There are at least 2 Chris Koehnkes. I was friends with one on Facebook, back when I used it. But this page belongs to this particular Chris Koehnke.
This is not a blog, it is a blob! The whole site is a single page.
Howdy! This is the personal site of Chris Koehnke. This is the World's Premier Online Authority of my ever growing thoughts and opinions at whatever time they were written, usually in a stream of consciousness fashion, with frequent tangents, and possibly under the effect of a beer or two. A site unafraid to eschew so-called "modern web" "best" practices, unafraid to "excessively" "use" "quotes", and to sometimes attempt humor or sarcasm, here in the safe space of pixels blasting light into your eyeballs. Welcome friend, or foe even, honestly if you're here you probably know me, hopefully there is something useful or vaguely entertaining here, if you're bored go to tiktok or something what do you want from me ๐คท. For the love of god (Garl Glittergold) do not actually use tiktok.
I can be reached by email at chris AT chriskoehnke DOT com. I have an open inbox, go ahead and send me an email on anything, ask my opinion on something and I'll probably add it to this site. Or if you find a broken link, like I heard Steve did through a secondhand account, this could have been first hand, by email! Steve c'mon now. By the way email rocks.
This site is available as a git repository. This will maintain a history of the site over time and for people who want to view it offline.
chris1988.com redirects to this page, it is easier to tell people in person or over the phone without having to spell my last name correctly ๐.
Professional computering person from 2007-2022 (currently on a hiatus from professional work, but definitely still tinkering with my personal machines and projects), bassist since like 2002, tinkering with computers since I don't know when. Enjoyer of music, beer, and humor jokes. I used to be cool and did things like solve Rubik's Cubes and be in a rock band, and I'm still cool now![Citation needed] (TODO: solve rubik's cube again, fast)
Proud bronze level sponser of the unicode codepoint U+1F954, the potato emoji ๐ฅ (Adopted characters: search for Koehnke, tweet from @unicode).
I've played music with my friends Gabe and Keith for quite a while now, starting back in high school. We've created a band called Wet Illuminatus, check it out at wet-illuminatus.com.
I modified a "badassity tracker" spreadsheet (pdf, office document) that came from this Mr. Money Mustache blog post to help myself and others have an easily printable, black and white, version with extra rows to write in other goals. The source "code" of the documents is here.
Inspired by this Your Life in Weeks blog post I've made a one-page version of the life calendar described there: PDF, source. There's nothing quite like a compact visualization of your life ticking away, hopefully motivating you to figure out things you want to do and doing them!
Downloads Page is a small set of scripts to generate a download page from files in directories and an RSS feed with added and removed items over time. Handy for sharing files that you are hosting from home.
White Noise Sounds is a collection of loopable white noise files, helpful to play from your phone to sleep and drown out background noise.
Simplicity is fine. Actually it is the best. Focus on content, not fluffy presentation. This is taken to the extreme with the gemini protocol, check it out. Making my own little place on the web with extreme simplicity is therapeutic for me after having dealt with ludicrously bloated software and frameworks in my software career and general browsing of the web these days.
Some minimal website lists (which this page is included on ๐):
More ruthlessly spartan websites that come to mind:
Sites which are inspired by this site ๐:
This site's dark theme colors are based on the base16 3024 color scheme (apparently unclaimed, but I've used it for a long time in vim, tmux, etc.).
Fearlessly long web pages. Info on wikipedia, snapshot from archive.org. I don't remember when I first saw this page, but when making my own site from scratch I suddenly remembered this site and its incredibly long pages. The content and format is not something to aspire to for sure, the author was definitely insane, but when I came across it many years ago it was at least amusing. With the advancements in networking and browsers I am interested to see how far a single page can be pushed. Right now (as of 2023-12-21) this page is 65 KB over the wire (including my gratitious 27 KB picture), this is 10 times less than loading google.com, so I think I am safe for a good long while to add content to a single page (likely beyond 10 times the amount of text content, because of how compression works). I hope with my ๐ table of contents approach it'll be easy to navigate around a single large page with unnaturally fast speed โก.
