Blog

Thoughts, ideas and codes

If you use my onion links, you will notice my old domain http://lqs5fjmajyp7rvp4qvyubwofzi6d4imua7vs237rkc4m5qogitqwrgyd.onion has changed to http://esmail5pdn24shtvieloeedh7ehz3nrwcdivnfhfcedl7gf4kwddhkqd.onion and if you are asking why, try and read my new domain. If you still can't catch it. It's because it has part of my name in it now, Why? To make sure it's actually me (sure anyone can brute force the part of my name) but at least it kinda looks cool, right?

NOTE: Changed my crypto address too, to get EE inside of it, like: XMR's address: 46EEHDTGt5PHDcc7hXQhgrULcQ2JZMTJMTEVRHvsaZeUhrN9DmXkQyViZokxoNqqqBHBCAYoH7YRpFfKDs5WcoAA8Bgr5rC

So it's either esmail or ee.

Why not the full name? Well, because it turned out it takes MASSIVE computing power to generate 11 characters, so I had to settle for 6 or 2.

Last but not least, here are the programs I used: – For BTC: https://github.com/JeanLucPons/VanitySearch (it's for windows, but you can run it with wine) – For ETH: https://vanity-eth.tk/ – For XMR: https://github.com/monero-ecosystem/vanity-monero – For onion: https://github.com/cathugger/mkp224o


Like my work?, support me: https://donate.esmailelbob.xyz

Redbubble? More like Nobubble.

Hi, stranger. Who ever wastes his/her time here reading my weird blogs instead of doing something productive. Redbubble closed my account out of nowhere in the last couple of days. Reason is unknown, I mean ok. I did not understand how copyright exactly work and I maybe posted some designs that break copyright and fair use. But what makes me mad that Redbubble closed my account with no warning, at least warn me. I legit thought if I draw my stuff, it won't be in copyright grounds, but I was wrong. Anyway, Now I have new Redbubble called: https://esmailelbob.redbubble.com/ and I plan to understand copyright before post more designs. And only strict to Canva.com designs, mix and match them to create new art and sell it.

Hope Redbubble gives me another chance. I will be better, promise.

PS: If you are asking about my college exam results, trust me they are not out yet :(

#thoughts


Like my work?, support me: https://donate.esmailelbob.xyz

Well, my dear friend. I can't take it anymore. At least for now. The last couple of weeks, or even months, were pretty damn hard on me (giggity) emotionally, of course. From finals to life to people to now college exam to see if I'm qualified to get accepted or not. That exam, was the last straw that broke the camel's back. Or my back. It was hard, 50 choose question, in one hour with a lot and I mean a LOT of English, here is an example: (https://cloud.esmailelbob.xyz/s/jXJn2NtYnjEHFcx/preview) And the thing is, it was not only me who was mad about it, almost all of us were mad at it. It's hard exam, and it's not like we got 70%, most of us got ~95% in graduation, so we know what we fucking studied, and yet we all said damn son this exam is harder than Johnny Sins's dick. While going back to home yesterday, I was about to cry because of that exam. I hear you, saying okay talk to somebody, and you are right except it won't work, you see months ago, someone started a campaign about better and unlimited internet, just good internet, did not talk about politics or anything and that guy who started the campaign got arrested following other people till the whole campaign gave up (Yes it's real: https://nitter.esmailelbob.xyz/Abdelra44708184/status/1545920759142715392) now imagine with me fellow reader what will happen when almost all students demand their right to get fair exam? I will leave it up to your imagination. So, talking will solve nothing. And that's why I just can't take it anymore, I mean sure results did not come out yet, and will keep you updated and trust me I keep praying every minute in fear and stress, and hopefully I get accepted, but god forbid if I did not get accepted, I will get in another big depression phase/episode, and I will stop posting for a while or even try to suicide again. So until the results come out I'm in fear and stress and let's hope I pass because I think I have never been in stress like this before and not to worry about the server I will keep monitoring it and fixing it, it might not be as fast as I used to be (thanks for my depression and lost hope) but yeah I will be there, at the end the server is almost like last thing that left for me

