<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Posts on Blog</title><link>/posts/</link><description>Recent content in Posts on Blog</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Wed, 01 Jan 2025 08:00:00 +0000</lastBuildDate><atom:link href="/posts/index.xml" rel="self" type="application/rss+xml"/><item><title>Authentik Proxy</title><link>/posts/authentik-proxy/</link><pubDate>Wed, 01 Jan 2025 08:00:00 +0000</pubDate><guid>/posts/authentik-proxy/</guid><description>&lt;p&gt;Setting up a page to authenticate and protect an unauthenticated page using Authentik, from a kubernetes cluster isn&amp;rsquo;t as well documented if your primary ingress is nginx. Traefik seems to be more popular and better documented. Authentik does have some documentation but there are a couple clarifying steps missing.&lt;/p&gt;
&lt;p&gt;&lt;a href="https://docs.goauthentik.io/docs/add-secure-apps/providers/proxy/server_nginx"&gt;docs.goauthentik.io/docs/add-secure-apps/providers/proxy/server_nginx&lt;/a&gt;&lt;/p&gt;
&lt;p&gt;For starters, create the group that will be assigned the app, users do not need to be assigned yet. Then create an application and a provider using the Wizard. We can use the embedded outpost that&amp;rsquo;s provided alongside the Authentik helm install. When supplying details on the Provider, &amp;ldquo;Advanced flow Settings-&amp;gt;Authentication flow&amp;rdquo; should be set. While still within Authentik&amp;rsquo;s admin panel we need to add the application in question to the outpost that will be used or create a new one as needed.&lt;/p&gt;</description></item><item><title>OIDC with K3s</title><link>/posts/oidc-k3s/</link><pubDate>Tue, 31 Dec 2024 08:00:00 +0000</pubDate><guid>/posts/oidc-k3s/</guid><description>&lt;p&gt;I want to authenticate to work on my kubernetes (k3s) cluster not for any particular reason but specifically for knowledges sake. Following this I was able to get most of the way but there were a couple caveats and it doesn&amp;rsquo;t seem to be documented that many places. I&amp;rsquo;m not sure if it&amp;rsquo;s because it&amp;rsquo;s a bare metal situation and most k8 clusters are run on hyperscalers or if it&amp;rsquo;s just not something that&amp;rsquo;s usually done.&lt;/p&gt;</description></item><item><title>Notes on Powershell</title><link>/posts/powershell-notes/</link><pubDate>Mon, 12 Feb 2024 08:00:00 +0000</pubDate><guid>/posts/powershell-notes/</guid><description>&lt;p&gt;Some silly little powershell notes from a silly little man.&lt;/p&gt;
&lt;h2 id="mapping-network-printers"&gt;Mapping network printers&lt;/h2&gt;
&lt;p&gt;This one is super duper straightforward. Can probably use it remotely through the command line option on a UEM (Unified Endpoint Management) tool.&lt;/p&gt;
&lt;div class="highlight"&gt;&lt;pre tabindex="0" class="chroma"&gt;&lt;code class="language-powershell" data-lang="powershell"&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="nb"&gt;Add-Printer&lt;/span&gt; &lt;span class="n"&gt;-ConnectionName&lt;/span&gt; &lt;span class="p"&gt;\\&lt;/span&gt;&lt;span class="nb"&gt;printer-server&lt;/span&gt;&lt;span class="p"&gt;\&lt;/span&gt;&lt;span class="n"&gt;PRINTERNAME&lt;/span&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;h2 id="fetching-an-installer-from-a-url-and-install-it"&gt;Fetching an installer from a URL and install it&lt;/h2&gt;
&lt;p&gt;This one we create a temporary directory, set the URL where the installer can be located, download, then install it. If there&amp;rsquo;s any switches you want applied to the installer, place them after the &lt;code&gt;/i &amp;lt;installer&amp;gt;&lt;/code&gt; portion.&lt;/p&gt;</description></item><item><title>Promtail Plex</title><link>/posts/promtail-plex/</link><pubDate>Mon, 11 Dec 2023 08:00:00 +0000</pubDate><guid>/posts/promtail-plex/</guid><description>&lt;p&gt;The other day while watching Plex it would reliably stop playback 2 minutes before the end. When it did this an error would pop up &amp;ldquo;Conversion failed. The transcoder exited due to an error.&amp;rdquo; Helpful.&lt;/p&gt;
&lt;p&gt;Not a problem. We&amp;rsquo;ll log onto the log server and see what it spat out. Well much to my dismay, Plex doesn&amp;rsquo;t seem to log to the typical I/O streams. While I&amp;rsquo;m not overly surprised it definitely was something I didn&amp;rsquo;t think about.&lt;/p&gt;</description></item><item><title>Docker Logs</title><link>/posts/docker-logs/</link><pubDate>Mon, 04 Dec 2023 08:00:00 +0000</pubDate><guid>/posts/docker-logs/</guid><description>&lt;p&gt;I was investigating what it would take to create a docker container and have the logs go to their appropriate log files in addition to being available via the &lt;code&gt;docker logs&lt;/code&gt; command (don&amp;rsquo;t remember why).
