dave/site
1
0
Fork 0
mirror of https://github.com/davegallant/davegallant.github.io.git synced 2025-08-07 00:58:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add anchor links for subheading

Browse Source
This commit is contained in:
Dave Gallant
2022-12-11 21:53:35 -05:00
parent b008b00e0c
commit 0515adbe60
64 changed files with 584 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
public/blog/2022/03/13/backing-up-gmail-with-synology/index.html
View File

@@ -115,6 +115,8 @@ if (!doNotTrack) {
<a href='/tags/plex/' style='font-size:1em'>plex</a>
</li><li>
<a href='/tags/podman/' style='font-size:1em'>podman</a>
</li><li>
<a href='/tags/privacy/' style='font-size:1em'>privacy</a>
</li><li>
<a href='/tags/proxmox/' style='font-size:2em'>proxmox</a>
</li><li>
@@ -324,10 +326,9 @@ if (!doNotTrack) {
<div class='container entry-content'>
<p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p>
<div class='container entry-content'><p>I&rsquo;ve used gmail since the beta launched touting a whopping 1GB of storage. I thought this was a massive leap in email technology at the time. I was lucky enough to get an invite fairly quickly. Not suprisingly, I have many years of emails, attachments, and photos. I certainly do not want to lose the content of many of these emails. Despite the redundancy of the data that Google secures, I still feel better retaining a copy of this data on my own physical machines.</p>
<p>The thought of completely de-googling has crossed my mind on occassion. Convenience, coupled with my admiration for Google engineering, has prevented me from doing so thus far. Though, I may end up doing so at some point in the future.</p>
<h2 id="synology-mailplus-server">Synology MailPlus Server</h2>
<h2 id="synology-mailplus-server">Synology MailPlus Server<a href="#synology-mailplus-server" class="hanchor" ariaLabel="Anchor">#</a></h2>
<p>Synology products are reasonably priced for what you get (essentially a cloud-in-a-box) and there is very little maintenance required. I&rsquo;ve recently been in interested in syncing and snapshotting my personal data. I&rsquo;ve setup <a href="https://www.synology.com/en-ca/dsm/feature/cloud_sync">Synology&rsquo;s Cloud Sync</a> and keep copies of most of my cloud data.</p>
<p>I&rsquo;ve used tools such as <a href="http://www.gmvault.org">gmvault</a> with success in the past. Setting this up on a cron seems like a viable option. However, I don&rsquo;t really need a lot of the features it offers and do not plan to restore this data to another account.</p>
<p>Synology&rsquo;s MailPlus seems to be a good candidate for backing up this data. By enabling POP3 fetching, it&rsquo;s possible to fetch all existing emails, as well as periodically fetch all new emails. If a disaster ever did occur, having these emails would be beneficial, as they are an extension of my memory bank.</p>
@@ -340,12 +341,11 @@ if (!doNotTrack) {
<p>After this, mail started coming in.</p>
<p><img src="/images/backing-up-gmail-with-synology/mail-plus-incoming-mail.png" alt="image"></p>
<p>After fetching 19 years worth of emails, I tried searching for some emails. It only took a few seconds to search through ~50K emails, which is a relief if I ever did have to search for something important.</p>
<h2 id="securing-synology">Securing Synology</h2>
<h2 id="securing-synology">Securing Synology<a href="#securing-synology" class="hanchor" ariaLabel="Anchor">#</a></h2>
<p>Since Synology devices are not hermetically sealed, it&rsquo;s best to secure them by <a href="https://kb.synology.com/en-us/DSM/tutorial/How_to_add_extra_security_to_your_Synology_NAS#x_anchor_id8">enabling MFA</a> to help prevent being the <a href="https://www.bleepingcomputer.com/news/security/qlocker-ransomware-returns-to-target-qnap-nas-devices-worldwide/">victim of ransomware</a>. It is also wise to backup your system settings and volumes to the cloud using a tool such as <a href="https://www.synology.com/en-ca/dsm/feature/hyper_backup">Hyper Backup</a>.
