ungleich-learning-circle/youngjin.han/learning-node02-2020.org

26 KiB
Raw Blame History

2020-07-24

IPv6 #2: Generating IPv6 networks

DONE Lecture content

CLOSED: [2020-07-30 목 00:43]

  • Objective/Problem that we are trying to solve:

    • You got one bigger prefix (the one that you get as a parameter) and you want to create a random subnetwork in it
  • Create a random /48 network within a prefix

    • Create a python script named randomnet.py that accepts 1 parameter: prefix
    • The prefix must be an IPv6 network
    • The netmask of the prefix should be /48 or smaller (/48…/0)
    • Prefixes to be used for testing:

      • 2001:db8::/48
      • 2001:db8::/40
      • 2001:db8::/32
      • fd00::/8
    • Possible output:

      • 2001:db8:1231::/48
  • Optional

    • Allow to specify second parameter that gives the size of the subnetwork

2020-07-22

IPv6 #1: IPv6 address uniqueness

DONE Lecture content

CLOSED: [2020-07-23 목 00:06]

  • Ensure Uniqueness

    • Every IPv6 address we register should REPRESENT a /48
    • We need to ensure that we don't register overlapping networks
    • Write a python script that checks whether two IPv6 networks are overlapping

      • overlap.py ip1 ip2
    • It should output "overlap" or "no overlap"
    • Use the following test IPv6 addresses:

      • 2001:db8::
      • 2001:db8:0:2::
      • 2001:db8:1::
    • Assume a netmask of /48 for all of them
    • Step 2: Make your script parse ipv6 networks (like 2001:db8::/48 and 2001:db8::/64) ) and check whether they overlap
    • Make use of the python3 module ipaddress

2020-07-15

Django #7: Tutorial 6

DONE Lecture content

CLOSED: [2020-07-22 수 22:25]

Django #8: Tutorial 7

DONE Lecture content

CLOSED: [2020-07-22 수 22:25]

2020-07-13

Django #6: Tutorial 5

DONE Lecture content

CLOSED: [2020-07-14 화 00:25]

2020-07-10

Django #5: Tutorial 4

DONE Lecture content

CLOSED: [2020-07-14 화 00:19]

2020-07-08

Django #4: Tutorial 3

DONE Lecture content

CLOSED: [2020-07-14 화 00:18]

2020-07-06

Django #3: using http and https

DONE Lecture content

CLOSED: [2020-07-14 화 00:17]

  • We want expose our Django app via https to the world
  • We want to allow IPv6 world wide access
  • Steps IPv6

    • Ensure you have IPv6 connectivity
    • Get a VPN from IPv6VPN.ch if you don't have IPv6
    • Ensure that your firewall allows access to ports 80 and 443 to your machine
    • Coordinate with another participant to test your connection

      • The square brackets are needed in the following examples
      • curl -vv http://[your ipv6 address]
      • curl -vv https://[your ipv6 address]
      • Both examples should return "connection refused"
  • Find out your Domain name

    • We will install an letsencrypt certificate
    • Certificates need a name
    • The website https://has-a.name provides you with a name
    • Find out your name
    • Have somebody else ping your name
  • Steps webserver

    • Install nginx
    • Have somebody else run curl -v http://<your name>.has-a.name
    • Install certbot
    • Use certbot to request a certificate for your name
    • Use the nginx plugin of certbot
    • Have somebody else run curl -v https://<your name>.has-a.name (with httpS!)
  • Proxy configuration

    • We want nginx to forward the HTTPS requests to django
    • We run django on the IPv6 localhost

      • python manage.py runserver '[::1]:8000'
      • Note: this is different from last session!
    • We configure nginx to proxy to django

      • Locate the configuration file for the https server (usually somewhere below /etc/nginx)
      • Add a proxy configuration to it
      • The proxy block looks similar to this: location / { proxy_pass http://localhost:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; }
    • Test with the other participants to reach you!
  • Add your nginx configuration

2020-07-04

Django #2: Tutorial 2

DONE Lecture content

CLOSED: [2020-07-04 토 01:03]

2020-06-28

Django #1: Introduction

Objective
  • We will build a IPv6 ULA registry with Django in the next lectures
DONE Lecture content

CLOSED: [2020-07-04 토 01:03]

