This guide is for homelab admins who understand IPv4s well but find setting up IPv6 hard or annoying because things work differently. In some ways, managing an IPv6 network can be simpler than IPv4, one just needs to learn some new concepts and discard some old ones.
Let’s begin.
First of all, there are some concepts that one must unlearn from ipv4:
Concept 1
Last major change: 10th March 2023
| # Returns a random 32-bit number. | |
| # If /dev/urandom is cryptographically secure, so is srand32. | |
| # | |
| # If zsh is compiled with 64-bit number support, the result | |
| # is non-negative. Otherwise it may be negative and the value | |
| # is governed by the rules of unsigned-to-signed conversion in C. | |
| # | |
| # Examples: | |
| # | |
| # % print -r -- $(( srand32() )) |
NB: This will not work for instances that proxy outgoing requests!
I wanted to find a way to detect the real IP address of a Mastodon/Pleroma/Misskey/etc instance hosted behind Cloudflare. How to do that? Well, it's federated, which means I can probably get it to send a request to a server of mine! And how to do that? I tried reading the ActivityPub spec. The following caught my attention:
Servers should not trust client submitted content, and federated servers also should not trust content received from a server other than the content's origin without some form of verification.
| #!/bin/sh | |
| # x86docssync - Syncs documents from kib.kiev.ua/x86docs | |
| # | |
| # Written in 2020, 2022 by Lawrence Velázquez <vq@larryv.me>. | |
| # | |
| # To the extent possible under law, the author(s) have dedicated all | |
| # copyright and related and neighboring rights to this software to the | |
| # public domain worldwide. This software is distributed without any | |
| # warranty. |
| module Entry::TrackerBlocking | |
| extend ActiveSupport::Concern | |
| included do | |
| has_many :blocked_trackers | |
| end | |
| email_service_blockers = { | |
| "ActiveCampaign" => /lt\.php(.*)?l\=open/, | |
| "AWeber" => "openrate.aweber.com", |
This work is released under a Creative Commons Attribution-NoDerivatives 4.0 International License.
"OpenPGP" refers to the OpenPGP protocol, in much the same way that HTML refers to the protocol that specifies how to write a web page. "GnuPG", "SequoiaPGP", "OpenPGP.js", and others are implementations of the OpenPGP protocol in the same way that Mozilla Firefox, Google Chromium, and Microsoft Edge refer to software packages that process HTML data.
| default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam' | |
| default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes' | |
| default['sshd']['sshd_config']['PasswordAuthentication'] = 'no' |
| :xdg-support: https://wiki.archlinux.org/index.php/XDG_Base_Directory | |
| :xdg-spec: https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html | |
| :fhs: https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard | |
| :madness: http://pub.gajendra.net/2012/09/dotfiles | |
| :litter: https://www.reddit.com/r/linux/comments/971m0z/im_tired_of_folders_littering_my_home_directory/ | |
| :systemd: https://www.freedesktop.org/wiki/Software/systemd/ | |
| :systemd-fhs: https://www.freedesktop.org/software/systemd/man/file-hierarchy.html | |
| :systemd-fhs-bin: https://www.freedesktop.org/software/systemd/man/file-hierarchy.html#~/.local/bin/ | |
| :toc: macro |