diff --git a/opsec/0.html b/opsec/0.html index bcc276c..6cae47d 100644 --- a/opsec/0.html +++ b/opsec/0.html @@ -39,7 +39,7 @@ - nihilist`s Blog + The Nihilism Blog
First, look at all the blogposts that are yet to be completed from the opsec index page to see if there are some you'd like to do:
+ +Each tutorial (even if completed) has it's own assigned issue on gitea:
+ +You can pick one that you'd like to do, if you see one that has a red cross you can click on it, it will redirect you to it's assigned gitea issue (example: Easy Private Chats - SimpleX you are free to brainstorm it further like so:
+ +The idea being that each issue needs to have a clear todolist to bring clarity on what needs to be done in it. Please check if the tutorial is already assigned to someone already or not:
+ +At first, I am assigning only one contributor per tutorial, and only one tutorial per contributor at a time, with a default deadline of 1 month. to complete the assigned tutorial. (if you want to extend the deadline, you'll have to contact me first).
+In short, please choose a tutorial that is neither done, nor assigned yet, you can check the status of each tutorial on the project board here:
+ +The list of tutorials that are not assigned yet are in the second column, once you have chosen one just ping me on SimpleX or in the Opsec SimpleX group chat.
+You can also submit a suggestion to me directly if you think this blog is missing something crucial, such as a brand new blogpost idea (although make sure it remains on topic for Privacy / Anonymity / Deniability) i am NOT looking for regular Sysadmin tutorials here.
+If you think one of the existing tutorials is missing something, feel free to criticize them in their assigned issues (ping me when you do so, so i don't miss it):
+ +After discussing with me what task you want to do, we'll confirm on the price for that tutorial and after i get your confirmation i'll assign it to you, and that's when you can start to work on it.
+Disclaimer: if you're not used to writing technical stuff, please aim for the tutorials that are labeled as "Simple" and that you actually understand. Don't try to bite more than you can chew, otherwise i might refuse further contributions coming from you. You should be at least familliar with the topic you intend to talk about.
First, look at all the blogposts that are yet to be completed from the opsec index page:
-First contact me directly, or just drop your idea in the opsec groupchat on SimpleX
- - - - -Now you first need to sign up on gitea, if you want to maintain your anonymity feel free to get yourself a mailbox anonymously such as signing up on protonmail using the tor browser. and then use that email to sign up onto gitea aswell:
+ + + + +From there, you can fork the repository, from your new account:
+ +You can leave everything as default as shown below:
+ +Now from there you continue from the commandline, do a git clone the repository you just forked, and do the edits you need to do:
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents]
+→ git clone https://git.nowhere.moe/6dv9lk1pbaflulau/blog-contributions
+Cloning into 'blog-contributions'...
+remote: Enumerating objects: 3400, done.
+remote: Counting objects: 100% (3400/3400), done.
+remote: Compressing objects: 100% (2729/2729), done.
+remote: Total 3400 (delta 1588), reused 2109 (delta 609), pack-reused 0 (from 0)
+Receiving objects: 100% (3400/3400), 149.35 MiB | 6.82 MiB/s, done.
+Resolving deltas: 100% (1588/1588), done.
