forked from Skynet/wiki
Compare commits
24 commits
Author | SHA1 | Date | |
---|---|---|---|
3ca52f0a3d | |||
0262d4dc8f | |||
a32b3ced29 | |||
8212fa7780 | |||
fcac8c2448 | |||
029a181e7e | |||
eef7877d25 | |||
4389f2a3fa | |||
741bd1d948 | |||
e749191a47 | |||
a0c503896a | |||
550748da77 | |||
d98c090fb7 | |||
e74e31752a | |||
ab0add4475 | |||
af4536e924 | |||
cf3853c2db | |||
60207b612e | |||
52b8dd70da | |||
20d3a3c683 | |||
d272a03ee0 | |||
92ea4b1319 | |||
fbf15057e0 | |||
e2ac80381e |
23 changed files with 543 additions and 75 deletions
|
@ -10,6 +10,7 @@ on:
|
||||||
- .forgejo/**/*
|
- .forgejo/**/*
|
||||||
- mkdocs.yml
|
- mkdocs.yml
|
||||||
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
# Build it locally, this helps caching for later
|
# Build it locally, this helps caching for later
|
||||||
build:
|
build:
|
||||||
|
|
1
.gitattributes
vendored
1
.gitattributes
vendored
|
@ -39,6 +39,7 @@ eol=lf
|
||||||
|
|
||||||
# Misc
|
# Misc
|
||||||
*.zip filter=lfs diff=lfs merge=lfs -text
|
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.tar.gz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
|
||||||
|
|
||||||
# ET4011
|
# ET4011
|
||||||
|
|
3
.githooks/post-checkout
Executable file
3
.githooks/post-checkout
Executable file
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/sh
|
||||||
|
command -v git-lfs >/dev/null 2>&1 || { echo >&2 "\nThis repository is configured for Git LFS but 'git-lfs' was not found on your path. If you no longer wish to use Git LFS, remove this hook by deleting the 'post-checkout' file in the hooks directory (set by 'core.hookspath'; usually '.git/hooks').\n"; exit 2; }
|
||||||
|
git lfs post-checkout "$@"
|
3
.githooks/post-commit
Executable file
3
.githooks/post-commit
Executable file
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/sh
|
||||||
|
command -v git-lfs >/dev/null 2>&1 || { echo >&2 "\nThis repository is configured for Git LFS but 'git-lfs' was not found on your path. If you no longer wish to use Git LFS, remove this hook by deleting the 'post-commit' file in the hooks directory (set by 'core.hookspath'; usually '.git/hooks').\n"; exit 2; }
|
||||||
|
git lfs post-commit "$@"
|
3
.githooks/post-merge
Executable file
3
.githooks/post-merge
Executable file
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/sh
|
||||||
|
command -v git-lfs >/dev/null 2>&1 || { echo >&2 "\nThis repository is configured for Git LFS but 'git-lfs' was not found on your path. If you no longer wish to use Git LFS, remove this hook by deleting the 'post-merge' file in the hooks directory (set by 'core.hookspath'; usually '.git/hooks').\n"; exit 2; }
|
||||||
|
git lfs post-merge "$@"
|
4
.githooks/pre-commit
Executable file
4
.githooks/pre-commit
Executable file
|
@ -0,0 +1,4 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
tar czf _git.tar.gz --exclude .git/lfs .git
|
||||||
|
git add _git.tar.gz
|
3
.githooks/pre-push
Executable file
3
.githooks/pre-push
Executable file
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/sh
|
||||||
|
command -v git-lfs >/dev/null 2>&1 || { echo >&2 "\nThis repository is configured for Git LFS but 'git-lfs' was not found on your path. If you no longer wish to use Git LFS, remove this hook by deleting the 'pre-push' file in the hooks directory (set by 'core.hookspath'; usually '.git/hooks').\n"; exit 2; }
|
||||||
|
git lfs pre-push "$@"
|
9
LICENSE
Normal file
9
LICENSE
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
MIT License
|
||||||
|
|
||||||
|
Copyright (c) 2024 Skynet
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
10
README.md
10
README.md
|
@ -1,7 +1,17 @@
|
||||||
# Skynet Wiki
|
# Skynet Wiki
|
||||||
[Wiki for Skynet][1]
|
[Wiki for Skynet][1]
|
||||||
|
|
||||||
|
|
||||||
Uses [mkdocs][2] to generate the site.
|
Uses [mkdocs][2] to generate the site.