This site is also an exercise in how far you can go with HTML only, minimal CSS, and definitely no javascript. Take a look view-source:http://chriskoehnke.com
, sorry you'll have to copy and paste the text, or forcibly open the link in a new tab, you used to be able to actually link to a sites source code directly, but that feature has been removed, god forbid we easily let people look at how things are working ๐คฆ. Alternatively view the content source and styles in the git repository viewer.
In some ways the web is smaller than it used to be, there are a handful of sites that have gotten a very large number of users and people only end up thinking of the web as being those few websites. More people should make their own homegrown sites and escape the mega sites. Neocities looks like a good place to easily set up your own site.
This section holds things I find interesting and my own ramblings around philosophy. I reject any claim that I am a cult leader until it can be properly monetized.
From Discordianism, as found in the Principia Discordia:
ALL THINGS HAPPEN IN FIVES, OR ARE DIVISIBLE BY OR ARE MULTIPLES OF FIVE, OR ARE SOMEHOW DIRECTLY OR INDIRECTLY APPROPRIATE TO 5.
The Law of Fives is never wrong.
To spoil the fun of having to think about it, this is about how the human mind is great at finding patterns. If you look for a pattern hard enough, you will always find it. All perceived order in the world and even all concepts only exist in the human mind, separately from reality. Also see Starbuck's Pebbles.
--twitch-proxy-playlist=https://as.luminous.dev
, which is powered by luminous-ttv)Popular websites these days are frequently enormously bloated, privacy infringing (literally auctioning off ads directed to you based on the model ad companies have created for you within milliseconds when you visit a page), and seeking to control your behavior (for example youtube wants you to keep watching videos on their site, so will recommend videos you are likely to click, their algorithms have accidentally found that outrage and extremism help drive more clicks, so that is what happens). The movie "The Social Dilemma" does a good job of explaining these concepts. The article "WhatsApp and the domestication of users" is also very good to explain some of these dynamics.
Luckily there exists good people out there who are helping, by making alternative frontends to these mega-sites that have sucked in so many people. Using these sites helps protect your privacy, agency, and perform much better than the official sites. These take the form of open source software which anyone can run, so there are many instances of the software running, spreading out the administrative costs and overhead among different people. I use these extensively along with this the LibRedirect browser plugin to redirect me automatically to better sites.
In mid 2023 a few big sites (like twitter and reddit) began dropping APIs and adding countermeasures like heavy throttling and blocking of alternative frontends, so unfortunately there aren't any good alternatives for those at the moment it seems.
Oooh I need to buy that book- statements dreamed up by the utterly un-frugal. Borrow any book and read it. Borrow any movie or video game for free. Your tax dollars are already paying for it, use it!
Find you a local college radio station and listen to it. My local favorites are WCSB and WRUW. Using a full-fledged terrestrial radio means you aren't being tracked, no Internet required, easy to get a battery-powered radio receiver for offgrid shenanigans. If you use multiple radios at once, they'll be sync with no effort. I hate the ads on the radio
- someone says. I don't know about the stations near you, but mine don't really have ads at all, public service announcements about random stuff like caffeine being bad for you (entertaining to me at least), or at worst saying they are semi-sponsored by donations once in a while. Stop using spotify and being manipulated by a for-profit company with an algorithm, and start listening to the radio to be manipulated by like 88 (it has come to my attention the number "88" is a potential hate symbol, I assure you at the time I wrote this section I actually programmatically counted the number of DJs present at WCSB using the source code of their webpage. Since it is a truthful number and synergizes with my alternate address chris1988.com (which in turn is my year of birth) I am going to leave it as is and not change the number out of some fear of no-no numbers, because of course I don't believe in numerology.) people who at least live somewhere near you and might give away tickets to shows. There's nothing quite like hearing a DJ comment on a thunderstorm that you are also experiencing, or thunder over the air, really makes you feel connected.