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents]
+→ cd blog-contributions
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents/blog-contributions]
+→ ls
+assets index.html opsec productivity pull.sh push.sh pushtoprod.sh README.md
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents/blog-contributions]
+→ cd opsec
+
+
+now from there you can copy the template tutorial folder called "0_anon" into another folder:
+
+[ mainpc ] [ /dev/pts/18 ] [Documents/blog-contributions/opsec]
+→ cp -r 0_anon newtutorial
+
+[ mainpc ] [ /dev/pts/18 ] [Documents/blog-contributions/opsec]
+→ cd newtutorial
+
+
+In it you will find the index.html file that you can edit from the commandline still:
+
+[ mainpc ] [ /dev/pts/18 ] [blog-contributions/opsec/newtutorial]
+→ pwd
+/home/nihilist/Documents/blog-contributions/opsec/newtutorial
+
+[ mainpc ] [ /dev/pts/18 ] [blog-contributions/opsec/newtutorial]
+→ ls
+index.html
+
+[ mainpc ] [ /dev/pts/18 ] [blog-contributions/opsec/newtutorial]
+→ vim index.html
+
+
+and you can also view your edits in real time from your browser of choice, just put the complete path to the index.html file to view it in real time, for me it is as follows: /home/nihilist/Documents/blog-contributions/opsec/newtutorial/index.html (just hit F5 to refresh in the browser, everytime you save (:w) in vim)
+ +Make sure that you follow the quality standard i described here: start with the Why, then the What, then the How. to describe how to do things, you can use images like so:
+
+<img src="12.png" class="imgRz">
+
+
+
+and if there are any commands to be shown, just copy paste from your terminal directly into the index.html file, into the pre code blocks:
+
+<pre><code class="nim">
+[ mainpc ] [ /dev/pts/20 ] [~/Nextcloud/blog]
+→ vim index.html
+
+</pre></code>
+
+
+
+[ mainpc ] [ /dev/pts/20 ] [~/Nextcloud/blog]
+→ vim index.html
+
+
+Preferably copy paste the command outputs into the pre code blocks, so we i can save on storage space as images take alot more space than regular text.
+ +Then once your tutorial is finished, don't forget to edit the footer to contain your contact details, your links if you have any, and your monero donation address.
+Now your tutorial is ready to be sent over for review you. So now you need to git push it to your forked repository like so:
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents/blog-contributions]
+→ git config --global user.email "6dv9lk1pbaflulau@nowhere.moe"
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents/blog-contributions]
+→ git config --global user.name "6dv9lk1pbaflulau"
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents/blog-contributions]
+→ git add -A
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents/blog-contributions]
+→ git commit
+
+
+
+new tutorial contribution
+# Please enter the commit message for your changes. Lines starting
+# with '#' will be ignored, and an empty message aborts the commit.
+#
+# On branch main
+# Your branch is up to date with 'origin/main'.
+#
+# Changes to be committed:
+# new file: opsec/newtutorial/index.html
+# modified: push.sh
+
+ESC :wq
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents/blog-contributions]
+→ git push
+Username for 'https://git.nowhere.moe': 6dv9lk1pbaflulau
+Password for 'https://6dv9lk1pbaflulau@git.nowhere.moe':
+Enumerating objects: 7, done.
+Counting objects: 100% (7/7), done.
+Delta compression using up to 4 threads
+Compressing objects: 100% (4/4), done.
+Writing objects: 100% (4/4), 388 bytes | 388.00 KiB/s, done.
+Total 4 (delta 3), reused 0 (delta 0), pack-reused 0
+remote:
+remote: Create a new pull request for '6dv9lk1pbaflulau:main':
+remote: https://git.nowhere.moe/nihilist/blog-contributions/compare/main...6dv9lk1pbaflulau:main
+remote:
+remote: . Processing 1 references
+remote: Processed 1 references in total
+To https://git.nowhere.moe/6dv9lk1pbaflulau/blog-contributions
+ 7c759d3..7067b5c main -> main
+
+
+Now you have pushed your changes to your forked respository, from there you can make a Pull request (asking me to pull in your changes, to the main repository) as follows:
+ + + +now from there your pull request is created, and i'll review it as soon as i get the time:
+ +If it's not complete, i'll comment in there asking you to add what's missing, changes that you must actually finish before the deadline. To add further changes simply add more commits to it
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents/blog-contributions]
+→ vim opsec/newtutorial/index.html
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents/blog-contributions]
+→ git add -A
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents/blog-contributions]
+→ git commit
+
+forgot to do this change!
+# Please enter the commit message for your changes. Lines starting
+# with '#' will be ignored, and an empty message aborts the commit.
+#
+# On branch main
+# Your branch is up to date with 'origin/main'.
+#
+# Changes to be committed:
+# modified: opsec/newtutorial/index.html
+
+ESC :wq
+
+[main eb4b994] forgot to do this change!
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+[ mainpc ] [ /dev/pts/18 ] [~/Documents/blog-contributions]
+→ git push
+Username for 'https://git.nowhere.moe': 6dv9lk1pbaflulau
+Password for 'https://6dv9lk1pbaflulau@git.nowhere.moe':
+Enumerating objects: 9, done.
