Unexpected cool pointer

Deploying a Go Web App to a DigitalOcean VPS

Tue, 27 Aug 2024 00:00:00 GMT

First we need to create a DigitalOcean account and create a new droplet. You can find the instructions for this in the DigitalOcean documentation.

Connect via ssh to the droplet to set up the environment

After creating the droplet, we need to connect to it using SSH. The following steps will guide you through the process:

Open your terminal
Run the following command to connect to your droplet:

ssh root@your_droplet_ip # should be something else of course

Here you can create a new user and set up a password for it. This is a more secure way to connect to your droplet. The root user has full access to the system, it is recommended to create a new user with limited permissions.

Run the following command to create a new user:

adduser "<username>"
usermod -aG sudo "<username>"

Then you would login with the new user this way:

ssh username@your_droplet_ip

Enter your password when prompted. You are now connected to your droplet

Run the following command to update the package list:

apt-get update

Now we will install the Git and Go programming language on the droplet.

apt install git golang

Setup Git

git config --global user.name "<Name>"
git config --global user.email "<GH-Mail>"

Build the Go Web Application

First we create the directory for our Go web application:

mkdir ~/go-web-app
cd ~/go-web-app

Then we create the main file for our Go web application:

# you can use nano too
vim main.go

To create a simple web server, add the following code to the main.go file:

package main

import (
	"fmt"
	"net/http"
)

func main() {
	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
		fmt.Fprintf(w, "Hello World")
	})

	http.HandleFunc("/greet/", func(w http.ResponseWriter, r *http.Request) {
		name := r.URL.Path[len("/greet/"):]
		fmt.Fprintf(w, "Hello %s\n", name)
	})

	http.ListenAndServe(":9990", nil)
}

Then build the binary:

go build main.go

This will create a binary file named main in the go app directory.

Create the Systemd Service

Now we have the binary file for our Go web application, but running it manually is not enough to ensure the application stays active after server restarts or crashes. To address this, we need to create a systemd service file.

This file will define how our application should be managed by the system, ensuring it starts automatically on boot and restarts if it crashes.

# you can name it as you like
sudo vim /etc/systemd/system/go-web-app.service

The content of the go-web-app.service file should look like this:

[Unit]
Description=<name-of-your-app>

[Service]
Type=simple
Restart=always
RestartSec=5s
ExecStart=/home/<username>/<path-to-go-app>/main

[Install]
WantedBy=multi-user.target

To start the service and enable it to start on boot, run the following commands:

sudo systemctl start go-web-app
sudo systemctl enable go-web-app

Setup Nginx and reverse proxy

First of all, we need to install Nginx on the droplet. Run the following commands:

sudo apt install nginx
sudo systemctl start nginx
sudo systemctl enable nginx

Now we need to configure Nginx to serve our Go web application. Create a new file in the /etc/nginx/sites-available directory:

sudo vim /etc/nginx/sites-available/<your_domain>

Now add the following configuration to the file /etc/nginx/sites-available/<your_domain>:

server {
    server_name your_domain www.your_domain;

    location / {
        proxy_pass http://localhost:8080;
    }
}

The proxy_pass directive tells Nginx to forward all requests to the specified URL.

Next we need to create a symbolic link to the /etc/nginx/sites-enabled directory:

sudo ln -s /etc/nginx/sites-available/<your_domain> /etc/nginx/sites-enabled/

And reload the Nginx service:

sudo nginx -s reload

To make sure that the deployment is successful, you can visit your domain in a web browser go to http://your_domain and you should see the message Hello World.

It might be that your domain service is not pointing to the correct DNS server. For changing that you need to go to your domain provider and point the domain to the correct DNS server.

For example for porkbun you can do the following:

Go to your domain provider and login
Go to the DNS settings
Add a new A record with the IP of your droplet with no host
Add a new A record with the IP of your droplet with www as the host
Save the changes

This is better explained in this link Setup Porkbun DNS with external VPS.

Bonus: Firewall Setup

Secure the Nginx with Let's Encrypt

This is an optional step, but it's recommended to secure your Nginx server with a free SSL certificate from Let's Encrypt, so the domain can be accesed via HTTPS.

TODO: Setup firewall

Generate a deploy SSH key

This step is necesary to allow the server to pull the code from the repository.

First we need to generate a new SSH key on the server:

ssh-keygen -t ed25519 -C "deploy@your_domain"

This command generates a new SSH key using the Ed25519 algorithm, which is more secure and efficient than older algorithms. The -C flag adds a comment to identify the key.

