From bd8ac670bc8169352c17adc9e9607e3dfe196500 Mon Sep 17 00:00:00 2001 From: Vane Vander Date: Sat, 13 Nov 2021 12:58:35 -0600 Subject: [PATCH] New tutorial for Oasis --- .gitignore | 1 + .stignore | 0 feed.xml | 138 +++++++++++++++++++++---------------------- index.html | 7 ++- style.css | 4 ++ tutorials/index.html | 1 + tutorials/oasis.html | 80 +++++++++++++++++++++++++ 7 files changed, 159 insertions(+), 72 deletions(-) create mode 100644 .gitignore create mode 100644 .stignore create mode 100644 tutorials/oasis.html diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..09a7858 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*stignore* diff --git a/.stignore b/.stignore new file mode 100644 index 0000000..e69de29 diff --git a/feed.xml b/feed.xml index 24a12b8..7893453 100755 --- a/feed.xml +++ b/feed.xml @@ -2,14 +2,79 @@ MayVaneDay: Latest Updates - - + + https://mayvaneday.art/feed.xml Vane Vander vanevander@mayvaneday.art + + How to run Oasis, a Secure Scuttlebutt client, on a remote server + + https://mayvaneday.org/tutorials/oasis.html + 2021-11-13 + +

This tutorial assumes you already have a functioning Node.js and Caddy installation.

+
    +
  1. Install Oasis.
    2. +
+ git clone https://github.com/fraction/oasis.git
cd oasis
npm install +

Test the installation by running node . (yes, including the period).

+
    +
  • If the output stops after a few lines and isn't an obvious Node error, hit Control and C at the same time to exit; you're ready for the systemd file.
    • +
  • If you get an error about port 3000 already being in use, use the command node . --port PORTNUMBER instead, where PORTNUMBER is any open port you want.
    • +
+

If your instance immediately throws an error about ssb.friends.get:

+ git checkout 4e8f7426a4eb1d95f6e55cf894a3168f523f8af8
rm -rf node_modules
npm install +
    +
  1. Prepare the systemd daemon file.
    2. +
+

Edit /lib/systemd/system/oasis.service as root with your favorite text editor. Paste the following:

+ 
+					[Unit]
+					Description=Oasis client for Secure Scuttlebutt
+					After=network.target
+					
+					[Service]
+					User=YourUsername
+					Group=YourUsername
+					ExecStart=/path/to/your/node/binary . --port 8787
+					WorkingDirectory=/path/to/where/you/cloned/oasis/
+					TimeoutStopSec=5s
+					LimitNOFILE=1048576
+					PrivateTmp=true
+					ProtectSystem=full
+					
+					[Install]
+					WantedBy=multi-user.target
+
+

Replace /path/to/your/node/binary with whatever comes up when you run which node. You may need to change this if you update Node.

+
    +
  1. Edit your Caddyfile. (This will probably also require root.)
    2. +
+ 
+yourdomain.tld {
+	reverse_proxy 127.0.0.1:PORTNUMBER {
+		header_up Host 127.0.0.1
+		header_up Referer http://localhost
+	}
+	basicauth * {
+		AnyUsernameYouWant EXTREMELYLONGCADDYHASHHERE
+	}
+}
+
+

EXTREMELYLONGCADDYHASHHERE is used instead of an actual password so you don't have cleartext credentials hanging around. Generate this with caddy hash-password. Make sure you save your actual password in a password manager, as you can't reverse a hash!

+

The header_up lines are there to trick Oasis into thinking it is running on a local machine, as it (very aggressively) wants to be. Normally this would be true, as Secure Scuttlebutt is peer-to-peer and intended to be run on a personal device that may see intermittent internet connectivity. However, if you're looking at this tutorial, you probably want to host a public peer as an actually functioning alternative to a pub or room.

+
    +
  1. Get everything running.
    2. +
+ sudo systemctl daemon-reload
sudo systemctl restart caddy
sudo systemctl start oasis && sudo systemctl enable oasis + ]]> + + + Analog Hole @@ -266,74 +331,5 @@ ]]> - - - The Ridge - - https://mayvaneday.art/poetry/r/ridge.txt - 2021-08-23 - -
-It's been
-too long since I've haunted here,
-too long since the flood,
-too long since I've buried myself,
-cursing the hallowed sun.
-
-Another day,
-another pain,
-another reminder why I should restrain
-this desperate yearning to be at your side.
-I can't control myself, you insist,
-can't care for myself, can't abide
-by a single plea:
-*wait for me
-until the war is done.*
-But how can I stay inert at the sidelines?
-How can I watch, patient, as you struggle for life?
-
-I keep looking at your face.
-I keep looking into your eyes,
-into the depravity
-void of grace,
-the sweaty sleepless nights,
-the frights
-that dance between the stone space of your skull.
-
-Little said, but oft reply
-in hopes this boat crosses Imaginai,
-the fierce rivers, the gaudy veil
-that I would without a pause assail
-if it meant bringing closer by one more day
-Eris' death,
-the shatter of masks,
-our withdrawal for some time
-into this world I've somehow made
-without Seliph's curse,
-without my sacrifice.
-
-How many times have you asked
-what I would do once that day passed?
-How long 'til I set down
-this crown,
-bade job goodbye,
-convince parents and friends
-that, although I disappear,
-I'm off to a place where I'll be alright?
-Don't come looking for me,
-don't waste your "precious" fruitless time.
-Your daughter was a sinner,
-passionate, iniquitous,
-desiring, delirious, divine.
-
-It's been
-too long since I've haunted here,
-since I've had to justify
-my right
-to survive.
-
- ]]> - - diff --git a/index.html b/index.html index f1e9e42..3a2eb6c 100755 --- a/index.html +++ b/index.html @@ -9,7 +9,7 @@ - +

