Hugo Peixoto

Fixing hugopeixoto.net

Published on May 03, 2020

Table of contents

Today’s goal is to automate everything that’s running on the server hosting hugopeixoto.net.

I forgot to update the credit card number on my digital ocean account and almost lost the server. This is not the first time something like this happens, so I want to work towards reducing the anxiety from not having the servers under control.

Overview

I know I have a few website domains pointing to it:

I will decommission some of these.

The only file in /root/, apart from random dot files, is colorcheck.sh. That script is already versioned in https://github.com/hugopeixoto/dotfiles/blob/master/bin/colorcheck, so this seems clean.

hugopeixoto.net

This is being served of /srv/www/hugopeixoto.net/public. Most of its content comes from compiling https://github.com/hugopeixoto/hugopeixoto.net, but I know I also use it as a temporary sharing place for random files. Let’s see how much do I have in unversioned content here:

1
2
3
4
5

root@server:/srv/www/hugopeixoto.net# du -sh .
269M    .

hugopeixoto@laptop:~/w/p/hugopeixoto.net$ du -sh build/
568K    build/

So, ~270 megabytes of unversioned stuff. I think it’s mostly previews of the porto codes talks I was editing.

Sidenote: I should apt upgrade while I’m here. I need to set up automatic upgrades on this thing. I’ll need to reboot when I’m done.

I can delete these preview files. I have the original stuff, I don’t need these. Some of them are accidentally sped up, which is kind of funny, but I probably won’t look at this again.

1
2

root@server:/srv/www/hugopeixoto.net/public# du -sh .
9.4M     .

Better. Let’s look at what’s left:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

root@server:/srv/www/hugopeixoto.net/public# du -sh * | sort -h
4.0K    2020-05-03.txt
4.0K    about.html
4.0K    articles.html
4.0K    contact.html
4.0K    index.html
4.0K    rouge.css
4.0K    site.css
4.0K    wat.html
8.0K    favicon.ico
136K    articles.xml
160K    articles
200K    talks
480K    images
640K    mob
7.7M    screenshots

2020-05-03.txt is this file, which I’m hosting here temporarily. It’s already version controlled, so no problem there. wat.html was a way to get some javascript online to test some properties on different mobile browsers. Trashed.

I’m left with mob/, talks/, and screenshots/. The first one contains a asciinema of something I was working on, related to makeorbreak.io. I have the .cast file backed up on my work/makeorbreak.io/ directory, and whomever needed to see this has already done so. Trashing it as well. screenshots/ is a workaround while I don’t re-setup my image sharing service. These are all trash. Removing them. talks/ contains the slides of a presentation I worked on last week. I shared these with some folks, so I want to keep this for now.

Sidenote: I used to have a talks/index.html with links to the slides of my talks, but it must have been on the previous host. I need to restore that.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

root@server:/srv/www/hugopeixoto.net/public# du -sh *
4.0K    2020-05-03.txt
4.0K    about.html
160K    articles
4.0K    articles.html
136K    articles.xml
4.0K    contact.html
8.0K    favicon.ico
480K    images
4.0K    index.html
4.0K    rouge.css
4.0K    site.css
200K    talks
# du -sh . --exclude talks
816K    .

Still a bit over the 568K. Turns out I have a images/ directory inside the images/ directory, due to a bug in my homepage’s build system. Removing it.

1
2

root@server:/srv/www/hugopeixoto.net/public# du -sh . --exclude talks --exclude 2020-05-03.txt
572K    .

Close enough. The difference is probably related to block sizes. Let’s be sure:

1
2
3
4

hugopeixoto@laptop:~/w/p/h/build$ find . -type f -not -path "./talks/*" -not -path "./2020-05-03.txt" | xargs cat | wc -c
514351
root@server:/srv/www/hugopeixoto.net/public# find . -type f -not -path "./talks/*" -not -path "./2020-05-03.txt" | xargs cat | wc -c
517351

Confirmed. There was no relevant content that needed to be backed up in this directory, yay!

