docs: update nextcloud-collabora

Archguide.md

@@ -2,22 +2,40 @@
 title: Arch Linux Install guide
 description: 
 published: true
-date: 2019-06-01T21:39:34.364Z
+date: 2020-03-19T05:25:06.772Z
 tags: 
 ---
 
-# Let's start. 
+# btw I install arch
 
-This assumes your target disk is /dev/sda, you are running UEFI, you want rEFInd because it's cool, you are wired into ethernet for the install process, you use US keyboard, and mostly understand english
+> This **turbo install guide** makes a lot of assumptions on what you want and doesn't cover many real world setups. Always follow the [official wiki](https://wiki.archlinux.org/index.php/Installation_guide) if in doubt.
+{.is-info}
 
-Alternatively, check out [our installer](https://git.fosc.space/fosc/fosc-arch-installer)
+
+Alternatively, check out [our installer](https://git.fosc.space/fosc/fosc-arch-installer) when it's ready.
 
 ## Partitioning
+To partition disks, always use `cgdisk` unless you have a good reason not to. It's just the best, like a 🦈. 
 
-cgdisk /dev/sda
+> Find the names of your disks using `lsblk`
+{.is-info}
 
+In this guide, the first SATA disk (`sda`) is used. On a modern computer, you may use `nvme0n1` or even `mmcblk0` on embedded systems.
+
+`cgdisk /dev/sda`
+
+Try to make it look something like:
+```
 	/dev/sda1 200M		(ef00) /boot   
 	/dev/sda2 $REST_OF_HDD	(8300) /     
+```
+
+The first partition will store the bootloader and the kernel, and will be read by the UEFI to boot. The second one will contain Arch.
+Format the partitions and mount them.
+
+> On an SSD, `f2fs` is recommended instead of `ext4` for unparalled speed. 
+{.is-info}
+
 
 ```
 mkfs.vfat -F 32 /dev/sda1
@@ -28,25 +46,67 @@ mkdir /mnt/boot
 mount /dev/sda1 /mnt/boot
 ```
 
+## Internet access
+If Ethernet was plugged in during boot, it will be ready.
+When plugging it after the fact, it's best to just reboot. Alternatively, run `dhcpcd`, `killall dhpcd` and run `dhcpcd` again to get an IP address.
+No, that didn't make sense, but it works way too well.
+
+> If a WiFi install is absolutely necessary, run the Arch installer-exclusive `wifi-menu` tool. 
+{.is-warning}
+
+Check your internet connectivity with `ping` before continuing. 
+
 ## Actual install
-Install all packages needed (add what you need!)
+To install packages to a folder instead of normally, `pacstrap` is used. Here a good set of packages to get a running system is provided. 
+> This can also be used to fix a broken system, such as one turned off during an update, by reinstalling damaged packages.
+{.is-info}
 
-`pacstrap -i /mnt base base-devel refind-efi xorg-server gnome gnome-extra firefox networkmanager htop zsh grml-zsh-config`
 
-`genfstab -U /mnt >> /mnt/etc/fstab`
+`pacstrap /mnt base base-devel linux linux-firmware f2fs-tools nano xorg-server gnome gnome-extra firefox networkmanager htop zsh grml-zsh-config`
 
-## Get in there to configure
+## Chrooting
+*The art of running a process as if it was in another system.*
 
+It's time to enter the freshly installed Arch rootfs!
 `arch-chroot /mnt /bin/zsh`
 
+## Making the system bootable
+Run `bootctl install`
+
+systemd-boot will be the bootloader used. It boots entries stored at `/boot/loader/entries/` and is configured at `/boot/loader/loader.conf`.
+
+Copy an example boot entry to the correct place and then edit it.
+```
+cp /usr/share/systemd/bootctl/arch.conf /boot/loader/entries/
+nano /boot/loader/entries/arch.conf
+```
+
+You will need to edit the `options` line so your kernel is told where to find your Arch partition. In this guide, the file would end up like this:
+```
+title   Arch Linux
+linux   /vmlinuz-linux
+initrd  /initramfs-linux.img
+options root=/dev/sda2 rw
+```
+
+> Once this is done, your Arch install is fully bootable!
+{.is-success}
+
+However, don't reboot just yet. There are still some things to do before getting into a properly running system. 
+
+There is a [big caveat](https://doc.fosc.space/Archguide#the-partuuid-dilemma) here which is good to read.
+
+## Configuring the system so it's usable
+### Language
+At least a language needs to be generated and set as the preferred system language.
 ```
 echo "en_US.UTF-8 UTF-8" > /etc/locale.gen
 echo LANG=en_US.UTF-8 > /etc/locale.conf
-
 locale-gen
 ```
 
-## Users
+### Users
+Change `root`'s password and its shell, then add your user and change their password too. 
 ```
 passwd
 chsh root -s /bin/zsh
@@ -55,20 +115,124 @@ useradd -m -G wheel -s /bin/zsh user
 passwd user
 ```
 