Before Email there was mail, nowadays called "snail-mail", cause it is slow, like a snail. Now you see: compared to getting a sheet of paper, a pen or pencil, writing down thoughts in exquisite cursive penmanship, folding it up, putting it into an envelope, writing the address of who it goes onto the envelope (don't mess it up!), then applying an increasingly expensive sticker called a "stamp" onto it, placing it in your mail box where a mail-person picks it up, burning fuel and brake pads every 5 seconds to stop at small boxes which frequently get destroyed by youngsters passing by, whose job as far I as I can tell mostly consists of delivering junk mail to every United States citizen where it is promptly thrown out and never looked at, see that is mail. And compared to that is Email, which involves typing in your message on a computer where it is sent out to other computers at literally nearly the speed of light (no stamps here), the recipient getting it much faster than a snail could deliver. Unfortunately the technology used for powering Email: computer hardware, software, and networks is horrifically (cosmically, Lovecraftian) complicated, so mail is the simpler thing here by many orders of magnitude.
But Email is one of the great technologies. It is based on open protocols and decentralized, or at the very least federated. This allows different people all over to send message to each other with no central place managing it all. It simply isn't possible for a single company to take it over since the protocol is an open standard that anyone can implement and send messages with. Use it more!
Also, consider using plain text email and sane formatting options (things are meant to be read top to bottom, adding replies on top of context is insane nonsense) that are being actively destroyed by things like gmail (also it can't even do threading, how has this trash succeeded lmao).
Pen/pencil and paper is superior to basically any technological doohickey. No electricity required, no updates, cheap supplies, text and drawings can live side by side with ease, need to share something? Just rip off a sheet and give it to someone. Try out carrying a small pen and small pocket sized notebook or index cards and see if it can work for you.
Over time I have come up with a handy format for pen and paper grocery lists, it probably works for other tasks with repeating items to check off. I'm sure I'm not the first person to do this, but I came up with it on my own. It looks like this:
Eggs [x][] Bacon [x][x][x] Milk [] Bread [x]
When I need an item, I add it to the list and put a box next to it, represented by []
above. Once I pick it up, I put an X in it, represented by [x]
above. When I need to get an item that is already on the list, just add a new empty box to the right. For the above example I just need to pick up eggs and milk. That's all there is to it. It ends up being quite a compact way to store grocery list information.
Access keys are a cool feature of web browsers introduced in 1999 that allows a certain keyboard combination to jump to a certain part of the webpage. This is without any CSS or javascript, just purely implemented in the browser and HTML. I think it's really handy to have something like alt + shift + e
to immediately open an email link to write a message to the site author or admin. Read about them on wikipedia including what meta keys are used to activate them for your browser. Take a look here at the last attempted standard access key suggestions. If you have a webpage consider adding them to make it easier to navigate with a keyboard and bring some similar navigation keys to websites.
3 - table of contents 5 - license e - email f - rss feed k - site accesskeys s - social media sites t - top
Your daily technology usage probably involves bouncing around a handful of sites looking at new content, frequently these sites implement a type of "feed" which allows you to see new content on that individual site. Imagine if there was a single place where you could see updates across all the sites you care about, using an open protocol, and software you run on your own computer, wouldn't that be pretty handy? Luckily this has existed since 1999 and is called RSS (Really Simple Syndication). Unfortunately this gave users too much power and was way too simple, companies need to lock users into their controlled platform to force ads in front of their face. But there is still a lot of sites which support it in some way and software exists to create RSS feeds for sites which do not have it natively. Give it a try!
To use RSS you just need an application referred to as an "RSS reader", there are a ton of them. Get one and then paste in the URL you are interested in following to see if that works, otherwise you might need to hunt around documentation or look for the commonly used orange RSS symbol to find the link to copy and paste in to the RSS reader application. On Android I recommend Feeder.
This site provides an rss feed which I currently update around once a season and provide some info on what updates have been done to the site since the last update.
Side note: one of the people who helped bring RSS to life is Aaron Swartz. He did many great things related to technology during his life like working with Creative Commons, markdown formatting, and early development of a little site called Reddit. He believed deeply that information should be free, and to that end downloaded a large amount of academic articles to share openly on the Internet. He was caught and threatened with massive fines and jail time, he chose to commit suicide rather than suffer the extreme bullying of the justice system. There is a documentary about him called "The Internet's Own Boy" which is freely available to watch.
Watch this video for a very clear explanation: What is the Fediverse?
