diff options
| author | subh <subh@subh.space> | 2026-04-15 18:32:58 +0530 |
|---|---|---|
| committer | subh <subh@subh.space> | 2026-04-15 18:32:58 +0530 |
| commit | afecebc9521775a3bf2cdd055035d3d0a3377554 (patch) | |
| tree | c02d89e5083ca7978dd88c936bb5cdf5f6c02dca | |
| parent | 103f55f0f5b08d5e938f92b3e01bcd82d9247f7b (diff) | |
revamp
| -rw-r--r-- | index.html | 700 | ||||
| -rw-r--r-- | pubkey.txt | 14 | ||||
| -rw-r--r-- | stuff/dnsforge-dot-mac.html | 232 | ||||
| -rw-r--r-- | stuff/index.html | 118 | ||||
| -rw-r--r-- | stuff/luks-encryption.html | 213 | ||||
| -rw-r--r-- | stuff/mullvad-dot.html | 257 | ||||
| -rw-r--r-- | stuff/usb-notif-linux.html | 193 |
7 files changed, 700 insertions, 1027 deletions
@@ -1,525 +1,197 @@ <!DOCTYPE html> <html lang="en"> <head> - <meta charset="UTF-8" /> - <meta name="viewport" content="width=device-width, initial-scale=1" /> - <title>subh.space</title> - <link rel="icon" type="image/png" href="favicon.ico"/> - <link href="https://fonts.googleapis.com/css2?family=Share+Tech+Mono&family=VT323&family=Fira+Code:wght@300;400;500;600&display=swap" rel="stylesheet" /> - <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css" rel="stylesheet" /> - <style> - :root { - --red: #ff0000; - --red-dim: #cc0000; - --red-glow: rgba(255, 0, 0, 0.4); - --red-faint: rgba(255, 0, 0, 0.07); - --bg: #000000; - --text: #ffffff; - --text-dim: #999; - --text-faint: #444; - --scan-speed: 8s; - } - - *, *::before, *::after { box-sizing: border-box; margin: 0; padding: 0; } - - html, body { - height: 100%; - overflow: hidden; - background: var(--bg); - color: var(--text); - font-family: 'Fira Code', monospace; - cursor: crosshair; - } - - body::before { - content: ''; - position: fixed; - inset: 0; - background: repeating-linear-gradient( - 0deg, - transparent, - transparent 2px, - rgba(0,0,0,0.25) 2px, - rgba(0,0,0,0.25) 4px - ); - pointer-events: none; - z-index: 100; - animation: scanroll var(--scan-speed) linear infinite; - } - - @keyframes scanroll { - from { background-position: 0 0; } - to { background-position: 0 100px; } - } - - body::after { - content: ''; - position: fixed; - inset: 0; - background: radial-gradient(ellipse at center, transparent 50%, rgba(0,0,0,0.85) 100%); - pointer-events: none; - z-index: 99; - } - - #grid-bg { - position: fixed; - inset: 0; - background-image: - linear-gradient(rgba(255,0,0,0.04) 1px, transparent 1px), - linear-gradient(90deg, rgba(255,0,0,0.04) 1px, transparent 1px); - background-size: 40px 40px; - z-index: 0; - } - - #sweep { - position: fixed; - top: -2px; - left: 0; - width: 100%; - height: 2px; - background: linear-gradient(90deg, transparent, var(--red), transparent); - box-shadow: 0 0 12px 4px var(--red-glow); - z-index: 98; - animation: sweep 4s linear infinite; - opacity: 0.7; - } - - @keyframes sweep { - 0% { top: -2px; opacity: 0; } - 5% { opacity: 0.7; } - 95% { opacity: 0.7; } - 100% { top: 100vh; opacity: 0; } - } - - .corner { - position: fixed; - width: 60px; - height: 60px; - z-index: 10; - } - .corner::before, .corner::after { - content: ''; - position: absolute; - background: var(--red); - box-shadow: 0 0 8px var(--red-glow); - } - .corner::before { width: 2px; height: 100%; } - .corner::after { width: 100%; height: 2px; } - .corner.tl { top: 20px; left: 20px; } - .corner.tr { top: 20px; right: 20px; transform: scaleX(-1); } - .corner.bl { bottom: 20px; left: 20px; transform: scaleY(-1); } - .corner.br { bottom: 20px; right: 20px; transform: scale(-1); } - - #status-bar { - position: fixed; - top: 0; - left: 0; - right: 0; - height: 28px; - display: flex; - align-items: center; - justify-content: space-between; - padding: 0 28px; - font-size: 0.65rem; - font-family: 'Share Tech Mono', monospace; - color: var(--text-dim); - border-bottom: 1px solid rgba(255,0,0,0.15); - background: rgba(0,0,0,0.7); - z-index: 50; - letter-spacing: 1px; - } - #status-bar .status-left { display: flex; gap: 20px; } - #status-bar .status-right { display: flex; gap: 20px; align-items: center; } - .status-dot { width: 6px; height: 6px; border-radius: 50%; background: var(--red); display: inline-block; margin-right: 5px; animation: pulse-dot 1.5s ease-in-out infinite; } - @keyframes pulse-dot { 0%,100%{opacity:1;} 50%{opacity:0.2;} } - #clock { color: var(--red); font-size: 0.7rem; } - - #bottom-bar { - position: fixed; - bottom: 0; - left: 0; - right: 0; - height: 24px; - display: flex; - align-items: center; - justify-content: space-between; - padding: 0 28px; - font-size: 0.6rem; - font-family: 'Share Tech Mono', monospace; - color: var(--text-faint); - border-top: 1px solid rgba(255,0,0,0.1); - background: rgba(0,0,0,0.7); - z-index: 50; - } - #progress-bar { - height: 2px; - background: linear-gradient(90deg, var(--red), #ff6666); - box-shadow: 0 0 6px var(--red-glow); - animation: progress 3s ease-in-out infinite alternate; - } - @keyframes progress { from { width: 40%; } to { width: 90%; } } - - .content { - position: relative; - z-index: 5; - display: flex; - flex-direction: column; - align-items: center; - justify-content: center; - height: 100vh; - gap: 0; - padding: 40px 1rem 30px; - } - - .terminal-window { - width: 100%; - max-width: 520px; - border: 1px solid rgba(255,0,0,0.5); - background: rgba(0,0,0,0.9); - box-shadow: 0 0 0 1px rgba(255,0,0,0.1), 0 0 40px rgba(255,0,0,0.08), inset 0 0 40px rgba(255,0,0,0.02); - margin-bottom: 28px; - position: relative; - } - - .terminal-window::before { - content: ''; - position: absolute; - inset: 0; - background: repeating-linear-gradient( - 0deg, - transparent, - transparent 3px, - rgba(255,0,0,0.015) 3px, - rgba(255,0,0,0.015) 4px - ); - pointer-events: none; - } - - .tw-titlebar { - display: flex; - align-items: center; - gap: 8px; - padding: 8px 12px; - border-bottom: 1px solid rgba(255,0,0,0.25); - background: rgba(255,0,0,0.05); - } - .tw-btn { width: 10px; height: 10px; border-radius: 50%; } - .tw-btn.r { background: #ff5f57; } - .tw-btn.y { background: #ffbd2e; } - .tw-btn.g { background: #28ca42; } - .tw-title { - margin-left: auto; - margin-right: auto; - font-size: 0.65rem; - color: var(--text-dim); - font-family: 'Share Tech Mono', monospace; - letter-spacing: 2px; - } - .tw-body { - padding: 16px 18px 14px; - font-family: 'Share Tech Mono', monospace; - font-size: 0.85rem; - line-height: 1.7; - } - - .t-line { display: flex; align-items: center; gap: 6px; min-height: 1.4em; } - .t-prompt { color: var(--red); user-select: none; flex-shrink: 0; } - .t-user { color: #ff6666; } - .t-at { color: var(--text-dim); } - .t-host { color: #ff9999; } - .t-path { color: var(--text-dim); } - .t-cmd { color: var(--text); } - .t-out { color: #aaa; padding-left: 4px; } - .t-out .val { color: #ff6666; } - .cursor-block { - display: inline-block; - width: 8px; - height: 1em; - background: var(--red); - animation: blink 1s step-end infinite; - vertical-align: middle; - margin-left: 2px; - } - @keyframes blink { 0%,100%{opacity:1;} 50%{opacity:0;} } - - .tagline { - font-family: 'VT323', monospace; - font-size: 1.15rem; - color: var(--text-dim); - letter-spacing: 4px; - text-transform: uppercase; - margin-bottom: 26px; - position: relative; - } - .tagline::before, .tagline::after { - content: '//'; - color: var(--red); - margin: 0 10px; - opacity: 0.6; - } - - .links-grid { - display: grid; - grid-template-columns: 1fr 1fr; - gap: 8px; - width: 100%; - max-width: 520px; - } - - .link { - position: relative; - display: flex; - align-items: center; - gap: 10px; - padding: 11px 16px; - text-decoration: none; - font-family: 'Share Tech Mono', monospace; - font-size: 0.82rem; - color: var(--text-dim); - border: 1px solid rgba(255,255,255,0.07); - background: rgba(255,255,255,0.02); - letter-spacing: 1.5px; - text-transform: uppercase; - transition: all 0.18s ease; - overflow: hidden; - } - - .link::before { - content: ''; - position: absolute; - left: 0; top: 0; bottom: 0; - width: 2px; - background: var(--red); - transform: scaleY(0); - transition: transform 0.18s ease; - box-shadow: 0 0 8px var(--red-glow); - } - - .link::after { - content: ''; - position: absolute; - inset: 0; - background: linear-gradient(90deg, var(--red-faint), transparent); - opacity: 0; - transition: opacity 0.18s ease; - } - - .link:hover { - color: var(--text); - border-color: rgba(255,0,0,0.35); - background: rgba(255,0,0,0.04); - } - .link:hover::before { transform: scaleY(1); } - .link:hover::after { opacity: 1; } - .link:hover i { color: var(--red); filter: drop-shadow(0 0 4px var(--red)); } - - .link i { - font-size: 0.9rem; - width: 16px; - text-align: center; - color: var(--text-faint); - transition: all 0.18s ease; - position: relative; - z-index: 1; - } - .link span { position: relative; z-index: 1; } - - .link .link-arrow { - margin-left: auto; - font-size: 0.6rem; - opacity: 0; - transform: translateX(-4px); - transition: all 0.18s ease; - color: var(--red); - } - .link:hover .link-arrow { opacity: 1; transform: translateX(0); } - - .link.full { grid-column: 1 / -1; } - - .terminal-window:hover .glitch-text { - animation: glitch 0.3s ease-in-out; - } - @keyframes glitch { - 0% { text-shadow: none; transform: none; } - 20% { text-shadow: -2px 0 var(--red); transform: translateX(2px); } - 40% { text-shadow: 2px 0 #0ff; transform: translateX(-2px); } - 60% { text-shadow: -1px 0 var(--red); transform: translateX(1px); } - 80% { text-shadow: 1px 0 #0ff; transform: translateX(-1px); } - 100% { text-shadow: none; transform: none; } - } - - #noise { - position: fixed; - inset: 0; - z-index: 1; - opacity: 0.03; - pointer-events: none; - background-image: url("data:image/svg+xml,%3Csvg viewBox='0 0 256 256' xmlns='http://www.w3.org/2000/svg'%3E%3Cfilter id='n'%3E%3CfeTurbulence type='fractalNoise' baseFrequency='0.9' numOctaves='4' stitchTiles='stitch'/%3E%3C/filter%3E%3Crect width='100%25' height='100%25' filter='url(%23n)'/%3E%3C/svg%3E"); - } - - @media (max-width: 540px) { - .links-grid { grid-template-columns: 1fr; } - .link.full { grid-column: 1; } - .terminal-window { max-width: 100%; } - .tw-body { font-size: 0.78rem; } - } - </style> + <meta charset="UTF-8"> + <meta name="viewport" content="width=device-width, initial-scale=1.0"> + <title>subh.space</title> + <style> + :root { + --bg-outer: #1d2021; + --bg-inner: #282828; + --fg: #ebdbb2; + --gray: #928374; + --yellow: #fabd2f; + --aqua: #8ec07c; + --blue: #83a598; + --red: #fb4934; + --line: #3c3836; + } + + body { + background-color: var(--bg-outer); + color: var(--fg); + font-family: 'Iosevka Nerd Font Propo'; + margin: 0; + padding: 0; + display: flex; + flex-direction: column; + align-items: center; + min-height: 100vh; + } + + header { + padding: 2.5rem 1rem; + display: flex; + gap: 1.5rem; + justify-content: center; + flex-wrap: wrap; + } + + header a { + color: var(--aqua); + text-decoration: none; + font-weight: bold; + } + + header a:hover { + text-decoration: underline; + } + + .container { + background-color: var(--bg-inner); + width: 90%; + max-width: 750px; + padding: 3rem; + border-radius: 4px; + box-shadow: 0 4px 15px rgba(0,0,0,0.5); + } + + h1 { + color: var(--yellow); + font-size: 2.2rem; + margin-top: 0; + margin-bottom: 1.5rem; + } + + p { + line-height: 1.6; + margin-bottom: 1.2rem; + } + + a { + color: var(--blue); + text-decoration: none; + } + + a:hover { + text-decoration: underline; + } + + pre { + background-color: var(--bg-outer); + padding: 1rem; + border-radius: 4px; + border: 1px solid var(--line); + overflow-x: auto; + margin: 1.5rem 0; + } + + code { + color: var(--blue); + font-size: 0.9rem; + word-break: break-all; + white-space: pre-wrap; + } + + h2 { + color: var(--yellow); + font-size: 1.5rem; + margin-top: 2.5rem; + margin-bottom: 1rem; + } + + .list-container { + display: flex; + flex-direction: column; + } + + .list-item { + display: flex; + justify-content: space-between; + align-items: center; + padding: 0.8rem 0; + border-bottom: 1px dotted var(--line); + text-decoration: none; + } + + .list-item:first-child { + border-top: 1px dotted var(--line); + } + + .list-item:hover { + background-color: #32302f; + } + + .item-title { + color: var(--aqua); + } + + .item-date { + color: var(--gray); + font-size: 0.9rem; + } + + footer { + margin: 3rem 0; + color: var(--gray); + font-size: 0.85rem; + text-align: center; + } + </style> </head> <body> - <div id="grid-bg"></div> - <div id="noise"></div> - <div id="sweep"></div> - - <!-- corners --> - <div class="corner tl"></div> - <div class="corner tr"></div> - <div class="corner bl"></div> - <div class="corner br"></div> - - <!-- top bar --> - <div id="status-bar"> - <div class="status-left"> - <span><span class="status-dot"></span>CONNECTED</span> - <span>SSH_TTY=/dev/pts/0</span> - <span>SHELL=/bin/zsh</span> - </div> - <div class="status-right"> - <span id="clock">00:00:00</span> - <span>UTC+0</span> - </div> - </div> - - <!-- bottom bar --> - <div id="bottom-bar"> - <span>subh.space v2.0 — unauthorized access will be prosecuted</span> - <div id="progress-bar"></div> - <span>enc:AES-256 | tls:1.3</span> - </div> - - <!