-## Enable services
+### Enabling services
-
+Upon bootup, NetworkManager will manage our network interfaces and a graphical login screen provided by GDM will be shown.
 ```systemctl enable NetworkManager gdm```
 
-## Bootloader
 
-`refind-install`
+## Restart
+> And we are truly done!
+{.is-success}
+```
+exit
+reboot
+```
+
+
+# btw I use arch
+*but it sucks, blackscreens and lasts 5 minutes on battery*
+
+Unless some major hardware quirks are happening (damn you, NVIDIA!) you should be able to start using your computer now. 
+
+What to do now is heavily dependent on your hardware and desktop environment. A few common tips are provided. 
+
+## Time
+Use the `timedatectl` tool.
+
+```
+timedatectl set-timezone Europe/Madrid
+timedatectl set-ntp true
+```
+
+## I forgot to install a terminal emulator
+You always have the TTYs.
+
+Press <kbd>ctrl</kbd>+<kbd>alt</kbd>+<kbd>F4</kbd> and login normally. 
+
+## Package management
+Read the [pacman rosetta](https://wiki.archlinux.org/index.php/Pacman/Rosetta).
+
+TL;DR, `pacman -Syu thingy1 thingy2 ...` to install thingy1 and thingy2. 
+
+## sudo doesn't work
+It works, you are just not allowed to use it.
+
+Login as root and edit /etc/sudoers.
+`nano /etc/sudoers`
+
+Uncomment (remove the #) from this line near the end of the file.
+`# %wheel ALL=(ALL) ALL`
+
+## Connecting to wifi via cli
+Use `nmtui` to control NetworkManager from a terminal.
+
+## Bluetooth doesn't even exist
+Install `bluez` and `bluez-utils` and enable the service `systemctl enable --now bluetooth`.
+
+Bluetooth audio needs `pulseaudio-bluetooth`.
+
+When using a minimal desktop environment you can try some of the applets such as `blueman` or `gnome-bluetooth` to control it.
+
+## Audio in general
+Always install `pavucontrol` to completely manage your audio needs.
+
+Mics by default come muted. Unmute it and/or boost it. 
+
+A similar deal happens with bluetooth audio, by default it runs on basically analog phone emulation mode. 
+Change to high quality audio profile to not **instantly die** upon music playback. 
+
+## Battery life is nonexistent
+The TLP daemon tunes tunables inside the heavily tunable Linux kernel so you have a semblance of battery life.
+You can also install it in normal desktops and it makes some difference in wall power draw.
+
+
+Install `tlp` and enable it, which is quirky.
+```
+systemctl enable --now tlp
+systemctl mask systemd-rfkill systemd-rfkill.socket
+```
+
+## The PARTUUID dilemma
+> Using partition names to boot instead of their unique identifiers will cause the OS not to boot if (when) the partition count or disk order of the computer changes. 
+> It may change even across reboots. To avoid this issue, extract your partition's `PARTUUID` using `blkid` and edit your options line accordingly.
+{.is-danger}
+
+```
+title   Arch Linux
+linux   /vmlinuz-linux
+initrd  /initramfs-linux.img
+options root=PARTUUID="9b505600-2d6a-3660-b0c3-d2dfd653c5fd" rw
+```
+
+> As long as your firmware doesn't change disk order randomly, **and you know what to touch if it breaks**, you can ignore this.
+>
+> *For now.*
+{.is-info}
+
+## NVIDIA Optimus
+Install `nvidia` and `nvidia-utils` as normal. 
+
+These by default will hijack your screen and run everything with the NVIDIA card. The NVIDIA control panel allows you to turn the GPU off completely.
+
+> However, this doesn't really work on some laptops, which will just blackscreen or exhibit buggy behavior.
+> Plus, it drains the battery pretty much *instantly*. 
+{.is-warning}
+
+Install `bumblebee` so the integrated graphics have priority and activate its service: `systemctl enable bumblebeed`.
+
+You will need to add your user to the `bumblebee` group. Run `gpasswd -a yourusername bumblebee`.
+
+To run programs with the NVIDIA card, run `optirun program`. For Steam games, change their executable command line to `optirun %command%`. 
+
+Finally, to allow the card to turn off completely when unused, install `bbswitch`.
+> Even LESS laptops will like that. The workaround involves editing your kernel cmdline options to blacklist a little bit of Windows-specific BIOS code. 
+> Try adding `acpi_osi=! acpi_osi="Windows 2012"`. Try with 2009 or 2015 instead for 9xxm and 20xx series respectively if it doesn't work.
+{.is-danger}
+
+More information [can be found at the usual place](https://wiki.archlinux.org/index.php/NVIDIA_Optimus)
+
+
 
-## Kernel cmdline
-Basically edit your boot options to be 'rw root=/dev/sda2', as sometimes rEFInd doesn't make this automatically
 
-`nano /boot/refind_linux.conf`
 
-## Git out
 
-`exit`
-`reboot`

Archrpi3guide.md

@@ -2,7 +2,7 @@
 title: Arch Linux Install rpi3
 description: 
 published: true
-date: 2019-04-23T02:07:24.491Z
+date: 2019-06-20T08:41:37.721Z
 tags: 
 ---
 

Firefox font color error 'Fix'.md

@@ -1,13 +0,0 @@
----
-title: Firefox font color error
-description: 
-published: true
-date: 2019-05-02T12:02:12.760Z
-tags: 
----
-
-# Firefox font color error
-
-Just this:
-
-`widget.content.gtk-theme-override = Adwaita` in `about:config`

Primeros-pasos-atomicpi.md

@@ -0,0 +1,39 @@
+---
+title: Primeros pasos Atomic Pi
+description: Primeros pasos Atomic Pi
+published: true
+date: 2019-07-31T11:53:25.201Z
+tags: 
+---
+
+# Primeros pasos AtomicPi
+