Let’s continue exploring /srv/www/:

1
2
3
4
5
6
7
8

root@server:/srv/www# du -sh *
16K     default
36K     git.hugopeixoto.net
788K    hugopeixoto.net
12G     media.porto.codes
256K    recipes.hugopeixoto.net
6.0M    slack.hugopeixoto.net
20M     traduz.debian.hugopeixoto.net

I’m using default/ to handle let’s encrypt certificate confirmations. git.hugopeixoto.net has some cgit files. I remember something about cgit having a vulnerability. Let’s look that up.

git.hugopeixoto.net

OK, it seems like there was a directory traversal bug in 2018: https://www.cvedetails.com/cve/CVE-2018-14912/

My cgit version seems to be from 2015. Uff. There are three more vulnerabilities in 2016. I don’t even know how I got this configured. There seems to be no cgit source in /srv/, nor in /home/git/. I must have compiled it on my desktop or laptop and rsynced the binary there. Searching. I usually keep third party software sources in $HOME/work/contrib/.

Confirmed. Found it on an old hard drive that held my desktop’s installation:

1
2
3
4
5
6
7
8
9
10

hugopeixoto@desktop:/m/h/h/h/w/c/cgit$ git log -n 1
commit 2eb41c4665ad6866c8893668263c401d7b0ffc5d (HEAD -> master, origin/master, origin/HEAD)
Author: Christian Hesse <mail@eworm.de>
Date:   Thu May 14 13:47:28 2015 +0200

    git: update to v2.4.1

    Update to git version v2.4.1, no changes required.

    Signed-off-by: Christian Hesse <mail@eworm.de>

Quite old. Good thing it’s not running. I have a systemd service description for cgit in /lib/systemd/system/cgit.service, but it doesn’t start automatically. I am tempted to start it temporarily just to see if that’s enough to bring it back up. Yep, it worked. I brought it back down again, though.

Do I want to keep this? My goal with cgit was to keep a copy of my git repositories outside of github, and to have a place where to keep private repositories (back when github was only for public stuff). Do I still care about that? I had gitolite set up to allow a couple of friends to collaborate with me, but I think that if I were to do this today, we’d all be using github.

What are the downsides of maintaining this? It’s another piece of software to update. What if I try an alternative to cgit? I know that there is a tool that generates a static website, instead of serving it live. Found it:

Stagit: https://git.codemadness.org/stagit/

On one hand, serving this as static files sounds tempting and easier to maintain. On the other hand, I’ll lose a bunch of features. But I don’t really use this at all, so does it matter?

Let’s see if cgit is in the repositories.

1
2
3
4
5
6
7
8
9
10
11

root@server:/srv/www# apt search cgit
Sorting... Done
Full Text Search... Done
cgit/xenial 0.11.2.git2.3.2-1.1 amd64
  hyperfast web frontend for git repositories written in C

ticgit/xenial,xenial 1.0.2.17-2build1 all
  ticketing system built on Git

ticgitweb/xenial,xenial 1.0.2.17-2build1 all
  web interface to ticgit

Seems like it. I’ll remove my custom built version and install this one. Moving to stagit would require some time to set it up and some decision paralysis would surely pop up.

Hm, /home/cgit/ has a .well-known/ directory. Is /srv/www/ a symlink to /home/cgit/?

1
2
3
4
5
6
7
8
9
10
11

root@server:/srv/www# ls -lah
total 36K
drwxr-xr-x 9 root       root       4.0K Apr 30 17:38 .
drwxr-xr-x 3 root       root       4.0K Feb 20  2016 ..
drwxr-xr-x 3 root       root       4.0K Dec 28  2016 default
drwxr-xr-x 3 root       root       4.0K Sep 17  2016 git.hugopeixoto.net
drwxr-xr-x 4 git        git        4.0K Nov 15 11:24 hugopeixoto.net
drwxr-xr-x 7 portocodes portocodes 4.0K Apr 19  2017 media.porto.codes
drwxr-xr-x 3 root       root       4.0K Apr 30 17:38 recipes.hugopeixoto.net
drwxr-xr-x 4 root       root       4.0K Sep 17  2016 slack.hugopeixoto.net
drwxr-xr-x 5 root       root       4.0K May 14  2016 traduz.debian.hugopeixoto.net