|
||||||
|
|
||||||
[1]: https://wiki.skynet.ie
|
[1]: https://wiki.skynet.ie
|
||||||
[2]: https://www.mkdocs.org
|
[2]: https://www.mkdocs.org
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## Hooks
|
||||||
|
Run this command to set up the hooks properly so teh git information can be stored within the repo
|
||||||
|
|
||||||
|
```bash
|
||||||
|
git config --local core.hooksPath .githooks/
|
||||||
|
```
|
BIN
_git.tar.gz
(Stored with Git LFS)
Normal file
BIN
_git.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
|
@ -19,6 +19,8 @@
|
||||||
packages = with pkgs.python3Packages; [
|
packages = with pkgs.python3Packages; [
|
||||||
mkdocs
|
mkdocs
|
||||||
mkdocs-material
|
mkdocs-material
|
||||||
|
mkdocs-git-authors-plugin
|
||||||
|
mkdocs-git-revision-date-localized-plugin
|
||||||
];
|
];
|
||||||
in {
|
in {
|
||||||
formatter = alejandra.defaultPackage.${system};
|
formatter = alejandra.defaultPackage.${system};
|
||||||
|
@ -26,7 +28,7 @@
|
||||||
name = "skynet-wiki";
|
name = "skynet-wiki";
|
||||||
src = self;
|
src = self;
|
||||||
buildInputs = packages;
|
buildInputs = packages;
|
||||||
buildPhase = "mkdocs build";
|
buildPhase = "tar -zxf _git.tar.gz && mkdocs build";
|
||||||
installPhase = "mkdir -p $out; cp -R site/* $out;";
|
installPhase = "mkdir -p $out; cp -R site/* $out;";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
30
mkdocs.yml
30
mkdocs.yml
|
@ -1,6 +1,36 @@
|
||||||
site_name: Skynet Wiki
|
site_name: Skynet Wiki
|
||||||
site_url: https://wiki.skynet.ie
|
site_url: https://wiki.skynet.ie
|
||||||
repo_url: https://forgejo.skynet.ie/Skynet/wiki
|
repo_url: https://forgejo.skynet.ie/Skynet/wiki
|
||||||
|
edit_uri: src/branch/main/src
|
||||||
docs_dir: ./src/
|
docs_dir: ./src/
|
||||||
theme:
|
theme:
|
||||||
name: material
|
name: material
|
||||||
|
palette:
|
||||||
|
# Palette toggle for light mode
|
||||||
|
- scheme: default
|
||||||
|
toggle:
|
||||||
|
icon: material/brightness-7
|
||||||
|
name: Switch to dark mode
|
||||||
|
# Palette toggle for dark mode
|
||||||
|
- scheme: slate
|
||||||
|
toggle:
|
||||||
|
icon: material/brightness-4
|
||||||
|
name: Switch to light mode
|
||||||
|
features:
|
||||||
|
- search.suggest
|
||||||
|
- search.highlight
|
||||||
|
- navigation.expand
|
||||||
|
- content.action.view
|
||||||
|
icon:
|
||||||
|
view: material/eye
|
||||||
|
plugins:
|
||||||
|
- search
|
||||||
|
- git-authors:
|
||||||
|
show_email_address: false
|
||||||
|
- git-revision-date-localized:
|
||||||
|
enable_creation_date: true
|
||||||
|
markdown_extensions:
|
||||||
|
- tables
|
||||||
|
- pymdownx.caret
|
||||||
|
- pymdownx.mark
|
||||||
|
- pymdownx.tilde
|
|
@ -1,3 +1,244 @@
|
||||||
# Nix/NixOS
|
# Nix/NixOS
|
||||||
|
The [Skynet Cluster][nixos_skynet] is (for the most part) running on a Linux variant called NixOS.
|
||||||
|
This article aims to introduce you to Nix and Nixos in order to get you up to speed to administer the cluster.
|
||||||
|
|
||||||
{add warnign that git and git-lfs should also need to be in teh path}
|
## What it is
|
||||||
|
### Nix
|
||||||
|
#### Package Manager
|
||||||
|
The word Nix refers to two things: a language and a package manager.
|
||||||
|
These are deeply interlinked together with the language being how the package manager is able to do its job.
|
||||||
|
Nix grew out of a [PhD by Eelco Dolstra][nix_paper] wherein he proposes a slightly different way to manage dependencies on a system.
|
||||||
|
|
||||||
|
For most Linux systems programs make use of other software installed on the computer, for the most part this works fine.
|
||||||
|
Where issue may arise is if one program needs to update one of these dependencies, specifically a minor or major patch where backwards compatibility is not guaranteed.
|
||||||
|
If another program is using this (system-wide) dependency then it may run into interface issues when using it.
|
||||||
|
In a sense updating one program can break another on the system.
|
||||||
|
|
||||||
|
The route the Nix package manager takes is it treats each program as a function.
|
||||||
|
Using the Nix language a function for that package is created which states what inputs are required, what is needed to turn those inputs into the program as well as the name for the output.
|
||||||
|
The output is then saved in a read only location in the format of ``/nix/store/$hash-program-name-version``.
|
||||||
|
This output can either be used as the input of another program or be used as is by the system/user.
|
||||||
|
Using this format means that any change in the inputs or the program itself will result in a different output.
|
||||||
|
This means that multiple versions of the program (some even the same version but different commit) can co-exist on the one system.
|
||||||
|
An example using different versions of Firefox:
|
||||||
|
![img.png](nix/firefox_co-existing.png)
|
||||||
|
|
||||||
|
##### Example
|
||||||
|
An example of packaging an application can be found here:
|
||||||
|
[Sieve Editor GUI on Nixpkgs][nix_pkgs_sieve]
|
||||||
|
|
||||||
|
This is packaging up a GUI node.js application.
|
||||||
|
The application itself allows the user to edit sieve scripts.
|
||||||
|
Once you have [downloaded and installed](#how-we-use-it) Nix you will be able to install and run it like so:
|
||||||
|
```shell
|
||||||
|
nix-shell -p sieve-editor-gui
|
||||||
|
sieve-editor-gui .
