List Packages Prime

[root@freebsd13 ~]# pkg prime-list
bash
doas
fping
git
go
gohugo
gsed
hping3
htop
jq
...

List Packages Origin

[root@freebsd13 ~]# pkg prime-origins |sort
archivers/py-borgbackup
devel/git
devel/py-pip
devel/py-poetry-core
editors/vim
emulators/open-vm-tools
ftp/wget
lang/go
lang/python310
net/fping
...

Package Cleanup

pkg autoremove

Pkg Audit

audit installed packages against known vulnerabilities

pkg audit -F

Any Comments ?

sha256: 41490d57eaf6f60005156ccf31d91c8293d7086bb6b203dc23e32d7b2c3489a6

Upgrade FreeBSD 13.0 to 13.1

should be a easy task, right ?

Patch it first

freebsd-update fetch
freebsd-update install

reboot

may not needed, but you have to boot anyway a few times …

Fetch and Upgrade to 13.1

this needs some time ! depending on your internet speed, and specially to power and filesystem performance of your machine. 20-30min for a common VM is not unreal :(

time freebsd-update upgrade -r 13.1-RELEASE
time freebsd-update install

Reboot

shutdown -r now

Finish Install

freebsd-update install

Final Reboot

shutdown -r now

Any Comments ?

sha256: f5d56eadc5e7a757d4a2af764da5a0446ebb246ce6ea630b158a53dc3a160996

Crosscompile under GoLang

Python is cool and everybody like it, but i also like the Concept of writing some Code, compile it for different Platforms and run it everywhere. Google’s Go Language got the possiblity to compile it for multiple Architectures and Operating Systems at the same time. Why not give a try … ?

Little Hello World

package main

import (
    "fmt"
    "os"
)

func main() {
    s := "world"

    if len(os.Args) > 1 {
        s = os.Args[1]
    }

    fmt.Printf("Hello, %v!", s)
    fmt.Println("")

    if s == "fail" {
        os.Exit(30)
    }
}

go.mod

module example.com/test

go 1.18

Compile and run under macOS

go build

./test
Hello, world!

CrossCompile Script

#!/usr/bin/env bash

archs=(amd64 arm64)
os=(darwin freebsd linux openbsd windows)
name="hello"

for arch in ${archs[@]}; do
  for os in ${os[@]}; do
        env GOOS=${os} GOARCH=${arch} go build -o ${name}_${os}-${arch}
  done
done

Compile it

execute it …

Misc Oneliners

Tar Folder and copy to remote Machine

tar cf - /etc/ |ssh ${remote-host} "cd /tmp/ && cat > $(hostname)-etc.tar"

Tar & GZIP Folder and copy to remote Machine

tar czf - /etc/ |ssh ${remote-host} "cd /tmp/ && cat > $(hostname)-etc.tar.gz"

Dump Certs Chain

s="google.com"; timeout 2 openssl s_client -servername ${s} -connect ${s}:443 -showcerts > /tmp/${s}.chain

selfsigned certificate for 1 year

cd /etc/ssl; openssl req -nodes -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 356

set default branch to main

git config --global init.defaultBranch main

bash - check multiple files

[ -f /etc/resolv.conf -a -f /etc/hosts ] && echo "Both files exist" || echo "One or Both Files are missing"

remove word ’nosuid’ on the line /var in /etc/fstab

sed -E -i.bak 's/(.*\/var.*)(,nosuid)(.*)/\1\3/' /etc/fstab

macos show hidden files

defaults write com.apple.finder AppleShowAllFiles -boolean true; killall Finder

or

Background

It seems as OpenBSD (and the installed Software) is useing more and more Space in the /usr Partition. For Upgrading to 7.1, at least 1.1 GB Free Space is needed. So, i’m gooing to update my Default Partitioning Proposal like this:

Example with 25 GB

root@puffy# df -h
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/sd0a      3.9G    766M    2.9G    20%    /
/dev/sd0d      1.9G   20.0K    1.8G     0%    /tmp
/dev/sd0e      5.8G   36.1M    7.3G     0%    /var
/dev/sd0f      7.8G    3.6G    3.8G    49%    /usr
/dev/sd0g      2.xG    150M    7.2G     2%    /home

which results in this:

a 4G  /
a 2G  swap
a 2G  /tmp
a 6G  /var
a 8G  /usr
a *   /home

Example with 32 GB

root@puffy# df -h
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/sd0a      3.9G    766M    2.9G    20%    /
/dev/sd0d      1.9G   20.0K    1.8G     0%    /tmp
/dev/sd0e      7.8G   36.1M    7.3G     0%    /var
/dev/sd0f      7.8G    3.6G    3.8G    49%    /usr
/dev/sd0g      7.7G    150M    7.2G     2%    /home

which results in this:

a 4G  /
a 2G  swap
a 2G  /tmp
a 8G  /var
a 8G  /usr
a *   /home

Any Comments ?

sha256: 2f78497b58d2704bc07a1d2404cefe74432d634a4d816bb58f11b5c0a359627f

Python PIP

OpenBSD 7.1

# python3 --version
Python 3.9.12

# python3 -m pip --version
pip 22.0.4 from /usr/local/lib/python3.9/site-packages/pip (python 3.9)

List installed Packages

python3 -m pip list

List outdated Packages

python3 -m pip list --outdated --format columns

Any Comments ?

