[{"data":1,"prerenderedAt":6092},["ShallowReactive",2],{"blogs-en":3},[4,258,310,355,475,616,2985,3560,3750,3828,3909,4070,4428,4604,4829,4957,5082,5191,5355,6032,6067],{"id":5,"title":6,"body":7,"date":244,"description":245,"draft":246,"extension":247,"image":248,"meta":249,"navigation":251,"path":252,"seo":253,"stem":254,"tags":255,"__hash__":257},"content_en/shyness-overview.md","Overcoming shyness: Overview",{"type":8,"value":9,"toc":234},"minimark",[10,14,34,39,51,54,60,65,68,73,76,82,88,91,94,108,113,120,135,138,141,144,147,155,158,162,165,170,173,178,183,188,193,196,199,202,206,209,225,231],[11,12,13],"p",{},"This series consists of several parts:",[15,16,17,25,28,31],"ol",{},[18,19,20,24],"li",{},[21,22,23],"strong",{},"Overview"," \u003C- You are here",[18,26,27],{},"Fear of rejection",[18,29,30],{},"The solution",[18,32,33],{},"My own journey",[35,36,38],"h2",{"id":37},"overcoming-with-shyness-overview","Overcoming with shyness: Overview",[11,40,41,42,46,47,50],{},"If you are reading this post, you probably know what ",[43,44,45],"code",{},"shyness"," or\n",[43,48,49],{},"social-anxiety"," is. Even if you didn't use the term that much.",[11,52,53],{},"That tight feeling in your throat, increased heartrate before speaking in front\nof a bunch of people you dont know really well. The intense feeling of fear,\nbefore starting a conversation with an attractive person, or meeting someone new\nfor the first time:",[55,56,57],"blockquote",{},[11,58,59],{},"What do they think of me?",[55,61,62],{},[11,63,64],{},"Isn't that stupid thing to say?",[11,66,67],{},"The painful silence after you are both exchanged names with each other, standing\nthere looking at each other, waiting and hoping that you will be able to think\nof something to say:",[55,69,70],{},[11,71,72],{},"Omg! You dont have anything to say. what's wrong with you?",[11,74,75],{},"First, lets define these two terms. Because i believe people might confuse these\nterms with inappropriate situation:",[11,77,78,81],{},[21,79,80],{},"Shyness",": Shyness is the feeling of lack of comfort, or awkwardness\nespecially when a person is around other people.",[11,83,84,87],{},[21,85,86],{},"Social anxiety",": Persistent fear of social situations where one might be\njudged, embarrassed, or humiliated.",[11,89,90],{},"Shyness and social-anxiety is a common disorder that effect i believe more than\nmillions of people in my country.",[11,92,93],{},"These types of social challenges are incredibly common. During these challenges,\nit's so common to feel most people around you doesn't have these kind\nissues. But it's just the way you see the world. What i mean is, this is just\nyour inner-critique/deciptive-brain, that tricks you to pay more attention to people who are\nbold enough in their social interaction. There is nothing actually wrong with\nyou. You are not broken in some-way. You're just facing some challenging pattern\nthat is limiting your choices.",[11,95,96,97,100,101,100,104,107],{},"So, just knowing that there are so much people like you whoose have similiar\nexperiences, are giving a great sense of relief. Internet is full of this type\nof stories. Online communities like ",[43,98,99],{},"Reddit"," & ",[43,102,103],{},"Telegram",[43,105,106],{},"Forums"," can people\nfeel undrestood and supported.",[109,110,112],"h3",{"id":111},"goal-being-less-shy-and-having-just-a-moderate-anxiety","Goal: Being less shy, and having just a moderate anxiety",[11,114,115,116,119],{},"Ultimately, during our journey of overcoming shyness & social anxiety, We want\nto be a person that is ",[43,117,118],{},"less shy"," and is able to handle a social situations,\nE.g.:",[121,122,123,126,129,132],"ul",{},[18,124,125],{},"Speaking in front of a group",[18,127,128],{},"return a product to a store that you are not satistfied with.",[18,130,131],{},"Start a conversation with a person(For any goal)",[18,133,134],{},"...",[11,136,137],{},"The fact is, all people are having a sense anxiety in social situations like\nthis, the only thing that is different is the amount of it! And actually, being\nshy in some amount is actually a good thing.",[11,139,140],{},"Ha ha😄. Yes there is nothing actually wrong with being shy. In different\ncultures(including some type of iranian cultures), Being quite, humble and\nrespectful of other are pretty valuable thing.",[11,142,143],{},"The goal of this journey is not to be never scared again in social\nsituations. It's unrealistic. The same type of shyness, makes you kinder, more\npatient and better listener.",[11,145,146],{},"The real goal however, is to look at your life where you feel so limited and\nhave too much filter on yourself. Eliminating a feeling that you can't do the\nthings that are really matter to you. What i mean in general is, how much grows\nopportunity you lost because you never initiated a conversation with some\none. This can be any kind of opportunity:",[121,148,149,152],{},[18,150,151],{},"A job opportunity. The job maket is rough these days. Making some friends\nmight end up helping you to find a great opportunity to show yourself to just\nget involve in the job market.",[18,153,154],{},"Creating a loving relationship with a beautiful partner. A truly life-changing\nthing, which is more possible when you take some mild risks(that you can\nhandle of course). But it's impossible when you have a fear of being rejected.",[11,156,157],{},"Being too shy and too self-aware, prevents you from living a life that you truly want. Life is just\nboring when you feel invisible in population.",[109,159,161],{"id":160},"the-core","The core",[11,163,164],{},"Social anxiety & shyness at it's core, is the feeling that says:",[11,166,167],{},[21,168,169],{},"I'm not good enough",[11,171,172],{},"It can be expanded in different situation:",[55,174,175],{},[11,176,177],{},"I'm not attractive enough",[55,179,180],{},[11,181,182],{},"I'm not smart enough",[55,184,185],{},[11,186,187],{},"I'm not successful enough",[55,189,190],{},[11,191,192],{},"I'm not rich enough",[11,194,195],{},"And because of that, people will not accept me. They will judge me, reject me. I\nwill lose the connection with the earth and feel isolated after that.",[11,197,198],{},"Keep in mind, you might not literally thinking of these, it is most of the time\nhappens unconciously. You just feel intense.",[11,200,201],{},"When we feel something wrong with us and we are not worthy of love and\nbelonging, we can describe this in some kind of shame.",[109,203,205],{"id":204},"what-causes-this","What causes this?",[11,207,208],{},"Social anxiety is a complex result of the experience of environment you are\ngrowing up.",[121,210,211,214,217,220,223],{},[18,212,213],{},"Your family",[18,215,216],{},"Your biology",[18,218,219],{},"Your early childhood experiences",[18,221,222],{},"Your experiences in high school",[18,224,134],{},[11,226,227,228],{},"Social anxiety at its core, is some type of patterns that you are learned wrong\nalong your life experience. ",[21,229,230],{},"But it can be unlearned",[11,232,233],{},"Who cares? let's just focus on the solution alright?",{"title":235,"searchDepth":236,"depth":236,"links":237},"",2,[238],{"id":37,"depth":236,"text":38,"children":239},[240,242,243],{"id":111,"depth":241,"text":112},3,{"id":160,"depth":241,"text":161},{"id":204,"depth":241,"text":205},"2026-02-27T00:00:00.000Z","Do not keep the world waiting",false,"md","/blog-images/cows.webp",{"alt":250},"cattle",true,"/shyness-overview",{"title":6,"description":245},"shyness-overview",[256],"health","XNAbi5zke3GndDXXzdCUWXpwF-kraKZK3q2-D0DxPcY",{"id":259,"title":260,"body":261,"date":300,"description":301,"draft":246,"extension":247,"image":302,"meta":303,"navigation":251,"path":304,"seo":305,"stem":306,"tags":307,"__hash__":309},"content_en/productiviy-hack.md","A productivity hack that actually works",{"type":8,"value":262,"toc":298},[263,266,271,286,289,292,295],[11,264,265],{},"The only productivity hack that i found useful is:",[11,267,268],{},[21,269,270],{},"Having a unintrupped time in working flow.",[11,272,273,274,277,278,281,282,285],{},"This concept can be applied to any other activity as well as formal working\nhours. Whether it's ",[43,275,276],{},"Lifting some weights in GYM"," or ",[43,279,280],{},"Reading an interesting book"," or even ",[43,283,284],{},"spending quality time with a someone you care about",".",[11,287,288],{},"Ask yourself: When was the last time you had three or even four completely\nuninterrupted hours to yourself and your work?",[11,290,291],{},"Mayble it depends on the kind of work that you do, But uninterrupted time is\nthe single best thing for quality output and genuine enjoyment that\ni found; for almost anything.",[11,293,294],{},"Anything more than that, feels like an efficiency\ntrap.",[11,296,297],{},"That's it.",{"title":235,"searchDepth":236,"depth":236,"links":299},[],"2025-12-02T00:00:00.000Z","It takes time.","/blog-images/cat.jpg",{"alt":235},"/productiviy-hack",{"title":260,"description":301},"productiviy-hack",[308],"productivity","7TBwjjnL_4Nhi3x0Niyvrzd2RnmAM3E9tgKZAmgahDk",{"id":311,"title":312,"body":313,"date":345,"description":346,"draft":246,"extension":247,"image":248,"meta":347,"navigation":251,"path":349,"seo":350,"stem":351,"tags":352,"__hash__":354},"content_en/optimal-amount-of-using.md","What is the optimal amount of Social-Media Usage?",{"type":8,"value":314,"toc":343},[315,318,323,326,329,337,340],[11,316,317],{},"The optimal amount of Social-Media Usage for any normal human-being can be\ndelegated to a simple rule of thumb, a practical scheme that you can participate\nin quite easily:",[11,319,320],{},[21,321,322],{},"A healthy dose of social media, email, and SMS usage occurs when you use them\nprimarily for your own purpose.",[324,325],"hr",{},[11,327,328],{},"Whether it's because you wanna contact a friend for something. Or You just wanna grab that 2FA\ncode from your email. That's probably enough for",[15,330,331,334],{},[18,332,333],{},"Keeping your sanity.",[18,335,336],{},"Noticing any rare important issue.",[11,338,339],{},"Considering that rule of thumb, it looks like the optimal amount of most things\nwill be dropped into 0. Because you are not using them out of your boredom.",[11,341,342],{},"And that's fine.",{"title":235,"searchDepth":236,"depth":236,"links":344},[],"2025-11-30T00:00:00.000Z","30 minutes a day? What if i setup an alert for that?",{"alt":348},"cows","/optimal-amount-of-using",{"title":312,"description":346},"optimal-amount-of-using",[353],"social","komu-mwN3aLDqgGiloNUnmVuyy0KeqO9UZgMZ2w731w",{"id":356,"title":357,"body":358,"date":466,"description":467,"draft":246,"extension":247,"image":248,"meta":468,"navigation":251,"path":469,"seo":470,"stem":471,"tags":472,"__hash__":474},"content_en/11.linkedin.md","Linkedin",{"type":8,"value":359,"toc":459},[360,363,366,371,374,377,381,384,388,391,394,400,404,414,417,428,432,435,438,441,444,453,456],[35,361,357],{"id":362},"linkedin",[11,364,365],{},"I've heard many suggestions about my career such as:",[55,367,368],{},[11,369,370],{},"At least you need a good Linkedin profile so people can know you. Its important for showcasing your skills. It's essential for a professional social network.",[11,372,373],{},"So one day, i give it a try and created new account. at first, i had no one to connect with so i just sent bunch of connection request to random people. i just thinking it's the right thing to do at the time.",[11,375,376],{},"the atmosphere of LinkedIn for a newcomer like me, feel weird. i note some of them in the headings down blow.",[35,378,380],{"id":379},"fake-positivity-humbleness-and-appreciation","Fake positivity, humbleness and appreciation",[11,382,383],{},"You often encounter people who want to connect with you and they seems really care about you even when you didn't had any meaningful relationship with them. I think the fact is, many users are just eager to expand their networks.",[35,385,387],{"id":386},"self-congratulation","Self-Congratulation",[11,389,390],{},"If you have a Linkedin account and are fairly active on it, go ahead and pull up your LinkedIn right now. Now scroll down. how many posts are about someone congratulating themselves?",[11,392,393],{},"I get a LOT of these. It seems like most of the posts are just someone sharing their latest achievement, whether it’s landing a new job, receiving an award, or completing a project.",[395,396,397],"info",{},[11,398,399],{},"I know, while it’s great to celebrate accomplishments, the frequency of these posts can feel nonsense and overwhelming. specially for the people who are don't have any job or significant project.",[35,401,403],{"id":402},"the-posts","The posts",[11,405,406,407,285],{},"The types of posts that appear on LinkedIn are... strange. I mean, most of them are. there is even a dedicated subreddit for this ",[408,409,413],"a",{"href":410,"rel":411},"https://www.reddit.com/r/LinkedInLunatics/",[412],"nofollow","subject",[11,415,416],{},"For example:",[15,418,419,422,425],{},[18,420,421],{},"A post about someone that explains their experience of divorcing with his wife.",[18,423,424],{},"A post about a person that sharing their bad experience of some famous food delivery service",[18,426,427],{},"A post about highly controversial topics. Religion, politics ...",[35,429,431],{"id":430},"do-i-really-need-this-thing","Do i really need this thing?",[11,433,434],{},"Currently, I'm struggling with social media addiction. By social media, I don't mean the ordinary ones like Instagram and Facebook; I am referring to LinkedIn, YouTube, and Telegram. People often exclude these three when talking about the harmful effects of social media, but i believe they are the same is some aspects.",[11,436,437],{},"But let's think about this: Is LinkedIn really that vital our success in my career?",[11,439,440],{},"My experience with LinkedIn probably stems from the fact that i don't have a single industry standard connection in the first place. But besides that, I'm not that kind of person who can benefit from that.",[11,442,443],{},"I don't know. But i feel focusing on myself is the right thing to do for now.",[11,445,446,447,452],{},"I've watched a video about quitting Social Media and it is somehow relates to ",[408,448,451],{"href":449,"rel":450},"https://youtu.be/3E7hkPZ-HTk?si=xcdO0hexCNoZpj14&t=281",[412],"this kind of objections"," for using social media.",[11,454,455],{},"The speaker in the video said something like this (in directly): \"All that you need for landing a good job, Is a good amount of deep work. Cause everything in the market falls in places like that. People will find you. you don't need things like self-presentation in these platforms.\"",[11,457,458],{},"What do you think about this?",{"title":235,"searchDepth":236,"depth":236,"links":460},[461,462,463,464,465],{"id":362,"depth":236,"text":357},{"id":379,"depth":236,"text":380},{"id":386,"depth":236,"text":387},{"id":402,"depth":236,"text":403},{"id":430,"depth":236,"text":431},"2025-11-09T00:00:00.000Z","Things that I consider strange for a professional social platform",{"alt":235},"/linkedin",{"title":357,"description":467},"11.linkedin",[473],"Internet","EVrYLpkm4fWGkUn1ADwGL21viQB9mgMGJv2SpybXBuc",{"id":476,"title":477,"body":478,"date":607,"description":608,"draft":246,"extension":247,"image":248,"meta":609,"navigation":251,"path":610,"seo":611,"stem":612,"tags":613,"__hash__":615},"content_en/18.how-to-not-die.md","How not to die",{"type":8,"value":479,"toc":601},[480,484,491,494,500,508,511,519,522,527,534,539,542,545,549,552,555,569,572,575,579,582,585,588,591,595,598],[35,481,483],{"id":482},"hydration","Hydration",[11,485,486,487,490],{},"Hydration is ",[21,488,489],{},"the body's ability to absorb water, the vital liquid it needs, and is based on how much is available to it",". Every cell, tissue, and organ requires fluid to perform functions such as maintaining temperature, disposing of waste products and etc...",[11,492,493],{},"About 70% of an adult body is made up of water. We all need water to survive, yet there are many misconceptions about this basic element of life.",[11,495,496,499],{},[21,497,498],{},"The primary mechanism by which we maintain our hydration is thirst."," Thirst is a powerful emotion that motivates us to eat and drink. Thirst is actually serves two functions in our body.",[121,501,502,505],{},[18,503,504],{},"It regulates the concentration of salt and electrolytes in our blood.",[18,506,507],{},"It regulates the overall volume of water in our body.",[11,509,510],{},"The other mechanism that regulates fluid in our body is urination. Urine color is actually a pretty good measure of the hydration state of your body.",[11,512,513,514,285],{},"Another way our body loses water is through sweating. sweating primarily is a mechanism to regulate body temperature, but it involves excreting saline from our ",[408,515,518],{"href":516,"rel":517},"https://www.mayoclinic.org/diseases-conditions/hyperhidrosis/multimedia/sweat-glands/img-20007980",[412],"sweat glands",[11,520,521],{},"What about myths?",[55,523,524],{},[11,525,526],{},"Average human needs to drink 8 glass of water everyday",[11,528,529,530,533],{},"This myth originates from ",[43,531,532],{},"food and nutrition board"," which calculated the average water need for average adult with average activity and environment. And they came up with this result. However in the same report they also noted that most people get 20% of their fluid intake from food. Even if you need 8 glass of water, that doesn't necessarily means it has to be pure water.",[55,535,536],{},[11,537,538],{},"By the time you're thirsty, it's too late. It means you are already dehydrated",[11,540,541],{},"Being thirsty != dehydrated",[11,543,544],{},"In general, you can actually rely on your thirst emotion. Because you will become thirsty long before you are actually dehydrated. Thirst works and you don't have to force fluid when you don't feel like drinking.",[35,546,548],{"id":547},"vitamins-nutrition","Vitamins & Nutrition",[11,550,551],{},"Should we take a multivitamin every day, or can we get all the nutrition they need from the food they eat? Vitamins are those nutritional substances that are essential to health in tiny amounts but that an organism cannot manufacture in sufficient quantities itself. Therefore, you have to get vitamins from food.",[11,553,554],{},"So how do we can get optimal nutrition? There is general agreement in scientific community that the best way to get good nutrition is through a well-balanced diet.\nA healthful diet should emphasis on the following:",[121,556,557,560,563,566],{},[18,558,559],{},"You should eat about 2 cups of fruit and 2.5 cups of vegetables\nper day. Try to pick from the different subgroups of vegetables,\nincluding dark green vegetables, orange vegetables, legumes, and\nstarchy vegetables.",[18,561,562],{},"You should get 3 or more ounce equivalents of whole grain products\nper day, with the rest of your carbohydrates coming from either\nenriched or whole grain products.",[18,564,565],{},"You should have 3 cups per day of fat-free or low-fat milk or\nequivalent milk products.",[18,567,568],{},"To round out your diet, you should get protein from lean meats as\nwell as eggs, nuts, and legumes.",[11,570,571],{},"So do we need to take vitamins every day? In fact, most of the people can live a healthy life without routinely supplement. But keep in mind we are talking about the general population, subpopulations like children and pregnant women are different situations. Of course it's still better to fulfill the nutrition needs of a growing children by foods, but i know how hard it is now days.",[11,573,574],{},"In general, the best advice is, take it easy! Don't get overwhelmed with different types of nutrition advices. Eat variety of foods and you are probably fine. But keep in mind that, getting vitamins from food is generally preferable, but there's nothing inherently wrong with taking vitamin pills when needed.",[35,576,578],{"id":577},"weight-loss-and-dieting","Weight loss and dieting",[11,580,581],{},"You don't want to involve in some kind of elaborate scheme that you are not going to be able to really maintain that in long term. I refer to something like calorie counting. It's better to use something that is simple and easy to follow to keep general track of how many calories you are eating. This can include writing down what you eat.",[11,583,584],{},"How many calories does a average person needs? This is highly dependent on number of variables like age, weight and level of activity. An average man need about 2500. An average women around 2000 calories. But of course, somebody with a very high degree of activity like running a marathon, may need to eat as many as around 3000 calories per day.",[11,586,587],{},"Weight management simply comes down to calories consumed versus calories expended(forget about things like late night eating and blah blah). To weight loss, you need to consume fewer calories than you burn. But how much? Most people can sustain about 500 of calorie-defict quite easily.",[11,589,590],{},"What about exercise? Well, exercise definitely burns calories, but no as much as you can effect with your eating habits. We are definitely not advising against it. Exercise is great for health(and for get in shape as you weight loss). But it can't be so much effective for weight loss if you don't combine it with calorie control.",[35,592,594],{"id":593},"natural-is-always-better","Natural is always better",[11,596,597],{},"The belief that \"natural is always better\" is a common misconception, known as the naturalistic fallacy. For example, a vitamin C molecule from rose hips and one made in a lab are chemically identical—there’s no test that can distinguish between them, and the body uses them in exactly the same way. This shows that the label \"natural\" doesn’t necessarily mean something is safer, more effective, or superior.",[11,599,600],{},"In reality, the term “natural” is often used more for marketing than for scientific accuracy. Many natural substances can be harmful, while many synthetic products are safe and life-saving. What truly matters is the evidence behind a product’s safety and effectiveness, not whether it came from nature or a laboratory.",{"title":235,"searchDepth":236,"depth":236,"links":602},[603,604,605,606],{"id":482,"depth":236,"text":483},{"id":547,"depth":236,"text":548},{"id":577,"depth":236,"text":578},{"id":593,"depth":236,"text":594},"2025-09-18T00:00:00.000Z","Some insights from the book \"Medical Myths, lies and half truths\"",{},"/how-to-not-die",{"title":477,"description":608},"18.how-to-not-die",[614],"books","XQH_tdKtdPscOOIwGbtd2wCMnVrJLWm9uRk7d0_xBlA",{"id":617,"title":618,"body":619,"date":2975,"description":2976,"draft":246,"extension":247,"image":248,"meta":2977,"navigation":251,"path":2978,"seo":2979,"stem":2980,"tags":2981,"__hash__":2984},"content_en/17.practical-ansible.md","Practical ansible",{"type":8,"value":620,"toc":2966},[621,624,641,644,648,651,908,915,922,1017,1028,1035,1038,1042,1045,1056,1115,1140,1147,1151,1158,1163,1170,1229,1236,1241,1245,1255,1264,1267,1285,1298,1301,1308,1387,1405,1413,1423,1468,1472,1481,1484,1491,1494,1497,1502,2104,2115,2120,2124,2127,2140,2143,2146,2149,2198,2205,2210,2219,2909,2918,2921,2924,2950,2955,2959,2962],[11,622,623],{},"For getting the taste of Ansible, Here i try to write some Ansible playbooks for common security tasks. Here are the things that i think achievable:",[15,625,626,629,632,635,638],{},[18,627,628],{},"Copy our ssh public key to all the remote servers, so we can connect to all servers without using password login",[18,630,631],{},"security updates",[18,633,634],{},"disabling password login",[18,636,637],{},"Firewall configuration",[18,639,640],{},"Changing the ssh port from 22 to something else. humans are smart enough to find that, we're doing this only for getting rid of some robots that are wandering the internet for finding insecure servers.