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Language
|
||||||
|
There are two partially difficult problems in computer science:
|
||||||
|
|
||||||
|
1. Off-by-one errors
|
||||||
|
2. Caching
|
||||||
|
3. Naming things
|
||||||
|
|
||||||
|
Nix falls into this last pitfall.
|
||||||
|
The programming language used by the Nix package manager is called Nix, not NixLang (as like Erlang) but rather the same name as primary tool that uses it.
|
||||||
|
For clarity for the remainder of this subsection we are only talking about Nix the language.
|
||||||
|
The Nix Package manager is sometimes known as CppNix for reasons we will get into later.
|
||||||
|
|
||||||
|
Nix is a lazily evaluated functional language which also has REPL (Read, Evaluate, Print, and Loop) capability like what you would see in Python.
|
||||||
|
As a whole it takes strong influences from OCaml and other ML derived languages.
|
||||||
|
|
||||||
|
##### Types
|
||||||
|
It has most of the normal types that you would expect of a programming language, along with a few extra to deal with the filesystem:
|
||||||
|
```nix
|
||||||
|
a = 1 # int
|
||||||
|
b = 1.001 # float
|
||||||
|
c = /path/to/thing # path
|
||||||
|
d = "42" # string
|
||||||
|
e = true # boolean
|
||||||
|
```
|
||||||
|
Of these the ``path`` type will be new to most people.
|
||||||
|
This can take either an absolute or relative path.
|
||||||
|
|
||||||
|
##### Functions
|
||||||
|
If you look at the section below it will seem that these are another type of assignment to a variable.
|
||||||
|
That is half right, these are akin to function pointers that you would see in C or C++.
|
||||||
|
Functions in Nix do not have types for either parameters or return.
|
||||||
|
This is due to it being lazily evaluated, like Python or Javascript.
|
||||||
|
As such the ``double`` function will accept any numeric value
|
||||||
|
```nix
|
||||||
|
double = x: x*2
|
||||||
|
mul = a: b: a*b
|
||||||
|
|
||||||
|
double 2
|
||||||
|
double 4.2
|
||||||
|
mul 7 6
|
||||||
|
```
|
||||||
|
|
||||||
|
##### Attribute Sets
|
||||||
|
In most languages the way to group data would be either an Object or a Struct.
|
||||||
|
Nix has a similar data structure:
|
||||||
|
```nix
|
||||||
|
s = { foo = "bar"; biz = "baz"; }
|
||||||
|
s.foo # bar
|
||||||
|
s.biz # baz
|
||||||
|
```
|
||||||
|
|
||||||
|
##### More data
|
||||||
|
This is a rough quickstart introduction to Nix.
|
||||||
|
For more detailed information I recommend these resources.
|
||||||
|
|
||||||
|
* [Official Guide][nix_guide_official]
|
||||||
|
* [Nix Pills][nix_guide_pills]
|
||||||
|
|
||||||
|
### Flakes
|
||||||
|
A Flake is one of the best ways of interacting with nix.
|
||||||
|
Despite it having some issues and still being marked as experimental it has become a de-facto standard.
|
||||||
|
This is also the format that we use in Skynet.
|
||||||
|
|
||||||
|
The [Official Wiki Page][nix_flake] will be more informative than what can be shoved into this article.
|
||||||
|
|
||||||
|
### Nixos
|
||||||
|
With the package manager we are able to create packages in a deterministic manner and store them in a way that does not suffer path conflicts.
|
||||||
|
|
||||||
|
Some (possibly crazy) folks saw this and decided to apply this to an entire operating system.
|
||||||
|
The advantages are clear, the required programs are added to the path for the current iteration of the system.
|
||||||
|
If any error arises the system can be rolled back to a previous config.
|
||||||
|
|
||||||
|
Configuration is done via ``*.nix`` files, which are then converted into the native config for the application in question.
|
||||||
|
|
||||||
|
For example [this file][nix_dns] turns a list of attributes.
|
||||||
|
```nix
|
||||||
|
{
|
||||||
|
record = "forgejo";
|
||||||
|
r_type = "CNAME";
|
||||||
|
value = "glados.skynet.ie";
|
||||||
|
}
|
||||||
|
```
|
||||||
|
Into a config usable by the BIND DNS server.
|
||||||
|
|
||||||
|
### Lix
|
||||||
|
Nix is an old enough project now, and as such has accumulated crust over the years.
|
||||||
|
This is a combination of technical and societal/governance.
|
||||||
|
|
||||||
|
On the technical side nix is built using c++ and a max of build systems that make it hard to expand it.
|
||||||
|
For a good long time the nix binary used in the package manager was locked at v2.18 due to issues.
