Category: Uncategorized

Or at least your own personal websites. Let’s encrypt is, according to their website,  “a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG).”

In summary, they provide valid and trusted SSL certificate for commoners like you and me for free! Great stuff, no need for using self-signed certificates! First you need to obtain their client certbot. They provide a plugin to work directly with nginx, but I didn’t have much luck with it (it is worth mentioning that it is still in experimental phase). Here, I’ll show how to manually create your certificates and add them to nginx.

As root, do:

# certbot certonly --manual

Then enter your domain (or subdomain). And it’ll give you something like:

mkdir -p /tmp/certbot/public_html/.well-known/acme-challenge
cd /tmp/certbot/public_html
printf "%s" SOMETEXTANDNUMBERS > .well-known/acme-challenge/SOMETEXTANDNUMBERS
# run only once per server:
$(command -v python2 || command -v python2.7 || command -v python2.6) -c \
"import BaseHTTPServer, SimpleHTTPServer; \
s = BaseHTTPServer.HTTPServer(('', 80), SimpleHTTPServer.SimpleHTTPRequestHandler); \
s.serve_forever()"

Make sure varnish/nginx are not running, copy the code and run it (as root), then press enter. If you encounter errors, you might need to install the python packages for BaseHTTPServer and SimpleHTTPServer. Once you do that, the certificates will be stored at /etc/letsencrypt/live/yourdomain/fullchain.pem and the key to /etc/letsencrypt/live/yourdomain/privkey.pem, where “yourdomain” is the domain you sent to the script.

Last step is to add these lines to your nginx configuration:

server{
(...)
ssl_certificate /etc/letsencrypt/live/yourdomain/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain/privkey.pem;
(...)
}

You should be ready to run nginx/varnish now. The certificates are valid for 3 months, to renew them, simply follow the same instructions again. (;

That should be all! Good luck.

I often find myself in need to access papers, files and other things that I only have access from within the university network. A neat way to get access is by using OpenSSH as proxy server (I’ve tried unsuccessfully to configure the university’s VPN, but to no avail…). The steps are simple, first run:

ssh -NCD 9999 uname@university.edu

• -N: prevents an interactive shell from being opened, not strictly necessary
• -C: enables gzip compression, not sure if it actually improves performance (given the extra CPU overhead), but the overall result was satisfactory, so I left it on.
• -D [port]: enables local dynamic port forwarding to localhost:9999

Now it’s time to configure your browser. On Firefox, the proxy settings are found at Preferences -> Advanced -> Network -> Settings (although there are add-ons that allow quick switch from different proxy servers). Enable “Manual Proxy” and set localhost as your host and 9999 as your port. You should be now done.

I’ve never found the Caps Lock key very useful. Besides never using it, it takes a very large space in a particularly easy-to-reach region of the keyboard (next to my left pinky). It seems like Google shares my opinion. Ever since I’ve gotten my Acer C720, I’ve noticed how useful would be to have the Super key (aka Windows key) more easily accessible to my fingers.

Then I decided to map the Caps Lock key as a Super key. It didn’t take long for me to find that this mapping is so common that a single short command can be used to do it:

setxkbmap -option caps:super

There, easy enough. But there are other ways to do this. The one I ended up using is to use dconf-editor to set this modifier as default in GNOME. The key name is org.gnome.desktop.input-sources.xkb-options. Just add [‘caps:super’] and you’ll be set.

Or rather, that’s what Google wants you to think. Since the end of last year, I’ve been thinking about getting a Chromebook (specifically an Acer C720). It’s a small (11 Inches) laptop, Haswell-ish celeron processor, 2GB RAM, Wi-Fi, Webcam etc. To be fully honest, at first sight, there’s nothing too exciting about this laptop. What really sold it to me was the price tag (pun intended). 199USD! Or 179USD for the refurb version, which I got. This is a laptop I would not be afraid of voiding the warranty.

My previous setup was a Macbook Pro 13.3″ (Early 2012, a.k.a. 8.1), I had made a few modifications on it, which included replacing the DVD drive by a SSD, upgrading the RAM to 8GB and adding some stickers (GPLv3, GNU and an inverted Debian logo over the Apple). Apart from a few annoyances I had with it initially (b43 didn’t support the WiFi card very well, AHCI didn’t work on BIOS mode), I must say I really liked it. My main problem with it was the price. I didn’t actually buy it, I received it as a gift. Which made it all more complicated. I felt like I was carrying a small fortune everytime I was with it. I felt uncomfortable bringing it to school or anywhere outside my apartment. If a mobile computer is not mobile, what is the point?

With these two facts in mind, I went ahead and bought the C720. I must say, I’m not disappointed. The C720 is a great little machine. The CPU + GPU chip is pretty powerful, the SSD is blazing fast (but originally pretty small), the battery life is superb (I get 8~10 hours), the touchpad is quite efficient (not as good as the MBP’s, but good none the less), the keyboard is soft and sensitive and it’s very light.

Of course, not everything is perfect. The camera and screen are both just “okay”, not bad, but not great either. The 2GB of RAM are sufficient, but barely. If I could go back, I would’ve bought a 4GB RAM version (they were misteriously taken out of the market a month or so after launch). Having said that, I can still run an entire GNOME3 session with no major problems, except for opening a large number of tabs in the browser.

With the sale of my trusty MBP, I was able to also buy a desktop computer for the heavier computation and gaming sessions. I’m not much of a gamer, but I like to play once in a while. The game I play the most is StarCraft II, but I’ve have a few games on Steam that I enjoy sporadically.

The point of this post is just to tell people about my experience with the C720 Chromebook Laptop, which serves me better as a mobile computer in comparison with my previous setup. I don’t believe this is a perfect solution to everyone, but the Desktop+Laptop duo is working well for me. In the next posts, I might explain how I installed Arch in it.

Hi,

welcome to my blog. I hope you find something interesting here. (;