Wat. Why is hugopeixoto.net owned by the git user? Anyway, git.hugopeixoto.net does not seem to be a symlink. Let me check if the directory is referenced somewhere in /etc/.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

root@server:/srv/www# fgrep -r /home/cgit /etc/
root@server:/srv/www# fgrep -r cgit /etc/
/etc/apache2/conf-available/cgit.conf:ScriptAlias /cgit/ "/usr/lib/cgit/cgit.cgi/"
/etc/apache2/conf-available/cgit.conf:RedirectMatch ^/cgit$ /cgit/
/etc/apache2/conf-available/cgit.conf:Alias /cgit-css "/usr/share/cgit/"
/etc/apache2/conf-available/cgit.conf:<Directory "/usr/lib/cgit/">
/etc/nginx/sites-available/git.hugopeixoto.net:         try_files $uri @cgit;
/etc/nginx/sites-available/git.hugopeixoto.net: location @cgit {
/etc/nginx/sites-available/git.hugopeixoto.net:                 fastcgi_param SCRIPT_FILENAME /home/git/cgit/cgit;
/etc/init/cgit.conf:env CGIT_CONFIG=/home/git/cgit/cgitrc
/etc/init/cgit.conf:exec /usr/sbin/fcgiwrap -s tcp:127.0.0.1:3001 -p /home/git/cgit/cgit
/etc/cgitrc:# cgit config
/etc/cgitrc:# see cgitrc(5) for details
/etc/cgitrc:css=/cgit-css/cgit.css
/etc/cgitrc:logo=/cgit-css/cgit.png

Huh, do I have both nginx and apache2 installed?

1

root@server:/srv/www# dpkg -l | grep apache

OK, it’s not installed. It was just cgit that placed a config there, in case I ever install it. Thanks, I guess. Not sure if I can remove /etc/init/cgit.conf. That’s a file I wrote, and there doesn’t seem to be anything set up by default by the cgit package. I’m guessing they’re expecting me to use it with apache and let it manage the process instead of having a standalone fcgi service. That’s fine. Let me update the config to point to the newly installed files:

1
2
3
4
5
6
7
8
9

# diff /etc/init/cgit.conf.old /etc/init/cgit.conf
10c10
< env CGIT_CONFIG=/home/git/cgit/cgitrc
---
> env CGIT_CONFIG=/etc/cgitrc
12c12
< exec /usr/sbin/fcgiwrap -s tcp:127.0.0.1:3001 -p /home/git/cgit/cgit
---
> exec /usr/sbin/fcgiwrap -s tcp:127.0.0.1:3001 -p /usr/lib/cgit/cgit.cgi

I should also check the cgitrc file.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

# diff /home/git/cgit/cgitrc /etc/cgitrc
1,2c1,3
< css=/cgit.css
< logo=/cgit.png
---
> #
> # cgit config
> # see cgitrc(5) for details
4c5,6
< robots=noindex, nofollow
---
> css=/cgit-css/cgit.css
> logo=/cgit-css/cgit.png
6,20d7
< virtual-root=/
<
< root-title=git repositories
< root-desc=
<
< remove-suffix=1
< enable-index-owner=0
< enable-git-config=1
< readme=:README
< about-filter=/home/git/cgit/txt2html.sh
<
< project-list=/home/git/projects.list
< clone-url=git://git.hugopeixoto.net/$CGIT_REPO_URL https://git.hugopeixoto.net/$CGIT_REPO_URL
<
< scan-path=/home/git/repositories/

So I had a bunch of configs. I need to tweak this, then.

OK, that didn’t work. I copied most of the old config onto the new path, reloaded the systemd configuration with systemd daemon-reload, and started it, but the logs tell me that it “failed to bind: address already in use”.

Running lsof -i and netstat -ln doesn’t seemto show aything bound to 3001. There is this, though:

1

unix  2      [ ACC ]     STREAM     LISTENING     10571    /run/fcgiwrap.socket

Could it be related?

1
2

root@server:/srv/www# lsof | grep fcgiwrap
systemd       1                   root   29u     unix 0xffff88001b815880      0t0      10571 /run/fcgiwrap.socket type=STREAM

No clue what’s going on. Why is this bound to PID 1? OK, I’m rebooting this.

Rebooted, I can still get in. The lsof thing is still there. Maybe it’s unrelated. Running service cgit start starts cgit from the old /home/ path. Am I editing the wrong service definition?