-- main --> - <div class="content"> - <div class="terminal-window"> - <div class="tw-titlebar"> - <div class="tw-btn r"></div> - <div class="tw-btn y"></div> - <div class="tw-btn g"></div> - <span class="tw-title">bash — 80×24 — subh.space</span> - </div> - <div class="tw-body"> - <div class="t-line"> - <span class="t-prompt">┌─[</span> - <span class="t-user">x4c1s</span> - <span class="t-at">@</span> - <span class="t-host">subh.space</span> - <span class="t-prompt">]─[</span> - <span class="t-path">~</span> - <span class="t-prompt">]</span> - </div> - <div class="t-line"> - <span class="t-prompt">└─$ </span> - <span class="t-cmd glitch-text" id="typed-cmd"></span> - <span class="cursor-block" id="cur"></span> + <header> + <a href="#">home</a> + <a href="https://git.subh.space">git</a> + <a href="https://github.com/5epi0l">github</a> + <a href="https://notes.subh.space">notes</a> + <a href="https://www.hackthebox.com">hackthebox</a> + </header> + + <main class="container"> + <h1>Hi, I’m subh</h1> + + <p> + A 20-year old interested in <strong>Linux</strong>, <strong>Computer Security</strong> and <strong>philosophy</strong>. In my spare time, I like to read philosophy, tinker with my system and self-host stuff and write about them incase i forget how to do them in the future, and also to serve as minimal tutorials for anyone interested in the same. + </p> + <p>If you're also one of those soyboys who use proprietary software, you should start transitioning to FOSS and self-hosting. It is good for your privacy (even if you have nothing to hide) and also a good learning exercise. At the end of the day, it is always advantageous to be in control of your data.</p> + + <p>Become based, self-host your own shit.</p> + <p>Reach out to me at <a href="mailto:subh@subh.space">subh@subh.space</a></p> + + <p>Incase you're not a big fan of mail, drop a text on session.</p> + + <pre><code class="language-shell"># Account ID +054290431f91025e295290b3dd7136d8c290a174ed07292411669bfe605934f46e</code></pre> + + <p>You can find my public key <a href="pubkey.txt">here.</a></p> + + <h2>Stuff</h2> + + <div class="list-container"> + <a href="stuff/mullvad-dot.html" class="list-item"> + <span class="item-title">DNS over TLS (DoT) on linux with mullvad</span> + <span class="item-date">2026-04-14</span> + </a> + <a href="stuff/usb-notif-linux.html" class="list-item"> + <span class="item-title">USB notifications with udev</span> + <span class="item-date">2026-04-14</span> + </a> + <a href="stuff/luks-encryption.html" class="list-item"> + <span class="item-title">Drive encryption with LUKS and cryptsetup</span> + <span class="item-date">2026-04-14</span> + </a> + <a href="stuff/dnsforge-dot-mac.html" class="list-item"> + <span class="item-title">DNS over TLS (DoT) on mac with dnsforge</span> + <span class="item-date">2026-04-14</span> + </a> </div> - <div class="t-line" id="out1" style="opacity:0"> - <span class="t-out">uid=<span class="val">1337</span>(x4c1s) gid=<span class="val">1337</span>(hackers) groups=<span class="val">red_team,cloudsec,htb</span></span> - </div> - <div class="t-line" id="out2" style="opacity:0"> - <span class="t-out">hostname: <span class="val">subh.space</span> | arch: <span class="val">x86_64</span> | kernel: <span class="val">6.19.6-arch1-1</span></span> - </div> - <div class="t-line" id="out3" style="opacity:0"> - <span class="t-prompt">└─$ </span> - <span class="cursor-block"></span> - </div> - </div> - </div> - - <div class="tagline">CloudSec · Red Team · HackTheBox</div> - - <div class="links-grid"> - <a class="link" href="https://github.com/5epi0l" target="_blank" rel="noopener"> - <i class="fab fa-github"></i> - <span>GitHub</span> - <span class="link-arrow">▶</span> - </a> - - <a class="link" href="https://notes.subh.space" target="_blank" rel="noopener"> - <i class="fas fa-book-open"></i> - <span>Notes</span> - <span class="link-arrow">▶</span> - </a> - - <a class="link" href="https://x4c1s.bsky.social" target="_blank" rel="noopener"> - <i class="fas fa-cloud"></i> - <span>BlueSky</span> - <span class="link-arrow">▶</span> - </a> - - <a class="link" href="https://app.hackthebox.com/profile/716879" target="_blank" rel="noopener"> - <i class="fas fa-cube"></i> - <span>HackTheBox</span> - <span class="link-arrow">▶</span> - </a> -</div> - </div> - - <script> - function tick() { - const now = new Date(); - document.getElementById('clock').textContent = - now.toUTCString().slice(17, 25); - } - tick(); setInterval(tick, 1000); - - const cmd = 'id && uname -a'; - let i = 0; - const el = document.getElementById('typed-cmd'); - const cur = document.getElementById('cur'); - - function typeChar() { - if (i < cmd.length) { - el.textContent += cmd[i++]; - setTimeout(typeChar, 60 + Math.random() * 60); - } else { - cur.style.display = 'none'; - setTimeout(() => { - document.getElementById('out1').style.cssText = 'opacity:1;transition:opacity 0.3s'; - setTimeout(() => { - document.getElementById('out2').style.cssText = 'opacity:1;transition:opacity 0.3s'; - setTimeout(() => { - document.getElementById('out3').style.cssText = 'opacity:1;transition:opacity 0.3s'; - }, 200); - }, 200); - }, 400); - } - } + </main> - setTimeout(typeChar, 1200); + <footer> + © 2026 subh.space + </footer> - const hexChars = '0123456789ABCDEF'; - function randomHex(len) { - return Array.from({length:len}, () => hexChars[Math.random()*16|0]).join(''); - } - const gridBg = document.getElementById('grid-bg'); - for (let j = 0; j < 8; j++) { - const span = document.createElement('div'); - span.style.cssText = ` - position:absolute; - font-family:'Share Tech Mono',monospace; - font-size:0.55rem; - color:rgba(255,0,0,0.12); - top:${10+Math.random()*80}%; - left:${5+Math.random()*90}%; - white-space:nowrap; - pointer-events:none; - user-select:none; - `; - span.textContent = '0x' + randomHex(8); - gridBg.appendChild(span); - setInterval(() => { - span.textContent = '0x' + randomHex(8); - }, 2000 + Math.random() * 3000); - } - </script> </body> </html> diff --git a/pubkey.txt b/pubkey.txt new file mode 100644 index 0000000..81f85f0 --- /dev/null +++ b/pubkey.txt @@ -0,0 +1,14 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mDMEacclQRYJKwYBBAHaRw8BAQdASiEwTkjKOuAWpFlEc3aScJj6j7jpFQ4vZU3/ +oIN/jOu0PXN1YmggKEdQRyBrZXkgZm9yIHBhc3MgYW5kIHN1YmhAc3ViaC5zcGFj +ZSkgPHN1YmhAc3ViaC5zcGFjZT6IkAQTFgoAOBYhBEIu0XBzzlEiQp076d4GvlN+ +VAdLBQJpz4bGAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEN4GvlN+VAdL +JuQBAOEyYsnBqDep6efRuwduKTVYHrDhZWuRx7jSzjg27hHPAQCBKPwHXhyTHjwU +64glmJ9FkJrH6107C5DWqASkdOL9Arg4BGnHJUESCisGAQQBl1UBBQEBB0DIssee +jnRHzbuyM9tBfCg0elxon7W5vsqmQQM6x6Y4KwMBCAeIeAQYFgoAIBYhBEIu0XBz +zlEiQp076d4GvlN+VAdLBQJpxyVBAhsMAAoJEN4GvlN+VAdLp6EBAKmI3bFgKjei +T7I0eIM2Xm2SxjovW/hPAnXpnI2+KBEoAP0St9Dl9KrC0h0mYxzr9zrve7nk3CD1 +DFLDC2rnqT86AA== +=/WDX +-----END PGP PUBLIC KEY BLOCK----- diff --git a/stuff/dnsforge-dot-mac.html b/stuff/dnsforge-dot-mac.html index 1fd9777..035e155 100644 --- a/stuff/dnsforge-dot-mac.html +++ b/stuff/dnsforge-dot-mac.html @@ -3,156 +3,171 @@ <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> - <title>subh.space</title> + <title>DNS over TLS on mac - subh.space</title> <style> + /* Gruvbox Dark Hard Palette */ :root { - --bg0: #282828; - --bg1: #3c3836; + --bg-outer: #1d2021; + --bg-inner: #282828; --fg: #ebdbb2; --gray: #928374; --yellow: #fabd2f; - --green: #b8bb26; - --orange: #fe8019; --aqua: #8ec07c; + --blue: #83a598; + --orange: #fe8019; + --line: #3c3836; } body { - font-family: 'Iosevka Nerd Font Propo', Iosevka; - line-height: 1.7; + background-color: var(--bg-outer); color: var(--fg); - background-color: var(--bg0); - max-width: 780px; - margin: 40px auto; - padding: 0 20px; - -webkit-font-smoothing: antialiased; + font-family: 'Iosevka Nerd Font Propo'; + margin: 0; + padding: 0; + display: flex; + flex-direction: column; + align-items: center; + min-height: 100vh; + } + + header { + padding: 2.5rem 1rem; + display: flex; + gap: 1.5rem; + justify-content: center; + flex-wrap: wrap; + } + + header a { + color: var(--aqua); + text-decoration: none; + font-weight: bold; + } + + header a:hover { + text-decoration: underline; + } + + .container { + background-color: var(--bg-inner); + width: 90%; + max-width: 750px; + padding: 3rem; + border-radius: 4px; + box-shadow: 0 4px 15px rgba(0,0,0,0.5); } h1 { - font-size: 2.2em; color: var(--yellow); - border-bottom: 2px solid var(--bg1); - padding-bottom: 15px; - margin-bottom: 30px; + font-size: 1.8rem; + margin-top: 0; + margin-bottom: 1rem; + line-height: 1.2; } h2 { - font-size: 1.5em; - color: var(--aqua); - margin-top: 35px; - margin-bottom: 15px; - font-weight: 600; + color: var(--orange); + font-size: 1.3rem; + margin-top: 2rem; + margin-bottom: 0.8rem; } - p { margin-bottom: 1.2em; } + p { + line-height: 1.6; + margin-bottom: 1rem; + } - code { - font-family: 'Fira Code', 'JetBrains Mono', 'Courier New', monospace; - background-color: var(--bg1); - color: var(--orange); - padding: 3px 6px; - border-radius: 4px; - font-size: 0.9em; + strong { + color: var(--yellow); } + /* Code Block Styling */ pre { - background-color: #1d2021; - padding: 20px; - border-radius: 8px; + background-color: var(--bg-outer); + padding: 1.2rem; + border-radius: 4px; + border: 1px solid var(--line); overflow-x: auto; - border: 1px solid var(--bg1); - margin-bottom: 1.5em; + margin: 1.5rem 0; } - pre code { - background-color: transparent; - padding: 0; - color: var(--fg); - color-scheme: dark; + code { + color: var(--blue); + font-size: 0.9rem; + font-family: 'JetBrains Mono', Courier, monospace; } - .language-toml { color: var(--fg); } - .toml-key { color: var(--green); } - - ol, ul { margin-bottom: 1.5em; padding-left: 25px; } - li { margin-bottom: 0.8em; } - li pre { margin-top: 10px; margin-bottom: 10px; } + .comment { + color: var(--gray); + } + + footer { + margin: 3rem 0; + color: var(--gray); + font-size: 0.85rem; + text-align: center; + } + + ol { + padding-left: 1.2rem; + } + li { + margin-bottom: 1rem; + line-height: 1.6; + } </style> </head> <body> -<h1>DNS over TLS (DoT) on mac with stubby and dnsforge</h1> + <header> + <a href="../index.html">home</a> + <a href="https://git.subh.space">git</a> + <a href="https://github.com/5epi0l">github</a> + <a href="https://notes.subh.space">notes</a> + <a href="https://www.hackthebox.com">hackthebox</a> + </header> -<p>This is a step-by-step guide on how to setup DNS over TLS (DoT) on mac with stubby</p> + <main class="container"> + <h1>DNS over TLS (DoT) on mac with stubby and dnsforge</h1> + + <p>This is a step-by-step guide on how to setup DNS over TLS (DoT) on mac with stubby.</p> + + <h2>1. Install Stubby</h2> + <p>Install stubby on your mac with homebrew:</p> + <pre><code>brew install stubby</code></pre> -<h2>1. Install Stubby</h2> -<p>Install stubby on your mac with homebrew</p> -<pre><code class="language-shell">brew install stubby -</code></pre> + <h2>2. Configure stubby</h2> + <p>Write the following config to <code>/opt/homebrew/etc/stubby/stubby.yml</code>. This config uses dnsforge as the encrypted DNS resolver, though you may use any encrypted DNS resolver of your choice.</p> -<h2>2. Configure stubby</h2> -<p>write the following config to <code>/opt/homebrew/etc/stubby/stubby.yml</code></p> -<p>This config uses dnsforge as the encrypted DNS resolver, though you may use any encrypted DNS resolver of your choice.</p> -<pre><code class="language-yml"> -################################################################################ + <pre><code><span class="comment">################################################################################ ######################## STUBBY YAML CONFIG FILE ############################### -################################################################################ +################################################################################</span> -################################### LOGGING #################################### log_level: GETDNS_LOG_NOTICE -########################## BASIC & PRIVACY SETTINGS ############################ resolution_type: GETDNS_RESOLUTION_STUB dns_transport_list: - GETDNS_TRANSPORT_TLS -# Strict mode - TLS auth REQUIRED, no plaintext fallback tls_authentication: GETDNS_AUTHENTICATION_REQUIRED - -# Pad queries to 128 bytes to prevent size-based traffic analysis tls_query_padding_blocksize: 128 - -# Hide client subnet from upstream resolvers edns_client_subnet_private: 1 -############################# CONNECTION SETTINGS ############################## -# Distribute queries across all upstreams round_robin_upstreams: 1 - -# Keep TLS connections alive for 10s to reduce handshake overhead idle_timeout: 10000 - -# Retry/backoff settings tls_connection_retries: 3 tls_backoff_time: 300 - -# Per-query timeout (ms) timeout: 5000 - -# Force TLS 1.3 minimum tls_min_version: GETDNS_TLS1_3 -################################ LISTEN ADDRESS ################################ -# Stubby listens locally on port 53 -# Point your system DNS to 127.0.0.1 listen_addresses: - 127.0.0.1 - 0::1 -############################### DNSSEC SETTINGS ################################ -# dnsforge.de performs DNSSEC validation upstream (ad flag confirmed) -# Uncomment below to enforce DNSSEC locally as well -# dnssec: GETDNS_EXTENSION_TRUE - -################################## UPSTREAMS ################################# -# dnsforge.de - no-log, DNSSEC-validating, ad-free resolver (DE) -# PIN verified via: kdig -d @<ip> +tls-ca +tls-host=dnsforge.de example.com -############################################################################### - upstream_recursive_servers: - - ## dnsforge.de - IPv4 primary + <span class="comment">## dnsforge.de - IPv4</span> - address_data: 49.12.67.122 tls_port: 853 tls_auth_name: "dnsforge.de" @@ -160,38 +175,29 @@ upstream_recursive_servers: - digest: "sha256" value: m51QwAhzNDSa3G7c1Y6eOEsskzp6ySzeOqy0LKcptDw= - ## dnsforge.de - IPv4 secondary - address_data: 91.99.154.175 tls_port: 853 tls_auth_name: "dnsforge.de" tls_pubkey_pinset: - digest: "sha256" - value: m51QwAhzNDSa3G7c1Y6eOEsskzp6ySzeOqy0LKcptDw= + value: m51QwAhzNDSa3G7c1Y6eOEsskzp6ySzeOqy0LKcptDw=</code></pre> - ## dnsforge.de - IPv6 primary - - address_data: 2a01:4f8:c013:29d::122 - tls_port: 853 - tls_auth_name: "dnsforge.de" - tls_pubkey_pinset: - - digest: "sha256" - value: m51QwAhzNDSa3G7c1Y6eOEsskzp6ySzeOqy0LKcptDw= + <h2>3. Run stubby as a service</h2> + <p>To make sure stubby runs on startup, run it as a service:</p> + <pre><code>sudo brew services start stubby</code></pre> - ## dnsforge.de - IPv6 secondary - - address_data: 2a01:4f8:c013:29d::175 - tls_port: 853 - tls_auth_name: "dnsforge.de" - tls_pubkey_pinset: - - digest: "sha256" - value: m51QwAhzNDSa3G7c1Y6eOEsskzp6ySzeOqy0LKcptDw= -</code></pre> + <h2>4. Change default DNS Server</h2> + <p> + Navigate to <strong>Settings -> Network -> Wi-Fi</strong>. Click on details for your wifi and navigate to <strong>DNS</strong>. + Remove any present IPs or hostnames, and add two IPs: <code>127.0.0.1</code> and <code>::1</code>. + </p> + + <p>And you're all set!</p> + </main> -<h2>3. Run stubby as a service</h2> -<p>To make sure stubby runs on startup, run it as a service</p> -<pre><code class="language-shell">sudo brew services start stubby -</code></pre> + <footer> + © 2026 subh.space + </footer> -<h2>4. Change default DNS Server</h2> -<p>Navigate to <code>Settings</code> -> <code>Network</code> -> <code>Wi-Fi.</code> Click on <code>details</code> for your wifi and navigate to <code>DNS.</code> Remove any present IPs or hostnames, and add two IPs <code>127.0.0.1</code> and <code>::1</code></p> -<p>And you're all set!</p> </body> </html> diff --git a/stuff/index.html b/stuff/index.html deleted file mode 100644 index bb258f9..0000000 --- a/stuff/index.html +++ /dev/null @@ -1,118 +0,0 @@ -<!DOCTYPE html> -<html lang="en"> -<head> - <meta charset="UTF-8"> - <meta name="viewport" content="width=device-width, initial-scale=1.0"> - <title>subh.space</title> - <style> - :root { - --bg0: #282828; - --bg1: #3c3836; - --fg: #ebdbb2; - --gray: #928374; - --yellow: #fabd2f; - --aqua: #8ec07c; - --orange: #fe8019; - } - - body { - font-family: 'Iosevka Nerd Font Propo'; - line-height: 1.6; - color: var(--fg); - background-color: var(--bg0); - max-width: 650px; - margin: 60px auto; - padding: 0 20px; - -webkit-font-smoothing: antialiased; - } - - header { - margin-bottom: 40px; - } - - h1 { - font-size: 1.8em; - color: var(--yellow); - margin-bottom: 10px; - } - - .subtitle { - color: var(--gray); - font-size: 0.95em; - } - - nav ul { - list-style: none; - padding: 0; - } - - nav li { - margin-bottom: 15px; - display: flex; - justify-content: space-between; - align-items: baseline; - border-bottom: 1px dotted var(--bg1); - padding-bottom: 8px; - } - - nav a { - color: var(--aqua); - text-decoration: none; - font-weight: 500; - transition: color 0.2s; - } - - nav a:hover { - color: var(--orange); - text-decoration: underline; - } - - .date { - font-family: 'Fira Code', monospace; - font-size: 0.85em; - color: var(--gray); - } - - footer { - margin-top: 60px; - font-size: 0.8em; - color: var(--gray); - text-align: center; - } - </style> -</head> -<body> - - <header> - <h1>Random Stuff</h1> - </header> - - <main> - <nav> - <ul> - <li> - <a href="mullvad-dot.html">DNS over TLS (DoT) on linux with mullvad</a> - <span class="date">2026-04-14</span> - </li> - <li> - <a href="usb-notif-linux.html">USB notifications with udev</a> - <span class="date">2026-04-14</span> - </li> - <li> - <a href="luks-encryption.html">Drive encryption with LUKS and cryptsetup</a> - <span class="date">2026-04-14</span> - </li> - <li> - <a href="dnsforge-dot-mac.html">DNS over TLS (DoT) on mac with dnsforge</a> - <span class="date">2026-04-14</span> - </li> - </ul> - </nav> - </main> - - <footer> - <p>© 2026 subh.space</p> - </footer> - -</body> -</html> diff --git a/stuff/luks-encryption.html b/stuff/luks-encryption.html index f292c63..4b1cf3a 100644 --- a/stuff/luks-encryption.html +++ b/stuff/luks-encryption.html @@ -3,138 +3,155 @@ <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> - <title>subh.space</title> + <title>LUKS Encryption - subh.space</title> <style> + /* Gruvbox Dark Hard Palette */ :root { - --bg0: #282828; - --bg1: #3c3836; + --bg-outer: #1d2021; + --bg-inner: #282828; --fg: #ebdbb2; --gray: #928374; --yellow: #fabd2f; - --green: #b8bb26; - --orange: #fe8019; --aqua: #8ec07c; + --blue: #83a598; + --orange: #fe8019; + --line: #3c3836; } body { - font-family: 'Iosevka Nerd Font Propo'; - line-height: 1.7; + background-color: var(--bg-outer); color: var(--fg); - background-color: var(--bg0); - max-width: 780px; - margin: 40px auto; - padding: 0 20px; - -webkit-font-smoothing: antialiased; + font-family: 'Iosevka Nerd Font Propo'; + margin: 0; + padding: 0; + display: flex; + flex-direction: column; + align-items: center; + min-height: 100vh; + } + + header { + padding: 2.5rem 1rem; + display: flex; + gap: 1.5rem; + justify-content: center; + flex-wrap: wrap; + } + + header a { + color: var(--aqua); + text-decoration: none; + font-weight: bold; + } + + header a:hover { + text-decoration: underline; + } + + .container { + background-color: var(--bg-inner); + width: 90%; + max-width: 750px; + padding: 3rem; + border-radius: 4px; + box-shadow: 0 4px 15px rgba(0,0,0,0.5); } h1 { - font-size: 2.2em; color: var(--yellow); - border-bottom: 2px solid var(--bg1); - padding-bottom: 15px; - margin-bottom: 30px; + font-size: 1.8rem; + margin-top: 0; + margin-bottom: 2rem; + line-height: 1.2; } h2 { - font-size: 1.5em; - color: var(--aqua); - margin-top: 35px; - margin-bottom: 15px; - font-weight: 600; + color: var(--orange); + font-size: 1.3rem; + margin-top: 2rem; + margin-bottom: 0.8rem; } - p { margin-bottom: 1.2em; } + p { + line-height: 1.6; + margin-bottom: 1rem; + } code { - font-family: 'Fira Code', 'JetBrains Mono', 'Courier New', monospace; - background-color: var(--bg1); - color: var(--orange); - padding: 3px 6px; - border-radius: 4px; - font-size: 0.9em; + color: var(--blue); + font-family: 'JetBrains Mono', Courier, monospace; + font-size: 0.95rem; } pre { - background-color: #1d2021; - padding: 20px; - border-radius: 8px; + background-color: var(--bg-outer); + padding: 1.2rem; + border-radius: 4px; + border: 1px solid var(--line); overflow-x: auto; - border: 1px solid var(--bg1); - margin-bottom: 1.5em; + margin: 1.5rem 0; } pre code { - background-color: transparent; - padding: 0; - color: var(--fg); - color-scheme: dark; + color: var(--blue); + font-size: 0.9rem; + white-space: pre; } - ol, ul { margin-bottom: 1.5em; padding-left: 25px; } - li { margin-bottom: 0.8em; } - li pre { margin-top: 10px; margin-bottom: 10px; } - + footer { + margin: 3rem 0; + color: var(--gray); + font-size: 0.85rem; + text-align: center; + } </style> </head> <body> -<h1>Encrypting a Drive with LUKS and cryptsetup</h1> - -<h2>1. Get the drive name</h2> -<pre><code class="language-shell">lsblk -</code></pre> - -<h2>2. Install cryptsetup</h2> -<pre><code class="language-shell">sudo pacman -S cryptsetup -</code></pre> - -<h2>3. Format the drive</h2> -<ul> - <li>To format the drive, you can use <code>cfdisk</code> or any other utility of your choice.