|
||||||
|
It took most of a year for a higher version to be used on an official basis.
|
||||||
|
|
||||||
|
Regarding governance there has been several attempts to make it better for folks to contribute and to decouple everything from requiring Eelco to have an input.
|
||||||
|
Those attempts did not succeed.
|
||||||
|
The final straw for some of the more technical core contributors was Eelco's forming a company, hiding it from the community and trying to get military sponsorship.
|
||||||
|
This did not vibe well with folks.
|
||||||
|
|
||||||
|
Due to all of this many core maintainers forked Nix at 2.18 and started working to apply fixes for both code and organisational.
|
||||||
|
The result of their efforts is [Lix][nix_lix].
|
||||||
|
For a full explanation of its key features I would like to point you to the [Lix About page][nix_lix_about].
|
||||||
|
We use Lix instead of CppNix as the goals of Lix align with the viewpoints and ideologies that our members hold and what we want to represent as a (computer) society.
|
||||||
|
|
||||||
|
## Why we use it
|
||||||
|
Back in [January 2023 we got disconnected from the internet][skynet_disconnect].
|
||||||
|
For the purposes of this document the root cause is not of importance.
|
||||||
|
What *is* the mad Indian Jones ~~treasure~~ config hunt that it triggered.
|
||||||
|
![Brendan delving for configs][skynet_disconnect_reenactment]
|
||||||
|
Additionally, ITD require us to update our systems regularly (as they should be).
|
||||||
|
Technically this config delving is an ongoing effort, the old hard drives are occasionally connected up and raided.
|
||||||
|
|
||||||
|
As you would imagine this is not ideal, an exasperating factor was that many programs had changed both the location and format of their configuration over the decades that Skynet has been using them.
|
||||||
|
|
||||||
|
This is where the strengths of NixOS lie.
|
||||||
|
The config for the entire cluster is located in a singular location.
|
||||||
|
Using modules which work as a translation layer if the requirements for the programs change this don't impact us.
|
||||||
|
Not to mention we can fearlessly (and regularly) update our systems it is a match made is heaven.
|
||||||
|
|
||||||
|
Currently, the Skynet cluster comprises 15 servers which have NixOS on them.
|
||||||
|
A combination of LXC's (Linux Containers) and physical bare metal servers.
|
||||||
|
Since these systems share a base config (with their individual applications layered on top) we are able to efficiently build them, building a package for one will also build it for other servers.
|
||||||
|
Combine that with the ability to deploy them via our own self-hosted CI/CD we have a strong foundation to work off of.
|
||||||
|
|
||||||
|
## How we use it
|
||||||
|
Nix cannot run on Windows, though it cna be installed into WSL.
|
||||||
|
Please refer to the below downloads to get a base system up and running
|
||||||
|
|
||||||
|
* [Git][git_git]
|
||||||
|
* As we are using a git repo this is a hard requirement.
|
||||||
|
* [Git LFS][git_lfs]
|
||||||
|
* For storing non text files such as images.
|
||||||
|
* [Nix][nix_install]
|
||||||
|
* Cant really use nix without thi installed.
|
||||||
|
|
||||||
|
### Dev Shell
|
||||||
|
After cloning the repo use ``nix develop`` to set up a terminal shell with the environment for working with Skynet NixOS.
|
||||||
|
It (currently) adds [Colmena][dev_colmena], [Agenix][dev_agenix] and [Attic][dev_attic].
|
||||||
|
|
||||||
|
Another example of a dev shell can be [our discord bot][dev_discord-bot].
|
||||||
|
This one sets up a rust environment.
|
||||||
|
|
||||||
|
Of course, you can also look at the dev shell for this [wiki][dev_wiki].
|
||||||
|
For the wiki we need to ensure that the dependencies for building it are present for all users so they don't have to figure out how to manually install them.
|
||||||
|
|
||||||
|
### Colmena
|
||||||
|
[Colmena][dev_colmena] is our build and deployment tool.
|
||||||
|
|
||||||
|
Building is pretty easy, just run ``colmena build``.
|
||||||
|
Downside of that command is it will try to build everything all at once which is a *lot*.
|
||||||
|
A more practical approach is to build a single server or a group of servers.
|
||||||
|
```shell
|
||||||
|
# build the Skynet server, names can be found in the flake.nix
|
||||||
|
colmena build --on skynet
|
||||||
|
|
||||||
|
# build a group of servers, in this case any one with the tag of active-core
|
||||||
|
colmena build --on @active-core
|
||||||
|
```
|
||||||
|
|
||||||
|
To be able to deploy to Skynet two things are required:
|
||||||
|
|
||||||
|
* Be on the UL network
|
||||||
|
* This can also be accomplished by being on the VPN.
|
||||||
|
* Have an ssh key configured that can access the servers
|
||||||
|
* TLDR be an admin.
|
||||||
|
|
||||||
|
### Agenix
|
||||||
|
[Agenix][dev_agenix] is our secrets manager.
|
||||||
|
To be able to use this tool your pub ssh key must be in ``secrets/secrets.nix``.