(I know, some robots are also not that dumb but anyway)",[11,642,643],{},"Let's Go!",[35,645,647],{"id":646},"base-templete","Base templete",[11,649,650],{},"Our playbook can be a single file like this:",[652,653,657],"pre",{"className":654,"code":655,"language":656,"meta":235,"style":235},"language-yaml shiki shiki-themes github-dark","- name: General Linux security hardening\n  hosts: all\n  become: true\n  gather_facts: true\n  remote_user: userblahblah\n  tasks:\n  - name: Ensure apache is at the latest version\n    ansible.builtin.yum:\n      name: httpd\n      state: latest\n\n  - name: Write the apache config file\n    ansible.builtin.template:\n      src: /srv/httpd.j2\n      dest: /etc/httpd.conf\n\n  - name: Ensure postgresql is at the latest version\n    ansible.builtin.yum:\n      name: postgresql\n      state: latest\n\n  - name: Ensure that postgresql is started\n    ansible.builtin.service:\n      name: postgresql\n      state: started\n","yaml",[43,658,659,679,689,700,710,721,730,743,751,762,773,779,791,799,810,821,826,838,845,855,864,869,881,889,898],{"__ignoreMap":235},[660,661,664,668,672,675],"span",{"class":662,"line":663},"line",1,[660,665,667],{"class":666},"s95oV","- ",[660,669,671],{"class":670},"s4JwU","name",[660,673,674],{"class":666},": ",[660,676,678],{"class":677},"sU2Wk","General Linux security hardening\n",[660,680,681,684,686],{"class":662,"line":236},[660,682,683],{"class":670},"  hosts",[660,685,674],{"class":666},[660,687,688],{"class":677},"all\n",[660,690,691,694,696],{"class":662,"line":241},[660,692,693],{"class":670},"  become",[660,695,674],{"class":666},[660,697,699],{"class":698},"sDLfK","true\n",[660,701,703,706,708],{"class":662,"line":702},4,[660,704,705],{"class":670},"  gather_facts",[660,707,674],{"class":666},[660,709,699],{"class":698},[660,711,713,716,718],{"class":662,"line":712},5,[660,714,715],{"class":670},"  remote_user",[660,717,674],{"class":666},[660,719,720],{"class":677},"userblahblah\n",[660,722,724,727],{"class":662,"line":723},6,[660,725,726],{"class":670},"  tasks",[660,728,729],{"class":666},":\n",[660,731,733,736,738,740],{"class":662,"line":732},7,[660,734,735],{"class":666},"  - ",[660,737,671],{"class":670},[660,739,674],{"class":666},[660,741,742],{"class":677},"Ensure apache is at the latest version\n",[660,744,746,749],{"class":662,"line":745},8,[660,747,748],{"class":670},"    ansible.builtin.yum",[660,750,729],{"class":666},[660,752,754,757,759],{"class":662,"line":753},9,[660,755,756],{"class":670},"      name",[660,758,674],{"class":666},[660,760,761],{"class":677},"httpd\n",[660,763,765,768,770],{"class":662,"line":764},10,[660,766,767],{"class":670},"      state",[660,769,674],{"class":666},[660,771,772],{"class":677},"latest\n",[660,774,776],{"class":662,"line":775},11,[660,777,778],{"emptyLinePlaceholder":251},"\n",[660,780,782,784,786,788],{"class":662,"line":781},12,[660,783,735],{"class":666},[660,785,671],{"class":670},[660,787,674],{"class":666},[660,789,790],{"class":677},"Write the apache config file\n",[660,792,794,797],{"class":662,"line":793},13,[660,795,796],{"class":670},"    ansible.builtin.template",[660,798,729],{"class":666},[660,800,802,805,807],{"class":662,"line":801},14,[660,803,804],{"class":670},"      src",[660,806,674],{"class":666},[660,808,809],{"class":677},"/srv/httpd.j2\n",[660,811,813,816,818],{"class":662,"line":812},15,[660,814,815],{"class":670},"      dest",[660,817,674],{"class":666},[660,819,820],{"class":677},"/etc/httpd.conf\n",[660,822,824],{"class":662,"line":823},16,[660,825,778],{"emptyLinePlaceholder":251},[660,827,829,831,833,835],{"class":662,"line":828},17,[660,830,735],{"class":666},[660,832,671],{"class":670},[660,834,674],{"class":666},[660,836,837],{"class":677},"Ensure postgresql is at the latest version\n",[660,839,841,843],{"class":662,"line":840},18,[660,842,748],{"class":670},[660,844,729],{"class":666},[660,846,848,850,852],{"class":662,"line":847},19,[660,849,756],{"class":670},[660,851,674],{"class":666},[660,853,854],{"class":677},"postgresql\n",[660,856,858,860,862],{"class":662,"line":857},20,[660,859,767],{"class":670},[660,861,674],{"class":666},[660,863,772],{"class":677},[660,865,867],{"class":662,"line":866},21,[660,868,778],{"emptyLinePlaceholder":251},[660,870,872,874,876,878],{"class":662,"line":871},22,[660,873,735],{"class":666},[660,875,671],{"class":670},[660,877,674],{"class":666},[660,879,880],{"class":677},"Ensure that postgresql is started\n",[660,882,884,887],{"class":662,"line":883},23,[660,885,886],{"class":670},"    ansible.builtin.service",[660,888,729],{"class":666},[660,890,892,894,896],{"class":662,"line":891},24,[660,893,756],{"class":670},[660,895,674],{"class":666},[660,897,854],{"class":677},[660,899,901,903,905],{"class":662,"line":900},25,[660,902,767],{"class":670},[660,904,674],{"class":666},[660,906,907],{"class":677},"started\n",[11,909,910,911,914],{},"But, without structuring your ",[21,912,913],{},"ansible tasks"," into seperate files, you will end up with long playbooks which is hard to maintain.",[11,916,917,918,921],{},"So you will be better off using ",[43,919,920],{},"import_tasks"," in tasks section:",[652,923,925],{"className":654,"code":924,"language":656,"meta":235,"style":235},"- name: General Linux security hardening\n  hosts: all\n  become: true\n  gather_facts: true\n  remote_user: userblahblah\n  tasks:\n    -  import_tasks: tasks/authorized_keys.yml\n    -  import_tasks: tasks/disable_root_login.yml\n  handlers:\n    - import_tasks: handler/restart_ssh.yml\n",[43,926,927,937,945,953,961,969,975,987,998,1005],{"__ignoreMap":235},[660,928,929,931,933,935],{"class":662,"line":663},[660,930,667],{"class":666},[660,932,671],{"class":670},[660,934,674],{"class":666},[660,936,678],{"class":677},[660,938,939,941,943],{"class":662,"line":236},[660,940,683],{"class":670},[660,942,674],{"class":666},[660,944,688],{"class":677},[660,946,947,949,951],{"class":662,"line":241},[660,948,693],{"class":670},[660,950,674],{"class":666},[660,952,699],{"class":698},[660,954,955,957,959],{"class":662,"line":702},[660,956,705],{"class":670},[660,958,674],{"class":666},[660,960,699],{"class":698},[660,962,963,965,967],{"class":662,"line":712},[660,964,715],{"class":670},[660,966,674],{"class":666},[660,968,720],{"class":677},[660,970,971,973],{"class":662,"line":723},[660,972,726],{"class":670},[660,974,729],{"class":666},[660,976,977,980,982,984],{"class":662,"line":732},[660,978,979],{"class":666},"    -  ",[660,981,920],{"class":670},[660,983,674],{"class":666},[660,985,986],{"class":677},"tasks/authorized_keys.yml\n",[660,988,989,991,993,995],{"class":662,"line":745},[660,990,979],{"class":666},[660,992,920],{"class":670},[660,994,674],{"class":666},[660,996,997],{"class":677},"tasks/disable_root_login.yml\n",[660,999,1000,1003],{"class":662,"line":753},[660,1001,1002],{"class":670},"  handlers",[660,1004,729],{"class":666},[660,1006,1007,1010,1012,1014],{"class":662,"line":764},[660,1008,1009],{"class":666},"    - ",[660,1011,920],{"class":670},[660,1013,674],{"class":666},[660,1015,1016],{"class":677},"handler/restart_ssh.yml\n",[11,1018,1019,1020,1023,1024,1027],{},"the address ",[43,1021,1022],{},"tasks/**"," is relative the playbook folder. ",[43,1025,1026],{},"tasks"," directory is where you define your tasks. (And they can be used in another playbooks as well)",[11,1029,1030,1031,1034],{},"You may wonder what is the field ",[43,1032,1033],{},"handlers"," doing here. Sometimes you want a task to run only when a change is made on a machine. For example, you may want to restart a service if a task updates the configuration of that service, but not if the configuration is unchanged. Ansible uses handlers to address this use case. Handlers are tasks that only run when notified.",[11,1036,1037],{},"So using this setup, we are going define our tasks in next sections:",[35,1039,1041],{"id":1040},"ssh-public-key","SSH public key",[11,1043,1044],{},"Before disabling password login and doing anything like this, you need to put your public key in the remote servers so you can login using ssh key authentication method. Otherwise you will be locked out and something bad happens",[11,1046,1047,1048,1051,1052,1055],{},"Because this is so common, it has it's own dedicated simple module named ",[43,1049,1050],{},"ansible.posix.authorized_key",". Let's create the file ",[43,1053,1054],{},"tasks/authorized_key",":",[652,1057,1059],{"className":654,"code":1058,"language":656,"meta":235,"style":235},"---\n- name: Copy local public key to destination server\n  ansible.posix.authorized_key:\n    user: tommy\n    state: present\n    key: \"{{ lookup('file', lookup('env', 'HOME') + '/.ssh/id_ed25519.pub') }}\"\n\n",[43,1060,1061,1067,1078,1085,1095,1105],{"__ignoreMap":235},[660,1062,1063],{"class":662,"line":663},[660,1064,1066],{"class":1065},"svObZ","---\n",[660,1068,1069,1071,1073,1075],{"class":662,"line":236},[660,1070,667],{"class":666},[660,1072,671],{"class":670},[660,1074,674],{"class":666},[660,1076,1077],{"class":677},"Copy local public key to destination server\n",[660,1079,1080,1083],{"class":662,"line":241},[660,1081,1082],{"class":670},"  ansible.posix.authorized_key",[660,1084,729],{"class":666},[660,1086,1087,1090,1092],{"class":662,"line":702},[660,1088,1089],{"class":670},"    user",[660,1091,674],{"class":666},[660,1093,1094],{"class":677},"tommy\n",[660,1096,1097,1100,1102],{"class":662,"line":712},[660,1098,1099],{"class":670},"    state",[660,1101,674],{"class":666},[660,1103,1104],{"class":677},"present\n",[660,1106,1107,1110,1112],{"class":662,"line":723},[660,1108,1109],{"class":670},"    key",[660,1111,674],{"class":666},[660,1113,1114],{"class":677},"\"{{ lookup('file', lookup('env', 'HOME') + '/.ssh/id_ed25519.pub') }}\"\n",[11,1116,1117,1118,1120,1121,1124,1125,1128,1129,1131,1132,1135,1136,1139],{},"we use the module ",[43,1119,1050],{}," to move our public key to remote server. fields are quite self explanatory. in the ",[43,1122,1123],{},"key"," field, you need to put your public key string. but instead you usually use the ",[43,1126,1127],{},"lookup"," plugin to use external text files as a value. in the ",[43,1130,1127],{}," function call, we are trying to access our host's home directory using ",[43,1133,1134],{},"$HOME"," environment variable. and after that, we just concatenate that with ",[43,1137,1138],{},"/.ssh/id_ed25519.pub"," .",[11,1141,1142,1143,1146],{},"Define this task to your main playbook and run the playbook using the command ",[43,1144,1145],{},"ansible-playbook"," make sure it's doing it's job currectly. (Normally if the key is present in remote server, nothing should happen)",[35,1148,1150],{"id":1149},"security-update","Security update",[11,1152,1153,1154,1157],{},"Writing a task for automatically updating the security patches through ",[43,1155,1156],{},"aptitude"," would be really helpful and time saving.",[395,1159,1160],{},[11,1161,1162],{},"Writing ansible tasks for this purpose is fine, but there is also another option for applying security patches which is using the apt package named unattended upgrade. It fits better to the aptitude package manager system. And also you don't need to do anything manually.",[11,1164,1165,1166,1169],{},"Create the file ",[43,1167,1168],{},"tasks/apt_security.yml"," :",[652,1171,1173],{"className":654,"code":1172,"language":656,"meta":235,"style":235},"- name: Update all packages to their latest version\n  ansible.builtin.apt:\n    name: \"*\"\n    state: latest\n    update_cache: true\n    only_upgrade: true\n\n",[43,1174,1175,1186,1193,1203,1211,1220],{"__ignoreMap":235},[660,1176,1177,1179,1181,1183],{"class":662,"line":663},[660,1178,667],{"class":666},[660,1180,671],{"class":670},[660,1182,674],{"class":666},[660,1184,1185],{"class":677},"Update all packages to their latest version\n",[660,1187,1188,1191],{"class":662,"line":236},[660,1189,1190],{"class":670},"  ansible.builtin.apt",[660,1192,729],{"class":666},[660,1194,1195,1198,1200],{"class":662,"line":241},[660,1196,1197],{"class":670},"    name",[660,1199,674],{"class":666},[660,1201,1202],{"class":677},"\"*\"\n",[660,1204,1205,1207,1209],{"class":662,"line":702},[660,1206,1099],{"class":670},[660,1208,674],{"class":666},[660,1210,772],{"class":677},[660,1212,1213,1216,1218],{"class":662,"line":712},[660,1214,1215],{"class":670},"    update_cache",[660,1217,674],{"class":666},[660,1219,699],{"class":698},[660,1221,1222,1225,1227],{"class":662,"line":723},[660,1223,1224],{"class":670},"    only_upgrade",[660,1226,674],{"class":666},[660,1228,699],{"class":698},[11,1230,1231,1232,1235],{},"We don't need to be too specific here. We just put the star as a package name and all packages will be upgraded to the latest patch version. The ",[43,1233,1234],{},"update_cache"," field will make sure the cache is updated before upgrade process.",[395,1237,1238],{},[11,1239,1240],{},"It's needless to say, we are using Ubuntu LTS and the package major versions are frozen in the entire support time-span (for 5 years).",[35,1242,1244],{"id":1243},"disable-root-login","Disable root login",[11,1246,1247,1248,1251,1252,285],{},"Servers that are reachable from the public internet, needs to be reinforced for dealing with bad actors such as ",[21,1249,1250],{},"hackers"," and ",[21,1253,1254],{},"automated robots",[395,1256,1257],{},[11,1258,1259,1260,1263],{},"Check your ",[43,1261,1262],{},"auth.log"," file for any suspicious activity.",[11,1265,1266],{},"You have some common options to configure:",[121,1268,1269,1276,1279],{},[18,1270,1271,1272,1275],{},"Disabling the ssh ",[43,1273,1274],{},"root"," Login",[18,1277,1278],{},"Disabling the ssh password-login completely",[18,1280,1281,1282],{},"Configuring something like ",[43,1283,1284],{},"fail2ban",[395,1286,1287],{},[11,1288,1289,1290,1293,1294,1297],{},"All approaches for human authentication rely on: ",[21,1291,1292],{},"Something You Know, Have, or Are."," But the thing is, knowing something good enough like complex password is not feasible for most of us. Especially when you are dealing with multiple machines. So you better to leverage something that you can ",[21,1295,1296],{},"have",". Something like ssh-keys. Even better, combine it with optional ssh password that is easy to remember.",[11,1299,1300],{},"Here we just define the first one. It's probably the easiest and most straight-forward things to do.",[11,1302,1303,1304,1307],{},"The built-in module ",[43,1305,1306],{},"ansible.builtin.lineinfile"," can help us here:",[652,1309,1311],{"className":654,"code":1310,"language":656,"meta":235,"style":235},"---\n- name: Disabling the root login of ssh daemon\n  ansible.builtin.lineinfile:\n    path: /etc/ssh/sshd_config\n    state: present\n    regex: '^#?PermitRootLogin\\s+.*'\n    line: 'PermitRootLogin no'\n  notify:\n    - ssh daemon reload\n",[43,1312,1313,1317,1328,1335,1345,1353,1363,1373,1380],{"__ignoreMap":235},[660,1314,1315],{"class":662,"line":663},[660,1316,1066],{"class":1065},[660,1318,1319,1321,1323,1325],{"class":662,"line":236},[660,1320,667],{"class":666},[660,1322,671],{"class":670},[660,1324,674],{"class":666},[660,1326,1327],{"class":677},"Disabling the root login of ssh daemon\n",[660,1329,1330,1333],{"class":662,"line":241},[660,1331,1332],{"class":670},"  ansible.builtin.lineinfile",[660,1334,729],{"class":666},[660,1336,1337,1340,1342],{"class":662,"line":702},[660,1338,1339],{"class":670},"    path",[660,1341,674],{"class":666},[660,1343,1344],{"class":677},"/etc/ssh/sshd_config\n",[660,1346,1347,1349,1351],{"class":662,"line":712},[660,1348,1099],{"class":670},[660,1350,674],{"class":666},[660,1352,1104],{"class":677},[660,1354,1355,1358,1360],{"class":662,"line":723},[660,1356,1357],{"class":670},"    regex",[660,1359,674],{"class":666},[660,1361,1362],{"class":677},"'^#?PermitRootLogin\\s+.*'\n",[660,1364,1365,1368,1370],{"class":662,"line":732},[660,1366,1367],{"class":670},"    line",[660,1369,674],{"class":666},[660,1371,1372],{"class":677},"'PermitRootLogin no'\n",[660,1374,1375,1378],{"class":662,"line":745},[660,1376,1377],{"class":670},"  notify",[660,1379,729],{"class":666},[660,1381,1382,1384],{"class":662,"line":753},[660,1383,1009],{"class":666},[660,1385,1386],{"class":677},"ssh daemon reload\n",[11,1388,1389,1390,1393,1394,1397,1398,1401,1402,1404],{},"The module ",[43,1391,1392],{},"lineinfile"," need the ",[43,1395,1396],{},"path"," of the file, ",[43,1399,1400],{},"regex"," to match and the ",[43,1403,662],{}," to replace into the matched regex.",[395,1406,1407],{},[11,1408,1409,1410,1412],{},"When modifying a line, the regex should typically match both the initial state of the line as well as its state after replacement by ",[43,1411,662],{}," to ensure idempotence.",[11,1414,1415,1416,1419,1420,1169],{},"At the end, we notify the ",[43,1417,1418],{},"ssh daemon reload"," to apply the new configuration. Here is the handler in ",[43,1421,1422],{},"handler/restart_ssh.yml",[652,1424,1426],{"className":654,"code":1425,"language":656,"meta":235,"style":235},"---\n- name: restart ssh service\n  ansible.builtin.service:\n    name: ssh.socket\n    state: restarted\n",[43,1427,1428,1432,1443,1450,1459],{"__ignoreMap":235},[660,1429,1430],{"class":662,"line":663},[660,1431,1066],{"class":1065},[660,1433,1434,1436,1438,1440],{"class":662,"line":236},[660,1435,667],{"class":666},[660,1437,671],{"class":670},[660,1439,674],{"class":666},[660,1441,1442],{"class":677},"restart ssh service\n",[660,1444,1445,1448],{"class":662,"line":241},[660,1446,1447],{"class":670},"  ansible.builtin.service",[660,1449,729],{"class":666},[660,1451,1452,1454,1456],{"class":662,"line":702},[660,1453,1197],{"class":670},[660,1455,674],{"class":666},[660,1457,1458],{"class":677},"ssh.socket\n",[660,1460,1461,1463,1465],{"class":662,"line":712},[660,1462,1099],{"class":670},[660,1464,674],{"class":666},[660,1466,1467],{"class":677},"restarted\n",[35,1469,1471],{"id":1470},"firewall","Firewall",[395,1473,1474],{},[11,1475,1476,1477,1480],{},"Don't do anything rush about iptables otherwise you will lock-out yourself from connecting to your server. Try to test these using tools like ",[43,1478,1479],{},"iptables-apply"," to see if they work as expected.",[11,1482,1483],{},"You better to be strict about what packets are free to enter you server.",[11,1485,1486,1487,1490],{},"The common sense about the firewall strategies states that, ",[21,1488,1489],{},"you should allow only the packets that you are need and trust",". You can’t have serious security if you use a default policy of ACCEPT and continuously insert rules to drop packets from sources that start to send bad stuff. You must allow only the packets that you trust, and deny everything else.",[11,1492,1493],{},"So, the firewalls are little more specific because it depends on the applications that you are running and hosting on your server.",[11,1495,1496],{},"Here I write some general ones in the playbook:",[395,1498,1499],{},[11,1500,1501],{},"Iptable is still the dominant firewall in most Linux distros and because of that, We will focus on that here.",[652,1503,1505],{"className":654,"code":1504,"language":656,"meta":235,"style":235},"---\n- name: flush all INPUT chain rules\n  ansible.builtin.iptables:\n    chain: INPUT\n    flush: yes\n\n- name: Iptable accept icmp packets\n  ansible.builtin.iptables:\n    chain: INPUT\n    protocol: icmp\n    jump: ACCEPT\n\n- name: Iptable accept tcp packet that are initiated from server\n  ansible.builtin.iptables:\n    chain: INPUT\n    protocol: tcp\n    syn: negate\n    jump: ACCEPT\n\n- name: Iptable accept packets from localhost\n  ansible.builtin.iptables:\n    chain: INPUT\n    source: 127.0.0.1\n    jump: ACCEPT\n\n- name: Iptable accept packets from local network\n  ansible.builtin.iptables:\n    chain: INPUT\n    source: 10.0.0.0/24\n    jump: ACCEPT\n\n- name: Iptable accept tcp packets on port 22\n  ansible.builtin.iptables:\n    chain: INPUT\n    protocol: tcp\n    destination_ports:\n      - \"22\"\n    jump: ACCEPT\n\n- name: Iptable accept dns packets\n  ansible.builtin.iptables:\n    chain: INPUT\n    protocol: udp\n    source_port: 53\n    jump: ACCEPT\n\n- name: Iptable accept on http port\n  ansible.builtin.iptables:\n    chain: INPUT\n    protocol: tcp\n    destination_port: 80\n    jump: ACCEPT\n\n- name: Iptable accept requests to k3s control node, Only from local network.