</li> -</ul> -<pre><code class="language-shell">cfdisk /dev/sdaX -</code></pre> -<ul> - <li>Now, delete all the signatures and partitions on the drive</li> - <li>Then, create a filesystem on the drive as follows:</li> -</ul> -<pre><code class="language-shell">mkfs.ext4 /dev/sdaX -</code></pre> -<ul> - <li>After the FS has been created, create a partition on the drive with <code>cfdisk</code></li> - <li>After the partition has been created, you can finally start encrypting the drive</li> -</ul> - -<h2>4. Encrypt the created partition</h2> -<ul> - <li>List the partition</li> -</ul> -<pre><code class="language-shell">lsblk /dev/sdaX -</code></pre> -<ul> - <li>Encrypt the partition</li> -</ul> -<pre><code class="language-shell">cryptsetup luksFormat /dev/sda[0-9] -</code></pre> -<ul> - <li>It will ask for a passphrase, make sure to provide a strong passphrase</li> -</ul> - -<h2>5. Decrypt and create filesystem</h2> -<ul> - <li>Decrypt the drive</li> -</ul> -<pre><code class="language-shell">cryptsetup open /dev/sda[0-9] <name> -</code></pre> -<ul> - <li>Make the FS</li> -</ul> -<pre><code class="language-shell">mkfs.ext4 /dev/mapper/<name> -</code></pre> - -<h2>6. Re-encrypt after usage</h2> -<pre><code class="language-shell">cryptsetup close <name> -</code></pre> + <header> + <a href="../index.html">home</a> + <a href="https://git.subh.space">git</a> + <a href="https://github.com/5epi0l">github</a> + <a href="https://notes.subh.space">notes</a> + <a href="https://www.hackthebox.com">hackthebox</a> + </header> + + <main class="container"> + <h1>Encrypting a Drive with LUKS and cryptsetup</h1> + + <h2>1. Get the drive name</h2> + <pre><code>lsblk</code></pre> + + <h2>2. Install cryptsetup</h2> + <pre><code>sudo pacman -S cryptsetup</code></pre> + + <h2>3. Format the drive</h2> + <p>To format the drive, you can use cfdisk or any other utility of your choice.</p> + <pre><code>cfdisk /dev/sdaX</code></pre> + <p>Now, delete all the signatures and partitions on the drive. Then, create a filesystem on the drive as follows:</p> + <pre><code>mkfs.ext4 /dev/sdaX</code></pre> + <p>After the FS has been created, create a partition on the drive with cfdisk. After the partition has been created, you can finally start encrypting the drive.</p> + + <h2>4. Encrypt the created partition</h2> + <p>List the partition:</p> + <pre><code>lsblk /dev/sdaX</code></pre> + <p>Encrypt the partition:</p> + <pre><code>cryptsetup luksFormat /dev/sda[0-9]</code></pre> + <p>It will ask for a passphrase, make sure to provide a strong passphrase.</p> + + <h2>5. Decrypt and create filesystem</h2> + <p>Decrypt the drive:</p> + <pre><code>cryptsetup open /dev/sda[0-9] <name></code></pre> + <p>Make the FS:</p> + <pre><code>mkfs.ext4 /dev/mapper/<name></code></pre> + + <h2>6. Re-encrypt after usage</h2> + <pre><code>cryptsetup close <name></code></pre> + </main> + + <footer> + © 2026 subh.space + </footer> </body> </html> diff --git a/stuff/mullvad-dot.html b/stuff/mullvad-dot.html index faea8f7..ab54d3e 100644 --- a/stuff/mullvad-dot.html +++ b/stuff/mullvad-dot.html @@ -3,156 +3,199 @@ <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> - <title>subh.space</title> + <title>DoT with Mullvad - subh.space</title> <style> + /* Gruvbox Dark Hard Palette */ :root { - --bg0: #282828; - --bg1: #3c3836; + --bg-outer: #1d2021; + --bg-inner: #282828; --fg: #ebdbb2; --gray: #928374; --yellow: #fabd2f; - --green: #b8bb26; - --orange: #fe8019; --aqua: #8ec07c; + --blue: #83a598; + --orange: #fe8019; + --line: #3c3836; } body { - font-family: 'Iosevka Nerd Font Propo', Iosevka; - line-height: 1.7; + background-color: var(--bg-outer); color: var(--fg); - background-color: var(--bg0); - max-width: 780px; - margin: 40px auto; - padding: 0 20px; - -webkit-font-smoothing: antialiased; + font-family: 'Iosevka Nerd Font Propo'; + margin: 0; + padding: 0; + display: flex; + flex-direction: column; + align-items: center; + min-height: 100vh; + } + + header { + padding: 2.5rem 1rem; + display: flex; + gap: 1.5rem; + justify-content: center; + flex-wrap: wrap; + } + + header a { + color: var(--aqua); + text-decoration: none; + font-weight: bold; + } + + header a:hover { + text-decoration: underline; + } + + .container { + background-color: var(--bg-inner); + width: 90%; + max-width: 750px; + padding: 3rem; + border-radius: 4px; + box-shadow: 0 4px 15px rgba(0,0,0,0.5); } h1 { - font-size: 2.2em; color: var(--yellow); - border-bottom: 2px solid var(--bg1); - padding-bottom: 15px; - margin-bottom: 30px; + font-size: 1.8rem; + margin-top: 0; + margin-bottom: 1rem; + line-height: 1.2; } h2 { - font-size: 1.5em; - color: var(--aqua); - margin-top: 35px; - margin-bottom: 15px; - font-weight: 600; + color: var(--orange); + font-size: 1.3rem; + margin-top: 2rem; + margin-bottom: 0.8rem; } - p { margin-bottom: 1.2em; } + p { + line-height: 1.6; + margin-bottom: 1rem; + } code { - font-family: 'Fira Code', 'JetBrains Mono', 'Courier New', monospace; - background-color: var(--bg1); - color: var(--orange); - padding: 3px 6px; - border-radius: 4px; - font-size: 0.9em; + color: var(--blue); + font-family: 'JetBrains Mono', Courier, monospace; + font-size: 0.95rem; } pre { - background-color: #1d2021; - padding: 20px; - border-radius: 8px; + background-color: var(--bg-outer); + padding: 1.2rem; + border-radius: 4px; + border: 1px solid var(--line); overflow-x: auto; - border: 1px solid var(--bg1); - margin-bottom: 1.5em; + margin: 1.5rem 0; } pre code { - background-color: transparent; - padding: 0; - color: var(--fg); - color-scheme: dark; + color: var(--blue); + font-size: 0.9rem; + white-space: pre; } - .language-toml { color: var(--fg); } - .toml-key { color: var(--green); } - - ol, ul { margin-bottom: 1.5em; padding-left: 25px; } - li { margin-bottom: 0.8em; } - li pre { margin-top: 10px; margin-bottom: 10px; } + .comment { + color: var(--gray); + } + + .browser-box { + border-left: 3px solid var(--line); + padding-left: 1.5rem; + margin: 1.5rem 0; + } + + .browser-title { + color: var(--aqua); + font-weight: bold; + display: block; + margin-bottom: 0.5rem; + } + footer { + margin: 3rem 0; + color: var(--gray); + font-size: 0.85rem; + text-align: center; + } </style> </head> <body> -<h1>DNS over TLS (DoT) with mullvad</h1> + <header> + <a href="../index.html">home</a> + <a href="https://git.subh.space">git</a> + <a href="https://github.com/5epi0l">github</a> + <a href="https://notes.subh.space">notes</a> + <a href="https://www.hackthebox.com">hackthebox</a> + </header> + + <main class="container"> + <h1>DNS over TLS (DoT) with Mullvad</h1> + + <p>This guide assumes that you're running a <strong>systemd-based</strong> operating system.