Merge pull request 'develop' (#1) from develop into main

Reviewed-on: #1
2024-06-28 17:02:42 +01:00 · 2024-06-28 17:02:42 +01:00 · 486b4d5e51
commit 486b4d5e51
parent 0810864aee 46107ad706
13 changed files with 164 additions and 10 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,4 @@
 *.jpeg filter=lfs diff=lfs merge=lfs -text
 *.jpg filter=lfs diff=lfs merge=lfs -text
 *.png filter=lfs diff=lfs merge=lfs -text
 *.webp filter=lfs diff=lfs merge=lfs -text
--- a/.gitea/workflows/hugo-deploy.yaml
+++ b/.gitea/workflows/hugo-deploy.yaml
@ -31,11 +31,4 @@ jobs:
          REMOTE_HOST: ${{ secrets.REMOTE_HOST }}
          REMOTE_USER: ${{ secrets.REMOTE_USER }}
          TARGET: ${{ secrets.REMOTE_TARGET }}
-          EXCLUDE: "/dist/, /node_modules/"
+          EXCLUDE: "/dist/, /node_modules/"
          SCRIPT_BEFORE: |
            whoami
            ls -al
          SCRIPT_AFTER: |
            whoami
            ls -al
            echo $RSYNC_STDOUT
--- a/config.yaml
+++ b/config.yaml
@ -2,6 +2,7 @@ baseURL: https://sa.mtate.me.uk/
 languageCode: en-gb
 theme: ["PaperMod"]
 title: Sam Tate
 description: All things self-hosted, home networking, and tech related.
 languages:
  en:
@ -29,7 +30,8 @@ params:
  homeInfoParams:
    Title: "Sam Tate"
    Content: >
-      - Under construction homepage, now deployed via automatic CI/CD
+      - UK Based Web Developer. Posts about all things self-hosted, home networking, and tech related.
  socialIcons:
    - name: gitea
--- a/content/posts/2024/installing-searxng/images/ip.png
+++ b/content/posts/2024/installing-searxng/images/ip.png
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:63205e9a744500be6ba817f1b3022ab0c1f699aa89391db2f871b3c42c08f433
 size 66754
--- a/content/posts/2024/installing-searxng/images/searchresult.png
+++ b/content/posts/2024/installing-searxng/images/searchresult.png
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:e62d2e7403509dd68da0accd592267009d6d79edc1c348115e77acc1da573b64
 size 200826
--- a/content/posts/2024/installing-searxng/images/searxng.png
+++ b/content/posts/2024/installing-searxng/images/searxng.png
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:fa33b839661f95814297447dd5288f7e9fa99ce39163e2fd0a02bb65aba6dcc7
 size 49608
--- a/content/posts/2024/installing-searxng/index.md
+++ b/content/posts/2024/installing-searxng/index.md
@ -0,0 +1,111 @@
 ---
 title: "Installing SearXNG with a VPN for private searching"
 date: 2024-06-28T17:02:45+01:00
 summary: 'How to install SearXNG on a local machine to stop your searches being tracked and create your own search engine'
 ---
 How to install SearXNG on a local machine to stop your searches being tracked and create your own search engine
 <!-- more -->
 # Introduction
 It's a well known fact that [Google tracks everything you do](https://www.knowyourmobile.com/data-privacy/ways-google-tracks-you/) online and builds up a profile that knows you better than you know yourself. One of the major ways they do this is through Google Search. Even if you aren't logged in, they can link your IP address and browser fingerprint to your profile and still add to their database.
 There are ways around this. You can use [DuckDuckGo](https://duckduckgo.com) which gives you Bing results in a more privacy conscious ([but not fully private](https://www.techradar.com/news/duckduckgo-in-hot-water-over-hidden-tracking-agreement-with-microsoft)) way. Or [Startpage](https://startpage.com), which aims to serve Google results in a private way. However, it is hard to beat a piece of self-hostable software called **SearXNG** for the ability to host it yourself, and thus you don't have to trust anyone else. 
 # What is SearXNG?
 [SearXNG](https://github.com/searxng/searxng) is a free, open source, *metasearch* engine. This means that when you type a query, it can gather the results from multiple different search engines such as Google, DuckDuckGo, Brave, etc, for better overall results. It strips away any tracking scripts, browser fingerprinting, and cookies, so Google et al. only see a search query and the IP address of the server it comes from.
 ![SearXNG screenshot](images/searxng.png)
 You can use a [public instance](https://searx.space/) to test it out. You can also use these permanently if you trust the person running them not to log your searches, and there are benefits to doing this as all your searches get mixed in with the other users on this instance, making it harder for the search engines to know who is searching what.
