Daily Ramblings

The Perfect Sunday? Almost?

Most of my Sunday just come and go. I sleep through the afternoon and as soon as I am done deciding what to do, the date is already over. There is Monday right around the corner. And preparing for Monday takes precedence.

But not yesterday.

By sheer luck or my immense willpower, I went to bed at exactly 10 PM on Saturday the night before. There was perhaps no sleep on my eyes, the numerous distractions were calling out to me, but I stayed put in bed. Until the world went dark – meaning I slept (for people thinking I died 😅 )

I had turned off all alarms, so it would only be nature waking me up – or my urgency to cycle water from my body – which did its first call around 6:00 AM. Looking at the clock in the room, and seeing that it was just 6:03 AM, decided the call of nature was not loud enough. A few more calls later, I was finally out of bed and speeding for the the race of my life – which I won by the way leaving nature in the dust.

Now that I was awake, I noticed the time was 6:50 AM. The sun was almost up, but it was not bright or hot as a typical day would get. I did not even think once, changed clothes and off I went for my general 10 km cycle ride alone the reservoir close to me. It was one of the fastest times I took – about 38 min of moving based on strava and I was back by almost 7:40 AM.

So I was awake, and even did my daily exercise and it was still just the start of the day. I decided, lets make some tea to start the day, so I let some water boil and then I was like – water might take some time to boil, what can I do in the meantime. I mean who does something in between putting water in the kettle and having it come to a boil. It is like I could see me having the thought, but I could not fathom that I could have thoughts like this.

The sun was still not properly up, and I had a few minutes so I decided to put a batch of clothes for a wash. It did not take too long, as my dirty clothes are more organized compared to my clean clothes, and it was barely and inconvenience.

By the time the washing machine beeped and decided that it was ready to do the needful, the need for washed tea cups dawned on me. And even though the kettle had just gone off notifying me that the water was just boiled, I proceeded to wash some tea cups which were out and about.

Most teas anyways recommend adding less than boiling water to make the tea and some like white tea – need it at precisely at 95C – way below the boiling point.

Once the tea cups were washed, and water was at a good enough not so boiling temperature, I decided to brew some tea – Turkish apple tea to be precise. What better way to start your day than sipping a sweet fragrant tea which does not even have any real sugar? You ask “why no sugar?” probably because it the healthy kind of tea that has stevia in it.

Steeping the tea takes about 5-8 min. and there arose another time frame where there needed something to be done. This time, it was the plans who benefited. They got their weekly water and then a bit for liquid fertilizer on the side. Perhaps I should water them twice a week – but then what if they die due to over watering – perhaps I should invest in a soil humidity sensor? So many thoughts through my mind as I am watering the plants that face drought on a weekly basis – by the time I water them, their top soil is pretty dry and some leaves have started their melodramatic sacrifice for the plant, melodramatic as they will not just up and die and fall off, they have to get some small brown streaks, which will slowly spread through the leaf, in an artistic fashion, so as to remind you again an again about the very fact that you and you alone are the cause of this and you will watch this till it is over and you shall remember this for the rest of your life. Such a dramatic leaf right.

Right as I am done, my timer buzzes – yes I have a separate physical digital timer to track this, why would I use a phone timer to track this, I have specialized devices for specialized things – and it is time to let things be, sit at the sofa and calmly sip the morning sun into its max strength.

Once I am done enjoying the tea, the clothes are hung to dry and we delegate the drying to the bright hot sun. And it is only 9AM.

The day has just started, and I have already accomplished more than what I do on a complete weekend Saturday and Sunday.

Lets go all out I think to myself. Lets cook lunch.

At around 11 AM I decide what needs to be cooked and by 11:50 AM I am done.

By the time I used to wake up generally, I am now sitting with cooked quinoa, egg curry and charred – stir fry broccoli.

What more can I ask? Can this day get any better? How about not having any regrets for the rest of the day? I have done all that needed done, and the rest of the day I can do whatever – play games, watch TV series, watch mind-numbing youtube – and I do not feel bad for the wasted time, for I have done enough, I have done more than enough.

Perhaps next Sunday I try to do more than this. Perhaps I may not succeed. But knowing that this is possible gives me the enthusiasm to look forward to it, and at least try.

I do not know when I started thinking about stuff the way I am doing right now. I believe it all started during the end of engineering and the beginning of my masters education. Being the curious person I have always been, I have pondered at the true purpose of life. And trust me when I tell you that there is no real answer to that question. What I instead realised was that there was a better question to ask which can have a proper answer.

This is something similar to what you do in computer programming where even if there is no solution to certain problems, given a solution you can test if the solution satisfies.

“So what is this divine question” you may ask?