There’s still a reference to the old filename in /etc/nginx/sites-available/git.hugopeixoto.net. Is this related somehow? I don’t think it is, because of this:

1
2
3
4
5
6
7
8

root@server:~# ps aux | grep cgit
root      1130  0.0  1.2  54164  6304 pts/0    T    12:38   0:00 vim /etc/init/cgit.conf
root      1323  0.0  0.1  14216   976 pts/0    S+   12:42   0:00 grep --color=auto cgit
root@server:~# service cgit start
root@server:~# ps aux | grep cgit
root      1130  0.0  1.2  54164  6304 pts/0    T    12:38   0:00 vim /etc/init/cgit.conf
git       1354  0.0  0.1  25248   948 ?        Ss   12:42   0:00 /usr/sbin/fcgiwrap -s tcp:127.0.0.1:3001 -p /home/git/cgit/cgit
root      1356  0.0  0.1  14216   976 pts/0    S+   12:42   0:00 grep --color=auto cgit

The line looks like what was stored in /etc/init/cgit.conf. Is it storing a cached version somewhere? Am I misremembering how to reload systemd definitions?

From https://serverfault.com/questions/700862/do-systemd-unit-files-have-to-be-reloaded-when-modified:

After you make changes to your unit file, you should run systemctl daemon-reload […].

This is what I remembered, but it doesn’t seem to work. I replaced the exec line with exec yes and it still shows up the fcgiwrap thing. Let’s try to see what systemd thinks it knows (https://linuxhint.com/list_service_systemd/).

OK, got it. /lib/systemd/system/cgit.service. This contains outdated information. Am I supposed to edit this file directly? I don’t think so. Should this be a symlink to /etc/init/cgit.conf? Nginx does not seem to be a symlink, for example. Checking my history:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

root@server:~# history | grep lib/systemd
 927  vim /etc/init/slackin.conf /lib/systemd/system/slackin.service
 928  vim /etc/init/slackin.conf /lib/systemd/system/slackin.service -p
1065  vim  -p /lib/systemd/system/slackin.service traduz.conf /lib/systemd/system/traduz.service
1067  vim  -p /lib/systemd/system/slackin.service cgit.conf /lib/systemd/system/cgit.service
1084  cat /lib/systemd/system/cgit.service
1085  cat /lib/systemd/system/slackin.service
1779  vim /lib/systemd/system/cgit.service
1898  ls /lib/systemd/
1899  ls /lib/systemd/system
1901  ls /lib/systemd/system/cgit
1902  ls /lib/systemd/system/cgit.service
1903  ls -lah /lib/systemd/system/cgit.service
1904  vim /lib/systemd/system/cgit.service
1905  history | grep lib/systemd

Well this is suspicious. I created those files manually, for some reason. Why did I have /etc/init/cgit.conf? Was this from when I used upstart? Googling again.

https://unix.stackexchange.com/questions/206315/whats-the-difference-between-usr-lib-systemd-system-and-etc-systemd-system

1
2
3
4
5

│/etc/systemd/system │ Local configuration         │
├────────────────────┼─────────────────────────────┤
│/run/systemd/system │ Runtime units               │
├────────────────────┼─────────────────────────────┤
│/lib/systemd/system │ Units of installed packages │

So, to start with, I should have probably have added this to /etc/systemd/system/, not /lib/systemd/system/. But what's up with /etc/init/`?

https://wiki.ubuntu.com/SystemdForUpstartUsers

Example Upstart Service /etc/init/foo.conf: [..]

Example Systemd service /lib/systemd/system/foo.service: […]

This confirms it. Moving slackin and cgit to /etc/systemd/system/ and removing those copies in /etc/init/.

1
2
3

root@server:~# ps aux | grep cgit
git       2395  0.0  0.1  25248   948 ?        Ss   13:02   0:00 /usr/sbin/fcgiwrap -s tcp:127.0.0.1:3001 -p /usr/lib/cgit/cgit.cgi
root      2426  0.0  0.1  14216   980 pts/0    S+   13:03   0:00 grep --color=auto cgit

Now that the right service is running, checking git.hugopeixoto.net and…

1

403 forbidden

Sidenote: I noticed that this file, served on hugopeixoto.net, is not rendering utf-8 properly. Let me configure nginx to set the default encoding to utf-8. Sprinkled charset UTF-8; in every server block under /etc/nginx/sites-enabled and we’re good to go.

18:14. Taking a longer break. 19:37. Back for a short period of time.

Oh, I had something referencing /home/git/cgit in nginx. Let me quickly fix that. It worked.

Now I’m missing CSS and the logo. This will be tweaking /etc/cgitrc and potentially change nginx to serve some files from cgit’s installation.

1
2
3
4

root@server:~# find /usr/ -name cgit.css
/usr/share/cgit/cgit.css
root@server:~# ls /usr/share/cgit/
cgit.css  cgit.png  favicon.ico  robots.txt

I can point nginx directly to /usr/share/cgit/ and add my logo there. I don’t like overriding something in /usr/, though. Does nginx support multiple roots? I can always use try_files.