</p> -<p>This guide assumes that you're running a systemd-based operating system</p> + <h2>1. Configure systemd-resolved</h2> + <p>Add the following block to your <code>/etc/systemd/resolved.conf</code>:</p> -<h2>1. Configure systemd-resolved to use mullvad's DNS server</h2> -<p>Add the following block to your <code>/etc/systemd/resolved.conf</code></p> -<pre><code class="language-toml"><span class="toml-key">[Resolve]</span> + <pre><code>[Resolve] DNS=194.242.2.4#base.dns.mullvad.net FallbackDNS=194.242.2.2#dns.mullvad.net DNSOverTLS=yes DNSSEC=yes -Domains=~. -</code></pre> -<p>Once the changes are saved, restart <code>systemd-resolved</code></p> -<pre><code class="language-shell">sudo systemctl restart systemd-resolved -</code></pre> - -<h2>2. Make systemd-resolve take precedence over resolve.conf</h2> -<p>To make sure your system uses <code>systemd-resolved</code> over <code>resolv.conf</code>, you need to create a symlink as follows:</p> -<pre><code class="language-shell">sudo ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf -</code></pre> - -<h2>3. Make sure DNS is working as intended</h2> -<p>Make sure you're able to resolve domain names as follows:</p> -<pre><code class="language-shell">resolvectl query google.com -</code></pre> -<p>If you see output, you're golden!</p> - -<h2>4. An Edge Cases:</h2> -<p>If you're using a service such as tailscale which overrides your <code>resolv.conf</code> upon start with its own magicDNS server, it may break your DoT setup. To make sure, tailscale never overrides your <code>resolv.conf</code>, do the following</p> -<ol> - <li>Re-create the symlink as it was likely broken when tailscale started</li> -</ol> -<pre><code class="language-shell">sudo ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf -</code></pre> -<ol start="2"> - <li>Restart <code>tailscaled</code> and <code>systemd-resolved</code></li> -</ol> -<pre><code class="language-shell">sudo systemctl restart tailscaled +Domains=~.</code></pre> + + <p>Once the changes are saved, restart systemd-resolved:</p> + <pre><code>sudo systemctl restart systemd-resolved</code></pre> + + <h2>2. Symlink resolv.conf</h2> + <p>To make sure your system uses systemd-resolved over the traditional resolv.conf, create a symlink:</p> + <pre><code>sudo ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf</code></pre> + + <h2>3. Verify DNS resolution</h2> + <p>Check if you are able to resolve domain names correctly:</p> + <pre><code>resolvectl query google.com</code></pre> + <p>If you see output, you're golden!</p> + + <h2>4. Edge Cases: Tailscale</h2> + <p>If you're using a service such as <strong>Tailscale</strong> which overrides your <code>resolv.conf</code> with MagicDNS, it may break your DoT setup. To fix this:</p> + + <ol> + <li>Re-create the symlink: <code>sudo ln -sf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf</code></li> + <li>Restart the services:</li> + </ol> + + <pre><code>sudo systemctl restart tailscaled sudo systemctl restart systemd-resolved -sudo tailscale up --accept-dns=true -</code></pre> -<ol start="3"> - <li>Check your <code>resolve.conf</code></li> -</ol> -<p>If your <code>resolve.conf</code> looks as follows, you're all good!</p> -<pre><code class="language-shell">nameserver 127.0.0.53 +sudo tailscale up --accept-dns=true</code></pre> + + <p>If your <code>resolve.conf</code> looks like this, you're all good:</p> + <pre><code>nameserver 127.0.0.53 options edns0 trust-ad -search tailxxxxx.ts.net -</code></pre> - -<h2>5. Configure Browsers with DoT</h2> -<p>If previously, you've been using DoH (DNS Over HTTPS) in your browser, and want to shift to your new DoT configuration, do the following</p> -<ol> - <li> - <p>For firefox based browsers:</p> - <ul> - <li>Navigate to <code>settings</code> -> <code>Privacy and Security</code></li> - <li>Scroll down to <code>DNS over HTTPS</code></li> - <li>Select <code>Off</code></li> - </ul> - </li> - <li> - <p>For chromium based browsers:</p> - <ul> - <li>Navigate to <code>settings</code> -> <code>Privacy and Security</code></li> - <li>Find <code>Use Secure DNS</code></li> - <li>Toggle it Off</li> - </ul> - </li> -</ol> -<p>And just like that, you've configured DoT for your system!</p> +search tailxxxxx.ts.net</code></pre> + + <h2>5. Configure Browsers</h2> + <p>If you were previously using DoH (DNS Over HTTPS) and want to shift to system-wide DoT:</p> + + <div class="browser-box"> + <span class="browser-title">Firefox-based browsers:</span> + <p>Settings -> Privacy and Security -> DNS over HTTPS -> <strong>Off</strong></p> + </div> + + <div class="browser-box"> + <span class="browser-title">Chromium-based browsers:</span> + <p>Settings -> Privacy and Security -> Use Secure DNS -> <strong>Off</strong></p> + </div> + + <p>And just like that, you've configured DoT for your system!</p> + </main> + + <footer> + © 2026 subh.space + </footer> </body> </html> diff --git a/stuff/usb-notif-linux.html b/stuff/usb-notif-linux.html index 4acc27b..2a03886 100644 --- a/stuff/usb-notif-linux.html +++ b/stuff/usb-notif-linux.html @@ -3,138 +3,177 @@ <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> - <title>subh.space</title> + <title>USB Notifications - subh.space</title> <style> + /* Gruvbox Dark Hard Palette */ :root { - --bg0: #282828; - --bg1: #3c3836; + --bg-outer: #1d2021; + --bg-inner: #282828; --fg: #ebdbb2; --gray: #928374; --yellow: #fabd2f; - --green: #b8bb26; - --orange: #fe8019; --aqua: #8ec07c; + --blue: #83a598; + --orange: #fe8019; + --line: #3c3836; } body { - font-family: 'Iosevka Nerd Font Propo'; - line-height: 1.7; + background-color: var(--bg-outer); color: var(--fg); - background-color: var(--bg0); - max-width: 780px; - margin: 40px auto; - padding: 0 20px; - -webkit-font-smoothing: antialiased; + font-family: 'Iosevka Nerd Font Propo'; + margin: 0; + padding: 0; + display: flex; + flex-direction: column; + align-items: center; + min-height: 100vh; + } + + header { + padding: 2.5rem 1rem; + display: flex; + gap: 1.5rem; + justify-content: center; + flex-wrap: wrap; + } + + header a { + color: var(--aqua); + text-decoration: none; + font-weight: bold; + } + + header a:hover { + text-decoration: underline; + } + + .container { + background-color: var(--bg-inner); + width: 90%; + max-width: 750px; + padding: 3rem; + border-radius: 4px; + box-shadow: 0 4px 15px rgba(0,0,0,0.5); } h1 { - font-size: 2.2em; color: var(--yellow); - border-bottom: 2px solid var(--bg1); - padding-bottom: 15px; - margin-bottom: 30px; + font-size: 1.8rem; + margin-top: 0; + margin-bottom: 1rem; + line-height: 1.2; } h2 { - font-size: 1.5em; - color: var(--aqua); - margin-top: 35px; - margin-bottom: 15px; - font-weight: 600; + color: var(--orange); + font-size: 1.3rem; + margin-top: 2rem; + margin-bottom: 0.8rem; } - p { margin-bottom: 1.2em; } + p { + line-height: 1.6; + margin-bottom: 1rem; + } code { - font-family: 'Fira Code', 'JetBrains Mono', 'Courier New', monospace; - background-color: var(--bg1); - color: var(--orange); - padding: 3px 6px; - border-radius: 4px; - font-size: 0.9em; + color: var(--blue); + font-family: 'JetBrains Mono', Courier, monospace; + font-size: 0.95rem; } pre { - background-color: #1d2021; - padding: 20px; - border-radius: 8px; + background-color: var(--bg-outer); + padding: 1.2rem; + border-radius: 4px; + border: 1px solid var(--line); overflow-x: auto; - border: 1px solid var(--bg1); - margin-bottom: 1.5em; + margin: 1.5rem 0; } pre code { - background-color: transparent; - padding: 0; - color: var(--fg); - color-scheme: dark; + color: var(--blue); + font-size: 0.9rem; + white-space: pre; } - ol, ul { margin-bottom: 1.5em; padding-left: 25px; } - li { margin-bottom: 0.8em; } - li pre { margin-top: 10px; margin-bottom: 10px; } + .comment { + color: var(--gray); + } + + .script-label { + color: var(--aqua); + font-weight: bold; + display: block; + margin-top: 1.5rem; + font-size: 0.9rem; + } + footer { + margin: 3rem 0; + color: var(--gray); + font-size: 0.85rem; + text-align: center; + } </style> </head> <body> -<h1>Configuring USB notifications on Linux</h1> - -<p>If you want to receive a small notification as soon as a USB storage device is plugged in or plugged out. You're in the right place</p> - -<p>Your system detects a USB device upon connection or disconnection using an utility named <code>udev</code>. udev allows for defining rules which can allow a user to perform a specific task when a USB device is connected or disconnected. This can be combined with <code>notify-send</code> to send notifications to a user as soon as a USB device is connected or disconnected</p> - -<h2>1. Creating a udev rule</h2> - -<p>Below is a rule file, which will trigger two scripts depending upon the connection or disconnection of a USB device</p> + <header> + <a href="../index.html">home</a> + <a href="https://git.subh.space">git</a> + <a href="https://github.com/5epi0l">github</a> + <a href="https://notes.subh.space">notes</a> + <a href="https://www.hackthebox.com">hackthebox</a> + </header> -<pre><code class="language-shell">ACTION=="add", SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", RUN+="/usr/local/bin/usb-notify-add.sh '$env{ID_MODEL}'" -ACTION=="remove", SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", RUN+="/usr/local/bin/usb-notify-rem.sh '$env{ID_MODEL}'" -</code></pre> + <main class="container"> + <h1>Configuring USB notifications on Linux</h1> + + <p>If you want to receive a small notification as soon as a USB storage device is plugged in or plugged out, you're in the right place.</p> -<p>save this as <code>99-usb-notify.rules</code> file under <code>/etc/udev/rules.d/</code>.</p> + <p>Your system detects a USB device upon connection or disconnection using a utility named <code>udev</code>. It allows for defining rules to perform specific tasks. Combined with <code>notify-send</code>, you can trigger desktop notifications instantly.</p> -<h2>2. Configuring the scripts</h2> + <h2>1. Creating a udev rule</h2> + <p>Save the following as <code>99-usb-notify.rules</code> under <code>/etc/udev/rules.d/</code></p> -<p>Below are the scripts:</p> + <pre><code>ACTION=="add", SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", RUN+="/usr/local/bin/usb-notify-add.sh '$env{ID_MODEL}'" +ACTION=="remove", SUBSYSTEM=="block", ENV{DEVTYPE}=="disk", RUN+="/usr/local/bin/usb-notify-rem.sh '$env{ID_MODEL}'"</code></pre> -<ul> - <li>usb-notify-add.sh</li> -</ul> + <h2>2. Configuring the scripts</h2> + <p>Save both scripts under <code>/usr/local/bin/</code> and make them executable</p> -<pre><code class="language-shell">#!/bin/bash + <span class="script-label">usb-notify-add.sh</span> + <pre><code>#!/bin/bash DEVICE_NAME=${1:-"Unknown USB Device"} USER_ID=$(id -u <your-username>) export DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$USER_ID/bus -sudo -u <your-username> DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS /usr/bin/notify-send "USB Connected" "Device: $DEVICE_NAME" -</code></pre> +sudo -u <your-username> DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS /usr/bin/notify-send "USB Connected" "Device: $DEVICE_NAME"</code></pre> -<ul> - <li>usb-notify-rem.sh</li> -</ul> - -<pre><code class="language-shell">#!/bin/bash + <span class="script-label">usb-notify-rem.sh</span> + <pre><code>#!/bin/bash DEVICE_NAME=${1:-"Unknown USB Device"} USER_ID=$(id -u <your-username>) export DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$USER_ID/bus -sudo -u <your-username> DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS /usr/bin/notify-send "USB Disconnected" "Device: $DEVICE_NAME" -</code></pre> - -<p>Save both the scripts under <code>/usr/local/bin</code> and make them executable with <code>chmod</code></p> +sudo -u <your-username> DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS /usr/bin/notify-send "USB Disconnected" "Device: $DEVICE_NAME"</code></pre> -<h2>3. Reloading the udev rules</h2> + <h2>3. Reloading the udev rules</h2> + <p>Once the files are saved, reload the udev configuration to apply the changes:</p> + <pre><code>sudo udevadm control --reload-rules +sudo udevadm trigger</code></pre> -<p>Once all the files have been saved. Reload udev rules as follows:</p> + <p>And just like that, you've setup USB notifications. Give it a try! Plug in a device and check if your system sends a notification with the device name.</p> + </main> -<pre><code class="language-shell">sudo udevadm control --reload-rules -sudo udevadm trigger -</code></pre> - -<p>And just like that, you've setup USB notifications. Give it a try! Plug in a USB device and check whether your system sends you a notification with the name of the USB device.</p> + <footer> + © 2026 subh.space + </footer> </body> </html> + |