Important: If you already have a key generated, you can skip this step. Only proceed with creating a new key if you don't have one or want a separate key for deployment.

To know if you already have a key generated you can run the command above and you will see something like this:

Generating public/private ed25519 key pair.
Enter file in which to save the key (/root/.ssh/id_ed25519):
/root/.ssh/id_ed25519 already exists.
Overwrite (y/n)?

Then we should say n and we can use the existing key or generate a separated one with the following command:

ssh-keygen -t ed25519 -C "deploy@your_domain" -f ~/.ssh/id_ed25519_deploy

This will create a separated key that you can use specifically for the deployment of your domain.

After generating the key, you'll need to add it to your GitHub or GitLab account:

cat ~/.ssh/id_ed25519.pub

Copy the output and add it as a deploy key in your repository settings on GitHub or GitLab. More info on how to add a deploy key can be found in the GitHub documentation.

Next, test the SSH connection to ensure it's working correctly:

ssh -T git@github.com

With this setup, we can now clone the repository onto the server and implement an automated deployment process. We can achieve this with GitHub Actions:

In the next section, we'll explore how to set this up.

Setup GitHub Actions for Automated Deployment

Sources:
How to create a VPS on DigitalOcean
How to deploy a Go web application using Nginx on Ubuntu 18.04
Auto deploy git on DigitalOcean or any other VPS
Secure Ngix with Lets Encrypt

Escape the algorithm with RSS

Sun, 22 Feb 2026 00:00:00 GMT

import Quote from "../../components/Quote.vue";

How to unplug

<Quote author="Morpheus" source="The Matrix (1999)"> I can only show you the door. You’re the one that has to walk through it. </Quote>

A couple of months ago I started my journey to get off social media, at least as much as possible. I removed the last-standing social apps that I had: Instagram, to "keep up" with my friends, and TikTok, to "keep up" with the news, and kept some like YouTube, Reddit, etc.

This seemed hard at the start, and I had recurring thoughts about how disconnected from my social circle and "THE NEWS" I was becoming. But surprisingly, it got easier quickly, and I think this is not because I am not interested in my friends or the accounts that I followed on TikTok, but because of how unpleasant I felt when using these apps.

For me, it is not only how the UI nowadays is at least 10 times more addictive than before or how many more ads we now have everywhere. The main problem, and the reason it was unpleasant, is how little control I had over what I was seeing while using the app.

The apps got completely algorithm-centric, and everything is made to take you away from the plan that you had when opening the app to get you back into the algorithm. You already know what I am talking about.

A world of illusion

Instagram was an easy one. I uninstalled the app and did not have any cravings again. I am already in contact with my close friends and family via messaging apps, and when I used it, the majority of the time I was simply doomscrolling accounts of other people that I do not care about as much. The only problem was when friends sent me some links, or I wanted to check the profile of some artist to look for tour dates or any other interesting topics. In those cases, I used the browser version, and that sometimes got me back into Insta stories or doomscrolling.

The solution that I found for that was to add a blocking rule in uBlock Origin for the web version, so every time I open a link from instagram.com I get a screen with the message "uBlock Origin has prevented the following page from loading" and "Go back" and "Proceed" buttons. This way at least I get a big warning to remind me of the dangers of Instagram before diving in.

{/* pics of instagram block in ublock origin here */}

TikTok was harder to get out of. My brain got too addicted to having small dopamine spikes during the day while feeling up to date with current geopolitical affairs and tech news.

"How am I supposed to live my life without knowing what crazy thing Donald Trump said 2 hours ago?!"

So in the end, of course, the solution was simply not using the app. I uninstalled it and stuck with the demons I already knew: YouTube, Reddit, and HN.

The problem is that YouTube is falling into the same basket of addictive, algorithmic apps. I want to keep it because I can still find high-quality content there, but there is also a lot of content there nowadays that is made to release quick dopamine hits.

This was dangerous because I would use it in the same way that I was using TikTok.

Reddit can sometimes have the same effect when doomscrolling comments, and some of the tech communities that I follow can get too dramatic/toxic sometimes, so I just use it to do some research about specific topics.

The way I use Hacker News is not that bad, given that I just check the "Top Stories" page in search of some tech- and software-related news, and normally I don't get too interested in the comment section if it's not something that I am specifically interested in.

So I decided to keep those three apps as "alternatives" to the addictive TikTok, but with some rules.