|
||||||
|
As you would expect this is an admin only tool.
|
||||||
|
This file also defines the names and permissions for each secret.
|
||||||
|
|
||||||
|
```shell
|
||||||
|
# have to be in the secrets folder for all these commands.
|
||||||
|
cd secrets
|
||||||
|
|
||||||
|
# edit the secret
|
||||||
|
agenix -e path/to/secret.age
|
||||||
|
|
||||||
|
# re-key all secrets, this is done when a new key is added or removed.
|
||||||
|
agenix -r
|
||||||
|
```
|
||||||
|
|
||||||
|
### Attic
|
||||||
|
[Attic][dev_attic] is the tool that we use for our nix cache (hosted at <vhttps://nix-cache.skynet.ie/>).
|
||||||
|
It is not often used by the developer/admin and its own [documentation][dev_attic_docs] covers it best.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
[nixos_skynet]: https://forgejo.skynet.ie/Skynet/nixos
|
||||||
|
[nix_paper]: https://edolstra.github.io/pubs/nspfssd-lisa2004-final.pdf
|
||||||
|
[nix_guide_official]: https://nix.dev/tutorials/first-steps/
|
||||||
|
[nix_guide_pills]: https://nixos.org/guides/nix-pills/#
|
||||||
|
[nix_pkgs_sieve]: https://github.com/NixOS/nixpkgs/blob/a3c0b3b21515f74fd2665903d4ce6bc4dc81c77c/pkgs/by-name/si/sieve-editor-gui/package.nix
|
||||||
|
[nix_flake]: https://wiki.nixos.org/wiki/Flakes
|
||||||
|
[nix_dns]: https://forgejo.skynet.ie/Skynet/nixos/src/branch/main/applications/dns/dns.nix
|
||||||
|
[nix_lix]: https://lix.systems/
|
||||||
|
[nix_lix_about]: https://lix.systems/about/
|
||||||
|
[skynet_disconnect]: https://public.skynet.ie/postmortem/2023-01-12_Loss-of-network-access.html
|
||||||
|
[skynet_disconnect_reenactment]: https://forgejo.skynet.ie/Computer_Society/presentations_compsoc/media/branch/main/src/slides/skynet/0_intro_img1.png
|
||||||
|
[git_git]: https://git-scm.com/downloads
|
||||||
|
[git_lfs]: https://git-lfs.com/
|
||||||
|
[nix_install]: https://nixos.org/download/
|
||||||
|
[dev_colmena]: https://colmena.cli.rs/unstable/
|
||||||
|
[dev_agenix]: https://github.com/ryantm/agenix
|
||||||
|
[dev_attic]: https://github.com/zhaofengli/attic
|
||||||
|
[dev_attic_docs]: https://docs.attic.rs/introduction.html
|
||||||
|
[dev_discord-bot]: https://forgejo.skynet.ie/Skynet/discord-bot/src/commit/80c9191eeec29ba20ef4084713eca7fe0cab7412/flake.nix#L65
|
||||||
|
[dev_wiki]: https://forgejo.skynet.ie/Skynet/wiki/src/commit/ab0add44756d4992fc2b2da4eba163016ccb3d1c/flake.nix#L35
|
||||||
|
|
BIN
src/skynet/nix/firefox_co-existing.png
(Stored with Git LFS)
Normal file
BIN
src/skynet/nix/firefox_co-existing.png
(Stored with Git LFS)
Normal file
Binary file not shown.
|
@ -29,5 +29,15 @@ Sieve scripts allow you to sort and manage yer email in a programmatic way.
|
||||||
Recommended tool: <https://github.com/thsmi/sieve>
|
Recommended tool: <https://github.com/thsmi/sieve>
|
||||||
Small tutorial will follow later.
|
Small tutorial will follow later.
|
||||||
|
|
||||||
|
### ``.forwards`` replacement
|
||||||
|
Since we no longer support ``.forwards`` this is the sieve script counterpart.
|
||||||
|
It copies all incoming mail to the target address.
|
||||||
|
|
||||||
|
```sieve
|
||||||
|
require "copy";
|
||||||
|
|
||||||
|
redirect :copy "sending_mail_to@example.ie";
|
||||||
|
```
|
||||||
|
|
||||||
### Committee/Admins
|
### Committee/Admins
|
||||||
There is an inbuilt sieve script that passes mail from committee/admin addresses into a folder in their Skynet inbox.
|
There is an inbuilt sieve script that passes mail from committee/admin addresses into a folder in their Skynet inbox.
