Directly embedding images into a Github wiki

Although there’s a reasonable amount of posts saying that you have to upload a image to your repository (the code), and then link with the “raw” approach, my colleague and I found a more elegant solution:

Upload the image directly into the Wiki repository

Indeed the wiki is just another Git repo ! Here is the github page.

So basically you need first clone the wiki repo: git clone https://github.com/YOUR_USERNAME/YOUR_REPOSITORY.wiki.git

Then you add your image:

cp ~/myimage.png YOUR_REPOSITORY.wiki/
cd YOUR_REPOSITORY.wiki
git add myimage.png
git commit -m "added picture for the wiki"
git push

Your image is now available at https://raw.githubusercontent.com/wiki/USERNAME/REPOSITORY/myimage.png

so you only need to link it in your Wiki using the regular link [text]("https://raw.githubusercontent.com/wiki/USERNAME/REPOSITORY/myimage.png")

Install Pass on different machines with gpg

Using Pass + gpg on different machines

Piouf, as my first introduction to gpg, that was more complicated than expected. Pass is a password manager that uses gpg to encrypt your password and can be intergrated with Git. So as long as you have the same gpg key on your devices, you can have the passwords in clear text AND being able to push those encrypted password on any git repo. That’s cool !

Create key

gpg --gen-key (it can depends on your distro) Choose (1) Rsa & Rsa with 4096 bits (at least)

Export key to remote server

Notes from https://www.debuntu.org/how-to-importexport-gpg-key-pair/

  • Lookup the id of your key: gpg --list-keys
  • Export public key: gpg --output mygpgkey_pub.gpg --armor --export <key-id> where key-id is the last part when you list the key *****/<key-id>
  • Export secret key : gpg --output mygpgkey_sec.gpg --armor --export-secret-key ******
  • Copy keys to remote server: scp mygpgkey_pub.gpg mygpgkey_sec.gpg user@remotehost:~/
  • Connect to remote: ssh user@remotehost
  • Import the public key: gpg --import ~/mygpgkey_pub.gpg
  • Import the secret key: gpg --allow-secret-key-import --import ~/mygpgkey_sec.gpg

Troubles

I’ve had trouble when importing the key because of pinentry. In Archlinux, pinentry points to /usr/bin/pintentry-gtk (why …?). You have to delete the symlink /usr/bin/pinentry and to point it to whatever (ncurse, or tty if you work on a remote server)

Pass manager

At this point you can use the Pass manager with the key you created:

pass init <mykey-id>
pass git init

Then register one password to test if it works

pass insert server/test

If it fails with There is no assurance this key belongs to the named user, that mean you have to put a higher level of trust in the key you just imported. To do that:

gpg --edit-key <mykey-id>
trust
5 (maximum level since it is basically my key)
quit

Then you can try again to register the password and it should works !

Different machines

Now on the remote server you have a git repo in $HOME/.password_store. If you want your passwords on another machines, make sure you import the key as before. Then you simply can do: cd && git clone user@myserver.com:~/.password-store Then your local pass will simply look at this file.

Happy password managing ><

Install Archlinux on Remote server

After meeting with a bunch of hardcore systems geeks, I decided to put my effort back into a secure & custom server that I will actually use ;) Here’s my steps for ArchLinux:

Installing ArchLinux on remote server

Drives

First you need to setup your drives correctly. I use fdisk and you can find any decent tutorial on it easily. For encrypting one of the partitions, I follow the archlinux guide (https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_a_non-root_file_system). I did not try to encrypt the whole filesystem because it seemed a bit overkill for my needs. I simply have /dev/sda3 encrypted where all my datas are.

cryptsetup -y -v luksFormat /dev/sda3
cryptsetup open /dev/sda3 cryptroot
mkfs -t ext4 /dev/mapper/cryptroo

System

For installing on the drives, they need to be unmounted so you need to boot on “rescue” image that your hosting provider is surely providing you. Mine was offering a Debian image.

For the rest of the steps, simply follow the guide on ArchLinux (https://wiki.archlinux.org/index.php/Install_from_existing_Linux).

The following notes are simply some stuff that kept me crazy during a lot of hours.