+![watermarkphoto_2019-06-19_16-22-25.jpg](/watermarkphoto_2019-06-19_16-22-25.jpg)
+Desde el club hemos participado en una conjunta de esta placa, una alternativa a la Raspberry Pi sin ARM.
+
+![watermarkphoto_2019-06-19_16-30-37.jpg](/watermarkphoto_2019-06-19_16-30-37.jpg)
+
+A continuación exponemos las características de dicha placa:
+
+   - Procesador: intel modelo Atom x5-z8350 hasta 1.92GHz
+    - 2 GB de RAM
+    - 16GB de memoria eMMC (almacenamiento interno)
+    - 4 cores con un nominal máximo en modo turbo de 1’9Ghz
+    - Ethernet Gigabit
+    - Wifi 2,4/5G con doble antena física (No vienen antenas solo los conectores en la placa)
+    - Bluetooth (No vienen las antenas, solo los conectores en la placa)
+    - Dispone de un preamplificador y 2 conectores físicos de altavoces.
+    - Tiene varios conectores de extensión, como el de webcam, que realmente es un USB 2.0 que se puede sacar de la placa.
+    - Todos los detalles en su web oficial: [DLI Direct](https://dlidirect.com/products/atomic-pi)
+![watermarkphoto_2019-06-19_16-30-32.jpg](/watermarkphoto_2019-06-19_16-30-32.jpg)
+
+En primer lugar comentar que la alimentación se hace DIY (en breve actualizaremos con la forma de la que hemos alimentado nuestras placas)
+
+![photo_2019-06-19_18-30-15.jpg](/photo_2019-06-19_18-30-15.jpg)![photo_2019-06-19_18-30-18.jpg](/photo_2019-06-19_18-30-18.jpg)
+
+## POWER OPTIONS
+5V 3A a menos que quieras usar la salida de audio que necesitas 12V.
+## OS TESTED
+- Lubuntu (Viene instalado en la placa).
+- Android 8.1 (http://browser.geekbench.com/v4/cpu/13590654) [android.mp4](/android.mp4)
+![screenshotfrom2019-06-1918-27-55.png](/screenshotfrom2019-06-1918-27-55.png)

ProgramasClase.md

@@ -2,12 +2,29 @@
 title: Programas Para Clase en Linux
 description: Nos hacen usar programas horribles, pero al menos los podemos usar en linux sin problemas
 published: true
-date: 2019-06-19T20:53:16.750Z
+date: 2019-07-12T13:57:31.171Z
 tags: 
 ---
 
 # Instalando los programas de clase en Linux
 
+
+## Mathlab :
+Si no vas a necesitar el simulink, puedes utilizar **Octave** para todo. Solo necesitas añadir la librerías adecuadas. Si no tienes una función que te hace falta, haciendo `help comando`, octave te dirá el paquete que te hace falta. Aquí tienes un puñado:
+```
+> pkg install signal -forge ;Para cosas de fourier
+> load senal ; La cargamos para poder utilizarla
+> 
+> pkg install control -forge ;Para trabajar con sistemas LTI
+> load control ; La cargamos para poder utilizarla
+```
+
+Los archivos .m que nos den el las prácticas no necesitan nada más. Se pueden hacer todas las prácticas que no usan simulink de: Álgebra y Métodos Numéricos, Ondas, Sistemas Lineales, Teoría de la Comunicación, Cálculo I y Cálculo II. (Y probablemente todas las demás)
+
+Lista negra de Asignaturas no 100% compatibles con octave:
+- Teoría de la Comunicación (2 GIT/GIST)
+- Tecnicas de Transmisión (3 GIST)
+
 ## Xilinx ISE 14.7 :
 
 ### Descargamos el instalador
@@ -16,19 +33,36 @@ Podemos encontrar el instalador en la [web de xilinx](https://www.xilinx.com/sup
 ### Instalamos el paquete
 Este paso va a depender de la distribución de linux que utilices:
 	
-  #### En Arch: 
+  En Arch: 
-  `pacman -U /ruta/al/archivo/instalador.tar.gz`
+  Desde el club tenemos un paquete custom para instalar el software de la asignatura, pregunta en el club sobre la ruta de este archivo.
   
-  #### En Debian/Ubuntu:
+```
-  
+pacman -U /ruta/al/archivo/instalador.tar.gz
-  	cd /ruta/al/archivo
+```
-  	tar xzf instalador.tar.gz
-  	cp -R instalador /ruta/donde/quieras/instalar
-  	cd /ruta/donde/quieras/instalar
-  	./configure
-  	make
-  	sudo make install			
- 
- 
-3.	Desactivamos todo el theming que tengamos en la sesión (en mi caso, wal -R en .bspwmrc
 
+En el caso de tener que hacer uso de la placa del laboratorio (Spartan3E), será necesario instalar el paquete xilinx-usb-drivers del AUR. Con este paquete ya tendremos las reglas udev necesarias para poder cargar el bitstream en la placa. 
+
+La entrada de la wiki de arch, aunque es sobre Vivado, resuelve alguna que otra duda. [wiki arch](https://wiki.archlinux.org/index.php/Xilinx_Vivado)
+
+En Debian/Ubuntu:
+
+```
+cd /ruta/al/archivo
+tar xzf instalador.tar.gz
+cp -R instalador /ruta/donde/quieras/instalar
+cd /ruta/donde/quieras/instalar
+./configure
+make
+sudo make install			
+ ```
+ 
+### Arreglamos el estropicio
+Por algún motivo, el ISE utiliza su propio entorno de qt. Es una versión vieja con muchas cosas extra estilo ubuntu que intenta escoger el mismo tema de qt que tenga el resto del sistema. Y falla catastróficamente si tienes un tema oscuro.
+
+Así que no queda otra que eliminar nuestro tema mientras queramos usarlo. En mi caso, quitar una línea de .bspwmrc.  ~~wal -R~~.
+
+Tambien podemos eliminar el paquete comprimido. 
+
+## Eclipse a.k.a intellij desde ahora
+Aunque desde que entramos en la carrera nos recomiendan utilizar el programa Eclipse para programar en Java, sin duda lo más util es pasarse a otra familia de IDEs muy utilies, no solo para java, sino para el resto de lenguajes de programación. [web de intellij](https://www.jetbrains.com/idea/)
+Para estos programas, disponemos de licencia estudiante gracias al email que nos facilita la universidad.

