26 KiB
- 2020-07-24
- 2020-07-22
- 2020-07-15
- 2020-07-13
- 2020-07-10
- 2020-07-08
- 2020-07-06
- 2020-07-04
- 2020-06-28
- 2020-06-17
- 2020-06-15
- 2020-06-12
- 2020-06-10
- 2020-06-08
- 2020-06-01
- 2020-05-29
- 2020-05-27
- 2020-05-25
- 2020-05-22
- 2020-05-20
- 2020-05-15
- 2020-05-15
- 2020-05-13
- 2020-05-11
- 2020-05-08
- 2020-05-06
- 2020-05-04
- 2020-05-01
- 2020-04-29
- 2020-04-27
- 2020-04-24
- Organisation #2: Creating, managing and sharing with "magit"
- Lecture content
- Install "magit" for emacs
- Bind C-x g to open magit-status in ~/.emacs
- Create a new directory ~/ungleich-learning-circle/ (with emacs)
- Create a sub directory ~/ungleich-learning-circle/YOURNAME/ (with emacs)
- Move your previously created learning.org file into ~/ungleich-learning-circle/YOURNAME/ (with emacs)
- Initialise it with git (with magit)
- Create the repo "ungleich-learning-circle" on code.ungleich.ch under your username
- Add your remote on code.ungleich.ch to your local git repo with magit
- Push your repo
- Add a new remote of a another participant
- Move your ~/learning.org to ~/notes
- Commit that file with magit
- Push the repo with magit
- Merging the remote repo with the command line
- End result: everyone has everything of everyone else
- Lecture content
- Organisation #2: Creating, managing and sharing with "magit"
- 2020-04-23
2020-07-24
IPv6 #2: Generating IPv6 networks
DONE Lecture content
CLOSED: [2020-07-30 목 00:43]
-
Objective/Problem that we are trying to solve:
- You got one bigger prefix (the one that you get as a parameter) and you want to create a random subnetwork in it
-
Create a random /48 network within a prefix
- Create a python script named randomnet.py that accepts 1 parameter: prefix
- The prefix must be an IPv6 network
- The netmask of the prefix should be /48 or smaller (/48…/0)
-
Prefixes to be used for testing:
- 2001:db8::/48
- 2001:db8::/40
- 2001:db8::/32
- fd00::/8
-
Possible output:
- 2001:db8:1231::/48
-
Optional
- Allow to specify second parameter that gives the size of the subnetwork
2020-07-22
IPv6 #1: IPv6 address uniqueness
DONE Lecture content
CLOSED: [2020-07-23 목 00:06]
-
Ensure Uniqueness
- Every IPv6 address we register should REPRESENT a /48
- We need to ensure that we don't register overlapping networks
-
Write a python script that checks whether two IPv6 networks are overlapping
- overlap.py ip1 ip2
- It should output "overlap" or "no overlap"
-
Use the following test IPv6 addresses:
- 2001:db8::
- 2001:db8:0:2::
- 2001:db8:1::
- Assume a netmask of /48 for all of them
- Step 2: Make your script parse ipv6 networks (like 2001:db8::/48 and 2001:db8::/64) ) and check whether they overlap
- Make use of the python3 module ipaddress
2020-07-15
Django #7: Tutorial 6
DONE Lecture content
CLOSED: [2020-07-22 수 22:25]
-
Environment like in Django 1 and Django 3
- Ensure your nginx is working
- Paste the URL of your Django server into the chat
- Ensure you can reach the other Django servers
- Follow steps on https://docs.djangoproject.com/en/3.0/intro/tutorial06/
Django #8: Tutorial 7
DONE Lecture content
CLOSED: [2020-07-22 수 22:25]
-
Environment like in Django 1 and Django 3
- Ensure your nginx is working
- Paste the URL of your Django server into the chat