sha256: 6ada0942bc4d02ee477ab233571e893547049a379479b61910541e561d2f053a

Let’s tweak a bit the settings …

settings.json

Useful Settings for VSCode … settings.json

test -d .vscode || mkdir .vscode
test -f .vscode/settings.json && mv .vscode/settings.json .vscode/settings.json-$(date +%s)
cat << 'EOF' > .vscode/settings.json
{
    "[python]": {
        "editor.defaultFormatter": "charliermarsh.ruff",
        "editor.formatOnSave": true,
        "editor.codeActionsOnSave": {
            "source.organizeImports": "explicit",
            "source.fixAll": true
        },
    },
}
EOF

pyproject.toml

[tool.ruff]
# Disable rule F401 for unused imports
ignore = ["F401"]

launch.json

test -d .vscode || mkdir .vscode
test -f .vscode/launch.json && mv .vscode/launch.json .vscode/launch.json-$(date +%s)
cat << 'EOF' > .vscode/launch.json
{
    // Use IntelliSense to learn about possible attributes.
    // Hover to view descriptions of existing attributes.
    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
    "version": "0.2.0",
    "configurations": [
        // default config to debug your current active file with python
        {
            "name": "Python: Current File",
            "type": "python",
            "request": "launch",
            "program": "${file}",
            "console": "integratedTerminal",
            "justMyCode": true
        },
        {
            "name": "Python: Test001",
            "type": "python",
            "request": "launch",
            "program": "${workspaceFolder}/project/code.py",
            "args": [
                "arg1",
                "arg2",
                "arg3"
            ],
            "console": "integratedTerminal"
        },
        {
            "name": "Python: FastAPI",
            "type": "python",
            "request": "launch",
            "module": "uvicorn",
            "args": [
                "app.main:app",
                "--reload"
            ]
        },
        {
            "name": "Python: Flask",
            "type": "python",
            "request": "launch",
            "module": "flask",
            "args": [
                "run",
                "--reload"
            ]
        }
    ]
}
EOF

.gitignore

test -f .gitignore && mv .gitignore .gitignore-$(date +%s)
cat << EOF > .gitignore
# added $(date), https://blog.stoege.net/posts/vscode/

# Files
.DS_Store
backup.*
secret
secrets

# Folders
**/.DS_Store/*
**/.history/*
**/.terraform/*
**/.venv/*
**/__pycache__/*
**/cache/*
EOF

Add Basic Packages

poetry add --group dev black pylint py-pytest

keyboards shortcuts macOS

Comment block

command + k, command + u

Uncomment block

command + k, command + u

Collapse All

command + k, command + 0

Expand All

command + k, command + j

Export Extensions

code --list-extensions |xargs -L 1 echo code --install-extension |sed "s/$/ --force/"

import Extensions on another Machine

IPv6 is fun, if you know how to handle it ! As a “sponsor LIR”, i got my own AS and a small /44 IP Space. So, as we all do “forward” DNS with our Domains, i’d like to have Reverse DNS as well. And as i don’t have a legacy IP Range, i like todo it with my v6 Space. Special thanks to Christian for his remote Hands/Tips. Appreciate it!

wrote a little Mail Adresse Validator in Python. use it, modify it, like it … best practice for python is to use a virtual env like Poetry (or virtualenv) and add the “email-validator” module like this:

poetry add email-validator

Code

few lines of code …

#!/usr/bin/env python3

from email_validator import validate_email, EmailNotValidError

ok=[]
nok=[]

emails = [
        "my+address@mydomain.tld", "hans@dampf.ch", "gott@welt.net",
        "adsf@asdf.com", "asf.asdf", "franz!mueller@abc.com", "asdf@asdf.adf"
        ]

print ("\nMy Little Mail Validator\n")

for email in emails:

    try:
        # Validate.
        valid = validate_email(email)

        # Update with the n
        email = valid.email

        # Append to List
        ok.append(email)

    except EmailNotValidError as e:

        # email is not valid, exception message is human-readable
        nok.append(str(e))


print ("*** Mail ok ***")
for item in ok:
    print("ok: ", item)

print ("\n*** Mail NOT ok ***")
for item in nok:
    print("NOK:", item,"!")

print()

Run

just run and enjoy …

How to enable Logging with Headers for Nginx

Assuming you have a running setup and you want to enable logging with headers for debug and learning purposes ?

Add Lua

doas pkg_add nginx-lua--

and you get …

doas pkg_info -L nginx-lua--
Information for inst:nginx-lua-1.20.1p0

Files:
/var/www/modules/ndk_http_module.so
/var/www/modules/ngx_http_lua_module.so

Enable Modules in /etc/nginx/nginx.conf

add two lines on Top

load_module "modules/ndk_http_module.so";
load_module "modules/ngx_http_lua_module.so";

Enhance Logging

add the following to the “http” Section

log_format log_req_resp   '$remote_addr - $remote_user [$time_local] '
                          '"$request" $status $body_bytes_sent '
                          '"$http_referer" "$http_user_agent" '
                          '$request_time req_header:"$req_header" '
                          'resp_header:"$resp_header"';

Enable Logging

add the following lines to your virtual Host Section