Migrate to hugo blog

.gitignore

@@ -1,2 +1,4 @@
 *.pyc
 output/
+public/
+resources/

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "themes/fuji"]
+	path = themes/fuji
+	url = https://github.com/amzrk2/hugo-theme-fuji

config.toml

@@ -0,0 +1,47 @@
+baseURL = "https://hya.sk/b/"
+title = "Skia"
+
+theme = "fuji"
+enableRobotsTXT = true
+paginate = 10
+
+[outputs]
+  home = ["HTML", "RSS"]
+
+[params]
+  author = "Skia"
+  subTitle = "Unmaintained space"
+
+  # Word counter and read time indicator in post metadata
+  showWordCounter = true
+  showReadTime = false
+
+  # License at the end of each post
+  showLicense = true
+  showToc = false
+
+  # Open Graph & Twitter Card variables
+  # You can also set description and images in post front matter individually
+  description = "A minimal Hugo theme with nice theme color."
+  images = ["img/og.png"] # This will use the image called og.png in static/img folder
+
+  # Posts shown in homepage
+  mainSections = ["posts"]
+
+  # License
+  license = "CC BY-SA 4.0"
+  licenseLink = "http://creativecommons.org/licenses/by-sa/4.0/"
+
+  # custom lazyload placeholder
+  # 16:9
+  lazyPlaceholder = "/assets/lazyload/dsrca_loading_480x270.svg"
+  # 32:9
+  lazyPlaceholderRow = "/assets/lazyload/dsrca_loading_960x270.svg"
+  # 8:9
+  lazyPlaceholderCol = "/assets/lazyload/dsrca_loading_480x540.svg"
+
+  # Let images display in full brightness under dark mode
+  disableDarkImage = true
+
+[taxonomies]
+  tag = "tags"

content/posts/24h-at-airport/index.md

@@ -0,0 +1,23 @@
+---
+title: 24h in the airport
+date: 2015-04-27
+tags: ["trip", "adventure"]
+lang: en
+summary: How I slothed 24h in an airport
+---
+
+Being in holidays for two days, I had last month bought my tickets to go to
+Nothern Ireland with a friend. We arrived at the airport at least half an hour
+before the time that was written in the email we received, but when asking for
+the boarding pass, we were refused because it was apparently too late... I never
+really travelled by plane in a big airport, so I didn't know that we should have
+arrived at least one hour earlier to get the flight.
+
+We managed to change the ticket for the following day (today!) but we had to
+wait for the 24h in the airport, without anything but my small travelling bag
+and my laptop...
+
+This resulted in some [useless things](https://libskia.so/pub/darkvador.sh), but
+also some more useful [r2 commits](http://rada.re). This was anyway really
+tiresome, noisy, and boring to death, and I wish it won't happen again (for the
+comeback trip, for example :D)

content/posts/clearing/index.md

@@ -0,0 +1,32 @@
+---
+title: "Clearing my mind about my task"
+date: 2014-07-10
+tags: ["radare2", "rsoc"]
+lang: en
+summary: Getting a better view on what I'm supposed to do...
+---
+
+# Clearing my mind about my task
+
+After receiving XVilka's mail, asking for our status about the RSoC, I was asked
+to join the `#radare-rsoc` channel, a very smaller chan much more adapted to the
+student of the RSoC. If I say that, it's because despite everybody says "feel
+free to..." on the main chan, I really felt outnumbered by so many people
+talking about such advanced things, and honestly, I didn't dare to ask even a
+small question... Stupid life.... :)
+
+Anyway, after joining the RSoC chan, I explained what I had already done, and I
+was answered that many things were already done! In fact, the biggest part was
+mainly done, and for now, the priority was to write tests for the `pf` command,
+the one that make use of a kind of template (my task)...
+
+I quickly went to the test directory, forked the
+[radare2-regressions](https://github.com/radare/radare2-regressions) repo on my
+Github, and began to learn how `pf` worked, in order to test it in the test
+suite. Two hours or three later, my commits were merged, and I even discovered
+my first bug in r2, as pancake said when I wondered about the result of a
+command...
+
+Next step now is to fix the bugs in `pf`, then to improve it to support nested
+types, and then, we'll see...
+