During the course of doing that I didn&amp;rsquo;t accomplish my goal but I did learn that the typical I/O streams of STDOUT and STDERR are the defaults. So it&amp;rsquo;s essentially just piping those output streams directly to the command.&lt;/p&gt;</description></item><item><title>New Laptop</title><link>/posts/new-laptop/</link><pubDate>Mon, 20 Nov 2023 08:00:00 +0000</pubDate><guid>/posts/new-laptop/</guid><description>&lt;p&gt;My personal laptop died. I acquired a secondhand Dell Latitude 5285. The specs (i5, 8GB RAM, 256GB SSD) aren&amp;rsquo;t as fancy as they could be, but the price was right.&lt;/p&gt;
&lt;p&gt;I initially tried to install Windows 11 to determine if the device was entirely functional, as one does with a used device. It seems the i5 isn&amp;rsquo;t a supported generation, though. So back to good ol&amp;rsquo; Windows 10. Which worked great during testing! As I&amp;rsquo;m a self-described Linux fan, I then proceeded to install and setup Linux Mint Debian Edition like I run on my old laptop and my current desktop.&lt;/p&gt;</description></item><item><title>Sarpine, Fourth Session</title><link>/posts/sarpine-fourth/</link><pubDate>Thu, 17 Aug 2023 08:00:00 +0000</pubDate><guid>/posts/sarpine-fourth/</guid><description>&lt;p&gt;On the third day of training, we awoke and started whatever daily tasks we were given. The chores that somehow contribute to the Kinship functioning. Concluding those chores, Storm started trying to discretely seek out Kernick, perhaps he had successfully deserted from this ragtag military of volunteers. Eventually making his way to the Mundos camp, locating Kernick doing some maintenance on the training yard, refilling the targets with straw, flattening the sands of the sparing pit. Satisfied not with Kernicks fate, but with knowing where the orc is. Storm started heading back to the camp of Xyzs, not entirely sure what he should accomplish until the day&amp;rsquo;s training started that afternoon.&lt;/p&gt;</description></item><item><title>Sarpine, Third Session</title><link>/posts/sarpine-third/</link><pubDate>Fri, 11 Aug 2023 08:00:00 +0000</pubDate><guid>/posts/sarpine-third/</guid><description>&lt;p&gt;On the second day, we woke and started our usual chores. Upon finishing those tasks, Storm was curious about Kernick, who he recalled convincing to try and desert from the current multi-country military. He wasn&amp;rsquo;t able to find him, but might try again the next day.&lt;/p&gt;
&lt;p&gt;Heading to the assigned training arena this was more familiar that it was yesterday, so he found a seat and waited to lose access to his own senses, waited to enter another memory based training exercise. Captain Sandaman once more, gave a speech, and they were all whisked away to some situation.&lt;/p&gt;</description></item><item><title>Sarpine, Second Session</title><link>/posts/sarpine-second/</link><pubDate>Sun, 06 Aug 2023 08:00:00 +0000</pubDate><guid>/posts/sarpine-second/</guid><description>&lt;p&gt;We finished up a game session, and I thought I would give a bit of a summary. This is more for recurring writing exercises than anything else.&lt;/p&gt;
&lt;p&gt;We start the session with our intrepid heroes completing their daily tasks. They haven&amp;rsquo;t formed an adventuring party yet, and they haven&amp;rsquo;t exchanged names at this point in the story.&lt;/p&gt;
&lt;p&gt;With the last of the continent&amp;rsquo;s unified army having arrived, most members of this encampment the size of a small city are informed training will start today. Upon completing their assignments, Xen and Storm proceed to their designated training location. Which appears to largely be seating arranged around a stage, large enough for a few hundred at a time. After most of the people in attendance take their seats, the leader of training, Captain Sandaman, informs all in attendance that over the next several days they will have a chance to act in a role as a leader and gain plenty of experience acting through situations that have been recovered through the memories of soldiers.&lt;/p&gt;</description></item><item><title>Ansible Blocky</title><link>/posts/ansible-blocky/</link><pubDate>Thu, 03 Aug 2023 08:00:00 +0000</pubDate><guid>/posts/ansible-blocky/</guid><description>&lt;p&gt;I&amp;rsquo;ve given myself a personal goal of creating 100 ansible playbooks, I suppose roles would also count. The destination is essentially accomplishing 100 goals with ansible.&lt;/p&gt;