delta_p4.md

@@ -0,0 +1,23 @@
+---
+title: Impresora formato Delta
+description: Es la impresora que actualmente esta cogiendo polvo en una esquina del club
+published: true
+date: 2019-10-04T11:35:38.911Z
+tags: 
+---
+
+# Kossell Anycubic
+
+Use this Marlin provided guide for basic information.
+https://github.com/MarlinFirmware/Marlin/tree/dev-2.1.x/config/examples/delta/Anycubic/Kossel
+
+It's old: some settings have been removed or merged into others.
+
+1.Use auto calibrate
+2.Fine tune bed height using the paper slide method
+3.Save settings
+4.Maybe insert settings load into cura stl
+
+> Configure layer fan in Cura, else it won't turn on
+{.is-warning}
+

es/plutoSDR.md

@@ -2,7 +2,7 @@
 title: PlutoSDR
 description: Primeros pasos con el PlutoSDR
 published: true
-date: 2019-06-19T20:14:02.288Z
+date: 2020-04-19T03:27:22.422Z
 tags: 
 ---
 

es/traefik.md

@@ -0,0 +1,153 @@
+---
+title: Traefik v2
+description: Routing seguro para tus aplicaciones en containers usando Traefik v2 con Let's Encrypt
+published: true
+date: 2020-04-19T03:25:17.168Z
+tags: 
+---
+
+# Configurar traefik v2 para routing seguro como proxy reverso con HTTPS
+
+![Traefik v2](https://containo.us/content/images/2019/11/image-108.png)
+
+## Introducción
+
+Una configuración robusta de proxy inverso es crítica para cualquier configuración selfhosted que tenga elementos expuestos a través de internet. Si bien los servicios de proxy inverso se utilizan a menudo por razones de equilibrio de carga y seguridad, la mayoría de los propietarios de servidores domésticos los utilizan para enrutar las solicitudes dirigidas a diferentes dominios o subdominios a diferentes hosts o servicios internos. En mi caso puedes ver todos mis servicios en https://server.crstian.me/.
+
+En esto post vamos a ver como configurar Traefik como proxy inverso como por ejemplo [NGINX](https://www.nginx.com/).
+
+Vamos a ver como hacer routing de forma segura a peticiones dirigidas a un subdominio que apunte a un puero específico de un container, todo ello a través de forma segura mediante HTTPS.
+
+## ¿Qué es un proxy inverso?
+
+Un proxy inverso es un tipo de servidor proxy que recupera recursos en nombre de un cliente desde uno o más servidores. Estos recursos son entonces regresados al cliente como si se originaran en el propio servidor Web.
+
+Lo que explicado de una forma más vulgar sería en nuestro caso acceder a distintos servicios que tenemos de forma local pero desde el exterior y que en este caso Traefik haga el trabajo de routing y dependiendo el subdominio nos lleve a un servicio u otro.
+![Traefik routers](https://docs.traefik.io/v2.0/assets/img/services.png)
+
+### Balanceo de carga
+
+Un proxy inverso puede distribuir la carga de solicitudes entrantes a varios servidores, con cada servidor ejecutando su propia área de aplicación.
+
+Los proxies inversos proporcionan una capa adicional de seguridad al no revelar nunca la dirección IP del servidor backend que realmente maneja las solicitudes. Esto significa que los atacantes normalmente sólo podrán atacar a los propios servidores proxy inversos.
+
+### Encriptación SSL
+
+Un proxy inverso lo podemos configurar con encriptación SSL para poder generar certificados automaticamente para cada ruta con [Let's Encrypt](https://letsencrypt.org/es/).
+
+## Configurar Traefik v2
+
+En nuestro caso vamos a levantarlo con un [docker-compose.yml](https://docs.docker.com/compose/)
+
+```
+version: '3.7'
+
+services:
+  traefik:
+    image: traefik:latest
+    network_mode: host
+    volumes:
+      - ./config/:/etc/traefik/
+      - /var/run/docker.sock:/var/run/docker.sock
+```
+Ahora vamos a configurar Traefik con su archivo de configuración traefik.toml.
+
+```
+api:
+  dashboard: true
+
+entryPoints:
+  web:
+    address: ":80"
+  web-secure:
+    address: ":443"
+
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    exposedByDefault: false
+  file:
+    filename: /etc/traefik/config.yml
+    watch: true
+
+certificatesResolvers:
+  default:
+    acme:
+      email: your email
+      storage: /etc/traefik/acme/acme.json
+      tlsChallenge: {}
+```
+
+### Integración con Docker
+
