dave/site
1
0
Fork 0
mirror of https://github.com/davegallant/davegallant.github.io.git synced 2025-08-05 08:13:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add AppGate SDP on Arch post (#2)

Browse Source 
* Add AppGate SDP on Arch post

Signed-off-by: Dave Gallant <davegallant@gmail.com>
This commit is contained in:
Dave Gallant
2020-03-17 10:10:30 -04:00
committed by GitHub
parent c0700ec4cf
commit 06fd288e03
9 changed files with 228 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@@ -1,3 +1,10 @@
# hugo-blog
Hugo source for davegallant.github.io.
## Deploy
```shell
./deploy.sh
```

3
config.toml
View File

@@ -4,6 +4,7 @@ title = "davegallant.github.io - tech micro-blog"
theme = "xmin"
googleAnalytics = "UA-98710982-2"
disqusShortname = "https-davegallant-github-io"
staticDir = ["static"]
ignoreFiles = ["\\.Rmd$", "\\.Rmarkdown$", "_files$", "_cache$"]
preserveTaxonomyNames = true
footnotereturnlinkcontents = "↩"
@@ -36,4 +37,4 @@ canonifyURLs = true
[params]
description = "A website built through Hugo and blogdown."
footer = "&copy; Dave Gallant 2018 | [Github](https://github.com/davegallant) | [Twitter](https://twitter.com/__dave_g__)"
footer = "&copy; Dave Gallant 2020 | [Github](https://github.com/davegallant) | [Twitter](https://twitter.com/dgallant0)"

4
content/about.md
View File

@@ -4,6 +4,6 @@ title: About
I work as a software developer in the realm of security.
I have a passion for open-source, automation, and economics.
I have a passion for open-source, automation, security, and economics.
I enjoy running, music and spending time with my family.
I enjoy running, music and spending time with my family.

159
content/post/appgate-sdp-on-arch-linux.md Normal file
View File

@@ -0,0 +1,159 @@
---
title: "AppGate SDP on Arch Linux"
date: 2020-03-16T22:00:15-04:00
draft: false
keywords: ['linux', 'vpn']
description: ""
tags: ['linux', 'vpn', 'python']
categories: ['linux']
author: "Dave Gallant"
---
AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP `4.3.2` working on Arch Linux.
<!--more-->
Depending on the AppGate SDP Server that is running, you may require a client that is more recent than the latest package on [AUR](https://aur.archlinux.org/packages/appgate-sdp/).
As of right now, the latest AUR is `4.2.2-1`.
These steps highlight how to get it working with `Python3.8` by making a 1 line modification to AppGate source code.
# Package
We already know the community package is out of date, so let's clone it:
```shell
git clone https://aur.archlinux.org/appgate-sdp.git
cd appgate-sdp
```
You'll likely notice that the version is not what we want, so let's modify the `PKGBUILD` to the following:
```shell
# Maintainer: Pawel Mosakowski <pawel at mosakowski dot net>
pkgname=appgate-sdp
conflicts=('appgate-sdp-headless')
pkgver=4.3.2
_download_pkgver=4.3
pkgrel=1
epoch=
pkgdesc="Software Defined Perimeter - GUI client"
arch=('x86_64')
url="https://www.cyxtera.com/essential-defense/appgate-sdp/support"
license=('custom')
# dependecies calculated by namcap
depends=('gconf' 'libsecret' 'gtk3' 'python' 'nss' 'libxss' 'nodejs' 'dnsmasq')
source=("https://sdpdownloads.cyxtera.com/AppGate-SDP-${_download_pkgver}/clients/${pkgname}_${pkgver}_amd64.deb"
"appgatedriver.service")
options=(staticlibs)
prepare() {
tar -xf data.tar.xz
}
package() {
cp -dpr "${srcdir}"/{etc,lib,opt,usr} "${pkgdir}"
mv -v "$pkgdir/lib/systemd/system" "$pkgdir/usr/lib/systemd/"
rm -vrf "$pkgdir/lib"
cp -v "$srcdir/appgatedriver.service" "$pkgdir/usr/lib/systemd/system/appgatedriver.service"
mkdir -vp "$pkgdir/usr/share/licenses/appgate-sdp"
cp -v "$pkgdir/usr/share/doc/appgate/copyright" "$pkgdir/usr/share/licenses/appgate-sdp"
cp -v "$pkgdir/usr/share/doc/appgate/LICENSE.github" "$pkgdir/usr/share/licenses/appgate-sdp"
cp -v "$pkgdir/usr/share/doc/appgate/LICENSES.chromium.html.bz2" "$pkgdir/usr/share/licenses/appgate-sdp"
}
md5sums=('17101aac7623c06d5fbb95f50cf3dbdc'
'002644116e20b2d79fdb36b7677ab4cf')
```
Let's first make sure we have some dependencies. If you do not have [yay](https://github.com/Jguer/yay), check it out.
```shell
yay -S dnsmasq gconf
```
Now, let's install it:
```shell
makepkg -si
```
# Run
Ok, let's run the client by executing `appgate`.
It complains about not being able to connect.
Easy fix:
```shell
sudo systemctl start appgatedriver.service
```
Now we should be connected... but DNS is not working?
# Fix DNS
Running `resolvectl` should display that something is not right.
Why is the DNS not being set by appgate?
```shell
$ head -3 /opt/appgate/linux/set_dns
#!/usr/bin/env python3
'''
This is used to set and unset the DNS.
```
It seems like python3 is required for the DNS setting to happen.
Let's try to run it.
```shell
$ sudo /opt/appgate/linux/set_dns
/opt/appgate/linux/set_dns:88: SyntaxWarning: "is" with a literal. Did you mean "=="?
servers = [( socket.AF_INET if x.version is 4 else socket.AF_INET6, map(int, x.packed)) for x in servers]
Traceback (most recent call last):
File "/opt/appgate/linux/set_dns", line 30, in <module>
import dbus
ModuleNotFoundError: No module named 'dbus'
```
Ok, let's install it:
```shell
$ sudo python3.8 -m pip install dbus-python
```
It should work now... right?
```shell
$ sudo /opt/appgate/linux/set_dns
/opt/appgate/linux/set_dns:88: SyntaxWarning: "is" with a literal. Did you mean "=="?
servers = [( socket.AF_INET if x.version is 4 else socket.AF_INET6, map(int, x.packed)) for x in servers]
module 'platform' has no attribute 'linux_distribution'
```
This is a breaking change in Python3.8.
So what is calling `platform.linux_distribution`?
Let's search for it:
```shell
$ sudo grep -r 'linux_distribution' /opt/appgate/linux/
/opt/appgate/linux/nm.py: if platform.linux_distribution()[0] != 'Fedora':
```
Aha! So this is in the local AppGate source code. This should be an easy fix. Let's just replace this line with:
```python
if True: # Since we are not using Fedora :)
```
# Conclusion
It turns out there are [breaking changes](https://docs.python.org/3.7/library/platform.html#platform.linux_distribution) in Python3.8.
The docs that say `Deprecated since version 3.5, will be removed in version 3.8: See alternative like the distro package.`
I guess this highlights one of the caveats of relying upon system python.
Enjoy.