\n  ansible.builtin.iptables:\n    chain: INPUT\n    source: 10.0.0.0/24\n    protocol: tcp\n    destination_port: 6443\n    jump: ACCEPT\n\n- name: INPUT CHAIN Default Policy Drop\n  ansible.builtin.iptables:\n    chain: INPUT\n    policy: DROP\n\n- name: Save current state of the firewall in file system\n  community.general.iptables_state:\n    state: saved\n    path: /etc/iptables/rules.v4\n",[43,1506,1507,1511,1522,1529,1539,1549,1553,1564,1570,1578,1588,1598,1602,1613,1619,1627,1636,1646,1654,1658,1669,1675,1683,1693,1701,1705,1717,1724,1733,1743,1752,1757,1769,1776,1785,1794,1802,1811,1820,1825,1837,1844,1853,1863,1874,1883,1888,1900,1907,1916,1925,1936,1945,1950,1962,1969,1978,1987,1996,2006,2015,2020,2032,2039,2048,2059,2064,2076,2084,2094],{"__ignoreMap":235},[660,1508,1509],{"class":662,"line":663},[660,1510,1066],{"class":1065},[660,1512,1513,1515,1517,1519],{"class":662,"line":236},[660,1514,667],{"class":666},[660,1516,671],{"class":670},[660,1518,674],{"class":666},[660,1520,1521],{"class":677},"flush all INPUT chain rules\n",[660,1523,1524,1527],{"class":662,"line":241},[660,1525,1526],{"class":670},"  ansible.builtin.iptables",[660,1528,729],{"class":666},[660,1530,1531,1534,1536],{"class":662,"line":702},[660,1532,1533],{"class":670},"    chain",[660,1535,674],{"class":666},[660,1537,1538],{"class":677},"INPUT\n",[660,1540,1541,1544,1546],{"class":662,"line":712},[660,1542,1543],{"class":670},"    flush",[660,1545,674],{"class":666},[660,1547,1548],{"class":698},"yes\n",[660,1550,1551],{"class":662,"line":723},[660,1552,778],{"emptyLinePlaceholder":251},[660,1554,1555,1557,1559,1561],{"class":662,"line":732},[660,1556,667],{"class":666},[660,1558,671],{"class":670},[660,1560,674],{"class":666},[660,1562,1563],{"class":677},"Iptable accept icmp packets\n",[660,1565,1566,1568],{"class":662,"line":745},[660,1567,1526],{"class":670},[660,1569,729],{"class":666},[660,1571,1572,1574,1576],{"class":662,"line":753},[660,1573,1533],{"class":670},[660,1575,674],{"class":666},[660,1577,1538],{"class":677},[660,1579,1580,1583,1585],{"class":662,"line":764},[660,1581,1582],{"class":670},"    protocol",[660,1584,674],{"class":666},[660,1586,1587],{"class":677},"icmp\n",[660,1589,1590,1593,1595],{"class":662,"line":775},[660,1591,1592],{"class":670},"    jump",[660,1594,674],{"class":666},[660,1596,1597],{"class":677},"ACCEPT\n",[660,1599,1600],{"class":662,"line":781},[660,1601,778],{"emptyLinePlaceholder":251},[660,1603,1604,1606,1608,1610],{"class":662,"line":793},[660,1605,667],{"class":666},[660,1607,671],{"class":670},[660,1609,674],{"class":666},[660,1611,1612],{"class":677},"Iptable accept tcp packet that are initiated from server\n",[660,1614,1615,1617],{"class":662,"line":801},[660,1616,1526],{"class":670},[660,1618,729],{"class":666},[660,1620,1621,1623,1625],{"class":662,"line":812},[660,1622,1533],{"class":670},[660,1624,674],{"class":666},[660,1626,1538],{"class":677},[660,1628,1629,1631,1633],{"class":662,"line":823},[660,1630,1582],{"class":670},[660,1632,674],{"class":666},[660,1634,1635],{"class":677},"tcp\n",[660,1637,1638,1641,1643],{"class":662,"line":828},[660,1639,1640],{"class":670},"    syn",[660,1642,674],{"class":666},[660,1644,1645],{"class":677},"negate\n",[660,1647,1648,1650,1652],{"class":662,"line":840},[660,1649,1592],{"class":670},[660,1651,674],{"class":666},[660,1653,1597],{"class":677},[660,1655,1656],{"class":662,"line":847},[660,1657,778],{"emptyLinePlaceholder":251},[660,1659,1660,1662,1664,1666],{"class":662,"line":857},[660,1661,667],{"class":666},[660,1663,671],{"class":670},[660,1665,674],{"class":666},[660,1667,1668],{"class":677},"Iptable accept packets from localhost\n",[660,1670,1671,1673],{"class":662,"line":866},[660,1672,1526],{"class":670},[660,1674,729],{"class":666},[660,1676,1677,1679,1681],{"class":662,"line":871},[660,1678,1533],{"class":670},[660,1680,674],{"class":666},[660,1682,1538],{"class":677},[660,1684,1685,1688,1690],{"class":662,"line":883},[660,1686,1687],{"class":670},"    source",[660,1689,674],{"class":666},[660,1691,1692],{"class":698},"127.0.0.1\n",[660,1694,1695,1697,1699],{"class":662,"line":891},[660,1696,1592],{"class":670},[660,1698,674],{"class":666},[660,1700,1597],{"class":677},[660,1702,1703],{"class":662,"line":900},[660,1704,778],{"emptyLinePlaceholder":251},[660,1706,1708,1710,1712,1714],{"class":662,"line":1707},26,[660,1709,667],{"class":666},[660,1711,671],{"class":670},[660,1713,674],{"class":666},[660,1715,1716],{"class":677},"Iptable accept packets from local network\n",[660,1718,1720,1722],{"class":662,"line":1719},27,[660,1721,1526],{"class":670},[660,1723,729],{"class":666},[660,1725,1727,1729,1731],{"class":662,"line":1726},28,[660,1728,1533],{"class":670},[660,1730,674],{"class":666},[660,1732,1538],{"class":677},[660,1734,1736,1738,1740],{"class":662,"line":1735},29,[660,1737,1687],{"class":670},[660,1739,674],{"class":666},[660,1741,1742],{"class":677},"10.0.0.0/24\n",[660,1744,1746,1748,1750],{"class":662,"line":1745},30,[660,1747,1592],{"class":670},[660,1749,674],{"class":666},[660,1751,1597],{"class":677},[660,1753,1755],{"class":662,"line":1754},31,[660,1756,778],{"emptyLinePlaceholder":251},[660,1758,1760,1762,1764,1766],{"class":662,"line":1759},32,[660,1761,667],{"class":666},[660,1763,671],{"class":670},[660,1765,674],{"class":666},[660,1767,1768],{"class":677},"Iptable accept tcp packets on port 22\n",[660,1770,1772,1774],{"class":662,"line":1771},33,[660,1773,1526],{"class":670},[660,1775,729],{"class":666},[660,1777,1779,1781,1783],{"class":662,"line":1778},34,[660,1780,1533],{"class":670},[660,1782,674],{"class":666},[660,1784,1538],{"class":677},[660,1786,1788,1790,1792],{"class":662,"line":1787},35,[660,1789,1582],{"class":670},[660,1791,674],{"class":666},[660,1793,1635],{"class":677},[660,1795,1797,1800],{"class":662,"line":1796},36,[660,1798,1799],{"class":670},"    destination_ports",[660,1801,729],{"class":666},[660,1803,1805,1808],{"class":662,"line":1804},37,[660,1806,1807],{"class":666},"      - ",[660,1809,1810],{"class":677},"\"22\"\n",[660,1812,1814,1816,1818],{"class":662,"line":1813},38,[660,1815,1592],{"class":670},[660,1817,674],{"class":666},[660,1819,1597],{"class":677},[660,1821,1823],{"class":662,"line":1822},39,[660,1824,778],{"emptyLinePlaceholder":251},[660,1826,1828,1830,1832,1834],{"class":662,"line":1827},40,[660,1829,667],{"class":666},[660,1831,671],{"class":670},[660,1833,674],{"class":666},[660,1835,1836],{"class":677},"Iptable accept dns packets\n",[660,1838,1840,1842],{"class":662,"line":1839},41,[660,1841,1526],{"class":670},[660,1843,729],{"class":666},[660,1845,1847,1849,1851],{"class":662,"line":1846},42,[660,1848,1533],{"class":670},[660,1850,674],{"class":666},[660,1852,1538],{"class":677},[660,1854,1856,1858,1860],{"class":662,"line":1855},43,[660,1857,1582],{"class":670},[660,1859,674],{"class":666},[660,1861,1862],{"class":677},"udp\n",[660,1864,1866,1869,1871],{"class":662,"line":1865},44,[660,1867,1868],{"class":670},"    source_port",[660,1870,674],{"class":666},[660,1872,1873],{"class":698},"53\n",[660,1875,1877,1879,1881],{"class":662,"line":1876},45,[660,1878,1592],{"class":670},[660,1880,674],{"class":666},[660,1882,1597],{"class":677},[660,1884,1886],{"class":662,"line":1885},46,[660,1887,778],{"emptyLinePlaceholder":251},[660,1889,1891,1893,1895,1897],{"class":662,"line":1890},47,[660,1892,667],{"class":666},[660,1894,671],{"class":670},[660,1896,674],{"class":666},[660,1898,1899],{"class":677},"Iptable accept on http port\n",[660,1901,1903,1905],{"class":662,"line":1902},48,[660,1904,1526],{"class":670},[660,1906,729],{"class":666},[660,1908,1910,1912,1914],{"class":662,"line":1909},49,[660,1911,1533],{"class":670},[660,1913,674],{"class":666},[660,1915,1538],{"class":677},[660,1917,1919,1921,1923],{"class":662,"line":1918},50,[660,1920,1582],{"class":670},[660,1922,674],{"class":666},[660,1924,1635],{"class":677},[660,1926,1928,1931,1933],{"class":662,"line":1927},51,[660,1929,1930],{"class":670},"    destination_port",[660,1932,674],{"class":666},[660,1934,1935],{"class":698},"80\n",[660,1937,1939,1941,1943],{"class":662,"line":1938},52,[660,1940,1592],{"class":670},[660,1942,674],{"class":666},[660,1944,1597],{"class":677},[660,1946,1948],{"class":662,"line":1947},53,[660,1949,778],{"emptyLinePlaceholder":251},[660,1951,1953,1955,1957,1959],{"class":662,"line":1952},54,[660,1954,667],{"class":666},[660,1956,671],{"class":670},[660,1958,674],{"class":666},[660,1960,1961],{"class":677},"Iptable accept requests to k3s control node, Only from local network.\n",[660,1963,1965,1967],{"class":662,"line":1964},55,[660,1966,1526],{"class":670},[660,1968,729],{"class":666},[660,1970,1972,1974,1976],{"class":662,"line":1971},56,[660,1973,1533],{"class":670},[660,1975,674],{"class":666},[660,1977,1538],{"class":677},[660,1979,1981,1983,1985],{"class":662,"line":1980},57,[660,1982,1687],{"class":670},[660,1984,674],{"class":666},[660,1986,1742],{"class":677},[660,1988,1990,1992,1994],{"class":662,"line":1989},58,[660,1991,1582],{"class":670},[660,1993,674],{"class":666},[660,1995,1635],{"class":677},[660,1997,1999,2001,2003],{"class":662,"line":1998},59,[660,2000,1930],{"class":670},[660,2002,674],{"class":666},[660,2004,2005],{"class":698},"6443\n",[660,2007,2009,2011,2013],{"class":662,"line":2008},60,[660,2010,1592],{"class":670},[660,2012,674],{"class":666},[660,2014,1597],{"class":677},[660,2016,2018],{"class":662,"line":2017},61,[660,2019,778],{"emptyLinePlaceholder":251},[660,2021,2023,2025,2027,2029],{"class":662,"line":2022},62,[660,2024,667],{"class":666},[660,2026,671],{"class":670},[660,2028,674],{"class":666},[660,2030,2031],{"class":677},"INPUT CHAIN Default Policy Drop\n",[660,2033,2035,2037],{"class":662,"line":2034},63,[660,2036,1526],{"class":670},[660,2038,729],{"class":666},[660,2040,2042,2044,2046],{"class":662,"line":2041},64,[660,2043,1533],{"class":670},[660,2045,674],{"class":666},[660,2047,1538],{"class":677},[660,2049,2051,2054,2056],{"class":662,"line":2050},65,[660,2052,2053],{"class":670},"    policy",[660,2055,674],{"class":666},[660,2057,2058],{"class":677},"DROP\n",[660,2060,2062],{"class":662,"line":2061},66,[660,2063,778],{"emptyLinePlaceholder":251},[660,2065,2067,2069,2071,2073],{"class":662,"line":2066},67,[660,2068,667],{"class":666},[660,2070,671],{"class":670},[660,2072,674],{"class":666},[660,2074,2075],{"class":677},"Save current state of the firewall in file system\n",[660,2077,2079,2082],{"class":662,"line":2078},68,[660,2080,2081],{"class":670},"  community.general.iptables_state",[660,2083,729],{"class":666},[660,2085,2087,2089,2091],{"class":662,"line":2086},69,[660,2088,1099],{"class":670},[660,2090,674],{"class":666},[660,2092,2093],{"class":677},"saved\n",[660,2095,2097,2099,2101],{"class":662,"line":2096},70,[660,2098,1339],{"class":670},[660,2100,674],{"class":666},[660,2102,2103],{"class":677},"/etc/iptables/rules.v4\n",[11,2105,2106,2107,2110,2111,2114],{},"Things are quite self-explanatory. But the important thing is, you need to make sure the iptable is saved and preserved after reboot. This can be done via the package ",[43,2108,2109],{},"iptable-persistant"," . You just install the package and after that, the file ",[43,2112,2113],{},"/etc/iptabels/rules.v4"," will be loaded every-time at the boot.",[395,2116,2117],{},[11,2118,2119],{},"UFW can also be used as a more ergonomic front-end to iptables here. Its roles also does not need configuring to be persistent after reboot. It just works!",[35,2121,2123],{"id":2122},"ssh-port","SSH port",[11,2125,2126],{},"This is where Ansible gets complicated.",[11,2128,2129,2130,2132,2133,2136,2137,1139],{},"Changing the ssh default port is easy enough. You just use the ",[43,2131,1392],{}," and change the ",[43,2134,2135],{},"Port"," parameter of ",[43,2138,2139],{},"/etc/sshd/sshd.config",[11,2141,2142],{},"The issue is that Ansible uses SSH for its connections. How can we change the default SSH port and still maintain Ansible's SSH connection?",[11,2144,2145],{},"The problem is about making the role idempotent without having to fiddle with your inventory file too much.",[11,2147,2148],{},"Consider the following inventory:",[652,2150,2152],{"className":654,"code":2151,"language":656,"meta":235,"style":235},"[homelab]\n10.0.0.30 ansible_port=2222\n10.0.0.31 ansible_port=2222\n10.0.0.32 ansible_port=2222\n\n[cloud]\n188.65.100.54 ansible_port=22\n",[43,2153,2154,2165,2170,2175,2180,2184,2193],{"__ignoreMap":235},[660,2155,2156,2159,2162],{"class":662,"line":663},[660,2157,2158],{"class":666},"[",[660,2160,2161],{"class":677},"homelab",[660,2163,2164],{"class":666},"]\n",[660,2166,2167],{"class":662,"line":236},[660,2168,2169],{"class":677},"10.0.0.30 ansible_port=2222\n",[660,2171,2172],{"class":662,"line":241},[660,2173,2174],{"class":677},"10.0.0.31 ansible_port=2222\n",[660,2176,2177],{"class":662,"line":702},[660,2178,2179],{"class":677},"10.0.0.32 ansible_port=2222\n",[660,2181,2182],{"class":662,"line":712},[660,2183,778],{"emptyLinePlaceholder":251},[660,2185,2186,2188,2191],{"class":662,"line":723},[660,2187,2158],{"class":666},[660,2189,2190],{"class":677},"cloud",[660,2192,2164],{"class":666},[660,2194,2195],{"class":662,"line":732},[660,2196,2197],{"class":677},"188.65.100.54 ansible_port=22\n",[11,2199,2200,2201,2204],{},"Let's say we want to change the ssh port of ",[43,2202,2203],{},"[cloud]"," hosts to 2222. When the playbook done its job, ansible ssh connection will be terminated and we need to change our inventory file manually.",[11,2206,2207],{},[21,2208,2209],{},"Is that even possible to make this idempotent? Or i am just too much perfectionist?",[11,2211,2212,2213,2218],{},"It turn out ",[408,2214,2217],{"href":2215,"rel":2216},"https://dmsimard.com/2016/03/15/changing-the-ssh-port-with-ansible/",[412],"there is a way"," to handle that:",[652,2220,2222],{"className":654,"code":2221,"language":656,"meta":235,"style":235},"---\n# When we change the ssh port, ansible can not connect to the host anymore.\n# So here we configure something to figure out what is the current port numeber\n# and make changes based on that without manual modification to inventory.\n\n\n# The variable \"configured_port\" is the port that needs to be configured!\n# We make a copy of the variable \"ansible_port\". because changing that directly\n# will mess with the ansible ssh connection.\n\n- name: Set configured port fact\n  set_fact:\n    configured_port: \"{{ ansible_port }}\"\n\n\n\n- name: Check if server is using the default SSH port\n  ansible.builtin.wait_for:\n    port: 22 \n    state: started \n    host: \"{{inventory_hostname}}\"\n    timeout: 4\n    msg: The host is Not reachable on the default 22 port!\n    delay: 0\n  delegate_to: localhost \n  ignore_errors: \"yes\"\n  register: default_ssh\n\n# If the \"default_ssh\" is set from above, continue the tasks with the default port set. \n- name: Set inventory ansible_port to default\n  set_fact:\n    ansible_port: \"22\"\n  when: default_ssh is defined and\n        default_ssh.failed is false \n  register: ssh_port_set\n\n\n\n# Only runs if the \"default_ssh\" is not defined.\n- name: Check if we're using the inventory-provided SSH port\n  ansible.builtin.wait_for:\n    port: \"{{ configured_port }}\"\n    state: \"started\"\n    host: \"{{ inventory_hostname }}\"\n    msg: \"The host is not reachable on the inventory specified port {{ansible_port}}\"\n    timeout: 4\n    delay: 0\n  delegate_to: \"localhost\"\n  ignore_errors: \"yes\"\n  register: configured_ssh\n  when: default_ssh is defined and\n        default_ssh.state is undefined\n\n# If {{ ansible_port }} is reachable, we don't need to do anything special. \n- name: SSH port is configured properly\n  debug:\n    msg: \"SSH port is configured properly\"\n  when: configured_ssh is defined and\n        configured_ssh.state is defined and\n        configured_ssh.state == \"started\"\n  register: ssh_port_set\n\n# At this point, the variable \"ssh_port_set\" should be defined and have some value.\n# if not, it means it's not reachable with neither 22 or \"ansible_port\".\n- name: Fail if SSH port was not auto-detected (unknown)\n  fail:\n    msg: \"The SSH port is neither 22 or {{ ansible_port }}. Check the {{inventory_hostname}} manually!\"\n  when: ssh_port_set is undefined\n\n\n- name: Change SSH listen port to target port\n  ansible.builtin.lineinfile:\n    dest: \"/etc/ssh/sshd_config\"\n    regex: \"^#?Port.*\"\n    line: \"Port {{configured_port}}\"\n  notify:\n    - restart daemon\n    - restart ssh service\n\n\n# You probably need this. otherwise the ssh restart handlers are not executed.\n- name: Flush handlers to apply SSH changes\n  meta: flush_handlers\n\n- name: Ensure we use the configured SSH port for the remainder of the role\n  set_fact:\n    ansible_port: \"{{ configured_port }}\"\n\n# gather facts is better to be disabled during this playbook. because it's needs a ssh connection to the remote server. \n- name: gather facts now, as now the server is ready in the configured port \n  ansible.builtin.setup:\n\n",[43,2223,2224,2228,2234,2239,2244,2248,2252,2257,2262,2267,2271,2282,2289,2299,2303,2307,2311,2322,2329,2342,2353,2363,2373,2383,2393,2405,2415,2425,2429,2434,2445,2451,2460,2470,2477,2486,2490,2494,2498,2503,2514,2520,2529,2538,2547,2556,2564,2572,2581,2589,2598,2606,2611,2615,2620,2631,2638,2647,2656,2661,2666,2674,2678,2683,2688,2699,2706,2715,2724,2728,2732,2744,2751,2762,2772,2782,2789,2797,2804,2809,2814,2820,2832,2843,2848,2860,2867,2876,2881,2887,2901],{"__ignoreMap":235},[660,2225,2226],{"class":662,"line":663},[660,2227,1066],{"class":1065},[660,2229,2230],{"class":662,"line":236},[660,2231,2233],{"class":2232},"sAwPA","# When we change the ssh port, ansible can not connect to the host anymore.\n",[660,2235,2236],{"class":662,"line":241},[660,2237,2238],{"class":2232},"# So here we configure something to figure out what is the current port numeber\n",[660,2240,2241],{"class":662,"line":702},[660,2242,2243],{"class":2232},"# and make changes based on that without manual modification to inventory.\n",[660,2245,2246],{"class":662,"line":712},[660,2247,778],{"emptyLinePlaceholder":251},[660,2249,2250],{"class":662,"line":723},[660,2251,778],{"emptyLinePlaceholder":251},[660,2253,2254],{"class":662,"line":732},[660,2255,2256],{"class":2232},"# The variable \"configured_port\" is the port that needs to be configured!\n",[660,2258,2259],{"class":662,"line":745},[660,2260,2261],{"class":2232},"# We make a copy of the variable \"ansible_port\". because changing that directly\n",[660,2263,2264],{"class":662,"line":753},[660,2265,2266],{"class":2232},"# will mess with the ansible ssh connection.\n",[660,2268,2269],{"class":662,"line":764},[660,2270,778],{"emptyLinePlaceholder":251},[660,2272,2273,2275,2277,2279],{"class":662,"line":775},[660,2274,667],{"class":666},[660,2276,671],{"class":670},[660,2278,674],{"class":666},[660,2280,2281],{"class":677},"Set configured port fact\n",[660,2283,2284,2287],{"class":662,"line":781},[660,2285,2286],{"class":670},"  set_fact",[660,2288,729],{"class":666},[660,2290,2291,2294,2296],{"class":662,"line":793},[660,2292,2293],{"class":670},"    configured_port",[660,2295,674],{"class":666},[660,2297,2298],{"class":677},"\"{{ ansible_port }}\"\n",[660,2300,2301],{"class":662,"line":801},[660,2302,778],{"emptyLinePlaceholder":251},[660,2304,2305],{"class":662,"line":812},[660,2306,778],{"emptyLinePlaceholder":251},[660,2308,2309],{"class":662,"line":823},[660,2310,778],{"emptyLinePlaceholder":251},[660,2312,2313,2315,2317,2319],{"class":662,"line":828},[660,2314,667],{"class":666},[660,2316,671],{"class":670},[660,2318,674],{"class":666},[660,2320,2321],{"class":677},"Check if server is using the default SSH port\n",[660,2323,2324,2327],{"class":662,"line":840},[660,2325,2326],{"class":670},"  ansible.builtin.wait_for",[660,2328,729],{"class":666},[660,2330,2331,2334,2336,2339],{"class":662,"line":847},[660,2332,2333],{"class":670},"    port",[660,2335,674],{"class":666},[660,2337,2338],{"class":698},"22",[660,2340,2341],{"class":666}," \n",[660,2343,2344,2346,2348,2351],{"class":662,"line":857},[660,2345,1099],{"class":670},[660,2347,674],{"class":666},[660,2349,2350],{"class":677},"started",[660,2352,2341],{"class":666},[660,2354,2355,2358,2360],{"class":662,"line":866},[660,2356,2357],{"class":670},"    host",[660,2359,674],{"class":666},[660,2361,2362],{"class":677},"\"{{inventory_hostname}}\"\n",[660,2364,2365,2368,2370],{"class":662,"line":871},[660,2366,2367],{"class":670},"    timeout",[660,2369,674],{"class":666},[660,2371,2372],{"class":698},"4\n",[660,2374,2375,2378,2380],{"class":662,"line":883},[660,2376,2377],{"class":670},"    msg",[660,2379,674],{"class":666},[660,2381,2382],{"class":677},"The host is Not reachable on the default 22 port!\n",[660,2384,2385,2388,2390],{"class":662,"line":891},[660,2386,2387],{"class":670},"    delay",[660,2389,674],{"class":666},[660,2391,2392],{"class":698},"0\n",[660,2394,2395,2398,2400,2403],{"class":662,"line":900},[660,2396,2397],{"class":670},"  delegate_to",[660,2399,674],{"class":666},[660,2401,2402],{"class":677},"localhost",[660,2404,2341],{"class":666},[660,2406,2407,2410,2412],{"class":662,"line":1707},[660,2408,2409],{"class":670},"  ignore_errors",[660,2411,674],{"class":666},[660,2413,2414],{"class":677},"\"yes\"\n",[660,2416,2417,2420,2422],{"class":662,"line":1719},[660,2418,2419],{"class":670},"  register",[660,2421,674],{"class":666},[660,2423,2424],{"class":677},"default_ssh\n",[660,2426,2427],{"class":662,"line":1726},[660,2428,778],{"emptyLinePlaceholder":251},[660,2430,2431],{"class":662,"line":1735},[660,2432,2433],{"class":2232},"# If the \"default_ssh\" is set from above, continue the tasks with the default port set. \n",[660,2435,2436,2438,2440,2442],{"class":662,"line":1745},[660,2437,667],{"class":666},[660,2439,671],{"class":670},[660,2441,674],{"class":666},[660,2443,2444],{"class":677},"Set inventory ansible_port to default\n",[660,2446,2447,2449],{"class":662,"line":1754},[660,2448,2286],{"class":670},[660,2450,729],{"class":666},[660,2452,2453,2456,2458],{"class":662,"line":1759},[660,2454,2455],{"class":670},"    ansible_port",[660,2457,674],{"class":666},[660,2459,1810],{"class":677},[660,2461,2462,2465,2467],{"class":662,"line":1771},[660,2463,2464],{"class":670},"  when",[660,2466,674],{"class":666},[660,2468,2469],{"class":677},"default_ssh is defined and\n",[660,2471,2472,2475],{"class":662,"line":1778},[660,2473,2474],{"class":677},"        default_ssh.failed is false",[660,2476,2341],{"class":666},[660,2478,2479,2481,2483],{"class":662,"line":1787},[660,2480,2419],{"class":670},[660,2482,674],{"class":666},[660,2484,2485],{"class":677},"ssh_port_set\n",[660,2487,2488],{"class":662,"line":1796},[660,2489,778],{"emptyLinePlaceholder":251},[660,2491,2492],{"class":662,"line":1804},[660,2493,778],{"emptyLinePlaceholder":251},[660,2495,2496],{"class":662,"line":1813},[660,2497,778],{"emptyLinePlaceholder":251},[660,2499,2500],{"class":662,"line":1822},[660,2501,2502],{"class":2232},"# Only runs if the \"default_ssh\" is not defined.