danio/dandellion-xyz
0
0
Fork 0
Code Issues Pull Requests Releases Activity

Merge remote-tracking branch 'origin/main'

Browse Source
This commit is contained in:
Daniel Lovbrotte Olsen
2022-12-31 04:54:55 +01:00
parent ea937e3c5e 02a00bbcf1
commit e93b683b2e
6 changed files with 214 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
config.toml
+3 -1
View File
@@ -11,7 +11,6 @@ compile_sass = true
# Whether to do syntax highlighting
# Theme can be customised by setting the `highlight_theme` variable to a theme supported by Zola
highlight_code = false
# Whether to build a search index to be used later on by a JavaScript library
build_search_index = false
@@ -24,6 +23,9 @@ taxonomies = [
{name = "tags", feed = true},
]
[markdown]
highlight_code = true
highlight_theme = "base16-ocean-dark"
[extra]
# Put all your custom variables here
content/2022-01-16-wireguard-minecraft.md
+51
View File
@@ -0,0 +1,51 @@
+++
title = "Today I Did: Minecraft behind a point to point wireguard VPN"
date = 2022-01-15
slug = "minecraft-wireguard"
[taxonomies]
categories = ["Today I Did", "Technical", "All"]
tags = ["wireguard", "Networking", "Minecraft"]
+++
Today I set up a point to point wireguard VPN and forwarded minecraft traffic via it.
<!-- more -->
# Background
I live in a student home with about 100 people. Some of us tested positive for the omnicron variant of COVID-19 so we all had to be quarantined.
One of our people who is responsible for board games and such wanted to set up minecraft server we could all play on during our 10 day quarantene. Unfortunately our servers can't handle running a minecraft server, so it'd have to run on his computer. This posed multiple challenges.
# Network
Our network is pretty bad (though I'm working on this). Every room is behind their own routers and NATs behind another NAT. It would probably be enough for him to port forward from his NAT so that all the other people could reach it locally, but the routers adress is on DHCP and we wanted the ability to connect from the internet.
We have a server locally which seems to be DMZed or otherwise have a global ip.
To break through the NATs I set up a two node wireguard network. The server listened, and his computer would connect to it, opening up a tunnel from the server to his desktop via the virtual network card `wg0`. The servers ip in this virtual network was `192.168.42.1` and his desktop was `192.168.42.2`
To route the traffic properly however we needed to use some iptables rules:
```bash
iptables -t nat -A PREROUTING -p tcp --dport 25565 -j DNAT --to-destination 192.168.42.2
iptables -t nat -A POSTROUTING -o wg0 -p tcp --dport 25565 -d 192.168.42.2 -j SNAT --to-source 192.168.42.1
iptables -t nat -A PREROUTING -p udp --dport 25565 -j DNAT --to-destination 192.168.42.2
iptables -t nat -A POSTROUTING -o wg0 -p udp --dport 25565 -d 192.168.42.2 -j SNAT --to-source 192.168.42.1
```
These rules mean that before routing takes place all tcp and udp packets which are going to the standard minecraft port `25565` will be changed so that their destination instead points to the desktop computer actually hosting the minecraft server.
After routing, the source adress on the packet gets set to the server's ip adress so that when the minecraft server replies with information. It knows how to route the information back. This has the downside of making you "lose" the player's IP adress, since the minecraft server will think all network traffic comes from the relaying server.
To avoid this you would probably need some other tool to do the relaying. Like for example waterfall or some other dedicated minecraft proxy.
We also need allow these packets through the firewall, since its probable your default iptables setup blocks forwarding like this.
```
iptables -A FORWARD -i enp0s3 -o wg0 --dst 192.168.42.2 -p tcp --dport 25565 -j ACCEPT
iptables -A FORWARD -i enp0s3 -o wg0 --dst 192.168.42.2 -p udp --dport 25565 -j ACCEPT
```
# Wrap up
These rules need to be saved somehow, but I'll leave that as an exercise for the reader. Maybe you should add them to the pre execute phase of your wireguard systemd unit?