43
content/post/first-post.md
View File

@@ -1,43 +0,0 @@
---
title: "First Post"
date: 2018-07-13T08:52:45-04:00
lastmod: 2018-07-13T08:52:45-04:00
draft: false
keywords: []
description: "introduction"
tags: ['python', 'golang', 'javascript']
categories: ['random']
author: "Dave Gallant"
# You can also close(false) or open(true) something for this content.
# P.S. comment can only be closed
comment: true
toc: false
autoCollapseToc: false
postMetaInFooter: false
hiddenFromHomePage: false
# You can also define another contentCopyright. e.g. contentCopyright: "This is another copyright."
contentCopyright: false
reward: false
mathjax: false
mathjaxEnableSingleDollar: false
mathjaxEnableAutoNumber: false
# You unlisted posts you might want not want the header or footer to show
hideHeaderAndFooter: false
# You can enable or disable out-of-date content warning for individual post.
# Comment this out to use the global config.
#enableOutdatedInfoWarning: false
flowchartDiagrams:
enable: false
options: ""
sequenceDiagrams:
enable: false
options: ""
---
Hello. My plan is to pour useful code snippets, tips and tricks into these pages. I have a fond interest in programming (especially with Python, TypeScript and Golang). Hopefully something within these pages will help you out in your journey.