It is “How can life be made better for myself?” You can ask the same question in multiple ways like: “What would make me happier?” or “What would I want to be doing with my life?” or “How do I not die a sad miserable death?”

The only way to approach this problem is to figure out the systems that are in place all around you and figuring out why they were made, how are we supposed to be part of them – if at all we should decide to participate in them” – and what are their flaws and how to overcome the flaws.

Early on in my thoughts, it was evidently clear that most of the systems that we have in place are geared towards making sure the community survives at the cost of the individual. After all almost everyone will agree that it will be OK to sacrifice a few to protect the many. If not for that we would have never had wars ever.

A lot of my thoughts are going to be biased based on the circumstances I have faced, and I totally agree that people facing the same circumstances can definitely come up with different interpretations. So, nothing I say is absolute, and nothing can ever be absolute.

That is a perfect segue to our first basic:

THERE IS NO ABSOLUTE RIGHT AND WRONG

You must have already gotten to this without even me having to explain this if you have have lived life enough. I am still going to go ahead and shed light on what I really mean by this.

The rights and wrongs of a group are decided by an absolute majority at all times. If a right/wrong does not have a majority to support it, it will be abolished in time. You can think of the right/wrong as a law and that might help you understand this a bit better. A majority will decide what law needs to be created, and the law definitely should be beneficial to the majority at-least.

We have been taught – either directly through formal education or informally by how we see people interact with each other – numerous rules. Some cite cultural significance, some ethical, some something else entirely. It is mostly assumed that we are supposed to not question these rules, and questioning these will mostly have you silenced.

Lets take an example of a simple one of these rules:

“Do not hurt others.” – but as we want to speed up the learning process, we will go to an extreme form of that rule – “ Do not kill other humans”

In the initial days of humankind, there is no way such a rule existed. After all, we were the hunter gatherer kind. We had small communities and if you were to clash with another community, killing people must have been common place. With smaller groups control of people was easier, as there will be a single leader who shoulders all responsibility, and all everyone else had to do was satisfy the role they were assigned.

As humankind started farming, and huge human settlements were formed, controlling people would definitely have been difficult, so the leaders of all the small communities had to come together to decide on rules that allow all the communities to function without issues. Over the course of time, they might have realized, “We need to stop killing each other for no reason” – and probably that is where the rule originated.

It is not difficult to realize a community where killing people is not considered wrong, and even that community will have survivors, just that the social interactions over there will be a bit different. It might not be a stretch to say that people from that community will be stronger – even though fewer in number – physically and mentally when compared to people who have lived in a community where killing was deemed to be wrong.

A lot of what we hear around us is in a lot of scenarios some historical rule that has been slowly twisted in such a way to advantage a majority and weaken the individual. We are brought up to live a life, not for ourselves, but for our families, communities, states, countries etc. We are expected to let go of everything we have not just our life, but our sanity for the sake of the majority. And somehow everyone is fine with it. I believe that people are afraid that if the present system were to change, it adds unpredictability that might not be easy to control. How will everyone's individual beliefs interact with each other? It has a potential to go both ways. So rather that thinking and taking the effort to change things, we just pass down what we learnt, because that works.

And if there are people that move out of line, and demand explanations/change? We just get rid of them – we can discredit them, have them disappear behind legalities, put them away in prison, disown them so no one will talk to them, and if nothing works – “properly get rid of them”. You can just look around a bit and you will be able to identify such cases pretty easily.

In such a biased world which looks down on the individual, comes my second basic:

THE INDIVIDUAL IS ABOVE EVERYTHING

Will explain that in a different post, or will extend this some day in future

Ref: https://github.com/diegonehab/luasocket/issues/331

Short Description

HTTP calls do not work with Luasocket 5.4.3 and luasocket.

System Info

Lua: 5.4.3 Luasocket: LuaSocket 3.0-rc1 Distro Archlinux

Test code:

Requires lua-socket and lua-sec to be installed. If testing using lua5.3, then lua53-socket lua53-sec need to be installed.

local http = require "socket.http"

print("---")
print("Testing https")

print(http.request("https://ffl.shoeb.pw"))

print("---")
print("Testing http")


print(http.request("http://ffl.shoeb.pw"))

print("---")
print("End http")

Expected output:

$ lua5.3 t2.lua 
---
Testing https
Welcome to ffl.shoeb.pw. We shall be serving you soon!!!        200     table: 0x55a7c9e0f4d0   HTTP/1.1 200 OK
---
Testing http
Welcome to ffl.shoeb.pw. We shall be serving you soon!!!        200     table: 0x55a7c9e06510   HTTP/1.1 200 OK
---
End http

Observed output:

$ lua t2.lua 
---
Testing https
Welcome to ffl.shoeb.pw. We shall be serving you soon!!!        200     table: 0x5639643d1800   HTTP/1.1 200 OK
---
Testing http
lua: /usr/share/lua/5.4/socket/http.lua:54: bad argument #1 to 'receive' (string expected, got light userdata)
stack traceback:
        [C]: in function 'socket.http.request'
        t2.lua:12: in main chunk
        [C]: in ?

