From 06fd288e033245de3292507bcef261d5dd235ca3 Mon Sep 17 00:00:00 2001 From: Dave Gallant Date: Tue, 17 Mar 2020 10:10:30 -0400 Subject: [PATCH] Add AppGate SDP on Arch post (#2) * Add AppGate SDP on Arch post Signed-off-by: Dave Gallant --- README.md | 7 + config.toml | 3 +- content/about.md | 4 +- content/post/appgate-sdp-on-arch-linux.md | 159 ++++++++++++++++++++++ content/post/first-post.md | 43 ------ content/post/why-python.md | 82 ----------- public | 2 +- static/keybase.txt | 56 ++++++++ themes/xmin/layouts/_default/single.html | 2 +- 9 files changed, 228 insertions(+), 130 deletions(-) create mode 100644 content/post/appgate-sdp-on-arch-linux.md delete mode 100644 content/post/first-post.md delete mode 100644 content/post/why-python.md create mode 100644 static/keybase.txt diff --git a/README.md b/README.md index a7fb4fed..c1e3c0aa 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,10 @@ # hugo-blog Hugo source for davegallant.github.io. + + +## Deploy + +```shell +./deploy.sh +``` diff --git a/config.toml b/config.toml index 4a7dfe5d..674b51b9 100644 --- a/config.toml +++ b/config.toml @@ -4,6 +4,7 @@ title = "davegallant.github.io - tech micro-blog" theme = "xmin" googleAnalytics = "UA-98710982-2" disqusShortname = "https-davegallant-github-io" +staticDir = ["static"] ignoreFiles = ["\\.Rmd$", "\\.Rmarkdown$", "_files$", "_cache$"] preserveTaxonomyNames = true footnotereturnlinkcontents = "↩" @@ -36,4 +37,4 @@ canonifyURLs = true [params] description = "A website built through Hugo and blogdown." - footer = "© Dave Gallant 2018 | [Github](https://github.com/davegallant) | [Twitter](https://twitter.com/__dave_g__)" \ No newline at end of file + footer = "© Dave Gallant 2020 | [Github](https://github.com/davegallant) | [Twitter](https://twitter.com/dgallant0)" diff --git a/content/about.md b/content/about.md index 4d1efc62..db6f567a 100644 --- a/content/about.md +++ b/content/about.md @@ -4,6 +4,6 @@ title: About I work as a software developer in the realm of security. -I have a passion for open-source, automation, and economics. +I have a passion for open-source, automation, security, and economics. -I enjoy running, music and spending time with my family. \ No newline at end of file +I enjoy running, music and spending time with my family. diff --git a/content/post/appgate-sdp-on-arch-linux.md b/content/post/appgate-sdp-on-arch-linux.md new file mode 100644 index 00000000..38dd06e3 --- /dev/null +++ b/content/post/appgate-sdp-on-arch-linux.md @@ -0,0 +1,159 @@ +--- +title: "AppGate SDP on Arch Linux" +date: 2020-03-16T22:00:15-04:00 +draft: false +keywords: ['linux', 'vpn'] +description: "" +tags: ['linux', 'vpn', 'python'] +categories: ['linux'] +author: "Dave Gallant" +--- + +AppGate SDP provides a Zero Trust network. This post describes how to get AppGate SDP `4.3.2` working on Arch Linux. + + +Depending on the AppGate SDP Server that is running, you may require a client that is more recent than the latest package on [AUR](https://aur.archlinux.org/packages/appgate-sdp/). +As of right now, the latest AUR is `4.2.2-1`. + +These steps highlight how to get it working with `Python3.8` by making a 1 line modification to AppGate source code. + +# Package + +We already know the community package is out of date, so let's clone it: + +```shell +git clone https://aur.archlinux.org/appgate-sdp.git +cd appgate-sdp +``` + +You'll likely notice that the version is not what we want, so let's modify the `PKGBUILD` to the following: + +```shell +# Maintainer: Pawel Mosakowski +pkgname=appgate-sdp +conflicts=('appgate-sdp-headless') +pkgver=4.3.2 +_download_pkgver=4.3 +pkgrel=1 +epoch= +pkgdesc="Software Defined Perimeter - GUI client" +arch=('x86_64') +url="https://www.cyxtera.com/essential-defense/appgate-sdp/support" +license=('custom') +# dependecies calculated by namcap +depends=('gconf' 'libsecret' 'gtk3' 'python' 'nss' 'libxss' 'nodejs' 'dnsmasq') +source=("https://sdpdownloads.cyxtera.com/AppGate-SDP-${_download_pkgver}/clients/${pkgname}_${pkgver}_amd64.deb" + "appgatedriver.service") +options=(staticlibs) +prepare() { + tar -xf data.tar.xz +} +package() { + cp -dpr "${srcdir}"/{etc,lib,opt,usr} "${pkgdir}" + mv -v "$pkgdir/lib/systemd/system" "$pkgdir/usr/lib/systemd/" + rm -vrf "$pkgdir/lib" + cp -v "$srcdir/appgatedriver.service" "$pkgdir/usr/lib/systemd/system/appgatedriver.service" + mkdir -vp "$pkgdir/usr/share/licenses/appgate-sdp" + cp -v "$pkgdir/usr/share/doc/appgate/copyright" "$pkgdir/usr/share/licenses/appgate-sdp" + cp -v "$pkgdir/usr/share/doc/appgate/LICENSE.github" "$pkgdir/usr/share/licenses/appgate-sdp" + cp -v "$pkgdir/usr/share/doc/appgate/LICENSES.chromium.html.bz2" "$pkgdir/usr/share/licenses/appgate-sdp" +} +md5sums=('17101aac7623c06d5fbb95f50cf3dbdc' + '002644116e20b2d79fdb36b7677ab4cf') + +``` + +Let's first make sure we have some dependencies. If you do not have [yay](https://github.com/Jguer/yay), check it out. + +```shell +yay -S dnsmasq gconf +``` + +Now, let's install it: + +```shell +makepkg -si +``` + +# Run + +Ok, let's run the client by executing `appgate`. + +It complains about not being able to connect. + +Easy fix: + +```shell +sudo systemctl start appgatedriver.service +``` + +Now we should be connected... but DNS is not working? + +# Fix DNS + +Running `resolvectl` should display that something is not right. + +Why is the DNS not being set by appgate? + +```shell +$ head -3 /opt/appgate/linux/set_dns +#!/usr/bin/env python3 +''' +This is used to set and unset the DNS. +``` + +It seems like python3 is required for the DNS setting to happen. +Let's try to run it. + +```shell +$ sudo /opt/appgate/linux/set_dns +/opt/appgate/linux/set_dns:88: SyntaxWarning: "is" with a literal. Did you mean "=="? + servers = [( socket.AF_INET if x.version is 4 else socket.AF_INET6, map(int, x.packed)) for x in servers] +Traceback (most recent call last): + File "/opt/appgate/linux/set_dns", line 30, in + import dbus +ModuleNotFoundError: No module named 'dbus' +``` + +Ok, let's install it: + +```shell +$ sudo python3.8 -m pip install dbus-python +``` + +It should work now... right? + +```shell +$ sudo /opt/appgate/linux/set_dns +/opt/appgate/linux/set_dns:88: SyntaxWarning: "is" with a literal. Did you mean "=="? + servers = [( socket.AF_INET if x.version is 4 else socket.AF_INET6, map(int, x.packed)) for x in servers] +module 'platform' has no attribute 'linux_distribution' +``` + +This is a breaking change in Python3.8. + +So what is calling `platform.linux_distribution`? + +Let's search for it: + +```shell +$ sudo grep -r 'linux_distribution' /opt/appgate/linux/ +/opt/appgate/linux/nm.py: if platform.linux_distribution()[0] != 'Fedora': +``` + +Aha! So this is in the local AppGate source code. This should be an easy fix. Let's just replace this line with: + +```python +if True: # Since we are not using Fedora :) +``` + +# Conclusion + +It turns out there are [breaking changes](https://docs.python.org/3.7/library/platform.html#platform.linux_distribution) in Python3.8. + +The docs that say `Deprecated since version 3.5, will be removed in version 3.8: See alternative like the distro package.