\n",[660,2504,2505,2507,2509,2511],{"class":662,"line":1827},[660,2506,667],{"class":666},[660,2508,671],{"class":670},[660,2510,674],{"class":666},[660,2512,2513],{"class":677},"Check if we're using the inventory-provided SSH port\n",[660,2515,2516,2518],{"class":662,"line":1839},[660,2517,2326],{"class":670},[660,2519,729],{"class":666},[660,2521,2522,2524,2526],{"class":662,"line":1846},[660,2523,2333],{"class":670},[660,2525,674],{"class":666},[660,2527,2528],{"class":677},"\"{{ configured_port }}\"\n",[660,2530,2531,2533,2535],{"class":662,"line":1855},[660,2532,1099],{"class":670},[660,2534,674],{"class":666},[660,2536,2537],{"class":677},"\"started\"\n",[660,2539,2540,2542,2544],{"class":662,"line":1865},[660,2541,2357],{"class":670},[660,2543,674],{"class":666},[660,2545,2546],{"class":677},"\"{{ inventory_hostname }}\"\n",[660,2548,2549,2551,2553],{"class":662,"line":1876},[660,2550,2377],{"class":670},[660,2552,674],{"class":666},[660,2554,2555],{"class":677},"\"The host is not reachable on the inventory specified port {{ansible_port}}\"\n",[660,2557,2558,2560,2562],{"class":662,"line":1885},[660,2559,2367],{"class":670},[660,2561,674],{"class":666},[660,2563,2372],{"class":698},[660,2565,2566,2568,2570],{"class":662,"line":1890},[660,2567,2387],{"class":670},[660,2569,674],{"class":666},[660,2571,2392],{"class":698},[660,2573,2574,2576,2578],{"class":662,"line":1902},[660,2575,2397],{"class":670},[660,2577,674],{"class":666},[660,2579,2580],{"class":677},"\"localhost\"\n",[660,2582,2583,2585,2587],{"class":662,"line":1909},[660,2584,2409],{"class":670},[660,2586,674],{"class":666},[660,2588,2414],{"class":677},[660,2590,2591,2593,2595],{"class":662,"line":1918},[660,2592,2419],{"class":670},[660,2594,674],{"class":666},[660,2596,2597],{"class":677},"configured_ssh\n",[660,2599,2600,2602,2604],{"class":662,"line":1927},[660,2601,2464],{"class":670},[660,2603,674],{"class":666},[660,2605,2469],{"class":677},[660,2607,2608],{"class":662,"line":1938},[660,2609,2610],{"class":677},"        default_ssh.state is undefined\n",[660,2612,2613],{"class":662,"line":1947},[660,2614,778],{"emptyLinePlaceholder":251},[660,2616,2617],{"class":662,"line":1952},[660,2618,2619],{"class":2232},"# If {{ ansible_port }} is reachable, we don't need to do anything special. \n",[660,2621,2622,2624,2626,2628],{"class":662,"line":1964},[660,2623,667],{"class":666},[660,2625,671],{"class":670},[660,2627,674],{"class":666},[660,2629,2630],{"class":677},"SSH port is configured properly\n",[660,2632,2633,2636],{"class":662,"line":1971},[660,2634,2635],{"class":670},"  debug",[660,2637,729],{"class":666},[660,2639,2640,2642,2644],{"class":662,"line":1980},[660,2641,2377],{"class":670},[660,2643,674],{"class":666},[660,2645,2646],{"class":677},"\"SSH port is configured properly\"\n",[660,2648,2649,2651,2653],{"class":662,"line":1989},[660,2650,2464],{"class":670},[660,2652,674],{"class":666},[660,2654,2655],{"class":677},"configured_ssh is defined and\n",[660,2657,2658],{"class":662,"line":1998},[660,2659,2660],{"class":677},"        configured_ssh.state is defined and\n",[660,2662,2663],{"class":662,"line":2008},[660,2664,2665],{"class":677},"        configured_ssh.state == \"started\"\n",[660,2667,2668,2670,2672],{"class":662,"line":2017},[660,2669,2419],{"class":670},[660,2671,674],{"class":666},[660,2673,2485],{"class":677},[660,2675,2676],{"class":662,"line":2022},[660,2677,778],{"emptyLinePlaceholder":251},[660,2679,2680],{"class":662,"line":2034},[660,2681,2682],{"class":2232},"# At this point, the variable \"ssh_port_set\" should be defined and have some value.\n",[660,2684,2685],{"class":662,"line":2041},[660,2686,2687],{"class":2232},"# if not, it means it's not reachable with neither 22 or \"ansible_port\".\n",[660,2689,2690,2692,2694,2696],{"class":662,"line":2050},[660,2691,667],{"class":666},[660,2693,671],{"class":670},[660,2695,674],{"class":666},[660,2697,2698],{"class":677},"Fail if SSH port was not auto-detected (unknown)\n",[660,2700,2701,2704],{"class":662,"line":2061},[660,2702,2703],{"class":670},"  fail",[660,2705,729],{"class":666},[660,2707,2708,2710,2712],{"class":662,"line":2066},[660,2709,2377],{"class":670},[660,2711,674],{"class":666},[660,2713,2714],{"class":677},"\"The SSH port is neither 22 or {{ ansible_port }}. Check the {{inventory_hostname}} manually!\"\n",[660,2716,2717,2719,2721],{"class":662,"line":2078},[660,2718,2464],{"class":670},[660,2720,674],{"class":666},[660,2722,2723],{"class":677},"ssh_port_set is undefined\n",[660,2725,2726],{"class":662,"line":2086},[660,2727,778],{"emptyLinePlaceholder":251},[660,2729,2730],{"class":662,"line":2096},[660,2731,778],{"emptyLinePlaceholder":251},[660,2733,2735,2737,2739,2741],{"class":662,"line":2734},71,[660,2736,667],{"class":666},[660,2738,671],{"class":670},[660,2740,674],{"class":666},[660,2742,2743],{"class":677},"Change SSH listen port to target port\n",[660,2745,2747,2749],{"class":662,"line":2746},72,[660,2748,1332],{"class":670},[660,2750,729],{"class":666},[660,2752,2754,2757,2759],{"class":662,"line":2753},73,[660,2755,2756],{"class":670},"    dest",[660,2758,674],{"class":666},[660,2760,2761],{"class":677},"\"/etc/ssh/sshd_config\"\n",[660,2763,2765,2767,2769],{"class":662,"line":2764},74,[660,2766,1357],{"class":670},[660,2768,674],{"class":666},[660,2770,2771],{"class":677},"\"^#?Port.*\"\n",[660,2773,2775,2777,2779],{"class":662,"line":2774},75,[660,2776,1367],{"class":670},[660,2778,674],{"class":666},[660,2780,2781],{"class":677},"\"Port {{configured_port}}\"\n",[660,2783,2785,2787],{"class":662,"line":2784},76,[660,2786,1377],{"class":670},[660,2788,729],{"class":666},[660,2790,2792,2794],{"class":662,"line":2791},77,[660,2793,1009],{"class":666},[660,2795,2796],{"class":677},"restart daemon\n",[660,2798,2800,2802],{"class":662,"line":2799},78,[660,2801,1009],{"class":666},[660,2803,1442],{"class":677},[660,2805,2807],{"class":662,"line":2806},79,[660,2808,778],{"emptyLinePlaceholder":251},[660,2810,2812],{"class":662,"line":2811},80,[660,2813,778],{"emptyLinePlaceholder":251},[660,2815,2817],{"class":662,"line":2816},81,[660,2818,2819],{"class":2232},"# You probably need this. otherwise the ssh restart handlers are not executed.\n",[660,2821,2823,2825,2827,2829],{"class":662,"line":2822},82,[660,2824,667],{"class":666},[660,2826,671],{"class":670},[660,2828,674],{"class":666},[660,2830,2831],{"class":677},"Flush handlers to apply SSH changes\n",[660,2833,2835,2838,2840],{"class":662,"line":2834},83,[660,2836,2837],{"class":670},"  meta",[660,2839,674],{"class":666},[660,2841,2842],{"class":677},"flush_handlers\n",[660,2844,2846],{"class":662,"line":2845},84,[660,2847,778],{"emptyLinePlaceholder":251},[660,2849,2851,2853,2855,2857],{"class":662,"line":2850},85,[660,2852,667],{"class":666},[660,2854,671],{"class":670},[660,2856,674],{"class":666},[660,2858,2859],{"class":677},"Ensure we use the configured SSH port for the remainder of the role\n",[660,2861,2863,2865],{"class":662,"line":2862},86,[660,2864,2286],{"class":670},[660,2866,729],{"class":666},[660,2868,2870,2872,2874],{"class":662,"line":2869},87,[660,2871,2455],{"class":670},[660,2873,674],{"class":666},[660,2875,2528],{"class":677},[660,2877,2879],{"class":662,"line":2878},88,[660,2880,778],{"emptyLinePlaceholder":251},[660,2882,2884],{"class":662,"line":2883},89,[660,2885,2886],{"class":2232},"# gather facts is better to be disabled during this playbook. because it's needs a ssh connection to the remote server. \n",[660,2888,2890,2892,2894,2896,2899],{"class":662,"line":2889},90,[660,2891,667],{"class":666},[660,2893,671],{"class":670},[660,2895,674],{"class":666},[660,2897,2898],{"class":677},"gather facts now, as now the server is ready in the configured port",[660,2900,2341],{"class":666},[660,2902,2904,2907],{"class":662,"line":2903},91,[660,2905,2906],{"class":670},"  ansible.builtin.setup",[660,2908,729],{"class":666},[395,2910,2911],{},[11,2912,2913,2914,2917],{},"First, change the variable ",[43,2915,2916],{},"ansible_port"," to the target port that you want to change. For example: 1822",[11,2919,2920],{},"I've been written a lot of comments in the playbook so you can make sense from what is happening.",[11,2922,2923],{},"Here is some tips:",[121,2925,2926,2937],{},[18,2927,2928,2929,2932,2933,2936],{},"In general, we use the module ",[43,2930,2931],{},"ansible.builtin.waitfor"," for checking if the hosts are accessible on ports. if they are not reachable, the state of the ",[43,2934,2935],{},"waitfor"," module is undefined. We use this as a primary way to check this issue and act in systematic way.",[18,2938,2939,2940,2943,2944,2946,2947,2949],{},"Using ",[43,2941,2942],{},"elegate_to"," field in ",[43,2945,2935],{}," module is necessary. We want to initiate this process from our ",[43,2948,2402],{}," not the remote host!",[395,2951,2952],{},[11,2953,2954],{},"Do some research about how your linux distro is managing the ssh daemon and socket so you will make sure the changes are applied correctly. Things like Systemd are messing with everything nowdays...",[35,2956,2958],{"id":2957},"wrapping-up","Wrapping up",[11,2960,2961],{},"As you seen, Ansible has a really important place for automation In DevOps tool era. It's performant and ergonomic for writing common tasks. But as a downside, it's tedious to write and test properly. And also playbooks can become extremely tricky for custom and uncommon tasks.",[2963,2964,2965],"style",{},"html pre.shiki code .s95oV, html code.shiki .s95oV{--shiki-default:#E1E4E8}html pre.shiki code .s4JwU, html code.shiki .s4JwU{--shiki-default:#85E89D}html pre.shiki code .sU2Wk, html code.shiki .sU2Wk{--shiki-default:#9ECBFF}html pre.shiki code .sDLfK, html code.shiki .sDLfK{--shiki-default:#79B8FF}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html pre.shiki code .svObZ, html code.shiki .svObZ{--shiki-default:#B392F0}html pre.shiki code .sAwPA, html code.shiki .sAwPA{--shiki-default:#6A737D}",{"title":235,"searchDepth":236,"depth":236,"links":2967},[2968,2969,2970,2971,2972,2973,2974],{"id":646,"depth":236,"text":647},{"id":1040,"depth":236,"text":1041},{"id":1149,"depth":236,"text":1150},{"id":1243,"depth":236,"text":1244},{"id":1470,"depth":236,"text":1471},{"id":2122,"depth":236,"text":2123},{"id":2957,"depth":236,"text":2958},"2025-09-04T00:00:00.000Z","Let's write some playbooks",{},"/practical-ansible",{"title":618,"description":2976},"17.practical-ansible",[2982,2983],"devops","linux","Ap2CgTQz98FDaWGgtHFCPX4NbRF5m0KI9ML6Tyb8bCw",{"id":2986,"title":2987,"body":2988,"date":3551,"description":3552,"draft":246,"extension":247,"image":248,"meta":3553,"navigation":251,"path":3554,"seo":3555,"stem":3556,"tags":3557,"__hash__":3559},"content_en/16.ansible.md","Ansible",{"type":8,"value":2989,"toc":3545},[2990,2994,2997,3000,3007,3010,3013,3017,3020,3023,3111,3114,3123,3127,3130,3132,3326,3346,3351,3354,3399,3405,3450,3471,3480,3484,3487,3507,3514,3533,3539,3542],[2991,2992,2987],"h1",{"id":2993},"ansible",[11,2995,2996],{},"I decided to take a look at some common and most popular devops tools out there to see what kind of issue do they solve (besides Docker, because i'm currently familiar with that).",[11,2998,2999],{},"After some research, i found that Ansible is a pretty good starting point in this journey.",[11,3001,3002,3003,3006],{},"Ansible is an open-source automation engine used for IT tasks such as configuration management, application deployment. It simplifies infrastructure management by allowing admins to describe their desired state and execute them on one or multiple machines. This concept is actually called ",[21,3004,3005],{},"infrastructure as code",". The idea is, besides your actual software that you want to deploy, you should also write your desired infrastructure state as a code. So it can automatically and (quite) easily created again from ground up. In general, when you are taking some kind of devops responsibility, you basically try to automate every process like this as you can.",[11,3008,3009],{},"Ansible is actually fairly easy to work with. I found it pretty intuitive and easy to pick up and use.",[11,3011,3012],{},"First let's see what are some essential concepts we need to know in order to use Ansible:",[35,3014,3016],{"id":3015},"inventory","Inventory",[11,3018,3019],{},"An Ansible inventory is a collection of managed hosts that Ansible targets for automation and configuration management tasks. It defines the \"who\" of your automation. Listing the servers, network devices, or other systems that Ansible will interact with are defined here.",[11,3021,3022],{},"Example:",[652,3024,3028],{"className":3025,"code":3026,"language":3027,"meta":235,"style":235},"language-js shiki shiki-themes github-dark","[homelab]\n10.0.0.30 ansible_port=2222\n10.0.0.31 ansible_port=2222\n10.0.0.32 ansible_port=2222\n\n[cloud]\n188.65.100.54 ansible_port=22\n\n\n\n\n","js",[43,3029,3030,3035,3055,3070,3085,3089,3094],{"__ignoreMap":235},[660,3031,3032],{"class":662,"line":663},[660,3033,3034],{"class":666},"[homelab]\n",[660,3036,3037,3040,3042,3045,3048,3052],{"class":662,"line":236},[660,3038,3039],{"class":698},"10.0",[660,3041,285],{"class":666},[660,3043,3044],{"class":698},"0.30",[660,3046,3047],{"class":666}," ansible_port",[660,3049,3051],{"class":3050},"snl16","=",[660,3053,3054],{"class":698},"2222\n",[660,3056,3057,3059,3061,3064,3066,3068],{"class":662,"line":241},[660,3058,3039],{"class":698},[660,3060,285],{"class":666},[660,3062,3063],{"class":698},"0.31",[660,3065,3047],{"class":666},[660,3067,3051],{"class":3050},[660,3069,3054],{"class":698},[660,3071,3072,3074,3076,3079,3081,3083],{"class":662,"line":702},[660,3073,3039],{"class":698},[660,3075,285],{"class":666},[660,3077,3078],{"class":698},"0.32",[660,3080,3047],{"class":666},[660,3082,3051],{"class":3050},[660,3084,3054],{"class":698},[660,3086,3087],{"class":662,"line":712},[660,3088,778],{"emptyLinePlaceholder":251},[660,3090,3091],{"class":662,"line":723},[660,3092,3093],{"class":666},"[cloud]\n",[660,3095,3096,3099,3101,3104,3106,3108],{"class":662,"line":732},[660,3097,3098],{"class":698},"188.65",[660,3100,285],{"class":666},[660,3102,3103],{"class":698},"100.54",[660,3105,3047],{"class":666},[660,3107,3051],{"class":3050},[660,3109,3110],{"class":698},"22\n",[11,3112,3113],{},"Here i define remote machines that i want to use as a target of my ansible tasks. As you can see, we can separate them by grouping. We can these aliases later.",[11,3115,3116,3117,3119,3120,3122],{},"Also i define the ",[43,3118,2916],{}," variable for them. ",[43,3121,2916],{}," is actually a special variable that ansible uses by default for initiating the ssh connection to remote.",[35,3124,3126],{"id":3125},"playbook","Playbook",[11,3128,3129],{},"A playbook is a collection of tasks that you use to confugure remote servers. And it's utilizes YAML file format for defining a playbook logic.",[11,3131,3022],{},[652,3133,3135],{"className":654,"code":3134,"language":656,"meta":235,"style":235},"---\n- name: Intro to Ansible Playbooks\n  hosts: homelab # here you can specify remote machines by their alias, or pointing to all of them using \"all\" keyword\n  become: yes\n  become_method: sudo\n  remote_user: ubuntu\n  tasks:\n    - name: Copy file hosts with permissions\n      ansible.builtin.copy:\n        src: ./hosts\n        dest: /tmp/hosts_backup\n        mode: '0644'\n\n    - name: Add the user 'bob'\n      ansible.builtin.user:\n        name: bob\n\n    - name: Upgrade all apt packages\n      apt:\n        force_apt_get: yes\n        upgrade: dist\n        become: yes\n",[43,3136,3137,3141,3152,3163,3171,3181,3190,3196,3207,3214,3224,3234,3244,3248,3259,3266,3276,3280,3291,3298,3307,3317],{"__ignoreMap":235},[660,3138,3139],{"class":662,"line":663},[660,3140,1066],{"class":1065},[660,3142,3143,3145,3147,3149],{"class":662,"line":236},[660,3144,667],{"class":666},[660,3146,671],{"class":670},[660,3148,674],{"class":666},[660,3150,3151],{"class":677},"Intro to Ansible Playbooks\n",[660,3153,3154,3156,3158,3160],{"class":662,"line":241},[660,3155,683],{"class":670},[660,3157,674],{"class":666},[660,3159,2161],{"class":677},[660,3161,3162],{"class":2232}," # here you can specify remote machines by their alias, or pointing to all of them using \"all\" keyword\n",[660,3164,3165,3167,3169],{"class":662,"line":702},[660,3166,693],{"class":670},[660,3168,674],{"class":666},[660,3170,1548],{"class":698},[660,3172,3173,3176,3178],{"class":662,"line":712},[660,3174,3175],{"class":670},"  become_method",[660,3177,674],{"class":666},[660,3179,3180],{"class":677},"sudo\n",[660,3182,3183,3185,3187],{"class":662,"line":723},[660,3184,715],{"class":670},[660,3186,674],{"class":666},[660,3188,3189],{"class":677},"ubuntu\n",[660,3191,3192,3194],{"class":662,"line":732},[660,3193,726],{"class":670},[660,3195,729],{"class":666},[660,3197,3198,3200,3202,3204],{"class":662,"line":745},[660,3199,1009],{"class":666},[660,3201,671],{"class":670},[660,3203,674],{"class":666},[660,3205,3206],{"class":677},"Copy file hosts with permissions\n",[660,3208,3209,3212],{"class":662,"line":753},[660,3210,3211],{"class":670},"      ansible.builtin.copy",[660,3213,729],{"class":666},[660,3215,3216,3219,3221],{"class":662,"line":764},[660,3217,3218],{"class":670},"        src",[660,3220,674],{"class":666},[660,3222,3223],{"class":677},"./hosts\n",[660,3225,3226,3229,3231],{"class":662,"line":775},[660,3227,3228],{"class":670},"        dest",[660,3230,674],{"class":666},[660,3232,3233],{"class":677},"/tmp/hosts_backup\n",[660,3235,3236,3239,3241],{"class":662,"line":781},[660,3237,3238],{"class":670},"        mode",[660,3240,674],{"class":666},[660,3242,3243],{"class":677},"'0644'\n",[660,3245,3246],{"class":662,"line":793},[660,3247,778],{"emptyLinePlaceholder":251},[660,3249,3250,3252,3254,3256],{"class":662,"line":801},[660,3251,1009],{"class":666},[660,3253,671],{"class":670},[660,3255,674],{"class":666},[660,3257,3258],{"class":677},"Add the user 'bob'\n",[660,3260,3261,3264],{"class":662,"line":812},[660,3262,3263],{"class":670},"      ansible.builtin.user",[660,3265,729],{"class":666},[660,3267,3268,3271,3273],{"class":662,"line":823},[660,3269,3270],{"class":670},"        name",[660,3272,674],{"class":666},[660,3274,3275],{"class":677},"bob\n",[660,3277,3278],{"class":662,"line":828},[660,3279,778],{"emptyLinePlaceholder":251},[660,3281,3282,3284,3286,3288],{"class":662,"line":840},[660,3283,1009],{"class":666},[660,3285,671],{"class":670},[660,3287,674],{"class":666},[660,3289,3290],{"class":677},"Upgrade all apt packages\n",[660,3292,3293,3296],{"class":662,"line":847},[660,3294,3295],{"class":670},"      apt",[660,3297,729],{"class":666},[660,3299,3300,3303,3305],{"class":662,"line":857},[660,3301,3302],{"class":670},"        force_apt_get",[660,3304,674],{"class":666},[660,3306,1548],{"class":698},[660,3308,3309,3312,3314],{"class":662,"line":866},[660,3310,3311],{"class":670},"        upgrade",[660,3313,674],{"class":666},[660,3315,3316],{"class":677},"dist\n",[660,3318,3319,3322,3324],{"class":662,"line":871},[660,3320,3321],{"class":670},"        become",[660,3323,674],{"class":666},[660,3325,1548],{"class":698},[11,3327,3328,3329,3331,3332,3335,3336,1251,3339,1251,3342,3345],{},"We can break up the playbook into different sections. Let's start with the header. In the header you set things like the ",[43,3330,671],{}," of the playbook, the ",[43,3333,3334],{},"hosts"," to specify targets, the ",[43,3337,3338],{},"remote_user",[43,3340,3341],{},"become",[43,3343,3344],{},"become_method"," for configuring the privilege escelation method.",[395,3347,3348],{},[11,3349,3350],{},"Visit the Ansible documentation. because explaining all of the options here is pointless.",[11,3352,3353],{},"These header fields are mostly boilerplate so let's get familiar with them really fast:",[15,3355,3356,3361,3371,3377,3394],{},[18,3357,3358,3360],{},[21,3359,671],{},": Simply, the intent of the playbook! write something meaningful here so debugging it can be easier later.",[18,3362,3363,3366,3367,3370],{},[21,3364,3365],{},"hosts:"," You will select target hosts from inventory here. It is also possible to use ",[43,3368,3369],{},"all"," as a hosts for applying to all of them.",[18,3372,3373,3376],{},[21,3374,3375],{},"become:"," some operations on the host require special privileges, so ansible allows you to become to another user with privileges.",[18,3378,3379,3382,3383,3385,3386,3389,3390,3393],{},[21,3380,3381],{},"become_method:"," Which privilege escalation method should be used. It works in conjunction with ",[43,3384,3341],{},". Essentially, it determines how you become another user with elevated privileges, such as ",[43,3387,3388],{},"sudo",", ",[43,3391,3392],{},"su",", or others.",[18,3395,3396,3398],{},[21,3397,3338],{},": specifies the username that Ansible uses to connect to the remote target machines via SSH. This is the user account under which Ansible will log in and execute commands on the remote system.",[11,3400,3401,3402,3404],{},"The next section ",[43,3403,1026],{}," is where you list and define all of your tasks that you want to be performed. think of it as an instruction manual that is exectued one by one.",[652,3406,3408],{"className":654,"code":3407,"language":656,"meta":235,"style":235},"- name: Copy file hosts with permissions\n      ansible.builtin.copy:\n        src: ./hosts\n        dest: /tmp/hosts_backup\n        mode: '0644'\n",[43,3409,3410,3420,3426,3434,3442],{"__ignoreMap":235},[660,3411,3412,3414,3416,3418],{"class":662,"line":663},[660,3413,667],{"class":666},[660,3415,671],{"class":670},[660,3417,674],{"class":666},[660,3419,3206],{"class":677},[660,3421,3422,3424],{"class":662,"line":236},[660,3423,3211],{"class":670},[660,3425,729],{"class":666},[660,3427,3428,3430,3432],{"class":662,"line":241},[660,3429,3218],{"class":670},[660,3431,674],{"class":666},[660,3433,3223],{"class":677},[660,3435,3436,3438,3440],{"class":662,"line":702},[660,3437,3228],{"class":670},[660,3439,674],{"class":666},[660,3441,3233],{"class":677},[660,3443,3444,3446,3448],{"class":662,"line":712},[660,3445,3238],{"class":670},[660,3447,674],{"class":666},[660,3449,3243],{"class":677},[15,3451,3452,3455,3468],{},[18,3453,3454],{},"name: The intent of the tasks. useful for debugging and readability in general.",[18,3456,3457,3458,3461,3462,3467],{},"module: Ansible tasks are usually performed by leveraging ansible modules. For most of the tasks that you want to perform, there is exist a module for that; whether a built in module or community module. here we want to copy a file from our local machine to remote machine. And there is a built in module exist for this usecase named ",[43,3459,3460],{},"copy"," (",[408,3463,3466],{"href":3464,"rel":3465},"https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html",[412],"docs",").",[18,3469,3470],{},"parameters: you provide the params and the module simply does its job. I think the example above is pretty much self explanatory. reading the documentation would be helpful to see which parameter are required and which are optional.",[395,3472,3473],{},[11,3474,3475,3476,3479],{},"You should try to create tasks to be as idempotent as possible. Ansible modules are also designed with this principle in mind. Idempotent means You can run the same task multiple times, and the result will always be the same — ",[21,3477,3478],{},"without causing unintended side effects",". And actually this may be tricky for tasks like \"changing the default ssh listening port\" and etc.",[35,3481,3483],{"id":3482},"execute","Execute",[11,3485,3486],{},"After installing ansible, run the playbook by using the command below :",[652,3488,3492],{"className":3489,"code":3490,"language":3491,"meta":235,"style":235},"language-bash shiki shiki-themes github-dark","ansible-playbook -i inventory.ini my-playbook.yaml \n","bash",[43,3493,3494],{"__ignoreMap":235},[660,3495,3496,3498,3501,3504],{"class":662,"line":663},[660,3497,1145],{"class":1065},[660,3499,3500],{"class":698}," -i",[660,3502,3503],{"class":677}," inventory.ini",[660,3505,3506],{"class":677}," my-playbook.yaml\n",[11,3508,3509,3510,3513],{},"Here, ",[43,3511,3512],{},"-i"," stands for inventory. And as a first parameter, you simply pass the playbook