content/posts/first-step-rsoc/index.md

@@ -0,0 +1,38 @@
+---
+title: "First step in the RSoC"
+date: 2014-06-26
+tags: ["radare2", "rsoc"]
+lang: en
+summary: First small work for Radare2
+---
+
+# First step in the RSoC
+
+A [friend](https://dustri.org/b/) of mine motivated me for doing the
+[Radare Summer of Code](http://rada.re/rsoc/) a few month ago. I took a
+look, and found it very interesting, so I applied, asking to do the
+Struct Templates job. I was accepted, and I began to take some interest
+to the project. I did a very few commit here and there, trying to
+understand how the project worked, how it was organized, and also
+learning how to use the different tools, like GitHub that I had never
+really known before.
+
+The start was given last week, but having a
+[project](https://git.libskia.so/skia/snp_compiler) to finish for the
+school, I had no time to take it... Now that the project is done, I'll
+have more time to spend on r2, and it's what I've done tonight: I
+looked precisely at some file, trying to understand how the thing was
+done, and beginning to think what I'll have to do to complete the task.
+
+I really feel happy that the school project was a compiler and not some
+other shit, because reading a C parser is now far easier than it would
+have been otherwise! As we could say in Molière's tongue: *C'est en
+forgeant que l'on devient forgeron* (*Smithing makes the smith*, or
+more likely *Practice makes perfect*) and as we all know, that's really
+true for programming!
+
+Concerning that blog, I'll try to post for every step I'll complete,
+in order to keep something about my first commitment in a free project!
+And if you want to contribute to r2, you can find a list of idea
+[there](https://pad.nopcode.org/p/r.kbQMywcnKtU6z6wn) and join us on
+`freenode#radare`!

content/posts/gogs/index.md

@@ -0,0 +1,19 @@
+---
+title: Discovering Gogs
+date: 2015-06-11
+tags: ["git", "gogs", "sysadmin"]
+lang: en
+summary: Just another Git web frontend
+---
+
+I just discovered [Gogs](http://gogs.io/), a light Git web fronted written in
+Go. After reading a bit on its website, I decided to try a bit, just for fun. It
+was *really* easy to install it with NginX as reverse proxy, everything is Gogs'
+documentation, and it was ready in less than 10 minutes. Wonderful!
+
+It's still in beta, but already very functional, providing most of the classic
+features such as issues, milestones, ssh keys, *README.md* parser, etc...
+
+Finally, I just dropped my old Gitweb[^1], and I welcome you to my new [Gogs](https://git.libskia.so/skia)! :)
+
+[^1]: even if you can still reach it though [*http*](http://git.libskia.so)

content/posts/grehack/index.md

@@ -0,0 +1,25 @@
+---
+title: First workshop at the Grehack
+date: 2016-11-20
+tags: ["radare2", "workshop"]
+lang: en
+summary: I gave my first workshop
+---
+
+Last Friday, I was in Grenoble, at the Grehack, to give my very first workshop!
+[Dustri](https://dustri.org/b/radare2-at-the-grehack-2016.html) asked me a few weeks ago if I could come with him, since
+this was about [radare2](http://rada.re/), the very famous reverse engineering framework that I had worked for in RSoC
+2014.
+
+This was a very fun experience, with everyone being pretty happy learning the mysteries of r2. I even helped a bit
+a guy using r2 during the CTF that followed, this was really encouraging.    
+Of course, you can grad the slides and the material here: [link](https://libskia.so/pub/grehack_2016.tar.xz). Feel free
+to contact me if you have problems trying to (re)do the workshop at home.
+
+During the day, there were also some various talks, more or less interesting. That was also the occasion to talk a
+bit with cool guys from [Tetrane](http://www.tetrane.com/) about their awesome tool Reven (almost as awesome as
+r2! :D).
+
+The organisation was great, but there were some small hiccups that made the Grehack a bit messy. Anyway, the staff was
+really kind, and I'd still be happy to come back another year.
+

content/posts/loosezip/index.md

@@ -0,0 +1,25 @@
+---
+title: Using WinZip
+date: 2015-04-10
+tags: ["winzip", "windows"]
+lang: en
+summary: Trying to use Winzip
+---
+
+This morning, I decided to begin my AI course project, so I went to my
+[professor's library's website](http://www.ipseity-project.com/) to download it
+and see how it worked.
+
+So I had now two zip files, that I tried to unzip without success. *Unzip* says
+`End-of-central-directory signature not found.`, and *7z* says `Unsupported
+Method` for every non directory file... Weird...
+
+Okay, no problem, the binaries are only for W$, so the zip must have been done
+with WinZip, or some other strange archieving tool. I was at school, so I had a
+few time to try using Wine and WinZip on my X31. Great idea!
+
+Wine went without problem, but I gave up when I faced the following error:
+
+![screenshot](images/loozip.png)
+
+I really thank you, WinZip, for giving me so much fun this morning! :)