Notes

  • Install haveged before running pacman-key --init, it’ll be WAY much faster.
  • DON’T forget to copy /etc/resolv.conf from the rescue distribution to the arhclinux one, or use your own (openDNS forexample).
  • Change the udev rules so you have eth0 instead of .. whatever: [root@***** ~]# cat /etc/udev/rules.d/10-network.rules SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="**:**:**:**:**:**",NAME="eth0"}
  • use netctl (for lxc ease-of-use containers network): [root@**** ~]# cat /etc/netctl/ethernet-static Description='Server ethernet connection' Interface=eth0 Connection=ethernet IP=static Address=('****/24') Gateway='****' DNS=('****')
  • Don’t forget to netctl enable ethernet-static
  • Don’t forget to systemctl enable sshd
  • For non official packages, install yaourt:

    [root@****] cat /etc/pacman.conf
    # ####
    # ...
    [archlinuxfr]
    SigLevel = Never
    Server = http://repo.archlinux.fr/$arch
    

About Me

Since I’ve read so much from other blogs, I thought I should share a bit more, get out of my confort zone and share some thoughts / experiences that may be useful to others.It’s actually also a nice way to remember things for yourself.

Some thoughts...

About passionate people …

I’ve attented the TorDev meeting 2016 in Valencia & some parts of the IFF also taking place right after it in the same city. That was my first dive into this world of open source communities / hacktivists / hardcore systems hackers etc. Man, it was worth it ! To be honest that was a lot to process and I felt a bit over pressured since I was not very involved at that time in those communities and I’ve put been in their sessions and group meetings just as if I were an equally important contributor so.. that felt a bit wrong at first sight. Of course, I’ve told my little me in my head to go out there and talk to people about what you think, this project, the way this is done and so on, but this feeling of being small was very present throughout the first days, mostly during the TorDev meeting. Finally I got to talk to one or two people about the projects I work on and how this might be / or not / a good idea to try that on Tor, and then I’ve had kind of a goal, so I guess that helped me relieve a bit from that pressure.

What I find crazy about all this is the gathering of people coming from all differents kinds of background, places and have all different kind of skills. They gather together and make something great out of it. They can because for most of them, they’re one of the most highly talented, kind & patient people I’ve ever met, all at the same time. This kind of atmosphere you have here is very different from what you can experience elsewhere (for me at least). It’s like you feel you almost already know the people in the place, even if you don’t, so you feel relaxed and you laugh with them and such, and in the same time, you talk about hard problems with them like you would do small talk with your friends.

One of the big thing that has been poking my mind a lot is that most of the people I’ve met have their own identity. They dress some specific way, they think a very peculiar way, they behave in a peculiar way, they are specialized and sometimes not. They do what they like and they like Tor or any other privacy-security systems and they do something useful because they actually like it. What’s the best motivation if not passion ? And because of that, they actually get out of the typical good citizen picture that we’ve been taught from childhood. From my point of view, they seemed to get in their own path actually.

All of this had led to a series of questions about what I want to do in my life. Not what would be the best to do, but what I really want to do ? How do I construct this inner identity ? Would it be by following your inner choice (i.e. instinct) in your life instead of what seems to be the best, or the more reasonable ? I know a lot of people that actually fit very well in their environment they’ve been given and don’t try to change it, but rather simply try to enjoy it. For my part I find it difficult to fit in the system I’m in now. After some more thoughts, the reason I come up with is that I haven’t really followed my instincts throughout my life. I’ve basically tried to do things I like but in a way that fits the system regardless on how I would have done it otherwise. These questions seems very high-level but actually can be applied for very practical stuff:

  • Should I go to work the way I want (large hippie pan or colorful hairs or no hairs or with flipflop or whatever) regardless of every other people that do not behave in any other way that the regular pants + shirt ? There’s not even an actual rule about it, but the people have the tendency to judge you from the way you look (in the place I’m in). If you’re not an actual genius, you don’t have that excuse to not behave like this. I don’t know why geniuses get to behave the way they want but not us? It seems childish but I do feel this way in the place I work & live.
  • Should I fuck off of the IT guys and install my own Archlinux on the Mac they’ve been given to me ? I actually tried this for a few month now and I miss my Linux machine with my sweet tiling w.m… (I’ve already decided that I’d do it anyway^^)
  • How should I choose the project I want to work on, on my free time. Should they be useful for the community even if I find them boring at first sight ? Should I choose them according to the most passion I have about them ? That’s a tough one for me now because I think both are essentials but my coding-free-time is very limited. Get deep into other’s people code and fixing bugs OR implement a cool stuff with a cool language that may or may not be used later by the community if this proves to be adequately coded ?
  • Regardless the utility vs usefulness question, in what kind of projects do I want to be involved in ? Of course, it seems great to take part in projects that protects privacy or circonvemt censorship. And of course, it seems to suck to work for boring projects like implementing a accountability software in Java (I’m not doing this). Most of the time you just do project because they sound fun or you like the technical side (that’s the one most often used).

After all of this, nothing is resolved and I’ve only have more questions in my mind but it has opened a whole new world of perception / possibilities that I did not really thought about before. Every change is good, so I take it it’s one way of creating your own identity that to ask those questions…

Peace.