that you wrote.",[11,3515,3516,3517,3389,3520,3389,3523,3389,3526,3529,3530,3532],{},"By default, Ansible prints a human-readable summary of play and task execution, including task names, host names, and status indicators (e.g., ",[43,3518,3519],{},"changed",[43,3521,3522],{},"ok",[43,3524,3525],{},"failed",[43,3527,3528],{},"skipped","). For example the status ",[43,3531,3522],{}," means there is nothing to do usually because the desired state is currently exists! (Idempotence)",[35,3534,3536],{"id":3535},"to-be-continued",[21,3537,3538],{},"To be continued...",[11,3540,3541],{},"In the next post, we will write some powerful and useful playbooks aimed at hardening our hosts.",[2963,3543,3544],{},"html pre.shiki code .s95oV, html code.shiki .s95oV{--shiki-default:#E1E4E8}html pre.shiki code .sDLfK, html code.shiki .sDLfK{--shiki-default:#79B8FF}html pre.shiki code .snl16, html code.shiki .snl16{--shiki-default:#F97583}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html pre.shiki code .svObZ, html code.shiki .svObZ{--shiki-default:#B392F0}html pre.shiki code .sU2Wk, html code.shiki .sU2Wk{--shiki-default:#9ECBFF}html pre.shiki code .s4JwU, html code.shiki .s4JwU{--shiki-default:#85E89D}html pre.shiki code .sAwPA, html code.shiki .sAwPA{--shiki-default:#6A737D}",{"title":235,"searchDepth":236,"depth":236,"links":3546},[3547,3548,3549,3550],{"id":3015,"depth":236,"text":3016},{"id":3125,"depth":236,"text":3126},{"id":3482,"depth":236,"text":3483},{"id":3535,"depth":236,"text":3538},"2025-07-25T00:00:00.000Z","Infrastructure as a code? What?",{},"/ansible",{"title":2987,"description":3552},"16.ansible",[2983,3558],"Devops","hAeqz89Vd4D52UKnmAZqphhvwWFigwVZ2cnu8Pw8uOw",{"id":3561,"title":3562,"body":3563,"date":3742,"description":3743,"draft":246,"extension":247,"image":302,"meta":3744,"navigation":251,"path":3745,"seo":3746,"stem":3747,"tags":3748,"__hash__":3749},"content_en/15.news.md","News",{"type":8,"value":3564,"toc":3735},[3565,3569,3572,3575,3589,3592,3595,3603,3606,3610,3621,3626,3629,3632,3638,3645,3648,3662,3673,3677,3687,3694,3703,3709,3713,3720,3723,3725,3732],[35,3566,3568],{"id":3567},"reading-news","Reading News",[11,3570,3571],{},"What exactly is the news? this is the most basic definition:",[11,3573,3574],{},"Information on the events around the world.",[121,3576,3577,3580,3583,3586],{},[18,3578,3579],{},"A missle launched from iran",[18,3581,3582],{},"A 34 year old women stab her own mother",[18,3584,3585],{},"there are thousand people in sudan dying because of hunger",[18,3587,3588],{},"Trump says he has 'a group of very wealthy people' to buy TikTok",[11,3590,3591],{},"Sometimes the media mark some of these as \"breaking news\". that said, they mostly irrelevant to your personal world.",[11,3593,3594],{},"Here, i dont wanna write much about the benefits of the news. I think people mostly agree on these two things about its benifits:",[15,3596,3597,3600],{},[18,3598,3599],{},"it helps me stay informed! it gives me better context about the world, and because of that i can make better decision in my life.",[18,3601,3602],{},"It expands my knowledge in general. i hear and watch about many topics everyday. fast and easy.",[11,3604,3605],{},"Now let's think about its possible drawbacks:",[35,3607,3609],{"id":3608},"false-sense-of-empathy","false sense of empathy",[11,3611,3612,3613,3617,3618,285],{},"I’ve always felt a kind of social responsibility to stay informed about the news. Every second you’re reading this blog post, there’s some kind of atrocity or tragic event happening somewhere in the world. And even if I can’t do anything to stop it, I feel like I ",[3614,3615,3616],"em",{},"should"," at least acknowledge it — as if simply being aware is a ",[21,3619,3620],{},"moral obligation",[11,3622,3623],{},[21,3624,3625],{},"I feel empathy by that.",[11,3627,3628],{},"The problem is quite obvious: taking an interest by simply consuming news doesn't solve anything. Genuine concern requires action.",[11,3630,3631],{},"If you truly care about the fate of victims of some bizarre event, donate your money to those who know where and how to provide practical help.",[11,3633,3634,3635],{},"Now, you might say: ",[3614,3636,3637],{},"\"So just take action! Why are you pointing fingers at the news?\"",[11,3639,3640,3641,3644],{},"The answer is this: when we tune into the news, we're constantly confronted with unresolved problems that we personally cannot solve. This can be overwhelming. I don’t claim this as an absolute truth, but personally, when I consistently follow the news, I find myself too drained to focus my energy on things I ",[3614,3642,3643],{},"can"," actually influence.",[11,3646,3647],{},"There are two main ways you can genuinely help:",[15,3649,3650,3656],{},[18,3651,3652,3655],{},[21,3653,3654],{},"Practical Work"," – Crafting or contributing to a solution.",[18,3657,3658,3661],{},[21,3659,3660],{},"Donating"," – Supporting organizations that are equipped to act effectively.",[11,3663,3664,3665,3668,3669,3672],{},"So yeah, ironically, I believe it’s often better to be ",[3614,3666,3667],{},"less informed"," about global events if it allows you to ",[3614,3670,3671],{},"do more"," and be truly helpful where you can.",[35,3674,3676],{"id":3675},"news-and-its-effect-on-human-cognition","News and Its effect on human cognition",[11,3678,3679,3680,3683,3684,285],{},"I've always been fascinated by how we think — ",[3614,3681,3682],{},"thinking about thinking"," — a.k.a. metacognition. This curiosity often leads me to explore topics like critical thinking, logical fallacies, and how pseudo-science spreads. One area I’ve been particularly interested in lately is the cognitive effect of ",[3614,3685,3686],{},"news consumption",[11,3688,3689,3690,3693],{},"At first glance, staying informed seems like a responsible and necessary habit. But I’ve come to believe that the very ",[3614,3691,3692],{},"format"," of most modern news actively inhibits deep thinking.",[11,3695,3696,3697,3702],{},"News today is delivered in short headlines, quick summaries, and endless scrolls. Instead of helping us understand the world, it often floods us with ",[3614,3698,3699],{},[21,3700,3701],{},"not well connected"," facts. We’re presented with alarming updates, incomplete narratives, and constantly shifting attention, leaving little room for reflection understanding.",[11,3704,3705,3706],{},"This is not just an issue of journalism, but also of ",[3614,3707,3708],{},"cognitive design of the news.",[35,3710,3712],{"id":3711},"news-is-irrelevent","News is irrelevent",[11,3714,3715,3716,3719],{},"Is this even need an explanation? chances are you can not remember last time made a big decision in your life based of some news that you have read. And if it ",[3614,3717,3718],{},"has"," ever happened, it was probably rare.",[11,3721,3722],{},"Most news stories have zero practical impact on our personal lives.",[35,3724,2958],{"id":2957},[11,3726,3727,3728,3731],{},"After reading the book ",[3614,3729,3730],{},"Stop Reading the News",", I'm quite convinced that I no longer want to actively follow the news. By \"following the news,\" I mean deliberately consuming daily feeds — whether through television, Telegram channels, or other constant streams of updates.",[11,3733,3734],{},"Overall, i think if you need to know how the world works - or what actually happend around the world - there are often better options than main-stream media. Better forms of information. it can be Academic websites, Global gatherings and Books of course.",{"title":235,"searchDepth":236,"depth":236,"links":3736},[3737,3738,3739,3740,3741],{"id":3567,"depth":236,"text":3568},{"id":3608,"depth":236,"text":3609},{"id":3675,"depth":236,"text":3676},{"id":3711,"depth":236,"text":3712},{"id":2957,"depth":236,"text":2958},"2025-06-30T00:00:00.000Z","Some Insights from the book \"Stop Reading the News\"",{"alt":235},"/news",{"title":3562,"description":3743},"15.news",[614],"bSsSqlVAVP7e5FbFVV87rFKmrrN4TGFphJV6iq4ES8w",{"id":3751,"title":3752,"body":3753,"date":3819,"description":3781,"draft":246,"extension":247,"image":248,"meta":3820,"navigation":251,"path":3821,"seo":3822,"stem":3823,"tags":3824,"__hash__":3827},"content_en/14.coding-in-the-age-of-ai.md","Preserving and developing your programming skills in the age of AI",{"type":8,"value":3754,"toc":3817},[3755,3764,3767,3770,3773,3776,3788,3791,3796,3799,3801,3807,3812,3814],[11,3756,3757,3758,3763],{},"These days, instead of struggling and problem-solving, i seen myself going through ",[408,3759,3762],{"href":3760,"rel":3761},"https://en.wikipedia.org/wiki/Vibe_coding",[412],"vibe-coding"," a lot. For example, when I encounter a bug, I often just pick up my shovel and copy the entire buffer to present it to language models like GPT-4. Worse than that, it seems I can never really sit down and write the code on my own. In general, my work heavily depends on external sources, whether it's chatbots, YouTube tutorials, or Stack Overflow.",[11,3765,3766],{},"I think this situation is quite common for a lot of people now days. Regarding this subject, I've also explored some communities of programmers in iran mostly on Telegram groups. i have seen sheer amount of people who are building resume for themselves by simply following the project based tutorials. I find this by exploring the people's portfolio. there was a good chance of finding exact same projects between all resumes. This phenomenon called \"Tutorial Hell\". It is a state of perpetual learning, often marked by the consumption of one tutorial after another without putting the knowledge into practice.",[11,3768,3769],{},"Tutorial Hell is similar to vibe-coding. In both cases, individuals may feel stuck or unable to progress because they rely heavily on external sources.",[11,3771,3772],{},"So what we can do about it to address these problems?",[11,3774,3775],{},"At the time, i find these two methods:",[11,3777,3778,3781,3782,3787],{},[21,3779,3780],{},"Do the same thing in multiple attmepts:"," ",[408,3783,3786],{"href":3784,"rel":3785},"https://www.youtube.com/watch?v=kUY4Z7YLTMU",[412],"One simple method"," that worked well for me is doing the same coding problem/project in multiple attempts. What do i mean by this? Well, Copy & pasting is not inherently bad. It's only harmful when you don't really undrestand how it is working. But your mind is deceptive. You may think you really understand the syntax and the algorithm by reading it, but you are not. What you can do is, Delete all the lines and start to re-implement that. (Weather it is a project like the instagram clone, or a npm module. it is not different). And in every attempt, try to make sure that the source of knowledge is yourself. In this process you may even come up with some better solution. you start to questioning \"why it should be implemented like this? can i do that in this way? or...\"",[11,3789,3790],{},"You may argue:",[55,3792,3793],{},[11,3794,3795],{},"So you tell me to create my instagram clone project again? it was took me a month or two for me to built it.",[11,3797,3798],{},"Answer is: Yes, you should build it again. It may sound silly and cumbersome, but with each attempt, you will do it faster.",[324,3800],{},[11,3802,3803,3806],{},[21,3804,3805],{},"Leetcode",": Leetcode has a vast collection of coding problems and challenges designed to help individuals improve their programming skills. it can be a great resource for improving your coding skills and breaking out of \"Tutorial hell\" habit and built up your problem solving skills. It will be hard at first. start with the easiet one in the problems collection. if you can't solve it, no problem. open up the solutions tab and see answer. think of it. test it. and re-implement it with the method that i described above.",[395,3808,3809],{},[11,3810,3811],{},"There is some kind of controversy about the effect of leetcode on people's problem solving abilities in general. Some argue that these coding challenges are just a ticket for giant engineering companies like microsoft and apple. i don't know anything about this. But the only thing we can agree on right now is that, keeping your brain active is a good thing. Specially if it's relevant to your career.",[324,3813],{},[11,3815,3816],{},"The thought process and problem solving is the skill that you’ll always need. However, you can lose these skills if you don't use them, and AI tools can make it easier to take shortcuts around them.",{"title":235,"searchDepth":236,"depth":236,"links":3818},[],"2025-05-13T00:00:00.000Z",{},"/coding-in-the-age-of-ai",{"title":3752,"description":3781},"14.coding-in-the-age-of-ai",[3825,3826],"coding","lifestyle","gPvz0AvQ-oM-Eir8v_gJwQl7nmms581J9thxiJ9xlbM",{"id":3829,"title":3830,"body":3831,"date":3900,"description":3901,"draft":246,"extension":247,"image":3902,"meta":3903,"navigation":251,"path":3904,"seo":3905,"stem":3906,"tags":3907,"__hash__":3908},"content_en/13.i3-screenshot.md","How to take a screenshot like snapping tool in i3wm",{"type":8,"value":3832,"toc":3898},[3833,3836,3839,3845,3848,3866,3869,3888,3895],[11,3834,3835],{},"So it goes like this:",[11,3837,3838],{},"First: You should look for some screenshot tool that let you control it's behavior using command-line.",[11,3840,3841,3842,285],{},"One good solution can be ",[21,3843,3844],{},"gnome-screenshot",[11,3846,3847],{},"Chances are it has already been installed if you are using an Ubuntu-based distribution like Linux Mint. If not, you can install it:",[652,3849,3851],{"className":3489,"code":3850,"language":3491,"meta":235,"style":235},"sudo apt install gnome-screenshot\n",[43,3852,3853],{"__ignoreMap":235},[660,3854,3855,3857,3860,3863],{"class":662,"line":663},[660,3856,3388],{"class":1065},[660,3858,3859],{"class":677}," apt",[660,3861,3862],{"class":677}," install",[660,3864,3865],{"class":677}," gnome-screenshot\n",[11,3867,3868],{},"After that, simply add a keybinding to your i3 configuration with your desired options:",[652,3870,3872],{"className":3489,"code":3871,"language":3491,"meta":235,"style":235},"bindsym Print exec \"gnome-screenshot -ac\"\n",[43,3873,3874],{"__ignoreMap":235},[660,3875,3876,3879,3882,3885],{"class":662,"line":663},[660,3877,3878],{"class":1065},"bindsym",[660,3880,3881],{"class":677}," Print",[660,3883,3884],{"class":677}," exec",[660,3886,3887],{"class":677}," \"gnome-screenshot -ac\"\n",[11,3889,3890,3891,3894],{},"Take a look at ",[43,3892,3893],{},"man gnome-screeshot"," for more option.",[2963,3896,3897],{},"html pre.shiki code .svObZ, html code.shiki .svObZ{--shiki-default:#B392F0}html pre.shiki code .sU2Wk, html code.shiki .sU2Wk{--shiki-default:#9ECBFF}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}",{"title":235,"searchDepth":236,"depth":236,"links":3899},[],"2025-05-05T00:00:00.000Z","recreating a familiar environment for former windows users. ","/blog-images/i3.png",{},"/i3-screenshot",{"title":3830,"description":3901},"13.i3-screenshot",[2983],"2cilVyfUKolEq1C8pgj8FX3OqxAc-AFNwDe8Nuhj8QI",{"id":3910,"title":3911,"body":3912,"date":4061,"description":4062,"draft":246,"extension":247,"image":248,"meta":4063,"navigation":251,"path":4065,"seo":4066,"stem":4067,"tags":4068,"__hash__":4069},"content_en/12.Free-Speech.md","Free Speech",{"type":8,"value":3913,"toc":4054},[3914,3917,3920,3924,3929,3936,3941,3944,3976,3979,3990,4001,4005,4008,4011,4014,4018,4033,4037,4040,4042,4045,4048,4051],[11,3915,3916],{},"If you think the concept of free speech is often misunderstood, you are absolutely right.",[11,3918,3919],{},"The concept of free speech interpreted differently based on religious, political system and cultural contexts.",[35,3921,3923],{"id":3922},"free-speech-in-the-usa-context","Free-Speech in the USA context",[395,3925,3926],{},[11,3927,3928],{},"free speech as a legal right is not originally American, but the strongest and clearest modern form of it did come from the U.S. Constitution.",[11,3930,3931,3932,3935],{},"The primary legal source for Free-Speech in the United States is the ",[21,3933,3934],{},"First Amendment"," in American constitution:",[55,3937,3938],{},[11,3939,3940],{},"Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.",[11,3942,3943],{},"Let's break it down:",[121,3945,3946,3952,3958,3964,3970],{},[18,3947,3948,3951],{},[21,3949,3950],{},"Freedom of Religion:"," The government can't favor one religion over another and things like this.",[18,3953,3954,3957],{},[21,3955,3956],{},"Freedom of Speech:"," You can express your thoughts, even if they're unpopular.",[18,3959,3960,3963],{},[21,3961,3962],{},"Freedom of Press:"," The media can report news without government control or censorship.",[18,3965,3966,3969],{},[21,3967,3968],{},"Right to Assemble:"," People can gather for protests, rallies, or public meetings.",[18,3971,3972,3975],{},[21,3973,3974],{},"Right to Petition the Government:"," You can ask for changes from the government without fear of punishment.",[11,3977,3978],{},"In other words, the idea of free speech is that, they are designed to make it difficult for governments to interfere with speech. it is harder for governments to restrict certain forms of communication than it is for the government to restrict other forms of physical actions.",[11,3980,3981,3982,3985,3986,3989],{},"in other words, It means ",[21,3983,3984],{},"Communication"," (like speaking, writing, protesting peacefully) is ",[21,3987,3988],{},"more protected"," than other kinds of behavior (like stealing, vandalizing, or physical violence).",[11,3991,3992,3993,3996,3997,4000],{},"Governments have ",[21,3994,3995],{},"less power"," to punish or control speech ",[21,3998,3999],{},"than they do"," to punish regular actions or conduct.",[35,4002,4004],{"id":4003},"how-is-free-speech-enforced","How is free speech enforced?",[11,4006,4007],{},"The enforcement of Free-speech is not largely by the government, It is enforcement by the people culture in their everyday lives and how they react to speech that doesn't really aligned with their desires.",[11,4009,4010],{},"so the enforcement of these type of legal norms are depends to a very significant amount of public acceptance. If we want to avoid actions that violate the law in any aspects including violating the Free-Speech then we need a fair amount of education about these subjects.",[11,4012,4013],{},"In other words, relying solely on the formal mechanism of legal systems means we are acting too late.",[35,4015,4017],{"id":4016},"exceptions-to-first-amendment","Exceptions to First Amendment.",[121,4019,4020,4023,4026],{},[18,4021,4022],{},"incitement. Saying \"Let’s burn down that building right now!\" Isn't protected by free-speech. because it could incite imminent lawless action.",[18,4024,4025],{},"defamation. But it has to be accusation of fact. Saying \"This Person is a pedophile. i know for the fact they are.\" is could be defamation. Remember it has to be accusation of the fact. it can't just be \"I think this person is a jerk\". that's an opinion.",[18,4027,4028,4029,4032],{},"Some forms of discriminatory that are severe and persistent pattern of behavior that is directed towards an individual or group are banned in ",[21,4030,4031],{},"jobs environment or schools."," it's not the general exception of freedom of speech.",[35,4034,4036],{"id":4035},"is-free-speech-only-defined-in-the-usa","Is Free Speech Only Defined in the USA?",[11,4038,4039],{},"No. Free speech is not only defined in the United States. but the way it’s understood, protected, and limited can vary a LOT from country to country. But the least limitations on free speech exist in the USA.",[35,4041,2958],{"id":2957},[11,4043,4044],{},"Free-Speech is not a simple concept that can be easily explained. it requires careful consideration and willingness to engage with diverse prospective.",[11,4046,4047],{},"There is so much more to think and talk about.",[11,4049,4050],{},"Things like: \"What if censorship is necessary in certain cases? does violating Free-speech always lead to negative consequences?\"",[11,4052,4053],{},"But I think it's enough for this blog post. i would like to write about this phenomenon in the future. The only thing we can agree on right now is that, the ability to disconfirm ideas as a result of free speech is one of the greatest tools in the pursuit of truth.",{"title":235,"searchDepth":236,"depth":236,"links":4055},[4056,4057,4058,4059,4060],{"id":3922,"depth":236,"text":3923},{"id":4003,"depth":236,"text":4004},{"id":4016,"depth":236,"text":4017},{"id":4035,"depth":236,"text":4036},{"id":2957,"depth":236,"text":2958},"2025-04-24T00:00:00.000Z","Defining it and why It is seems a Counter-Intuitive Idea.",{"alt":4064},"this is alt","/free-speech",{"title":3911,"description":4062},"12.Free-Speech",[353],"eHxG2x9lkD4LLOhIINSYrmMveWgJDaM86tjmR6a1inQ",{"id":4071,"title":4072,"body":4073,"date":4420,"description":4421,"draft":246,"extension":247,"image":248,"meta":4422,"navigation":251,"path":4423,"seo":4424,"stem":4425,"tags":4426,"__hash__":4427},"content_en/10.Why-we-love-dogs.md","Why We Love Dogs, Eat Pigs, and Wear Cows",{"type":8,"value":4074,"toc":4413},[4075,4079,4085,4094,4097,4100,4103,4106,4109,4114,4117,4122,4128,4131,4134,4140,4144,4147,4150,4153,4173,4180,4189,4192,4196,4199,4201,4204,4207,4210,4213,4216,4218,4221,4224,4227,4230,4233,4236,4239,4242,4245,4248,4251,4254,4257,4260,4262,4265,4268,4271,4274,4277,4280,4283,4286,4289,4292,4295,4298,4301,4306,4308,4314,4321,4325,4328,4331,4334,4337,4340,4345,4348,4351,4357,4360,4363,4366,4377,4380,4382,4385,4388,4391,4396,4399,4402,4407,4410],[35,4076,4078],{"id":4077},"to-love-or-to-eat","To Love or to eat?",[11,4080,4081,4082,285],{},"We don't see things as they are. ",[3614,4083,4084],{},"we see them as we are",[11,4086,4087,4088,4093],{},"Joy starts her ",[408,4089,4092],{"href":4090,"rel":4091},"https://www.amazon.com/Love-Dogs-Pigs-Wear-Cows/dp/1573245054",[412],"book"," off with a scenario to explain how we don’t have quite a good answer to that question.",[11,4095,4096],{},"the author in this book, somewhat suggests that our personal experiences, biases, and emotions shape how we perceive and interpret the world, rather than a purely objective reality. The name of the book also refers to this idea. This is really a thoughtful question:",[11,4098,4099],{},"Why we love certain type of animals like pandas,dogs,monkeys , eat pigs and sheep and wear sheep.",[11,4101,4102],{},"Imagine, for a moment, the following scenario: You are a guest at an elegant dinner party. You're seated with the other guests at an ornately set table. there is a strong smells of rich foods emanate from the kitchen. You haven't eaten all day, and your stomach is growling.",[11,4104,4105],{},"After an hour, your friend who is hosting the party emerges from the kitchen with a pot of savory stew and seasonings.",[11,4107,4108],{},"You serve yourself a generous portion, and after eating several mouthfuls of tender meat, you ask your friend for the recipe...",[55,4110,4111],{},[11,4112,4113],{},"yeah i would be happy to tell you 🤗",[11,4115,4116],{},"he replies.",[55,4118,4119],{},[11,4120,4121],{},"First, you’ll need five pounds of golden retriever meat, well marinated, and then...",[11,4123,4124,4125,285],{},"You probably freeze midbite as you consider his words: the meat in your mouth is from a ",[3614,4126,4127],{},"dog",[11,4129,4130],{},"What now? Do you continue eating? or you disgusted by the feeling of this fact? But let's suppose that your friend laughs and says she was playing a practical joke. it was beef.",[11,4132,4133],{},"How do you feel about your food now? Is your appetite fully restored? Do you resume eating with the same enthusiasm you had when you first began your meal? Chances are you're feeling emotional discomfort. discomfort that might continue to effect your next meal...",[11,4135,4136,4137],{},"So what is going on here? why there is so radically different reactions towards dogs and cows meat? ",[21,4138,4139],{},"Answer can be summed up by a single word: perception.",[35,4141,4143],{"id":4142},"the-problem-with-eating-dogs","The Problem with eating dogs",[11,4145,4146],{},"Our perceptions determine, in large part, our reality.",[11,4148,4149],{},"Most people perceive dog meat very differently than they do beef; therefore, dog meat evokes very different mental, emotional, and behavioral responses.",[11,4151,4152],{},"One reason we have such different perceptions of beef and dog meat is because we view cows and dogs very differently. The most frequent ( and often the only ) contact we have with cows is when we eat them. But in the contrary, for a large number of people, our relationship with dogs is, in many ways, not terribly different from our relationship with other humans:",[121,4154,4155,4158,4161,4164,4167,4170],{},[18,4156,4157],{},"We call them by their name. You probably heard some dog being called \"Hey Jessie!