From 016baca23817cc7fbecfa20aa8e5ab368bf973fb Mon Sep 17 00:00:00 2001 From: Peter Tillemans Date: Tue, 8 Jul 2025 23:39:26 +0200 Subject: [PATCH] fix syntax highlights --- config.toml | 1 + ...terraform-workflow-using-guix-and-emacs.md | 10 ++--- .../20240817-samba-adventures-in-guix.md | 38 +++++++++---------- ...g-secrets-in-pass__emacs_linux_security.md | 24 ++++++------ themes/blow | 2 +- 5 files changed, 38 insertions(+), 37 deletions(-) diff --git a/config.toml b/config.toml index 1969e9b..ec0937e 100644 --- a/config.toml +++ b/config.toml @@ -27,6 +27,7 @@ feed_filenames = ["atom.xml", "rss.xml"] # Whether to do syntax highlighting # Theme can be customised by setting the `highlight_theme` variable to a theme supported by Zola highlight_code = true +highlight_theme = "nord" [extra] diff --git a/content/posts/2024-06-05-terraform-workflow-using-guix-and-emacs.md b/content/posts/2024-06-05-terraform-workflow-using-guix-and-emacs.md index ed6ee20..c8beeff 100644 --- a/content/posts/2024-06-05-terraform-workflow-using-guix-and-emacs.md +++ b/content/posts/2024-06-05-terraform-workflow-using-guix-and-emacs.md @@ -29,7 +29,7 @@ So good local tooling is needed to get fast feedback. In order to run terraform I need to first package it as it is not available in the GUIX repositories. -``` scheme +```lisp (define-public terraform (package (name "snam-terraform") @@ -87,7 +87,7 @@ Now I can create a manifest for this project. I usually bootstrap them with `guile shell --export-manifes go gopls` or similar and then add stuff when it comes up. -``` scheme +```lisp ;; What follows is a "manifest" equivalent to the command line you gave. ;; You can store it in a file that you may then pass to any 'guix' command ;; that accepts a '--manifest' (or '-m') option. @@ -107,7 +107,7 @@ environment I added the expected variables and use the guix support in the stdlib of direnv. This will create a guix environment configured from the manifest. -``` scheme +```lisp use guix export DB_URL="postgresql:///myproj" @@ -138,7 +138,7 @@ Emacs *direnv mode* will load the configuration from the *.envrc* file when opening a file in that project. The variables and apps are then available for complition, LSP, shell, etc. -``` elisp +```lisp ;; enable direnv mode (direnv-mode) ``` @@ -151,7 +151,7 @@ terraform. Enable some syntax highlighting and more importantly documentation help. Also set `format-on-save` and the indent to 2 spaces -``` elisp +```lisp ;; configure terraform support (require 'terraform-mode) (add-hook 'terraform-mode-hook diff --git a/content/posts/20240817-samba-adventures-in-guix.md b/content/posts/20240817-samba-adventures-in-guix.md index 7dcf347..b9e739a 100644 --- a/content/posts/20240817-samba-adventures-in-guix.md +++ b/content/posts/20240817-samba-adventures-in-guix.md @@ -43,7 +43,7 @@ starting from scratch. Docker hub provides preconfigured images for Samba servers which are easy to use : -```shell +```bash $ docker run --name test-smb -p 4139:139 --rm -p 4445:445 -v `pwd`/samples/:/mnt/export --rm -d dperson/samba -p -u "joe;schmoe" -s "export;/mnt/export/;yes;no;no;joe;;;Test Share" ``` @@ -60,7 +60,7 @@ shares. For more details, see [the github repo for the image](https://hub.docker Because this is not a fun command line to type I like to put them in a **Makefile** in a folder with some support files -```shell +```bash $ cd ... $ mkdir test-smb $ cd test-smb @@ -91,7 +91,7 @@ any case I did not have any luck getting either to work in a local To enable **docker** on Guix-SD I have the following in my system configuration. -```scheme +```lisp ... (use-service-modules cups desktop docker networking ssh xorg) ... @@ -138,7 +138,7 @@ impacts iteration speed when trying things out. The most straightforward way to connect to a CIFS server is with the **smbclient** tool which is part of the **samba** package: -```shell +```bash ➜ guix shell samba test-smb on  main via 🐃 @@ -203,7 +203,7 @@ my user