Explanation

HTTP call does not work. Diving into the source code to see what might be the cause yields the line:

 50 local function receiveheaders(sock, headers)
 51     local line, name, value, err
 52     headers = headers or {}
 53     -- get first line
 54     line, err = sock:receive()
 55     if err then return nil, err end
 56     -- headers go until a blank line is found
 57     while line ~= "" do

As you can see in the above code block, line 54 does not pass any arguments, so the argument the is passed will be self because of the : used in the function call.

I can confirm that this was working before my recent update to lua 5.4.3 So, mostly the recent update is what broke it as luasocket has not been updated for quite some time now.

There are hardly any usecases for having such a large power bank. So I did some tests to figure out how much capacity this really is:

I powered a Raspberry Pi 4B 8GB with a USB HDD and prometheus and grafana running on it, and used a USB power meter to measure total energy

The following is the total data:

$time = 28:20:09 (hh:mm:ss)$

$energy = 106.84Wh$

$charge = 21078mAh$

What the above numbers mean: The pi was on for a bit over $28 hours$ It consumed $21078 mAh$ of charge, which amounted to $106.84 Wh$ of energy when the voltage at which the current was consumed is considered.

But that is way off form the $30000 mAh$ mark right?

So, the $30000mAh$ is at the battery not at the output of the powerbank. The typical voltage of the battery is around $3.6 V$ (with $4.2 V$ being the full charge voltage and $2.8V$ being cutoff voltage – these numbers can vary a bit). On the contrary, the power bank output is always $5V$ or higher

So, to get the charge capacity at battery, I would do $$ {106.84Wh \over 3.6V} = 29.6777777778 Ah = 29677.78 mAh $$

That number is almost equal to the advertised capacity.

We can also find the $P_{avg}$ – average power consumed by the raspberry pi over the time it was powered on:

$$P_{avg} = {energy \over time} = {106.84Wh \over 28h 20m} = {106.84Wh \over 28.33h} = 3.77W$$

So, that means our PI used almost $4 W$ of power on average, which means that the instantaneous power can be way higher (As we are not even stressing the CPU a lot). I will be using a $10W$ power adapter to power this pi – just in case.

Seems like cotton rolls for upholstery needs are readily available on Amazon, and on the surface they look affordable.

The following are some links to check on when you have decided to go ahead with it:

Option 1 Option 2 Option 3

The last one is a polyester cloth whereas the first two are cotton cloth.

I plan on going for option 2 as it seems like that will suit my needs the most.

I will mostly be needing at-least 2 meters for my usecase

Buy Cloth

Ref: https://stackoverflow.com/questions/38232609/how-do-i-skip-certains-rules-for-parameter-in-a-path-in-modsecurity

SecRule REQUEST_URI "@beginsWith /path/to/myfile.php" "id:1234,phase:2,t:none,pass,chain \
     SecRuleUpdateTargetByTag "OWASP_CRS:WEB_ATTACK/XSS" !ARGS:param2

# Default HTTP policy: allowed_methods (rule 900200)
SecRule &TX:allowed_methods "@eq 0" \
    "id:901160,\
    phase:1,\
    pass,\
    nolog,\
    setvar:'tx.allowed_methods=GET HEAD POST OPTIONS'"

# Default HTTP policy: allowed_request_content_type (rule 900220)
SecRule &TX:allowed_request_content_type "@eq 0" \
    "id:901162,\
    phase:1,\
    pass,\
    nolog,\
    setvar:'tx.allowed_request_content_type=application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/soap+xml|application/x-amf|application/json|application/octet-stream|text/plain'"

# Default HTTP policy: static_extensions (rule 900260)
SecRule &TX:static_extensions "@eq 0" \
    "id:901166,\
    phase:1,\
    pass,\
    nolog,\
    setvar:'tx.static_extensions=/.jpg/ /.jpeg/ /.png/ /.gif/ /.js/ /.css/ /.ico/ /.svg/ /.webp/'"

SecRule &TX:crs_exclusions_wordpress|TX:crs_exclusions_wordpress "@eq 0" \
    "id:9002000,\
    phase:1,\
    pass,\
    t:none,\
    nolog,\
    skipAfter:END-WORDPRESS"

SecRule &TX:crs_exclusions_wordpress|TX:crs_exclusions_wordpress "@eq 0" \
    "id:9002001,\
    phase:2,\
    pass,\
    t:none,\
    nolog,\
    skipAfter:END-WORDPRESS"

Rules




SecMarker "END-WORDPRESS"

https://www.zerotier.com/download/

https://youtu.be/eq8r1ZTma08 https://youtu.be/EQ94zflNqn4 https://youtu.be/4D3Xn0MmQmg

Try the below test to see how good you are working with nginx and looking things up when you need it.