&lt;p&gt;These are what I&amp;rsquo;ve already accomplished.&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;blocky.yml&lt;/li&gt;
&lt;li&gt;install_disable_usb_wake.yml&lt;/li&gt;
&lt;li&gt;install_sshd_config.yml&lt;/li&gt;
&lt;li&gt;install_sudo.yml&lt;/li&gt;
&lt;li&gt;lynis.yml&lt;/li&gt;
&lt;li&gt;podman.yml&lt;/li&gt;
&lt;li&gt;promtail.yml&lt;/li&gt;
&lt;li&gt;run_updates.yml&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;Overall not terribly complex roles, most of them have hardcoded defaults but that&amp;rsquo;ll probably get resolved when the existing playbooks get converted to roles.&lt;/p&gt;
&lt;p&gt;Most recently I made a playbook that setup and configured blocky-dns which would be my 8th playbook.&lt;/p&gt;</description></item><item><title>Ansible Handler</title><link>/posts/ansible-handler/</link><pubDate>Sun, 23 Jul 2023 08:00:00 +0000</pubDate><guid>/posts/ansible-handler/</guid><description>&lt;p&gt;Spent a good part of the morning working on writing an Ansible playbook to install and setup promtail on a new server, adding it to the central logging setup.&lt;/p&gt;
&lt;p&gt;At first I started manually downloading the binary and manually installing it when I remembered I wanted to work on using ansible more. So I stopped where I was and started over again except this time electing to use the power of automation.
Pretty simple what we needed to do&lt;/p&gt;</description></item><item><title>Usb Wake</title><link>/posts/usb-wake/</link><pubDate>Sun, 16 Jul 2023 08:00:00 +0000</pubDate><guid>/posts/usb-wake/</guid><description>&lt;p&gt;When done working on my desktop I suspend it, either through the Cinnamon panel or via &lt;code&gt;systemctl suspend&lt;/code&gt;. But it had an issue. I would frequently come downstairs to find it on. The monitors with their familiar glow lighting up the room. My desktop running Linux Mint had a problem. Some initial diagnosis lead me to finding out that the issue was that the keyboard and mouse, paired with the lovely kitties were waking it from it&amp;rsquo;s slumber.&lt;/p&gt;</description></item><item><title>Image Change</title><link>/posts/image-change/</link><pubDate>Sat, 15 Jul 2023 08:00:00 +0000</pubDate><guid>/posts/image-change/</guid><description>&lt;p&gt;While changing what source image a docker container in unRaid was using, the Docker managment service encountered an error. The error itself I forgot to write down. But what is normally a typical process of &amp;ldquo;download new image, stop old container. create new container, cleanup old image.&amp;rdquo; was interrupted and it left the container in a down state. This wasn&amp;rsquo;t good primarily because I am lazy and didn&amp;rsquo;t want to spend the mental power and try to come up with what the previous config options were so there can be no change except what image is being used.&lt;/p&gt;</description></item><item><title>Unraid Scripts</title><link>/posts/unraid-scripts/</link><pubDate>Wed, 05 Jul 2023 08:00:00 +0000</pubDate><guid>/posts/unraid-scripts/</guid><description>&lt;p&gt;One of the services my unRaid box runs is a borgbackup server (which is secretly just an SSH server with a forced command). As a check to make sure the important repos are indeed getting backed up to I&amp;rsquo;ve got a script running daily via the &lt;em&gt;User Scripts&lt;/em&gt; Plugin. It&amp;rsquo;s a pretty simple script, all it does is check when the files in certain target repos have last been written to. If it hasn&amp;rsquo;t been in the last 7 days we send a Discord message for awareness.&lt;/p&gt;</description></item><item><title>Full Hd</title><link>/posts/full-hd/</link><pubDate>Mon, 20 Mar 2023 08:00:00 +0000</pubDate><guid>/posts/full-hd/</guid><description>&lt;p&gt;I woke up this morning to my RSS feed misbehaving. FreshRSS was popping up an error along the lines that it was unable to make an internet connection. This was a little odd as I was connected over the local network to the app. It was loading at all which meant it could connect. I won&amp;rsquo;t bore you with how I found the problem, but the root partition of the server was full.&lt;/p&gt;</description></item><item><title>I got my Network+ last week</title><link>/posts/boring-week/</link><pubDate>Mon, 13 Mar 2023 08:00:00 +0000</pubDate><guid>/posts/boring-week/</guid><description>&lt;p&gt;Didn&amp;rsquo;t post last week when I got it, guess I was feeling a little burnt out.&lt;/p&gt;