\"",[18,4159,4160],{},"We say goodbye when we leave and greet when we return.",[18,4162,4163],{},"We play with them.",[18,4165,4166],{},"We take them to the doctor.",[18,4168,4169],{},"We bury them",[18,4171,4172],{},"They make us laugh",[11,4174,4175,4176,4179],{},"We love dogs and eat cows not because dogs and cows are fundamentally different—cows, like dogs, have feelings, preferences, and consciousness—but because our ",[3614,4177,4178],{},"perception"," of them is different. And, consequently, our perception of their meat is different as well.",[11,4181,4182,4183,4188],{},"Not only do our perceptions of meat vary based on the species of animal it came from, but different humans may also perceive the same meat differently. Consider ",[408,4184,4187],{"href":4185,"rel":4186},"https://en.wikipedia.org/wiki/Halal",[412],"Halal meat ","for example. Halal meat must come from a supplier that uses halal practices. If it does not, it would considered haram for Muslims.",[11,4190,4191],{},"How we feel about an animal and how we treat them, it turns out, has much less to do with what kind of animal they are than about what our perception of them is. We believe it's appropriate to eat cows but not dogs, so we perceive cows as edible and dogs as inedible and act accordingly. And this process is cyclical; not only do our beliefs ultimately lead to our actions, but our actions also reinforce our beliefs. The more we don't eat dogs and do eat cows, the more we reinforce the belief that dogs are inedible and cows are edible.",[35,4193,4195],{"id":4194},"it-is-the-way-things-are","It is the way things are",[11,4197,4198],{},"Take a moment to think, without self-censoring, of all the words that come to mind when you envision a dog. Next, do the same thing, but this time picture a pig. Now pause and compare your descriptions of these animals. What do you notice? When you thought of a dog, did you think “cute”? “Loyal”? And when you imagined a pig, did you think of “mud” or “sweat”? Did you think “dirty”? \"stupid\"? \"Lazy\"? If your responses were similar to the ones here, you are in the majority.",[324,4200],{},[11,4202,4203],{},"“Why do you say pigs are lazy?” asked Sarah.",[11,4205,4206],{},"“Because they just lie around all day,” replied Tom.",[11,4208,4209],{},"“Do pigs in the wild do this, or only pigs raised for their meat?” she wondered.",[11,4211,4212],{},"“I don't know. Maybe when they're on a farm,” he said.",[11,4214,4215],{},"“Why do you think pigs on a farm—or in a factory farm, to be more accurate—lie around?” she asked.",[324,4217],{},[11,4219,4220],{},"“Are dogs dirty?”",[11,4222,4223],{},"“Yeah, sometimes. Dogs can do really disgusting things.”",[11,4225,4226],{},"“Why didn't you include ‘dirty’ in your list for dogs?”",[11,4228,4229],{},"“Because they're not always dirty. Only sometimes.”",[11,4231,4232],{},"“Are pigs always dirty?”",[11,4234,4235],{},"“Yeah, they are.”",[11,4237,4238],{},"“How do you know this?”",[11,4240,4241],{},"“Because they always look dirty.”",[11,4243,4244],{},"“When do you see them?”",[11,4246,4247],{},"“I don't know. In pictures, I guess.”",[11,4249,4250],{},"“And they're always dirty in pictures?”",[11,4252,4253],{},"“No, not always. Pigs aren't always dirty.”",[11,4255,4256],{},"“You said dogs are loyal, intelligent, and cute. Why do you say this? How do you know?”",[11,4258,4259],{},"“I've seen them. I've lived with dogs. I've met lots of dogs.”",[324,4261],{},[11,4263,4264],{},"\"Has anyone here ever met a pig?\"",[11,4266,4267],{},"(Except for some exceptional men, the majority had not met a pig.)",[11,4269,4270],{},"“So where did you get your information about pigs from?”",[11,4272,4273],{},"“Books.”",[11,4275,4276],{},"“Television.”",[11,4278,4279],{},"“Ads.”",[11,4281,4282],{},"“Movies.”",[11,4284,4285],{},"“I don't know. Society, I guess.”",[11,4287,4288],{},"“How might you feel about pigs if you thought of them as intelligent, sensitive individuals who are perhaps not sweaty, lazy, and greedy? If you got to know them firsthand, like you know dogs?”",[11,4290,4291],{},"“I'd feel weird eating them. I'd probably feel kind of guilty.”",[11,4293,4294],{},"“So why do we eat pigs but not dogs?”",[11,4296,4297],{},"“Because pigs are bred to be eaten.”",[11,4299,4300],{},"“Why do we breed pigs to eat them?”",[11,4302,4303],{},[21,4304,4305],{},"“I don't know. I never thought about it. I guess, because it's just the way things are.”",[324,4307],{},[11,4309,4310,4311,285],{},"It's just the way things are. Take a moment to consider this statement. Really think about it. We send one species to the butcher and give our love and kindness to another apparently for no reason other than because ",[3614,4312,4313],{},"it's the way things are",[11,4315,4316,4317,4320],{},"What could cause an entire society of people to check their thinking caps at the door—",[3614,4318,4319],{},"and to not even realize they're doing so?"," Though this question is quite complex, the answer is quite simple: carnism.",[35,4322,4324],{"id":4323},"carnism","Carnism",[11,4326,4327],{},"We all know what a vegetarian is—a person who doesn't eat meat. And today many of us know what a vegan is—a person who eschews all animal products.",[11,4329,4330],{},"Though some people may choose to become vegan (or vegetarian—the focus of this book, though, is on veganism for reasons that will become clear) to improve their health, many vegans stop eating animals because they don't believe it's ethical to do so.",[11,4332,4333],{},"Most of us realize that veganism is often an expression of one's ethical orientation, so when we think of a vegan, we don't simply think of a person who's just like everyone else except that they don't eat animals. We think of a person who has a certain philosophical outlook.",[11,4335,4336],{},"If a vegan is someone who thinks that eating animals are unethical, then, what do we call a person who believes it's ethical to eat animals?",[11,4338,4339],{},"You got it? we don't have any ideological name for that! by ideological i mean that are ends with *.ism like Feminism or Racism.",[395,4341,4342],{},[11,4343,4344],{},"here, the author defines an ideology as: shared set of beliefs, as well as the practices that reflect these beliefs. For instance, feminism is an ideology. Feminists are people who believe that women deserve to be viewed and treated as equals to men.",[11,4346,4347],{},"So what about “everybody else”? What about the majority, the mainstream, all the “normal” people that eat animals? Where do their beliefs come from?",[11,4349,4350],{},"Currently, we use the term “meat eater” to describe anyone who is not vegan or vegetarian. But how accurate is this?",[11,4352,4353,4354],{},"I think this invisible belief system is what i call ",[21,4355,4356],{},"\"Carnism\".",[11,4358,4359],{},"****Carnism is the belief system that conditions us to eat certain animals.",[11,4361,4362],{},"We tend to view the mainstream way of life as a reflection of universal values. Yet what we consider normal is, in fact, nothing more than the beliefs and behaviors of the majority.",[11,4364,4365],{},"Before the scientific revolution, for example, mainstream European beliefs held that the sky was made up of heavenly spheres that revolved around the earth, that the earth was the exalted center of the universe. This belief was so ingrained that to proclaim otherwise, as did Copernicus, and later Galileo, was to risk death.",[11,4367,4368,3781,4371,4376],{},[21,4369,4370],{},"So what we refer to as mainstream is simply another way to describe an ideology that is so widespread—so",[3614,4372,4373],{},[21,4374,4375],{},"entrenched","**—that its assumptions and practices are seen as simply common sense.**",[11,4378,4379],{},"When an ideology is entrenched, it is essentially invisible.",[35,4381,2958],{"id":2957},[11,4383,4384],{},"This was roughly the summary of the first two chapters of the book.",[11,4386,4387],{},"The question \"Why We Love Dogs, Eat Pigs, and Wear Cows\" may seem really silly and trivial at first for majority of people. At least for most of my friends.",[11,4389,4390],{},"Some of them simply deny the whole idea of veganism, using arguments that imply, \"It's just the way things are\":",[55,4392,4393],{},[11,4394,4395],{},"CaUsE iTs A DoG DuDe!",[11,4397,4398],{},"I don't know really what to say about this. Well, yeah it's strange at first for someone who eats sheep meat in his daily basis.",[11,4400,4401],{},"Similarly, some of them also debunk veganism by saying that:",[55,4403,4404],{},[11,4405,4406],{},"It's 'woke.' You just want to be different. You think you're superior for choosing a path that isn't followed by the majority.",[11,4408,4409],{},"Again, I'm just don't understand from when we are using the term 'woke' to describe anything that makes us uncomfortable.",[11,4411,4412],{},"Anyway, i do think Joy’s book is compelling and mostly dispels any of the usual arguments in favor of meat-eating, which is not seen by the mainstream as an ideology because it’s a norm...",{"title":235,"searchDepth":236,"depth":236,"links":4414},[4415,4416,4417,4418,4419],{"id":4077,"depth":236,"text":4078},{"id":4142,"depth":236,"text":4143},{"id":4194,"depth":236,"text":4195},{"id":4323,"depth":236,"text":4324},{"id":2957,"depth":236,"text":2958},"2025-03-31T00:00:00.000Z","Mrs. Melanie Joy thinks our behaviour towards animals is mostly influenced by our culture and environment.",{"alt":348},"/why-we-love-dogs",{"title":4072,"description":4421},"10.Why-we-love-dogs",[614],"Hf1W_yy9wydXDrlnhuvSCrnn1ET7-3c37LcLTnwwlFU",{"id":4429,"title":4430,"body":4431,"date":4594,"description":4595,"draft":246,"extension":247,"image":4596,"meta":4597,"navigation":251,"path":4598,"seo":4599,"stem":4600,"tags":4601,"__hash__":4603},"content_en/09.Wikipedia.md","Wikipedia: A Trustworthy source or not?",{"type":8,"value":4432,"toc":4587},[4433,4437,4446,4455,4458,4463,4466,4470,4473,4476,4480,4483,4486,4491,4494,4522,4526,4529,4552,4557,4561,4564,4570,4576,4582],[35,4434,4436],{"id":4435},"amir-doolab","\"Amir Doolab\"",[11,4438,4439,4440,4445],{},"In June 2016, ",[408,4441,4444],{"href":4442,"rel":4443},"https://fa.wikipedia.org/wiki/%D8%B9%D9%84%DB%8C%D8%B1%D8%B6%D8%A7_%D8%B9%D9%84%DB%8C%D9%81%D8%B1",[412],"Alireza Alifar",", the legendary Persian football commentator dropped a massive Bombshell in television and football community.",[11,4447,4448,4449,4454],{},"During one of the games that he is commentating, he ",[408,4450,4453],{"href":4451,"rel":4452},"https://www.aparat.com/v/09zPS",[412],"said"," something strange about the stadium information:",[11,4456,4457],{},"\"The stadium took about two years to reconstruct, and it was relaunched at September 2013. the Vinci company was the Project manager and Doolab Amir was the Architect\"",[395,4459,4460],{},[11,4461,4462],{},"If you watch a football match with commentator, do you ever care about this type of information?",[11,4464,4465],{},"Amir Doolab is an ordinary citizen in iran who has noticed Alireza Alifar is make use of Wikipedia for the source of his commentaries. He watched several football matches before this event and thinks with himself : \"Well. this guy is speaking about stadium information in every commentaries. he is probably using Wikipedia for that because its the best and fastest way of accessing to that same kind of information. Anything goes let's try!\"",[35,4467,4469],{"id":4468},"who-to-blame","Who To Blame?",[11,4471,4472],{},"Wikipedia? The commenter? or that naughty boy Amir Doolab for misusing the wikipedia?",[11,4474,4475],{},"Well, i think Alireza Alifar is primarily responsible for the issue. the reliance on potentially unreliable sources like Wikipedia can put you in lot of trouble. especially when you as a commentator expected to provide a credible information.",[35,4477,4479],{"id":4478},"wikipedia","Wikipedia",[11,4481,4482],{},"The website it self addresses this types of concerns in some articles.",[11,4484,4485],{},"For example the academic use page states :",[55,4487,4488],{},[11,4489,4490],{},"Wikipedia is not a reliable source for academic writing or research.",[11,4492,4493],{},"What it exactly means is, you should not include \"Wikipedia\" as a source of your information. But it means we should not use it at all? I dont think so.",[11,4495,4496,4497,3781,4500,3781,4505,3781,4508,3781,4513,3781,4516,4521],{},"the only thing you need to consider is : Do your research properly and wisely. ",[21,4498,4499],{},"Remember that",[3614,4501,4502],{},[21,4503,4504],{},"any",[21,4506,4507],{},"encyclopedia is a",[3614,4509,4510],{},[21,4511,4512],{},"starting point",[21,4514,4515],{},"for research, not an",[3614,4517,4518],{},[21,4519,4520],{},"ending point","**.**",[35,4523,4525],{"id":4524},"tips","Tips",[11,4527,4528],{},"I was wondering Why isn't Wikipedia full of false information, since everyone can edit articles there? I found these tips in the answer of this question.",[121,4530,4531,4534,4549],{},[18,4532,4533],{},"Most Wikipedia paragraphs are referenced to external sources, which is often considered good practice for contributors. Collaborators on Wikipedia are encouraged not to write content solely based on their own knowledge; instead, they should back up their statements with external references. Consider the wiki page of Youtube for example. there are about 300 references exist on this page. These references can be seen at the end of the sentences (using small numbers) and at the end of the page.",[18,4535,4536,4537,4542,4543,4548],{},"Not Everyone can edit every articles. Wikipedia has something called",[408,4538,4541],{"href":4539,"rel":4540},"https://en.wikipedia.org/wiki/Wikipedia:Protection_policy",[412]," Protection policy."," This usually applied to some pages that is considered highly controversial. See the ",[408,4544,4547],{"href":4545,"rel":4546},"https://en.wikipedia.org/wiki/Donald_Trump",[412],"Donald Trump"," Article Page for example. you will see a little lock icon on the right side of the article. And you probably can not edit the page without meeting the condition specified in the Protection policy page.",[18,4550,4551],{},"Talk Pages. Each article has an associated \"talk page\" where editors can discuss changes, raise concerns about content.",[395,4553,4554],{},[11,4555,4556],{},"In my experience, most people who accusing wikipedia for being unreliable are those who are just eager to find something that requires minimal cognitive effort. whether it stems from their ideology or anything else.",[35,4558,4560],{"id":4559},"conclusion","Conclusion",[11,4562,4563],{},"So:",[11,4565,4566,4569],{},[21,4567,4568],{},"If you are reading about Academic things related to science and etc",": Yes. Wikipedia is not a reliable source. But that doesn’t make it useless. It is a good choice for starting point.",[11,4571,4572,4575],{},[21,4573,4574],{},"If you are reading about Controversial topics"," : Think of Wikipedia as some Repository that sums up the mainstream news media.",[11,4577,4578,4581],{},[21,4579,4580],{},"anything else:"," I think is mostly fine to read from Wikipedia as long as you keeping your critical thinking skills active.",[11,4583,4584],{},[660,4585,4586],{},"Thank you for taking the time to read this post!",{"title":235,"searchDepth":236,"depth":236,"links":4588},[4589,4590,4591,4592,4593],{"id":4435,"depth":236,"text":4436},{"id":4468,"depth":236,"text":4469},{"id":4478,"depth":236,"text":4479},{"id":4524,"depth":236,"text":4525},{"id":4559,"depth":236,"text":4560},"2025-03-04T00:00:00.000Z","Why the hell some people created such a system that can be edited by anyone around the world?","/blog-images/wikipedia-logo-reproducao.webp",{"alt":235},"/wikipedia",{"title":4430,"description":4595},"09.Wikipedia",[4602],"internet","uET2IDu4jTwLtLg_kDnCsbU7f1Y41qoj3QLYeiWKy5Y",{"id":4605,"title":4606,"body":4607,"date":4820,"description":4821,"draft":246,"extension":247,"image":4822,"meta":4823,"navigation":251,"path":4824,"seo":4825,"stem":4826,"tags":4827,"__hash__":4828},"content_en/07.SSH Keys.md","SSH Keys",{"type":8,"value":4608,"toc":4815},[4609,4612,4620,4623,4630,4634,4637,4640,4657,4661,4664,4673,4678,4685,4688,4697,4700,4703,4730,4736,4739,4747,4750,4755,4758,4765,4768,4780,4791,4794,4801,4809,4812],[35,4610,4606],{"id":4611},"ssh-keys",[11,4613,4614,4619],{},[408,4615,4618],{"href":4616,"rel":4617},"https://parsajr.org/blogs/what-is-ssh",[412],"Previously"," we learned what the ssh is (in more general terms, actually).",[11,4621,4622],{},"now we're going to look at SSH Keys in little more practical way.",[11,4624,4625,4626,4629],{},"SSH keys are a pair of cryptographic keys used for secure access to remote systems over the SSH (Secure Shell) protocol. They provide a secure and ",[21,4627,4628],{},"more convenient"," method of authentication compared to traditional password-based logins.",[35,4631,4633],{"id":4632},"scenarios","Scenarios",[11,4635,4636],{},"Well, at first these concepts like (ssh keys) are somewhat vague. (if you wasn't work with it before).",[11,4638,4639],{},"because of it, I'm writing some scenarios that can be handled with leveraging of SSH Keys.",[121,4641,4642,4648],{},[18,4643,4644,4645,285],{},"Parsa is a full-stack developer working for a tech company. In addition of software development, his job also requires him to access (ssh into) multiple servers daily. Each of these servers have a strong, unique password for security purposes. To deal with the difficulty of remembering all these passwords, Parsa often end up with writing them down on sticky notes or using a simple password manager, ",[21,4646,4647],{},"which obviously poses a security risk",[18,4649,4650,4651,4656],{},"Parsa is configuring the ",[408,4652,4655],{"href":4653,"rel":4654},"https://en.wikipedia.org/wiki/Continuous_delivery",[412],"continuous delivery (CD)"," process for his web application. The application's Docker image is automatically built from the Dockerfile and pushed to the Docker Hub registry. At the end of the CD process, a script on the server running the application is executed to pull the newer Docker image. Parsa uses his user password for the server to configure this last part of the CD process.",[35,4658,4660],{"id":4659},"configuring-ssh-keys","Configuring SSH Keys",[11,4662,4663],{},"In this process we suppose you have OpenSSH server on your server already configured.",[11,4665,4666,4667,4672],{},"SSH keys are using ",[408,4668,4671],{"href":4669,"rel":4670},"https://www.youtube.com/watch?v=AQDCe585Lnc",[412],"asymmetric encryption",". In asymmetric encryption, two keys are involved: a public key and a private key.",[11,4674,4675],{},[21,4676,4677],{},"Step 1: Generate SSH Key Pair",[11,4679,4680,4681,4684],{},"you will be using the ",[21,4682,4683],{},"ssh-keygen"," package in order to create your key pairs(public and private key) , which is included with the standard OpenSSH suite.",[11,4686,4687],{},"so go ahead an enter the command below.",[652,4689,4691],{"className":3489,"code":4690,"language":3491,"meta":235,"style":235},"ssh-keygen\n",[43,4692,4693],{"__ignoreMap":235},[660,4694,4695],{"class":662,"line":663},[660,4696,4690],{"class":1065},[11,4698,4699],{},"this command will guides you through the steps and asks you any neccecary questions.",[11,4701,4702],{},"If you had previously generated an SSH key pair, you may see a prompt that looks like this:",[652,4704,4706],{"className":3489,"code":4705,"language":3491,"meta":235,"style":235},"/home/yourusername/.ssh/id_rsa already exists.\nOverwrite (y/n)?\n",[43,4707,4708,4719],{"__ignoreMap":235},[660,4709,4710,4713,4716],{"class":662,"line":663},[660,4711,4712],{"class":1065},"/home/yourusername/.ssh/id_rsa",[660,4714,4715],{"class":677}," already",[660,4717,4718],{"class":677}," exists.\n",[660,4720,4721,4724,4727],{"class":662,"line":236},[660,4722,4723],{"class":1065},"Overwrite",[660,4725,4726],{"class":666}," (y/n)",[660,4728,4729],{"class":3050},"?