- Ensure you can reach the other Django servers
- Follow steps on https://docs.djangoproject.com/en/3.0/intro/tutorial07/
2020-07-13
Django #6: Tutorial 5
DONE Lecture content
CLOSED: [2020-07-14 화 00:25]
-
Environment like in Django 1 and Django 3
- Ensure your nginx is working
- Follow steps on https://docs.djangoproject.com/en/3.0/intro/tutorial05/
2020-07-10
Django #5: Tutorial 4
DONE Lecture content
CLOSED: [2020-07-14 화 00:19]
-
Environment like in Django 1 and Django 3
- Ensure your nginx is working
- Follow steps on https://docs.djangoproject.com/en/3.0/intro/tutorial04/
2020-07-08
Django #4: Tutorial 3
DONE Lecture content
CLOSED: [2020-07-14 화 00:18]
-
Environment like in Django 1 and Django 3
- Ensure your nginx is working
- Follow steps on https://docs.djangoproject.com/en/3.0/intro/tutorial03/
2020-07-06
Django #3: using http and https
DONE Lecture content
CLOSED: [2020-07-14 화 00:17]
- We want expose our Django app via https to the world
- We want to allow IPv6 world wide access
-
Steps IPv6
- Ensure you have IPv6 connectivity
- Get a VPN from IPv6VPN.ch if you don't have IPv6
- Ensure that your firewall allows access to ports 80 and 443 to your machine
-
Coordinate with another participant to test your connection
- The square brackets are needed in the following examples
- curl -vv http://[your ipv6 address]
- curl -vv https://[your ipv6 address]
- Both examples should return "connection refused"
-
Find out your Domain name
- We will install an letsencrypt certificate
- Certificates need a name
- The website https://has-a.name provides you with a name
- Find out your name
- Have somebody else ping your name
-
Steps webserver
- Install nginx
- Have somebody else run curl -v http://<your name>.has-a.name
- Install certbot
- Use certbot to request a certificate for your name
- Use the nginx plugin of certbot
- Have somebody else run curl -v https://<your name>.has-a.name (with httpS!)
-
Proxy configuration
- We want nginx to forward the HTTPS requests to django
-
We run django on the IPv6 localhost
- python manage.py runserver '[::1]:8000'
- Note: this is different from last session!
-
We configure nginx to proxy to django
- Locate the configuration file for the https server (usually somewhere below /etc/nginx)
- Add a proxy configuration to it
- The proxy block looks similar to this: location / { proxy_pass http://localhost:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; }
- Test with the other participants to reach you!
- Add your nginx configuration
2020-07-04
Django #2: Tutorial 2
DONE Lecture content
CLOSED: [2020-07-04 토 01:03]
- Tutorial 2 of Django
- Environment like in Django 1
- https://docs.djangoproject.com/en/3.0/intro/tutorial02/
-
If you have IPv6, allow others to acces your Django server with:
- python manage.py runserver '[::]:8000'
2020-06-28
Django #1: Introduction
Objective
- We will build a IPv6 ULA registry with Django in the next lectures
DONE Lecture content
CLOSED: [2020-07-04 토 01:03]
- Create a new directory in your learning cirle repository named "django"
- Write down the answers to the following questions in django/django.org
-
Research and answer the following questions: (1/2 of the time)
- What is IPv6 ULA?
- Which registries did exist historically?
- How should an IPv6 ULA registry work?