account, so I find it in its place in my home folder. In it place the `username`, `password` and `domain` which worked with smbclient so they no longer need to be provided : -```text +``` username=joe password=schmoe domain=WORKGROUP @@ -211,7 +211,7 @@ domain=WORKGROUP Then we can use it: -```shell +```bash $ smbclient //localhost/export -p 4445 -A ~/.smbcredentials Try "help" to get a list of possible commands. @@ -234,13 +234,13 @@ nuclear (or any other for that matter) secrets on my nas. Let's create a mount point in our test folder -```shell +```bash $ mkdir mnt ``` and then mount the share with `mount.cifs`. This is part of the `cifs-utils` package. -```shell +```bash ttest-smb on  main [?] via 🐃 ➜ guix shell cifs-utils The following derivation will be built: @@ -269,7 +269,7 @@ simulator. Checking with the regular `mount` command to see if it agrees we mounted the share: -```shell +```bash ❯ sudo mount -t cifs //localhost/export on /home/pti/src/test-smb/mnt type cifs (rw,relatime,vers=3.1.1,cache=strict,username=joe,domain=WORKGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=0000:0000:0000:0000:0000:0000:0000:0001,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=4194304,wsize=4194304,bsize=1048576,echo_interval=60,actimeo=1,closetimeo=1) @@ -301,7 +301,7 @@ with a quick `mount -a` command. On my Tuxedo system I have in the `/etc/fstab` file -```text +``` ... //nas.snamellit.com/home /home/pti/nas cifs rw,uid=1000,gid=100,credentials=/home/pti/.smbcredentials 0 0 //nas.snamellit.com/public /mnt/public cifs rw,uid=1000,gid=100,credentials=/home/pti/.smbcredentials 0 0 @@ -327,7 +327,7 @@ them and this works wonders. On Guix-SD the `file-systems` are specified in the `operating-system` section of the system configuration : -```scheme +```lisp (operating-system ... @@ -403,7 +403,7 @@ file types to configure the system. On my Tuxedo (running Tuxedo OS which is an Ubuntu 22.04 derivate) I have the following configuration: - `/etc/autofs.conf`: - ```text + ``` ... [ autofs ] # @@ -415,7 +415,7 @@ On my Tuxedo (running Tuxedo OS which is an Ubuntu 22.04 derivate) I have the fo so the **master map** is in the file `/etc/auto.master`. - `/etc/auto.master`: - ```text + ``` ... /- /etc/autofs.direct -ro ``` @@ -427,7 +427,7 @@ first column. In this case the **map file** is `/etc/autofs.direct` and the default options are `-ro` . - `/etc/autofs.direct`: - ```text + ``` /home/pti/nas -fstype=cifs,rw,noperm,vers=3.0,credentials=/home/pti/.smbcredentials ://nas.snamellit.com/home ``` This shows that the mount point `/home/pti/nas` will mount the share @@ -442,7 +442,7 @@ service-type, so we have to make it ourselves. First we define a configuration record type for our new service: -```scheme +```lisp (define-record-type* autofs-configuration make-autofs-configuration autofs-configuration? @@ -459,7 +459,7 @@ later. (Yeah, sure...) Since the autofs service needs some boilerplate configuration files I generate them with an activation function: -```scheme +```lisp (define (autofs-activation config) "Return the activation GEXP to create the config files for autofs" (with-imported-modules '((guix build utils)) @@ -493,7 +493,7 @@ This should tie up nicely the links between the 3 files. Then I need a **shepherd service** to start the **autofs** daemon: -```scheme +```lisp (define (autofs-shepherd-service config) (define pid-file (autofs-configuration-pid-file config)) @@ -521,7 +521,7 @@ already hard enough to follow). Then we need to put a bow around it and define an `autofs-service-type`. -```scheme +```lisp (define autofs-service-type (service-type (name 'autofs) (description "Run the autofs daemon to automount folders on access.") @@ -540,7 +540,7 @@ the **autofs** daemon gets started. Then we can add this to our system configuration: -```scheme +```lisp (operating-system ... (packages diff --git a/content/posts/20250628T131556--consolidating-secrets-in-pass__emacs_linux_security.md