\n",[11,4731,4732,4733,285],{},"if you press \"yes\" you will overwrite the existing SSH private key file located at ",[43,4734,4735],{},"~/.ssh/id_rsa",[11,4737,4738],{},"in this process, its good to know these tips:",[121,4740,4741,4744],{},[18,4742,4743],{},"the RSA or Ed25519 key types are fine for general purposes. Also OpenSSH supports both of them.",[18,4745,4746],{},"Specifying passphrase is optional. You can enter a passphrase to add an extra layer of security to your private key. It doesn't need to be a hard password. The SSH key password exists as another layer of protection against unauthorized access. You should consider the risks associated with your private key being exposed. (It is mostly based on your situation)",[11,4748,4749],{},"After going through the entire process, you now have a public and private key that you can use for authentication. You can find them in the folder you specified during this process.",[11,4751,4752],{},[21,4753,4754],{},"Step 2: Copying an SSH Public Key to Your Server",[11,4756,4757],{},"There are multiple ways to upload your public key to your remote SSH server.",[11,4759,4760,4761,4764],{},"Simplest way is using the utility called ",[21,4762,4763],{},"ssh-copy-id"," that is also comes with OpenSSH suite.",[11,4766,4767],{},"To copy your public key to the remote server, use the following command:",[652,4769,4771],{"className":3489,"code":4770,"language":3491,"meta":235,"style":235},"ssh-copy-id username@server_ip\n",[43,4772,4773],{"__ignoreMap":235},[660,4774,4775,4777],{"class":662,"line":663},[660,4776,4763],{"class":1065},[660,4778,4779],{"class":677}," username@server_ip\n",[11,4781,4782,4783,4786,4787,4790],{},"Replace ",[43,4784,4785],{},"username"," with your actual username on the remote server and ",[43,4788,4789],{},"server_ip"," with the server's IP address or hostname.",[11,4792,4793],{},"You will be prompted to enter the password for the specified user on the remote server. This is the last time you will need to enter a password for SSH access if everything is set up correctly.",[11,4795,4796,4797,4800],{},"After entering your password, you should see a message indicating that the key has been added to the ",[43,4798,4799],{},"authorized_keys"," file on the remote server.",[652,4802,4807],{"className":4803,"code":4805,"language":4806,"meta":235},[4804],"language-text","Number of key(s) added: 1\n\nNow try logging into the machine, with:   \"ssh 'username@203.0.113.1'\"\nand check to make sure that only the key(s) you wanted were added.    \n","text",[43,4808,4805],{"__ignoreMap":235},[11,4810,4811],{},"At this point, your public key has been uploaded to the remote server, and you should be able to SSH into that server without needing to use a password.",[2963,4813,4814],{},"html pre.shiki code .svObZ, html code.shiki .svObZ{--shiki-default:#B392F0}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html pre.shiki code .sU2Wk, html code.shiki .sU2Wk{--shiki-default:#9ECBFF}html pre.shiki code .s95oV, html code.shiki .s95oV{--shiki-default:#E1E4E8}html pre.shiki code .snl16, html code.shiki .snl16{--shiki-default:#F97583}",{"title":235,"searchDepth":236,"depth":236,"links":4816},[4817,4818,4819],{"id":4611,"depth":236,"text":4606},{"id":4632,"depth":236,"text":4633},{"id":4659,"depth":236,"text":4660},"2024-12-20T00:00:00.000Z","How to setup SSH Keys in OpenSSH server","/blog-images/1_FdUZn4O0swrqgpiQoLTJOw.png",{},"/ssh-keys",{"title":4606,"description":4821},"07.SSH Keys",[2983,2982],"04ju1EfXPlDrjg_3mWmbEGANjb9AIcTldQukv15s47w",{"id":4830,"title":4831,"body":4832,"date":4948,"description":4949,"draft":246,"extension":247,"image":4950,"meta":4951,"navigation":251,"path":4952,"seo":4953,"stem":4954,"tags":4955,"__hash__":4956},"content_en/08.Deliberate Amateur.md","Improvise, Adapt, Excel",{"type":8,"value":4833,"toc":4943},[4834,4838,4847,4850,4853,4856,4860,4863,4866,4869,4872,4876,4879,4882,4885,4892,4896,4910,4913,4916,4938],[2991,4835,4837],{"id":4836},"range","Range",[11,4839,4840,4841,4846],{},"David Epstein in ",[408,4842,4845],{"href":4843,"rel":4844},"https://www.amazon.com/Range-Generalists-Triumph-Specialized-World/dp/0735214484",[412],"\"Range\""," examined the world’s most successful athletes, artists, musicians, inventors, forecasters and scientists. He discovered that in most fields—especially those that are complex and unpredictable(has a wicked environment)—generalists, not specialists, are primed to excel.",[11,4848,4849],{},"Basically he tries to prove this:",[11,4851,4852],{},"“JACK OF ALL TRADES IS A MASTER OF NONE, BUT OFTENTIMES BETTER THAN A MASTER OF ONE\"",[11,4854,4855],{},"I will try to write some summery of chapter 3rd of this book.",[35,4857,4859],{"id":4858},"ospedale-della-pietà","Ospedale della Pietà",[11,4861,4862],{},"Chapter 3 begins with the story of the _‘Ospedale della Pieta’_ in Baroque Venice (17th/18th c.) which was an orphanage that trained abandoned girls in music. A group of Venetian nuns called the Consorelle di Santa Maria dell'Umiltà established this charitable institution for orphans and abandoned girls in the fourteenth century. By the seventeenth and eighteenth centuries, the Pietà and the three other charitable Ospedali Grandi were well known for its all-female musical ensembles that attracted tourists and patrons from around Europe.",[11,4864,4865],{},"Here, one of them is _‘Figlie di coro’._ it was the all-female music ensemble that were highly acclaimed, popular, and influential in defining an entire musical era. These girls were the seventh-century equivalent of rock stars.",[11,4867,4868],{},"Figlie took singing lessons, and learned to play every instrument their institution owned. it helped that they were paid for learning new skills.",[11,4870,4871],{},"The distinguishing characteristic of this orchestra was the instrumental range of the musicians with each musician being skilled not in one but an assortment of instruments. Famous composers like Antonio Vivaldi taught and wrote music specifically for the figlie.",[35,4873,4875],{"id":4874},"breaking-convention-case-jack-cecchini","Breaking Convention - Case \"Jack Cecchini\"",[11,4877,4878],{},"The first was in 1950 in Chicago, when he was 13 and stumbled across a guitar resting on his landlord’s couch. He ran his fingers over the strings as he walked by. The landlord picked it up, demonstrated two chords, and immediately asked Cecchini to play accompaniment with them. Of course, he couldn’t. “He’d shake his head when it was time for me to change the chord, and if I didn’t he’d start swearing,” Cecchini recalled with a chuckle. Cecchini’s interest was ignited, and he started trying to imitate songs he heard on the radio. By 16, he was playing jazz in the background of Chicago clubs he was too young to patronize. “It was like a factory,” he told me. “If you had to go to the bathroom, you had to get one of the other guys to pick it up. But you’re experimenting every night.” He took the only free music lessons he could find, in clarinet, and tried to transfer what he learned to the guitar. “There are eight million places on the guitar to play the same notes,” he said. “I was just trying to find solutions to problems, and you start to learn the fingerboard.” Pretty soon he was performing with Frank Sinatra at the Villa Venice, Miriam Makeba at the Apollo, and touring with Harry Belafonte from Carnegie Hall to packed baseball stadiums. That’s where the second stumble came in.",[11,4880,4881],{},"During a show when Cecchini was 23, one of Belafonte’s stage dancers stepped on the cable that connected his guitar to an amplifier. His instrument was reduced to a whisper. “Harry freaked out,” Cecchini recalled. “He said, ‘Get rid of that thing and get yourself a classical guitar!’” Getting one was easy, but he had been using a pick, and for acoustic he had to learn fingering, so the trouble was learning to play it on tour.",[11,4883,4884],{},"He fell in love with the instrument, and by 31 was so adept that he was chosen as the soloist to play a concerto by none other than Vivaldi accompanied by an orchestra for a crowd in Chicago’s Grant Park. The next day, the _Chicago Tribune_’s music critic began his review: “Despite the ever‑increasing number of enthusiasts who untiringly promote the resurrection of the guitar as a classical instrument, there are but few men who possess the talent and patience to master what remains one of the most beautiful but obstinately difficult of all instruments.” Cecchini, he continued, “proved to be one of those few.”",[11,4886,4887,4888,4891],{},"Despite his late and haphazard start, Cecchini also became a renowned teacher of both jazz and classical guitar. Students traveled from out of state to pick his brain, and by the early 1980s lines formed down the stairs of his Chicago school in the evenings. His own formal training, of course, had been those free clarinet lessons. “I’d say I’m 98 percent self‑taught,” he told me. *",[3614,4889,4890],{},"He switched between instruments and found his way through trial and error.","*",[35,4893,4895],{"id":4894},"breaking-convention-case-django-reinhardt","Breaking Convention - Case \"Django Reinhardt\"",[11,4897,4898,4903,4904,4909],{},[408,4899,4902],{"href":4900,"rel":4901},"https://en.wikipedia.org/wiki/Django_Reinhardt",[412],"Django Reinhardt"," was born in Belgium in 1910. Django went to school if he felt like it, but he mostly didn't. He crashed movie theaters and shot biliards, and was surrounded by music. Django Reinhardt's love for the guitar developed in his early years, influenced by his family and the musical environment around him. Django started with violin but he didn't love it. He learned in the call-and-response style (it means he learned by listening to and imitating other musicians, often playing along with them in informal settings). when he was twelve an acquaintance gave him a ",[408,4905,4908],{"href":4906,"rel":4907},"https://en.wikipedia.org/wiki/Banjo_guitar",[412],"hybrid banjo guitar",". He had found his thing, and became obsessed. In 1928, he suffered severe burns in a fire that left him with limited use of his left hand. Despite this challenge, Reinhardt developed a remarkable technique that allowed him to play chords with a thumb and two fingers.",[11,4911,4912],{},"He is particularly known for his contributions to the genre of gypsy jazz, which blends traditional Romani music with jazz elements. Even though he never learned to read music (or words- he was illiterate), Django composed a symphony, playing on his guitar what he wanted each instrument in the ensemble to do while another musician struggled to transcribe it.",[11,4914,4915],{},"He died of a brain hemorrhage at 43, but music he made nearly a century ago continues to show up in pop culture. Examples:",[121,4917,4918,4921,4924,4931],{},[18,4919,4920],{},"The Matrix movie",[18,4922,4923],{},"The Aviator movie",[18,4925,4926],{},[408,4927,4930],{"href":4928,"rel":4929},"https://www.youtube.com/watch?v=k4DYfUSwDgI",[412],"Mafia 1 video game",[18,4932,4933],{},[408,4934,4937],{"href":4935,"rel":4936},"https://www.youtube.com/watch?v=vycdi-jGzv4",[412],"The Bioshock video games",[55,4939,4940],{},[11,4941,4942],{},"“Improv masters learn like babies: dive in and imitate and improvise first, learn the formal rules later. “At the beginning, your mom didn’t give you a book and say, ‘This is a noun, this is a pronoun, this is a dangling participle,’” Cecchini told me. “You acquired the sound first. And then you acquire the grammar later.”",{"title":235,"searchDepth":236,"depth":236,"links":4944},[4945,4946,4947],{"id":4858,"depth":236,"text":4859},{"id":4874,"depth":236,"text":4875},{"id":4894,"depth":236,"text":4895},"2024-11-16T00:00:00.000Z","Some Insights from the book \"Range\"","/blog-images/deliberate_ameteur.jpg",{},"/deliberate-amateur",{"title":4831,"description":4949},"08.Deliberate Amateur",[614],"YWlmhj0Ri_JAzenLsuyTHmJOh-_2Qc2jfPyVGam1E1M",{"id":4958,"title":4959,"body":4960,"date":5073,"description":5074,"draft":246,"extension":247,"image":5075,"meta":5076,"navigation":251,"path":5077,"seo":5078,"stem":5079,"tags":5080,"__hash__":5081},"content_en/06.what-is-ssh.md","What is SSH & SSH Key?",{"type":8,"value":4961,"toc":5065},[4962,4966,4969,4972,4976,4979,4988,4991,4994,4997,5000,5004,5007,5010,5017,5019,5022,5025,5028,5031,5035,5038,5041,5049,5052,5055,5059,5062],[35,4963,4965],{"id":4964},"ssh","SSH",[11,4967,4968],{},"SSH (Secure Shell) is a network protocol used to securely access and manage devices over a network.",[11,4970,4971],{},"When we say “SSH“ we often refer to software implementations that use this protocol for secure communication (like OpenSSH)",[35,4973,4975],{"id":4974},"history","History",[11,4977,4978],{},"If we want to explain some history of ssh it goes like this :",[11,4980,4981,4982,4987],{},"The “Secure Shell protocol” was originally developed by ",[408,4983,4986],{"href":4984,"rel":4985},"https://ylonen.org/index.html",[412],"Tatu Ylonen"," in 1995 in response to a hacking incident in some Finnish universities network.",[11,4989,4990],{},"A password sniffer had been installed on a server connected directly to the backbone, and when it was discovered, it had thousands of usernames and passwords in its database, including several from Ylonen's company.",[11,4992,4993],{},"That incident triggered Ylonen to study cryptography and develop a solution he could use himself for remote login over the Internet safely.",[11,4995,4996],{},"Telnet protocol was commonly used before SSH for remote access, but it lacks encryption, making it so much less secure.",[11,4998,4999],{},"In short, the ssh that is currently used for almost all datacenters in the world is the result of these events.",[35,5001,5003],{"id":5002},"how-this-thing-work-in-nutshell","How this thing work in nutshell",[11,5005,5006],{},"The protocol works in the client-server model, which means that the connection is established by the SSH client connecting to the SSH server. The SSH client drives the connection setup process and uses public key cryptography to verify the identity of the SSH server. After the setup phase the SSH protocol uses strong symmetric encryption and hashing algorithms to ensure the privacy and integrity of the data that is exchanged between the client and server.",[11,5008,5009],{},"The figure below presents a simplified setup flow of a secure shell connection",[11,5011,5012],{},[5013,5014],"img",{"alt":5015,"src":5016},"ssh-steps","/blog-images/ssh-steps.png",[35,5018,4606],{"id":4611},[11,5020,5021],{},"So when you access another computer or server, you probably use a password. we use passwords all the time in lots of websites and etc. But from a security or comfort prospective they are often horrible.",[11,5023,5024],{},"For most of you, your password probably contain ‘1234‘ or ‘123456‘ Or in the vice versa, your password is probably god! as if you can not memorize it. You often end up with copy pasting. it quickly become tedious. So what is the solution?",[11,5026,5027],{},"Yes! SSH Keys!",[11,5029,5030],{},"An SSH key is an access credential in the SSH protocol. Its function is similar to that of user names and passwords, but the keys are primarily used for automated processes & for simplifying the process of logging into a server without the need to enter a password each time.",[35,5032,5034],{"id":5033},"auth-types","Auth types",[11,5036,5037],{},"SSH supports several authentication methods.",[11,5039,5040],{},"Two of most popular ones are",[121,5042,5043,5046],{},[18,5044,5045],{},"Password Auth",[18,5047,5048],{},"Public key Auth ( often refereed to as SSH keys )",[11,5050,5051],{},"in the Password method, it uses the user’s password for logging in. (your actual user in operating system )",[11,5053,5054],{},"in the Public key Auth, it involves a pair of cryptographic (a private key and a public key). The public key is stored on the server, and the private key stored on the user computer.",[35,5056,5058],{"id":5057},"next","Next",[11,5060,5061],{},"In this post i just wanted to explain ssh and ssh keys in short terms. in the next posts, i will explain more about how we can exactly run ssh (+ configuring ssh keys) on our server.",[11,5063,5064],{},"As Always, thank you for taking your time and reading this post.",{"title":235,"searchDepth":236,"depth":236,"links":5066},[5067,5068,5069,5070,5071,5072],{"id":4964,"depth":236,"text":4965},{"id":4974,"depth":236,"text":4975},{"id":5002,"depth":236,"text":5003},{"id":4611,"depth":236,"text":4606},{"id":5033,"depth":236,"text":5034},{"id":5057,"depth":236,"text":5058},"2024-10-21T00:00:00.000Z","The Secure Shell (SSH) protocol sets up encrypted connections for remote logins and file transfers between computers.","/blog-images/ssh.png",{},"/what-is-ssh",{"title":4959,"description":5074},"06.what-is-ssh",[2983,2982],"LMhkcJu3iuhd8oHcyjHKQr2MAVw-ei8UA9ErqjBHBOo",{"id":5083,"title":5084,"body":5085,"date":5183,"description":5184,"draft":246,"extension":247,"image":3902,"meta":5185,"navigation":251,"path":5186,"seo":5187,"stem":5188,"tags":5189,"__hash__":5190},"content_en/05.changing-i3-lang.md","How to add a new keyboard input language in i3wm?",{"type":8,"value":5086,"toc":5181},[5087,5090,5093,5106,5109,5122,5132,5135,5138,5143,5149,5161,5167,5173,5179],[11,5088,5089],{},"So here it goes like this:",[11,5091,5092],{},"First: You should lookup for your wanted language-layout option name in output of the command below.",[652,5094,5096],{"className":3489,"code":5095,"language":3491,"meta":235,"style":235},"localectl list-x11-keymap-layouts\n",[43,5097,5098],{"__ignoreMap":235},[660,5099,5100,5103],{"class":662,"line":663},[660,5101,5102],{"class":1065},"localectl",[660,5104,5105],{"class":677}," list-x11-keymap-layouts\n",[11,5107,5108],{},"After that: place following code on your i3 configuration.",[652,5110,5112],{"className":3489,"code":5111,"language":3491,"meta":235,"style":235},"exec_always \"setxkbmap -model pc104 -layout us,ir -variant ,, -option grp:alt_shift_toggle\"\n",[43,5113,5114],{"__ignoreMap":235},[660,5115,5116,5119],{"class":662,"line":663},[660,5117,5118],{"class":1065},"exec_always",[660,5120,5121],{"class":677}," \"setxkbmap -model pc104 -layout us,ir -variant ,, -option grp:alt_shift_toggle\"\n",[11,5123,5124,5125,5128,5129,5131],{},"replace ",[43,5126,5127],{},"ir"," with yours. ",[43,5130,5127],{}," is a layout name for Persian language ( my native language ).",[11,5133,5134],{},"After that, reload the i3 configuration and thats should work.",[11,5136,5137],{},"Lets break that command above :",[11,5139,5140,5142],{},[43,5141,5118],{}," : In the context of i3wm, this command basically execute the command that you write in front of it ,always when i3wm initialized.",[11,5144,5145,5148],{},[43,5146,5147],{},"setxkbmap"," : This command in Linux is used to set the keyboard layout and options for the X Window System ( X.org is the open-source implementation of the X Window System and i3 is based on xorg )",[11,5150,5151,5154,5155,5160],{},[43,5152,5153],{},"-model pc104"," : This specifies the keyboard model. The ",[408,5156,5159],{"href":5157,"rel":5158},"https://en.wikipedia.org/wiki/IBM_PC_keyboard#Keyboard_layouts",[412],"pc104"," is actually what we call a full size keyboard ( with numpad and etc, 104 keys in total )",[11,5162,5163,5166],{},[43,5164,5165],{},"-layout us,ir"," : This option specifies the keyboard layouts to be used.",[11,5168,5169,5172],{},[43,5170,5171],{},"-variant ,,"," : This specifies the variants of the specified layouts.  we leave it empty so it uses the default variant.",[11,5174,5175,5178],{},[43,5176,5177],{},"-option grp:alt_shift_toggle"," : This sets options for switching between the specified keyboard layouts. I think the command itself is self-explanatory.",[2963,5180,3897],{},{"title":235,"searchDepth":236,"depth":236,"links":5182},[],"2024-10-09T00:00:00.000Z","If you are using two or more languages in your computer, this is one of the first problems you will encounter in i3wm.",{},"/changing-i3-lang",{"title":5084,"description":5184},"05.changing-i3-lang",[2983],"eX-ONwz_A9K5SxFdAsocBy-D54kUn4emyW4LGhd78JU",{"id":5192,"title":5193,"body":5194,"date":5345,"description":5346,"draft":246,"extension":247,"image":5347,"meta":5348,"navigation":251,"path":5349,"seo":5350,"stem":5351,"tags":5352,"__hash__":5354},"content_en/04.why-we-need-isps.md","Why we need ISPs to access to the the internet?",{"type":8,"value":5195,"toc":5338},[5196,5200,5203,5210,5213,5222,5226,5241,5245,5248,5251,5254,5258,5261,5265,5268,5271,5274,5278,5288,5293,5299,5307],[2991,5197,5199],{"id":5198},"do-we-need-isps-to-access-to-the-modern-internet","Do we need ISPs to access to the Modern Internet?",[11,5201,5202],{},"First of all, we should get some grasp of how the internet works, before answering to this question.\nLet us dig into it...",[11,5204,5205,5206,5209],{},"The first thing to note is, ",[43,5207,5208],{},"the internet"," isn't really a single \"thing\". It's a convenient name we give to what is in effect, just a lot of computers that are able to talk to each other. Think about your home: you might have a desktop, a laptop, a printer, and a phone, and you need them all to talk to each other, so you put in a network that lets them do that. Just on its own that's useful, you could transfer a file from the desktop to the laptop, or send a job to the printer from the phone. But your network doesn't do everything. So the next step is to connect your network to other networks.",[11,5211,5212],{},"The simplest \"Internet\" is just two networks like the above that can talk to each other. So you have two desktops (in network A and in network B), two printers, etc. So now you can send files between the two desktops. Or perhaps you can set up a simple website on the Desktop A system and access it from the Desktop B system. Congratulations, you've made \"The Internet\" as it existed at the very very beginning!",[11,5214,5215,5216,5221],{},"It just expanded from there. More and more independent networks started talking to each other, and the growing Internet decided via its members on a large number of standards for how those computers are supposed to talk to each other. Independent organizations were founded to help manage this; one I'll refer to below is the ",[408,5217,5220],{"href":5218,"rel":5219},"https://www.ripe.net",[412],"RIPE NCC",", the dutch Registry of Internet Numbers, which is the most important one for \"becoming an ISP\" in Europe, Middle East and Central Asia.",[35,5223,5225],{"id":5224},"so-how-do-you-become-an-isp","So, how do you become an ISP?",[11,5227,5228,5229,5232,5233,5236,5237,5240],{},"It is easy! You just talk to the RIPE, and they give you some numbers that are put in their official \"book\" that keeps track of everyone who ",[21,5230,5231],{},"makes up the Internet",". Except that doing this isn't actually easy, or cheap. There's two main things you need from the RIPE: what is called an ",[21,5234,5235],{},"AS (Autonomous System) Number",", which is a unique number that identifies your network, and a block of IP addresses that they assign to you. Those IP addresses become your addresses on the Internet, like your telephone number of home street address. But that alone isn't enough, because no one can talk to you unless you connect to someone else! So using your AS Number, you establish what are called ",[21,5238,5239],{},"peering relationships"," with other networks on the Internet. A reasonable small ISP would have at least 2 peers, and you connect a physical wire to them somehow, and then do what is called \"announce routes\" to your IP address blocks to those other providers. That will propagate out from those peers to the wider Internet, and done! traffic can now reach you! You're now an ISP.",[35,5242,5244],{"id":5243},"it-is-that-easy","It is that easy?",[11,5246,5247],{},"No. This process is not easy at all.",[11,5249,5250],{},"First off all, none of this is cheap (every step there costs you money, in addition to all the gear you'll actually need which itself is not really cheap), and you also need people with good technical skill to set it up and run it.",[11,5252,5253],{},"One thing to note is that the RIPE is not really in just the business of handing out these AS numbers and IP addresses to random individual people. There's also \"tiers\" of companies on the Internet, really depending on how big they are. Tier 1's are giant companies and networks that form the backbone of the Internet (Like AT&T), and most other companies use them to talk to each other. From there you get Tier 2 and Tier 3 (small and local) networks like ISPs. Yes, it's not just ISPs: if you're a big corporation like, for example, Google, you might just register for your own AS number and IPs and peer directly with some Tier 1 and Tier 2 networks to get on \"the Internet\", no ISP needed!",[35,5255,5257],{"id":5256},"so-how-do-you-a-normal-person-get-on-the-internet","So, how do you, a normal person, get on the Internet?",[11,5259,5260],{},"You sign up for an Internet Service Provider (ISP) who's done all that stuff above! As a business, they obtained equipment, the AS number, the IP addresses, and the staff to run this network of theirs, and their business model is selling you access to their network, which in turn lets you connect through them to the other networks that make up the Internet.",[35,5262,5264],{"id":5263},"conclution","Conclution",[11,5266,5267],{},"So, you NEED an ISP?",[11,5269,5270],{},"Actually no! If you can get your own network set up. But doing so is way beyond the skill level and cost of the vast majority of people or even organizations (small businesses, etc.), so they just pay an ISP to connect them. And that's how you get the Modern Internet we have today.",[11,5272,5273],{},"Thank you for taking the time to read this blog post!",[35,5275,5277],{"id":5276},"surprise","Surprise!",[11,5279,5280,5281,5284,5285],{},"At the time of writing this post, 17 September, i was visiting the Ripe NCC Website. And guess what?