-
Get started with Django
-
Create a new python virtual env using `python3 -m venv`
- Create the venv in django/venv
-
Create a file .gitignore in django/
- Add 'venv/' (without the quotes to that file
- Use magit to verify that the venv is being ignored
- Add and commit the .gitignore file
- Inside this virtual env, install django using `pip`
- Go to https://www.djangoproject.com/
- Finish tutorial 1: https://docs.djangoproject.com/en/3.0/intro/tutorial01/
- Commit the django code to your repository
- Exclude '*.pyc' in the .gitignore
- Also exclude the sqlite database
-
2020-06-17
Python #11:
DONE Lecture content
CLOSED: [2020-06-17 수 22:24]
- Same structure as "Python #2"
- Exercise 44
Lecture material
- Available on https://cloud.ungleich.ch/s/435FyfrQyEq6oF3
2020-06-15
DONE Python #10:
CLOSED: [2020-06-15 월 23:55]
Lecture content
- Same structure as "Python #2"
- Exercise 43
Lecture material
- Available on https://cloud.ungleich.ch/s/435FyfrQyEq6oF3
2020-06-12
Python #9:
DONE Lecture content
CLOSED: [2020-06-12 금 22:43]
- Same structure as "Python #2"
- Exercise 42
- Review all previous exercises, ensure you understand them
Lecture material
- Available on https://cloud.ungleich.ch/s/435FyfrQyEq6oF3
2020-06-10
Python #8:
DONE Lecture content
CLOSED: [2020-06-11 목 00:00]
- Same structure as "Python #2"
- Exercises 40-41
Lecture material
- Available on https://cloud.ungleich.ch/s/435FyfrQyEq6oF3
2020-06-08
Python #7:
DONE Lecture content
CLOSED: [2020-06-08 월 22:49]
- Same structure as "Python #2"
- Exercises 37-39
Lecture material
- Available on https://cloud.ungleich.ch/s/435FyfrQyEq6oF3
2020-06-01
Python applying learnings from 1..6
DONE Lecture notes
CLOSED: [2020-06-02 화 11:21]
-
Previous topics covered:
- Printing
- Formatting
- Variables
- Escape Sequences
- Inputting text
- Reading arguments / using argv
- Reading files
- Defining methods
- Boolean logic
- Branching using if/else/elif
- Loops: for/while
-
Today we write a calculator that saves results in a file in python
- How it works in general You read the input until you read a line that only contains a "q". Every input line consists of numbers separated by a space. For instance "4 5 9". You will need to .split() the input.
-
Steps
- Create a python script named "calc.py"
-
It takes 1 command line argument (argv), which is the filename
- We will store the calculations and results in this file
-
Create a method named "input_and_calculate_one_line"
- It does not have any arguments
- It reads one line via input
- It splits the input (let's say "4 5 9" => [ "4", "5", "9") ])
- It calculates the result (f.i. 4+5+9 = 18) and stores it in a variable (use sum over the list)
- It returns a string of the format "4 + 5 + 9 = 18"
- If the line only contains a "q" it return "" (an empty string)
-
Create a method named "editor" that takes a filename as an argument
- It opens the file for writing
- It uses input_and_calculate_one_line in a while loop
- while the return result is not "", we append the string to the file
- When the return result is "", the function exits
2020-05-29
Python #6:
DONE Lecture content
CLOSED: [2020-05-29 금 23:48]
- Same structure as "Python #2"
- Exercises 32-36
Lecture material
- Available on https://cloud.ungleich.ch/s/435FyfrQyEq6oF3
2020-05-27
Python #5:
DONE Lecture content
CLOSED: [2020-05-27 수 22:30]
- Same structure as "Python #2"
- Exercises 27-31
Lecture material
- Available on https://cloud.ungleich.ch/s/435FyfrQyEq6oF3
2020-05-25
Python #4:
DONE Lecture content
CLOSED: [2020-05-27 수 22:41]
- Same structure as "Python #2"
- Exercises 23-26
Lecture material
- Available on https://cloud.ungleich.ch/s/435FyfrQyEq6oF3
2020-05-22
DONE Lecture content
CLOSED: [2020-05-23 토 00:21]
- Same structure as "Python #2"
- Exercises 15-22
Lecture material
- Available on https://cloud.ungleich.ch/s/435FyfrQyEq6oF3
2020-05-20
Python #2:
DONE Lecture content
CLOSED: [2020-05-20 수 22:47]
-
Read thoroughly & do exercises 8 to 14
- Focus on understanding
- You don't have to type everything
- But you should ensure you understand everything
- Commit all source code to ~/ungleich-learning-circle/USERNAME/python-the-hard-way
- Write down notes / what you learned in the python.org file
-
Notify your fellow students when you solved something
- "I just solved exercise 4!"