content/posts/mailoo/index.md

@@ -0,0 +1,22 @@
+---
+title: Quitting mailoo
+date: 2016-05-20
+tags: ["mail", "privacy"]
+lang: en
+summary: Why I'm leaving Mailoo
+---
+
+I've been using [Mailoo](http://mailoo.org) for a few years now, and I was pretty happy with it. But recently, as I
+changed my password, I was upset, as every time, when I again received the confirmation e-mail saying something like:
+_"Great, you changed your password, your new password is **blahblahblah4000**!"_.  
+That made me sad, but I passed over, as always, still saying to myself that I really should change my e-mail provider.
+
+And what a surprise! The next morning, I began to receive a lot of messages from friends (contacts) saying _"yeah? what
+do you need?"_ and other strange answers to a message I didn't send. I quickly changed my password again, and no mail
+have been oddly resend since, but the evil was done...
+
+Today, two days later, I've already made a new address with my friend [Piké](https://smagnin.org) on our dedicated
+server, self hosting one more service, and replacing the aliases I had at [Gandi](https://www.gandi.net).
+
+You can now write me at skia [at] libskia (dot) so, and soon, the old addresses at mailoo.org won't work anymore (I'm
+still waiting a bit before deleting everything, since I use theses e-mail every day).

content/posts/new-blog/index.md

@@ -0,0 +1,17 @@
+---
+title: A very new blog
+date: 2014-06-20
+lang: en
+tags: ["blog", "first step"]
+summary: Short presentation
+---
+
+Hi there!
+
+I'm proud to announce to the world that I'm at least opening a blog.
+The purpose isn't to tell you everything about my super life, but to
+provide information about interesting (or not) stuff I've done...
+
+Feel free to contact me if you think you have to!
+
+-- Skia --

content/posts/new-motherboard/index.md

@@ -0,0 +1,38 @@
+---
+title: A new motherboard for my X60
+date: 2015-04-21
+tags: ["x60", "coreboot", "libreboot", "hardware", "thinkpad", "laptop"]
+lang: en
+summary: Putting in place my new Thinkpad X60 motherboard
+---
+
+A few weeks ago, I was playing putting water on my thinkpad, because it can
+normally handle it, and mostly because a friend of mine didn't believed it. The
+water went as usual through the laptop, but this time, I think I put a little
+too much, and I broke the battery loading circuits.
+
+The result was a perfectly working motherboard, but the battery was not able to
+charge. That was a little embarrassing, and I decided to completely take the
+laptop apart to see 1) if I could see something strange around the battery, and
+2) how the laptop was built exactly.
+
+1) showed nothing, but even better, it bricked the board... Watching
+[libreboot](http://libreboot.org)'s output did not really helped, because I'm
+not a coreboot dev, and because it worked until a moment where it just stopped,
+without error... Hard to debug...
+
+Still, I really needed that laptop, because during that period, I had dug my old
+X31 up, but this one was a bit too slow, so I bought on Ebay a second-hand
+motherboard for only 9€!
+
+Putting it into the X60 went pretty good (I love how the thinkpad is done,
+btw!), but I faced a strange matter: the Lenovo bios couldn't boot with my
+Atheros Wifi card. Anyway, this was only one more good reason the flash
+libreboot, because it worked very good on the old motherboard, and I wanted to
+do it myself at least once (first time, I bought the laptop from
+[Gluglug](http://shop.gluglug.org.uk/) and it came preflashed).
+
+This went very well thanks to libreboot's
+[tutorial](http://libreboot.org/docs/install/index.html#flashrom_lenovobios) and
+I was now able to use my laptop with a very new and state-of-the-art software
+for an even better hardware!

content/posts/outlive-captainsonar/index.md

@@ -0,0 +1,50 @@
+---
+title: "Boardgame review: Outlive & Captain Sonar"
+date: 2019-01-03
+tags: ["games", "boardgames"]
+lang: en
+summary: We tested Captain Sonar and Outlive, and they rock!
+---
+
+
+A long time a go, in a blog not so far away, someone stopped writing, for no
+real reason. Many happy new years later, that guy tested two wonderful
+boardgames, and started writing again.
+
+
+# Outlive
+
+Let's start by the most common of the two:
+[Outlive](https://www.philibertnet.com/fr/la-boite-de-jeu/50119-outlive-3770004610105.html).
+
+In this survival game, you compete with other players to collect the too few
+resources available and optimize your shelter, so that you get better bonuses
+and make more "survival point" to win the game.
+
+One of the fun part regarding other games is that you can directly interact with
+other by putting "pressure" on their characters so that you steal them
+resources, which can make a great difference in their, and your ability to
+realize one or the other action.
+
+All in one, it's quite a challenging game for those who want to calculate the
+many possibilities at each turn, since there are always multiple ways to win.
+
+
+# Captain Sonar
+
+The second game is in a far less common style. [Captain
+Sonar](https://www.philibertnet.com/fr/matagot/43073-captain-sonar-3760146643017.html)
+is here to immerse yourself in a submarine crew member, dividing the players in
+two teams competing on the same map to destroy the other, a bit like a classical
+naval battle.
+
+But the really awesome part is that this game is made to be played in real-time,
+meaning that a team can just navigate faster than the other by simply being more
+efficient in coordinating itself. Though, speed will not help when it comes to
+launch a torpedo on the other submarine, and a great part of the work is first
+to spot the enemy ship without giving too much informations about your own
+position.
+
+Really fast to learn, but very difficult to master, this game is perfect to play
+with 6 to 8 players, and is seriously awesome for a week-end with friends, even
+if some of them are not particularly fond of boardgames.

