Tag: ubuntu

Wildcard SSL Certificate on Linode using Certbot
I recently migrated to Linode for my personal portfolio and project (proof of concept) websites. I am running Ubuntu Server 20.04 LTS on a 1GB Nanode. Most of my websites use WordPress and I use Nginx, MariaDB, PHP (LEMP) as my stack. I use a Multisite Network since it let’s me manage all my websites from a single dashboard.

Initially, I was using a single site, so I used Certbot to install a Let’s Encrypt SSL Certificate. If you plan to host only one site on your server then you should be good to go with a single Certbot command; however, if you’ve, or plan, to run more than one site on your server, the process is different. Let’s learn how we can install wildcard SSL certificates on Linode.

Generating a Token

To let Certbot manage your DNS Records, we first need to generate an API token or Personal Access Token (PAT). To generate an API token:
1. Log in to your Linode account
2. Click on your Profile & Account settings
3. Choose API Tokens
API Tokens – Profile & Accounts – Linode

Once you’re in, click on ‘Create a Personal Access Token’ option.

Create a new token that can read/write your Domain Records. Since you’ll most likely be using this token just for Certbot, you can disable all the other privileges.

Adding a Personal Access Token – Linode

Click on ‘Create Token’, copy the generated token and save it somewhere safe. The tokens cannot be viewed again, so if you lose it, you’ll have to regenerate it.

Now, create an .ini file to store your token. Your .ini file should look like this:
```
# Linode API Credentials .ini file
dns_linode_key = <YOUR_API_KEY>
dns_linode_version = 4
```
Installing Certbot

Certbot is a free, open source software tool for automatically using Let’s Encrypt certificates on manually-administrated websites to enable HTTPS. We’ll use certbot package and python3-certbot-dns-linode plugin.

Now, we can install the Certbot.
```
sudo apt install certbot python3-certbot-dns-linode
```
Generating Certificate

We’ll not use Certbot’s automatic Nginx configuration, we’ll use Certbot to generate a certificate and then manually edit our Nginx files.

To generate a certificate:
```
certbot certonly --dns-linode --dns-linode-propagation-seconds <TIME_IN_SEC> -d <YOUR_DOMAIN> -d "*.<YOUR_DOMAIN>"
```
For my website, the command will look like this:
```
certbot certonly --dns-linode --dns-linode-propagation-seconds 180 -d danishshakeel.me -d "*.danishshakeel.me"
```
We are using ‘*’ to let Certbot know that all the subdomains, such as blog.danishshakeel.me, hire.danishshakeel.me, or www.danishshakeel.me should be able to use the certificate. –dns-linode-propagation-seconds is the time (in seconds) for which we wait for the changes to propagate to the server before asking the ACME servers to verify.

Certbot will ask you to input the path of the .ini file which we created.
```
Input the path to your Linode credentials INI file (Enter 'c' to cancel): <PATH_TO_INI_FILE>
Waiting 180 seconds for DNS changes to propagate
Waiting for verification...
Cleaning up challenges
```
Congratulations, we have successfully generated our certificate and chain. Note down the path to the fullchain.pem and privkey.pem.

Configuring Nginx

Now, we can configure Nginx to use our certificate.

options-ssl-nginx.conf

Before we can edit our Nginx configurations, we need to ensure that options-ssl-nginx.conf exists in /etc/letsencrypt directory. In case it does not, we can simply create one and copy-paste this content into it.
```
# This file contains important security parameters. If you modify this file
# manually, Certbot will be unable to automatically provide future security
# updates. Instead, Certbot will print and log an error message with a path to
# the up-to-date file that you will need to refer to when manually updating
# this file.

ssl_session_cache shared:le_nginx_SSL:10m;
ssl_session_timeout 1440m;
ssl_session_tickets off;

ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;

ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
```
Configuring Nginx Server

Now, let’s cd into our Nginx sites-available directory
```
cd /etc/nginx/sites-available
```
Now, we need to open our configuration file. I am using the default server block as my configuration.
```
sudo vi /etc/nginx/sites-available/default
```
Inside the server block, we need to add a few lines:
```
server {
...

listen [::]:443 ssl ipv6only=on;
listen 443 ssl;
ssl_certificate <FULLCHAIN_PEM_PATH>;
ssl_certificate_key <PRIVKEY_PEM_PATH>;
include /etc/letsencrypt/options-ssl-nginx.conf;
}
```
Voila! You have successfully configured Let’s Encrypt Wildcard SSL Certificate on Nginx using Certbot.