+Traefik utiliza la API de cada [proveedor](https://docs.traefik.io/providers/overview/) para encontrar información de routing y configurarse en función a ello.
+
+![Traefik v2 providers](https://docs.traefik.io/assets/img/providers.png)
+
+### Puntos de entrada
+
+Los puntos de entrada simplemente definen los puertos en los que Traefik escuchará para recibir los paquetes. Aquí se configuran dos puntos de entrada, web y websecure para los puertos 80 y 443.
+
+## Configuración de los containers
+
+El último paso para exponer nuestro container usando Traefik es añadir algunas etiquetas Docker que permitirán a Traefik encontrarlo.
+
+Estas son las etiquetas necesarias: 
+
+```
+labels:
+      - traefik.enable=true
+      - traefik.http.routers.yourservicename.entryPoints=web-secure
+      - traefik.http.routers.yourservicename.rule=Host(`subdomain.your.domain`)
+      - traefik.http.routers.yourservicename.tls=true
+      - traefik.http.routers.yourservicename.middlewares=user:password
+      - traefik.http.services.yourservicename.loadbalancer.server.port=serviceport    
+```
+- `yourservicename` tenemos que cambiarlo por el nombre de nuestra aplicación, por ejemplo `netdata`
+
+- `subdomain.your.domain` tenemos que cambiarlo por nuestro subdominio que queremos que apunte a nuestra aplicación, por ejemplo `netdata.crstian.me`
+
+- `serviceport` aquí tenemos que cambiarlo por el puerto que use nuestro servicio
+
+- `user:password` en caso de que queramos ponerle usuario y contraseña para entrar a ese servicio debemos usar usuario y contraseña como si fuera htaccess
+
+
+Un ejemplo de un servicio que tengo corriendo en mi servidor con su docker-compose.yml
+
+```
+version: '3'
+services:
+  caddy:
+    image: abiosoft/caddy
+    volumes:
+      - '/storage/shared:/srv'
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.caddy.entryPoints=web-secure
+      - traefik.http.routers.caddy.rule=Host(`downloads.crstian.me`)
+      - traefik.http.routers.caddy.tls.certresolver=default
+      - traefik.http.services.caddy.loadbalancer.server.port=2015
+      - traefik.http.routers.caddy.middlewares=torrent
+      - traefik.http.middlewares.torrent.basicAuth.users=mypasswordbro
+    restart: unless-stopped
+```
+## Traefik Dashboard
+
+Por último vamos a configurar dentro del propio traefik para que podamos acceder a su dashboard mediante un subdominio.
+
+Dentro del archivo config.yml tenemos que tener lo siguiente:
+
+```
+traefik:
+      rule: Host(`traefik.crstian.me`)
+      entryPoints:
+        - "web-secure"
+      service: api@internal
+      middlewares:
+        - auth
+      tls:
+        certResolver: default
+```
+Nos deberá mostrar este dashboard 
+
+![Traefik v2](https://raw.githubusercontent.com/Crstian19/crstian19.github.io/master/_posts/traefikdashboard.png)

firefox-fix.md

@@ -0,0 +1,23 @@
+---
+title: Firefox font color error
+description: 
+published: true
+date: 2019-06-20T19:40:06.609Z
+tags: 
+---
+
+# Unreadable fonts on text boxes
+
+This is caused by using a dark GTK theme. Firefox picks up the dark background for text input boxes, but the webpage also uses a dark font.
+
+That is just one of the issues you may encounter on the Web while using a dark theme.
+
+To fix it, we tell Firefox to render the content viewfinder using the stock GTK theme, Adwaita. 
+
+Go to `about:config` and set `widget.content.gtk-theme-override` to `Adwaita` 
+
+# Ugly duplicate title bar
+
+By default, client side decorations are not enabled.
+
+Go to the Firefox menu, Customize and disable the `Title bar` checkbox shown at the bottom left.

icestick.md

@@ -0,0 +1,11 @@
+---
+title: icestick
+description: 
+published: true
+date: 2019-07-12T14:08:26.389Z
+tags: 
+---
+
+# Icestick
+
+Cosas que hacer

infrastructure.md

@@ -2,7 +2,7 @@
 title: Infrastructure
 description: The hardware and software powering it all
 published: true
-date: 2019-06-12T23:02:23.235Z
+date: 2019-06-29T19:10:36.767Z
 tags: 
 ---
 
@@ -65,6 +65,9 @@ Backups occur weekly at `04:00` using the `restic` software
 Encryption key has been shared among the head members
 
 # File Server
+> This server is currently out of comision. Backups have been taken to offline disks.
+{.is-danger}
+
 As you would have expected, `gordo`
 