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
# Skynet
|
# Skynet
|
||||||
|
|
||||||
We provide a linux webserver webserver for member use.
|
We provide a linux webserver for member use.
|
||||||
It could be considered akin to the [Tildeverse](https://tildeverse.org/), named as such for the way each member's site was displayed (``https://skynet.ie/~username``).
|
It could be considered akin to the [Tildeverse](https://tildeverse.org/), named as such for the way each member's site was displayed (``https://skynet.ie/~username``).
|
||||||
Now that will redirect to ``https://username.users.skynet.ie`` we home to have preserved the same vibe.
|
Now that will redirect to ``https://username.users.skynet.ie`` we home to have preserved the same vibe.
|
||||||
|
|
||||||
|
@ -11,64 +11,8 @@ You can find more of the history here: <https://2009.skynet.ie/history.html>
|
||||||
## Login
|
## Login
|
||||||
Login is done via ssh and ssh keys.
|
Login is done via ssh and ssh keys.
|
||||||
|
|
||||||
### Create SSH key
|
## SSH Keys
|
||||||
First we set up the ssh folder and create a skynet folder within it for neatness
|
[See the tutorial on SSH keys for more info](../../tutorials/skynet/create_ssh.md)
|
||||||
```bash
|
|
||||||
mkdir -f -p ~/.ssh/skynet
|
|
||||||
cd ~/.ssh/skynet
|
|
||||||
```
|
|
||||||
Now we will create the ssh key itself.
|
|
||||||
Location: ``username``, your skynet username.
|
|
||||||
Password: Press Enter twice for no password on the key.
|
|
||||||
```bash
|
|
||||||
ssh-keygen -t ed25519 -C "<comment>"
|
|
||||||
```
|
|
||||||
It will create two files: ``username`` and ``username.pub``
|
|
||||||
|
|
||||||
### SSH Key
|
|
||||||
Head over to [adding ssh keys](./account.md#ssh-keys) to find information on adding ssh keys to your skynet account.
|
|
||||||
|
|
||||||
it is the ``username.pub`` that you will be adding to your account.
|
|
||||||
To get the contents of the file do this.
|
|
||||||
```bash
|
|
||||||
cat username.pub
|
|
||||||
```
|
|
||||||
|
|
||||||
### SSH Config
|
|
||||||
Back up to the ``.ssh`` folder.
|
|
||||||
```bash
|
|
||||||
cd ../
|
|
||||||
```
|
|
||||||
|
|
||||||
Now we have to create the config file.
|
|
||||||
Notice how it has no extension.
|
|
||||||
#### Windows
|
|
||||||
```powershell
|
|
||||||
"" > config
|
|
||||||
```
|
|
||||||
Open it up in any text editor available to you.
|
|
||||||
|
|
||||||
#### Linux
|
|
||||||
```bash
|
|
||||||
touch config
|
|
||||||
```
|
|
||||||
You can edit it from command line using nano
|
|
||||||
|
|
||||||
```bash
|
|
||||||
nano config
|
|
||||||
```
|
|
||||||
Or open up in a text editor.
|
|
||||||
|
|
||||||
|
|
||||||
--------------------------------------
|
|
||||||
|
|
||||||
Windows and Linux pop this into the file and save it
|
|
||||||
```
|
|
||||||
Host *.skynet.ie
|
|
||||||
User %r
|
|
||||||
IdentityFile ~/.ssh/skynet/%r
|
|
||||||
IdentitiesOnly yes
|
|
||||||
```
|
|
||||||
|
|
||||||
### Logging in
|
### Logging in
|
||||||
In any terminal do this:
|
In any terminal do this:
|
||||||
|
@ -79,16 +23,4 @@ ssh username@skynet.skynet.ie
|
||||||
And you will be in!
|
And you will be in!
|
||||||
|
|
||||||
## Website
|
## Website
|
||||||
In your home folder follow these commands to create the folder that can be used to host a website
|
[See the tutorial on the website for more info](../../tutorials/skynet/create_website.md)
|
||||||
|
|
||||||
```bash
|
|
||||||
mkdir ~/public_html
|
|
||||||
chmod 711 ~
|
|
||||||
chmod -R 755 ~/public_html
|
|
||||||
cd ~/public_html
|
|
||||||
```
|
|
||||||
|
|
||||||
See below for an easy way to upload files to this folder.
|
|
||||||
|
|
||||||
## More info
|
|
||||||
There is a slideshow that might be of use to you: <https://public.skynet.ie/slides/skynet/1_setup.html>
|
|
|
@ -53,7 +53,7 @@ If you are paying online you can only pay for one year's membership.
|
||||||
Note it will say it will expire in one year but upon transfer of the money to our account it will be accepted as a 5 year membership.
|
Note it will say it will expire in one year but upon transfer of the money to our account it will be accepted as a 5 year membership.
|
||||||
![PAY BY CASH][6]
|
![PAY BY CASH][6]
|
||||||
10. Transfer €40 to our bank account:
|
10. Transfer €40 to our bank account:
|
||||||
* BIC: ``BOFIIE2D``
|
* BIC: ``BOFIIE2DXXX``
|
||||||
* IBAN: ``IE31BOFI90595047627767``
|
* IBAN: ``IE31BOFI90595047627767``
|
||||||
Please put your name in the reference.
|
Please put your name in the reference.
|
||||||
If you are having trouble with this or want to arrange another payment method, get in touch.
|
If you are having trouble with this or want to arrange another payment method, get in touch.