content/posts/pocketbook/index.md

@@ -0,0 +1,31 @@
+---
+title: Reviewing the Touch Lux 3, by Pocketbook
+date: 2016-05-22
+tags: ["ebooks","reader"]
+lang: en
+summary: I just got an ebook reader, and wanted to share my point of view about it.
+---
+
+For my birthday, my parents offered me an ebook reader, the [*Touch Lux 3*, by
+**Pocketbook**](http://www.pocketbook-int.com/fr/products/pocketbook-touch-lux-3).
+I already knew a bit about it, since it's not the first one I see around me, and
+I was again happy seeing a printed version of the GPL in the box.  
+Indeed, it is a really nice product, both in quality and in *open-mindness*. It
+runs a Linux based OS, can read a lot of file formats with or without DRM, and
+has a lot of nice applications, from the *Web browser* to the *Chess game*.
+
+E-pubs and PDFs are great, but I have in my library tons of comics in various
+strange formats, such as .CBR (rar), .CBZ (zip), or .CBT (tar), which are
+archives containing pictures. Sadly, the Pocketbook can not read those formats,
+but after a small research, I found that an amazing guy did a great job in [this
+page](http://www3.telus.net/rkomar/pbimageviewer/)!
+
+Thanks to the open design of the reader, we have really easy access to the
+system, and thus, we can add applications as we want. That's how the man did
+manage to implement a new viewing application supporting the .CBx formats, and
+allowing me to read my comics on the Pocketbook.
+
+It's still a bit small and in black and white, but the books are nicely readable
+when rotating the screen, and the refresh time is less than 1s to get a complete
+new page, which I find really quick and makes me really happy with it!
+