YouTube: Love some content there, but it's getting more dangerous every day to use their UI. I added a 1 h/day time limit and deleted it from my home screen.
Reddit: Doomscrollable UI, but in my case I just deleted it from my phone home page and found that I do not use it as much anymore, just when doing web research about topics. No need for limitation rules.
Hacker News: This is still on my phone home screen, can easily check it for 30 m a day and forget about it. The UI is really simple and not addictive at all.

But still, I felt that I did not have as much control of the content that I consume as I would like to; for sure there should be a better way.

The choosen one

I used RSS in the past, but it never stuck with me. I also did not love many of the big reader apps that people recommended online, like Inoreader.

This time I got interested in RSS again because I was searching for a way to subscribe to multiple sources in one feed and thought that I needed to create my own app because I did not find something similar.

But, of course, I was reinventing the wheel, given that this already existed-it’s RSS! As my mother-in-law would say, I had a Milky Way moment[^1].

The only feature that I was missing was a way to sync all my RSS sources across different RSS reader apps, like, for example, FeedFlow or Newsboat.

Of course, this also already existed, and it’s one of the main reasons I got back into RSS. It is called Miniflux.

Basically, it's a self-hosted server where you can create multiple accounts to store RSS feeds, and those feed sources can be consumed by multiple RSS reader apps via an integration.

You can also be perfectly happy simply using the default Miniflux UI, as it is simple and performant.

Miniflux is designed to use as few resources as possible. You can run an instance on a Pi Zero or a NAS with no downtime at all.

For now, I decided to use a PikaPod instance for the small price of $10/year + $5 for daily backups. In the near future, I might get a NAS and run it there, with some other self-hosted solutions like Immich, but this is for another day, and in that case, it will get free fast.

There Is No Spoon

The sensible thing to do now is to ask: what do I gain from running this Miniflux instance or with any form of RSS in general? Yeah, it's techy and cool, but does it really make a difference?

And the response to that is simple: control.

Now when I see some blog post, podcast, or YouTube channel that I like, I simply add it to my Miniflux instance, so every time any of those sources adds new content, I will be updated in a minimal feed of my choice that only shows what I want it to show. And of course, I would like to get lost in the YouTube algorithm once in a while to find new interesting topics, but it will be willingly and not when I just want to check an update of my favorite channel.

And given that it is all on a Miniflux server, I can have multiple devices, with the apps that I like the most for each device, without having to export, import, and share my data with any venture capital company like Feedly or Google with Google Reader.

You own your feed, you own what you consume, and more importantly, you control the way that you consume it. I hope it has been a useful quick read.

[^1]: A Milky Way moment is a term used by my girlfriend and my mother-in-law to describe when you have a revelation about the meaning or the etymology of some word or phrase that you used for a while. Once you have the Milky Way moment, it now makes sense and you can't unsee it. A good example would be Ray-Ban; it's not the last name of the brand founder but just the wording used to describe glasses that ban rays.

Xivat: Global notification marks

Tue, 20 Jan 2026 00:00:00 GMT

import Notification from "../../components/Notification.vue";

The app will be named Xivat. It means snitch in catalan.

The idea

You create some type of identificator that its anoymous for everyone
1. Internally each phone should be identified
You give access to location and maybe other stuff
The app will ask for what is happening where you are now?
1. This is part of the initial tutorial
You can add a question or create a snitch
1. Questions are answered by snitch, and those are "planted" in any area of the map
2. Snitch can answer questions or leave answers in the area
Each question/answer can contain a photo and the text
There should be a trust system for all the users, questions can be downvoted of course and there should be moderators.

How it works

The main idea is that you activate the app and if you go around once in a while it gets some information on the map, or if you want to keep it off it will search for them when opening it.

Then if you are on the map and you opened, you can configure in what radious you want to answer, some questions will be urgent or need updated info. Other can be static and grow for some time.

Once the question is marked as answered by the owner it wille be archived, or deleted if the oner put it as auto destructive.

Important to note that this app will not be a socia network, all accounts will be anoymous, to the users, Internally we have to identify all devices in case of report.

The main idea is that the data will be the focus of the app, not the accounts/profiles by doing this we will break the "bussiness" part of the internet that now reings and created so many issues.

If there is no account to follow, the importance is on the data, and the users will not post what makes they have more subscribers, but what is interesting, because they want to share something interesting.

You can subscribe to the tags of the pins, or filter by context like pins created in the last 12h that are urgent. Also you can subscribe to a location, an area.

Notifications by area

Also people could mark parts of the map where they want to get notification from, for example:

Enable 10km radious in location X, only urgent marks

And when any new mark appears that is urgent in that radious it will get a notification. We could have a way of knowing when the mark is already trusted or has some answers so the user does not get an empty notification if it does not want to.

