Skip to main content

Homelab

Guides/manuals for administrative tasks

Proxmox

Import a qcow2 file

qm importdisk <vm_id> file.qcow2 <storage-backend>  

Rename a node

#!/usr/bin/bash mkdir -p /tmp/qemu ## make temp dir for moving VM config files cp /etc/pve/no...

Fix Intel Ethernet NIC Hang

Problem If ethernet hangs and you get this journal log: Mar 29 05:14:04 pve-01 kernel: e1000e 0...

Services

Guides and documentation for miscellaneous services that don't categorize under system.

Authentik

Docker Healthchecks

Rationale Use these to verify the health of database containers. This allows me to only run web ...

docker-socket-proxy

Use this service to expose the docker socket and protect it from unauthorized operations Prevent...

Samba/SMB

Configuration My user is set up in unix groups that correspond to the groups outlined in the fol...

searx-ng

HTTP method: use GET to be able to use the back button on websites  

Syncthing

Troubleshooting

Django CSRF verification failed: null does not match any trusted origins If a django-backed ser...

How to upgrade MariaDB inside Docker

docker compose exec -it db bash -c "mariadb-upgrade -u root -p" Then enter password

System

How to administer core system services such as networking, storage, monitoring, etc.

audit

Kernel Parameters: audit=1 audit_backlog_limit=8192 This prevents the message kauditd: hold qu...

Checklist of Things Done

Network Storage hdparm -S 0 for all drives hdparm -B 164 for all drives System suricata

crypttab

This configuration allows us to automatically unlock but not mount external drives. For example: ...

Docker Firewall Configuration

Source: Firewalld Strict Docker Filtering Preparation Required parts: Install firewalld and ac...

FiOS Router

Set Router to Bridge Mode Login to router administration interface Select "My Network" on the t...

Intel NIC Configuration

Wireless Configuration # iwlwifi.conf # Enable antenna aggregation options iwlwifi 11n_disable...

lm-sensors

Label Value CPUTIN Motherboard's CPU temp sensor SYSTIN Motherboard temp senso...

LUKS

https://wiki.archlinux.org/title/Dm-crypt/Specialties#Disable_workqueue_for_increased_solid_state...

Minecraft

Client Launcher for running the mods I use the Fabric launcher, get its installer from the AUR ...

PiKVM

Important Lines for /boot/config.txt Used to fix kvmd-otg and kvmd-tc358743 not starting at boot...

PiKVM Tailscale Certificate Update Service

These systemd services allow me to update the Tailscale certificates for PiKVM every 80 days with...

Promtail

My Default Promtail Configuration # Global promtail configuration server: http_listen_port: ...

traefik

Docker Label Configuration Base Labels This is the minimum set of labels you need to expose a c...

Users/Groups

krypton User Group Type (login/system) Purpose restic backup system Run the res...

SELinux

Guides and reference for my SELinux configurations

Policy - systemd-resolved

CUPS

Firewall rules: 
Back to top