Manfred Touron

Tools 🛠

21 pages about "Tools 🛠"

Automate ArchiveBox with Google Spreadsheet to Backup your internet

Introduction

I just discovered ArchiveBox on my GitHub feed.

ArchiveBox allows you to store copies of webpages at a specific time.

It is still new for me, but from what I see, my workflow will be something like this:

  • to store copies of interesting webpages that I may want to read again later, i.e., my bookmarks; and then, use these archives:
    • as a backup link when the main page is outdated
    • as a way of comparing how the webpage would have changed with time (diff)
    • to list my interesting links
  • to periodically monitor changes of webpages I want to follow over time, i.e., my public social profiles, or this site web

To make it easier for me to maintain, I want to update a Google Spreadsheet and never touch a shell anymore.

My setup

First, write some links on a Google Spreadsheet document.

Then, publish the document in CSV format.

And finally create a script that will fetch the links in CSV and run the archiver against those URLs.

Here is my custom Makefile:

And my adapted docker-compose.yml file:

Run make loop in a tmux or another process-backgrounding method.

Result

I now only need to add new links to a Google Spreadsheet and let my script do the rest.

Windows 10 Setup 🖥

Image made with Paint.exe

Introduction

I recently ordered a Microsoft Surface Book 2 with Windows 10. The last time I used a Windows for something else than playing games was in 2006.

About the “why”, here are some reasons:

  • to give a new trial, especially after seeing Microsoft becoming more and more “cool” company, in the Open-Source and Linux world,
  • to get out of my routine/comfort zone,
  • to be able to see how my different projects are running and are easily usable by a developer under Windows,
  • to put the same shoes that people I will try to help with my apps and projects,
  • for the challenge of having a very secure Windows configuration,
  • to have arguments if I need again to say that I don’t fit with Windows :)

I wrote this blog post while installing to try to be exhaustive. I hope this article can be useful for someone else trying to switch from Mac OS X to Windows, or for people interested in running Windows from a Security/Developer/Musician guy’s point-of-view.

(At least, it will be helpful for me for the next time I need to install a Windows machine.)

Windows Install

  • Disable anti-privacy options
  • Disable Cortona
  • Enable FaceID
  • Use a strong password for the pin, not a short number
  • Device encryption is now the default, well done Microsoft :+1:
  • When the install is done, reboot, log in, and let Windows download and install all the updates (multiple reboots)

Apps & Settings

Not yet installed/tried

  • Affinity Designer or equivalent
  • Something that synchronizes screenshots in a Cloud Folder
  • Cinema 4D
  • Traktor
  • Lantern
  • Luxafor
  • OpenVPN / Shimo alternative
  • A good weather app, with rain notifications
  • FullContact
  • Airplay client
  • Steam
  • Mailplane
  • Notes.app
  • Encfs
  • Brain FM
  • Reason
  • Pixelmator
  • Inet
  • Kaleidoscope
  • Webex

Problems & Missing stuffs

  • Keyboard binding is hardcore
  • The default Trackpad is bad
  • Using an Apple Trackpad in Bluetooth is worst
    • even with custom driver
  • The Update system is annoying
  • The Driver system is complicated
  • I miss Quick Look
  • I miss Alfred.app
  • I miss the tree view mode of the Finder
  • I miss iTerm (I tried multiple alternatives, the best fit for now is the terminal built-in Visual Studio Code)
  • I miss Mailplane.app
  • I miss iMessages and other synchronicity applications with my iPhone
  • I miss the Screenshots keyboard shortcuts
  • I miss Notes.app

Good surprises

  • WSL is wonderful
    • but slow, with strange linking between the Windows filesystem and Linux
  • Paint 3D is fun (and sometimes useful)
  • Microsoft SongSmith is brilliant

Further Readings

13 Ideas of Productivity Tools I Would Love to Use (Wishlist)

10 ideas

The ideas

  1. The perfect mix between Airtable & Neo4j - An Airtable-like solution to quickly manage from my mobile some dependency/relationships (graoh/RDF) small databases
  2. The perfect mix between Trello, GitHub & Jira - A tool that can be both used with few constraints (Trello, GitHub) and do powerful features (Jira) while having as few different entities as possible that are linked to existing stuff like repos, commits, issues, and that works offline (Trello)
  3. The perfect mix between GitHub and Google Docs - Having Google Docs review/comment feature linked with GitHub, for instance by automatically creating pull-request
  4. The perfect mix between Bankin, Qonto, Revolut, Google Spreadsheet and an AI - a tool that aggregates everything you own (money, loan&debt, salary, patrimony, etc.), allows you to have history and projections, suggestions, but also to simulate what would be the impact of buying, selling a building, having a salary raise, quitting job, etc
  5. A smart screen that always displays my calendar schedule, todolist, today’s achievements etc - I would put one in my bathroom to inject my today’s program and one on my offices desk
  6. The perfect mix between Franz, Google Inbox, Facebook Feed, etc. - A tool that aggregates every source of inputs I need to follow: emails, slack boards, text messages, monitoring, GitHub events; so you are sure to never miss anything important while being able to stop checking those services every 5 minutes; bonus: transform all those streams in threads in this tool with an “unread” state, so even Slack becomes usable tool for people mostly working asynchronously
  7. A tool that allows finding developers based on code instead of their CV (RIP. Sourced Legacy)
  8. A tool that makes remote working at least as effective as a local workingbonus: to make it work in hybrid organizations
  9. The perfect mix between Git, Perforce, and Subversion: something that allows me to have one big monorepos, that fits well with GitHub (where Perforce fails), that fits well with CI/CD (where monorepos fail), that allows cloning only a subpart of a repo
  10. The perfect mix between Neo4J and a self-hosted Wikipedia/Wikidata: A tool that allows to collaboratively define, view and analyze an unstructured, complex, evolutive, and living system (more)
  11. A tool that can transform my phone into a comfortable working station – So I can forget my laptop forever
  12. An anti-hater/anti-troll filter – Like the Gmail’s antispam for Internet browsing, maybe just by graying-out potential bad messages instead of deleting them completely
  13. A tool that anticipates proactively the bad behaviors while using your digital devices – detects unfocus & procrastination waves, when you look too tired, stressed, angry to reply to a mail, maybe not something that actually blocks you, but a visual indicator that motivated to go back “green”
Note: this article is the output of a routine, the content of this list won't change over time. It's, however, possible that I create a whole new list on the same subject as a dedicated new post.

sshportal - An Opinionated SSH Jump-Host

There are many reasons why spaceships don’t have doors that open into the outer space. For one, when a crewmate returns to the ship after visiting a planet, we can do some bio-scanning on them in the airlock, to see if it’s safe to open the doors and let them aboard, or if there’s an alien gestating in their chest.

Maybe the dangers of alien infestation won’t be a concern for at least ten more years, but right now we already are in the digital space, which packs many threats of its own. To protect your infrastructure from an invasion, allow me to suggest a jump host1 named sshportal.

Distinguishing features

Full independence of users and hosts.

sshportal streamlines their management and makes it easy to have multiple users to multiple hosts. They are decorrelated, as only the bastion knows information about both sides – the end user doesn’t have to know the hosts, he is automatically connected to everything he should have access to. So, for example, if a new developer comes into the company or changes their key, the configuration on each of the target servers don’t have to be changed; if the developer leaves, you can remove their access in seconds.

Access to target features

Kitchen, cargo hold, gym – there are many things that an airlock isn’t. sshportal does its job only at the connection, then it “pipes” everything to the target host. So it supports various advanced features, without having any code related to them. Some tested features are: X11 forwarding, port forwarding, tunneling, ssh-agent, sftp, scp, rsync, git support.

Connecting to servers that don’t support SSH keys

…, but only have username/password, This can be especially true for some hardware like internet router or old computers. Once you configure a remote host with the username/password, sshportal will automatically enter the login information. So, other people won’t have to know the login and password – they will connect as they would to any other hosts, using their personal SSH key to connect to sshportal.

“Roles” that provide various levels of access. A user can have access only to a particular host or host group. Login, ssh access, sftp access, and many other features can be enabled or disabled for specific users.

sshportal is also portable, scalable, provides various kinds of statistics and other neat features.

The “invite” system

sshportal was made to be fluid and easy to install and manage, and adding new users is a task that it simplifies greatly. Let’s take a look at a scenario that often occurs when someone in a company wants to access the server:

This person needs to request access from an administrator, to which the administrator will ask for the “public ssh key” of the user – user provides the key, and the administrator manually adds it on the server. Even if the user provides the key along with the request, the administrator still has to ask the user to test the connection, then the user tries and confirms – or doesn’t, which leads to some more steps. This workflow becomes even more involved when you have a user asking his manager to ask the “admin team” or to “open a ticket”, as every step is asynchronous and non-monitorable.

The “invite” mechanism works the opposite way. Admin can create an “invite code” in advance, with a named account that doesn’t have any public ssh key; the first user connecting to the server with this code will automatically link its key with the account. So, after a user requests the access, the workflow goes like this:

Administrator creates the user account sshportal user create toto@company.com. sshportal returns a one-line instruction, i.e.: ssh portal.company.com -l invite:XXXXX that the administrator can give to the user. A user executes the line, and that’s it.

Also, the administrator can check if the user tried to reconnect or not.

Use cases

Used by educators to provide temporary access to students.

A group of over 6000 people is using it internally to manage access to servers/routers, saving hours on configuration management and not having to share the configuration information.

There are companies who use a jump host to monitor connections at a single point.

A hosting company is using sshportal for its “logging” feature, among the others. As every session is logged and introspectable, they have a detailed history of who performed which action. This company made its own contribution to the project, allowing the support of more than 65.000 sessions in the database.

The project has also received multiple contributions from a security researcher that made a thesis on quantum cryptography. This person uses sshportal in their security-hardened hosting company.

A step beyond

There are more things to say about sshportal, but you could visit the GitHub page to check out the demo for yourself and learn more about its features and inner workings. The project is actively supported and has new features in development, like direct access to docker container. Perhaps there is something you personally would like to add or improve? Welcome aboard!

Footnotes

Jump host1 – also known as “bastion” or “gateway” – is an intermediary host that stands between the user and target hosts. It is exposed to the internet and configured to withstand attacks, while the target host remains in the “protected” network, behind the firewall. For more details, here are the Wiki articles on Bastion host and Demilitarized Zo ne.