Encrypting your shared volumes should also be done, since unfortunately <a href="https://community.synology.com/enu/forum/12/post/144665">DSM does not support full disk encryption</a>.</p>
<h2 id="summary">Summary</h2>
<p>Having backups of various forms of cloud data is a good investment, especially in <a href="https://en.wikipedia.org/wiki/2022_Ukraine_cyberattacks">times of war</a>. I certainly feel more at ease for having backed up my emails.</p>
</div>
<h2 id="summary">Summary<a href="#summary" class="hanchor" ariaLabel="Anchor">#</a></h2>
<p>Having backups of various forms of cloud data is a good investment, especially in <a href="https://en.wikipedia.org/wiki/2022_Ukraine_cyberattacks">times of war</a>. I certainly feel more at ease for having backed up my emails.</p></div>
<footer class='entry-footer'>

16
public/blog/2022/04/02/virtualizing-my-router-with-pfsense/index.html
View File

@@ -115,6 +115,8 @@ if (!doNotTrack) {
<a href='/tags/plex/' style='font-size:1em'>plex</a>
</li><li>
<a href='/tags/podman/' style='font-size:1em'>podman</a>
</li><li>
<a href='/tags/privacy/' style='font-size:1em'>privacy</a>
</li><li>
<a href='/tags/proxmox/' style='font-size:2em'>proxmox</a>
</li><li>
@@ -324,12 +326,11 @@ if (!doNotTrack) {
<div class='container entry-content'>
<h2 id="the-problem">The problem</h2>
<div class='container entry-content'><h2 id="the-problem">The problem<a href="#the-problem" class="hanchor" ariaLabel="Anchor">#</a></h2>
<p>My aging router has been running <a href="https://en.wikipedia.org/wiki/OpenWrt">OpenWrt</a> for years and for the most part has been quite reliable. OpenWrt is an open-source project used on embedded devices to route network traffic. It supports many different configurations and there exists a <a href="https://openwrt.org/packages/index/start">large index of packages</a>. Ever since I&rsquo;ve connected some standalone wireless access points, I&rsquo;ve had less of a need for an off-the-shelf all-in-one wireless router combo. I&rsquo;ve also recently been experiencing instability with my router (likely the result of a combination of configuration tweaking and firmware updating). OpenWrt has served me well, but it is time to move on!</p>
<h2 id="pfsense">pfSense</h2>
<h2 id="pfsense">pfSense<a href="#pfsense" class="hanchor" ariaLabel="Anchor">#</a></h2>
<p>I figured this would be a good opportunity to try <a href="https://en.wikipedia.org/wiki/PfSense">pfSense</a>. I&rsquo;ve heard nothing but positive things about pfSense and the fact it&rsquo;s been around since 2004, based on FreeBSD, and written in PHP gave me the impression that it would be relatively stable (and I&rsquo;d expect nothing less because it has an important job to do!). pfSense can be run on many different machines, and there are even some <a href="https://www.netgate.com/appliances">officially supported appliances</a>. Since I already have a machine running Proxmox, why not just run it in a VM? It&rsquo;d allow for automatic snapshotting of the machine. There is a good <a href="https://www.youtube.com/watch?v=hdoBQNI_Ab8">video</a> on this by Techno Tim. Tim has a lot of good videos, and this one is about virtualizing pfSense.</p>
<h2 id="router-on-a-stick">Router on a stick</h2>
<h2 id="router-on-a-stick">Router on a stick<a href="#router-on-a-stick" class="hanchor" ariaLabel="Anchor">#</a></h2>
<p>I had initially made the assumption that in order to build a router, you would need more than a single NIC (or a dual-port NIC) in order to support both WAN and LAN. This is simply <a href="https://en.wikipedia.org/wiki/Router_on_a_stick">not the case</a>, because VLANs are awesome! In order to create a router, all you need is a single port NIC and a network switch that supports VLANs (also marketed as a managed switch). I picked up the Netgear GS308E because it has both a sufficient amount of ports for my needs, and it supports VLANs. It also has a nice sturdy metal frame which was a pleasant surprise.</p>