 # Installation
 ## Prerequisites
 You will need a computer running on your local network with [Docker Compose](https://docs.docker.com/compose/) installed. This could be something as simple as a Raspberry Pi or old laptop. You'll also ideally need a privacy respecting VPN such as Mullvad or Proton VPN.
 ## Setup
 The first step is to make a *Docker* folder somewhere, e.g. your home folder. Inside the Docker folder, create a folder called *vpn-project*, and inside this, two folders called *gluetun* and *searxng*.
 Now in the *vpn-project* folder, create a file called *docker-compose.yaml* and add the following: 
 ```
 services:
  gluetun:
    image: qmcgaw/gluetun:latest
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8080:8080/tcp # SearXNG
    volumes:
      - /path/to/vpn-project/gluetun:/gluetun
    environment:
      - PUID=1000 #CHANGE_TO_YOUR_UID
      - PGID=1000 #CHANGE_TO_YOUR_GID
      - TZ=Europe/London #CHANGE_TO_YOUR_TZ
      - VPN_SERVICE_PROVIDER=protonvpn #Change to your VPN provider
      - OPENVPN_USER=
      - OPENVPN_PASSWORD=
      - SERVER_COUNTRIES=United Kingdom #Change based on the Wiki
      - HTTPPROXY=off #change to on if you wish to enable
      - SHADOWSOCKS=off #change to on if you wish to enable
      - UPDATER_PERIOD=24h
    labels:
      - com.centurylinklabs.watchtower.enable=false
    security_opt:
      - no-new-privileges:true
    restart: always
  searxng:
    image: searxng/searxng
    container_name: SearXNG
    network_mode: service:gluetun
    mem_limit: 512mb
    depends_on:
      gluetun:
        condition: service_healthy
    security_opt:
      - no-new-privileges:true
    volumes:
      - /path/to/vpn-project/searxng:/etc/searxng:rw 
    restart: on-failure:5
 ```
 This is the markup that tells Docker we want to download an application called Gluetun (our VPN client), and run both it and SearXNG, running SearXNG's traffic through Gluetun. You can see that there are several things you need to change to make this work for your config:
 * Update **/path/to/vpn-project** with the actual path to your *vpn-project* folder. This needs updating in two places
 * Change the **PUID** and **PGID** to your user's values, found by running *id -u* and *id -g* respectively in the terminal.
 * Change **TZ** to your [Timezone](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones).
 * Change **VPN_SERVICE_PROVIDER** to your VPN Provider. Follow the instructions on the [Gluetun Wiki](https://github.com/qdm12/gluetun-wiki/tree/main/setup/providers) for your provider, and add any lines necessary to log in with your provider. The example above is for ProtonVPN and needs you to add the user and password keys as outlined in the Wiki, you will need to change the section entirely if you use another VPN service.
 * Change **SERVER_COUNTRIES** to the country you want your VPN to connect to.
 Once you've done all this, save the *docker-compose.yaml* file and go to your Terminal, in the *vpn-project* directory. Run the following command:
 ```
 docker compose up
 ```
 Docker will now download the applications, set up the Gluetun VPN container, and then set up SearXNG. If all went well, we will be able to see SearXNG on the IP address of the machine you installed it on. If you don't know this, run the following command in a terminal:
 ```
 ip addr show | grep 192.168
 ```
 This should print out your private IP address. For example, mine is 192.168.86.46, so I'd point my browser to http://192.168.86.46:8080 to see SearXNG:
 ![SearXNG IP screenshot](images/ip.png)
 From here you are free to search the web and note that results are labelled as coming from a number of search engines. Thanks to Gluetun, Google et al. now see these searches as coming from the IP address of your VPN, not your home IP address, and thanks to SearXNG all their tracking scripts and cookies have been blocked.
 ![SearXNG Results screenshot](images/searchresult.png)
 You may want to now stop the docker command you ran, and run:
 ```
 docker compose up -d
 ```
 This runs the containers in the background so when you close the terminal window they will still persist. You can now experiment with some of the preferences in the SearcXNG browser window: you can choose who provides your autocomplete if any, choose which search engines you want results from, etc. You can also add your new search engine to your web browser so it is used every time you search in the address bar.
