Felipe's Blog

Your go-to source for Linux/Unix-like – tech – engineering.

Archive for the ‘Linux’ tag

Configure openvpn for protonvpn or any other vpn service on Arch Linux using the Terminal

without comments

Very simple, first need to install openvpn, right

sudo pacman -S openvpn

Now we need to install using yay, two packages that are necessary to configure the whole thing, once we try to connect to a vpn:

One is this,

https://aur.archlinux.org/packages/openvpn-update-resolv-conf-git

yay -S openvpn-update-resolv-conf-git

Why? because otherwise we will get this:

Options error: –up script fails with ‘/etc/openvpn/update-resolv-conf’: No such file or directory (errno=2)
Options error: Please correct this error.
Use –help for more information.

so we need to install the openresolv package.

Then we need to modify or add actually, this lines at the bottom of the file to update the custom script:

sudo nano /etc/openvpn/update-resolv-conf

And we add:

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf


Now we have to consider this:
The update-systemd-resolved custom script
Note: Since systemd 229, systemd-networkd has exposed an API through DBus allowing management of DNS configuration on a per-link basis. Tools such as openresolv may not work reliably when /etc/resolv.conf is managed by systemd-resolved, and will not work at all if using resolve instead of dns in /etc/nsswitch.conf.
The update-systemd-resolved script links OpenVPN with systemd-resolved via DBus to update the DNS records.

Copy the script into /etc/openvpn/scripts and mark as executable (or install openvpn-update-systemd-resolvedAUR) and append the following lines into the OpenVPN client configuration file:

/etc/openvpn/client/client.conf
client
remote example.com 1194 udp

script-security 2
setenv PATH /usr/bin
up /etc/openvpn/scripts/update-systemd-resolved
down /etc/openvpn/scripts/update-systemd-resolved
down-pre
In order to send all DNS traffic through the VPN tunnel and prevent DNS leaks, also add the following line (see [7]):

/etc/openvpn/client/client.conf
dhcp-option DOMAIN-ROUTE .

So, according this documentation that is possible to find on the official website of Arch, we install :

https://aur.archlinux.org/packages/openvpn-update-systemd-resolved

yay -S penvpn-update-systemd-resolved

Now we can connect to prontonvpn using the console:

[felipe@SDFCSC protonvpn]$ sudo openvpn –config us-free-20.protonvpn.net.tcp.ovpn
2023-07-24 22:51:27 DEPRECATED OPTION: –cipher set to ‘AES-256-CBC’ but missing in –data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores –cipher for cipher negotiations.
2023-07-24 22:51:27 Note: Kernel support for ovpn-dco missing, disabling data channel offload.
2023-07-24 22:51:27 OpenVPN 2.6.5 [git:makepkg/cbc9e0ce412e7b42+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO] built on Jun 13 2023
2023-07-24 22:51:27 library versions: OpenSSL 3.1.1 30 May 2023, LZO 2.10
2023-07-24 22:51:27 DCO version: N/A
Enter Auth Username: *************************
Enter Auth Password: *********************

NOTE: For protonvpn proper usage we need the openvpn-IKEv2 password and username, you can get it in the dashboard of the protonvpn site.

For any other connection, use the common user and password to enter a vpn server.

[felipe@SDFCSC protonvpn]$ sudo openvpn --config us-free-20.server.net.tcp.ovpn


Written by Felipe

July 25th, 2023 at 12:09 am

Posted in Arch,Linux

Tagged with , , ,

Streamline Package Distribution with AUR and Brew: Leveraging the Power of GitHub

without comments

It’s crucial to have a repository on GitHub for seamless development and collaboration. In the case of Arch Linux’s AUR, creating an account on aur.archlinux.org is essential. Additionally, generating and configuring an SSH key pair linked to the AUR account is crucial. Here’s how you can set it up:

Create the ~/.ssh/config file with the following content:

Host aur.archlinux.org
IdentityFile ~/.ssh/aur
User aur

Generate the SSH keys:

ssh-keygen -f ~/.ssh/aur

ssh-keygen -b 4096 (RSA)

This command will create a public key in the specified folder.

Next, let's create the AUR repository (which is separate from the GitHub repository for our project):
git -c init.defaultbranch=master clone ssh://aur@aur.archlinux.org/pkgbase.git

You may receive a warning about cloning an empty repository, but don’t worry. Now, you can place the binaries, tarball, or any files related to the installation of the project inside this folder.

To proceed, add a remote label to your repository (Inside of it):

git remote add label ssh://aur@aur.archlinux.org/pkgbase.git

Replace pkgbase with the name of the package you wish to publish on AUR.