First off, "fediverse" is a combination of the words "federation" and "universe". To sum it up it's a decentralized social network like twitter. It is based on a standardized protocol called ActivityPub, which different softwares can implement that can talk to eachother. Also there can be multiple instances of a given software. So what the does that actually mean? Imagine instead of just twitter.com, there was twitter1.com, twitter2.com, twitter3.com etc. You can have an account on any of them, and communicate between them, similar to how email works where you don't need to belong to the same email service as someone to send a message. Each one can have it's own administrator and rules about what content can be posted. This makes for a decentralized type of social media with a lot of capabilities. There are pieces of software similar to twitter, instagram, and youtube which can all intercommunicate with each other. I see this as being a necessary part of the evolution of the Internet. Currently people are getting trapped into the walled gardens of the previously mentioned services which are getting increasingly locked down. If enough people could move to platforms built on top of an open protocol (ActivityPub) it breaks down how companies can lock people in to extract money from them. Make an account today!
If you do an Internet search for "fediverse" you'll find a lot of websites explaining it and linking to different servers that exist. It can seem a bit overwhelming because there are so many to choose from, if you just want to get started I suggest just joining the general purpose mastodon.online and going from there. You can always migrate to a different instance later.
I enjoy a good chili cheese dog. Send me a review of a chili cheese dog and I'll add it here.
Chris's Air Fryer Chili Cheese Dogs:
Does it always have to come down to something sucking?
- Al
...I think it does!
- T. Furrows
Dialog from the timeless classic: High Strung (watch this clip).
The article Software disenchantment does a great job of describing this. Take a look at How I Experience the Web Today to see a sadly accurate of depiction of modern web design, a complete and total failure of anything actually useful.
Not sure where to begin. These days the main thing that comes to mind is telemetry reporting everything you do (Windows 10 - 11 era). You simply are not in control of your machine if you are using Windows, Microsoft is. It should be treated as a video game console as it is the most locked down and forced backward compatible computing platform that exists. Also NTFS really sucks, it results in things like a extracting a zip file to take orders of magnitude longer to extract files from on Windows compared to any real OS. Windows can't tell time (it doesn't handle a UTC hardware clock). Windows developers after decades of lagging behind Linux attempt to make their own poor excuse for a package manager (note that, it is not even an actual package manager) by ripping off an open source developer, Windows Winget rips off Appget.
Additional Resources:
Open Firefox, navigate to Help - About Firefox - then update and restart the program. Open the NVIDIAยฎ GeForceโข Experience program to see if there is a graphics card driver available, it opens to a page of random games installed on my machine, I know that in order for it to do that it has crawled my filesystem to identify them, I don't want this behavior but I can't disable it, not really directly Microsoft's fault but whatever. Open Steam, update all games, it tries to schedule them to update in the middle of the night, I want them to update now, I can't change this behavior, I manually click each game to update now. Check if the steam client has updates, close it. Open the Epic Games Store, check for a client update (there is always one), and update any installed games (literally only ever Rocket League since that is the only game that I have ever installed through it, though my collection keeps growing because of their free games. I am sure it is just a matter of time before they introduce some kind subscription/freemium model though after sucking people in with free games), close the Epic Games Store. Open Reaper, a digital audio workstation and check for updates. Open VLC, and check for updates. ...Repeat for every single program I use until I get through them all. Finally open the Windows Update screen, it says no updates are available, click "check for updates", it magically finds some now, let them install. While it is updating, I look at the task manager performance window and see that the system is doing practically nothing, occasional spikes of cpu, network, and disk, but most of the time it is doing nothing, less than 1 cpu core pegged with nothing else going on, so I have to chock this up as just bad code wasting my time. Let the computer restart as usual to apply the Windows updates. Boot back into Windows. Go to the Windows update screen, it says no updates are available, click "check for updates", it magically finds some now, let them install. Repeat until Windows updates stop appearing.
Open a terminal and type: sudo apt update; sudo apt upgrade
. Every program and the OS is updated as fast as possible.