Footnotes:

The process is similar for other providers, provided the provider is supported by Certbot. Here is the list of supported providers.
September 19, 2021

Configure Logitech MX Master 3 on Linux (LogiOps)

I was a Windows user until very recently, when I decided to switch to some Linux distribution as my daily driver. I chose Zorin OS 16 Pro, primarily because – (1) it is based on Ubuntu, which I have been using on my Raspberry Pi 4 for a while (2) it comes with pre-installed apps (which saved me a couple of hours). The only reason I reluctant to switch because Linux does not support Adobe CC out of the box and it does not support Logitech Options.

MX Master 3 is one of my prized possessions, it is very close to my heart. It is one of the finest mice that I’ve ever had, and it feels really nice. Although I do not use all the MX Master 3 buttons and gestures, I still wanted to be able to configure SmartShift and DPI. Fortunately, LogiOps functions more or less like Logitech Options, albeit all on command line.

Installing LogiOps

Fire your terminal (of course) install dependencies

sudo apt install cmake libevdev-dev libudev-dev libconfig++-dev

After this, you need to clone the LogiOps GitHub repo

git clone https://github.com/PixlOne/logiops.git

Next, you need to build the source. You can refer to this link for that.

Once you’re done with building the project, to install, run

sudo make install

Enable and start the daemon by running the following command

sudo systemctl enable --now logid

You should be able to run logid by running

sudo logid

The output should look something like this:

[WARN] Error adding device /dev/hidraw2: std::exception
[INFO] Detected receiver at /dev/hidraw1
[WARN] Error adding device /dev/hidraw5: std::exception
[INFO] Detected receiver at /dev/hidraw4
[WARN] Error adding device /dev/hidraw4: No DJ reports
[INFO] Device found: Wireless Mouse MX Master 3 on /dev/hidraw1:1

Configuring

The configuration file resides in – /etc/logid.cfg. If it does not exist, you can simply create it by touch logid.cfg.

Open the logid.cfg and paste the contents from this GitHub Gist.

// Logiops (Linux driver) configuration for Logitech MX Master 3.
// Includes gestures, smartshift, DPI.
// Tested on logid v0.2.3 - GNOME 3.38.4 on Zorin OS 16 Pro
// What's working:
//   1. Window snapping using Gesture button (Thumb)
//   2. Forward Back Buttons
//   3. Top button (Ratchet-Free wheel)
// What's not working:
//   1. Thumb scroll (H-scroll)
//   2. Scroll button

// File location: /etc/logid.cfg

devices: ({
  name: "Wireless Mouse MX Master 3";

  smartshift: {
    on: true;
    threshold: 15;
  };

  hiresscroll: {
    hires: true;
    invert: false;
    target: false;
  };

  dpi: 1500; // max=4000

  buttons: (
    // Forward button
    {
      cid: 0x56;
      action = {
        type: "Gestures";
        gestures: (
          {
            direction: "None";
            mode: "OnRelease";
            action = {
              type: "Keypress";
              keys: [ "KEY_FORWARD" ];
            }
          },

          {
            direction: "Up";
            mode: "OnRelease";
            action = {
              type: "Keypress";
              keys: [ "KEY_PLAYPAUSE" ];
            }
          },

          {
            direction: "Down";
            mode: "OnRelease";
            action = {
              type: "Keypress";
              keys: [ "KEY_LEFTMETA" ];
            }
          },

          {
            direction: "Right";
            mode: "OnRelease";
            action = {
              type: "Keypress";
              keys: [ "KEY_NEXTSONG" ];
            }
          },

          {
            direction: "Left";
            mode: "OnRelease";
            action = {
              type: "Keypress";
              keys: [ "KEY_PREVIOUSSONG" ];
            }
          }
        );
      };
    },

    // Back button
    {
      cid: 0x53;
      action = {
        type: "Gestures";
        gestures: (
          {
            direction: "None";
            mode: "OnRelease";
            action = {
              type: "Keypress";
              keys: [ "KEY_BACK" ];
            }
          }
        );
      };
    },

    // Gesture button (hold and move)
    {
      cid: 0xc3;
      action = {
        type: "Gestures";
        gestures: (
          {
            direction: "None";
            mode: "OnRelease";
            action = {
              type: "Keypress";
              keys: [ "KEY_LEFTMETA" ]; // open activities overview
            }
          },

          {
            direction: "Right";
            mode: "OnRelease";
            action = {
              type: "Keypress";
              keys: [ "KEY_LEFTMETA", "KEY_RIGHT" ]; // snap window to right
            }
          },

          {
            direction: "Left";
            mode: "OnRelease";
            action = {
              type: "Keypress";
              keys: [ "KEY_LEFTMETA", "KEY_LEFT" ];
            }
		  },

		  {
            direction: "Up";
            mode: "onRelease";
            action = {
              type: "Keypress";
              keys: [ "KEY_LEFTMETA", "KEY_UP" ]; // maximize window
            }
		  },
		  
