Notes

I am one of those people who function better by writing things down. One day, I realized that most of my notes don’t have to be private, so here they are - my second brain. Be warned that, if you stumble upon something here that doesn’t make sense to you, it isn’t meant to!

Vihaan's birth stories

Nurses: The first nurse at night: Frequently measured body stats such as blood sugar level, BP, temperature etc. Would count to 10 literally every time Sneha pushed. This was a pretty good idea. Patient with all our questions. We had more nurses later on, as we moved from triaging area to birthing suite to post-partum suite and their shifts changed every 12 hours. Most of them were nice but not all. Doctor: Even though they sometimes deliver 3-4 babies in a shift, I am surprised by the energy with which our doctor would encourage Sneha to push. I almost fainted when Sneha got Epidural. Apart from this, the delivery was uneventful. And, oh yeah, that Epidural was a great idea. We should have done that the moment Sneha was admitted. Sneha was pretty strong the whole time. While the nurse expected her to push 10s at a time, Sneha would often try to 1-2s more. The nurse said she’ll shake the baby right after birth to make him cry (so that he spits out fluids from his mouth). He didn’t need that - he cried the moment he came out! But not for long. The first song he listened to was Trains by Porcupine Tree.

Transmission

Setup Install: sudo apt-get install transmission-daemon. Stop the daemon before making the following changes: sudo systemctl stop transmission-daemon. Edit the /etc/transmission-daemon/settings.json file. download-dir. "rpc-whitelist-enabled": false. Set user as pi in the following files: /etc/init.d/transmission-daemon. /etc/systemd/system/multi-user.target.wants/transmission-daemon.service. Then: sudo chown -R pi:pi /etc/transmission-daemon rm .config/transmission-daemon/settings.json sudo ln -s /etc/transmission-daemon/settings.json /home/pi/.config/transmission-daemon/ sudo chown -R pi:pi /home/pi/.config/transmission-daemon/ Reload: sudo systemctl daemon-reload. Other commands To disable the daemon at the end: sudo systemctl stop transmission-daemon # Others: 'status', 'start', 'enable', 'disable'

Wireguard client

Note: The following instructions help setup a Wireguard client for a commercial VPN provider. Install Installation instructions for a Raspberry Pi. (As of today, Wireguard isn’t available in the standard distribution): Blogs: https://engineerworkshop.com/blog/how-to-set-up-wireguard-on-a-raspberry-pi/ https://www.wundertech.net/how-to-connect-a-raspberry-pi-to-a-wireguard-vpn-server/ sudo apt install raspberrypi-kernel-headers Mullvad Install configuration files: https://mullvad.net/en/help/wireguard-and-mullvad-vpn/ - it adds configurations to the /etc/wireguard directory. To add a kill-switch, edit the installer shell script before running it. Also, escape all the $ signs: $(..) -> \$(..). Check https://mullvad.net/en/check/ to ensure everything is working as expected. Kill-switch configuration PostUp = iptables -t mangle -A OUTPUT -d 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,100.64.0.0/10 -j MARK --set-mark $(wg show %i fwmark) PreDown = iptables -t mangle -D OUTPUT -d 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,100.64.0.0/10 -j MARK --set-mark $(wg show %i fwmark) PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT Note: ...

Life is too short for ...

Bad books. (Or, probably books in general, unless they are textbooks.) Not chasing your dreams, however scary, weird or hazy they may be. This one is important even if it sounds poetic or fictional. What if I took a break even if I didn’t know what dreams I’d go after during that period? Work where you don’t regularly challenge yourself. Learning random things. (Learn to build, not for the sake of learning.) Being unhealthy.

Cron

Crontab generators: https://crontab-generator.org/ https://crontab.guru/ Edit crontab file: crontab -e The following will redirect STDERR to STDOUT and the latter to the given file: */10 * * * * deploy-site-locally.sh > deploy-site-locally.out 2>&1 You can also put /dev/null to ignore all output.

Serve a static website through Nginx

The following is a bare-minimum snippet that you can put in a file in the /etc/nginx/sites-enabled directory to serve a static website over port 1313 through Nginx: server { listen 1313; root /home/ubuntu/site; location / { try_files $uri $uri/ =404; } }

Firewall on Oracle virtual machines

Oracle virtual machines, at least those running on Ubuntu, come with a restrictive firewall which doesn’t allow any incoming TCP traffic. Check before and after state using: sudo iptables -L Flush these rules: sudo iptables --flush sudo netfilter-persistent save Or, just put the following into /etc/iptables/rules.v4: # Generated by iptables-save v1.8.4 on Wed Oct 14 16:05:39 2020 *filter :INPUT ACCEPT [255:17972] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [144:19732] :InstanceServices - [0:0] COMMIT # Completed on Wed Oct 14 16:05:39 2020 Also: ...

Get IP address from CLI

curl -4 icanhazip.com

Nginx with TLS

# Install sudo apt install nginx certbot python3-certbot-nginx # Setup TLS on a new domain. Say 'yes' when it asks whether to setup automatic redirection from HTTP to HTTPS. sudo certbot --nginx -d wallabag.flister.cf # Edit configuration in /etc/nginx/sites-enabled, especially the `location` section for the relevant domain, and reload. sudo systemctl reload nginx

Matrix server

Server: An Always Free virtual machine from Oracle, running Canonical-Ubuntu-20.04-Minimal. This version of Ubuntu comes with an older and buggy version of Ansible. So, I had to install the latest one via instructions documented here. I now activate it on the server by doing: source ~/ansible/bin/activate. Free domain from: Freenom. Setup In a nutshell: sudo apt update sudo apt install git python-is-python3 cron vim git clone https://github.com/spantaleev/matrix-docker-ansible-deploy.git cd matrix-docker-ansible-deploy # Run all future commands within this directory. mkdir inventory/host_vars/matrix.flister.cf cp examples/host-vars.yml inventory/host_vars/matrix.flister.cf/vars.yml # This is 1 of the 2 configuration files. cp examples/hosts inventory/hosts # This is 2 of the 2 configuration files. # Setup everything ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start # Create a user - admin or not. ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=foo password=bar admin=yes' --tags=register-user # Test everything is working as expected. ansible-playbook -i inventory/hosts setup.yml --tags=self-check The inventory/host_vars/matrix.flister.cf/vars.yml file: ...