So, the <img> tag currently points to https://git.hugopeixoto.net/cgit-css/cgit.png. This matches the /etc/gitrc css=css/cgit.css config. I’m just copying over the files I need into my /srv/www/git.hugopeixoto.net/public/ directory and be done with it.

I’m definitely creating either a docker image or a git repository to store these configs, logos and css. The font seems a bit small by default, so I will probably have to tweak that as well.

Making a git repo now. I had a repo for the gitolite stuff, should I use the same? Maybe I’ll unify these in the future, but I’m starting with separate ones for now.

How do I add a new repo to this, again? Checking a clone of a repo I know it’s there, on an old drive.

Cool, it tries to connect with an old SSH key, and I don’t remember the passphrase. Trying a few. No luck so far. I could replace it with a fresh key, but I’m going to obsess over not knowing this passphrase. It’s not on my password manager.

22:20 I’ll continue tomorrow. 00:05 Back, still trying to remember it.

Trying to see if I accidentally typed it in bash, where I can find it in bash_history.

ssh git.hugopeixoto.net -lroot ssh-add ~/.ssh/ndrive_rsa

Right, thanks :x I’m just looking at my keyboard trying to conjure the passphrase out of thin air. Attempting to brute force a couple of attempts, and logging every attempt so that I don’t try them all again tomorrow.

I got nothing. Moving on, let’s try again tomorrow.

Going back to git.hugopeixoto.net, it’s now up again. It seems that repositories are in /home/git/repositories. What else lives in this home directory that can be deleted?

1
2

root@server:/home/git# ls
bin  cgit  gitolite  hpeixoto.pub  projects.list  repositories

There’s the hpeixoto.pub again. This is yet another copy of the pubkey whose private key I can’t unlock. Teasing me. It seems that I used this to initialize gitolite:

1
2
3

.bash_history:cat authorized_keys > hpeixoto.pub
.bash_history:gitolite setup hpeixoto.pub
.bash_history:gitolite setup -pk hpeixoto.pub

I can probably remove this. I have tons of copies of this pubkey, and I shouldn’t be using it anyway.

Removing cgit, since it’s the previous instalation location.

I can probablyremove projects.list. It’s a file that lists a couple of repositories. Oops, I renamed it. It’s used by cgit to know which projects are public, apparently. Confirmed,it’s on cgitrc:

1

project-list=/home/git/projects.list

Do I have to add an entry here every time? This sounds boring. This file is probably handled by gitolite. Let me check the gitolite-admin repo. Ah, from the gitolite documentation, this file is automatically written with a list of repositories that have a gitweb configuration set.

Sounds dangerous. Nevertheless, this file doesn’t need to be backed up or removed. That leaves bin/ and gitolite/, both related to gitolite’s installation.

I feel like I’m done with the git part. The only thing left is to unlock that cursed key.

What else is on /srv/www/?

media.porto.codes

This is and old staging area for both porto codes and conversas em código recordings. I probably backed them all up to S3. I have a copy on my desktop. Let’s see if I can match every file.

1
2
3
4

root@server:/srv/www/media.porto.codes# du -sh .
12G     .
root@server:/srv/www/media.porto.codes# ls
backups  incoming  podcast  poop  talks

Sidenote: backups, my favourite directory name. i must have hundreds of directories with this name, all nested inside each other.

1
2
3

hugopeixoto@desktop:/m/d/porto.codes$ du -sh podcast/media.porto.codes*
9.2G    podcast/media.porto.codes
6.4G    podcast/media.porto.codes.2

Well, this is a start. I know that I already messed with the meetup recordings structure, so that part won’t be as easy to match. Let’s start with the podcast material, then.

1
2
3
4
5
6

hugopeixoto@desktop:/m/d/p/podcast$ ls media.porto.codes*
media.porto.codes:
podcast

media.porto.codes.2:
backups  incoming  podcast  poop

This is looking good. 4 out of 5.

1
2
3
4
5
6
7
8
9
10
11

root@server:/srv/www/media.porto.codes# du -s *
711936  backups
2910212 incoming
2634880 podcast
387312  poop
5578096 talks
hugopeixoto@desktop:/m/d/p/p/media.porto.codes.2$ du -s *
711900  backups
2910160 incoming
2634460 podcast
387272  poop

Directory sizes are practically the same.