\nI’m just found out they will have a online Event about the ",[21,5282,5283],{},"state of the Internet in Iran ( my country )"," in next 2 hours!! ",[5286,5287],"br",{},[11,5289,5290,5291],{},"So I signed up and attended to the meeting. ",[5286,5292],{},[11,5294,5295],{},[5013,5296],{"alt":5297,"src":5298},"Ripe Meeting","/blog-images/RIPE_Meeting.png",[11,5300,5301,5302,285],{},"here i write some summery of the presentations and discussions (things that i understand from them). you can access to whole presentation files (merged together) from ",[408,5303,5306],{"href":5304,"rel":5305},"https://www.ripe.net/meetings/open-house/internet-in-iran-17-sept-2024/",[412],"here",[121,5308,5309,5312,5320,5323,5326,5329,5332,5335],{},[18,5310,5311],{},"Iran has about 686 LIR accounts and this number steady growth. LIR accounts in context of RIPE NCC refers to Local Internet Registry accounts held by organizations in iran that have allocated a block of IP addresses or Autonomous System Numbers (ASNs). basically LIRs are typically Internet Service Providers (ISPs) or large organizations that need to manage their own IP address space.",[18,5313,5314,5315,285],{},"Iran has nearly 12 milion IPv4 addresses. IPv4 usage in Iran is increased sharply in 2012. this is due to the multiple LIR openings around that time. why? looks like because of ",[408,5316,5319],{"href":5317,"rel":5318},"https://labs.ripe.net/author/wilhelm/ripe-ncc-membership-developments-after-reaching-the-last-8/",[412],"this",[18,5321,5322],{},"Iran has nearly 3604 /32 IPv6 addresses and this is steady growth. One thing we need to know is that this does not mean they are in use! having allocation and using allocation are two separate stats.",[18,5324,5325],{},"the capability of Iran in terms of IPv6 is actually a lot lower then global average. Only 23.1% of Iran’s network is IPv6 capable. Global average of IPv6 support is about 35-45%.",[18,5327,5328],{},"RIPE NCC is a dutch organization. they based on Netherlands. Dutch banks use the term “Ultra High Risk Country“ for countries that are under sanctions. for example, Iran & Syria are classified as Ultra High Risk Country. I think “Risk“ in here means possibility of receiving fine by USA or something like this.",[18,5330,5331],{},"As a result they have challange for getting money from their iranian members.",[18,5333,5334],{},"Due to the bank classification of Iran as a Ultra High Risk, they are not allowed to receive money from these countries.",[18,5336,5337],{},"Result: they have postponed payment obligations from these kind of countries. They still have not found the solution for this problem yet…",{"title":235,"searchDepth":236,"depth":236,"links":5339},[5340,5341,5342,5343,5344],{"id":5224,"depth":236,"text":5225},{"id":5243,"depth":236,"text":5244},{"id":5256,"depth":236,"text":5257},{"id":5263,"depth":236,"text":5264},{"id":5276,"depth":236,"text":5277},"2024-09-19T00:00:00.000Z","Is it possible to access the internet without an ISP? Why can't we just go straight to (for example) Google's servers and bypass the companies that charge us?","/blog-images/isp.png",{},"/why-we-need-isps",{"title":5193,"description":5346},"04.why-we-need-isps",[5353],"curiosity","OZPVUv2jOFO3_063Xs82YvtMnvfi2z6wZ1jOZicBr3E",{"id":5356,"title":5357,"body":5358,"date":6022,"description":6023,"draft":246,"extension":247,"image":248,"meta":6024,"navigation":251,"path":6025,"seo":6026,"stem":6027,"tags":6028,"__hash__":6031},"content_en/02.nuxt-content-features.md","Let's  try some of the nuxt content features",{"type":8,"value":5359,"toc":6014},[5360,5364,5372,5375,5379,5390,5402,5407,5414,5417,5421,5424,5426,5456,5468,5472,5479,5481,5618,5621,5642,5645,5651,5654,5658,5667,5677,5795,5806,5810,5827,6000,6004,6011],[2991,5361,5363],{"id":5362},"what-is-nuxt-content","What is Nuxt Content?",[11,5365,5366,5369,5370],{},[21,5367,5368],{},"Content"," is a Nuxt module that helps you to work with markdowns easily.\nNuxt Content reads the '/content' directory in your project, parses them to create\na powerful data layer for nuxt application! ",[5286,5371],{},[11,5373,5374],{},"Let's see what it can do for us in more details 🚀",[35,5376,5378],{"id":5377},"parse-markdowns","Parse Markdowns",[11,5380,5381,5382,5384,5385,5387,5388],{},"Obivesly it can parse Markdown files to HTML tags! ",[5286,5383],{},"\n(this whole page you see is actually built upon this!) ",[5286,5386],{},"\nand because of this, you inherit all of the basic markdown capabilities.\nfor example: ",[5286,5389],{},[11,5391,5392,3781,5395,5397,3781,5400],{},[21,5393,5394],{},"Bold text",[5286,5396],{},[3614,5398,5399],{},"Italic text",[5286,5401],{},[55,5403,5404],{},[11,5405,5406],{},"Quoting text",[11,5408,5409],{},[408,5410,5413],{"href":5411,"rel":5412},"https://content.nuxt.com/",[412],"Link",[11,5415,5416],{},"and etc...",[35,5418,5420],{"id":5419},"code-highlighting","Code Highlighting",[11,5422,5423],{},"you can render codeblocks in you Markdowns with beautiful syntax highliting.",[11,5425,3022],{},[652,5427,5431],{"className":5428,"code":5429,"language":5430,"meta":235,"style":235},"language-ts shiki shiki-themes github-dark","export default {\n itsAwesome: true\n}\n","ts",[43,5432,5433,5444,5451],{"__ignoreMap":235},[660,5434,5435,5438,5441],{"class":662,"line":663},[660,5436,5437],{"class":3050},"export",[660,5439,5440],{"class":3050}," default",[660,5442,5443],{"class":666}," {\n",[660,5445,5446,5449],{"class":662,"line":236},[660,5447,5448],{"class":666}," itsAwesome: ",[660,5450,699],{"class":698},[660,5452,5453],{"class":662,"line":241},[660,5454,5455],{"class":666},"}\n",[11,5457,5458,5459,5464,5465,285],{},"this is made possible using ",[408,5460,5463],{"href":5461,"rel":5462},"https://github.com/shikijs/shiki",[412],"Shiki"," under the hood.\nit has so many themes that you can choose. that one i have used is called ",[21,5466,5467],{},"github-dark",[35,5469,5471],{"id":5470},"vue-components-inside-markdowns","Vue Components Inside Markdowns",[11,5473,5474,5475,5478],{},"Create Vue Components inside ",[43,5476,5477],{},"/components/content",", then you can use them in markdowns!",[11,5480,3022],{},[652,5482,5486],{"className":5483,"code":5484,"language":5485,"meta":235,"style":235},"language-vue shiki shiki-themes github-dark","\u003C!-- Alert.vue -->\n\u003Ctemplate>\n    \u003Cdiv role=\"alert\" class=\"rounded border-s-4 border-red-500 bg-red-50 p-4 dark:border-red-600 dark:bg-red-900\">\n        \u003Cstrong class=\"block font-medium text-red-800 dark:text-red-100\"> Alert \u003C/strong>\n\n        \u003Cp class=\"mt-2 text-sm text-red-700 dark:text-red-200\">\n            \u003Cslot>\u003C/slot> \n            \u003C!-- the slot tag is recieve our value from markdown -->\n        \u003C/p>\n    \u003C/div>\n\u003C/template>\n","vue",[43,5487,5488,5493,5504,5530,5551,5555,5570,5586,5591,5600,5609],{"__ignoreMap":235},[660,5489,5490],{"class":662,"line":663},[660,5491,5492],{"class":2232},"\u003C!-- Alert.vue -->\n",[660,5494,5495,5498,5501],{"class":662,"line":236},[660,5496,5497],{"class":666},"\u003C",[660,5499,5500],{"class":670},"template",[660,5502,5503],{"class":666},">\n",[660,5505,5506,5509,5512,5515,5517,5520,5523,5525,5528],{"class":662,"line":241},[660,5507,5508],{"class":666},"    \u003C",[660,5510,5511],{"class":670},"div",[660,5513,5514],{"class":1065}," role",[660,5516,3051],{"class":666},[660,5518,5519],{"class":677},"\"alert\"",[660,5521,5522],{"class":1065}," class",[660,5524,3051],{"class":666},[660,5526,5527],{"class":677},"\"rounded border-s-4 border-red-500 bg-red-50 p-4 dark:border-red-600 dark:bg-red-900\"",[660,5529,5503],{"class":666},[660,5531,5532,5535,5537,5539,5541,5544,5547,5549],{"class":662,"line":702},[660,5533,5534],{"class":666},"        \u003C",[660,5536,21],{"class":670},[660,5538,5522],{"class":1065},[660,5540,3051],{"class":666},[660,5542,5543],{"class":677},"\"block font-medium text-red-800 dark:text-red-100\"",[660,5545,5546],{"class":666},"> Alert \u003C/",[660,5548,21],{"class":670},[660,5550,5503],{"class":666},[660,5552,5553],{"class":662,"line":712},[660,5554,778],{"emptyLinePlaceholder":251},[660,5556,5557,5559,5561,5563,5565,5568],{"class":662,"line":723},[660,5558,5534],{"class":666},[660,5560,11],{"class":670},[660,5562,5522],{"class":1065},[660,5564,3051],{"class":666},[660,5566,5567],{"class":677},"\"mt-2 text-sm text-red-700 dark:text-red-200\"",[660,5569,5503],{"class":666},[660,5571,5572,5575,5578,5581,5583],{"class":662,"line":732},[660,5573,5574],{"class":666},"            \u003C",[660,5576,5577],{"class":670},"slot",[660,5579,5580],{"class":666},">\u003C/",[660,5582,5577],{"class":670},[660,5584,5585],{"class":666},"> \n",[660,5587,5588],{"class":662,"line":745},[660,5589,5590],{"class":2232},"            \u003C!-- the slot tag is recieve our value from markdown -->\n",[660,5592,5593,5596,5598],{"class":662,"line":753},[660,5594,5595],{"class":666},"        \u003C/",[660,5597,11],{"class":670},[660,5599,5503],{"class":666},[660,5601,5602,5605,5607],{"class":662,"line":764},[660,5603,5604],{"class":666},"    \u003C/",[660,5606,5511],{"class":670},[660,5608,5503],{"class":666},[660,5610,5611,5614,5616],{"class":662,"line":775},[660,5612,5613],{"class":666},"\u003C/",[660,5615,5500],{"class":670},[660,5617,5503],{"class":666},[11,5619,5620],{},"then, use it in Markdowns like this:",[652,5622,5625],{"className":5623,"code":5624,"language":247,"meta":235,"style":235},"language-md shiki shiki-themes github-dark","::alert\nThe content of the card\n::\n",[43,5626,5627,5632,5637],{"__ignoreMap":235},[660,5628,5629],{"class":662,"line":663},[660,5630,5631],{"class":666},"::alert\n",[660,5633,5634],{"class":662,"line":236},[660,5635,5636],{"class":666},"The content of the card\n",[660,5638,5639],{"class":662,"line":241},[660,5640,5641],{"class":666},"::\n",[11,5643,5644],{},"Output:",[5646,5647,5648],"alert",{},[11,5649,5650],{},"The content of the card",[11,5652,5653],{},"Cool!",[35,5655,5657],{"id":5656},"query-on-your-data","Query on your data",[11,5659,5660,5661,5664,5665],{},"Content module provides some Composables that can do various things for us. One of them is ",[43,5662,5663],{},"queryContent()",". ",[5286,5666],{},[11,5668,5669,5670,5673,5674,5676],{},"The ",[43,5671,5672],{},"queryContent"," composable provides methods for querying and fetching your contents. ",[5286,5675],{},"\nExample:",[652,5678,5680],{"className":5483,"code":5679,"language":5485,"meta":235,"style":235},"\u003Cscript setup>\nconst { data } = await useAsyncData('home', () => queryContent('/').findOne())\n\u003C/script>\n\n\u003Ctemplate>\n  \u003Cpre>\n    {{ data }}\n  \u003C/pre>\n\u003C/template>\n",[43,5681,5682,5694,5744,5752,5756,5764,5773,5778,5787],{"__ignoreMap":235},[660,5683,5684,5686,5689,5692],{"class":662,"line":663},[660,5685,5497],{"class":666},[660,5687,5688],{"class":670},"script",[660,5690,5691],{"class":1065}," setup",[660,5693,5503],{"class":666},[660,5695,5696,5699,5702,5705,5708,5710,5713,5716,5719,5722,5725,5728,5731,5733,5736,5738,5741],{"class":662,"line":236},[660,5697,5698],{"class":3050},"const",[660,5700,5701],{"class":666}," { ",[660,5703,5704],{"class":698},"data",[660,5706,5707],{"class":666}," } ",[660,5709,3051],{"class":3050},[660,5711,5712],{"class":3050}," await",[660,5714,5715],{"class":1065}," useAsyncData",[660,5717,5718],{"class":666},"(",[660,5720,5721],{"class":677},"'home'",[660,5723,5724],{"class":666},", () ",[660,5726,5727],{"class":3050},"=>",[660,5729,5730],{"class":1065}," queryContent",[660,5732,5718],{"class":666},[660,5734,5735],{"class":677},"'/'",[660,5737,3467],{"class":666},[660,5739,5740],{"class":1065},"findOne",[660,5742,5743],{"class":666},"())\n",[660,5745,5746,5748,5750],{"class":662,"line":241},[660,5747,5613],{"class":666},[660,5749,5688],{"class":670},[660,5751,5503],{"class":666},[660,5753,5754],{"class":662,"line":702},[660,5755,778],{"emptyLinePlaceholder":251},[660,5757,5758,5760,5762],{"class":662,"line":712},[660,5759,5497],{"class":666},[660,5761,5500],{"class":670},[660,5763,5503],{"class":666},[660,5765,5766,5769,5771],{"class":662,"line":723},[660,5767,5768],{"class":666},"  \u003C",[660,5770,652],{"class":670},[660,5772,5503],{"class":666},[660,5774,5775],{"class":662,"line":732},[660,5776,5777],{"class":666},"    {{ data }}\n",[660,5779,5780,5783,5785],{"class":662,"line":745},[660,5781,5782],{"class":666},"  \u003C/",[660,5784,652],{"class":670},[660,5786,5503],{"class":666},[660,5788,5789,5791,5793],{"class":662,"line":753},[660,5790,5613],{"class":666},[660,5792,5500],{"class":670},[660,5794,5503],{"class":666},[11,5796,5797,5798,5801,5802,5805],{},"Here we use queryContent Composable to fetch single document that exists in ",[43,5799,5800],{},"/"," ( slash '/' means ",[43,5803,5804],{},"/content"," folder in this context)",[35,5807,5809],{"id":5808},"render-markdowns-in-page","Render markdowns in page",[11,5811,5812,5813,5664,5816,5818,5819,5821,5822,5664,5824,5826],{},"Content module provides some Components that can do various things for us. One of them is ",[43,5814,5815],{},"\u003CContentRenderer>",[5286,5817],{},"\nThe ",[43,5820,5815],{}," component renders a document coming from a query with ",[43,5823,5663],{},[5286,5825],{},"\nWe pass the data to the component and it renders.\nLook at the example below:",[652,5828,5830],{"className":5483,"code":5829,"language":5485,"meta":235,"style":235},"\u003Cscript setup lang=\"ts\">\nconst { data } = await useAsyncData('page-data', () => queryContent('/hello').findOne())\n\u003C/script>\n\n\u003Ctemplate>\n  \u003Cmain>\n    Parse & render markdown  fetched\n    \u003CContentRenderer :value=\"data\"> \n      \u003Ctemplate #empty>\n        \u003Cp>No content found.\u003C/p>\n      \u003C/template>\n    \u003C/ContentRenderer>\n  \u003C/main>\n\u003C/template>\n",[43,5831,5832,5850,5888,5896,5900,5908,5917,5922,5939,5954,5967,5976,5984,5992],{"__ignoreMap":235},[660,5833,5834,5836,5838,5840,5843,5845,5848],{"class":662,"line":663},[660,5835,5497],{"class":666},[660,5837,5688],{"class":670},[660,5839,5691],{"class":1065},[660,5841,5842],{"class":1065}," lang",[660,5844,3051],{"class":666},[660,5846,5847],{"class":677},"\"ts\"",[660,5849,5503],{"class":666},[660,5851,5852,5854,5856,5858,5860,5862,5864,5866,5868,5871,5873,5875,5877,5879,5882,5884,5886],{"class":662,"line":236},[660,5853,5698],{"class":3050},[660,5855,5701],{"class":666},[660,5857,5704],{"class":698},[660,5859,5707],{"class":666},[660,5861,3051],{"class":3050},[660,5863,5712],{"class":3050},[660,5865,5715],{"class":1065},[660,5867,5718],{"class":666},[660,5869,5870],{"class":677},"'page-data'",[660,5872,5724],{"class":666},[660,5874,5727],{"class":3050},[660,5876,5730],{"class":1065},[660,5878,5718],{"class":666},[660,5880,5881],{"class":677},"'/hello'",[660,5883,3467],{"class":666},[660,5885,5740],{"class":1065},[660,5887,5743],{"class":666},[660,5889,5890,5892,5894],{"class":662,"line":241},[660,5891,5613],{"class":666},[660,5893,5688],{"class":670},[660,5895,5503],{"class":666},[660,5897,5898],{"class":662,"line":702},[660,5899,778],{"emptyLinePlaceholder":251},[660,5901,5902,5904,5906],{"class":662,"line":712},[660,5903,5497],{"class":666},[660,5905,5500],{"class":670},[660,5907,5503],{"class":666},[660,5909,5910,5912,5915],{"class":662,"line":723},[660,5911,5768],{"class":666},[660,5913,5914],{"class":670},"main",[660,5916,5503],{"class":666},[660,5918,5919],{"class":662,"line":732},[660,5920,5921],{"class":666},"    Parse & render markdown  fetched\n",[660,5923,5924,5926,5929,5932,5934,5937],{"class":662,"line":745},[660,5925,5508],{"class":666},[660,5927,5928],{"class":670},"ContentRenderer",[660,5930,5931],{"class":1065}," :value",[660,5933,3051],{"class":666},[660,5935,5936],{"class":677},"\"data\"",[660,5938,5585],{"class":666},[660,5940,5941,5944,5946,5949,5952],{"class":662,"line":753},[660,5942,5943],{"class":666},"      \u003C",[660,5945,5500],{"class":670},[660,5947,5948],{"class":666}," #",[660,5950,5951],{"class":1065},"empty",[660,5953,5503],{"class":666},[660,5955,5956,5958,5960,5963,5965],{"class":662,"line":764},[660,5957,5534],{"class":666},[660,5959,11],{"class":670},[660,5961,5962],{"class":666},">No content found.\u003C/",[660,5964,11],{"class":670},[660,5966,5503],{"class":666},[660,5968,5969,5972,5974],{"class":662,"line":775},[660,5970,5971],{"class":666},"      \u003C/",[660,5973,5500],{"class":670},[660,5975,5503],{"class":666},[660,5977,5978,5980,5982],{"class":662,"line":781},[660,5979,5604],{"class":666},[660,5981,5928],{"class":670},[660,5983,5503],{"class":666},[660,5985,5986,5988,5990],{"class":662,"line":793},[660,5987,5782],{"class":666},[660,5989,5914],{"class":670},[660,5991,5503],{"class":666},[660,5993,5994,5996,5998],{"class":662,"line":801},[660,5995,5613],{"class":666},[660,5997,5500],{"class":670},[660,5999,5503],{"class":666},[35,6001,6003],{"id":6002},"learn-more-about-nuxt-content","Learn more about Nuxt-Content",[11,6005,6006,6007,285],{},"If you intrested, i suggest to take a look at their ",[408,6008,6010],{"href":5411,"rel":6009},[412],"documentation",[2963,6012,6013],{},"html pre.shiki code .snl16, html code.shiki .snl16{--shiki-default:#F97583}html pre.shiki code .s95oV, html code.shiki .s95oV{--shiki-default:#E1E4E8}html pre.shiki code .sDLfK, html code.shiki .sDLfK{--shiki-default:#79B8FF}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html pre.shiki code .sAwPA, html code.shiki .sAwPA{--shiki-default:#6A737D}html pre.shiki code .s4JwU, html code.shiki .s4JwU{--shiki-default:#85E89D}html pre.shiki code .svObZ, html code.shiki .svObZ{--shiki-default:#B392F0}html pre.shiki code .sU2Wk, html code.shiki .sU2Wk{--shiki-default:#9ECBFF}",{"title":235,"searchDepth":236,"depth":236,"links":6015},[6016,6017,6018,6019,6020,6021],{"id":5377,"depth":236,"text":5378},{"id":5419,"depth":236,"text":5420},{"id":5470,"depth":236,"text":5471},{"id":5656,"depth":236,"text":5657},{"id":5808,"depth":236,"text":5809},{"id":6002,"depth":236,"text":6003},"2023-09-05T00:00:00.000Z","Seeing nuxt content features in action",{},"/nuxt-content-features",{"title":5357,"description":6023},"02.nuxt-content-features",[6029,6030],"nuxt-content","test3","K3e3CMDBujJYhznZR50xdJLBQWlY12drE-7ECHFxEsc",{"id":6033,"title":6034,"body":6035,"date":6057,"description":6058,"draft":246,"extension":247,"image":6059,"meta":6060,"navigation":251,"path":6061,"seo":6062,"stem":6063,"tags":6064,"__hash__":6066},"content_en/03.why-linux.md","Consider using new tools if you define yourself a computer enthusiast",{"type":8,"value":6036,"toc":6055},[6037,6040,6043,6046,6049,6052],[11,6038,6039],{},"If you truly love computers, don't let old habits hold you back.",[11,6041,6042],{},"For example: I grew up with Windows. It was familiar, convenient, and honestly, hard to leave. But over time, I realized that sticking with the same tools just because they were comfortable was limiting my understanding of the whole idea of computers.",[11,6044,6045],{},"Switching to Linux and getting familiar with things like Unix philosophy wasn’t easy at all. It took me about 3 month to feel comfortable in that and get some basic understanding to whole system. There were things I had to relearn, problems I had to solve, and moments of frustration. But i believe that, the process of struggle and learning will be rewarding at the end.",[11,6047,6048],{},"I Strongly believe If you want to understand computers better, you need to get comfortable to letting your old habits back.",[11,6050,6051],{},"try new tools. New operating systems, new shells, new editors, and different workflows. Each one offers a different perspective. You don't have to abandon what works for you forever—but step out of your bubble now and then.",[11,6053,6054],{},"in one sentence: If you're into tech, curiosity should always outweigh comfort.",{"title":235,"searchDepth":236,"depth":236,"links":6056},[],"2023-03-01T00:00:00.000Z","As a programmer, the choice of your tools can profoundly impact your workflow, productivity, and overall development experience...","/blog-images/linux.png",{},"/why-linux",{"title":6034,"description":6058},"03.why-linux",[6065],"computer","-C1jxLEVWjOok-197GD3qtJI6gzUKQuDScWWADIjHCA",{"id":6068,"title":6069,"body":6070,"date":6082,"description":6083,"draft":246,"extension":247,"image":302,"meta":6084,"navigation":251,"path":6085,"seo":6086,"stem":6087,"tags":6088,"__hash__":6091},"content_en/01.Hello-World.md","Hello World",{"type":8,"value":6071,"toc":6079},[6072,6076],[35,6073,6075],{"id":6074},"hello-world","Hello World!",[11,6077,6078],{},"First Blog Post",{"title":235,"searchDepth":236,"depth":236,"links":6080},[6081],{"id":6074,"depth":236,"text":6075},"2023-01-01T00:00:00.000Z","My first blog post!",{"alt":4064},"/hello-world",{"title":6069,"description":6083},"01.Hello-World",[6089,6090],"test","test2","thyzq0V_pO2MrNltFTrv-Ow8KQIZpbmG8-wqizqZRbc",1772192624434]