82
content/post/why-python.md
View File

@@ -1,82 +0,0 @@
---
title: "Why Learn Python?"
date: 2018-07-18T20:48:15-04:00
draft: false
keywords: ['python', 'pip', 'pypi']
description: ""
tags: ['python', 'pip']
categories: ['python']
author: "Dave Gallant"
---
Python is a high-level, general-purpose language that has a wide range of use cases from the mundanely simple to the increasingly complex.
<!--more-->
- Glue script?
- Web crawling?
- Web server?
- Testing?
- Micro-service?
- Network automation?
- Data Science?
- Machine Learning?
Python is likely a quick way to get any of these tasks done.
Including the abundant number of packages that can be found on [Python Package Index](https://pypi.org/), there is likely a package that can help you.
Do you want to download a webpage?
{{< highlight bash >}}
pip install requests
{{< /highlight >}}
and then invoke the [Python interpreter](https://docs.python.org/3/tutorial/interpreter.html):
{{< highlight python >}}
Python 3.7.0 (default, Jun 29 2018, 21:56:58)
[GCC 7.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import requests
>>> requests.get('https://www.theregister.co.uk/').text
{{< /highlight >}}
After that, there is any number of things that can be done with the results.
As you can probably note, the syntax is simple and clean, which makes returning to your code months later less of a jarring experience.
## Popularity
According to [Stack Overflow Stats](https://insights.stackoverflow.com/survey/2018/), Python has surpassed C# and PHP in popularity and is the 3rd most loved language, after Rust and Kotlin. Interestingly, it is "the most wanted language" for the second year in a row.
## Drawbacks
Is Python the magical solution to all the world's problems? No.
Python is not very suitable for much of the following:
- Static typing
- Performance-critical application (i.e. graphically-intense video game)
- Mobile app development
- Front-end web development
## Conclusion
So should you learn it? or stick with shell scripting?
Because of Python's simple syntax, dynamic typing and abundant Package Index, it makes the language a great asset to have in your toolchain.
And it hasn't hurt that giants like Google, Facebook and Microsoft have invested heavily in Python.
## Resources
This list includes some truly remarkable resources for improving your Python:
- https://www.realpython.com
- https://pythonbytes.fm/ (podcast)
- https://talkpython.fm/ (podcast)
- https://awesome-python.com/

2
public

Submodule public updated: ca3ee9345b...adb9c9cce0

56
static/keybase.txt Normal file
View File

@@ -0,0 +1,56 @@
==================================================================
https://keybase.io/dgallant
--------------------------------------------------------------------
I hereby claim:
* I am an admin of https://davegallant.github.io
* I am dgallant (https://keybase.io/dgallant) on keybase.
* I have a public key ASDIaXVCZNVLcI2nLjiVywkkpRY2wzTUb1nMiDsbGz1mFwo
To do so, I am signing this object:
{
"body": {
"key": {
"eldest_kid": "0120132311ef8d70a8f35f284eb17a45cbcdf653ce040064dfd4a336d48e2dd3c5ee0a",
"host": "keybase.io",
"kid": "0120c869754264d54b708da72e3895cb0924a51636c334d46f59cc883b1b1b3d66170a",
"uid": "117fb0e36a0168fe7c1cb75c32fa1119",
"username": "dgallant"
},
"merkle_root": {
"ctime": 1584423716,
"hash": "a447336f6b4b3fdc7acd69bfb67724ba417d355c35dff289f0b71edd9a61eb0abca168842e35d030a7f72684961e284ff3e72169cccc822f123124ab1f28bae8",
"hash_meta": "877e40ccac9c0bb3897269f3e270219cfc3b8f51b218249053cb9cef216394c6",
"seqno": 15418771
},
"service": {
"entropy": "GF5GAzsSwbL3MwyHTrWacqXg",
"hostname": "davegallant.github.io",
"protocol": "https:"
},
"type": "web_service_binding",
"version": 2
},
"client": {
"name": "keybase.io go client",
"version": "5.3.0"
},
"ctime": 1584424574,
"expire_in": 504576000,
"prev": "09dc7ed70fa820ed3f8bcfaef95804ab477cc82a1f1de366e38e59ef611631b1",
"seqno": 51,
"tag": "signature"
}
which yields the signature:
hKRib2R5hqhkZXRhY2hlZMOpaGFzaF90eXBlCqNrZXnEIwEgyGl1QmTVS3CNpy44lcsJJKUWNsM01G9ZzIg7Gxs9ZhcKp3BheWxvYWTESpcCM8QgCdx+1w+oIO0/i8+u+VgEq0d8yCofHeNm445Z72EWMbHEIATfVmncQJ7AOYvyF/Cmi0WNPdLXRg0owqqF/mgfpwa7AgHCo3NpZ8RASN9ahvUTPy4rvmYlLIwDzyu0fmUiNktCIi2VHDNQfLzzAKCPd6uh54dvGMtoB2JG4DZsRQN56PWx/auuGr5JC6hzaWdfdHlwZSCkaGFzaIKkdHlwZQildmFsdWXEIEaFPIAAHow3jTSI4d1GnlmNomNiJPYzYNDjpGd5QMfDo3RhZ80CAqd2ZXJzaW9uAQ==
And finally, I am proving ownership of this host by posting or
appending to this document.
View my publicly-auditable identity here: https://keybase.io/dgallant
==================================================================

2
themes/xmin/layouts/_default/single.html
View File

@@ -2,7 +2,7 @@
<div class="article-meta">
<h1><span class="title">{{ .Title }}</span></h1>
{{ with .Params.author }}<h2 class="author">{{ . }}{{ end }}
({{ if (gt .Params.date 0) }}{{ .Date.Format "2006/01/02" }})</h2>{{ end }}
{{ if (gt .Params.date 0) }}{{ .Date.Format "2006/01/02" }}</h2>{{ end }}
</div>
<main>