<p>After setting up this Netgear switch, it shoud be possible to access the web interface at <a href="http://192.168.0.239">http://192.168.0.239</a>. It may be at a different address. To find the address, try checking your DHCP leases in your router interface (if you plugged it into an existing router). I realized I was unable to access this interface because I was on a different subnet, so I set my machine&rsquo;s address to <code>192.168.0.22</code> in order to temporarily setup this switch. I assigned a static ip address to the switch (in <code>System &gt; Switch Information</code>) so that it was in the same subnet as the rest of my network.</p>
<p>The web interface is nothing spectactular, but it allows for managing VLANs.</p>
@@ -349,7 +350,7 @@ if (!doNotTrack) {
<p>Now, go into <code>Port PVID</code> and ensure that port 8 is set to PVID 10.</p>
<p><img src="/images/virtualizing-a-router-with-pfsense/netgear-port-pvid.png" alt="vlan-port-pvid"></p>
<p>This above configuration will dedicate two of the eight ports to WAN and LAN. This will allow the internet to flow into the pfSense from the modem.</p>
<h2 id="setting-up-pfsense">Setting up pfSense</h2>
<h2 id="setting-up-pfsense">Setting up pfSense<a href="#setting-up-pfsense" class="hanchor" ariaLabel="Anchor">#</a></h2>
<p>pfSense is fairly easy to setup. Just <a href="https://www.pfsense.org/download/">download the latest ISO</a> and boot up the virtual machine.
When setting up the machine, I mostly went with all of the defaults. Configuration can be changed later in the web interface, which is quite a bit simpler.</p>
<p>Since VLANs are going to be leveraged, when you go to <code>Assign Interfaces</code>, VLANs should be setup now like the following:</p>
@@ -361,9 +362,8 @@ When setting up the machine, I mostly went with all of the defaults. Configurati
<p>If all goes well, the web interface should be running at <a href="https://192.168.1.1">https://192.168.1.1</a>.</p>
<p><img src="/images/virtualizing-a-router-with-pfsense/pfsense-dashboard.png" alt="pfsense-dashboard"></p>
<p>And this is where the fun begins. There are many tutorials and blogs about how to setup pfSense and various services and packages that can be installed. I&rsquo;ve already installed <a href="https://docs.netgate.com/pfsense/en/latest/packages/pfblocker.html">pfBlocker-NG</a>.</p>
<h2 id="summary">Summary</h2>
<p>It is fairly simple to setup a router with pfSense from within a virtual machine. A physical dedicated routing machine is not necessary and often does not perform as well as software running on faster and more reliable hardware. So far, pfSense has been running for over a week without a single hiccup. pfSense is a mature piece of software that is incredibly powerful and flexible. To avoid some of the instability I had experienced with OpenWrt, I enabled <a href="https://docs.netgate.com/pfsense/en/latest/backup/autoconfigbackup.html">AutoConfigBackup</a>, which is capable of automatically backing up configuration upon every change. I plan to explore and experiment with more services and configuration in the future, so the ability to track all of these changes gives me the peace of mind that experimentation is safe.</p>
</div>
<h2 id="summary">Summary<a href="#summary" class="hanchor" ariaLabel="Anchor">#</a></h2>
<p>It is fairly simple to setup a router with pfSense from within a virtual machine. A physical dedicated routing machine is not necessary and often does not perform as well as software running on faster and more reliable hardware. So far, pfSense has been running for over a week without a single hiccup. pfSense is a mature piece of software that is incredibly powerful and flexible. To avoid some of the instability I had experienced with OpenWrt, I enabled <a href="https://docs.netgate.com/pfsense/en/latest/backup/autoconfigbackup.html">AutoConfigBackup</a>, which is capable of automatically backing up configuration upon every change. I plan to explore and experiment with more services and configuration in the future, so the ability to track all of these changes gives me the peace of mind that experimentation is safe.</p></div>