Finally, follow these steps to complete the AUR package creation:

$ makepkg --printsrcinfo > .SRCINFO
$ git add PKGBUILD .SRCINFO
$ git commit -m "Updates"
$ git push origin master

Example of a PKGBUILD:

# Maintainer: Tu nombre <usuario@mail.ch>
pkgname=nombre-del-proyecto
pkgver=v.1.0.2
pkgrel=1
pkgdesc="DescripciĆ³n de la aplicaciĆ³n o software"
arch=('x86_64')
url="https://github.com/usuario/proyecto"
license=('MIT')
depends=('gcc' 'vim' 'nano')

source=("https://github.com/usuario/repo-proyecto/archive/refs/tags/$pkgver.tar.gz")

build() {
  cd "$srcdir/proyecto-$pkgver"
  #make
  ./setup
}

package() {
  cd "$srcdir/proyecto-$pkgver"
  install -Dm755 term_notes "$pkgdir/usr/bin/proyecto"
}

sha256sums=('e1ae65286b64c3466d5749524c79df1063ec9db35b265f0359d24cc76397d88c')

Make sure to review the PKGBUILD file, ensuring it matches the provided template and contains the correct sha256sums. You can generate the sha256sums by running sha256sum -b * > SHA256SUMS. Open the resulting SHA256SUMS file with a text editor to verify the sha256sums for the tarball versions in the GitHub repository.

In Mac OS is:

shasum -a 256 src/file-project.c

Moving on to Brew:

Inside the root folder of your GitHub project, create a folder called Formula. Within this folder, create a file named project.rb, where project represents the name of your project in Brew.

Here’s an example of a formula in Ruby:

class TermNotes < Formula
  desc "Description of the application"
  homepage "https://github.com/user/repoproject"
  url "https://github.com/user/repoproject/archive/refs/tags/v.1.0.2.tar.gz"
  sha256 "e1ae65286b64c3466d5346346345634634634563464536d24cc76397d88c"
  license "MIT"

  depends_on "gcc"
  depends_on "vim"
  depends_on "nano"

  def install
    if OS.mac?
      bin.install "named-project" => "renamed-project"
    else
      bin.install "project"
    end
  end

  def caveats
    <<~EOS
      'Term Notes' has been installed!

      On macOS, you can run the program using 'term-notes'.

      On Linux, you may need to create a symbolic link to make it accessible globally.
      Run the following command:

        sudo ln -s #{opt_bin}/project-name /usr/local/bin/renamed-project

      Enjoy taking notes with 'Term Notes'!
    EOS
  end

  test do
    # Add your test logic here
  end
end

To utilize the tap functionality, ensure you have Homebrew installed on your Mac or Linux system. Visit brew.sh for installation instructions. Once installed, use tap as follows:

brew tap <username>/<repository> <full-github-url-repoproject>

To install the project using brew, run:

brew install name-project

Replace name-project with the same name used for the file inside the Formula folder in your GitHub project’s root directory.

Once your tap is installed, Homebrew will automatically update it whenever a user runs brew update. Outdated formulas will be upgraded when a user runs brew upgrade along with core formulas.

Remember to update the AUR repository by replacing the sha256sum and adjusting the tag’s version to reflect the changes in the GitHub repository inside the .rb formula file in the Formula folder.

For more information about maintaining a tap, refer to the official Homebrew documentation. To learn about the AUR submission guidelines and sha256sums, visit the Arch Linux wiki and this Super User post.

Written by Felipe

July 14th, 2023 at 8:24 pm

Apply a system update on Arch Linux

without comments

To initiate an update of all installed packages, open any terminal application and pass the following command:

sudo pacman -Syu

You will be prompted for your password before the command can continue. This command checks for updates. If there are any, it will list the packages, along with their new version numbers.

log in to “sudo pacman -Syu” in a terminal

You will then be asked to confirm that you want to apply a full update. Boy y and press Enter to confirm, or use n cancel.

Type y and press Enter to confirm the update

If you have packages that you suspect are corrupted, you can force the database download with the update to fix these issues. Even if no updates are available, pacman will check the integrity of currently installed packages. Add a second y to the string to make it happen.

sudo pacman -Syyu

How to update a specific package in Arch

If you want to update only a package use the same command as you have to install it, replacing package_name with your choice.

sudo pacman -S package_nam

Warning: It is not recommended to upgrade to specific packages often ignoring other available updates.
Due to Arch’s current release process, shortcut updates may cause issues.

If you are unsure of a package name, you can search for installed packages with the -Qs flag.

pacman -Qs string

Be sure to replace the string with your term
This will search for both names and package names, so you should easily find what you’re looking for.

Written by Felipe

April 25th, 2023 at 10:47 pm

Posted in Arch,Linux

Tagged with , , , ,