 Finally, you need to decide if you just want to have your search engine accessible at home like it is now, or if you want to be able to use it when you're out the house. There are many ways to access self hosted applications outside of home and I will be doing guides on several of them shortly, but some options include: 
 * [Tailscale](https://www.howtogeek.com/how-to-remote-access-your-network-using-tailscale-vpn/) which sets up a VPN between your devices so you can access local applications over the internet to any device you've logged into Tailscale on.
 * [Cloudflare Tunnels](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/) to expose your local applications over the internet to anyone who has the URL you assign to them, but you don't have to open ports on your router and have the protection of Cloudflare build in
 * [Port forwarding](https://portforward.com/how-to-port-forward/) where you open up ports on your router so you (and anyone else) can access your internal applications that you forward to, via your public IP address. There are security implications of doing this method.
 Whichever method you choose, or even if you choose to keep your SearXNG on your local network for now, hopefully you are now enjoying powerful, private search results, without everything you do being stored!
--- a/content/posts/2024/running-ethernet/images/dotanddab.jpg
+++ b/content/posts/2024/running-ethernet/images/dotanddab.jpg
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:cc040a22d0ed9a8cf08d201790444fa9325ae9a07964b6ee75891613dae22967
 size 63140
--- a/content/posts/2024/running-ethernet/images/final.jpg
+++ b/content/posts/2024/running-ethernet/images/final.jpg
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:7fe4b8e9f68be277cdb4a0a25c82ae05f9038f5a4978d6b4224e2763ff955209
 size 2746040
--- a/content/posts/2024/running-ethernet/images/initial.jpg
+++ b/content/posts/2024/running-ethernet/images/initial.jpg
--- a/content/posts/2024/running-ethernet/images/studwall.png
+++ b/content/posts/2024/running-ethernet/images/studwall.png
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:7f2d0973afb3814e258c189527287862c45c8e1e2a1d90e7a1077388a28a247e
 size 112769
--- a/content/posts/2024/running-ethernet/index.md
+++ b/content/posts/2024/running-ethernet/index.md
@ -0,0 +1,26 @@
 ---
 title: "Running Ethernet in a modern UK house"
 date: 2024-06-28T11:02:45+01:00
 draft: true
 ---
 Start to finish process of installing Cat5e cable for networking through my house
 <!-- more -->
 # Introduction
 The house I live in was built in the 2000s in the UK: at the time, it was not common to run network cabling throughout houses. Indeed even now in new builds you might get one or two runs from the downstairs cupboard to the TV or an upstairs bedroom but not much else.
 As such, my home network had struggled a bit. Everything relied on WiFi, with two Google Nest Mesh points in the house, and due to the location of the VDSL phone line coming into the Living Room: my ISP Modem, Nest point, Synology NAS etc all had to live behind the sofa.
 ![Networking Equipment before install](images/initial.jpg)
 The aim of this project was to install ethernet points throughout the house, as well as moving all my networking equipment to a centralised location to mitigate the fan and HDD noise.
 # Planning
 Before I started with anything, I had a good idea of how I wanted to do things. I knew the plan would change as I put it into practise but it was good to have a rough idea. I knew from living in the house some of the details of its construction:
 * External walls of the house are external stone bricks, a cavity filled with insulation, then concrete thermal blocks, onto which plasterboard is "dot and dabbed" with adhesive, forming a small cavity again between the plasterboard and blockwork.
 * Internal walls of the house are wooden studs, with plasterboard screwed on either side. This means the walls are mostly hollow.
 * The downstairs floor is a solid concrete slab that the flooring is laid on.
 * The upstairs floor is wooden joists with plasterboard screwed on the bottom for the ceiling of the floor below, and particle board screwed on top to form the flooring of the first floor.
 ![Dot and dab wall](images/dotanddab.jpg) ![Networking Equipment before install](images/studwall.png)
 This is a fairly typical construction for a new-ish UK house. Older UK houses aare likely to have all walls as bricks, with plaster skimmed directly onto the bricks. This is much more difficult to run cables through, requiring you to "chase out" the walls. However, the downstairs floor is likely to be a wooden suspended floor, possibly with an accessible floor space or basement underneath, allowing cables to be easily pulled that way.
--- a/themes/PaperMod
+++ b/themes/PaperMod
@ -1 +1 @@
-Subproject commit 9ea3bb0e1f3aa06ed7715e73b5fabb36323f7267
+Subproject commit 56d9d087bc370e1ae8731fd3c14cbb0dbc0d7725
		`@ -1 +1 @@`
			`Subproject commit 9ea3bb0e1f3aa06ed7715e73b5fabb36323f7267`				`Subproject commit 56d9d087bc370e1ae8731fd3c14cbb0dbc0d7725`