Google is allowed

Test

You will be running a minimal config of nginx on your virtual server and implement features that have been listed below.

Go through all the steps and verify that whatever has been asked from you is working properly before proceeding.

Fork the repo in you indvidual users in gitlab. (This will be done by clicking the fork icon on this repo)

Clone the forked repo to your box

Make sure that there is no nginx process running:

sudo systemctl stop nginx

ps aux | grep nginx
# this hsould not return any nginx process

Once you are sure that nginx is not running:

cd nginxTest

sudo nginx -c ./nginx.conf -t
# That will test the minimal config provided

sudo nginx -c ./nginx.conf
# That will start the nginx server with the minimal config provided

sudo nginx -c ./nginx.conf -s reload
# That will reload nginx and any changes in nginx.conf will be reflected

#The above three commands will be used multiple times so it is advised to
#create aliases fof the same
Once nginx server is started, make sure that the nginx is doing what it was supposed to do:

$ curl http://127.0.0.1:8000
Hello, you are up and running
That confirms that your nginx setup is working as expected.

Now, we start the test:

Here are some instructions:

All changes need to be made to nginx.conf only.

You are supposed to get them using nginx alone.

You are free to surf through the nginx documentaion as well as the internet in general.

Whatever resources that were used need to be documented in the commit after you solve each test case.

(Failure to document would work against you)

After you have tested that your config works, you will commit it to your forked git repo with the following message syntax:

Stage <stage number> <your adusername>
Resources used:
* <link1>
* <link2>
...
* <linkN>

For eg.

Stage 2 sam.s
Resources used:
* http://nginx.org/en/docs/http/ngx_http_core_module.html

If you want to skip a stage, you still need to commit the changes that you made in the effort to get it to work.

Only related docs to be added to the commit message

Do not forget to check the config / reload nginx before testing changes

Stage 1

$ curl http://127.0.0.1:8000 -H "Host: abc.com"
You are looking at abc.com

$ curl http://127.0.0.1:8000 -H "Host: bleh.com"
You are looking at bleh.com

$ curl http://127.0.0.1:8000 -H "Host: wroom.com"
You are looking at wroom.com

$ curl http://127.0.0.1:8000 -H "Host: anything.com"
You are looking at anything.com

$ curl http://127.0.0.1:8000 -H "Host: wonderingIfIShouldStop.com"
You are looking at wonderingIfIShouldStop.com

$ curl http://127.0.0.1:8000 -H "Host: wellIWillStopNow.com"
You are looking at wellIWillStopNow.com

$ curl http://127.0.0.1:8000
You are looking at

#Hint: There are two ways to accomplish the above, and the simpler way does
#not use multiple server blocks

#Do not forget to commit the changes once we are done

Stage 2

$ curl http://localhost:8000/header -H "Hello: World"
Header Hello has value World

$ curl http://localhost:8000/header -H "Hello: Love"
Header Hello has value Love

#Hint: notice the Hello not changing

Stage 3

$ curl http://127.0.0.1:8000/hello?world=nice
You are looking at uri hello where world is nice

$ curl http://127.0.0.1:8000/hello?world=notnice
You are looking at uri hello where world is notnice

$ curl http://127.0.0.1:8000/something?world=nice
You are looking at uri something where world is nice

# The hint is in the response

Stage 4

#Ever searched for whats my IP on google to get your public IP?

#Implement something similar in nginx

#From box with ip W.X.Y.Z:
$ curl http://<ip of box where nginx is running>:8000/ip
W.X.Y.Z

#Hint: nginx must be storing the IP of the the requestors IP in some
#variable. It is some sort of *_addr.

Stage 5

$ curl http://localhost:8000/?access=0
You may not pass as you do not have access

$ curl http://localhost:8000/?access=1
Welcome, you are the chosen one

#Hint: simple way would be to use if, but map is more awesome

Ref: https://www.lua.org/pil/20.2.html

Patterns

Use capital to match not of the pattern

.	all characters
%a	letters
%c	control characters
%d	digits
%l	lower case letters
%p	punctuation characters
%s	space characters
%u	upper case letters
%w	alphanumeric characters
%x	hexadecimal digits
%z	the character with representation 0

Magic Characters

These need escaping if you need to match them

 ( ) . % + - * ? [ ^ $