 Also runs NixOS, using a simpler configuration than the main server.

nextcloud-collabora.md

@@ -0,0 +1,110 @@
+---
+title: Nextcloud & Collabora
+description: How to configure a properly working setup using Traefik
+published: true
+date: 2020-05-07T11:33:22.135Z
+tags: 
+---
+
+# Requirements
+
+Our setup relies heavily on `traefik` and won't work without it. See our traefik configuration page on how to prepare your system to accept this configuration.
+
+# docker-compose.yml
+
+```
+version: '3'
+
+services:
+
+  nginx:
+    image: nginx:alpine
+    restart: unless-stopped
+    volumes:
+      - ./nginx.conf:/etc/nginx/nginx.conf
+      - ./nextcloud:/var/www/html
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.cloud.entryPoints=web-secure
+      - traefik.http.routers.cloud.rule=Host(`cloud.fosc.space`)
+      - traefik.http.routers.cloud.tls.certresolver=default
+      - traefik.http.routers.cloud.middlewares=cloud@docker
+      - traefik.http.middlewares.cloud.headers.customFrameOptionsValue=SAMEORIGIN
+      - traefik.http.middlewares.cloud.headers.framedeny=true
+      - traefik.http.middlewares.cloud.headers.sslredirect=true
+      - traefik.http.middlewares.cloud.headers.stsSeconds=15552000
+    depends_on:
+      - fpm
+
+  fpm:
+    image: nextcloud
+    restart: unless-stopped
+    volumes:
+      - ./nextcloud:/var/www/html
+    environment:
+      - NEXTCLOUD_TRUSTED_DOMAINS=cloud.fosc.space
+      - REDIS_HOST=redis
+      - MYSQL_HOST=mariadb
+      - MYSQL_USER=nextcloud
+      - MYSQL_PASSWORD=hunter2
+      - MYSQL_DATABASE=nextcloud
+      - NEXTCLOUD_ADMIN_USER=admin
+      - NEXTCLOUD_ADMIN_PASSWORD=hunter2
+    depends_on:
+      - mariadb
+      - redis
+      - cron
+
+  mariadb:
+    image: mariadb
+    restart: unless-stopped
+    environment:
+      - MYSQL_ROOT_PASSWORD=hunter2
+      - MYSQL_USER=nextcloud
+      - MYSQL_PASSWORD=hunter2
+      - MYSQL_DATABASE=nextcloud
+    volumes:
+      - ./db:/var/lib/mysql
+
+  collabora:
+    image: collabora/code
+    restart: unless-stopped
+    environment:
+      - username=admin
+      - password=hunter3
+      - DONT_GEN_SSL_CERT=true
+      - "domain=cloud\\.fosc\\.space"
+      - "extra_params=--o:ssl.enable=false --o:ssl.termination=true --o:storage.wopi.host[0]=::ffff:[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:net.post_allow.host[0]=::ffff:[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:storage.wopi.host[1]=[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:net.post_allow.host[1]=[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+ --o:storage.wopi.host[2]=cloud.fosc.space"
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.coll.entryPoints=web-secure
+      - traefik.http.routers.coll.rule=Host(`collabora.fosc.space`)
+      - traefik.http.routers.coll.tls.certresolver=default
+      - traefik.http.services.coll.loadbalancer.server.port=9980
+
+  redis:
+    image: redis:alpine
+    restart: unless-stopped
+
+  cron:
+    image: nextcloud
+    restart: always
+    volumes:
+      - ./nextcloud:/var/www/html
+    entrypoint: /cron.sh
+    depends_on:
+      - mariadb
+      - redis
+```
+
+# Nextcloud configuration
+Once everything is up and running, install the Collabora plugin for Nextcloud and configure the following in its settings page:
+
+> URL (and Port) of Collabora Online-server:
+`https://collabora.fosc.space:443`
+{.is-info}
+
+# Quirks
+> To get rid of the secure proxy warning, add a `NEXTCLOUD_TRUSTED_PROXIES` entry to Nextcloud's config.php with your host's hostname or IP address. For some reason, this configuration is not exposed via environment variables and cannot be fixed from docker-compose. 
+
+

prusai3_rani.md

@@ -0,0 +1,11 @@
+---
+title: Prusa i3 Hephestos
+description: Page about personal experiences
+published: true
+date: 2019-07-05T16:16:24.733Z
+tags: 
+---
+
+# Header
+
+Your content here

services.md

@@ -2,10 +2,14 @@
 title: Services
 description: FOSC as a service, or FAAS
 published: true
-date: 2019-06-12T23:14:36.288Z
+date: 2020-04-30T22:06:46.253Z
 tags: 
 ---
 
+
+> View them all in a beautiful form at [services.fosc.space](https://services.fosc.space)
+{.is-success}
+
 # Publicly accessible services
 > Anyone can see (some of) the content stored here, as a member you have full access
 {.is-info}
@@ -78,16 +82,24 @@ Sometimes you forget
 > Server versions and ports may be nonstandard. Contact us if you want to run your server here.
 {.is-info}
 
-### Public Minecraft server
+### Minecraft servers
+
+###### Vanilla
+`fosc.space`
+###### FTB Revelations
+`ftb.fosc.space`
+###### Roguelike Adventures and Dungeons
+`adventure.fosc.space`
+###### RLCraft
+`rlcraft.fosc.space`
+
+### Minecraft Bedrock server
 `fosc.space`
 