Not sure where to begin. Practically letting the Internet know every program you use, at least since their new notarization crap was introduced, not sure how long this was going, probably at least a year. Bypassing authentication to the root user with no password, absolutely laughably bad, a sign that the codebase and development process here is terrible. macOS can't handle text: another low level sign that things are not being handled correctly. No package manager (homebrew... gross).
Apple devices are fashion accessories, overpriced for what they are and designed to lock you into their ecosystem to milk money out of consumers. It is for idiots, don't buy into it!
My mom bought a ChromeOS laptop and maybe like 2 years later it was unsupported. A disgusting abuse to consumers and users, a corruption of Linux, forcing people into Google's browser for all to be monitored and manipulated.
Too many distributions, too difficult for novice users. I had to get every major OS onto my sucks section, but in my opinion Linux sucks the least.
$ lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS loop0 7:0 0 4K 1 loop /snap/bare/5 loop1 7:1 0 143.4M 1 loop /snap/chromium/2136 loop2 7:2 0 145.5M 1 loop /snap/chromium/2168 loop3 7:3 0 63.2M 1 loop /snap/core20/1623 loop4 7:4 0 63.2M 1 loop /snap/core20/1634 loop5 7:5 0 55.1M 1 loop /snap/cups/836 loop6 7:6 0 238.5M 1 loop /snap/firefox/2015 loop7 7:7 0 238.5M 1 loop /snap/firefox/2058 loop8 7:8 0 346.3M 1 loop /snap/gnome-3-38-2004/115 loop9 7:9 0 346.3M 1 loop /snap/gnome-3-38-2004/119 loop10 7:10 0 81.3M 1 loop /snap/gtk-common-themes/1534 loop11 7:11 0 91.7M 1 loop /snap/gtk-common-themes/1535 loop12 7:12 0 37.1M 1 loop /snap/hunspell-dictionaries-1-7-2004/2 loop13 7:13 0 45.9M 1 loop /snap/snap-store/592 loop14 7:14 0 45.9M 1 loop /snap/snap-store/599 loop15 7:15 0 48M 1 loop /snap/snapd/17029 loop16 7:16 0 48M 1 loop /snap/snapd/17336 loop17 7:17 0 284K 1 loop /snap/snapd-desktop-integration/10 loop18 7:18 0 284K 1 loop /snap/snapd-desktop-integration/14
# apt-get upgrade | grep Pro Try Ubuntu Pro beta with a free personal subscription on up to 5 machines.
Always frustrating to use, each device requiring some special incantation to enable pairing that randomly decides when to work. Bluetooth very likely degrades audio quality. Using an aux audio cord or wired headphones gives you superior battery life, audio quality, usability, interoperability, and reliability.
The party is going, a bluetooth speaker is bumping some solid tunes, but now it is Sarah's turn to put on some music. Okay let's pair your phone to the speaker, hmm I think you hold down the bluetooth button? At this point the music stops. It's blinking a blue light, are you seeing it on your device? Is bluetooth enabled on your phone? Hmm not showing up, hold on people who was paired to these last? Can everyone stop for a minute and disconnect from the speakers, thanks sorry for the interruption. Okay let's try syncing again, okay now your phone sees it good. Hmm there is some auth code, think that is on the bottom of the speaker, let me move these drinks to see it. Okay yeah 0438 is the code. Hmm that didn't work, I guess we might have taken too long and pairing timed out, let's try it again. Sarah's phone connects and immediately starts playing a podcast she was listening to last at full blast. Sorry people, okay Sarah pause that and play some music. This process has taken 10 minutes and left the party without music and introduced interruptions, putting quite a damper on the party vibe.
The party is going, Sarah grabs the aux cord and plugs it into her phone when the last song finishes from the previous device. She hits play on her music and it starts playing instantly. This process took 10 seconds.
First things first: crypto means cryptography, the very interesting field of using math to secure communication. It does not mean cryptocurrency.