Hopefully this works for you. I'm not an expert in networking or iptables. But if you have any issues feel free to ask in the comments, can't guarantee an answer though!
content/2022-05-07-minecraft-polybar/icon.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 KiB

content/2022-05-07-minecraft-polybar/index.md
+87
View File
@@ -0,0 +1,87 @@
+++
title = "Today I Did: Minecraft activity monitor for polybar"
date = 2022-05-07
slug = "minecraft-polybar"
[taxonomies]
categories = ["Today I Did", "Technical", "All"]
tags = ["Nix", "Polybar", "Minecraft", "Python", "Ricing"]
+++
It can get boring playing singleplayer on a multiplayer server.
So to maximize social play time I wrote a little server monitor widget for my polybar.
<!-- more -->
It's pretty simple, it starts with a python script:
```python
from mcstatus import MinecraftServer as JavaServer
pvv = JavaServer.lookup("minecraft.pvv.ntnu.no")
dods = JavaServer.lookup("mc.dodsorf.as")
try:
pvv_status = pvv.status()
dods_status = dods.status()
except:
pass
result = ""
try:
if pvv_status.players.online > 0:
result += ("P" + str(pvv_status.players.online))
if dods_status > 0:
result += ("D" + str(pvv_status.players.online))
except:
pass
print(result)
```
When ran, this will output how many players are online, with a prefix denoting the server it is reporting on. Fetching the data via the [mcstatus](https://github.com/py-mine/mcstatus) python library.
# Polybar
My polybar is configured via [home-manager](https://github.com/nix-community/home-manager) - a tool for declaratively configuring user environments via [Nix](https://nixos.org):
```nix
"module/minecraft" = {
type = "custom/script";
exec = "" + pkgs.writers.writePython3 "minecraft_status" { libraries = [ pkgs.python3.pkgs.mcstatus ]; flakeIgnore = [ "E722" ]; } ''
from mcstatus import MinecraftServer as JavaServer
pvv = JavaServer.lookup("minecraft.pvv.ntnu.no")
dods = JavaServer.lookup("mc.dodsorf.as")
try:
pvv_status = pvv.status()
dods_status = dods.status()
except:
pass
result = ""
try:
if pvv_status.players.online > 0:
result += ("P" + str(pvv_status.players.online))
if dods_status > 0:
result += ("D" + str(pvv_status.players.online))
except:
pass
print(result)
'';
interval = 10;
format = " <label>";
};
```
This is basically just the toml format for polybar converted to nix
I write the program inline using [`pkgs.writePython`](https://nixos.wiki/wiki/Nix-writers), configure the icon, and specify how often to run the script to fetch updates.
I think this is pretty cool, and an example of how flexible nix can be; writing a python script, specifying its dependencies, and just including that verbatim in your configuration file is pretty powerful stuff!
The result looks like this:
{{ resize_image(path="2022-05-07-minecraft-polybar/icon.png", width=80, height=1, op="fit_width") }}
I've also made it so when you click on it, it sends a notification with a list of player names. See how that works in the full [commit!](https://github.com/dali99/nix-dotfiles/blob/d927b9d4a347f4bd990fdae242a5aec1b8d5e8b0/profiles/xsession/polybar.nix#L182-L239).
I also used this technique to monitor my quota on [PVV](https://pvv.ntnu.no) machines, [this time with perl!](https://github.com/dali99/nix-dotfiles/blob/f033c21cacde9b40fe504af652fc7ae1a4925b96/machines/pvv-terminal.nix#L21-L33)
Note how this was specified in an entirely different nix file than the main polybar config - making this only available on PVV machines.
# Future work
Deduplicating the code by using tail = true in polybar, and then just sending signals to it via kill to post the notification.
content/pages/_index.md
+3
View File
@@ -0,0 +1,3 @@
+++
render = false
+++
content/pages/about.md
+70
View File
@@ -0,0 +1,70 @@
+++
title = "About"
path = "about"
template = "about.html"
+++
# About me
Hey I'm Dan! I like computers and all things computing! I'm a certified Computer electronics technician,
and I am currently a first-year student taking computer engineering at NTNU in Trondheim.