1
2
3
4

irb(main):001:0> server = [711936, 2910212, 2634880, 387312]
irb(main):002:0> desktop = [711900, 2910160, 2634460, 387272]
irb(main):004:0> server.zip(desktop).map{|a,b|a-b}
=> [36, 52, 420, 40]

Last time I had to mess with sort using the system’s locale to determine order, so here I’m setting LC_ALL=C to use byte order in both computers.

1
2
3
4

hugopeixoto@desktop:/m/d/p/p/media.porto.codes.2$ find . -type f | LC_ALL=C sort | sha256sum
6f7739ceae6bc2825ea8ae99867749d85f7b35a9fce8f04e43fbb92df146be88  -
root@server:/srv/www/media.porto.codes# find . -type f -not -path "./talks/*" | LC_ALL=C sort | sha256sum
6f7739ceae6bc2825ea8ae99867749d85f7b35a9fce8f04e43fbb92df146be88  -

Same thing. So I can delete everything from the server, except talks/, as it’s already backed up. I hate this part, where I delete important things from places.

Done. Now what’s up with talks/? ls shows me a dozen or so files. This should be quick. They look like old files, 2016 and older. Let’s sha256sum and search for their counterparts in my desktop.

1
2
3
4
5
6
7
8
9
10
11
12
13
14

root@server:/srv/www/media.porto.codes/talks# sha256sum *
6222a940edcdd62f690749fe4c6e123d73a62246ace4f04a5979ef91a74e021a  2016-02-17 20-21-04.flv
2c6c1a17fd5fbc31340b7a996efba1f2e944f52d2a3c27b07254b59331c0de56  2016-02-17 21-00-54.flv
f9f76c500dcc45ef9c325894019211ca69d599e0ec7a5a863d8c75dc89c6d947  2016-03-cascalheira-phoenix.flv
aeb2c842e0ae320ae289af82255a35b9c25279e79532b75787541bac4378da26  2016-04-20 20-28-12.flv
9504c6d990b8fd8052b3dc5f74fdc3b1e9559a779703d330ea56ed498d0824c9  a11y-zamith.mov
6d86f51186825bbb500046a7f35173370bf4348406a5f779d17074d53d578677  ApeyEye.flv
62b343ab4d89ee11b469a16f5a27101fd05f86420711e2469fe32f7c5be08b4a  camel-presentation.mov
e233065903a1b171d5bc9234d06a8799eab1960b39944f4187110f08765b60d7  ismael_elixir.mov
14796679bba88b405e7283f8823d98e78d5656c469d55456dec02925fda0de7e  MeetupPolymerSW.mov
e8b95230b7edb9cde8a4d2c9caa7616b5e6a07f73523db1f2bab18e6cc4bf339  portorb.mov
2ae553a0590a852613b1f16b114012dd0be87dbc24311a6e85f9f5f59b8367f8  React in Rails.pdf
40fe5cac24d4e3763aedaa2daded9c305cc3a8a0294e28a7a56a551d5eb19498  react_on_rails_17_02_2016.mov
5dc86e87eb8fa844f94fda4bd09efd364cde499d02efa5a8ab99209701bc8486  ruby-meetup_presentation-recording_maria-monteiro.mov

I recognize most of these. Running something similar on the desktop:

1
2
3
4
5
6

hugopeixoto@desktop:/m/d/p/meetup$ find 201{5,6} -type f -print0 | xargs -0 -n1 sha256sum
6d86f51186825bbb500046a7f35173370bf4348406a5f779d17074d53d578677  2015/2015-06-18/ApeyEye.flv
14796679bba88b405e7283f8823d98e78d5656c469d55456dec02925fda0de7e  2015/2015-06-18/MeetupPolymerSW.mov
9504c6d990b8fd8052b3dc5f74fdc3b1e9559a779703d330ea56ed498d0824c9  2015/2015-06-18/a11y-zamith.mov
e233065903a1b171d5bc9234d06a8799eab1960b39944f4187110f08765b60d7  2015/2015-05-28/ismael_elixir.mov
...

I already see some matches. I’ll store the desktop hashes in a file and search for the server’s hashes in there, one by one, manually. If everything has a match, I’ll delete the whole server directory.

Got a match for every file. That was quick. Deleting /srv/www/media.porto.codes/. Checking for hidden files before pressing the trigger. I’ll also remove any nginx entries for this domain. I’ll need to remove it from the DNS as well, but that can wait.