NOTE: people already started to take action and post hashtags on twitter and facebook: * https://www.facebook.com/pfbid034u5Gu9WQrj7yQxtJQha22hTfxVCai3pHdBUbjx3Gqk9VxNjwnYsWNo1gKVaR4vB7l * https://www.facebook.com/pfbid02wGE9dL4JKefWqvoe111zgPSnJUQLHBTCgzaGYLiJVPkWsT95N3hBk1xkDMwsTpG6l * https://twitter.com/search?q=%D8%AD%D9%84%D9%85%20%D8%B3%D9%86%D9%8A%D9%86%20%D8%A8%D9%8A%D8%B6%D9%8A%D8%B9%20%D8%B8%D9%84%D9%85&src=typeahead_click&f=live (Yes, posts are in Arabic. Who would have thought?)

PS: sorry for my crappy English, I'm not in the mood to proofread.

UPDATE – Fri, Sept 9, 22: If you wonder where are the results, it's already the end of day. Well, according to people here that they have withdrawn failed peoples' results and my results did not come out, so this gives me a big vibe that I failed. They said that they will look into it and see if they will make pass score from 50% instead of 60% or re-take the exam, I'm not sure yet, again will keep you on updates and let's just hope that whatever actions they will take, it helps me to get accepted in college.

UPDATE – Sun, Sept 11, 22: Results just came out now, and I have failed, so yup...

UPDATE – Tue, Sept 13, 22: Well, still failed. But the good news is there is another path, actually. Not really fun path, but at least there is another path, so I plan on taking it. So wish me luck!

And I finally know why I failed in that exam, it's because the exam was from new subjects that we did not study, so yup. What I find weird is people who graduated with high numbers like 92% or 95% did not pass the exam and people with lower numbers like 85% did pass the exam, some might say luck, but I'm damn sure (or alleged) they did it on purpose because after you pass that exam there is another thing and that the college will say which minimum number required to get accepted because it's not about the college test only. So as you might have guessed, people with lower graduation numbers who passed in the exam they are most likely won't get accepted in the collage. It's still unclear why the college did it and not want to accept new students, like what are the benefits. But I'm sure everything will be clear someday~~

#thoughts


Like my work?, support me: https://donate.esmailelbob.xyz

TD:LR: you don't be one!

I write this blog because some people want to get into the space but afraid of coding and how weirdly it looks, and I understand that, dealing with people that literally unaware of what version of windows they are running (whether it's 7 or 10), I really get it. But I want to tell you to not get scared, As you might know I started to code since I was at 11, and I take it as a hobby actually and trust me when I tell you I can read code, but I suck at reading people, haha! (sad little story) so I want to tell you it's not that scary or hard, it's just a new thing. Like if you work in teaching and get a handy man to fix your pipes, you look at them and say wow they are smart, how do they do it? And maybe they look at you and say oh a teacher wow, smart dude. So same thing. And below I will try to mention all questions for new starters in programming:

Do I need to save codes in my head?

Nope, not at all! You need to understand the code like for example this snippet:

print("hi")

You have to know what it does, so when you forget how to do something and google it online, you be certain it's code for what you need.

Do I need to be good at English or math?

It depends on really, I mean look at my bad English. I'm bad at English (and well at coding) but but it's unneeded if you will take local programming course in your main language like for example the amazing free CS50 course is translated to Arabic, so I can take it if I'm bad at English. About math, it depends on too, I have spent most of my time, needed nothing from math until I got hit with data science here when I started to say oh fuck I need math teacher so if you will work light work like web or android apps or scripts you won't need math as much aside simple formulas like adding numbers together.

Do I need to be smart?

No, you need to know how to search on Google to find the snippet you need on stack overflow and copy it!

How to master programming?

You don't, I'm not putting you down, but it's real. You don't. Not only that, but you can find people who spent 5 years in JavaScript, and they keep learning new stuff plus even if you master one language, it will get updates and some stuff will change, and you will have to re-learn it again.

A lot of programming languages >_<

Nah, I mean yea, but nah. You first need to learn basics that almost all programming languages share like if statements, loops while loops and so on. Then select which platform you want to release your code on if it's android for example then go with Kotlin, if it's PC then go with python/c/c++/c# and if it's web you have JS and PHP and so on so yup!