<footer class='entry-footer'>

22
public/blog/2022/12/10/watching-youtube-in-private/index.html
View File

@@ -9,7 +9,7 @@
<meta property='og:description' content=''>
<meta property='og:url' content='/blog/2022/12/10/watching-youtube-in-private/'>
<meta property='og:site_name' content='davegallant'>
<meta property='og:type' content='article'><meta property='article:section' content='post'><meta property='article:tag' content='invidious'><meta property='article:tag' content='degoogle'><meta property='article:tag' content='youtube'><meta property='article:tag' content='yewtu.be'><meta property='article:tag' content='tailscale'><meta property='article:published_time' content='2022-12-10T21:46:55-05:00'/><meta property='article:modified_time' content='2022-12-10T21:46:55-05:00'/><meta name='twitter:card' content='summary'>
<meta property='og:type' content='article'><meta property='article:section' content='post'><meta property='article:tag' content='invidious'><meta property='article:tag' content='degoogle'><meta property='article:tag' content='youtube'><meta property='article:tag' content='yewtu.be'><meta property='article:tag' content='tailscale'><meta property='article:tag' content='privacy'><meta property='article:published_time' content='2022-12-10T21:46:55-05:00'/><meta property='article:modified_time' content='2022-12-10T21:46:55-05:00'/><meta name='twitter:card' content='summary'>
<meta name="generator" content="Hugo 0.108.0">
@@ -115,6 +115,8 @@ if (!doNotTrack) {
<a href='/tags/plex/' style='font-size:1em'>plex</a>
</li><li>
<a href='/tags/podman/' style='font-size:1em'>podman</a>
</li><li>
<a href='/tags/privacy/' style='font-size:1em'>privacy</a>
</li><li>
<a href='/tags/proxmox/' style='font-size:2em'>proxmox</a>
</li><li>
@@ -324,13 +326,12 @@ if (!doNotTrack) {
<div class='container entry-content'>
<p>I recently stumbled upon <a href="https://yewtu.be">yewtu.be</a> and found it intriguing. It not only allows for you to watch YouTube without <em>being on YouTube</em>, but it also allows you to create an account and subscribe to channels without a Google account. I wondered what sort of wizardry was going on under the hood and discovered that it&rsquo;s a hosted instance of <a href="https://invidious.io/">invidious</a>.</p>
<div class='container entry-content'><p>I recently stumbled upon <a href="https://yewtu.be">yewtu.be</a> and found it intriguing. It not only allows for you to watch YouTube without <em>being on YouTube</em>, but it also allows you to create an account and subscribe to channels without a Google account. What sort of wizardry is going on under the hood? It turns out that it&rsquo;s a hosted instance of <a href="https://invidious.io/">invidious</a>.</p>
<p><img src="/images/watching-youtube-in-private/computerphile.png" alt="requestly"></p>
<p>Wow, this is cool, and <strong>JavaScript is not required</strong>.</p>
<p>I started to use yewtu.be as my primary client for watching videos. I subscribe to about a dozen channels and I really only want to a see list of the latest videos from my subscriptions, and not have so much of my data collected and used. A few days ago, yewtu.be went down briefly, and that motivated me enough to self-host invidious.</p>
<p>There are several other hosted instances listed <a href="https://docs.invidious.io/instances/">here</a>, but being able to easily backup my own instance (along with watch history) is more compelling in my case.</p>
<h3 id="hosting-invidious">Hosting invidious</h3>
<p>I started to use <a href="https://yewtu.be">yewtu.be</a> as my primary client for watching videos. I subscribe to several YouTube channels and I prefer the interface invidiuous provides due to its simplicity. It&rsquo;s also nice to be in control of my search and watch history.</p>