  • Create a new directory in your learning cirle repository named "django"
  • Write down the answers to the following questions in django/django.org
  • Research and answer the following questions: (1/2 of the time)

    • What is IPv6 ULA?
    • Which registries did exist historically?
    • How should an IPv6 ULA registry work?
  • Get started with Django

    • Create a new python virtual env using `python3 -m venv`

      • Create the venv in django/venv
    • Create a file .gitignore in django/

      • Add 'venv/' (without the quotes to that file
      • Use magit to verify that the venv is being ignored
      • Add and commit the .gitignore file
    • Inside this virtual env, install django using `pip`
    • Go to https://www.djangoproject.com/
    • Finish tutorial 1: https://docs.djangoproject.com/en/3.0/intro/tutorial01/
    • Commit the django code to your repository
    • Exclude '*.pyc' in the .gitignore
    • Also exclude the sqlite database

2020-06-17

Python #11:

DONE Lecture content

CLOSED: [2020-06-17 수 22:24]

  • Same structure as "Python #2"
  • Exercise 44
Lecture material

2020-06-15

DONE Python #10:

CLOSED: [2020-06-15 월 23:55]

Lecture content
  • Same structure as "Python #2"
  • Exercise 43
Lecture material

2020-06-12

Python #9:

DONE Lecture content

CLOSED: [2020-06-12 금 22:43]

  • Same structure as "Python #2"
  • Exercise 42
  • Review all previous exercises, ensure you understand them
Lecture material

2020-06-10

Python #8:

DONE Lecture content

CLOSED: [2020-06-11 목 00:00]

  • Same structure as "Python #2"
  • Exercises 40-41
Lecture material

2020-06-08

Python #7:

DONE Lecture content

CLOSED: [2020-06-08 월 22:49]

  • Same structure as "Python #2"
  • Exercises 37-39
Lecture material

2020-06-01

Python applying learnings from 1..6

DONE Lecture notes

CLOSED: [2020-06-02 화 11:21]

  • Previous topics covered:

    • Printing
    • Formatting
    • Variables
    • Escape Sequences
    • Inputting text
    • Reading arguments / using argv
    • Reading files
    • Defining methods
    • Boolean logic
    • Branching using if/else/elif
    • Loops: for/while
  • Today we write a calculator that saves results in a file in python

    • How it works in general You read the input until you read a line that only contains a "q". Every input line consists of numbers separated by a space. For instance "4 5 9". You will need to .split() the input.
  • Steps

    • Create a python script named "calc.py"
    • It takes 1 command line argument (argv), which is the filename

      • We will store the calculations and results in this file
    • Create a method named "input_and_calculate_one_line"

      • It does not have any arguments
      • It reads one line via input
      • It splits the input (let's say "4 5 9" => [ "4", "5", "9") ])
      • It calculates the result (f.i. 4+5+9 = 18) and stores it in a variable (use sum over the list)
      • It returns a string of the format "4 + 5 + 9 = 18"
      • If the line only contains a "q" it return "" (an empty string)
    • Create a method named "editor" that takes a filename as an argument

      • It opens the file for writing
      • It uses input_and_calculate_one_line in a while loop
      • while the return result is not "", we append the string to the file
      • When the return result is "", the function exits

2020-05-29

Python #6:

DONE Lecture content

CLOSED: [2020-05-29 금 23:48]

  • Same structure as "Python #2"
  • Exercises 32-36
Lecture material

2020-05-27

Python #5:

DONE Lecture content

CLOSED: [2020-05-27 수 22:30]

  • Same structure as "Python #2"
  • Exercises 27-31
Lecture material

2020-05-25

Python #4:

DONE Lecture content

CLOSED: [2020-05-27 수 22:41]

  • Same structure as "Python #2"
  • Exercises 23-26
Lecture material

2020-05-22

DONE Lecture content

CLOSED: [2020-05-23 토 00:21]

  • Same structure as "Python #2"
  • Exercises 15-22
Lecture material

2020-05-20

Python #2:

DONE Lecture content

CLOSED: [2020-05-20 수 22:47]

  • Read thoroughly & do exercises 8 to 14

    • Focus on understanding
    • You don't have to type everything
    • But you should ensure you understand everything
  • Commit all source code to ~/ungleich-learning-circle/USERNAME/python-the-hard-way
  • Write down notes / what you learned in the python.org file
  • Notify your fellow students when you solved something