b/content/posts/20250628T131556--consolidating-secrets-in-pass__emacs_linux_security.md index 50751bd..76a2bc6 100644 --- a/content/posts/20250628T131556--consolidating-secrets-in-pass__emacs_linux_security.md +++ b/content/posts/20250628T131556--consolidating-secrets-in-pass__emacs_linux_security.md @@ -36,7 +36,7 @@ leverage gpg, password caching is handled by the gpg-agent and my **.envrc** files quickly were purged of blasphemous secrets, replace by pure bliss: -```shell +```bash export MY_SECRET=$(pass my/secret) export OTHER_SECRET=$(pass other/secret) ``` @@ -44,7 +44,7 @@ export OTHER_SECRET=$(pass other/secret) similarly in emacs I can consistently get my passwords and related info with: -```elisp +```lisp (org-gcal-client-id (auth-source-pass-get 'secret "snamellit/org-gcal-client")) (org-gcal-client-secret (auth-source-pass-get "id" "snamellit/org-gcal-client")) @@ -103,7 +103,7 @@ README](https://github.com/roddhjav/pass-import) , note that on Ubunty the **pyk Once it is installed I tried a dry run (with the `-d` flag) to see if basic functionality is working -```shell +```bash pass import -a -d keepassxc ~/Nextcloud/Apps/Keepassxc/Passwords.kdbx Password for /home/pti/Nextcloud/Apps/Keepassxc/Passwords.kdbx: w Data would be imported from keepassxc to pass @@ -159,7 +159,7 @@ code. A bit digging surfaced the [asc-key-to-qr-code-gif tool](https://github.co was made for this specific purpose. The ssh key is already in the appropriate format so this can be directly converted -```shell +```bash ./asc-to-gif.sh ~/.ssh/id-passforios ssh-pub.gif display ssh-pub.gif ``` @@ -172,7 +172,7 @@ appear in the key field in the app. We have to repeat this 2 more times to get the private and public key for the password-store into the app. First exporting the keys -```shell +```bash gpg --export -a 1234ABCD >gpg.pub gpg --export-secret-key -a 1234ABCD >gpg.key ``` @@ -220,7 +220,7 @@ sites I try. Out of curiosity I check the configuration in ~.mozilla/native-messaging : -```shell +```bash pti@tuxedo ~> ls .mozilla/native-messaging-hosts/ org.keepassxc.keepassxc_browser.json passff.json passff.py* pti@tuxedo ~> cat .mozilla/native-messaging-hosts/passff.json @@ -273,7 +273,7 @@ life of me find a Firefox Extension supporting this host app. Then building and installing timelapse : -```shell +```bash tar -xzvf ~/Downloads/browserpass-native-3.1.0.tar.gz cd browserpass-native-3.1.0 ls @@ -289,7 +289,7 @@ this totally went fine the first time (NOT!!!!). The `Makefile` has support to install the magic json to enable native messaging for the different browsers. -```shell +```bash PREFIX=/usr/local make hosts-chromium-user PREFIX=/usr/local make hosts-chrome-user ``` @@ -301,7 +301,7 @@ additional finnagling For now focus on Chromium and check if the configuration looks reasonable: -```shell +```bash pti@tuxedo ~> cd .config/chromium/NativeMessagingHosts/ pti@tuxedo ~/.c/c/NativeMessagingHosts> ls com.github.browserpass.native.json@ @@ -364,7 +364,7 @@ link to so we can start from there. We will have to edit that so copy it. We also need a wrapper to call the native host app -```shell +```bash cd ~/.var/app/com.google.Chrome/config/google-chrome/NativeMessagingHosts cp /usr/local/lib/browserpass/hosts/chromium/com.github.browserpass.native ec browserpass.sh @@ -372,7 +372,7 @@ ec browserpass.sh Add the content of the wrapper -```shell +```bash #!/bin/sh cd ~ /usr/bin/flatpak-spawn --host /usr/local/bin/browserpass 2>/tmp/browserpass-error.log @@ -382,7 +382,7 @@ I added the optional redirect of **stderr** to an error logfile because from experience I know nothing ever goes wrong if you enable error reporting beforehand. -```shell +```bash chmod +x browserpass.sh pwd pwd | wl-copy diff --git a/themes/blow b/themes/blow index 1a510f1..22a3465 160000 --- a/themes/blow +++ b/themes/blow @@ -1 +1 @@ -Subproject commit 1a510f1be436d04c36a3ff0596b3162673ff1298 +Subproject commit 22a3465dd487d567e174d06c0fb3140e27159d6c