open-default-applications-behavior a thing I read while figuring this out + ## git commit signing ``` diff --git a/firefox b/firefox
--- a/firefox +++ b/firefox @@ -48,3 +48,22 @@ and use xdg-mime to set a .desktop file as the handler ``` xdg-mime default nemo.desktop inode/directory ``` + +## more misc about:config changes + +to keep firefox from thinking your weird domain are searches. such as: zzz.i2p +``` +keyword.enabled: false +``` + +I'm not sure wtf is up with this setting. poking it made stuff work when it wasn't. +poking it again did the same thing. +wtf? +to keep onions from getting filtered like if you have a transparent proxy. +``` +dom.securecontext.allowlist_onions: false +``` + +## some add-ons I use + +=> https://addons.mozilla.org/en-US/firefox/addon/awesome-rss/ diff --git a/index.cgi b/index.cgi new file mode 100755 index 0000000000000000000000000000000000000000..985e2a00135d3338046aac060df69423ce0ce625 --- /dev/null +++ b/index.cgi @@ -0,0 +1,69 @@ +#!/usr/bin/env bash +cd blog 2>&1 >/dev/null 2>&1 + +if [ "${PATH_INFO}" ];then + case "$SERVER_PROTOCOL" in +HTTP*) + printf "Status: 404 Not Found\r\n" + printf "Content-Type: text/plain\r\n\r\n" + printf "Dunno what you're talking about.\n" + exit 0 + ;; +gemini*) + printf "51 Not Found\r\n" + ;; +*) + printf "wtf? gopher?" + ;; +esac +fi + +title='🤖 epoch'\''s "blog"' + +case "$SERVER_PROTOCOL" in + +HTTP*) + printf "Content-Type: text/html; charset=UTF-8\r\n\r\n" + printf '<html>\n' + printf ' <head>\n' + printf ' <title>%s</title>\n' "${title}" + printf ' </head>\n' + printf ' <body>\n' + printf ' <h1>%s</h1>\n' "${title}" + printf "<ul>\n" + find . -maxdepth 1 -type f \ + | grep -v '^\./\.' \ + | grep -v '\.cgi$' \ + | sed 's|^./||g' \ + | while read -r line;do + stat "$line" -c '<li><a href="%n"> %y - %n -- ' \ + | cut '-d ' -f1-3,6- \ + | sed 's|/blog/./|/blog/|g' \ + | tr -d '\n' + grep -m1 '^#' "$line" \ + | sed 's/^#* *//' \ + | sed 's|$|</a></li>|g' + done \ + | sort -rk 3 + printf "</ul>\n" + printf ' </body>\n' + printf '</html>\n' +;; +gemini*) + printf "20 text/gemini\r\n" + printf '# %s\n' "${title}" + find . -maxdepth 1 -type f \ + | grep -v '^\./\.' \ + | grep -v '\.cgi$' \ + | sed 's|^./||g' \ + | while read -r line;do + stat "$line" -c '=> %n %y - %n -- ' \ + | cut '-d ' -f1-3,6- \ + | sed 's|/blog/./|/blog/|g' \ + | tr -d '\n' + grep -m1 '^#' "$line" \ + | sed 's/^#* *//' + done \ + | sort -rk 3 +;; +esac diff --git a/matrix b/matrix new file mode 100644 index 0000000000000000000000000000000000000000..5280139d99fc0f9044b9aa3b14fe8c054d1482ee --- /dev/null +++ b/matrix @@ -0,0 +1,7 @@ +# notes on matrix + +weechat-matrix to verify someone when they're using a new key + +``` +/olm verify @user:host +``` diff --git a/object-verb-naming b/object-verb-naming new file mode 100644 index 0000000000000000000000000000000000000000..11985636963e1aced1a40eddde332d66b9198406 --- /dev/null +++ b/object-verb-naming @@ -0,0 +1,29 @@ +# naming programs + +I like it when I can type a description of the input +and then tab complete things that can do stuff with it. + +like... + +``` +cat image.png | png2pnm | pnm2sixel > image.sixel +``` + +I try to name my tools in this way. + +like, uricut, and html_entities_decode + +echo uri | uri[tab] will show all the tools that can do URI stuff. + +not all of my uri tools read from stdin though so... + +I don't know what a good way of naming is for things that use the argument +of a certain type vs stdin of a certain type. maybe prefix with 's' for stream? +like what sed is to ed. + +that's kind of messy though and doesn't adapt to what already exists with the +netpbm tools. + +what's that one hard problem in computer science? + +naming things, right? diff --git a/tlsa b/tlsa new file mode 100644 index 0000000000000000000000000000000000000000..99c693de887679b2a6b6da99d08b5ca1b0456359 --- /dev/null +++ b/tlsa @@ -0,0 +1,36 @@ +# notes from poking DANE and TLSA stuff + +(thank you to tomasino for having cosmic.voyage use TLSA records) + +brandname openssl has some TLSA support + +``` +openssl s_client -connect cosmic.voyage:1965 -dane_tlsa_domain cosmic.voyage -dane_tlsa_rrdata "$(dig +short -t TLSA _1965._tcp.cosmic.voyage)" +``` + +there's a python script that will verify tlsa records for you. +lot easier to use than the other two +because it does its own DNS lookups. +=> https://github.com/letoams/hash-slinger +=> https://packages.debian.org/hash-slinger + +``` +tlsa --verify --port 1965 cosmic.voyage +``` + +there's another little tool that can do tlsa checking, this time in C. + +=> https://github.com/vdukhovni/ssl_dane + +## grab the cert... +``` +echo | openssl s_client -connect cosmic.voyage:1965 | openssl x509 -out cosmic.cert +``` + +## I don't know what I'm doing. :D +``` +LD_LIBRARY_PATH=. ./connected 3 1 sha256 cosmic.cert cosmic.cert 1965 cosmic.voyage +``` + +I'm not sure why this "works", but it is probably wrong. it isn't using the value from the TLSA record +at all, just two copies of the cert.
-----END OF PAGE-----
-- Response ended
-- Page fetched on Sun Jun 2 12:42:26 2024