    • "I just solved exercise 4!"
Lecture material

2020-05-15

Python #1:

Lecture notes
  • Ensure that you have python3 (at least 3.6) installed
  • Use emacs for editing source files
  • Commit all source code to ~/ungleich-learning-circle/USERNAME/python-the-hard-way
DONE Lecture content

CLOSED: [2020-05-19 화 23:47]

  • Read thoroughly & do exercise 0 to 7
  • Commit your source code in git
  • Commit every time you have a task done

    • Make a new commit in git each time you finish (part of) a task
  • Do all exercises
  • Notify your fellow students when you solved something
  • Ask help to other students when you are stuck (but try to solve on your own before)
Lecture material

2020-05-15

cdist #6: Glueing it together

Lecture content
Objective
  • Apply learnings from the previous cdist sessions
DONE Steps 1: __all_in_one (1.25h)

CLOSED: [2020-05-15 금 23:16]

  • Create a new type named __all_in_one

    • Decide yourself whether it is a singleton or not
    • Reason why in your cdist.org file
  • It should work on alpine, debian and fedora
  • It accepts the following parameters:

    • with-x (boolean)
    • extra-packages (optional multiple)
  • On Alpine, it should install netcat-openbsd and tshark
  • On Debian, it should install netcat tshark
  • On Fedora, it should install nmap-ncat wireshark-cli
  • On all operating systems install socat sipcalc sudo
  • If the detected operating system is neither Alpine/Debian/Fedora, output an error message and abort the manifest with exit code 1
  • Additionally install all packages specified by the extra-packages parameter
TODO Steps 2: __firewall (1.25h)
  • Create a new type __my_firewall
  • Add a type explorer to find out whether nft is present on the target system
  • Add a required parameter named file
  • If the type explorer does not detect nft on the target system, abort with an error message
  • Deploy the specified file to /etc/my-nftables
  • Add a type explorer that reads the current nft rules
  • If the rules are different on the target host, apply the new ruleset by generating code in gencode-remote
  • If the filename specified by the file parameter is - (the minus sign), then the type should read from stdin
TODO Step 3: manifest (0.5h)
  • Create a new manifest in the folder that contains the initial manifest
  • Name the new manifest firewall
  • Source the firewall manifest in the initial manifest
  • In the firewall manifest, match on localhost

    • Install nftables
    • Use the __firewall type
    • Use correct require parameter to ensure that nftables is installed before the __firewall type is run

2020-05-13

cdist #5: Generating Code & Exploring

Lecture content
Objective
  • Understand how to generate code and when to use it
  • Exploring explorers
DONE Code generation steps

CLOSED: [2020-05-14 목 00:54]

  • Modify the previously created type __my_nginx_site
  • Read about cdist messaging
  • If there was a change in the nginx configuration file, reload nginx
DONE Explorer steps

CLOSED: [2020-05-14 목 00:54]

  • Modify the __my_nginx_site type to use the os explorer
  • Adjust your type to work on Alpine Linux and Debian (or two other Linux distributions of your choice)
  • Set the nginx configuration directory accordingly
DONE Documentation

CLOSED: [2020-05-14 목 00:54]

  • Explain the following in your cdist.org file
  • What is the difference between gencode-remote and the remote code?
  • What is the difference between gencode-local and gencode-remote?
  • Locate a type that comes with upstream cdist that uses gencode-local - which one is it? Why does it need gencode-local?

2020-05-11

cdist #4: Requirements

Lecture content
Objective
  • Understand how requirements work
DONE Create a new type __my_nginx

CLOSED: [2020-05-12 화 02:22]

  • Make it a singleton
  • Make it install nginx
  • Configure a host with it
  • Usually nginx is configured includes some files
  • On the target host find out which directory nginx includes
  • We name this directory nginx_config_dir
DONE Create a new type __my_nginx_site

CLOSED: [2020-05-12 화 02:22]

  • Assume the object_id is a domain
  • In the __my_nginx_site create a file inside the nginx_config_dir
  • The filename is ${domain}.conf
  • When using __file, it should require the nginx package

    • Read about cdist dependencies
  • The file should be a valid nginx configuration
  • The server name should be set to the specified domain
  • The root directive should point to /var/www/html/DOMAIN

    • (replace DOMAIN with the actual domain)
DONE Use both types in the initial manifest to configure the target host