<p>A few days ago, yewtu.be went down briefly, and that motivated me enough to self-host invidious. There are several other hosted instances listed <a href="https://docs.invidious.io/instances/">here</a>, but being able to easily backup my own instance (including subscriptions and watch history) is more compelling in my case.</p>
<h3 id="hosting-invidious">Hosting invidious<a href="#hosting-invidious" class="hanchor" ariaLabel="Anchor">#</a></h3>
<p>The quickest way to get invidious up is with docker-compose as mentioned in the <a href="https://docs.invidious.io/installation/">docs</a>.</p>
<p>I made a few modifications (such as pinning the container&rsquo;s tag), and ended up with:</p>
<div class="highlight"><pre tabindex="0" style="background-color:#f0f3f3;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#309;font-weight:bold">version</span>:<span style="color:#bbb"> </span><span style="color:#c30">&#34;3&#34;</span><span style="color:#bbb">
@@ -375,13 +376,12 @@ if (!doNotTrack) {
</span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#309;font-weight:bold">volumes</span>:<span style="color:#bbb">
</span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#309;font-weight:bold">postgresdata</span>:<span style="color:#bbb">
</span></span></span></code></pre></div><p>After invidious was up and running, I installed <a href="https://tailscale.com/">Tailscale</a> on it to leverage its MagicDNS, and I&rsquo;m now able to access this instance from anywhere at <a href="http://invidious:3000/feed/subscriptions">http://invidious:3000/feed/subscriptions</a>.</p>
<h3 id="redirecting-youtube-links">Redirecting YouTube links</h3>
<h3 id="redirecting-youtube-links">Redirecting YouTube links<a href="#redirecting-youtube-links" class="hanchor" ariaLabel="Anchor">#</a></h3>
<p>I figured it would be nice to redirect existing YouTube links that others send me, so that I could seamlessly watch the videos using invidious.</p>
<p>Without subjecting my entire household to this, I went looking for a way to redirect paths at the browser level. I found the lightweight proxy <a href="https://requestly.io/">requestly</a>, which can be used to modify http requests in my browser. I created the following rules:</p>
<p>I went looking for a way to redirect paths at the browser level. I found the lightweight proxy <a href="https://requestly.io/">requestly</a>, which can be used to modify http requests in my browser. I created the following rules:</p>
<p><img src="/images/watching-youtube-in-private/requestly-rules.png" alt="requestly"></p>
<p>Now the link <a href="https://www.youtube.com/watch?v=-lz30by8-sU">https://www.youtube.com/watch?v=-lz30by8-sU</a> will redirect to <a href="http://invidious:3000/watch?v=-lz30by8-sU">http://invidious:3000/watch?v=-lz30by8-sU</a></p>
<p>I&rsquo;m still looking for ways to improve this invidious setup. There doesn&rsquo;t appear to be a way to stream in 4K yet.</p>
</div>
<p>I&rsquo;m still looking for ways to improve this invidious setup. There doesn&rsquo;t appear to be a way to stream in 4K yet.</p></div>
<footer class='entry-footer'>
@@ -396,7 +396,7 @@ if (!doNotTrack) {
><path d="M20.59,13.41l-7.17,7.17a2,2,0,0,1-2.83,0L2,12V2H12l8.59,8.59A2,2,0,0,1,20.59,13.41Z" />
<line x1="7" y1="7" x2="7" y2="7" />
</svg>
<span class='screen-reader-text'>Tags: </span><a class='tag' href='/tags/invidious/'>invidious</a>, <a class='tag' href='/tags/degoogle/'>degoogle</a>, <a class='tag' href='/tags/youtube/'>youtube</a>, <a class='tag' href='/tags/yewtu.be/'>yewtu.be</a>, <a class='tag' href='/tags/tailscale/'>tailscale</a></div>
<span class='screen-reader-text'>Tags: </span><a class='tag' href='/tags/invidious/'>invidious</a>, <a class='tag' href='/tags/degoogle/'>degoogle</a>, <a class='tag' href='/tags/youtube/'>youtube</a>, <a class='tag' href='/tags/yewtu.be/'>yewtu.be</a>, <a class='tag' href='/tags/tailscale/'>tailscale</a>, <a class='tag' href='/tags/privacy/'>privacy</a></div>
</div>
</footer>