So mostly, you need nothing except kick in and actually start by free courses on YT or paid ones on Coursera/EDX/Alison/edraak/khan academy. And yup good luck with your journey :D

PS: if you have a question that is not answer, feel free to contact me, I will answer it.

#thoughts


Like my work?, support me: https://donate.esmailelbob.xyz

As you know, I use Gentoo btw nowadays. I love it, I love its idea and I love the USE of flags and I started to love emerge itself even! Except one darn thing I do not love at all, and it's repos. While Gentoo got fairly big packages repo including its overlays it's not nearly as big as AUR in Arch Linux and as you know I used to drive arch and artix Linux for some months, so I was missing the packages arsenal of AUR in gentoo but fear not as bedrock solves this issue. Bedrock is a meta Linux distribution which allows users to mix-and-match components from other, typically incompatible distributions. Bedrock integrates these components into one largely cohesive system, For example, one could have: * Debian's stable coreutils * Arch's cutting edge kernel * Void's runit init system * A pdf reader with custom patches automatically maintained by Gentoo's portage * A font from Arch's AUR * Games running against Ubuntu's libraries * Business software running against CentOS's libraries All at the same time and working together, mostly as though they were packaged for the same distribution. ___ It's install is fairly easy, you can use any distro from Debian to Gentoo and use bedrock's install script https://bedrocklinux.org/0.7/installation-instructions.html and done, restart your system and use see commands to install arch as strata and install yay with makepkg and now you can use yay alongside emerge in gentoo! bedrock is smart enough so when you call just yay it will load arch linux for you so no need to add prefix like brl (bedrock's command line) before it

#thoughts


Like my work?, support me: https://donate.esmailelbob.xyz

🐘 :02:


Like my work?, support me: https://donate.esmailelbob.xyz

So because most if not all companies write their own blogs about their stand with Ukraine. I said why not me too? you know everyone is taking a side weather with Ukraine or Russia.

So I'm writing this blog to say I stand with Palestine (yes, Palestine). Why you might ask? Because If you do not see, Russia is doing the same thing Israel does in Palestine...Kill innocent people and kill kids just because those people defend their land and sadly most of the world stand with Israel side (if you do, fuck you) so yes If you are going to stand against Russia because they slaughter kids and kill innocent people at least stand with Palestine too against Israel because trust me they do the same (and probably more)

Thanks, 🇵🇸🇵🇸!

#thoughts


Like my work?, support me: https://donate.esmailelbob.xyz

Librarian is a front-end for Odysee, Just like invidious for youtube. So you can use librarian to watch odysee videos without being tracked or without crypto sh!t

It's easy to host it but before I start I will assume that: * You are running debian 11 * You already have a VPS: https://blog.esmailelbob.xyz/how-to-get-a-vps * Your linux distro is up-to-date (sudo apt update && sudo apt upgrade) * You have a domain name: https://blog.esmailelbob.xyz/how-to-get-a-domain-name * Have sudo access or root account * Already installed docker and docker-compose: https://blog.esmailelbob.xyz/how-to-install-docker-and-docker-compose * Already installed Nginx: https://blog.esmailelbob.xyz/how-to-install-and-configure-nginx-96yp * Already have a reverse proxy conf file: https://blog.esmailelbob.xyz/how-to-use-reverse-proxy-with-nginx * Already have certbot to issue cert: https://blog.esmailelbob.xyz/how-to-use-certbot-with-nginx-to-make-your-website-get

Changes in DNS (domain side)

You really do not need to add any dns entries except if you want to create subdomain for this container then you go in your domain's dns panel and add either CNAME entry that looks like subdomain.domain.com and make it's target the root domain domain.com or A entry with subdoamin.domain.com and make it's target the IP of your VPS

librarian docker-compose file

We need a docker-compose.yml file so we can start librarian, for me I use this file:

version: '3'

services:
  librarian:
    #build: .
    image: nineteengladespool/librarian:latest
    ports:
      - 127.0.0.1:4403:3000
    volumes:
      - ./data/config.yml:/app/config.yml
    restart: unless-stopped