CLOSED: [2020-05-15 금 21:07]

  • Create at least two domains
DONE Configure the target host

CLOSED: [2020-05-15 금 21:08]

  • Verify that the configuration files are properly created
DONE Delete the nginx package manually on the target host

CLOSED: [2020-05-15 금 21:08]

DONE Comment out __my_nginx from the initial manifest, keep the __my_nginx_site

CLOSED: [2020-05-15 금 21:08]

  • Explain the error that you get (in your cdist.org file)

2020-05-08

cdist #3: type parameters

Lecture content
DONE Create a new type named __colourful_file

CLOSED: [2020-05-15 금 20:29]

  • The objective is to create a type that creates colourful file
  • The content of the file should be "colour=…", where "…" is a colour specified by a parameter
  • Add an optional parameter named colour
  • Use the __file type inside your type to create a file
  • Use the $__object_id variable inside your type
DONE Extend your type to be more colourful

CLOSED: [2020-05-15 금 20:29]

  • Modify the optional parameter to be able to be specified multiple times
  • For each time it is specified, add a line "colour=…" to the file
DONE Create a new type __my_dotfiles

CLOSED: [2020-05-15 금 21:07]

  • Objective is to manage the dotfiles in your home directory
  • Make it a singleton type
  • Create a sub directory files in the type
  • Add your .emacs config to the files folder
  • Add a for loop to your type to deploy .[A-z]* to your home directory
  • Add a .bashrc or .zshrc to the files folder (depending on your shell)
  • In the initial manifest, add __my_dotfiles when the target host is localhost
DONE As usual commit all changes to your ungleich-learning-circle repo

CLOSED: [2020-05-15 금 21:07]

2020-05-06

cdist #2: Your first cdist type

Lecture content
Objective
Begin to understand how cdist types function
Steps
Create a new type named `__my_computer`
  • Mark the type as a singleton type
  • Create a `manifest` file in it
  • Use this type to install the following packages: zsh, mosh, emacs, nmap, sipcalc
  • Edit the initial manifest and use __my_computer for localhost
  • Match using the $__target_host variable
Modify your type to use a for loop to install the packages
Deploy / manage your ~/.emacs file in this type
  • Ensure that permissions and ownership are correct
Use different verbosity levels when configuring
Ensure that all your changes are committed and pushed in your ungleich-learning-circle repository
  • Use magit inside emacs for that
Documentation steps to be done in cdist.org
  • Create a new org document named `cdist.org` in the same folder as the learning.org file
  • Explain the difference between a singleton and non-singleton type
  • Explain the difference between the different verbosity levels
  • Document (copy&paste) some of the cdist runs in a "log" section```

2020-05-04

cdist #1: Introduction

Lecture content
Objective
  • Begin to use cdist
Steps
  • Checkout cdist quickstart https://www.cdi.st/manual/latest/cdist-quickstart.html
  • Install cdist locally
  • Create a new cdist configuration directory in ~/ungleich-learning-circle/USERNAME/dot-cdist
  • Create an empty initial manifest ("use touch")
  • Commit that status
  • Ensure that you can login as root to localhost via ssh without a password
  • Configure cdist to configures the motd of your localhost

    • Ensure you have a case block matching on $__target_host
    • Use the -c parameter to cdist to specify the configuration directory
    • Use the -vv parameter to get more verbose output
    • Search for / understand what MOTD stands for
  • Configure cdist to create the file /etc/cdist-configured
  • Configure cdist to setup the timezone on your local computer
  • Configure cdist to ensure emacs is installed
  • Ensure that in the end all changes are committed in your repository

2020-05-01

Organisation #5: Emacs refresher

Lecture content
Objective: get confident with emacs commands
Find out and document how to do the following steps
  • Search for something forward C-s
  • How to continue searching C-s C-s
  • Search for something backward C-r
  • Search for regular expressions instead of string (forward, backward) C-M-s C-M-r
  • Go to the beginning of the line C-a
  • Go to the end of the line C-e
  • Delete a word in front (to the right of the cursor) M-d
  • Delete a word in back (to the left of the cursor) M-BackSpace
  • List all "occurences" of a word in a file M-s o