content/posts/rsoc-end/index.md

@@ -0,0 +1,131 @@
+---
+title: The RSoC is finished
+date: 2014-11-26
+lang: en
+summary: The RSoC is finished
+tags: ["radare2", "rsoc"]
+---
+
+That's sad, I know, but the RSoC is now finished since 2 months and I haven't
+post for even longer! :/
+
+I have done quit a few commits this summer, and that was really nice to
+implement new features in a project such as [radare2](https://radare.org/)!
+Still, I have some regrets not to have had enough time for the RSoC... I had no
+time to implement all the task I was given, and I even still have some that I
+hope to do in the next few weeks.
+
+And this year, having a lot of responsibilities in my school's associations, and
+having a few school projects, I find even less time than this summer, so I don't
+think I'll be able to contribute a lot as I expected.
+
+Now stop complaining about my free time and let's do a quick summary of what
+I've done. The task was about structure templates, so the goal is to define a
+human readable structure, a bit like a C header for example, and to apply it on
+a binary to see each field easily. The method with header file is quickly
+described [here](http://radare.today/types/), and I think I'll do a more
+complete example one day.
+
+But my work was more focused on one r2 feature related to structures: `pf`. That
+is the basic command for which you can have a quick help on r2 by hitting `pf?`.
+
+The command works as follow:
+
+```
+pf iwf foo bar troll
+```
+
+Applies the `iwf` format at current offset. The `iwf` format is an
+integer named **foo**, a word called **bar**, and a float, **troll**.  
+This gives the following output:
+
+```
+[0x00000000]> pf iwf foo bar troll
+  foo : 0x00000000 = 1179403647
+  bar : 0x00000004 = 0x0101
+troll : 0x00000006 = 1.000000
+```
+
+More fields type can be easily found in the `pf` help.
+
+Moreover, `pf` supports some nice tricks like pointers by using `*` or arrays
+using `[]`...  
+eg:
+
+```
+pf *i[2]w pointer_to_int array_of_words
+```
+
+The next point is to store a format by entering following command:
+
+```
+pf.name iwf foo bar meh
+```
+
+We can now apply the format with `pf.name`. But the thing is that we can now use
+the stored format as a structure in a new format using `?`.  
+eg:
+
+```
+[0x00000000]> pf.meh iw int word
+[0x00000000]> pf.boh i?w otherint (meh)plop otherword
+[0x00000000]> pf.boh
+ otherint : 0x00000000 = 1179403647
+     plop : struct<meh>
+       int : 0x00000004 = 65793
+      word : 0x00000008 = 0x0000
+otherword : 0x0000000a = 0x0000
+```
+
+That way, you can define linked lists for example, to apply on memory
+dumps, or create nested structures for complex templates.
+
+Other features are the JSON output, with `pfj`, or the already done templates
+such as the elf32 header that you can easily load with `pfo elf32`.
+
+On last thing is the writing mode (not fully supported for arrays and nested
+structs, which are my remaining tasks) that you can use that way.  
+You define a format:
+
+```
+pf.name iwf foo bar meh
+```
+
+And then you can modify its field with:
+
+```
+pf.name.bar=0xfa0
+```
+
+That prints the command you should have to type to write 0xfa0 at the
+right offset, and a bit of r2 shell makes life easy (see the dot before
+the command, to execute the output of it as if entered in r2):
+
+
+```
+[0x00000000]> pf.name
+foo : 0x00000000 = 0
+bar : 0x00000004 = 0x0000
+meh : 0x00000006 = 0.000000
+[0x00000000]> .pf.name.bar=0xfa0
+[0x00000000]> pf.name
+foo : 0x00000000 = 0
+bar : 0x00000004 = 0x0fa0
+meh : 0x00000006 = 0.000000
+```
+
+There are still some features in `pf`, but I think you now have a good overview
+of what `pf` can do, and so what I've done during my RSoC.
+
+To sum up, that was a great wonderful experience, and I've learned a lot of
+various interesting things. I hope to finish the last tasks soon, and after
+that, `pf` will really be a powerful tool to dump nice elf headers, or
+analyse strange corrupted PNG files! :)
+
+Finally, I really thank my mentors [pancake](https://twitter.com/trufae),
+[xvilka](https://github.com/XVilka), and [jvoisin](https://dustri.org/) for
+helping me doing the task, and for organizing the RSoC in general. I also thank
+[maijin](https://github.com/Maijin) for having done a lot of tests in `pf`
+and for reporting a lot of unexpected features, and I also thank all the r2
+community for being nice on the IRC chan, and for supporting such a great
+project!

content/posts/sauvetage/index.md

@@ -0,0 +1,89 @@
+---
+title: Sauvetage d'un serveur
+date: 2015-01-30
+lang: fr
+summary: Comment récupérer l'accès après un accident...
+tags: ["sauvetage"]
+---
+
+Un petit déterrage pour ce premier post de 2015. Il s'agit là simplement d'un
+article que j'avais rédigé dans un wiki, et qui est resté depuis le seul article
+du dit wiki. Plutôt donc de le laisser moisir, je le ressors ici, où il aura un
+peu plus sa place... :)
+
+#Récupération d'un serveur perdu
+
+## Le problème
+
+Au cours de manipulation visants à augmenter la sécurité du serveur, j'ai
+malheureusement un peu trop joué avec les droits, ce qui fait qu'en essayant de
+se connecter via ssh, celui-ci, après avoir afficher les quelques lignes de
+bienvenue et au moment de lancer le shell:
+
+```
+/bin/zsh: permission denied
+connection to pike.tf closed
+```
+
+Plutôt problématique, n'est-ce pas?
+
+## La solution
+
+Comme tout problème a une solution, il fallait donc la trouver. Fort
+heureusement, on pouvait toujours envoyer des fichiers par FTP dans le dossier
+root d'apache, donc on pouvait uploader un script PHP qui nous sauverait la vie.
+
+J'ai testé quelques script codés moi même, mais finalement, j'ai plutôt utilisé
+un reverse shell, bien plus pratique pour tester différentes commandes. Le
+script est dispo ici :
+http://pentestmonkey.net/tools/web-shells/php-reverse-shell. Tout y est très
+bien expliqué et l'on obtient rapidement un pseudo shell sur notre machine
+locale.
+
+Un autre problème se posait alors à moi: il fallait que j'execute une commande
+avec les droits root pour chmoder les fichiers de zsh. Pour cela, deux options:
+`su` et `sudo`. Mais en faisant `su`, la commande nous répond
+
+```
+su: must be run from a terminal
+```
+
+Pour `sudo`, le problème est différent. La commande fonctionnait tout à fait,
+sauf que le script qui l'execute est lancé par www-data, l'user d'apache, et
+celui-ci n'est pas dans le sudoers, donc il ne peut rien faire.
+
+J'ai donc trouvé une nouvelle astuce sur cette page : http://evertpot.com/189/,
+qui donne deux lignes à rentrer dans notre pseudo shell pour executer un "vrai"
+shell via python. Bien sûr, il faut que Python soit installé sur le serveur, ce
+qui était notre cas. La première ligne créer un script placé dans `/tmp`, et la
+deuxième l'execute, nous donnant un shell dans lequel on peut ensuite executer
+`su` sans aucun problème.
+
+## En résumé
+
+  - Uploader la page de script du reverse-shell une fois modifiée, comme
+    indiquée sur le site, en spécifiant l'adresse IP de la machine
+    local sur laquelle vous obtiendrez le pseudo shell, ainsi qu'un
+    port disponible sur lequel vous allez pouvoir faire écouter votre
+    machine. Attention, si vous êtes derrière une box, penser à
+    forwarder le port!
+  - Lancer la commande `nc` avec les options qui vont bien sur votre
+    machine pour qu'elle soit prête à écouter sur le port, par exemple
+    avec le port 1234:
+    ```
+    nc -v -n -l -p 1234
+    ```
+  - Lancer le script en accédant à son URL dans votre naviguateur, votre
+    pseudo-shell est alors disponible là où vous aviez lancé netcat
+  - Executer les deux commande Python pour avoir ensuite un vrai shell
+    et pouvoir lancer `su`
+    ```
+    echo "import pty;
+    pty.spawn('/bin/bash')" > /tmp/asdf.py
+    python /tmp/asdf.py
+    ```
+
+Voilà, vous pouvez désormais récupérer votre serveur!
+
+Merci à [Dustri](http://dustri.org) pour les nombreuses indications
+fournies pendant la récupération! :)