&lt;p&gt;But hey, first certification. Can&amp;rsquo;t necessarily use it at this point yet but I&amp;rsquo;ve got it and during the course of studying for it I definitely found that a number of things make more sense. Even just browsing the Homelab subreddit last night I could tell I had a better understanding than I did a couple months ago.&lt;/p&gt;</description></item><item><title>Publishing Obsidian Documentation</title><link>/posts/docs-publishing/</link><pubDate>Mon, 27 Feb 2023 05:33:12 +0000</pubDate><guid>/posts/docs-publishing/</guid><description>&lt;p&gt;I keep my notes in markdown files in a git repo my primary editor is a tool called &lt;a href="https://obsidian.md/"&gt;obsidian.md&lt;/a&gt;. I&amp;rsquo;ve got minor gripes and for the most part I&amp;rsquo;ve got it syncing well and working well. However, a nice to have feature would be to share individual documents with the public. Couple examples, keeping a digital recipe box for the household to read from or sharing TTRPG notes after a session.&lt;/p&gt;</description></item><item><title>Splunk Setup</title><link>/posts/splunk-setup/</link><pubDate>Mon, 20 Feb 2023 03:24:33 +0000</pubDate><guid>/posts/splunk-setup/</guid><description>&lt;p&gt;I set up a splunk docker container recently and there were a couple what feel like oddities catching me up.&lt;/p&gt;
&lt;ol&gt;
&lt;li&gt;Default debian doesn&amp;rsquo;t have world readable log files.&lt;/li&gt;
&lt;li&gt;This is not for production. But it&amp;rsquo;s okay for my homelab.&lt;/li&gt;
&lt;/ol&gt;
&lt;p&gt;Starting with this basic docker-compose file we made sure it worked.&lt;/p&gt;
&lt;div class="highlight"&gt;&lt;pre tabindex="0" class="chroma"&gt;&lt;code class="language-yaml" data-lang="yaml"&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="nt"&gt;version&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;&amp;#34;3.6&amp;#34;&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="nt"&gt;services&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="nt"&gt;so1&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="nt"&gt;image&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="l"&gt;${SPLUNK_IMAGE:-splunk/splunk:latest}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="nt"&gt;container_name&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="l"&gt;so1&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="nt"&gt;environment&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;- &lt;span class="l"&gt;SPLUNK_START_ARGS=--accept-license&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;- &lt;span class="l"&gt;SPLUNK_PASSWORD&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="nt"&gt;ports&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span class="line"&gt;&lt;span class="cl"&gt;&lt;span class="w"&gt; &lt;/span&gt;- &lt;span class="m"&gt;8000&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="m"&gt;8000&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;It&amp;rsquo;s simple, gets everything running without doing anything fancy. Let&amp;rsquo;s iterate it fancier and match the style of the rest of my compose files.&lt;/p&gt;</description></item><item><title>An Entry</title><link>/posts/an-entry/</link><pubDate>Sat, 07 Jan 2023 05:33:12 +0000</pubDate><guid>/posts/an-entry/</guid><description>&lt;p&gt;My first post. Well my first &lt;em&gt;actual&lt;/em&gt; post was supposed to be a log/ tutorial/ step by step/ whatever of setting up Jekyll and Backblaze and cloudflare. Well that was several days ago. Now I&amp;rsquo;m typing this, a quick draft within Google Keep. Turn it into Markdown tomorrow. Post it day after. But largely I&amp;rsquo;ve been dragging my feet, what&amp;rsquo;s the goal of this blog? Is there one? Does there need to be one?&lt;/p&gt;</description></item><item><title>Hello World</title><link>/posts/hello-world/</link><pubDate>Sun, 01 Jan 2023 17:56:42 +0000</pubDate><guid>/posts/hello-world/</guid><description>&lt;p&gt;hello world!&lt;/p&gt;</description></item></channel></rss>