-### Private Minecraft server
+### CSGO Server
-`fosc.space:25566`
-
-### Public Minecraft Pocket server
 `fosc.space`
 
-### Public Factorio server
+### Starbound Server
 `fosc.space`
 
 

traefik.md

@@ -0,0 +1,188 @@
+---
+title: Traefik
+description: Hypercharged reverse proxy with Docker autodiscovery and other goodies
+published: true
+date: 2020-01-31T11:18:50.873Z
+tags: 
+---
+
+# What is this?
+
+Traefik hogs your ports `80` and `443` (and others), will intercept HTTP requests to your server and forward them to different endpoints.
+
+It allows you to run multiple web services on the same IP address and access them on a domain name basis.
+
+We use both the Docker backend and a manual routing backend.
+
+[An example setup can be had here.](https://gitlab.com/p4block/traefik-v2-ready-to-go)
+
+# Requirements
+To make it easier to have multiple `docker-compose.yml` without having to specify networks by hand, we run Traefik on the host's network stack.
+
+This allows it to access all Docker networks by default. 
+
+Using docker-compose:
+```
+version: '3.7'
+
+services:
+  traefik:
+    image: traefik:latest
+    network_mode: host
+    volumes:
+      - ./config/:/etc/traefik/
+      - /var/run/docker.sock:/var/run/docker.sock
+```
+
+# Traefik Configuration
+Before starting the example project:
+
+An `acme` folder needs to exist with `700` permissions, inside there should be an `acme.json` with 600 permissions.
+
+Failing to do so will cause your IP to be banned from Let's Encrypt for an hour or more (and accessing your services won't work because SSL will fail at a fundamental level)
+
+## Static configuration
+Changing this requires a Traefik restart.
+
+`/etc/traefik/traefik.yml`
+```
+api:
+  dashboard: true
+
+entryPoints:
+  web:
+    address: ":80"
+  web-secure:
+    address: ":443"
+
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    exposedByDefault: false
+  file:
+    filename: /etc/traefik/config.yml
+    watch: true
+
+certificatesResolvers:
+  default:
+    acme:
+      email: example@changeme.com
+      storage: /etc/traefik/acme/acme.json
+      tlsChallenge: {}
+
+log:
+  level: WARNING
+  filePath: /etc/traefik/debug.log
+  format: json
+```
+
+## Dynamic configuration
+Traefik live reloads this file.
+
+All http input is elevated to https using the "redirect" middleware. `traefik` and `netdata` routers listen on 443. `traefik` also runs the "auth" middleware to ask for password. 
+
+The user/password is specified in the apache htaccess format.
+
+`/etc/traefik/config.yml`
+```
+http:
+  routers:
+    redirector:
+      rule: HostRegexp(`{any:.*}`)
+      entryPoints:
+        - "web"
+      service: dummy
+      middlewares:
+        - redirect
+    traefik:
+      rule: Host(`traefik.your.domain`)
+      entryPoints: 
+        - "web-secure"
+      service: api@internal
+      middlewares:
+        - auth
+      tls:
+        certResolver: default
+    netdata:
+      rule: Host(`netdata.your.domain`)
+      entryPoints: 
+        - "web-secure"
+      service: netdata
+      tls:
+        certResolver: default
+
+  services:
+    dummy:
+      loadBalancer:
+        servers:
+          - url: http://127.0.0.1
+    netdata:
+      loadBalancer:
+        servers:
+          - url: http://localhost:19999
+
+  middlewares:
+    redirect:
+      redirectScheme:
+        scheme: https
+    auth:
+      basicAuth:
+        users:
+          - 'test:$apr1$tyoqkxlc$BbG4rHVMcV7mSQWIgEZQT0' #test/test
+
+tls:
+  options:
+    default:
+      sniStrict: true
+      minVersion: VersionTLS12
+      cipherSuites:
+        - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
+        - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+        - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+        - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+
+    mintls13: 
+      minVersion: VersionTLS13
+```
+
+# Configuring a docker-compose Service
+This is the most usual configuration a service will need, which is self explanatory.
+
+```
+version: '3.7'
+
+services:
+  whoami:
+    image: containous/whoami
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.whoami.entryPoints=web-secure
+      - traefik.http.routers.whoami.rule=Host(`whoami.your.domain`)
+      - traefik.http.routers.whoami.tls.certresolver=default
+
+```
+
+A more verbose one is needed when a specific port must be used or a middleware is needed, such as asking for basic authentication.
+
+Here shown a Caddy download page that asks for the username and password defined in the dynamic configuration. 
+
+It also doesn't use Let's Encrypt and will serve Traefik's default certificate, as the machine this configuration is pulled from is running behind Cloudflare. 
+
+```
+version: '3.7'
+
+services:
+  private-caddy:
+    image: abiosoft/caddy:php
+    restart: unless-stopped
+    volumes:
+      - ./srv:/srv
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.private-caddy.entryPoints=web-secure
+      - traefik.http.routers.private-caddy.rule=Host(`private.your.domain`)
+      - traefik.http.routers.private-caddy.tls=true
+      - traefik.http.routers.private-caddy.middlewares=auth@file
+      - traefik.http.services.private-caddy.loadbalancer.server.port=2015
+```
+