Optional stuff to change: 127.0.0.1:4403: The IP and port number for librarian (so we can use it later for nginx to reverse proxy it) ./data/config.yml: Where our config file for librarian will be saved at

config.yml file (just take an idea how it looks like)

api_url: https://api.na-backend.odysee.com/api/v1/proxy
auth_token: [**SECRET**]
blocked_claims: claimid,claim2
domain: https://librarian.esmailelbob.xyz
enable_live_stream: false
fiber_prefork: false
hmac_key: [**SECRET**]
image_cache: "false"
image_cache_dir: /var/cache/librarian
instance_privacy:
  data_collected_device: true
  data_collected_diagnostic_only: false
  data_collected_ip: true
  data_collected_url: true
  data_not_collected: false
  instance_cloudflare: false
  instance_country: Canada
  instance_provider: Kimsufi
  message: ""
  privacy_policy: ""
port: "3000"
streaming_api_url: https://api.na-backend.odysee.com/api/v1/proxy
use_http3: false
video_streaming_url: ""

[SECRET]: are tokens that I deleted to protect myself

Spin it up!

Now after we done editing, and everything is cool. We need to run our container so just run:

docker-compose up -d

the -d option does not let docker post logs of running application but if you want to see logs you can run:

sudo docker-compose logs -f -t

To check if there any weird behaviors or errors

Nginx

Now after we make sure it's running well. We need to serve it over the internet (called reverse proxy) so without much talk, here is our server block for librarian:

server {
        listen [::]:80;
        listen 80;
       
        server_name [domain name] ;

       location / {
               include /etc/nginx/reverse-proxy.conf;
               proxy_pass http://127.0.0.1:4403/;
       }
}

server_name: Change this to match domain name of librarian include: is our reverse proxy file proxy_pass: the IP and port of our running docker image

After this you should be up and running for librarian! :) just do not forget to run certbot --nginx to make it secure with https://

Update it

Of course after some time the image will be outdated and you need to update and what I love about docker that it's easy to update, really just to do it run:

docker-compose down && docker-compose pull && docker-compose up -d

What it does is: 1) Stops the container, 2) Pull last update (download last update) and 3) Re-run the container back!

Firewall

If you use firewall (ufw for example) you really do not need any ports other than 443 and 80 as we use nginx reverse proxy

#howto #selfhost #docker


Like my work?, support me: https://donate.esmailelbob.xyz

As a selfhoster, I want to achieve balance between privacy of my users and protection of my VPS. I can't use cloudflare as it invades privacy of people and in same time I want to protect my server from bad people so today you will learn how to protect your VPS from bad actors and in same time without invade privacy of your users.

To be honest most VPSes now days offer free ddos protection out of the box so unless you asked VPS and they said no we do not support it, then you may continue to read this article

But there are some drawbacks, like: 1. It's not so good, in fact it just throttles connections of connected peers to your website 2. It throttles all of websites as default and if you want to allow more quota for website you need to figure it our on site by site basics as there is no template for all websites. for example in my case it was invidious, I wanted to allow more connections so videoed does not hang while users watch so yup! 3. Again it's not perfect, so if someone with multiple PCs tried to bring your site down, nginx will not help you :)

but good side is, it's simple and does not invade users' privacy so yup it depends on your case or use case for me I use this method until crowedsec (an open source cloudflare like application) implement proper nginx support.

So without so much talk, I will of course assume you have already installed nginx and know how to deal with it so here is our nginx.conf (located in: /etc/nginx/nginx.conf):

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

# DoS
#worker_processes  4;
worker_priority -5;
timer_resolution 100ms;
worker_rlimit_nofile 100000;


events {
    #worker_connections 768;
    #multi_accept on;
    worker_connections  1024;
    use epoll;
    # Accept as many connections as possible, after nginx gets notification about a new connection.
    multi_accept on;
}

http {
        server_names_hash_bucket_size  128;

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        types_hash_max_size 2048;
        server_tokens off;

        # server_names_hash_bucket_size 64;
        server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # SSL Settings
        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        ##
        # Gzip Settings
        ##

        # gzip on;

        # gzip_vary on;
        # gzip_proxied any;
        # gzip_comp_level 6;
        # gzip_buffers 16 8k;
        # gzip_http_version 1.1;
        # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        # include /etc/nginx/dos.conf;
        include /etc/nginx/sites-enabled/*;

        ##
        # DoS
        ##
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log /var/log/nginx/access.log  main buffer=16k;
    access_log off;
    # Timeouts, do not keep connections open longer then necessary to reduce
    # resource usage and deny Slowloris type attacks.