So bitcoin and blockchains are interesting. They have some interesting properties, but ultimately I think a currency is not a good fit for them (or really any use-case, it has been 13 years since bitcoin really came out and there still isn't really a good use-case for these things). Many cryptocurrencies are straight up grifts and ponzi schemes. Watch this video to understand what bitcoin / blockchains actually are. Do not expect to make money just by getting some whatever-coins and then reselling them. Is it possible? Absolutely. It is also possible to earn money gambling at a casino or by fooling someone into buying junk. Mining is horrible: making computers perform pointless calculations, burning energy, creating pollution, to get people money. It is like incentivizing burning toxic chemicals. A friend of mine has said "I hate it, but its free money". I've also heard the term "digital coal" which I think is a pretty good way of explaining it. There are alternatives on the way, good! Give it a try, but I still don't believe in the underlying technology. Cryptocurrencies eventually need to implement controls that existing financial systems already handle. I don't have enough faith in computers, computer programs, and computer programmers to create completely automated financial systems. I think there needs to be humans in the loop here.
If you are still interested ask yourself if you are really just in it to make a quick buck, if you are that is fine, just acknowledge that is pure speculation and you are gambling. If you really do believe in the things marketed about blockchains, like it puts power into the hands of the people, watch this video and really try to understand how it works, and dig into the technical details of whatever blockchains you are interested in, and buy/sell accordingly. To me this is far too risky, just invest in index funds to reliably earn money over time, have a job to earn money reliably more quickly, and use the existing financial systems which work just fine. Best of luck!
Additional resources:The only things of value in Columbus, Ohio are the Wilma H. Schiermeier Olentangy River Wetland Research Park and the band Dana.
Columbus sucks so bad a Ukrainian refugee returned to Kyiv rather than live there: article (archive/non-paywalled link). An insane Columboid murdered legendary guitarist Dimebag Darrell at a show in Columbus, RIP Dimebag. Ohio State University only teaches people how to spell "Ohio".
Some games I enjoy, leaning towards free and open source ideally:
accounts.google.com/gsi/$3p
- this prevents incessant "Sign in with Google" pop-ups (source).This section holds additional plugins or alternatives that push more control and performance into the hands of users, but might come at a cost of time to configure or straight up cannot work with some websites.
.onion
domains.The underlying program that allows most youtube downloading software to work is yt-dlp. You should give it a try.
On Windows, install the Windows Subsystem for Linux (WSL) (this exists because to stay relevant Windows has to be able to support running Linux, which powers the computing world). On my machine I had to do this, because it has been broken out of the box since the beginning of 2021:wsl --set-default-version 2 wsl --install -d DebianOnce in the sanity of a Linux distribution you can use yt-dlp like so:
# install yt-dlp and mpv sudo apt install yt-dlp mpv # download a video yt-dlp PUT_YOUTUBE_URL_HERE # list what is in the current directory ls # play a file mpv FILENAME_TO_PLAY_HEREHere are some GUI (graphical user interface) options:
If you find a video you really like on youtube, I suggest downloading it. Youtube/Google/Alphabet being in full control of the video means there are no guarantees it'll be around forever. Google is well known for killing their own projects, allowing abuse of copyright takedowns, removing videos that don't make them money, and adds advertisements to videos even if creators do not want them. (If you do encounter a video being deleted check out the amazing archive.org in case someone has backed it up there. For example absolutely disgusting videos which were okay at one time, and then later removed. Another example: fascinating North Korean propaganda.) Also, fuck ads. As long as I own the hardware I purchased and use software that empowers me to actually control what my hardware does, I will not be watching these advertisements. I don't think I've seen advertisements on youtube for like 6 years or so at least, can't stand 'em. The machine is already perfectly capable of streaming the data to a browser and playing the video, they just add many layers of obfuscation to try and remain in control of what information flows through. Take control back into your hands and use the hardware you own as you want. Additionally, downloading videos allows people with a slower Internet to download at a high quality and watch later without any buffering, it's great. Break the cycle of instant gratification and escape auto-playing algorithms, responsible for sucking away countless billions of hours of human lives.
A quick opinionated guide on how to torrent.
Setup:.onion
. This will greatly limit what sites you can visit but surprisingly some mainstream sites like If you're a bit familiar with Linux and the command line, being able to host services at home and make them available over the Internet is pretty easy. The approach described here avoids issues like exposing your home ip address, having to use dynamic dns, and port forwarding issues. This is accomplished by creating a VPN (virtual private network) tunnel from your home server to a cloud server.