    • You can copy above instructions into an emacs buffer
    • And test it by showing all occurences of the word "Search"
  • Search (GREP) for a word in all files in a directory RECURSIVELY M-x rgrep
  • Save the CURRENT buffer C-x C-s
  • Save ALL open files C-x-s
  • Split the window/buffer vertically C-x 2
  • Split the window/buffer horizontally C-x 3
  • Switch between the different windows C-x o
  • Close all buffers besides the active one C-x 1

    • Don't kill it!
  • Close only the active buffer C-x 0 -* Don't kill it!
  • Kill the active buffer C-x k
  • Describe/Explain the difference between closing and killing

    • closing is that emac do not display the buffer. and the contents on the buffer are kept on behined screen.
    • killing is that emac delete the buffer. and if contents are not stored, it is losted
  • Switch between buffers that are not shown C-x b

    • Document two very similar, but slightly different ways

      • C-x b is that the selected buffer is displayed on the focused window
      • C-x C-b is that all buffers is dispalayed on the new window
      • C-x 4 b is that the selected buffer is displayed on the new window
Outcome
  • Document all above commands in your learning org sheet
  • Share your documentation at the end of the session (not before)

2020-04-29

Organisation #4: Organising yourself

Lecture content
Objective: have a todo list based on org mode
Steps
  • Configure the "org-directory" to be ~/ungleich-learning-circle/USERNAME/

    • This is important as it will be used by the todo function later
  • Extend your function from the organisation #1 session

    • Instead of opening a fixed file, we include two variable parts:

      • The hostname of the machine
      • The year
    • Pressing F3 should open ~/ungleich-learning-circle/USERNAME/learning-$(hostname)-$(year).org

      • we call this "your personal agenda"
  • Configure mu4e to create a org-mode tasks from an email

    • Store these tasks in ~/ungleich-learning-circle/USERNAME/todo.org
  • Configure emacs to open the "org-agenda" with "C-c a"
  • List all TODO entries
  • List the agenda of the day
  • List the agenda of the week
  • Bind F8 to open the "org-todo-list"
  • Create some sample tasks in it
From now on, maintaining tasks should be
  • Pressing F3 to open your personal "logfile"
  • Adding a TODO item
  • Pressing F8 to see the tasks with priorities
Bonus tasks
  • Configure mu4e to store org-mode tasks in …/todo-$(hostname)-$(year).org

2020-04-27

Organisation #3: Managing your emails

Lecture content
Objective
  • Be able to manage all your mails in mu4e
Description
  • All email is synchronised using isync/mbsync
  • Email is indexed with mu (xapian backend)
  • Email is viewed in mu4e
  • All new emails arrive in the inbox
Steps
  • Install mu4e
  • Start mu4e in emacs
  • Configure mbsync for your ungleich mail account

    • Synchronise all mails into ~/Maildir/ungleich
    • This structure leaves room for other mail accounts, like ~/Maildir/gmail
  • Verify that mbsync synchronises the mail
  • Index mails using `mu` on the command line (only first time)
  • Configure mu4e to get email with mbsync -a
  • Configure mu4e to "archive" emails into ~/Maildir/ungleich/YEAR/

    • This gives you a good performance / organisation for the next decades
  • Configure mu4e/emacs for sending emails
  • Send other participants an email via mu4e
  • Verify that it arrives
  • "Archive" it afterwards

2020-04-24

Organisation #2: Creating, managing and sharing with "magit"

Lecture content
Install "magit" for emacs
Bind C-x g to open magit-status in ~/.emacs
Create a new directory ~/ungleich-learning-circle/ (with emacs)
  • Use C-h b in dired mode to find out how to
Create a sub directory ~/ungleich-learning-circle/YOURNAME/ (with emacs)
Move your previously created learning.org file into ~/ungleich-learning-circle/YOURNAME/ (with emacs)
Initialise it with git (with magit)
Create the repo "ungleich-learning-circle" on code.ungleich.ch under your username
Add your remote on code.ungleich.ch to your local git repo with magit
Push your repo
Add a new remote of a another participant
Move your ~/learning.org to ~/notes
Commit that file with magit
Push the repo with magit
Merging the remote repo with the command line
End result: everyone has everything of everyone else

2020-04-23

Organisation #1: org-mode introduction

Lecture content
Install emacs
Install org-mode
Create a function that opens ~/learning.org in your ~/.emacs
Bind that function to "f3" (configure it in .emacs)
Create a new item named "2020-04-10"
  • Create a sub item "ungleich learning circle"