What’s left?

1
2
3
4
5
6
7

root@server:/srv/www# du -sh *
16K     default
36K     git.hugopeixoto.net
800K    hugopeixoto.net
256K    recipes.hugopeixoto.net
6.0M    slack.hugopeixoto.net
20M     traduz.debian.hugopeixoto.net

I set up recipes yesterday, so that’s pretty clean. Slackin seems to be working OK, so I’ll just remove pokegopt’s entry, since that doesn’t exist anymore. I should keep a copy of the settings file somewhere. Done.

Does traduz even work?

traduz.debian.hugopeixoto.net

This seems to be a single binary server, so it’s probably a go rewrite of my original rails implementation.

When I access https://traduz.debian.hugopeixoto.net/, I can see the search bar, but searching does nothing. The endpoint is returning 502. I also see some react warnings. Cool.

Is there a systemd or upstart unit for this? Let’s find out, now that I know where to look.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

# cat /lib/systemd/system/traduz.service
[Unit]
Description=Debian Traduz server

[Service]
Type=simple
User=root
Group=root
WorkingDirectory=/srv/www/traduz.debian.hugopeixoto.net
ExecStart=/srv/www/traduz.debian.hugopeixoto.net/server
# cat /etc/init/traduz.conf
description "debian-traduz webservice"

start on (local-filesystems and runlevel [2345])
stop on runlevel [06]

setuid root
setgid root

chdir /srv/www/traduz.debian.hugopeixoto.net

exec ./server

Here we go again. I’ll move the system one to the proper directory on /etc/. A daemon-reload and traduz start after, it seems to work!

This is similar to what linguee does, but specific to debian package translations. Also, older than linguee. :P

There’s a config/settings.json file, which was a very common pattern in my webservers ~5 years ago. The public/ directory contains html and js, and the files/ directory contains the translation files.

I have no idea how the files/ directory got here. Let’s see if I have any records of it in the desktop.

Found this in a random bash_history file:

1

rsync -r files root@git.hugopeixoto.net:/srv/www/traduz.debian.hugopeixoto.net/

So this means I have a script to fetch these and I just sync them manually to the server. There’s a fetcher/ directory here: https://github.com/hugopeixoto/debian-traduz

I consider this backed up. So this means I’m done with /srv/www/.

what else is missing?

No postgresql installed, no random files in user homes. I think the only thing left is to decide what to do with the git server. I could also make sure that I have copies of every repository that’s hosted here.

This last part bothers me a lot. I always feel like I don’t have a complete mind map of all the stuff I created, and it never feels organized. Part of this is what led me to create the untracked tool:

https://github.com/hugopeixoto/untracked

Sidenote: Maybe this is a good project to rewrite in rust. And I should really add some tests. I remember breaking this with every change. Part of the problem is that I have some idea of what it should do, but I never formalized it.

Do I want to move every service to a docker container? It kind of makes me sad, but dealing with this /lib/ /etc/init/ systemd shenanigans kind of make me want to do it.

I should have a private repository, or something, that allows me to easily upload something to hugopeixoto.net for sharing. I do that a lot, just by rsyncing random stuff, and I lose track of what’s there fast.

There’s also dl.hugopeixoto.net, my self-hosted version of cloudapp, which I’d like to revive. But then I’d need to rebuild the android app, and having to touch the android tooling makes me anxious. Last time I touched android stuff, I tried to build an app inside a docker image, using only free software, but I hit some issues with openjdk.

So, this is what’s currently running on this server:

1
2
3
4
5
6
7
8

hugopeixoto.net                  https://github.com/hugopeixoto/hugopeixoto.net
hugopeixoto.net/talks            ~/work/personal/talks
hugopeixoto.net/2020-04-03.txt   ~/notes/journal/2020-05-03.txt
git.hugopeixoto.net              ~/work/personal/gitolite-admin + ~/work/personal/cgit
invite.porto.codes               https://github.com/hugopeixoto/slackin
slack.ptgamedev.hugopeixoto.net  https://github.com/hugopeixoto/slackin
traduz.debian.hugopeixoto.net    https://github.com/hugopeixoto/traduz-debian
recipes.hugopeixoto.net          ~/work/personal/recipes

What tasks are left?

endless todo material

Looking at this list, it looks like I didn’t do much today. Weird.