|
||||||
|
|
24
src/tutorials/git/token.md
Normal file
24
src/tutorials/git/token.md
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
# Personal Access Tokens
|
||||||
|
## Assumptions
|
||||||
|
* [Git installed](https://git-scm.com/downloads)
|
||||||
|
* [Skynet / Forgejo account](https://forgejo.skynet.ie/user/login)
|
||||||
|
|
||||||
|
### Why
|
||||||
|
The usual way of authentication when working with remote git repositories
|
||||||
|
is SSH, unfortunately we aren't able to do that with our git server. You could use username and password
|
||||||
|
however that is less secure and inconvenient, personal access tokens on the other hand are a more convenient and secure alternative.
|
||||||
|
|
||||||
|
Personal access tokens make it so you don't have to use username / password
|
||||||
|
to authenticate, you can authenticate **once** when **cloning** and that's it.
|
||||||
|
### How
|
||||||
|
Go to [this page and click generate token](https://forgejo.skynet.ie/user/settings/applications)
|
||||||
|
Give it a name and select read and write for repository permissions
|
||||||
|
Copy it once its generated
|
||||||
|
|
||||||
|
**Note : Do not share your access token with anyone, if its compromised delete it, this can be done easily
|
||||||
|
[here](https://forgejo.skynet.ie/user/settings/applications) and prevents it from being used.**
|
||||||
|
|
||||||
|
When cloning a repository, use the token like so..
|
||||||
|
```git clone https://<token>@forgejo.skynet.ie/<repo>```
|
||||||
|
|
||||||
|
You now should be able to push to the repository without being prompted for username / password.
|
39
src/tutorials/skynet/create_account.md
Normal file
39
src/tutorials/skynet/create_account.md
Normal file
|
@ -0,0 +1,39 @@
|
||||||
|
# Create Skynet Account
|
||||||
|
|
||||||
|
## New Members
|
||||||
|
|
||||||
|
1. Be a fully paid up member of UL Computer Society.
|
||||||
|
* [Signup at UL Wolves][wolves].
|
||||||
|
2. Go to [our Skynet signup page][signup].
|
||||||
|
3. Enter the same email used for UL Wolves.
|
||||||
|
* This is the ``Preferred Contact Email`` on your [profile page][profile].
|
||||||
|
4. You will get an email to verify your address, follow the link in the email.
|
||||||
|
* You may need to check teh spam folder.
|
||||||
|
* It may also take up to 15 min to be delivered.
|
||||||
|
5. Choose a ``username`` and ``password``.
|
||||||
|
|
||||||
|
Congrats! You are in!
|
||||||
|
_heist music_
|
||||||
|
|
||||||
|
## Returning Members
|
||||||
|
|
||||||
|
1. Please go to [the profile modification page][modify].
|
||||||
|
2. Enter the same email used for UL Wolves.
|
||||||
|
* This is the ``Preferred Contact Email`` on your [profile page][profile].
|
||||||
|
|
||||||
|
### If you have forgotten your ``username``.
|
||||||
|
Use [recover username][recover_username].
|
||||||
|
|
||||||
|
### If you have forgotten your ``password``.
|
||||||
|
Use [reset password][recover_password].
|
||||||
|
|
||||||
|
### If the above doesn't work
|
||||||
|
Contact the nearest Skynet person, either in person or at ``contact[at]skynet.ie``.
|
||||||
|
|
||||||
|
|
||||||
|
[wolves]: https://ulwolves.ie/society/computer
|
||||||
|
[signup]: https://account.skynet.ie/signup
|
||||||
|
[profile]: https://ulwolves.ie/memberships/profile
|
||||||
|
[modify]: https://account.skynet.ie/modify
|
||||||
|
[recover_username]: https://account.skynet.ie/recover/username
|
||||||
|
[recover_password]: https://account.skynet.ie/recover/password
|
88
src/tutorials/skynet/create_ssh.md
Normal file
88
src/tutorials/skynet/create_ssh.md
Normal file
|
@ -0,0 +1,88 @@
|
||||||
|
# Setup SSH Keys
|
||||||
|
|
||||||
|
To be able to gain remote access to the Skynet.
|
||||||
|
|
||||||
|
``$USERNAME`` Refers to your Skynet username, for example I would replace ``$USERNAME`` with ``silver``
|
||||||
|
|
||||||
|
## Create Key
|
||||||
|
First we set up the ssh folder and create a skynet folder within it for neatness
|
||||||
|
|
||||||
|
```bash
|
||||||
|
mkdir -f -p ~/.ssh/skynet
|
||||||
|
cd ~/.ssh/skynet
|
||||||
|
```
|
||||||
|
|
||||||
|
Now we will create the ssh key itself.
|
||||||
|
Location: ``$USERNAME``, your skynet username.
|
||||||
|
Password: Press Enter twice for no password on the key.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
ssh-keygen -t ed25519 -C "<comment>"
|
||||||
|
```
|
||||||
|
It will create two files: ``$USERNAME`` and ``$USERNAME.pub`` inside ``~/.ssh/skynet``
|
||||||
|
|
||||||
|
### Linux Only
|
||||||
|
Openssh will complain if the keys permissions are too permissive.