Welcome to MayVaneDay Studios

@@ -29,6 +29,10 @@
+
+

Stop scraping my website. You now have two options for pulling a full copy of my website: ZeroNet and Git. Both of these will auto-update and give you the actual source files, unlike a recursive wget or whatever that will mangle everything. Save yourself and me the grief and just use these instead.

+
+

Blog (RSS Feed)

Poetry

@@ -47,6 +51,7 @@ [Freenet] [Tor] [Lokinet] + [Git]
diff --git a/style.css b/style.css index 54292d8..f571a7d 100755 --- a/style.css +++ b/style.css @@ -23,6 +23,10 @@ body { margin-bottom: 10px; } +.index { + max-width: 670px; +} + a, a:visited { text-decoration: none; color: inherit; diff --git a/tutorials/index.html b/tutorials/index.html index 8f99a2c..7980cce 100755 --- a/tutorials/index.html +++ b/tutorials/index.html @@ -23,6 +23,7 @@

Root the Nook 1st Gen on Linux

+

Run Oasis, a Secure Scuttlebutt client, on a remote server

Install the Kristall browser in Haiku

Build and install LokiNet on Linux Mint 32-bit

Play music in the CLI with an equalizer

diff --git a/tutorials/oasis.html b/tutorials/oasis.html new file mode 100644 index 0000000..ecfc6ff --- /dev/null +++ b/tutorials/oasis.html @@ -0,0 +1,80 @@ + + + + + How to run Oasis, a Secure Scuttlebutt client, on a remote server - Archive - MayVaneDay Studios + + + + + +
+
+

How to run Oasis, a Secure Scuttlebutt client, on a remote server

+

published: 2021-11-13

+
+
+
+

This tutorial assumes you already have a functioning Node.js and Caddy installation.

+
    +
  1. Install Oasis.
    2. +
+ git clone https://github.com/fraction/oasis.git
cd oasis
npm install +

Test the installation by running node . (yes, including the period).

+
    +
  • If the output stops after a few lines and isn't an obvious Node error, hit Control and C at the same time to exit; you're ready for the systemd file.
    • +
  • If you get an error about port 3000 already being in use, use the command node . --port PORTNUMBER instead, where PORTNUMBER is any open port you want.
    • +
+

If your instance immediately throws an error about ssb.friends.get:

+ git checkout 4e8f7426a4eb1d95f6e55cf894a3168f523f8af8
rm -rf node_modules
npm install +
    +
  1. Prepare the systemd daemon file.
    2. +
+

Edit /lib/systemd/system/oasis.service as root with your favorite text editor. Paste the following:

+ 
+[Unit]
+Description=Oasis client for Secure Scuttlebutt
+After=network.target
+
+[Service]
+User=YourUsername
+Group=YourUsername
+ExecStart=/path/to/your/node/binary . --port 8787
+WorkingDirectory=/path/to/where/you/cloned/oasis/
+TimeoutStopSec=5s
+LimitNOFILE=1048576
+PrivateTmp=true
+ProtectSystem=full
+
+[Install]
+WantedBy=multi-user.target
+
+

Replace /path/to/your/node/binary with whatever comes up when you run which node. You may need to change this if you update Node.

+
    +
  1. Edit your Caddyfile. (This will probably also require root.)
    2. +
+ 
+yourdomain.tld {
+	reverse_proxy 127.0.0.1:PORTNUMBER {
+		header_up Host 127.0.0.1
+		header_up Referer http://localhost
+	}
+	basicauth * {
+		AnyUsernameYouWant EXTREMELYLONGCADDYHASHHERE
+	}
+}
+
+

EXTREMELYLONGCADDYHASHHERE is used instead of an actual password so you don't have cleartext credentials hanging around. Generate this with caddy hash-password. Make sure you save your actual password in a password manager, as you can't reverse a hash!

+

The header_up lines are there to trick Oasis into thinking it is running on a local machine, as it (very aggressively) wants to be. Normally this would be true, as Secure Scuttlebutt is peer-to-peer and intended to be run on a personal device that may see intermittent internet connectivity. However, if you're looking at this tutorial, you probably want to host a public peer as an actually functioning alternative to a pub or room.

+
    +
  1. Get everything running.
    2. +
+ sudo systemctl daemon-reload
sudo systemctl restart caddy
sudo systemctl start oasis && sudo systemctl enable oasis +
+
+
+

CC BY-NC-SA 4.0 © Vane Vander

+
+
+ +