Home Server -> VPN -> Cloud Server
You'll need a few things:
With those services obtained, create DNS record(s) to point your domain name to your cloud server: A - EXAMPLE.COM - 123.45.67.89 and if you have IPv6: AAAA - EXAMPLE.COM - 1234:5670:80:ab9::1.
This guide will use the excellent WireGuard software for VPN and the rock-solid Linux distribution Debian to accomplish hosting at home, as both the cloud server and home server operating system. Also both servers will use the hosting software Nginx (Engine X). Here's the order we'll do things in:
All commands are assumed to run as a user with access to do these things, for example root via sudo -i
. Lines that start with #
are inline comments, not commands.
๐ on the home server:
# install nginx apt install nginx # create a super cool website cat > /var/www/html/index.html<< EOF <!doctype html> <meta charset=utf-8> <h1>My Site</h1> <p>I am listening to The Matrix soundtrack <i>right now</i> ๐</p> EOF
At this point your site should be available on your home network, let's say your home server name is called raspberrypi
, you should see your site at http://raspberrypi. Your browser might give you guff about it not being a secure website, but that's fine, you don't really need encryption for a server you are running and accessing within your house. There is a lot of potential issues for this to not "just work" for you due to network settings, but this isn't intended to be an exhaustive guide, so I'll stick to the happy path and stay on focus for what we're trying to accomplish here.
Your home server might be running a firewall, a common one is ufw
. To check if it is being used see if there is any output from ufw status
(as root). If there is run ufw allow 80/tcp
to allow access for http.
# install wireguard apt install wireguard cd /etc/wireguard # create keys (umask 077 && wg genkey > private.key) wg pubkey < private.key > public.key # create the wireguard config file with the right permissions (umask 077 && touch wg0.conf) # copy the output of the keys to your notes, you'll need them later for f in *.key; do echo $f && cat $f; done
With all the keys created now some configuration files need to be created and values placed into them. You should have at least one text editor you are comfortable with on the terminal, nano
is good if you don't have one yet and should be available out of the box.
Your cloud server might be running a firewall, a common one is ufw
. To check if it is being used see if there is any output from ufw status
(as root). If there is run ufw allow 80/tcp; ufw allow 443/tcp; ufw allow 51820/udp
to allow access for http, https, and wireguard.
/etc/wireguard/wg0.conf
[Interface] PrivateKey = [[contents of private.key from the cloud server]] ListenPort = 51820 [Peer] PublicKey = [[contents of public.key from the home server]] AllowedIPs = 10.1.0.2/32
/etc/network/interfaces.d/wg0
auto wg0 iface wg0 inet static address 10.1.0.1/24 pre-up ip link add wg0 type wireguard pre-up wg setconf wg0 /etc/wireguard/wg0.conf post-down ip link del wg0
/etc/wireguard/wg0.conf
[Interface] PrivateKey = [[contents of private.key from the home server]] [Peer] PublicKey = [[contents of public.key from the cloud server]] Endpoint = EXAMPLE.COM:51820 AllowedIPs = 0.0.0.0/0, ::/0 PersistentKeepalive = 25
/etc/network/interfaces.d/wg0
auto wg0 iface wg0 inet static address 10.1.0.2/24 pre-up ip link add wg0 type wireguard pre-up wg setconf wg0 /etc/wireguard/wg0.conf post-down ip link del wg0
The moment of truth, restart networking systemctl restart networking
.
Check the interface with ip a show wg0 | grep inet
:
# cloud server expected output inet 10.1.0.1/24 brd 10.1.0.255 scope global wg0 # home server expected output inet 10.1.0.2/24 brd 10.1.0.255 scope global wg0
Check the wireguard status with wg
.