+Counting objects: 100% (9/9), done.
+Delta compression using up to 4 threads
+Compressing objects: 100% (4/4), done.
+Writing objects: 100% (5/5), 432 bytes | 432.00 KiB/s, done.
+
+
+
+Then wait for me to confirm the content is complete, and then i'll accept the pull request and merge it into the main repository.
+As you may have noticed, the entire blog is Public Domain (Creative Commons Zero license), which means that you can not only save the files for yourself, but you can also run it under your own clearnet or onion domain.
+To do so you can just git clone it on a VPS like so :
+
+[ Datura ] [ /dev/pts/0 ] [~]
+→ cd /srv
+
+[ Datura ] [ /dev/pts/0 ] [/srv]
+→ git clone https://git.nowhere.moe/nihilist/blog-contributions blog
+
+
+And then using nginx you can make it publicly accessible over clearnet, or over Tor. Feel free to reuse my nginx config if you want to host it, just change the domains to be your instead.
+
+[ Datura ] [ /dev/pts/0 ] [/srv]
+→ cat /etc/nginx/sites-enabled/blog.nowhere.moe.conf
+server {
+ listen 80;
+ listen [::]:80;
+ server_name blog.nihilism.network;
+ return 301 https://blog.nowhere.moe$request_uri;
+}
+
+server {
+ listen 443 http2 ssl;
+ listen [::]:443 http2 ssl;
+ server_name blog.nihilism.network;
+ ssl_certificate /root/.acme.sh/blog.nihilism.network/fullchain.cer;
+ ssl_certificate_key /root/.acme.sh/blog.nihilism.network/blog.nihilism.network.key;
+ return 301 https://blog.nowhere.moe$request_uri;
+}
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name blog.nowhere.moe;
+ return 301 https://$server_name$request_uri;
+}
+
+server {
+ ######## TOR CHANGES ########
+ listen 4443;
+ listen [::]:4443;
+ server_name blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion;
+ add_header Onion-Location "http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion$request_uri" always;
+ ######## TOR CHANGES ########
+
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name blog.nowhere.moe;
+########################################## HARDENING SSL #############################################
+ ssl_certificate /root/.acme.sh/blog.nowhere.moe/fullchain.cer;
+ ssl_certificate_key /root/.acme.sh/blog.nowhere.moe/blog.nowhere.moe.key;
+ ssl_dhparam /root/.acme.sh/dhparam.pem;
+
+
+# SSL Settings
+ ssl_protocols TLSv1.2 TLSv1.3;
+ ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+ ssl_prefer_server_ciphers on;
+
+
+ ssl_session_cache shared:SSL:10m;
+ ssl_session_timeout 10m;
+ ssl_session_tickets off;
+ ssl_ecdh_curve auto;
+
+ # OCSP stapling
+ ssl_stapling on;
+ ssl_stapling_verify on;
+ ssl_trusted_certificate /root/.acme.sh/blog.nowhere.moe/fullchain.cer;
+ resolver 1.1.1.1 208.67.222.222;
+
+ add_header Strict-Transport-Security "max-age=63072000" always;
+
+
+
+
+ access_log off;
+ error_log off;
+###################################END OF HARDENING SSL###########################################
+
+
+
+ root /srv/blog/;
+ rewrite ^/servers/anon.html /opsec/index.html permanent;
+ rewrite ^/servers/(.*)$ /opsec/$1 permanent;
+ index index.html;
+}
+
+Then you can check if the nginx configuration is correct like so:
+
+[ Datura ] [ /dev/pts/0 ] [/srv]
+→ nginx -t
+nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
+nginx: configuration file /etc/nginx/nginx.conf test is successful
+
+[ Datura ] [ /dev/pts/0 ] [/srv]
+→ systemctl restart nginx
+
+
+
+Now to make sure it remains updated on a hourly basis, you can have the following cronjob:
+
+[ Datura ] [ /dev/pts/0 ] [/srv]
+→ crontab -e
+
+0 * * * git -C /srv/blog pull
+
+
+And that's it! you're now helping me educate people on what technology can do to enhance their lives :)