Some scenarios where this can be useful:

1. You are waiting for a package in the Correos station

You get the line ticket and it says that the current number is 230 and you are the 265, that is 35 more people in front of you!

You can leave a "question" in the map and go for a walk:

Q: "Could anyone tell me the current number in the line?"

This will be marked on the map, as a question thread where any user can answer: You get some live updates on you phone:

Then you forget to check for a while and get another one:

<Notification author="Cathy" type="urgent" replies={12} time="14:45"> 260, hurry! </Notification>

You come back on time and you got you package! There will be cases where some app is already implemented for this, but for the cases that there is not this is really useful.

2. You see some sidewalk blocked in you neighbourd

You add a picture with a comment in that location in the map so anyone can see, with the tag of "Construction". It can accept answers.

Someone then can pass the next day and see that the construction is over, and add an answer.

Q: "Construction is done, finally!"

The answer has a pic of the finished construction and some user can verify the answer if they are on the location or can justify being there recently.

3. You are new on the neighborhood and got robed in a street

Also one of the owners of the shop in the street tells you that its always a problem in this street for ever.

You don't want this to happen to anyone else, so you create a "Wisdom pin" in the map!

Wisdom Pin: "Be carful with this street, I got robed yesterday and the locals say that this happens all the time!"

Then the users can validate how real its this wisom pin, if its still useful after some time or this is already fixed.

This is the main idea for now, also I think it would be really useful to have a good search engine for the app so anyone can try to search for specific words and filter by location, tags etc.

HackRSS: URL centric discussion network

Sun, 22 Feb 2026 00:00:00 GMT

The idea

This idea came while writing the post Escape the algorithm with RSS

How it works

Setup pass as a multi device password manager

Sun, 28 Dec 2025 00:00:00 GMT

I started to take password management more seriously lately.

Reusing passwords is bad. Storing them in notes is worse. Depending on an external service always puts you in a walled garden and that is never good.

I want the password store to be mine, portable, simple and boring.

That is why pass its perfect:

Passwords are just GPG encrypted files
Stored in a git repo
Works on laptop and phone perfectly so far
No servers, no accounts, no subscriptions!

The idea

The idea is very simple:

There is a single password store
It lives in a git repository
All devices clone and sync that repo (yes, automatically, wait for a sec)
The same GPG key is used everywhere
Apps and browsers use pass for autofill

How it works

At a high level the flow looks like this:

graph TD
  R[(Password Store in git)]

  subgraph Laptop
    L1[Pass]
    L2[Apps]
  end

  subgraph Android
    P1[Pass]
    P2[Browser]
  end

  L1 -->|Autofill| L2
  P1 -->|Autofill| P2

  R <-->|Sync| L1
  R <-->|Sync| P1

  L1 -->|GPG key| P1

The laptop is usually the place where the store is created and managed but you do you. The phone syncs and consumes it, you can always use tmux to setup everything in the phone of course.

1. Access your phone via SSH

On Android your best bet is to use Termux.

On the phone:

pkg update
pkg install openssh sshd passwd

Start sshd and check the IP:

sshd
hostname -I

On the laptop:

ssh u0_a482@PHONE_IP -p 8022

Once this works you can treat the phone almost like a normal machine.

2. Git access from the phone

The phone needs SSH access to your git host.

On the phone:

ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -N ""
cat ~/.ssh/id_ed25519.pub

Add that public key to your Git provider (GitHub, GitLab, etc).

Test it:

ssh -T git@github.com

Then clone the password store:

git clone git@github.com:username/password-store.git ~/password-store

3. Import the GPG key

The same GPG key must exist on all devices.

On the laptop:

gpg --export-secret-keys --armor YOUR_KEY_ID > key.asc
scp -P 8022 key.asc u0_a482@PHONE_IP:~

On the phone:

gpg --import ~/key.asc

If you use an Android app like OpenKeychain, also import key.asc there.

4. Enable Autofill on Android

Go to:

Android Settings -> Passwords & Accounts -> Autofill service

Select Password Store and grant the permissions it asks for.

After this, browsers and apps can request credentials from pass.

5. Entry naming matters

Autofill matching is based on entry names.

Use domains as paths:

github.com/marcel
amazon.com/personal
mybank.co.uk/login

Avoid generic names without domains, those usually don't match.

Final result

You end up with:

One encrypted password store
Synced with git
Works offline
No third-party services
Autofill on laptop and Android

It is not flashy, but it is reliable, transparent and fully under your control.