Lecture material
- Available on https://cloud.ungleich.ch/s/435FyfrQyEq6oF3
2020-05-15
Python #1:
Lecture notes
- Ensure that you have python3 (at least 3.6) installed
- Use emacs for editing source files
- Commit all source code to ~/ungleich-learning-circle/USERNAME/python-the-hard-way
DONE Lecture content
CLOSED: [2020-05-19 화 23:47]
- Read thoroughly & do exercise 0 to 7
- Commit your source code in git
-
Commit every time you have a task done
- Make a new commit in git each time you finish (part of) a task
- Do all exercises
- Notify your fellow students when you solved something
- Ask help to other students when you are stuck (but try to solve on your own before)
Lecture material
- Available on https://cloud.ungleich.ch/s/435FyfrQyEq6oF3
2020-05-15
cdist #6: Glueing it together
Lecture content
Objective
- Apply learnings from the previous cdist sessions
DONE Steps 1: __all_in_one (1.25h)
CLOSED: [2020-05-15 금 23:16]
-
Create a new type named __all_in_one
- Decide yourself whether it is a singleton or not
- Reason why in your cdist.org file
- It should work on alpine, debian and fedora
-
It accepts the following parameters:
- –with-x (boolean)
- –extra-packages (optional multiple)
- On Alpine, it should install netcat-openbsd and tshark
- On Debian, it should install netcat tshark
- On Fedora, it should install nmap-ncat wireshark-cli
- On all operating systems install socat sipcalc sudo
- If the detected operating system is neither Alpine/Debian/Fedora, output an error message and abort the manifest with exit code 1
- Additionally install all packages specified by the –extra-packages parameter
TODO Steps 2: __firewall (1.25h)
- Create a new type __my_firewall
- Add a type explorer to find out whether nft is present on the target system
- Add a required parameter named file
- If the type explorer does not detect nft on the target system, abort with an error message
- Deploy the specified file to /etc/my-nftables
- Add a type explorer that reads the current nft rules
- If the rules are different on the target host, apply the new ruleset by generating code in gencode-remote
- If the filename specified by the file parameter is - (the minus sign), then the type should read from stdin
TODO Step 3: manifest (0.5h)
- Create a new manifest in the folder that contains the initial manifest
- Name the new manifest firewall
- Source the firewall manifest in the initial manifest
-
In the firewall manifest, match on localhost
- Install nftables
- Use the __firewall type
- Use correct require parameter to ensure that nftables is installed before the __firewall type is run
2020-05-13
cdist #5: Generating Code & Exploring
Lecture content
Objective
- Understand how to generate code and when to use it
- Exploring explorers
DONE Code generation steps
CLOSED: [2020-05-14 목 00:54]
- Modify the previously created type __my_nginx_site
- Read about cdist messaging
- If there was a change in the nginx configuration file, reload nginx
DONE Explorer steps
CLOSED: [2020-05-14 목 00:54]
- Modify the __my_nginx_site type to use the os explorer
- Adjust your type to work on Alpine Linux and Debian (or two other Linux distributions of your choice)
- Set the nginx configuration directory accordingly
DONE Documentation
CLOSED: [2020-05-14 목 00:54]
- Explain the following in your cdist.org file
- What is the difference between gencode-remote and the remote code?
- What is the difference between gencode-local and gencode-remote?
- Locate a type that comes with upstream cdist that uses gencode-local - which one is it? Why does it need gencode-local?