content/posts/ssl/index.md

@@ -0,0 +1,25 @@
+---
+title: Putting HTTPS in place
+date: 2015-01-30
+lang: en
+summary: At least deploying secure connections
+tags: ["https", "ssl"]
+---
+
+For a few time I have set up this blog, and I always said that I should put SSL
+in place, to provide secure connection for most of the hosted services.
+
+Now it's done!
+
+Certification was made by [CACert](https://www.cacert.org/), and this went
+pretty quick, thanks to a few [Nginx tutorials](https://www.linode.com/docs/security/ssl/ssl-certificates-with-nginx/),
+and the [CACert presentation by S. Bortzmeyer](http://www.bortzmeyer.org/cacert.html) (in French).
+
+That wasn't so hard, after all, and I still wonder why it took me so
+much time... :/
+
+Memo:
+
+```
+openssl req -new -days 365 -nodes -newkey rsa:2048 -keyout libskia.so.key -out libskia.so.csr
+```

content/posts/sslh/index.md

@@ -0,0 +1,50 @@
+---
+title: "SSLH, ssh&co though Proxies"
+date: 2015-11-09
+tags: ["ssh", "sysadmin", "sslh"]
+lang: en
+summary: Using SSH though proxies, hotspots, etc...
+---
+
+During my intership, I wanted to access my server, to continue using IRC in my
+[irssi](http://www.irssi.org/). I need for that to ssh to
+[libskia.so](https://libskia.so), but the problem came from the proxy that
+provide my Internet connection, because it's blocking everything except ports 80
+and 443.
+
+First thought: easy, I just have to set SSH to listen on port 443!
+
+Problem: we ([Piké](https://smagnin.org/) and I), are running website with
+[HTTPS](https://en.wikipedia.org/wiki/HTTPS) enabled, and it's running, of
+course, on port 443.
+
+From there, I had many solutions. I could put in place a VPN using some option
+like
+[port-share](https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage#lbAH)
+but it was a bit heavy for just an SSH connection... Moreover, VPNs are stictly
+forbidden by the local policy, so it wasn't a really good idea.
+
+I also could have used [GoTTY](https://github.com/yudai/gotty), to get a shell
+in my browser, but I didn't really like this solution, especially for IRC
+notifications, that are forwarded though screen to my terminal, to have a little
+"beep" when someone highlights me.
+
+I finally found a far better solution:
+[SSLH](http://www.rutschle.net/tech/sslh.shtml). It's a small SSL multiplexer
+that, once set to listen on `$PUBLIC_IP:443`, can forward many protocols to
+their respective interfaces.
+
+Here is how I call SSLH. You can of course set it in */etc/default/sslh* and run
+it as a daemon.
+
+```bash
+sslh --user sslh --listen 12.123.123.132:443 --ssh 127.0.0.1:22 --ssl 127.0.0.1:443 --openvpn 127.0.0.1:1194
+```
+
+That way, I have SSH, HTTPS, and even OpenVPN that can pass through port 443,
+and that's very useful when you work behind weird restrictive proxies!
+
+**Bonus**: that works in both sides, so when you have server in a DMZ where, for
+*security reasons*, the network admin blocked SSH port, but allowed, say, HTTPS
+for example, you can have a direct secure shell without any weird reverse tunnel
+with SSLH.