## Early life
I have been interested in computers for as long as I can honestly remember, and have been using linux based distributions as my personal choice for operating systems since the 7th grade.
I took an edx course in introduction to computer science (CS50) in secondary school, where I was introduced to C as my first "real" text based programming language
(Thus far I had worked mostly in LabView-like languages like robolab, and scratch, with small amounts of bash).
I was in a club programming LEGO mindstorms and competing in FIRST LEGO LEAGUE since I was 11 till I was too old to compete and transissioned into an instructor role.
This experience proved useful when I later taught children how to program during my local makerspace's summer school, and later as an outside instructor at an elementary school
## Videregående
Of course I was also active in this aforementioned makerspace [Horten Folkeverksted](https://folkeverkstedet.com/) where I had the role of infrastructure-responsible and sat on the board of directors.
I held presentations during our yearly event "Sommer:hack". Holding talks about Matrix, Nix, and also being responsible for hosting the CTF competition, and an introduction to "ethical hacking".
I took electrical engineering in high school and specialized into "computers and electronics" where I learned a lot about electronic components and also got to dabble with programming microcontrollers.
I'm hoping to post about the big project we did that year at some point, but cutting it short, we made a big rubix-cube out of RGB LEDs, 3D-printing, and steel.
In my third year I was the leader for our student company, which did electronics repair (but mostly helped pentioners with their computers). I was also on the board of the student council.
## University
After I moved to Trondheim I joined Drift at [Programvareverkstedet](https://www.pvv.ntnu.no/), where we maintain an extremely legacy infrastructure (Our DNS-server is a MicroVAX II from 1985) - But also have a lot of fun!
I've held a course in NixOS and managed to convert a fair few to using nix for their projects.
I'm also part of [hackerspace-ntnu](https://www.hackerspace-ntnu.no/), which is a student driven organisation from my institute that has a workshop,
but also does projects like the making a handheld game console (which I'm part of), or making a full circuitboard sized version of the MOS 6502!
Of course I'm also a member of [Omega Verksted](https://www.omegav.ntnu.no/), but I don't hang around there nearly as much as I should!
I live with a lot of people (>100!), and have a role as part of the IT-gang where I am mostly working with networking infrastructure.
I see myself as someone who has fairly deep knowledge about a very broad set of topics in computing. Especially on the linux front and general programming.
What I lack in formal education I like to think I make up in experience! I've dipped my toe in so many things that it's hard to mention everything!
# Hobbies
In my spare time I maintain my own infrastructure which has gone through many a variation but has settled on a NixOS based config.
Through this homelab I maintain and host most of the services I use day to day.
I of course also program in my spare time, making software that scratches whatever itch I may have.
In the most recent couple of years I have worked mostly on infrastructure as code via NixOS (writing modules), and making and maintaing packages.
But I've also done some small things like writing a distributed video encoding service for encoding AV1, and a couple of matrix bots, not to mention the WIP azul board game AI.
My favorite programming language is Rust, but I really want to learn Haskell as well.
Of course I play video games, though mostly Minecraft and Dota 2!
I enjoy listening to music, watching movies and Anime, and playing boardgames.
Bonus point if you know what my avatar refers to!
# Contact Information
e-mail: [daniel.olsen99@gmail.com](mailto:daniel.olsen99@gmail.com)
matrix: [@dandellion:dodsorf.as](https://matrix.to/#/@dandellion:dodsorf.as), [URI](matrix:u/dandellion:dodsorf.as)
IRC: Dandellion on [libera.chat](https://libera.chat), [OFTC](https://oftc.net/), og [IRCNet](https://www.ircnet.com)
XMPP: [dandellion_dodsorf.as@matrix.org](xmpp:dandellion_dodsorf.as@matrix.org)
# Other platforms
You can find me on [github](https://github.com/dali99), [linkedin](https://www.linkedin.com/in/dandellion)