` + +I guess this highlights one of the caveats of relying upon system python. + +Enjoy. + diff --git a/content/post/first-post.md b/content/post/first-post.md deleted file mode 100644 index cf26c0ef..00000000 --- a/content/post/first-post.md +++ /dev/null @@ -1,43 +0,0 @@ ---- -title: "First Post" -date: 2018-07-13T08:52:45-04:00 -lastmod: 2018-07-13T08:52:45-04:00 -draft: false -keywords: [] -description: "introduction" -tags: ['python', 'golang', 'javascript'] -categories: ['random'] -author: "Dave Gallant" - -# You can also close(false) or open(true) something for this content. -# P.S. comment can only be closed -comment: true -toc: false -autoCollapseToc: false -postMetaInFooter: false -hiddenFromHomePage: false -# You can also define another contentCopyright. e.g. contentCopyright: "This is another copyright." -contentCopyright: false -reward: false -mathjax: false -mathjaxEnableSingleDollar: false -mathjaxEnableAutoNumber: false - -# You unlisted posts you might want not want the header or footer to show -hideHeaderAndFooter: false - -# You can enable or disable out-of-date content warning for individual post. -# Comment this out to use the global config. -#enableOutdatedInfoWarning: false - -flowchartDiagrams: - enable: false - options: "" - -sequenceDiagrams: - enable: false - options: "" - ---- - -Hello. My plan is to pour useful code snippets, tips and tricks into these pages. I have a fond interest in programming (especially with Python, TypeScript and Golang). Hopefully something within these pages will help you out in your journey. diff --git a/content/post/why-python.md b/content/post/why-python.md deleted file mode 100644 index b573c2c4..00000000 --- a/content/post/why-python.md +++ /dev/null @@ -1,82 +0,0 @@ ---- -title: "Why Learn Python?" -date: 2018-07-18T20:48:15-04:00 -draft: false -keywords: ['python', 'pip', 'pypi'] -description: "" -tags: ['python', 'pip'] -categories: ['python'] -author: "Dave Gallant" ---- - -Python is a high-level, general-purpose language that has a wide range of use cases from the mundanely simple to the increasingly complex. - - - -- Glue script? -- Web crawling? -- Web server? -- Testing? -- Micro-service? -- Network automation? -- Data Science? -- Machine Learning? - -Python is likely a quick way to get any of these tasks done. - -Including the abundant number of packages that can be found on [Python Package Index](https://pypi.org/), there is likely a package that can help you. - -Do you want to download a webpage? - -{{< highlight bash >}} -pip install requests -{{< /highlight >}} - -and then invoke the [Python interpreter](https://docs.python.org/3/tutorial/interpreter.html): - -{{< highlight python >}} -Python 3.7.0 (default, Jun 29 2018, 21:56:58) -[GCC 7.3.0] on linux -Type "help", "copyright", "credits" or "license" for more information. ->>> import requests ->>> requests.get('https://www.theregister.co.uk/').text -{{< /highlight >}} - -After that, there is any number of things that can be done with the results. - -As you can probably note, the syntax is simple and clean, which makes returning to your code months later less of a jarring experience. - -## Popularity - -According to [Stack Overflow Stats](https://insights.stackoverflow.com/survey/2018/), Python has surpassed C# and PHP in popularity and is the 3rd most loved language, after Rust and Kotlin. Interestingly, it is "the most wanted language" for the second year in a row. - -## Drawbacks - -Is Python the magical solution to all the world's problems? No. - -Python is not very suitable for much of the following: - -- Static typing -- Performance-critical application (i.e. graphically-intense video game) -- Mobile app development -- Front-end web development - -## Conclusion - -So should you learn it? or stick with shell scripting? - -Because of Python's simple syntax, dynamic typing and abundant Package Index, it makes the language a great asset to have in your toolchain. - -And it hasn't hurt that giants like Google, Facebook and Microsoft have invested heavily in Python. - -## Resources - -This list includes some truly remarkable resources for improving your Python: - -- https://www.realpython.com - -- https://pythonbytes.fm/ (podcast) - -- https://talkpython.fm/ (podcast) - -- https://awesome-python.com/ diff --git a/public b/public index ca3ee934..adb9c9cc 160000 --- a/public +++ b/public @@ -1 +1 @@ -Subproject commit ca3ee9345bda2cb58639a30cd2d9f0f248da4f99 +Subproject commit adb9c9cce01b9e557778f3518ae80d1d28a63a15 diff --git a/static/keybase.txt b/static/keybase.txt new file mode 100644 index 00000000..9ae498da --- /dev/null +++ b/static/keybase.txt @@ -0,0 +1,56 @@ +================================================================== +https://keybase.io/dgallant +-------------------------------------------------------------------- + +I hereby claim: + + * I am an admin of https://davegallant.github.io + * I am dgallant (https://keybase.io/dgallant) on keybase. + * I have a public key ASDIaXVCZNVLcI2nLjiVywkkpRY2wzTUb1nMiDsbGz1mFwo + +To do so, I am signing this object: + +{ + "body": { + "key": { + "eldest_kid": "0120132311ef8d70a8f35f284eb17a45cbcdf653ce040064dfd4a336d48e2dd3c5ee0a", + "host": "keybase.io", + "kid": "0120c869754264d54b708da72e3895cb0924a51636c334d46f59cc883b1b1b3d66170a", + "uid": "117fb0e36a0168fe7c1cb75c32fa1119", + "username": "dgallant" + }, + "merkle_root": { + "ctime": 1584423716, + "hash": "a447336f6b4b3fdc7acd69bfb67724ba417d355c35dff289f0b71edd9a61eb0abca168842e35d030a7f72684961e284ff3e72169cccc822f123124ab1f28bae8", + "hash_meta": "877e40ccac9c0bb3897269f3e270219cfc3b8f51b218249053cb9cef216394c6", + "seqno": 15418771 + }, + "service": { + "entropy": "GF5GAzsSwbL3MwyHTrWacqXg", + "hostname": "davegallant.github.io", + "protocol": "https:" + }, + "type": "web_service_binding", + "version": 2 + }, + "client": { + "name": "keybase.io go client", + "version": "5.3.0" + }, + "ctime": 1584424574, + "expire_in": 504576000, + "prev": "09dc7ed70fa820ed3f8bcfaef95804ab477cc82a1f1de366e38e59ef611631b1", + "seqno": 51, + "tag": "signature" +} + +which yields the signature: + +hKRib2R5hqhkZXRhY2hlZMOpaGFzaF90eXBlCqNrZXnEIwEgyGl1QmTVS3CNpy44lcsJJKUWNsM01G9ZzIg7Gxs9ZhcKp3BheWxvYWTESpcCM8QgCdx+1w+oIO0/i8+u+VgEq0d8yCofHeNm445Z72EWMbHEIATfVmncQJ7AOYvyF/Cmi0WNPdLXRg0owqqF/mgfpwa7AgHCo3NpZ8RASN9ahvUTPy4rvmYlLIwDzyu0fmUiNktCIi2VHDNQfLzzAKCPd6uh54dvGMtoB2JG4DZsRQN56PWx/auuGr5JC6hzaWdfdHlwZSCkaGFzaIKkdHlwZQildmFsdWXEIEaFPIAAHow3jTSI4d1GnlmNomNiJPYzYNDjpGd5QMfDo3RhZ80CAqd2ZXJzaW9uAQ== + +And finally, I am proving ownership of this host by posting or +appending to this document. + +View my publicly-auditable identity here: https://keybase.io/dgallant + +================================================================== diff --git a/themes/xmin/layouts/_default/single.html b/themes/xmin/layouts/_default/single.html index ff2f22da..8a6f6028 100644 --- a/themes/xmin/layouts/_default/single.html +++ b/themes/xmin/layouts/_default/single.html @@ -2,7 +2,7 @@

{{ .Title }}

{{ with .Params.author }}

{{ . }}{{ end }} - ({{ if (gt .Params.date 0) }}{{ .Date.Format "2006/01/02" }})

{{ end }} + {{ if (gt .Params.date 0) }}{{ .Date.Format "2006/01/02" }}{{ end }}