content/posts/star-wars-awakens/index.md

@@ -0,0 +1,58 @@
+---
+title: The Force has awoken...
+date: 2015-12-16
+tags: ["star wars", "force", "jedi", "geek"]
+lang: en
+summary: How the Force has long ago awoken in the heart of a small Jedi...
+---
+
+Today is the 16th December, and the world (at least the France) sees the release
+of **Star Wars VII: The Force Awakens**. In this special occasion, I take the
+time to write a bit about how much I've been loving the *Star Wars* universe,
+and that for a very long time!
+
+It all began when I first saw **A New Hope** when I was young (I don't remember
+precisly when). Since then, I grew up [playing the Jedi
+master](https://www.youtube.com/watch?v=HoRXYZD0Zc8), making stop-motion Star
+Wars Lego movies (that I sadly lost), even [becoming sometimes a Sith
+Lord](https://www.youtube.com/watch?v=gmVg-ubmlJo), when not too busy
+collecting/playing with about fifteen Lego spaceships, and more than thirty
+characters!
+
+I continued exploring the Star Wars universe
+[reading](http://starwars.wikia.com/wiki/The_Thrawn_trilogy)
+[books](http://starwars.wikia.com/wiki/Darth_Maul:_Shadow_Hunter),
+[playing](http://starwars.wikia.com/wiki/Star_Wars:_Jedi_Knight:_Jedi_Academy)
+[video](http://starwars.wikia.com/wiki/Republic_Commando)-[games](http://starwars.wikia.com/wiki/KOTOR),
+and still now playing a lost, Jedi to become,
+[Kiffar](http://starwars.wikia.com/wiki/Kiffar) vagabond, in a [very cool
+role-playing game](https://libskia.so/pub/Star-Wars-Fate-Edition.pdf)!
+
+And today, I'm very happy that the universe continues to live through a new
+movie!
+
+Many people have asked me how I felt about Lucasfilm beeing sold to Disney, and
+I always answered that it was great.    
+It's great to do so while George Lucas has not yet joined the Force (sadly, it
+will happen).    
+It's great to do so because Disney has a lot of money, and it's great that they
+use it to make more Star Wars stuff.    
+It's great because they trusted J.J. Abrams to make this new movie, and I think
+he has done a good job previously with the new Star Trek films.    
+It's great because we will see the old characters played by the old actors, and
+I already know that it will be a magic moment!    
+It's great because while writing these lines, I'm listening to the soundtrack
+that made John Williams for the first and second trilogy, and I'm really happy
+that he doing a third one!
+
+More generally, I'm also very happy with how Disney managed to keep the giant
+extended-universe by creating the
+[Legend](http://starwars.wikia.com/wiki/Star_Wars_Legends), without beeing hold
+back for the new films. Indeed, keeping the universe consistant would have been
+almost impossible without using a entire new place, with very few references to
+the old movies.
+
+That said, I'm still waiting patiently to see the awaken of the Force, although
+I know that within me, it already awoke *a long time ago...*
+
+

content/posts/strange-high-ping/index.md

@@ -0,0 +1,30 @@
+---
+title: Strange high ping
+date: 2015-04-20
+tags: ["network"]
+lang: en
+summary: Fixing a strangly high ping with a Proxmox 3.4 VM
+---
+
+Currently rebuilding my student association's infrastructure, I have to deal
+with Proxmox 3.4 quit a lot. Having up to 5 VM, I decided to first install one,
+called **generic**, that I would backup, then restore 5 times to get all my VM
+with a basic configuration without efforts.
+
+That worked perfectly a first time, and I have been able to deploy our
+[Gitlab](https://about.gitlab.com/) quit quickly.
+
+Then I wanted to work on our **proxy** VM, so I restored the generic image, and
+logged into the VM with the console interface to change at least its name and
+IP. After that, I was able to ssh to the machine, but I remarked that when
+typing a command, it was really slow to answer.
+
+Some quick ping based investigations told me that there were many lost packages,
+and the average ping was up to half a second! Of course, everything was in a
+local network, and pinging the Proxmox host was pretty normal, just as the first
+Gitlab VM. Why was that second machine causing so much trouble?
+
+The answer was very dummy: restoring an image restores really everything, and
+even the MAC address! Changing that address fixed the problem, but that story
+reminds me how shitty I am with networks! :D
+