# cloud server example output interface: wg0 public key: REDACTED private key: (hidden) listening port: 51820 peer: REDACTED endpoint: 172.59.25.95:58690 allowed ips: 10.1.0.2/32 latest handshake: 46 seconds ago transfer: 212 B received, 92 B sent # home server example output interface: wg0 public key: REDACTED private key: (hidden) listening port: 36112 peer: REDACTED endpoint: 123.45.67.89:51820 allowed ips: 0.0.0.0/0, ::/0 latest handshake: 1 second ago transfer: 92 B received, 180 B sent persistent keepalive: every 25 seconds
So on our VPN the cloud server is 10.1.0.1 and the home server is 10.1.0.2. They should be able to ping each other with those addresses and a curl http://10.1.0.2
from the cloud server should result in:
<!doctype html> <meta charset=utf-8> <h1>My Site</h1> <p>I am listening to The Matrix soundtrack <i>right now</i> ๐</p>So we have completed this picture, allowing the cloud server to access our home server over an encrypted VPN tunnel.
Home Server -> VPN -> Cloud Server
Home Server -> VPN -> Cloud Server -> https -> Internet
Let's first get the cloud server sharing the website to the Internet over http, we'll create an nginx configuration to pass traffic to the home server.
/etc/nginx/sites-available/EXAMPLE.COM.conf
server { server_name EXAMPLE.COM; listen 80; listen [::]:80; location / { proxy_pass http://10.1.0.2:80; } }
Check that the configuration works with nginx -t
, then enable the site configuration and reload nginx to make it active.
ln -s /etc/nginx/sites-available/EXAMPLE.COM.conf /etc/nginx/sites-enabled/EXAMPLE.COM.conf systemctl reload nginx
If everything is working, your site should be accessible from http://EXAMPLE.COM now. There is just one last step, encryption, i.e. getting https. Luckily the great people at Let's Encrypt and Certbot have made this very easy.
# install certbot apt install certbot python3-certbot-nginx # run certbot and follow the prompts certbot --nginx
Hopefully that went smoothly and at last your site is available over https! ๐
This section written on 2023-11-06
Online:
Much more interesting I think is the ability to generate images completely locally. You'll want a pretty strong computer and semi-recent graphics card (ideally nvidia):
This stuff is all quite new and going through a lot of churn.
Generally, smartphones are awful. They are incredibly locked down mini-computers, taking as much control out of your hands as possible and guiding people through the most dumbed-down "apps" conceivable. The main phone operating system providers I think are a big part of why the newest generation might not even understand what files and folders are. From a very low-level these devices are designed to suck you in and take your attention for it to be monetized and manipulated. Unfortunately, I must admit these are a winning form-factor of computers though. A "real computer" will always be superior for things like software engineering and professional work (like audio / video / image editing), but a smartphone is just so useful and always at your side. I am interested in open hardware / open software phones like the PinePhone and the Librem 5 (I waited nearly four years from January 2019 to December 2022 to receive mine which I promptly re-sold to recoup my costs as purism would not refund me. Avoid this crap company video 1, video 2.), but I don't think they are usable by the general public yet. I've used an iPhone 5s in the past, but nowadays I use older generation Google Pixel phones because they are cheaper and have a superior way of running open source software. My advice is to try and use a smartphone as little as possible, and do as much of your computing as you can on a real computer: like banking, social media, gaming, etc. I install LineageOS on my phones these days to avoid as much Google as I can and get updates past when the are provided by the factory OS.
I've put some effort into being frugal when it comes to phones, so here is my advice on that. Buy a used, unlocked android device a generation or two behind from Swappa (also consult the list of best phones with an actual headphone jack). Check this page for cheap plans. I use and highly recommend Mint Mobile (referral link).
This section lists software and other things I use.
pcmanfm
foot,kitty
imv
pavucontrol
Hosted/Server Software
fail2ban
mdadm
Command line programs
bash,tmux
sftp,rsync
wget
and yt-dlpffmpeg
bmon
iperf3,nmap,mtr,nc
ncdu
sysstat
nvim -d file1.txt file2.txt
doas,curl,git,moreutils,diffutils,brightnessctl,pidwait
.xyz
web domain. Even though it is a perfectly legitimate top-level-domain many service providers blacklist it or mark it as spam. I have had issues with people's SMS (phone texting) providers silently blocking texts which contained links to xyz domains, causing much confusion for me. Someone's blog post on this (hackernews).This page was made using neovim in Linux. The content for this site is BY-NC-SA 4.0.