    # reset timed out connections freeing ram
    reset_timedout_connection on;
    # maximum time between packets the client can pause when sending nginx any data
    client_body_timeout 10s;
    # maximum time the client has to send the entire header to nginx
    client_header_timeout 10s;
    # timeout which a single keep-alive client connection will stay open
    keepalive_timeout 65s;
    # maximum time between packets nginx is allowed to pause when sending the client data
    send_timeout 10s;

    # number of requests per connection, does not affect SPDY
    keepalive_requests 100; 
  
    # buffers

    fastcgi_buffer_size 128k;
    fastcgi_buffers 256 16k;
    fastcgi_busy_buffers_size 256k;
    fastcgi_temp_file_write_size 256k;

    proxy_buffer_size   128k; 
    proxy_buffers   4 256k;
    proxy_busy_buffers_size   256k;

    fastcgi_read_timeout 150;

    tcp_nodelay on;

    #postpone_output 0;

    gzip on;
    gzip_vary on;
    gzip_comp_level 2;
    gzip_min_length 1000;
    gzip_proxied expired no-cache no-store private auth;
    gzip_types text/plain application/json text/xml application/xml;
    gzip_disable "msie6";

    client_max_body_size 20m;

    # fastcgi cache, caching request without session variable initialized by session_start()
    fastcgi_cache_path /var/cache/nginx/fastcgi_cache levels=1:2 keys_zone=fastcgi_cache:16m max_size=256m inactive=1d;
    fastcgi_temp_path /var/cache/nginx/fastcgi_temp 1 2;

    # DDoS Mitigation 
    limit_conn_zone $binary_remote_addr zone=perip:10m;
    limit_conn perip 100;

    limit_req_zone $binary_remote_addr zone=engine:10m rate=2r/s;
    limit_req_zone $binary_remote_addr zone=static:10m rate=100r/s;


    client_body_buffer_size 200K;
    client_header_buffer_size 2k;
    large_client_header_buffers 4 8k;
}

Feel free to adjust settings on your needs and as I said if you want to allow certain website more connections or more upload size (nextcloud for example), you need to add it site by site by editing their config

For more info you can get back to: https://gist.github.com/igortik/0130e69a163d14658ef3d013890c8395 and https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/

#howto #selfhost #nginx


Like my work?, support me: https://donate.esmailelbob.xyz

VPS or Virtual Private Server. It's a computer or server you rent from big company like digitalocean for amount of money monthly (or yearly or hourly even) so you can host your own website or selfhost some open source projects like invidious for example. You really can't fully trust them as in the end it's someone else's computer and if you really want to achieve best privacy, You might look for selfhost at home.

Privacy and security depend on company also your use case depend on company too. There are some well known players like digital ocean, Vultr and Hetnzer (I use the latter). Again it depend on your use case and money you have. Most of big companies will not risk their reputation to get into your little VPS so do not worry about that. But you can setup an encrypted partition with luks maybe but again it's not bulletproof so you have to trust the company you rent from.

So to choose a VPS first select a budget and your use case, for example some VPSes does not allow hosting tor exit nodes or does not open port 25 (smtp port for emails) by default to prevent spam. So it's really about your use case and yup! make a list and then go up on reddit r/selfhosted and say I want VPS that allow me to do this and that and i'm sure you will find someone help you :) or try to search online and try your luck

My recommendation though right now I use both Hetnzer and Kimsufi and both are great. Also a tip about hetnzer that there is a coupon code valid for 3 months so do not forget to use it :) (you might contact their support to get it as they love to hide it)

#howtow #selfhost


Like my work?, support me: https://donate.esmailelbob.xyz