content/posts/tool-in-concert/index.md

@@ -0,0 +1,31 @@
+---
+title: Why you should go watch Tool in concert
+date: 2019-07-02
+tags: ["tool","metal","hellfest","music"]
+lang: en
+summary: A really impressive show that I highly recommend, even if you don't know the band already.
+---
+
+Last summer, I had the pleasure to see
+[Tool](https://en.wikipedia.org/wiki/Tool_(band)) in concert at the Hellfest
+festival, and that really was awesome for multiple reasons:
+
+* The musicians are technically very skilled, being in studio as well as on
+  stage.
+* The show is centred on the music and the visual light effects combined
+  together to create a very mesmerizing performance.
+* They even ask the public not to take pictures or videos to enjoy the moment as
+  one that must be lived and felt, rather than watched later on a small, inhuman
+  screen.
+* The sound tuning was just perfect, and I don't remember being at a metal show
+  with that many people able to listen to the music without their ear
+  protection. Thank you Hellfest for that!
+* They played some of their new titles that weren't released yet at the time.
+
+
+Of course, going to another show now would probably fulfil only the three first
+points in my list, but I find them far good enough to recommend *Tool* for your
+next concert!
+
+
+

content/posts/x60/index.md

@@ -0,0 +1,35 @@
+---
+title: Open Laptop
+date: 2014-07-13T03:20:00+02:00
+lang: en
+summary:
+    Cooling my open-laptop by opening it... o.O Okay, that was mainly for
+    drying it... and for fun!
+tags: ["laptop", "x60", "thinkpad"]
+---
+
+First, let me introduce my laptop: it's a Thinkpad X60, he's called
+[Kiffu](http://starwars.wikia.com/wiki/Kiffu) and was bought ~6 months ago from
+[Gluglug](http://www.gluglug.org.uk/), and as the [FSF](https://www.fsf.org/)
+said, it's an open-laptop, and that means that it runs without any proprietary
+software, nor any blob, not even the CPU microcode!
+
+Yesterday, I decided to clean my keyboard, and for that,
+[Maat](http://maat.mooo.com/) and I had no better idea than putting it under the
+tap! Of course it was powered off, but I put a bit too much of water, and
+everything didn't go though it. It was now a bit wet, and I decided to wait for
+the full night before pluging and running it again... But the whole night wasn't
+enough, and when I ran it, it worked for five minutes, and then I got some
+strange things on the screen, before it self rebooted, then reboot again, and
+behaved very oddly... I shut it down, removed the battery, unpluged, and decided
+to dry it **really**. I opened it completely, removed the SSD, the keyboard, and
+even the upper body! Drying and waiting for a bit, I then decided to try to run
+it, but I was too lazy to rebuild it, and then redry if it still didn't worked,
+so I run it completly opened!
+
+Everything went well, and I even took a few pictures with the webcam, without
+any problems: ![pict1](images/x60-1.jpg) ![pict2](images/x60-2.jpg)
+![pict3](images/x60-3.jpg) ![pict4](images/x60-4.jpg)
+
+Finally, I just rebuilt the laptop and wrote this article, because I just found
+that fun and wanted to share the pictures... ;)

layouts/_default/_markup/render-image.html

@@ -0,0 +1,3 @@
+<img class="img-zoomable" src="{{ .Destination | safeURL }}" alt="{{ .Text }}" title="{{ .Title }}" />
+<br>
+<em>{{ .Title }}</em>

layouts/_default/baseof.html

@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html lang="{{ .Site.Language.Lang }}">
+
+<head>
+    {{ partial "head.html" . }}
+</head>
+
+<body data-theme="auto">
+    {{ partial "scripts-front.html" . }}
+    {{ partial "header.html" . }}
+
+    <main>
+        <div class="container-lg clearfix">
+            <!-- list -->
+            <div class="col-12 col-md-12 float-left content">
+                {{ block "main" . }}{{ end }}
+            </div>
+        </div>
+        {{ partial "components.html" . }}
+    </main>
+
+    {{ partial "footer.html" . }}
+    {{ partial "scripts-end.html" . }}
+</body>
+
+</html>
+

themes/fuji

@@ -0,0 +1 @@
+Subproject commit 2ab30a541b96354274ae559cc8d19c2a1f6e7988