ukiyo.md

@@ -0,0 +1,186 @@
+---
+title: Ukiyo
+description: Personalized Smart Signage w/ Machine Learning
+published: true
+date: 2019-11-17T00:42:32.210Z
+tags: 
+---
+
+<p align="center">
+
+<a href="" rel="noopener">
+
+<img src="https://cloud.fosc.space/core/preview?fileId=7286&x=1366&y=768&a=true" alt="Ukiyo"></a>
+
+</p>
+
+<h3 align="center">Ukiyo</h3>
+
+<div align="center">
+
+[![Junction](https://img.shields.io/badge/hackathon-Junction-purple)](https://www.hackjunction.com/)
+
+[![Status](https://img.shields.io/badge/status-active-success.svg)]()
+
+[![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE.md)
+
+</div>
+
+---
+
+<p align="center"> Ukiyo is an encompassing solution to student oriented digital signage, giving both users and owners insights on information that is useful to them.
+
+On the user side, tenants coming or going into the building are provided information on their day, following events, weather and all the smart mirror things.
+
+Once a student gets closer, things change. We are able to identify them (with their permission, of course) and show them personalized information that is more relevant to them, such as their following classes.
+
+However, to the building owners, Ukiyo is a strong data analysis platform, able to capture outlier communities and help them solve problems faster.
+
+Is someone mining bitcoin in their dormitory? Is there a water leak? Are those more common in summer? These questions can be answered automatically by it.
+
+<br> 
+
+
+</p>
+
+## 📝 Table of Contents
+
+- [Problem Statement](#problem_statement)
+
+- [Idea / Solution](#idea)
+
+- [Dependencies / Limitations](#limitations)
+
+- [Future Scope](#future_scope)
+
+- [Setting up a local environment](#getting_started)
+
+- [Usage](#usage)
+
+- [Technology Stack](#tech_stack)
+
+- [Contributing](../CONTRIBUTING.md)
+
+- [Authors](#authors)
+
+- [Acknowledgments](#acknowledgments)
+
+## 🧐 Problem Statement <a name = "problem_statement"></a>
+
+It is useful to design and follow a specific format when writing a problem statement. While there are several options
+
+for doing this, the following is a simple and straightforward template often used in Business Analysis to maintain
+
+focus on defining the problem.
+
+- IDEAL: This section is used to describe the desired or “to be” state of the process or product. At large, this section
+
+should illustrate what the expected environment would look like once the solution is implemented.
+
+- REALITY: This section is used to describe the current or “as is” state of the process or product.
+
+- CONSEQUENCES: This section is used to describe the impacts on the business if the problem is not fixed or improved upon.
+
+This includes costs associated with loss of money, time, productivity, competitive advantage, and so forth.
+
+Following this format will result in a workable document that can be used to understand the problem and elicit
+
+requirements that will lead to a winning solution.
+
+## 💡 Idea / Solution <a name = "idea"></a>
+
+This section is used to describe potential solutions.
+
+Once the ideal, reality, and consequences sections have been
+
+completed, and understood, it becomes easier to provide a solution for solving the problem.
+
+## ⛓️ Dependencies / Limitations <a name = "limitations"></a>
+
+- What are the dependencies of your project?
+
+- Describe each limitation in detailed but concise terms
+
+- Explain why each limitation exists
+
+- Provide the reasons why each limitation could not be overcome using the method(s) chosen to acquire.
+
+- Assess the impact of each limitation in relation to the overall findings and conclusions of your project, and if
+
+appropriate, describe how these limitations could point to the need for further research.
+
+## 🚀 Future Scope <a name = "future_scope"></a>
+
+Write about what you could not develop during the course of the Hackathon; and about what your project can achieve
+
+in the future.
+
+## 🏁 Getting Started <a name = "getting_started"></a>
+
+These instructions will get you a copy of the project up and running on your local machine for development
+
+and testing purposes. See [deployment](#deployment) for notes on how to deploy the project on a live system.
+
+### Prerequisites
+
+What things you need to install the software and how to install them.
+
+```
+
+Give examples
+
+```
+
+### Installing
+
+A step by step series of examples that tell you how to get a development env running.
+
+Say what the step will be
+
+```
+
+Give the example
+
+```
+
+And repeat
+
+```
+
+until finished
+
+```
+
+## 🎈 Usage <a name="usage"></a>
+
+Add notes about how to use the system.
+
+## ⛏️ Built With <a name = "tech_stack"></a>
+
+- [MongoDB](https://www.mongodb.com/) - Database
+
+- [Express](https://expressjs.com/) - Server Framework
+
+- [VueJs](https://vuejs.org/) - Web Framework
+
+- [NodeJs](https://nodejs.org/en/) - Server Environment
+
+## ✍️ Authors <a name = "authors"></a>
+
+- [@Raniita](https://github.com/Raniita)
+
+- [@Elementh](https://github.com/elementh)
+
+- [@ElGuayaba](https://github.com/ElGuayaba)
+
+- [@P4block](https://gitlab.com/p4block)
+
+- [@Crstian19](https://gitlab.com/Crstian19)
+
+## 🎉 Acknowledgments <a name = "acknowledgments"></a>
+
+- Hat tip to anyone whose code was used
+
+- Inspiration
+
+- References