2020-05-11
cdist #4: Requirements
Lecture content
Objective
- Understand how requirements work
DONE Create a new type __my_nginx
CLOSED: [2020-05-12 화 02:22]
- Make it a singleton
- Make it install nginx
- Configure a host with it
- Usually nginx is configured includes some files
- On the target host find out which directory nginx includes
- We name this directory nginx_config_dir
DONE Create a new type __my_nginx_site
CLOSED: [2020-05-12 화 02:22]
- Assume the object_id is a domain
- In the __my_nginx_site create a file inside the nginx_config_dir
- The filename is ${domain}.conf
-
When using __file, it should require the nginx package
- Read about cdist dependencies
- The file should be a valid nginx configuration
- The server name should be set to the specified domain
-
The root directive should point to /var/www/html/DOMAIN
- (replace DOMAIN with the actual domain)
DONE Use both types in the initial manifest to configure the target host
CLOSED: [2020-05-15 금 21:07]
- Create at least two domains
DONE Configure the target host
CLOSED: [2020-05-15 금 21:08]
- Verify that the configuration files are properly created
DONE Delete the nginx package manually on the target host
CLOSED: [2020-05-15 금 21:08]
DONE Comment out __my_nginx from the initial manifest, keep the __my_nginx_site
CLOSED: [2020-05-15 금 21:08]
- Explain the error that you get (in your cdist.org file)
2020-05-08
cdist #3: type parameters
Lecture content
DONE Create a new type named __colourful_file
CLOSED: [2020-05-15 금 20:29]
- The objective is to create a type that creates colourful file
- The content of the file should be "colour=…", where "…" is a colour specified by a parameter
- Add an optional parameter named colour
- Use the __file type inside your type to create a file
- Use the $__object_id variable inside your type
DONE Extend your type to be more colourful
CLOSED: [2020-05-15 금 20:29]
- Modify the optional parameter to be able to be specified multiple times
- For each time it is specified, add a line "colour=…" to the file
DONE Create a new type __my_dotfiles
CLOSED: [2020-05-15 금 21:07]
- Objective is to manage the dotfiles in your home directory
- Make it a singleton type
- Create a sub directory files in the type
- Add your .emacs config to the files folder
- Add a for loop to your type to deploy .[A-z]* to your home directory
- Add a .bashrc or .zshrc to the files folder (depending on your shell)
- In the initial manifest, add __my_dotfiles when the target host is localhost
DONE As usual commit all changes to your ungleich-learning-circle repo
CLOSED: [2020-05-15 금 21:07]
2020-05-06
cdist #2: Your first cdist type
Lecture content
Objective
Steps
- Mark the type as a singleton type
- Create a `manifest` file in it
- Use this type to install the following packages: zsh, mosh, emacs, nmap, sipcalc
- Edit the initial manifest and use __my_computer for localhost
- Match using the $__target_host variable
- Ensure that permissions and ownership are correct
- Use magit inside emacs for that
Documentation steps to be done in cdist.org
- Create a new org document named `cdist.org` in the same folder as the learning.org file
- Explain the difference between a singleton and non-singleton type
- Explain the difference between the different verbosity levels
- Document (copy&paste) some of the cdist runs in a "log" section```
2020-05-04
cdist #1: Introduction
Lecture content
Objective
- Begin to use cdist
Steps
- Checkout cdist quickstart https://www.cdi.st/manual/latest/cdist-quickstart.html
- Install cdist locally
- Create a new cdist configuration directory in ~/ungleich-learning-circle/USERNAME/dot-cdist
- Create an empty initial manifest ("use touch")
- Commit that status
- Ensure that you can login as root to localhost via ssh without a password
-
Configure cdist to configures the motd of your localhost
- Ensure you have a case block matching on $__target_host
- Use the -c parameter to cdist to specify the configuration directory
- Use the -vv parameter to get more verbose output
- Search for / understand what MOTD stands for
- Configure cdist to create the file /etc/cdist-configured
- Configure cdist to setup the timezone on your local computer
- Configure cdist to ensure emacs is installed
- Ensure that in the end all changes are committed in your repository
2020-05-01
Organisation #5: Emacs refresher
Lecture content
Objective: get confident with emacs commands
Find out and document how to do the following steps
- Search for something forward C-s
- How to continue searching C-s C-s
- Search for something backward C-r
- Search for regular expressions instead of string (forward, backward) C-M-s C-M-r
- Go to the beginning of the line C-a
- Go to the end of the line C-e
- Delete a word in front (to the right of the cursor) M-d
- Delete a word in back (to the left of the cursor) M-BackSpace
-
List all "occurences" of a word in a file M-s o
- You can copy above instructions into an emacs buffer
- And test it by showing all occurences of the word "Search"
- Search (GREP) for a word in all files in a directory RECURSIVELY M-x rgrep
- Save the CURRENT buffer C-x C-s
- Save ALL open files C-x-s
- Split the window/buffer vertically C-x 2
- Split the window/buffer horizontally C-x 3
- Switch between the different windows C-x o
-
Close all buffers besides the active one C-x 1
- Don't kill it!