		  {
            direction: "Down";
            mode: "OnRelease";
            action = {
              type: "Keypress";
              keys: [ "KEY_LEFTMETA", "KEY_DOWN" ]; // minimize window
            }
          }
        );
      };
    },
	
    // Top button
    {
      cid: 0xc4;
      action = {
        type: "Gestures";
        gestures: (
          {
            direction: "None";
            mode: "OnRelease";
            action = {
              type: "ToggleSmartShift";
            }
          },

          {
            direction: "Up";
            mode: "OnRelease";
            action = {
              type: "ChangeDPI";
              inc: 1000,
            }
          },

          {
            direction: "Down";
            mode: "OnRelease";
            action = {
              type: "ChangeDPI";
              inc: -1000,
            }
          }
        );
      };
    }
  );
});

This configuration will set the DPI to 1500 and SmartShift sensitivity to 15.

Key Bindings and Actions

Button	Action	Performs
Mode Shift Button	Press	Switch between Ratchet and Free Scroll mode
Mode Shift Button	Hold + Swipe Up	Increase the DPI by `1000`
Mode Shift Button	Hold + Swipe Down	Decrease the DPI by `1000`
Gesture Button	Press	Activities Overview
Gesture Button	Hold + Swipe Right	Snap the window to right
Gesture Button	Hold + Swipe Left	Snap the window to left
Gesture Button	Hold + Swipe Down	Minimize the window
Gesture Button	Hold + Swipe Up	Maximize the window
Back Button	Press	Go Back
Forward Button	Press	Go Forward
Forward Button	Hold + Swipe Up	Play/Pause Media
Forward Button	Hold + Swipe Down	Super/Windows Key
Forward Button	Hold + Swipe Right	Next Song
Forward Button	Hold + Swipe Left	Previous Song

Configurations

For more information on configuration, you may refer to this wiki. To learn more about the Linux Event Codes, like KEY_LEFTMETA, check out this link.

Conclusion

There are two things that won’t work with this logid.cfg:

The thumb scroll wheel (useful for switching between tabs)
Scroll press (I personally use it to emulate Ctrl + B in VS Code)

It would be nice to have Logitech Options on Linux since the product information shows that it is ‘compatible’ with Linux, Windows, and Mac. Logitech Options lets you choose app-specific settings which is something that I miss very much, but while developers at Logitech work on Logitech Options for Linux (hoping that they are) LogiOps is the best tool we have to configure most of its functionality.

Issue ‘Forward/Back Button Not Working in VSCode’:

If your Logiop configuration is not working in VSCode, please follow these steps:

Open your logid.cfg file (it will be located at /etc/logid.cfg if you have followed my tutorial).
Navigate to the desired section (forward button and back button have cid: 0x56; and cid: 0x53; respectively).
Change the ‘type’ from Gesture to Keypress.
Bind desired keys to it (for event codes, look here).
Open VSCode and go to Keyboard Shortcuts (Ctrl + K Ctrl + S).
Bind your favourite action to the keys.

For example, if I want to bind Toggle Tabs to Back Button, I will change:

gestures: (
{
direction: "None";
mode: "OnRelease";
action = {
type: "Keypress";
keys: [ "KEY_BACK" ];
}
}
);
};

action = {
type: "Keypress";
keys: [ "KEY_LEFTCTRL", "KEY_PAGEDOWN" ];
};

Thanks to Eduardo for pointing it out.

You can achieve the same using VSCode Key Bindings, as suggested by Vladimir:

Using the VSCode Settings (UI), find the “Go Back” action in the ‘Shortcuts’ settings
Click on “Add Keybinding”
Click the ‘back’ button on the mouse
Repeat the steps for the ‘forward’ button

Snap minimize or maximize window below cursor:

The default snap behaviour controls only the active window, i.e., the window which is selected (clicked upon). This may not be ideal since one has to activate the window before operating on it. Thanks to pLum0 ([email protected]), we can make a script using xdotool to fix this.

Check here: https://askubuntu.com/questions/1400834/how-to-snap-minimize-maximize-window-below-cursor

Fix horizontal scrolling

In case you are facing issues with horizontal scroll (thumb scroll), you may try this fix by Joren Miner ([email protected]). Place the snippet below on the same level as “smartshift” or “hiresscroll”:

thumbwheel: {
    divert: false;
    invert: false;
};

September 13, 2021

Tag: ubuntu

Wildcard SSL Certificate on Linode using Certbot

Generating a Token

Installing Certbot

Generating Certificate

Configuring Nginx

options-ssl-nginx.conf

Configuring Nginx Server

Footnotes: