Tag Archives: technical

DNSCrypt Setup with PDNSD

Posted on by

0

Here are notes for setting up DNSCrypt on Arch Linux, using pdnsd as a DNS cache, assuming the use of NetworkManager. I needed it one day since the network I was using blocked traffic to external DNS servers (parental controls), and the DNS server provided had an outdated entry for hmmt.co. (My dad then pointed out to me I could have just hard-coded the necessary IP address in /etc/hosts, oops.)

For the whole process, useful commands to test with are:

  • nslookup hmmt.co will tell you the IP used and the server from which it came.
  • dig http://www.hmmt.co gives much more detailed information to this effect. (From bind-tools.)
  • dig @127.0.0.1 http://www.hmmt.co lets you query a specific DNS server (in this case 127.0.0.1).
  • drill @127.0.0.1 http://www.hmmt.co behaves similarly.

First, pacman -S pdnsd dnscrypt-proxy (with sudo ostensibly, but I’ll leave that out here and henceforth).

Run systemctl edit dnscrypt-proxy.socket and fill in override.conf with

[Socket]
ListenStream=
ListenDatagram=
ListenStream=127.0.0.1:40
ListenDatagram=127.0.0.1:40

Optionally, one can also specify which server which DNS serve to use with systemctl edit dnscrypt-proxy.service. For example for cs-uswest I write

[Service]
ExecStart=
ExecStart=/usr/bin/dnscrypt-proxy \
      -R cs-uswest

The empty ExecStart= is necessary, since otherwise systemctl will complain about multiple ExecStart commands.

This thus configures dnscrypt-proxy to listen on 127.0.0.1, port 40.

Now we configure pdnsd to listen on port 53 (default) for cache, and relay cache misses to dnscrypt-proxy. This is accomplished by using the following for /etc/pdnsd.conf:

global {
    perm_cache = 1024;
    cache_dir = "/var/cache/pdnsd";
    run_as = "pdnsd";
    server_ip = 127.0.0.1;
    status_ctl = on;
    query_method = udp_tcp;
    min_ttl = 15m;       # Retain cached entries at least 15 minutes.
    max_ttl = 1w;        # One week.
    timeout = 10;        # Global timeout option (10 seconds).
    neg_domain_pol = on;
    udpbufsize = 1024;   # Upper limit on the size of UDP messages.
}

server {
    label = "dnscrypt-proxy";
    ip = 127.0.0.1;
    port = 40;
    timeout = 4;
    proxy_only = on;
}

source {
    owner = localhost;
    file = "/etc/hosts";
}

Now it remains to change the DNS server from whatever default is used into 127.0.0.1. For NetworkManager users, it is necessary to edit /etc/NetworkManager/NetworkManager.conf to prevent it from overriding this file:

[main]
...
dns=none

This will cause resolv.conf to be written as an empty file by NetworkManager: in this case, the default 127.0.0.1 is used as the nameserver, which is what we want.

Needless to say, one finishes with

systemctl enable dnscrypt-proxy
systemctl start dnscrypt-proxy
systemctl enable pdnsd
systemctl start pdnsd

Shifting PDF’s using gs

Posted on by

0

Some time ago I was reading the 18.785 analytic NT notes
to try and figure out some sections of Davenport that I couldn’t understand.
These notes looked nice enough that I decided I should probably print them out,
But much to my annoyance, I found that almost all the top margins were too tiny, and the bottom margins too big.
(I say “almost all” since the lectures 19 and 24 (Bombieri proof and elliptic curves) were totally fine, for inexplicable reasons).

Thus, instead of reading Davenport like I told myself to, I ended up learning enough GhostScript flags to write the following short script,
which I’m going to share today so that other people can find better things to do with their time.

    #!/bin/bash
    for file in $@
    do
        echo "Shifting $file ..."
        gs \
            -sDEVICE=pdfwrite \
            -o shifted-$file \
            -dPDFSETTINGS=/prepress \
            -c "<</PageOffset [0 -36]>>; setpagedevice" \
            -f $file
    done

The arguments 0 and -36 indicate to not change the left/right margins, but to shift the content vertically downwards by 36pt (a half inch).
Of course, they can and should be adjusted depending on specific task.
Invocation is the standard ./script-name.sh *.pdf (or whatever).

(Aside: ironically, this decreased the file sizes of the affected PDF’s.)

Git Aliases

Posted on by

0

For Git users:

I’ve recently discovered the joy that is git aliases, courtesy of this blog post. To return to the favor, I thought I’d share the ones that I came up with.

For those of you that don’t already know, Git allows you to make aliases — shortcuts for commands. Specifically, if you add the following lines to your .gitconfig:

[alias]
    cm = commit
    co = checkout
    br = branch

Then running git cm will expand as git commit, and git co master is git checkout master, and so on. You can see how this might make you happy because it could save a few keystrokes. But I think it’s more useful than that — let me share what I did.

The first thing I did was add

pu = pull origin
psh = push origin

and permanently save myself the frustration of forgetting to type origin. Not bad. Even more helpful was the command

undo = reset --soft HEAD~1

Thus if I make a commit and then decide I want to undo it, rather than having to remember (or Google) what the correct incantations were, I just have to type git undo. It’s really an undo button!

Now for the fun part — some of Git’s useful commands are pretty verbose and take up lots of space. For example, here’s what git status looks like:
git-status

Kind of verbose if you ask me, and by now I know what “git pull” does. Fortunately, it turns out that there are some options you can run to make this look nicer. All you have to do is say git status -s -b, or in the context of this post, set the alias

ss = status -s -b

Then you get
git-alias-ss

which is much cooler.

Similarly, git log takes up a lot of space. I have the following format, which I’ve edited from the above blog post to suit my own tastes.

ls = log -n 16 --pretty=format:"%C(yellow)%h\\ %C(cyan)[%cn]\\ %C(reset)%s\\ %C(red)%d" --decorate 
ll = log -n 6 --pretty=format:"%C(yellow)%h\\ %C(cyan)[%cn]\\ %C(reset)%s\\ %C(red)%ad" --decorate --date=short --stat

These give in my opinion the much more readable format
git-alias-l

If you’re on a branch that does merges, you might also have fun with

tree = log -n 16 --pretty=format:"%C(yellow)%h\\ %C(cyan)[%cn]\\ %C(reset)%s\\ %C(red)%d" --decorate --graph

which will put these into a graphical tree for your viewing pleasure.

And finally a few more that I find nice, some again taken directly from the link above:

fail = commit --amend # to avoid stupid "oops typo" commits
rb = rebase
rbc = rebase --continue
bis = bisect
dc = checkout --
assume = update-index --assume-unchanged
unassume = update-index --no-assume-unchanged
assumed = "!git ls-files -v | grep ^h | cut -c 3-"

(Here “dc” is short for “discard”, since git dc file discards the changes to that file.) And that’s just the beginning of what you can do!

Pre-emptive answer: I’m also using git-completion (for tab-completing in git) and git-prompt with the line

export PS1='\[33[0;32m\]${debian_chroot:+($debian_chroot)}\u@\h \[33[0;33m\]\w$(__git_ps1 " \[33[1;31m\]#%s")\n\[33[0m\]\$ '

in my bashrc. That’s where the branch indicators are coming from. The terminal is XFCE4.