- Close only the active buffer C-x 0 -* Don't kill it!
- Kill the active buffer C-x k
-
Describe/Explain the difference between closing and killing
- closing is that emac do not display the buffer. and the contents on the buffer are kept on behined screen.
- killing is that emac delete the buffer. and if contents are not stored, it is losted
-
Switch between buffers that are not shown C-x b
-
Document two very similar, but slightly different ways
- C-x b is that the selected buffer is displayed on the focused window
- C-x C-b is that all buffers is dispalayed on the new window
- C-x 4 b is that the selected buffer is displayed on the new window
-
Outcome
- Document all above commands in your learning org sheet
- Share your documentation at the end of the session (not before)
2020-04-29
Organisation #4: Organising yourself
Lecture content
Objective: have a todo list based on org mode
Steps
-
Configure the "org-directory" to be ~/ungleich-learning-circle/USERNAME/
- This is important as it will be used by the todo function later
-
Extend your function from the organisation #1 session
-
Instead of opening a fixed file, we include two variable parts:
- The hostname of the machine
- The year
-
Pressing F3 should open ~/ungleich-learning-circle/USERNAME/learning-$(hostname)-$(year).org
- we call this "your personal agenda"
-
-
Configure mu4e to create a org-mode tasks from an email
- Store these tasks in ~/ungleich-learning-circle/USERNAME/todo.org
- Configure emacs to open the "org-agenda" with "C-c a"
- List all TODO entries
- List the agenda of the day
- List the agenda of the week
- Bind F8 to open the "org-todo-list"
- Create some sample tasks in it
From now on, maintaining tasks should be
- Pressing F3 to open your personal "logfile"
- Adding a TODO item
- Pressing F8 to see the tasks with priorities
Bonus tasks
- Configure mu4e to store org-mode tasks in …/todo-$(hostname)-$(year).org
2020-04-27
Organisation #3: Managing your emails
Lecture content
Objective
- Be able to manage all your mails in mu4e
Description
- All email is synchronised using isync/mbsync
- Email is indexed with mu (xapian backend)
- Email is viewed in mu4e
- All new emails arrive in the inbox
Steps
- Install mu4e
- Start mu4e in emacs
-
Configure mbsync for your ungleich mail account
- Synchronise all mails into ~/Maildir/ungleich
- This structure leaves room for other mail accounts, like ~/Maildir/gmail
- Verify that mbsync synchronises the mail
- Index mails using `mu` on the command line (only first time)
- Configure mu4e to get email with mbsync -a
-
Configure mu4e to "archive" emails into ~/Maildir/ungleich/YEAR/
- This gives you a good performance / organisation for the next decades
- Configure mu4e/emacs for sending emails
- Send other participants an email via mu4e
- Verify that it arrives
- "Archive" it afterwards
2020-04-24
Organisation #2: Creating, managing and sharing with "magit"
Lecture content
Install "magit" for emacs
Bind C-x g to open magit-status in ~/.emacs
Create a new directory ~/ungleich-learning-circle/ (with emacs)
- Use C-h b in dired mode to find out how to
Create a sub directory ~/ungleich-learning-circle/YOURNAME/ (with emacs)
Move your previously created learning.org file into ~/ungleich-learning-circle/YOURNAME/ (with emacs)
Initialise it with git (with magit)
Create the repo "ungleich-learning-circle" on code.ungleich.ch under your username
Add your remote on code.ungleich.ch to your local git repo with magit
Push your repo
Add a new remote of a another participant
Move your ~/learning.org to ~/notes
Commit that file with magit
Push the repo with magit
Merging the remote repo with the command line
End result: everyone has everything of everyone else
2020-04-23
Organisation #1: org-mode introduction
Lecture content
Install emacs
Install org-mode
Create a function that opens ~/learning.org in your ~/.emacs
Bind that function to "f3" (configure it in .emacs)
Create a new item named "2020-04-10"
- Create a sub item "ungleich learning circle"