|
||||||
|
To fix this use
|
||||||
|
|
||||||
|
```bash
|
||||||
|
chmod 600 $USERNAME
|
||||||
|
# or
|
||||||
|
chmod 600 ~/.ssh/skynet/$USERNAME
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
## Create Config
|
||||||
|
Above we created a folder for Skynet keys.
|
||||||
|
Ye can do the same with Gitlab/Github/... in the future.
|
||||||
|
The only downside is that we now have to tell ssh what key to use in what situation.
|
||||||
|
|
||||||
|
|
||||||
|
Back up to the ``.ssh`` folder.
|
||||||
|
```bash
|
||||||
|
cd ../
|
||||||
|
# or
|
||||||
|
cd ~/.ssh
|
||||||
|
```
|
||||||
|
|
||||||
|
Now we have to create the config file.
|
||||||
|
Notice how it has no extension.
|
||||||
|
|
||||||
|
|
||||||
|
### Windows
|
||||||
|
```powershell
|
||||||
|
"" > config
|
||||||
|
```
|
||||||
|
Open it up in any text editor available to you.
|
||||||
|
|
||||||
|
### Linux
|
||||||
|
```bash
|
||||||
|
touch config
|
||||||
|
```
|
||||||
|
You can edit it from command line using nano
|
||||||
|
|
||||||
|
```bash
|
||||||
|
nano config
|
||||||
|
```
|
||||||
|
Or open up in a text editor.
|
||||||
|
|
||||||
|
### Windows/Linux
|
||||||
|
This is what we want to have in teh file.
|
||||||
|
```
|
||||||
|
Host *.skynet.ie
|
||||||
|
User $USERNAME
|
||||||
|
IdentityFile ~/.ssh/skynet/$USERNAME
|
||||||
|
IdentitiesOnly yes
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## Add key to account
|
||||||
|
Go to [the modify SSH page](https://account.skynet.ie/modify_ssh) and paste in teh contents of ``$USERNAME.pub``.
|
||||||
|
|
||||||
|
You will now be able to SSH into Skynet like so:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
ssh $USERNAME@skynet.skynet.ie
|
||||||
|
```
|
26
src/tutorials/skynet/create_website.md
Normal file
26
src/tutorials/skynet/create_website.md
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
# Create your own website on Skynet
|
||||||
|
|
||||||
|
## Login
|
||||||
|
Once ye have [logged in](./create_ssh.md) you will be able to create a website on Skynet.
|
||||||
|
|
||||||
|
## Website
|
||||||
|
### Manually
|
||||||
|
|
||||||
|
In your home folder follow these commands to create the folder that can be used to host a website
|
||||||
|
|
||||||
|
```bash
|
||||||
|
mkdir ~/public_html
|
||||||
|
chmod 711 ~
|
||||||
|
chmod -R 755 ~/public_html
|
||||||
|
cd ~/public_html
|
||||||
|
```
|
||||||
|
|
||||||
|
To transfer files graphically you can use these programs:
|
||||||
|
* WinSCP
|
||||||
|
* FileZilla
|
||||||
|
|
||||||
|
Anything put there will be accessible under ``https://$USERNAME.users.skynet.ie``.
|
||||||
|
For backwards compatability ``https://skynet.ie/~$USERNAME`` will redirect to ``https://$USERNAME.users.skynet.ie``.
|
||||||
|
|
||||||
|
## More info
|
||||||
|
There is a slideshow that might be of use to you: <https://public.skynet.ie/slides/skynet/1_setup.html>
|
30
src/tutorials/skynet/verify_discord.md
Normal file
30
src/tutorials/skynet/verify_discord.md
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
# Verify Membership on Discord
|
||||||
|
|
||||||
|
In order to get the ``Member`` role on [Discord][0] you have to link your Wolves account.
|
||||||
|
This is only done once and works for any server that the Skynet Bot is on.
|
||||||
|
|
||||||
|
This process ensures that personal information does not get exposed.
|
||||||
|
|
||||||
|
## Commands
|
||||||
|
### Linking
|
||||||
|
In any channel use ``/link_wolves`` and enter the email you use for Wolves.
|
||||||
|
This is the ``Peferred Contact Email`` on the [profile][1] page.
|
||||||
|
|
||||||
|
An email will be sent to this address in order to prove that it is yours.
|
||||||
|
You may need to check the Spam folder.
|
||||||
|
|
||||||
|
![Linking.png](verify_discord/linking.png)
|
||||||
|
|
||||||
|
### Verify
|
||||||
|
Once you have gotten the email you will now submit the verification code.
|
||||||
|
It is in the form of ``/verify code: ABCDEFG`` and is tied to your account.
|
||||||
|
Enter this in Discord and you will be verified.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## Troubleshooting
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
[0]: https://discord.skynet.ie
|
||||||
|
[1]: https://ulwolves.ie/memberships/profile
|
BIN
src/tutorials/skynet/verify_discord/linking.png
(Stored with Git LFS)
Normal file
BIN
src/tutorials/skynet/verify_discord/linking.png
(Stored with Git LFS)
Normal file
Binary file not shown.
Loading…
Reference in a new issue